Add HTTPS Basic Auth funcs to salt.utils.url

2024-11-08 01:18:58 +00:00 · 2015-08-27 21:46:18 -05:00 · 2015-08-27 21:46:18 -05:00 · c36f240a87
commit c36f240a87
parent 22dbce8d61
1 changed files with 53 additions and 0 deletions
--- a/salt/utils/url.py
+++ b/salt/utils/url.py
@ -6,6 +6,7 @@ URL utils
 # Import python libs
 from __future__ import absolute_import
 import re
+import sys

 # Import salt libs
 from salt.ext.six.moves.urllib.parse import urlparse, urlunparse  # pylint: disable=import-error,no-name-in-module
@ -146,3 +147,55 @@ def strip_proto(url):
    was present.
    '''
    return re.sub('^[^:/]+://', '', url)
+
+
+def add_http_basic_auth(url,
+                        https_user=None,
+                        https_pass=None,
+                        https_only=False):
+    '''
+    Return a string with http basic auth incorporated into it
+    '''
+    if https_user is None and https_pass is None:
+        return url
+    else:
+        urltuple = urlparse(url)
+        if https_only and urltuple.scheme != 'https':
+            raise ValueError('Basic Auth only supported for HTTPS')
+        if https_pass is None:
+            netloc = '{0}@{1}'.format(
+                https_user,
+                urltuple.netloc
+            )
+            urltuple = urltuple._replace(netloc=netloc)
+            return urlunparse(urltuple)
+        else:
+            netloc = '{0}:{1}@{2}'.format(
+                https_user,
+                https_pass,
+                urltuple.netloc
+            )
+            urltuple = urltuple._replace(netloc=netloc)
+            return urlunparse(urltuple)
+
+
+def redact_http_basic_auth(output):
+    '''
+    Remove HTTP user and password
+    '''
+    # We can't use re.compile because re.compile(someregex).sub() doesn't
+    # support flags even in Python 2.7.
+    url_re = '(https?)://.*@'
+    redacted = r'\1://<redacted>@'
+    if sys.version_info >= (2, 7):
+        # re.sub() supports flags as of 2.7, use this to do a case-insensitive
+        # match.
+        return re.sub(url_re, redacted, output, flags=re.IGNORECASE)
+    else:
+        # We're on python 2.6, test if a lowercased version of the output
+        # string matches the regex...
+        if re.search(url_re, output.lower()):
+            # ... and if it does, perform the regex substitution.
+            return re.sub(url_re, redacted, output.lower())
+    # No match, just return the original string
+    return output