def main(kwargs):
password = (get_password(
kwargs["--password-file"] if kwargs["--askpass"] else None))
logging.info("Opening database, this might take a while...")
kp = PyKeePass(
kwargs["KEEPASSX-DB"],
password=password,
keyfile=kwargs["--keyfile"],
)
logging.info("Database opened.")
#entries = kp.find_entries(
# title=kwargs["--title"],
# username=kwargs["--username"],
# history=kwargs["--history"],
# regex=kwargs["--regex"],
#)
entries = kp.find_entries(username=kwargs["--username"], )
logging.info("# of entries to search for pwnage: {}".format(len(entries)))
for n, entry in enumerate(entries, 1):
print('{}: {}'.format(n, entry.title), end=' ')
ps = pwned_status(PWNED_URL_BASE, entry.password)
if ps:
print('PWNED!! (password: {})'.format(entry.password))
else:
print('OK')
logging.info("Done.")
class KeepassDB: #class for keepass file
def __init__(self, masterpass):
logger.info('Requesting KeePass database data')
try:
self.kp = PyKeePass(KPpath.PATH, password=masterpass)
logger.info('Credentials database fetched')
except FileNotFoundError:
logger.error(f'KDBX file {KPpath.PATH} does not exist')
print(f'KDBX file {KPpath.PATH} does not exist')
sys.exit()
except exceptions.CredentialsIntegrityError:
logger.error(f'Unauthorized access to {KPpath.PATH} attempt!')
print('Wrong password - try again')
sys.exit()
def get_credential(self, credential_name):
logger.debug(f'Requesting {credential_name} credentials')
try:
entry = self.kp.find_entries(title=tt.names[credential_name],
first=True)
logger.debug(f'{credential_name} credentials found')
return entry.username, entry.password
except KeyError:
logger.error(
f'{credential_name} not found in {KPpath.PATH}. Please provide correct name of entry.'
)
print(
f'{credential_name} not found in {KPpath.PATH}. Please provide correct name of entry.'
)
sys.exit()
def establishServerConnection(
hostIpAddress="172.16.128.196",
dbName="corona",
username=None,
password=None,
keepassDB="Q:\\FoodData\\new\\01_technical\\Password Database\\DIL.kdbx",
keepassKey="Q:\\FoodData\\new\\01_technical\\Password Database\\2018-03-09_Schlüssel.key",
keepassTitle="MariaDB c.seebold"):
if username == None and password == None:
# Provide MariaDB account information by accessing the locally stored KeePass file.
keePass = PyKeePass(keepassDB, keyfile=keepassKey)
entry = keePass.find_entries(
title=keepassTitle, first=True) # Find entry 'MariaDB c.seebold'.
username = entry.username
password = entry.password
# Try and except clause checks if connection was successful.
try:
connection = pymysql.connect(
hostIpAddress, username, password, dbName, local_infile=True
) # Requires to add 'loose-local-infile = 1' in the '[client]' section of '/etc(/mysql)/my.cnf'.
print("Connection to database {0} successfully established.".format(
dbName))
return connection
except:
print("ERROR: Connection to database {0} failed.".format(dbName))
import sys
sys.exit()
def read_keepass_data(self, entry_name, field_name):
try:
kp = PyKeePass(self.keepass_file, password=self.keepass_password)
entry = kp.find_entries(title=entry_name, first=True)
field_data = entry._get_string_field(field_name)
return field_data
except Exception as e:
raise ValueError(
'[ERRO] - Erro ao ler o Keepass:\n%s \n\nVerifique a senha informada e tente novamente'
% (str(e)),
file=stderr)
class KeePass():
def __init__(self, password, cfgfile='pass.yml'):
keyfile = None
with open(cfgfile, 'r') as ymlfile:
cfg = yaml.safe_load(ymlfile)['keepass']
dbfile = cfg['dbfile']
group = cfg['group']
newentry = cfg['newentry']
oldentry = cfg['oldentry']
if 'keyfile' in cfg:
keyfile = cfg['keyfile']
self.keepass = PyKeePass(dbfile, password=password, keyfile=keyfile)
self.group = self.keepass.find_groups(name=group, first=True)
self.oldentry = self.keepass.find_entries(
title=oldentry, group=self.group, first=True)
self.newentry = self.keepass.find_entries(
title=newentry, group=self.group, first=True)
def get_hosts(self):
hosts = self.oldentry.url
ret = []
for host in re.split(r'\s+', hosts):
ret.append(Host(
host, self.newentry.username, self.oldentry.password,
self.newentry.password))
return ret
def add_to_url(self, host):
if self.newentry.url is not None:
self.newentry.url = self.newentry.url + ' ' + host
else:
self.newentry.url = host
self.keepass.save()
def add_to_notes(self, msg):
if self.newentry.notes is not None:
self.newentry.notes = self.newentry.notes + '\n' + msg
else:
self.newentry.notes = msg
self.keepass.save()
class Secrets:
DATABASE_PATH = p.easy_joiner(p.keys_dir, 'secretprops.kdbx')
def __init__(self, password: str):
self.db = None
# Read in the database
self.load_database(password)
def load_database(self, password: str):
self.db = PyKeePass(self.DATABASE_PATH, password=password)
def get_entry(self, entry_name: str) -> Entry:
return self.db.find_entries(title=entry_name, first=True)
class KeepassCredentials:
def __init__(self, keepass_file, password):
self.creds = PyKeePass(keepass_file, password)
def username(self, entry_title):
return self.entry(entry_title).username
def password(self, entry_title):
return self.entry(entry_title).password
def entry(self, entry_title):
return self.creds.find_entries(title=entry_title,
recursive=True,
first=True)
def main():
args = parser.parse_args()
f = open(args.password_file)
pw = f.read().strip()
kp = PyKeePass(args.kdbx, password=pw)
entry = kp.find_entries(title=args.entry, first=True)
uri = entry.get_custom_property("otp")
totp = pyotp.parse_uri(uri)
print(totp.now())
class AlteraKeePass:
def __init__(self, arquivo_kdbx, senha):
self.kp = PyKeePass(arquivo_kdbx, password=senha)
def cria_entrada(self, grupo, nome, usuario, senha, url, icone, ip, porta):
self.group = self.kp.find_groups(name=grupo, first=True)
self.kp.add_entry(self.group,
nome,
usuario,
senha,
url=url,
icon=icone)
self.entry = self.kp.find_entries(title=nome, first=True)
self.entry.set_custom_property('IP', ip)
self.entry.set_custom_property('PORT', porta)
self.kp.save()
def read_keepass_data(entry_name, field_name, kps_passwd=''):
try:
if kps_passwd == '':
kps_passwd = get_input(
'\nInforme a senha do KeePass (input estará ocultado):',
hidden=True)
