mirror of
https://git.mirrors.martin98.com/https://github.com/Ultimaker/Cura
synced 2025-06-04 11:14:21 +08:00
Store auth & refresh key in keyring instead of in preferences
People tend to share configuration folders, which just isn't secure. CURA-7180
This commit is contained in:
parent
a1a74690c5
commit
bff3ba577b
@ -17,7 +17,7 @@ from UM.i18n import i18nCatalog
|
|||||||
from cura.OAuth2.AuthorizationHelpers import AuthorizationHelpers, TOKEN_TIMESTAMP_FORMAT
|
from cura.OAuth2.AuthorizationHelpers import AuthorizationHelpers, TOKEN_TIMESTAMP_FORMAT
|
||||||
from cura.OAuth2.LocalAuthorizationServer import LocalAuthorizationServer
|
from cura.OAuth2.LocalAuthorizationServer import LocalAuthorizationServer
|
||||||
from cura.OAuth2.Models import AuthenticationResponse
|
from cura.OAuth2.Models import AuthenticationResponse
|
||||||
|
import keyring
|
||||||
i18n_catalog = i18nCatalog("cura")
|
i18n_catalog = i18nCatalog("cura")
|
||||||
|
|
||||||
if TYPE_CHECKING:
|
if TYPE_CHECKING:
|
||||||
@ -229,6 +229,11 @@ class AuthorizationService:
|
|||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
preferences_data = json.loads(self._preferences.getValue(self._settings.AUTH_DATA_PREFERENCE_KEY))
|
preferences_data = json.loads(self._preferences.getValue(self._settings.AUTH_DATA_PREFERENCE_KEY))
|
||||||
|
|
||||||
|
# Since we stored all the sensitive stuff in the keyring, restore that now.
|
||||||
|
preferences_data["access_token"] = keyring.get_password("cura", "access_token")
|
||||||
|
preferences_data["refresh_token"] = keyring.get_password("cura", "refresh_token")
|
||||||
|
|
||||||
if preferences_data:
|
if preferences_data:
|
||||||
self._auth_data = AuthenticationResponse(**preferences_data)
|
self._auth_data = AuthenticationResponse(**preferences_data)
|
||||||
# Also check if we can actually get the user profile information.
|
# Also check if we can actually get the user profile information.
|
||||||
@ -255,6 +260,15 @@ class AuthorizationService:
|
|||||||
self._auth_data = auth_data
|
self._auth_data = auth_data
|
||||||
if auth_data:
|
if auth_data:
|
||||||
self._user_profile = self.getUserProfile()
|
self._user_profile = self.getUserProfile()
|
||||||
|
|
||||||
|
# Store all the sensitive stuff in the keyring
|
||||||
|
keyring.set_password("cura", "access_token", auth_data.access_token)
|
||||||
|
keyring.set_password("cura", "refresh_token", auth_data.refresh_token)
|
||||||
|
|
||||||
|
# And remove that data again so it isn't stored in the preferences.
|
||||||
|
auth_data.access_token = None
|
||||||
|
auth_data.refresh_token = None
|
||||||
|
|
||||||
self._preferences.setValue(self._settings.AUTH_DATA_PREFERENCE_KEY, json.dumps(vars(auth_data)))
|
self._preferences.setValue(self._settings.AUTH_DATA_PREFERENCE_KEY, json.dumps(vars(auth_data)))
|
||||||
else:
|
else:
|
||||||
self._user_profile = None
|
self._user_profile = None
|
||||||
|
Loading…
x
Reference in New Issue
Block a user