https://bugs.kde.org/show_bug.cgi?id=434480
Bug ID: 434480
Summary: API to query if password exists without triggering
Wallet creation and its GUI
Product: frameworks-kwallet
Version: unspecified
Platform: Ubuntu Packages
OS: All
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: va...@kde.org
Reporter: k...@rodrigosilva.com
CC: kdelibs-b...@kde.org
Target Milestone: ---
This is an API request that could solve an issue in
[Keyring](https://github.com/jaraco/keyring), the most widely used python
keyring library, and perhaps other similar libraries/clients.
Consider the following scenario, as described in this [bug
report](https://github.com/jaraco/keyring/issues/496):
- Gnome Shell user, KWallet was pulled as dependency of some installed KDE
utility but never actually used.
- Keyring, when asked for a (non-existing) password, looks for it in every
registered backend, including KWallet.
- Some DBus calls are made to _query_ if a password exists in KWallet:
- opening `org.kde.kwalletd5/modules/kwalletd5.networkWallet()` DBus
interface
- `.hasEntry()` to check if password exists (in this example, it doesn't)
- if hasEntry succeeds, `.readPassword()` to finally get the data.
Since no Wallet exists, KWalled pops up its Wallet Creation GUI! A very
undesirable side-effect when merely querying for password existence. After all,
if there is no Wallet then `.hasEntry()` could (should?) have short-circuited
to say **no**.
Either approach could solve that problem:
- `.networkWallet()`/`.hasEntry()` could _not_ trigger Wallet creation, either
by default (preferable) or by a `create=False` flag parameter, that could
default to `True` to preserve backward-compatibility with current behavior.
- A method/interface that allow clients to probe if Wallet infrastructure
exists prior to issuing `.networkWallet()`/`.hasEntry()`. Is there any such
method already?
Relevant (python) code that trigger the undesirable wallet creation GUI, if
that helps:
https://github.com/jaraco/keyring/blob/02f341401df8063e0a962ddc4fe73c06e59068a3/keyring/backends/kwallet.py#L89-L116
```python
def connected(self, service):
if self.handle >= 0:
if self.iface.isOpen(self.handle):
return True
bus = dbus.SessionBus(mainloop=DBusGMainLoop())
wId = 0
try:
remote_obj = bus.get_object(self.bus_name, self.object_path)
self.iface = dbus.Interface(remote_obj, 'org.kde.KWallet')
self.handle = self.iface.open(self.iface.networkWallet(), wId,
self.appid)
except dbus.DBusException as e:
raise InitError('Failed to open keyring: %s.' % e)
if self.handle < 0:
return False
self._migrate(service)
return True
def get_password(self, service, username):
"""Get password of the username for the service"""
if not self.connected(service):
# the user pressed "cancel" when prompted to unlock their keyring.
raise KeyringLocked("Failed to unlock the keyring!")
if not self.iface.hasEntry(self.handle, service, username, self.appid):
return None
password = self.iface.readPassword(self.handle, service, username,
self.appid)
return str(password)
```
--
You are receiving this mail because:
You are watching all bug changes.