print(clear + '[INFO] - Buscando dados de %s, aguarde...' % entry_name)
kp = PyKeePass(kps_file, password=kps_passwd)
entry = kp.find_entries(title=entry_name, first=True)
field_data = entry._get_string_field(field_name)
return field_data
except Exception as e:
print(
'[ERRO] - Erro ao ler o Keepass:\n%s \n\nVerifique a senha informada e tente novamente'
% (str(e)),
file=sys.stderr)
read_keepass_data(entry_name, field_name, '')
class SecretStore:
KEY_DIR = os.path.join(os.path.expanduser('~'), 'keys')
def __init__(self, fname: str, password: str):
self.db = None
# Read in the database
self.load_database(fname, password)
def load_database(self, fname: str, password: str):
self.db = PyKeePass(os.path.join(self.KEY_DIR, fname), password=password)
def get_entry(self, entry_name: str) -> Entry:
return self.db.find_entries(title=entry_name, first=True)
def get_key(self, key_name: str) -> Dict:
entry = self.get_entry(key_name)
if entry is None:
return {}
if any([x is not None for x in [entry.username, entry.password]]):
resp = {
'un': entry.username,
'pw': entry.password
}
else:
resp = {}
resp.update(entry.custom_properties)
if len(entry.attachments) > 0:
for att in entry.attachments:
# For attachments, try to decode any that we might expect. For now, that's just JSON
if isinstance(att.data, bytes):
# Decode to string, try loading as json
try:
file_contents = json.loads(att.data.decode('utf-8'))
# Likely a dict
for k, v in file_contents.items():
resp[k.replace('-', '_')] = v
except:
resp[att.filename] = att.data.decode('utf-8')
return resp
def get_key_and_make_ns(self, entry: str) -> SimpleNamespace:
entry_dict = self.get_key(entry)
return SimpleNamespace(**entry_dict)
class Keepass:
'''
Instance keepass base
'''
def __init__(self):
self.path = input('Emplacement du fichier keepass : '******'Mot de passe du fichier keepass : '******'''
init vars for Keepass
'''
self.listuser = []
self.searchuser = []
nb_user = int(input('Combien de compte à rechercher ? : '))
i = 0
while i < nb_user:
'''
Create a list user
'''
user = input('Renseigner le nom de votre utilisateur : ')
self.searchuser.append(user)
i += 1
try:
'''
Check and add user to list
'''
self.db = PyKeePass(self.path, password=self.password)
for user in self.searchuser:
print(
'Recherche dans la base l\'utilisateur : {0}'.format(user))
if self.db.find_entries(username=user, first=True):
self.listuser.append(user)
print('L\'utilisateur : {0} a été ajouté à la liste !'.
format)
else:
print('L\'utilisateur : {0} n\'a pas été trouvé !'.format(
user))
except FileNotFoundError:
print('Le fichier n\'a pas été trouvé !')
def create_ssh_agent(workers_num, path):
"""Example function for loading ssh credentials.
Avoid loading passwords from file. Load passwords with tool like keepass.
Because it is example file, pykeepass is not included in requirements.txt,
also no unit tests are provided for container folder.
"""
ssh_agent = SSH_Agent(path=path, n_jobs=workers_num)
db_path = "/home/hermanda/Dropbox/Security/herman.kdbx"
password_path = input("Password: "******"/home/hermanda/Documents/info/img/star_trek.jpg"
with open("../info/addresses.json") as f:
data = json.load(f)
credentials_l = []
for address in data:
if data[address] not in credentials_l:
credentials_l.append(data[address])
with open(password_path, "r") as f:
password = f.read().replace("\n", "")
credentials = {}
kp = PyKeePass(db_path, password=password, keyfile=keyfile_path)
for login_title in credentials_l:
entry = kp.find_entries(title="ms", first=True)
credentials[login_title] = {
"username": entry.username,
"password": entry.password,
}
for address in data:
title = data[address]
ssh_agent.add_address(
ip_address=address,
username=credentials[title]["username"],
password=credentials[title]["password"],
group_name=title,
)
return ssh_agent
class KeePassContainer:
def __init__(self, name, config):
self.name = name
self.keepass = PyKeePass(config['db_path'], password=config['db_password'])
def resolve(self, path, context):
keepass_path = KeePassEntryPath.parse(path)
group = self.keepass.find_groups(path=keepass_path.group_path) if keepass_path.group_path else None
entries = self.keepass.find_entries(title=keepass_path.title, group=group)
if entries and keepass_path.index < len(entries):
entry = entries[keepass_path.index]
return self.resolve_attribute(entry, keepass_path.attribute)
else:
return None
def resolve_attribute(self, entry, entry_attribute):
if (hasattr(entry, entry_attribute)):
return getattr(entry, entry_attribute)
else:
raise Exception('Could not resolve unknown property \'%s\'' % (entry_attribute,))
class EntryFunctionTests(unittest.TestCase):
# get some things ready before testing
def setUp(self):
self.kp = PyKeePass(os.path.join(base_dir, 'test.kdbx'),
password='******',
keyfile=os.path.join(base_dir, 'test.key'))
#---------- Finding entries -----------
def test_find_entries_by_title(self):
results = self.kp.find_entries_by_title('root_entry')
self.assertEqual(len(results), 1)
results = self.kp.find_entries_by_title('Root_entry',
regex=True,
flags='i',
first=True)
self.assertEqual('root_entry', results.title)
def test_find_entries_by_username(self):
results = self.kp.find_entries_by_username('foobar_user')
self.assertEqual(len(results), 2)
results = self.kp.find_entries_by_username('Foobar_user',
regex=True,
flags='i',
first=True)
self.assertEqual('foobar_user', results.username)
def test_find_entries_by_password(self):
results = self.kp.find_entries_by_password('passw0rd')
self.assertEqual(len(results), 2)
results = self.kp.find_entries_by_password('Passw0rd',
regex=True,
flags='i',
first=True)
self.assertEqual('passw0rd', results.password)
def test_find_entries_by_url(self):
results = self.kp.find_entries_by_url('http://example.com')
self.assertEqual(len(results), 2)
results = self.kp.find_entries_by_url('http://example.com', first=True)
self.assertEqual('http://example.com', results.url)
def test_find_entries_by_notes(self):
results = self.kp.find_entries_by_notes('entry notes')
self.assertEqual(len(results), 1)
results = self.kp.find_entries_by_notes('entry notes', regex=True)
self.assertEqual(len(results), 2)
