def run(self, terms, variables, **kwargs): filename = self.get_filename() password = self.get_password() ret = [] kp = PyKeePass(filename, password) for term in terms: path, attribute = term.rsplit('.', 1) found = kp.find_entries_by_path(path, first=True) if not found: raise AnsibleError( "Entry %s not found in keepass-Database %s" % \ (path, filename) ) if attribute.startswith('attr_'): dict = found.custom_properties value = dict[attribute[len('attr_'):]] else: value = getattr(found, attribute) ret.append(value) return ret
def process(): args = get_args() print(args.dbpath) if not os.path.exists(args.dbpath): print("DB file path does not exist", file=sys.stderr) sys.exit(1) password = getpass() try: db = KP(args.dbpath, password=password) except FileNotFoundError: print("DB file path does not exist", file=sys.stderr) sys.exit(1) except OSError: print("Invalid password", file=sys.stderr) sys.exit(1) except Exception: print("Misc error", file=sys.stderr) sys.exit(1) groups = db.find_groups_by_name(args.groupname) if len(groups) == 0: print("Group does not exist", file=sys.stderr) sys.exit(1) if len(groups) > 1: print("Multiple groups of that name exist. Cannot continue", file=sys.stderr) sys.exit(1) group = groups[0] ## Only grab from root path = "".join([db.root_group.path, args.entrytitle]) entries = db.find_entries_by_path(path) if len(entries) == 0: print("Entry by that title does not exist", file=sys.stderr) for entry in entries: group.append(entry) db.save()
def run(self, terms, variables, **kwargs): filename = self.get_filename() password = self.get_password() ret = [] kp = PyKeePass(filename, password) for term in terms: path, attribute = term.rsplit('.', 1) found = kp.find_entries_by_path(path, first=True) if not found: raise AnsibleError( "Entry %s not found in keepass-Database %s" % \ (path, filename) ) value = getattr(found, attribute) ret.append(value) return ret
class TestSshEntries(unittest.TestCase): def setUp(self): self.kdb = PyKeePass('./keys.kdbx', '1234') self.agent = SshAgentClient() def tearDown(self): self.agent.close() def test_embedded_rsa(self): entry = self.kdb.find_entries_by_path('embedded_keys/id_rsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_embedded_dsa(self): entry = self.kdb.find_entries_by_path('embedded_keys/id_dsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_embedded_ecdsa(self): entry = self.kdb.find_entries_by_path('embedded_keys/id_ecdsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_file_rsa(self): entry = self.kdb.find_entries_by_path('file_keys/id_rsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_file_dsa(self): entry = self.kdb.find_entries_by_path('file_keys/id_dsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_file_ecdsa(self): entry = self.kdb.find_entries_by_path('file_keys/id_ecdsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_passwordless_rsa(self): entry = self.kdb.find_entries_by_path('without_passphrase/id_rsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_passwordless_dsa(self): entry = self.kdb.find_entries_by_path('without_passphrase/id_dsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key)) def test_passwordless_ecdsa(self): entry = self.kdb.find_entries_by_path('without_passphrase/id_ecdsa')[0] ssh_entry = SshEntry(self.kdb, entry) private_key = ssh_entry.private_key self.agent.add_key(private_key) self.assertTrue(self.agent.is_key_active(private_key))
