eising/sshecret
1
0
Fork 0
Code Issues 28 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Implement oidc login

Browse Source
This commit is contained in:
Allan Eising
2025-05-30 10:57:59 +02:00
parent b491dff4b1
commit 391e310b91
39 changed files with 938 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/sshecret-admin/src/sshecret_admin/services/admin_backend.py
View File

@ -9,7 +9,6 @@ from contextlib import contextmanager
from sshecret.backend import (
AuditLog,
AuditFilter,
AuditListResult,
Client,
ClientFilter,

12
packages/sshecret-admin/src/sshecret_admin/services/master_password.py
View File

@ -44,7 +44,9 @@ def decrypt_master_password(
if not keyfile.exists():
raise RuntimeError("Error: Private key has not been generated yet.")
private_key = load_private_key(str(keyfile.absolute()), password=settings.secret_key)
private_key = load_private_key(
str(keyfile.absolute()), password=settings.secret_key
)
return decode_string(encrypted, private_key)
@ -69,16 +71,16 @@ def _initial_key_setup(
return True
def _generate_master_password(
settings: AdminServerSettings, keyfile: Path
) -> str:
def _generate_master_password(settings: AdminServerSettings, keyfile: Path) -> str:
"""Generate master password for password database.
Returns the encrypted string, base64 encoded.
"""
if not keyfile.exists():
raise RuntimeError("Error: Private key has not been generated yet.")
private_key = load_private_key(str(keyfile.absolute()), password=settings.secret_key)
private_key = load_private_key(
str(keyfile.absolute()), password=settings.secret_key
)
public_key = private_key.public_key()
master_password = _generate_password()
return encrypt_string(master_password, public_key)

12
packages/sshecret-admin/src/sshecret_admin/services/models.py
View File

@ -75,7 +75,7 @@ class SecretUpdate(BaseModel):
value: str | AutoGenerateOpts = Field(
description="Secret as string value or auto-generated with optional length",
examples=["MySecretString", {"auto_generate": True, "length": 32}]
examples=["MySecretString", {"auto_generate": True, "length": 32}],
)
def get_secret(self) -> str:
@ -85,7 +85,7 @@ class SecretUpdate(BaseModel):
"""
if isinstance(self.value, str):
return self.value
secret = secrets.token_urlsafe(32)[:self.value.length]
secret = secrets.token_urlsafe(32)[: self.value.length]
return secret
@ -93,7 +93,9 @@ class SecretCreate(SecretUpdate):
"""Model to create a secret."""
name: str
clients: list[str] | None = Field(default=None, description="Assign the secret to a list of clients.")
clients: list[str] | None = Field(
default=None, description="Assign the secret to a list of clients."
)
model_config: ConfigDict = ConfigDict(
json_schema_extra={
@ -101,12 +103,12 @@ class SecretCreate(SecretUpdate):
{
"name": "MySecret",
"clients": ["client-1", "client-2"],
"value": { "auto_generate": True, "length": 32 }
"value": {"auto_generate": True, "length": 32},
},
{
"name": "MySecret",
"value": "mysecretstring",
}
},
]
}
)