results = self.kp.find_entries_by_notes('Entry notes',
regex=True,
flags='i',
first=True)
self.assertEqual('root entry notes', results.notes)
def test_find_entries_by_path(self):
results = self.kp.find_entries_by_path('foobar_group/group_entry')
self.assertEqual(len(results), 1)
results = self.kp.find_entries_by_path('foobar_group/Group_entry',
regex=True,
flags='i',
first=True)
self.assertIsInstance(results, Entry)
self.assertEqual('group_entry', results.title)
def test_find_entries_by_uuid(self):
results = self.kp.find_entries_by_uuid('zF9+zSoASMqWIcIio0ewuw==')[0]
self.assertIsInstance(results, Entry)
self.assertEqual('zF9+zSoASMqWIcIio0ewuw==', results.uuid)
self.assertEqual('foobar_user', results.username)
def test_find_entries_by_string(self):
results = self.kp.find_entries_by_string(
{'custom_field': 'custom field value'})[0]
self.assertIsInstance(results, Entry)
self.assertEqual('custom field value',
results.get_custom_property('custom_field'))
self.assertEqual('HnN4bHSVjEybPf8nOq1bVA==', results.uuid)
def test_find_entries(self):
results = self.kp.find_entries(title='Root_entry', regex=True)
self.assertEqual(len(results), 0)
results = self.kp.find_entries(title='Root_entry',
regex=True,
flags='i',
first=True)
self.assertEqual('root_entry', results.title)
results = self.kp.find_entries(url="http://example.com")
self.assertEqual(len(results), 2)
results = self.kp.find_entries(notes="entry notes",
url="http://example.com")
self.assertEqual(len(results), 1)
self.assertTrue(
self.kp.find_entries(title='group_entry', first=True) in results)
# test `group` argument
results = self.kp.find_entries(title='foobar_entry', group=None)
self.assertEqual(len(results), 3)
group = self.kp.find_groups(name='foobar_group', first=True)
results = self.kp.find_entries(title='foobar_entry', group=group)
self.assertEqual(len(results), 2)
#---------- Adding/Deleting entries -----------
def test_add_delete_move_entry(self):
unique_str = 'test_add_entry_'
expiry_time = datetime.now()
entry = self.kp.add_entry(self.kp.root_group,
unique_str + 'title',
unique_str + 'user',
unique_str + 'pass',
url=unique_str + 'url',
notes=unique_str + 'notes',
tags=unique_str + 'tags',
expiry_time=expiry_time,
icon=icons.KEY)
results = self.kp.find_entries_by_title(unique_str + 'title')
self.assertEqual(len(results), 1)
results = self.kp.find_entries_by_title(unique_str + 'title',
first=True)
self.assertEqual(results.title, unique_str + 'title')
self.assertEqual(results.username, unique_str + 'user')
self.assertEqual(results.password, unique_str + 'pass')
self.assertEqual(results.url, unique_str + 'url')
self.assertEqual(results.notes, unique_str + 'notes')
self.assertEqual(results.tags, [unique_str + 'tags'])
# convert naive datetime to utc
expiry_time_utc = expiry_time.replace(tzinfo=tz.gettz()).astimezone(
tz.gettz('UTC'))
self.assertEqual(results.icon, icons.KEY)
sub_group = self.kp.add_group(self.kp.root_group, 'sub_group')
self.kp.move_entry(entry, sub_group)
results = self.kp.find_entries(path='sub_group/' +
'test_add_entry_title',
first=True)
self.assertEqual(results.title, entry.title)
self.kp.delete_entry(entry)
results = self.kp.find_entries_by_title(unique_str + 'title',
first=True)
self.assertIsNone(results)
# test adding entry which exists in another group
subgroup = self.kp.find_groups(name='subgroup2', first=True)
self.kp.add_entry(subgroup,
title='foobar_entry',
username='******',
password='******')
# test adding entry to root which exists in subgroup
self.kp.add_entry(subgroup,
title='foobar_entry2',
username='******',
password='******')
self.kp.add_entry(self.kp.root_group,
title='foobar_entry2',
username='******',
password='******')
#---------- Entries name collision exception -----------
def test_raise_exception_entry(self):
unique_str = 'test_add_entry_'
entry = self.kp.add_entry(self.kp.root_group,
unique_str + 'title',
unique_str + 'user',
unique_str + 'pass',
url=unique_str + 'url',
notes=unique_str + 'notes',
tags=unique_str + 'tags',
icon=icons.KEY)
self.assertRaises(Exception, entry)
# ---------- Entries representation -----------
def test_print_entries(self):
self.assertIsInstance(self.kp.entries.__repr__(), str)
class EntryTests(unittest.TestCase):
# get some things ready before testing
def setUp(self):
self.kp = PyKeePass(os.path.join(base_dir, 'test.kdbx'),
password='******',
keyfile=os.path.join(base_dir, 'test.key'))
def test_fields(self):
time = datetime.now()
entry = Entry('title',
'username',
'password',
url='url',
notes='notes',
tags='tags',
expires=True,
expiry_time=time,
icon=icons.KEY,
version=self.kp.version)
self.assertEqual(entry.title, 'title')
self.assertEqual(entry.username, 'username')
self.assertEqual(entry.password, 'password')
self.assertEqual(entry.url, 'url')
self.assertEqual(entry.notes, 'notes')
self.assertEqual(entry.tags, ['tags'])
self.assertEqual(entry.expires, True)
self.assertEqual(
entry.expiry_time,
time.replace(tzinfo=tz.gettz()).astimezone(tz.gettz('UTC')))
self.assertEqual(entry.icon, icons.KEY)
self.assertEqual(entry.is_a_history_entry, False)
self.assertEqual(
self.kp.find_entries(title='subentry', first=True).path,
'foobar_group/subgroup/subentry')
def test_set_and_get_fields(self):
time = datetime.now()
changed_time = datetime.now() + timedelta(hours=9)
changed_string = 'changed_'
entry = Entry('title',
'username',
'password',
url='url',
notes='notes',
tags='tags',
expires=True,
expiry_time=time,
icon=icons.KEY,
version=self.kp.version)
entry.title = changed_string + 'title'
entry.username = changed_string + 'username'
entry.password = changed_string + 'password'
entry.url = changed_string + 'url'
entry.notes = changed_string + 'notes'
entry.expires = False
entry.expiry_time = changed_time
entry.icon = icons.GLOBE
entry.set_custom_property('foo', 'bar')
self.assertEqual(entry.title, changed_string + 'title')
self.assertEqual(entry.username, changed_string + 'username')
self.assertEqual(entry.password, changed_string + 'password')
self.assertEqual(entry.url, changed_string + 'url')
self.assertEqual(entry.notes, changed_string + 'notes')
self.assertEqual(entry.icon, icons.GLOBE)
self.assertEqual(entry.get_custom_property('foo'), 'bar')