class EntryFunctionTests(unittest.TestCase): # get some things ready before testing def setUp(self): self.kp = PyKeePass(os.path.join(base_dir, 'test.kdbx'), password='******', keyfile=os.path.join(base_dir, 'test.key')) #---------- Finding entries ----------- def test_find_entries_by_title(self): results = self.kp.find_entries_by_title('root_entry') self.assertEqual(len(results), 1) results = self.kp.find_entries_by_title('Root_entry', regex=True, flags='i', first=True) self.assertEqual('root_entry', results.title) def test_find_entries_by_username(self): results = self.kp.find_entries_by_username('foobar_user') self.assertEqual(len(results), 2) results = self.kp.find_entries_by_username('Foobar_user', regex=True, flags='i', first=True) self.assertEqual('foobar_user', results.username) def test_find_entries_by_password(self): results = self.kp.find_entries_by_password('passw0rd') self.assertEqual(len(results), 2) results = self.kp.find_entries_by_password('Passw0rd', regex=True, flags='i', first=True) self.assertEqual('passw0rd', results.password) def test_find_entries_by_url(self): results = self.kp.find_entries_by_url('http://example.com') self.assertEqual(len(results), 2) results = self.kp.find_entries_by_url('http://example.com', first=True) self.assertEqual('http://example.com', results.url) def test_find_entries_by_notes(self): results = self.kp.find_entries_by_notes('entry notes') self.assertEqual(len(results), 1) results = self.kp.find_entries_by_notes('entry notes', regex=True) self.assertEqual(len(results), 2) results = self.kp.find_entries_by_notes('Entry notes', regex=True, flags='i', first=True) self.assertEqual('root entry notes', results.notes) def test_find_entries_by_path(self): results = self.kp.find_entries_by_path('foobar_group/group_entry') self.assertEqual(len(results), 1) results = self.kp.find_entries_by_path('foobar_group/Group_entry', regex=True, flags='i', first=True) self.assertIsInstance(results, Entry) self.assertEqual('group_entry', results.title) def test_find_entries_by_uuid(self): results = self.kp.find_entries_by_uuid('zF9+zSoASMqWIcIio0ewuw==')[0] self.assertIsInstance(results, Entry) self.assertEqual('zF9+zSoASMqWIcIio0ewuw==', results.uuid) self.assertEqual('foobar_user', results.username) def test_find_entries_by_string(self): results = self.kp.find_entries_by_string( {'custom_field': 'custom field value'})[0] self.assertIsInstance(results, Entry) self.assertEqual('custom field value', results.get_custom_property('custom_field')) self.assertEqual('HnN4bHSVjEybPf8nOq1bVA==', results.uuid) def test_find_entries(self): results = self.kp.find_entries(title='Root_entry', regex=True) self.assertEqual(len(results), 0) results = self.kp.find_entries(title='Root_entry', regex=True, flags='i', first=True) self.assertEqual('root_entry', results.title) results = self.kp.find_entries(url="http://example.com") self.assertEqual(len(results), 2) results = self.kp.find_entries(notes="entry notes", url="http://example.com") self.assertEqual(len(results), 1) self.assertTrue( self.kp.find_entries(title='group_entry', first=True) in results) # test `group` argument results = self.kp.find_entries(title='foobar_entry', group=None) self.assertEqual(len(results), 3) group = self.kp.find_groups(name='foobar_group', first=True) results = self.kp.find_entries(title='foobar_entry', group=group) self.assertEqual(len(results), 2) #---------- Adding/Deleting entries ----------- def test_add_delete_move_entry(self): unique_str = 'test_add_entry_' expiry_time = datetime.now() entry = self.kp.add_entry(self.kp.root_group, unique_str + 'title', unique_str + 'user', unique_str + 'pass', url=unique_str + 'url', notes=unique_str + 'notes', tags=unique_str + 'tags', expiry_time=expiry_time, icon=icons.KEY) results = self.kp.find_entries_by_title(unique_str + 'title') self.assertEqual(len(results), 1) results = self.kp.find_entries_by_title(unique_str + 'title', first=True) self.assertEqual(results.title, unique_str + 'title') self.assertEqual(results.username, unique_str + 'user') self.assertEqual(results.password, unique_str + 'pass') self.assertEqual(results.url, unique_str + 'url') self.assertEqual(results.notes, unique_str + 'notes') self.assertEqual(results.tags, [unique_str + 'tags']) # convert naive datetime to utc expiry_time_utc = expiry_time.replace(tzinfo=tz.gettz()).astimezone( tz.gettz('UTC')) self.assertEqual(results.icon, icons.KEY) sub_group = self.kp.add_group(self.kp.root_group, 'sub_group') self.kp.move_entry(entry, sub_group) results = self.kp.find_entries(path='sub_group/' + 'test_add_entry_title', first=True) self.assertEqual(results.title, entry.title) self.kp.delete_entry(entry) results = self.kp.find_entries_by_title(unique_str + 'title', first=True) self.assertIsNone(results) # test adding entry which exists in another group subgroup = self.kp.find_groups(name='subgroup2', first=True) self.kp.add_entry(subgroup, title='foobar_entry', username='******', password='******') # test adding entry to root which exists in subgroup self.kp.add_entry(subgroup, title='foobar_entry2', username='******', password='******') self.kp.add_entry(self.kp.root_group, title='foobar_entry2', username='******', password='******') #---------- Entries name collision exception ----------- def test_raise_exception_entry(self): unique_str = 'test_add_entry_' entry = self.kp.add_entry(self.kp.root_group, unique_str + 'title', unique_str + 'user', unique_str + 'pass', url=unique_str + 'url', notes=unique_str + 'notes', tags=unique_str + 'tags', icon=icons.KEY) self.assertRaises(Exception, entry) # ---------- Entries representation ----------- def test_print_entries(self): self.assertIsInstance(self.kp.entries.__repr__(), str)
def main(): """ Out main processing function :return: """ if not is_root(): if is_atty(): elevate.elevate(graphical=False) else: elevate.elevate() args = parse_arguments() if args.terminate: terminate() exit() if args.configure: configure() exit() # load configuration config = load_conf(args.config) if "url" not in config: config["url"] = input("Enter SSO gateway: ") # look for credentials in the arguments if args.email is None: if "store" in config: if "email" in config["store"]: email = config["store"]["email"] if "password" in config["store"]: password = config["store"]["password"] elif "type" in config["store"]: if config["store"]["type"] == "keepassxc": kp_password = getpass.getpass("Enter KeepassXC Password: "******"store"]["database"], password=kp_password) entry = kp.find_entries_by_path(config["store"]["entry"]) email = entry.username password = entry.password else: email = args.email options = Options() if not args.show: options.headless = True options.add_argument("--no-sandbox") browser = webdriver.Chrome(executable_path="/usr/local/bin/chromedriver", options=options) browser.get(config["url"]) time.sleep(1) assert "HPE Log on" in browser.title input_username = browser.find_element_by_name("pf.username") input_username.clear() input_username.send_keys(email) input_password = browser.find_element_by_name("pf.pass") input_password.clear() input_password.send_keys(password) input_password.send_keys(Keys.RETURN) print("Waiting for PingID MFA Approval") while browser.title != "Pulse Connect Secure - Home": if "HP Global VPN - Confirmation Open Sessions" in browser.title: try: input_postfix_sid = browser.find_element_by_name("postfixSID") input_postfix_sid.click() except selenium.common.exceptions.NoSuchElementException: pass try: input_btn_continue = browser.find_element_by_name( "btnContinue") input_btn_continue.click() except selenium.common.exceptions.NoSuchElementException: time.sleep(1) cookies = browser.get_cookies() for cookie in cookies: if cookie["name"] == "DSID": dsid = cookie["value"] browser.quit() if args.echo: print( "/usr/sbin/openconnect --pid-file=/var/run/pingmfa --background --protocol nc -C DSID={} https://global.remoteaccess.hp.com" .format(dsid)) exit() attempt_count = 0 while attempt_count < args.attempts: command = "/usr/sbin/openconnect --pid-file=/var/run/pingmfa --background --protocol nc -C DSID={} https://global.remoteaccess.hp.com".format( dsid) cmd_args = shlex.split(command) result = subprocess.run(cmd_args) attempt_count += 1 if result.returncode == 0: exit() time.sleep(1)