Turns out that when the KeychainDenied error is raised, it is being caught by the macOS keyring api and the non-macOS-specific KeyringLocked error is raised instead, so we need to catch this one.
CURA-8332
When Cura is starting up, it reads the authentication data from the preferences (cura.cfg). If
the auth tokens have previously been stored in the keyring, it means that their values will be null
in the cura.cfg file. Therefore, on startup, Cura reads the tokens as none from the preferences and
then sets the empty values in the keyring as tokens. This leads to the user being signed off every
time Cura restarts on Mac.
On Windows, the access token was still stored in the preferences, so on startup it was safe. The
refresh token, on the other hand, had the same issue as on Mac, which means that on startup it was
read as None from the cura.cfg and was stored in the keyring as an empty string. This meant that,
even though on startup (on windows) the user was kept signed in, the next time Cura was attempting
to refresh the access token (after 7-8 minutes), it wouldn't be able, since its refresh token was
read as "" from the keyring. Also, if the user would close Cura and reopen it after 10 minutes
(so after the access token had expired) then they would be signed off on windows too.
This commit fixes that by making sure that if the given value of the refresh and access tokens are
empty, then they will not be stored in the keyring.
CURA-8178
Write an empty string as value to the keyring if None is parsed and
return a None value if an empty string was parsed from the keyring.
CURA-7180_keyring_none_value
So there is an issue with keyring w.r.t. frozen installs (maybe also local). If you have pywin32 installed, it works fine locally. Take a note here, that a variant of this package, pywin32-ctypes, a rudimentary version of that package that works wholly within python, is already installed as its a dependency for keyring on windows. Due to an unknown reason, when running it fails to detect this, so some workaround is needed, _or_ the 'normal' pywin32 package should be installed. However, problems occurred when attempts where made to install pywin32 via cx_freeze. Then the actual workaround was encountered (https://github.com/jaraco/keyring/issues/468), which _should_ hopefully let use use the keyring on windows without needing the 'full' version of pywin32.
CURA-7180
The Windows Credential Manager allows for up to 256bits passwords. If a password longer than that
is attempted to be written, it will throw a BaseException.
CURA-7180
This class will handle the storing and processing
of secrets. Such as tokens. It will try to use the system
keyring by default. Falling back to less secure methods,
if the user doesn't allow access to the keyring or if
the back-end is unsupported.
CURA-7180 keyring storage
We're getting some reports that people are suddenly logged out. The working
theory is that they are mixing staging & production builds. This logging
should tell us enough to find out if that is the case!
JSON dictionaries need to have a certain structure such as strings as keys. If that's not correct it gives a TypeError. Don't crash on those; give a similar error message as when the values in the JSON are invalid.
Windows won't allow long keys in the backend the keyring python package uses as a backend. This means the access_token part can't be stored in the obvious way. Timeboxed some attempts at working around this limitation, but couldn't make it work within the time set. As this is mostly an extra precaustion protecting users that share config folders around against themselves (in other words, if this goes wrong it's not unreasonable to blame the user) it's not top critical, and the important part of that (the refresh_token) can proceed, giving any potential attacker only a 10 minute window from the moment any user shares their %appdata%/cura files (again, this is not how we intent for users to behave, but they can and will do it this way).
CURA-7180
The thread handling the web_server was crashing. This in turn ended in
the web_server not being able to start again, thus being impossible to
login again if you logged out.
Surround the serve_forever function of the web server with a try-catch
on Windows, in order to avoid printing the entire (useless) traceback.
Now a warning message is be displayed in the log instead.
The behavior is untouched in other platforms