self.assertIn('foo', entry.custom_properties)
# test time properties
self.assertEqual(entry.expires, False)
self.assertEqual(
entry.expiry_time,
changed_time.replace(tzinfo=tz.gettz()).astimezone(
tz.gettz('UTC')))
entry.tags = 'changed_tags'
self.assertEqual(entry.tags, ['changed_tags'])
entry.tags = 'changed;tags'
self.assertEqual(entry.tags, ['changed', 'tags'])
entry.tags = ['changed', 'again', 'tags']
self.assertEqual(entry.tags, ['changed', 'again', 'tags'])
from termcolor import colored
parser = argparse.ArgumentParser(
description='Find & copy passwords to your clipboard from a KDBX file')
parser.add_argument('string', help='String to find')
args = vars(parser.parse_args())
to_find = args['string']
# KDBX files
db_kdbx = '/path/to/you/file.kdbx'
db_key = '/path/to/you/file.kdbx'
db_password = '******'
kp = PyKeePass(db_kdbx, keyfile=db_key, password=db_password)
entries_found = kp.find_entries(title='(?i).*{}.*'.format(to_find),
regex=True,
first=False)
entries_found_dic = {}
counter = 0
for entry in entries_found:
entry_name = str(entries_found[counter]).\
replace('Entry: "', '').\
replace('"', '')
entries_found_dic[entry_name] = entries_found[counter]
counter += 1
entries_list_keys = list(entries_found_dic.keys())
questions = [
{
'type': 'list',
class DatabaseManager:
logging_manager = NotImplemented
db = NotImplemented
database_path = ""
password_try = ""
password_check = ""
password = ""
keyfile_hash = NotImplemented
changes = False
save_running = False
scheduled_saves = 0
database_file_descriptor = NotImplemented
def __init__(self,
database_path,
password=None,
keyfile=None,
logging_manager=None):
self.logging_manager = logging_manager
self.db = PyKeePass(database_path, password, keyfile)
self.database_path = database_path
self.database_file_descriptor = Gio.File.new_for_path(database_path)
self.password = password
#
# Group Transformation Methods
#
# Return the parent group object from the child group uuid
def get_group_parent_group_from_uuid(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
return group.parentgroup
# Return the parent group object from the child group object
def get_group_parent_group_from_object(self, group):
return group.parentgroup
# Return the belonging group object for a group uuid
def get_group_object_from_uuid(self, uuid):
return self.db.find_groups(uuid=uuid, first=True)
# Return the belonging group name for a group uuid
def get_group_name_from_uuid(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
return self.get_group_name_from_group_object(group)
# Return the path for a group object
def get_group_path_from_group_object(self, group):
return group.path
# Return the belonging group uuid for a group object
def get_group_uuid_from_group_object(self, group):
return group.uuid
# Return the belonging name for a group object
def get_group_name_from_group_object(self, group):
if group.name is None:
return ""
else:
return group.name
# Return the belonging notes for a group object
def get_group_notes_from_group_object(self, group):
if group.notes is None:
return ""
else:
return group.notes
# Return the belonging icon for a group object
def get_group_icon_from_group_object(self, group):
return group.icon
# Return the belonging notes for a group uuid
def get_group_notes_from_group_uuid(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
return self.get_group_notes_from_group_object(group)
# Return path for group uuid
def get_group_path_from_group_uuid(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
return group.path
#
# Entry Transformation Methods
#
# Return the belonging entry object for a entry uuid
def get_entry_object_from_uuid(self, uuid):
return self.db.find_entries(uuid=uuid, first=True)
# Return entry uuid from entry object
def get_entry_uuid_from_entry_object(self, entry):
return entry.uuid
# Return parent group from entry uuid
def get_entry_parent_group_from_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return entry.parentgroup
# Return parent group from entry object
def get_entry_parent_group_from_entry_object(self, entry):
return entry.parentgroup
# Return the belonging name for an entry object
def get_entry_name_from_entry_object(self, entry):
if entry.title is None:
return ""
else:
return entry.title
# Return entry name from entry uuid
def get_entry_name_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return self.get_entry_name_from_entry_object(entry)
# Return the belonging icon for an entry object
def get_entry_icon_from_entry_object(self, entry):
return entry.icon
# Return entry icon from entry uuid
def get_entry_icon_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return entry.icon
# Return the belonging username for an entry object
def get_entry_username_from_entry_object(self, entry):
if entry.username is None:
return ""
else:
return entry.username
# Return the belonging username for an entry uuid
def get_entry_username_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return self.get_entry_username_from_entry_object(entry)
# Return the belonging password for an entry object
def get_entry_password_from_entry_object(self, entry):
if entry.password is None:
return ""
else:
return entry.password
# Return the belonging password for an entry uuid
def get_entry_password_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return self.get_entry_password_from_entry_object(entry)
# Return the belonging url for an entry uuid
def get_entry_url_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return self.get_entry_url_from_entry_object(entry)
# Return the belonging url for an entry object
def get_entry_url_from_entry_object(self, entry):
if entry.url is None:
return ""
else:
return entry.url
# Return the belonging notes for an entry uuid
def get_entry_notes_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return entry.notes
# Return the belonging notes for an entry object
def get_entry_notes_from_entry_object(self, entry):
if entry.notes is None:
return ""
else:
return entry.notes
# Return the beloging expiry date for an entry uuid
def get_entry_expiry_date_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return entry.expiry_time
