cassandra/pylib/cqlshlib/authproviderhandling.py

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""
Handles loading of AuthProvider for CQLSH authentication.
"""

import configparser
import sys
from importlib import import_module
from cqlshlib.util import is_file_secure


def _warn_for_plain_text_security(config_file, provider_settings):
    """
    Call when using PlainTextAuthProvider
    check to see if password appears in the basic provider settings
    as this is a security risk

    Will write errors to stderr
    """
    if 'password' in provider_settings:
        if not is_file_secure(config_file):
            print("""\nWarning: Password is found in an insecure cqlshrc file.
                    The file is owned or readable by other users on the system.""",
                  end='',
                  file=sys.stderr)
        print("""\nNotice: Credentials in the cqlshrc file is deprecated and
        will be ignored in the future.\n
        Please use a credentials file to
        specify the username and password.\n""",
              file=sys.stderr)


def load_auth_provider(config_file=None, cred_file=None, username=None, password=None):
    """
    Function which loads an auth provider from available config.

    Params:
    * config_file ..: path to cqlsh config file (usually ~/.cassandra/cqlshrc).
    * cred_file ....: path to cqlsh credentials file (default is  ~/.cassandra/credentials).
    * username .....: override used to return PlainTextAuthProvider according to legacy case
    * password .....: override used to return PlainTextAuthProvider according to legacy case

    Will attempt to load an auth provider from available config file, using what's found in
    credentials file as an override.

    Config file is expected to list module name /class in the *auth_provider*
    section for dynamic loading (which is to be of type auth_provider)

    Additional params passed to the constructor of class should be specified
    in the *auth_provider* section and can be freely named to match
    auth provider's expectation.

    If passed username and password these will be overridden and passed to auth provider

    None is returned if no possible auth provider is found, and no username/password can be
    returned.  If a username is found, system will assume that PlainTextAuthProvider was
    specified

    EXAMPLE  CQLSHRC:
    # .. inside cqlshrc file

    [auth_provider]
    module = cassandra.auth
    classname = PlainTextAuthProvider
    username = user1
    password = password1

    if credentials file is specified put relevant properties under the class name
    EXAMPLE
    # ... inside credentials file for above example
    [PlainTextAuthProvider]
    password = password2

    Credential attributes will override found in the cqlshrc.
    in the above example, PlainTextAuthProvider would be used with a password of 'password2',
    and username of 'user1'
    """

    def get_settings_from_config(section_name,
                                 conf_file,
                                 interpolation=configparser.BasicInterpolation()):
        """
        Returns dict from section_name, and ini based conf_file

        * section_name ..: Section to read map of properties from (ex: [auth_provider])
        * conf_file .....: Ini based config file to read.  Will return empty dict if None.
        * interpolation .: Interpolation to use.

        If section is not found, or conf_file is None, function will return an empty dictionary.
        """
        conf = configparser.ConfigParser(interpolation=interpolation)
        if conf_file is None:
            return {}

        conf.read(conf_file)
        if section_name in conf.sections():
            return dict(conf.items(section_name))
        return {}

    def get_cred_file_settings(classname, creds_file):
        # Since this is the credentials file we may be encountering raw strings
        # as these are what passwords, or security tokens may inadvertently fall into
        # we don't want interpolation to mess with them.
        return get_settings_from_config(
            section_name=classname,
            conf_file=creds_file,
            interpolation=None)

    def get_auth_provider_settings(conf_file):
        return get_settings_from_config(
            section_name='auth_provider',
            conf_file=conf_file)

    def get_legacy_settings(legacy_username, legacy_password):
        result = {}
        if legacy_username is not None:
            result['username'] = legacy_username
        if legacy_password is not None:
            result['password'] = legacy_password
        return result

    provider_settings = get_auth_provider_settings(config_file)

    module_name = provider_settings.pop('module', None)
    class_name = provider_settings.pop('classname', None)

    if module_name is None and class_name is None:
        # not specified, default to plaintext auth provider
        module_name = 'cassandra.auth'
        class_name = 'PlainTextAuthProvider'
    elif module_name is None or class_name is None:
        # then this was PARTIALLY specified.
        return None

    credential_settings = get_cred_file_settings(class_name, cred_file)

    if module_name == 'cassandra.auth' and class_name == 'PlainTextAuthProvider':
        # merge credential settings as overrides on top of provider settings.

        # we need to ensure that password property gets "set" in all cases.
        # this is to support the ability to give the user a prompt in other parts
        # of the code.
        _warn_for_plain_text_security(config_file, provider_settings)
        ctor_args = {'password': None,
                     **provider_settings,
                     **credential_settings,
                     **get_legacy_settings(username, password)}
        # if no username, we can't create PlainTextAuthProvider
        if 'username' not in ctor_args:
            return None
    else:
        # merge credential settings as overrides on top of provider settings.
        ctor_args = {**provider_settings,
                     **credential_settings,
                     **get_legacy_settings(username, password)}

    # Load class definitions
    module = import_module(module_name)
    auth_provider_klass = getattr(module, class_name)

    # instantiate the class
    return auth_provider_klass(**ctor_args)