# Return the beloging expiry date for an entry object
def get_entry_expiry_date_from_entry_object(self, entry):
return entry.expiry_time
# Return the belonging color for an entry uuid
def get_entry_color_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.get_custom_property("color_prop_LcljUMJZ9X") is None:
return "NoneColorButton"
else:
return entry.get_custom_property("color_prop_LcljUMJZ9X")
# Return the belonging value for an attribute
def get_entry_attribute_value_from_entry_uuid(self, uuid, key):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.get_custom_property(key) is None:
return ""
else:
return entry.get_custom_property(key)
# Return all attributes for an entry uuid
def get_entry_attributes_from_entry_uuid(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return entry.custom_properties
# Return all attributes for an entry object
def get_entry_attributes_from_entry_object(self, entry):
return entry.custom_properties
#
# Entry Checks
#
def has_entry_name(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.title is None:
return False
else:
return True
def has_entry_username(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.username is None:
return False
else:
return True
def has_entry_password(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.password is None:
return False
else:
return True
def has_entry_url(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.url is None:
return False
else:
return True
def has_entry_notes(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.notes is None:
return False
else:
return True
def has_entry_icon(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.icon is None:
return False
else:
return True
def has_entry_expiry_date(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
return entry.expires
def has_entry_expired(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.expired is False:
return False
else:
return True
def has_entry_color(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.get_custom_property(
"color_prop_LcljUMJZ9X") is None or entry.get_custom_property(
"color_prop_LcljUMJZ9X") == "NoneColorButton":
return False
else:
return True
def has_entry_attributes(self, uuid):
entry = self.db.find_entries(uuid=uuid, first=True)
if len(entry.custom_properties) == 0:
return False
else:
return True
def has_entry_attribute(self, uuid, key):
entry = self.db.find_entries(uuid=uuid, first=True)
if entry.get_custom_property(key) is None:
return False
else:
return True
#
# Group Checks
#
def has_group_name(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
if group.name is None:
return False
else:
return True
def has_group_notes(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
if group.notes is None:
return False
else:
return True
def has_group_icon(self, uuid):
group = self.db.find_groups(uuid=uuid, first=True)
if group.icon is None:
return False
else:
return True
#
# Database Modifications
#
# Add new group to database
def add_group_to_database(self, name, icon, notes, parent_group):
group = self.db.add_group(parent_group, name, icon=icon, notes=notes)
self.changes = True
self.set_element_mtime(parent_group)
return group
# Delete a group
def delete_group_from_database(self, group):
self.db.delete_group(group)
self.changes = True
if group.parentgroup is not None:
self.set_element_mtime(group.parentgroup)
# Add new entry to database
def add_entry_to_database(self, name, username, password, url, notes, icon,
group_uuid):
destination_group = self.get_group_object_from_uuid(group_uuid)
entry = self.db.add_entry(
destination_group,
name,
username,
password,
url=url,
notes=notes,
expiry_time=None,
tags=None,
icon=icon,
force_creation=self.check_entry_in_group_exists(
"", destination_group))
self.changes = True
self.set_element_mtime(destination_group)
return entry
# Delete an entry
def delete_entry_from_database(self, entry):
self.db.delete_entry(entry)
self.changes = True
if entry.parentgroup is not None:
self.set_element_mtime(entry.parentgroup)
# Duplicate an entry
def duplicate_entry(self, entry):
title = entry.title
if title is None:
title = ""
username = entry.username
if username is None:
username = ""
password = entry.password
if password is None:
password = ""
# NOTE: With clone is meant a duplicated object, not the process of cloning/duplication; "the" clone
clone_entry = self.db.add_entry(entry.parentgroup,
title + " - " + _("Clone"),
username,
password,
url=entry.url,
notes=entry.notes,
expiry_time=entry.expiry_time,
tags=entry.tags,
icon=entry.icon,
force_creation=True)
# Add custom properties
for key in entry.custom_properties:
value = entry.custom_properties[key]
if value is None:
value = ""
clone_entry.set_custom_property(key, value)
self.changes = True
if entry.parentgroup is not None:
self.set_element_mtime(entry.parentgroup)
# Write all changes to database
def save_database(self):
if self.save_running is False and self.changes is True:
self.save_running = True
kdbx = KDBX.build(self.db.kdbx,
password=self.db.password,
keyfile=self.db.keyfile)
try:
output_stream = self.database_file_descriptor.replace(
None, False, Gio.FileCreateFlags.REPLACE_DESTINATION
| Gio.FileCreateFlags.PRIVATE, None)
output_stream.write_all(kdbx)
output_stream.close()
self.logging_manager.debug("Saved database")
self.changes = False
except Exception:
self.logging_manager.error(
"Error occured while saving database")
# Workaround
# Fix created and proposed: https://github.com/pschmitt/pykeepass/pull/102
self.db.kdbx = KDBX.parse_file(self.db.filename,
password=self.db.password,
keyfile=self.db.keyfile)
self.save_running = False
# Set database password
def set_database_password(self, new_password):
self.db.password = new_password
self.changes = True
# Set database keyfile
def set_database_keyfile(self, new_keyfile):
self.db.keyfile = new_keyfile
self.changes = True
#
# Entry Modifications
#
def set_entry_name(self, uuid, name):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.title = name
self.changes = True
self.set_element_mtime(entry)
def set_entry_username(self, uuid, username):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.username = username
self.changes = True
self.set_element_mtime(entry)
def set_entry_password(self, uuid, password):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.password = password
self.changes = True
self.set_element_mtime(entry)
def set_entry_url(self, uuid, url):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.url = url
self.changes = True
self.set_element_mtime(entry)
def set_entry_notes(self, uuid, notes):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.notes = notes
self.changes = True
self.set_element_mtime(entry)
def set_entry_icon(self, uuid, icon):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.icon = icon
self.changes = True
self.set_element_mtime(entry)
def set_entry_expiry_date(self, uuid, date):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.expiry_time = date
entry.expires
self.changes = True
self.set_element_mtime(entry)
def set_entry_color(self, uuid, color):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.set_custom_property("color_prop_LcljUMJZ9X", color)
self.changes = True
self.set_element_mtime(entry)
def set_entry_attribute(self, uuid, key, value):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.set_custom_property(key, value)
self.changes = True
self.set_element_mtime(entry)
def delete_entry_attribute(self, uuid, key):
entry = self.db.find_entries(uuid=uuid, first=True)
entry.delete_custom_property(key)
self.changes = True
self.set_element_mtime(entry)
# Move an entry to another group
def move_entry(self, uuid, destination_group_object):
entry = self.db.find_entries(uuid=uuid, first=True)
self.db.move_entry(entry, destination_group_object)
if entry.parentgroup is not None:
self.set_element_mtime(entry.parentgroup)
self.set_element_mtime(destination_group_object)
def set_element_ctime(self, element):
element.ctime = datetime.utcnow()
def set_element_atime(self, element):
element.atime = datetime.utcnow()
def set_element_mtime(self, element):
element.mtime = datetime.utcnow()
#
# Group Modifications
#
def set_group_name(self, uuid, name):
group = self.db.find_groups(uuid=uuid, first=True)
group.name = name
self.changes = True
self.set_element_mtime(group)
def set_group_notes(self, uuid, notes):
group = self.db.find_groups(uuid=uuid, first=True)
group.notes = notes
self.set_element_mtime(group)
def set_group_icon(self, uuid, icon):
group = self.db.find_groups(uuid=uuid, first=True)
group.icon = icon
self.set_element_mtime(group)
# Move an group
def move_group(self, uuid, destination_group_object):
group = self.db.find_groups(uuid=uuid, first=True)
self.db.move_group(group, destination_group_object)
if group.parentgroup is not None:
self.set_element_mtime(group.parentgroup)
self.set_element_mtime(destination_group_object)
#
# Read Database
#
def get_groups_in_root(self):
return self.db.root_group.subgroups
# Return list of all groups in folder
def get_groups_in_folder(self, uuid):
folder = self.get_group_object_from_uuid(uuid)
return folder.subgroups
# Return list of all entries in folder
def get_entries_in_folder(self, uuid):
parent_group = self.get_group_object_from_uuid(uuid)
return parent_group.entries
# Return the database filesystem path
def get_database(self):
return self.database_path
# Return the root group of the database instance
def get_root_group(self):
return self.db.root_group
# Check if root group
def check_is_root_group(self, group):
if group.is_root_group:
return True
else:
return False
# Check if entry with title in group exists
def check_entry_in_group_exists(self, title, group):
entry = self.db.find_entries(title=title,
group=group,
recursive=False,
history=False,
first=True)
if entry is None:
return False
else:
return True
# Search for an entry or a group
def search(self, string, fulltext, global_search=True, path=None):
uuid_list = []
if fulltext is False:
for group in self.db.find_groups(name="(?i)" +
string.replace(" ", ".*"),
recursive=global_search,
path=path,
regex=True):
if group.is_root_group is False:
uuid_list.append(group.uuid)
else:
for group in self.db.groups:
if group.is_root_group is False and group.uuid not in uuid_list:
if string.lower(
) in self.get_group_notes_from_group_object(group):
uuid_list.append(group.uuid)
if fulltext is False:
for entry in self.db.find_entries(title="(?i)" +
string.replace(" ", ".*"),
recursive=global_search,
path=path,
regex=True):
uuid_list.append(entry.uuid)
else:
for entry in self.db.entries:
if entry.uuid not in uuid_list:
if string.lower(
) in self.get_entry_username_from_entry_object(entry):
uuid_list.append(entry.uuid)
elif string.lower(
) in self.get_entry_notes_from_entry_object(entry):
uuid_list.append(entry.uuid)
return uuid_list
# Check if object is group
def check_is_group(self, uuid):
if self.get_group_object_from_uuid(uuid) is None:
return False
else:
return True
def check_is_group_object(self, group):
return hasattr(group, "name")
#
# Properties
#
def get_element_creation_date(self, element):
if element.ctime is not None:
local_timestamp = element.ctime.astimezone(tz.tzlocal())
timestamp = GLib.DateTime.new_local(
int(datetime.strftime(local_timestamp, "%Y")),
int(datetime.strftime(local_timestamp, "%m")),
int(datetime.strftime(local_timestamp, "%d")),
int(datetime.strftime(local_timestamp, "%H")),
int(datetime.strftime(local_timestamp, "%M")),
float(datetime.strftime(local_timestamp, "%S")))
return timestamp.format("%c")
else:
return "-"
def get_element_acessed_date(self, element):
if element.atime is not None:
local_timestamp = element.atime.astimezone(tz.tzlocal())
timestamp = GLib.DateTime.new_local(
int(datetime.strftime(local_timestamp, "%Y")),
int(datetime.strftime(local_timestamp, "%m")),
int(datetime.strftime(local_timestamp, "%d")),
int(datetime.strftime(local_timestamp, "%H")),
int(datetime.strftime(local_timestamp, "%M")),
float(datetime.strftime(local_timestamp, "%S")))
return timestamp.format("%c")
else:
return "-"
def get_element_modified_date(self, element):
if element.mtime is not None:
local_timestamp = element.mtime.astimezone(tz.tzlocal())
timestamp = GLib.DateTime.new_local(
int(datetime.strftime(local_timestamp, "%Y")),
int(datetime.strftime(local_timestamp, "%m")),
int(datetime.strftime(local_timestamp, "%d")),
int(datetime.strftime(local_timestamp, "%H")),
int(datetime.strftime(local_timestamp, "%M")),
float(datetime.strftime(local_timestamp, "%S")))
return timestamp.format("%c")
else:
return "-"
#
# Database creation methods
#
# Set the first password entered by the user (for comparing reasons)
def set_password_try(self, password):
self.password_try = password
# Set the second password entered by the user (for comparing reasons)
def set_password_check(self, password):
self.password_check = password
# Compare the first password entered by the user with the second one
def compare_passwords(self):
if self.password_try == self.password_check:
if self.password_try == "" and self.password_check == "":
return False
else:
return True
else:
return False
# Create keyfile hash
def create_keyfile_hash(self, keyfile_path):
hasher = hashlib.sha512()
with open(keyfile_path, 'rb') as file:
buffer = 0
while buffer != b'':
buffer = file.read(1024)
hasher.update(buffer)
return hasher.hexdigest()
# Set keyfile hash
def set_keyfile_hash(self, keyfile_path):
self.keyfile_hash = self.create_keyfile_hash(keyfile_path)
# Get changes
def made_database_changes(self):
return self.changes
def parent_checker(self, current_group, moved_group):
if current_group.is_root_group:
return False
elif current_group.uuid == moved_group.uuid:
return True
else:
return self.parent_checker(current_group.parentgroup, moved_group)
def get_database_encryption(self):
return self.db.encryption_algorithm
def get_database_derivation(self):
return self.db.version
class KeepassVault(Vault):
def __init__(self, vault_configs):
validate(vault_configs, "yac/schema/vaults/keepass.json")
self.vault_path = search('"vault-path"', vault_configs)
vault_pwd_path = search('"vault-pwd-path"', vault_configs)
self.vault_pwd = search('"vault-pwd"', vault_configs)
if not self.vault_pwd and vault_pwd_path and os.path.exists(
vault_pwd_path):
self.vault_pwd = read_pwd_file(vault_pwd_path)
self.ready = False
self.initialized = False
self.kp = None
def get_type(self):
return "keepass"
def initialize(self, params):
servicefile_path = params.get("servicefile-path", "")
# apply intrinsics in the vault password
vault_pwd = apply_intrinsics(self.vault_pwd, params)
full_path = os.path.join(servicefile_path, self.vault_path)
if os.path.exists(full_path):
if vault_pwd:
try:
self.kp = PyKeePass(full_path, password=vault_pwd)
self.ready = True
self.initialized = True
except IOError as e:
print(e)
else:
self.ready = False
self.initialized = False
def is_ready(self):
return self.ready
def is_initialized(self):
return self.initialized
def get(self, lookup_config):
entry = self.kp.find_entries(path=lookup_config['path'], first=True)
value = ""
if entry:
field_name = lookup_config['field']
if field_name == "password":
value = entry.password
elif field_name == "username":
value = entry.username
elif field_name == "url":
value = entry.url
elif field_name == "notes":
value = entry.notes
return value
def set(self, lookup_config, secret_value):
entry = self.kp.find_entries(path=lookup_config['path'], first=True)
if entry:
field_name = lookup_config['field']
if field_name == "password":
entry.password = secret_value
elif field_name == "username":
entry.username = secret_value
elif field_name == "url":
entry.url = secret_value
self.kp.save()
def load_cached_vault_path(self):
vault_path = get_cache_value('keepass-vault-path')
if not vault_path:
vault_path = string_validation(
"KeePass Vault Path",
"Path to the KeePass vault file for secrets lookup", [],
path_validation, True)
set_cache_value_ms('keepass-vault-path', vault_path)
return vault_path
def load_cached_vault_pwd(self):
vault_pwd = get_cache_value('keepass-vault-pwd')
if not vault_pwd:
vault_pwd = string_validation(
"KeePass Vault Password",
"The master key for the KeePass vault", [], string_validation,
True, 100, True)
set_cache_value_ms('keepass-vault-pwd', vault_pwd)
return vault_pwd
def clear_secrets_cache(self):
set_cache_value_ms('keepass-vault-path', "")
set_cache_value_ms('keepass-vault-pwd', "")
def find(db: PyKeePass, title: str) -> str:
entry = db.find_entries(title=title, first=True)
if entry is None:
print(f"Entry not found: {title}", file=sys.stderr)
exit(1)
return entry.password
conns = [
('APP_DBA', 'dev.db.orac.dba', 'orac-db-dev.db.com', '1521', 'ORAC', 'DEV',
'MANDANT', 'ORAC', 'sid'),
('APP_DBA', 'prd.db.orac.dba', '0', '0', '0', 'PRD', 'MANDANT', 'ORAC',
'(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=orac-db-prd1.db.com)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=orac-db-prd2.db.com)(PORT=6777)))(CONNECT_DATA=(SERVICE_NAME=orac_primary.prd.db.de)))'
),
# add connections here
]
for conn in conns:
print('\n► Connection: ' + conn[5] + '-' + conn[6] + '-' + conn[7] + '-' +
conn[0])
# Get KeePass password
entry = kp.find_entries(title=conn[1], first=True)
# Setup connection
ora = conn[2] + ":" + conn[3] + "/" + conn[4]
if (conn[8] == 'sid'):
dsnStr = cx_Oracle.makedsn(conn[2], conn[3], conn[4])
else:
dsnStr = conn[8]
connection = cx_Oracle.connect(user=conn[0],
password=entry.password,
dsn=dsnStr)
cursor = connection.cursor()
# Execute query
if True:
cursor.execute(qry)
parser.add_argument('-c', '--command',
choices=cmd_choices,
default='get',
help='Command')
parser.add_argument('-g', '--group',
help='Target group to execute action')
parser.add_argument('-t', '--title',
help='Target title to execute action')
parser.add_argument('-u', '--user',
action='store_true',
help='Target group to execute action')
args = parser.parse_args()
logging.basicConfig(level=logging.DEBUG)
logging.info('Start ...')
if not exists(args.path):
logging.info(f'No database {args.path}')
create_database(args.path, password=args.password)
logging.debug(f'Command: {args.command}')
kp = PyKeePass(args.path,
password=args.password)
group = kp.find_groups(name=args.group, first=True)
entry = kp.find_entries(group=group, title=args.title, first=True)
print(entry.password)
kp = PyKeePass(args.keepassfile, password=password)
# get group
group = kp.find_groups(name=args.group, first=True)
if group is None:
raise ValueError("Group \"" + args.group + "\" not found in database.")
# get entries
entries = []
# -> get all if no specific secret name(s) given
if args.secret is None:
entries = group.entries
# -> get all from specified secret name(s)
else:
for secret in args.secret:
result = kp.find_entries(title=secret, group=group, first=True)
entries.append(result) if result is not None else []
# now get values from the entries and print to stdout
printed = 0
if args.attribute is None:
args.attribute = ["secret"]
for entry in entries:
for att in args.attribute:
value = entry.get_custom_property(att)
if value is not None:
print(value)
printed += 1
# Log how many entries we found (stdout will be piped to kubectl...)
logging.error("Processed " + str(printed) + " secrets.")
text = msg.as_string()
server.sendmail(fromaddr, toaddr.split(','), text)
server.quit()
try:
dbpass = getpass.getpass(prompt='Enter the Keepass Password: '******'.*', regex=True,
recursive=True, first=False)
alldata = []
for ent in entry:
if ent.title:
titlelo = (ent.title).lower()
else:
titlelo = 'blank'
if ent.username:
userlo = (ent.username).lower()
else:
userlo = 'blank'
if ent.notes:
noteslo = (ent.notes).lower()
else:
#!/usr/bin/env python
"""
Retrieve a password from a KeePass database
"""
import sys
import argparse
from getpass import getpass
from pykeepass import PyKeePass
parser = argparse.ArgumentParser(
description='Retrieve a password from a KeePass database.')
parser.add_argument("kdb", type=str, help="path to a KeePass database file")
parser.add_argument("entry",
type=str,
help="path to the entry in the given KeePass database")
args = parser.parse_args()
kbd_passwd = getpass('Enter KeePass master password: '******'No KeePass entry found at path "{}"'.format(args.entry))
sys.exit(1)
print(entry.password)
print("parameter: ")
print()
print("--create generates an random password")
print("--title <value> tile for Keepass entry")
print("--username <value> username for Keepass entry")
print("--count amount of characters")
print("--hide hide password")
print("--temp do not write to keepassfile")
print("")
print("--getuser <searchstring> get username")
print("--getpassword <search string> get password")
if arg == '--getuser':
all = kp.entries
result = kp.find_entries(title=sys.argv[idx+1], first=True)
clipboard.copy(result.username)
if arg == '--getpassword':
all = kp.entries
result = kp.find_entries(title=sys.argv[idx+1], first=True)
clipboard.copy(result.password)
if arg == '--hide':
DISPLAYPWD = False
if arg == '--temp':
KEEPASSWRITE = False
if arg == '--create':
CREATE = True
parser.add_argument('-i', '--input-password', type=str, help='input keepass password', metavar='password')
parser.add_argument('-o', '--output-password', type=str, help='output keepass password', metavar='password')
parser.add_argument('-a', '--attribute', type=str, default='extract_to', help='attribute for getting entries', metavar='attribute')
args = parser.parse_args()
search_attribute = args.attribute
input_path = args.input_keepass
output_path = args.output_keepass
# ask for passwort if not passed by command line
input_password = args.input_password if args.input_password else getpass(prompt='Input KeePass password:'******'Output KeePass password:'******'.*'
for entry in input_keepass.find_entries(string=searchstring, regex=True):
_add_entry(output_keepass, entry)
# finally, save the output keepass
output_keepass.save()
class KeepassCredstore(Credstore):
def __init__(self, filename=None):
super().__init__()
self.filename = filename
self.log = self.log.bind(cls=__class__.__name__,
filename=self.filename)
self.db = None
@property
def name(self):
return self.filename
def unlock(self, unlock_secret=None):
self.log.msg('unlocking')
try:
from pykeepass import PyKeePass
if unlock_secret is None:
unlock_secret = getpass.getpass(
"Enter password to unlock Keepass database '{}': ".format(
self.filename))
self.db = PyKeePass(self.filename, password=unlock_secret)
self.log.msg('loaded keepass file',
entry_count=len(self.db.entries))
return True
except ImportError as err:
self.log.msg('keepass load error, pykeepass module missing')
return False
except Exception as e:
self.log.msg('keepass error, password is likely wrong', exc=e)
self.db = None
return False
def get_identity(self, url):
log = self.log.bind(url=url)
log.msg('looking for identity')
entries = self.db.find_entries(url=url,
group=self.db.find_groups(name='Root',
first=True))
if len(entries) > 1:
log.msg("multiple entries found, please specify identity manually",
paths=[e.path for e in entries])
return None
elif len(entries) == 0:
log.msg('no matching entries found')
return None
else:
entry = next(iter(entries))
log.msg('found entry', uuid=entry.uuid, path=entry.path)
return entry.username
return None
def get_credentials(self, url, identity):
log = self.log.bind(url=url, identity=identity)
log.msg('looking for credentials')
entry = self.db.find_entries(url=url, username=identity, first=True)
if entry:
log.msg('entry found', uuid=entry.uuid, path=entry.path)
return dict(identity=entry.username,
password=entry.password,
custom_properties=entry.custom_properties)
else:
log.msg('no entry found')
password = getpass.getpass(
"Enter password for login '{}' used to access URL '{}': ".
format(identity, url))
return dict(identity=entry.username,
password=password,
custom_properties={})
return None
def write_token_data(entry_name,
kps_group,
token_data,
kps_pswd,
history_group=None):
try:
kp = PyKeePass(kps_file, password=kps_pswd)
entry = kp.find_entries(title=entry_name, first=True)
if entry is not None:
notes = entry._get_string_field('Notes')
updated_notes = ''
current_envs = dict()
for env in notes.split('\n'):
try:
splitted = env.split(':')
current_envs.update({splitted[0]: splitted[1]})
except:
pass
for updated_environment in token_data.keys():
if history_group:
if updated_environment == history_group:
entry.notes = updated_notes
entry.expiry_time = datetime.now() + timedelta(
days=365)
entry.expires = True
else:
entry.notes = updated_notes
entry.expiry_time = datetime.now() + timedelta(days=365)
entry.expires = True
for current_env_name, current_env_token in current_envs.items():
if current_env_name not in token_data.keys():
token_data.update({current_env_name: current_env_token})
for env_name, env_token in token_data.items():
updated_notes += env_name + ': ' + env_token + '\n'
else:
group = kp.find_groups(name=kps_group, first=True)
entry = kp.add_entry(group, entry_name, '', '')
notes = ''
for env_name, env_token in token_data.items():
notes += env_name + ': ' + env_token + '\n'
entry.notes = notes
entry.expiry_time = datetime.now() + timedelta(days=365)
entry.expires = True
kp.save()
return True
except Exception as e:
print('[ERRO] - Erro ao gravar dados no Keepass %s:\n%s' %
(kps_file, str(e)),
file=sys.stderr)
pass
