Drop auth-file default path #420, Use click.prompt(), click_context testing

• Allow to pass any context object to define_click_context()
• auth: import top-level click
• auth: Replace getpass.getpass with click.prompt(hide_input=True)
• Use one option -af/--auth-file, AUTH_FILE_PATH context
  • Remove default auth file path for security reasons
• authentication cmd: stop reading default ./authfile

silkaj/auth.py

@@ -15,10 +15,9 @@
 
 import re
 import sys
-from getpass import getpass
 from pathlib import Path
 
-from click import Context, command, confirm, option, pass_context
+import click
 from duniterpy.key import SigningKey
 from duniterpy.key.scrypt_params import ScryptParams
 
@@ -30,46 +29,47 @@ PUBSEC_PUBKEY_PATTERN = f"pub: ({PUBKEY_PATTERN})"
 PUBSEC_SIGNKEY_PATTERN = "sec: ([1-9A-HJ-NP-Za-km-z]{87,90})"
 
 
-@pass_context
-def auth_method(ctx: Context) -> SigningKey:
-    if ctx.obj["AUTH_SEED"]:
+@click.pass_context
+def auth_method(ctx: click.Context) -> SigningKey:
+    if "AUTH_SEED" in ctx.obj and ctx.obj["AUTH_SEED"]:
         return auth_by_seed()
-    if ctx.obj["AUTH_FILE"]:
+    if "AUTH_FILE_PATH" in ctx.obj and ctx.obj["AUTH_FILE_PATH"]:
         return auth_by_auth_file()
-    if ctx.obj["AUTH_WIF"]:
+    if "AUTH_WIF" in ctx.obj and ctx.obj["AUTH_WIF"]:
         return auth_by_wif()
     return auth_by_scrypt()
 
 
-@pass_context
-def has_auth_method(ctx: Context) -> bool:
+@click.pass_context
+def has_auth_method(ctx: click.Context) -> bool:
     return (
-        ctx.obj["AUTH_SCRYPT"]
-        or ctx.obj["AUTH_FILE"]
-        or ctx.obj["AUTH_SEED"]
-        or ctx.obj["AUTH_WIF"]
+        ("AUTH_SCRYPT" in ctx.obj and ctx.obj["AUTH_SCRYPT"])
+        or ("AUTH_FILE_PATH" in ctx.obj and ctx.obj["AUTH_FILE_PATH"])
+        or ("AUTH_SEED" in ctx.obj and ctx.obj["AUTH_SEED"])
+        or ("AUTH_WIF" in ctx.obj and ctx.obj["AUTH_WIF"])
     )
 
 
-@command("authentication", help="Generate authentication file")
-@option("--file", default="authfile", show_default=True, help="Path file")
-def generate_auth_file(file: str) -> None:
+@click.command("authentication", help="Generate authentication file")
+@click.argument(
+    "auth_file",
+    type=click.Path(dir_okay=False, writable=True, path_type=Path),
+)
+def generate_auth_file(auth_file: Path) -> None:
     key = auth_method()
-    authfile = Path(file)
     pubkey_cksum = gen_pubkey_checksum(key.pubkey)
-    if authfile.is_file():
-        message = f"Would you like to erase {file} by an authfile corresponding \n\
+    if auth_file.is_file():
+        message = f"Would you like to erase {auth_file} with an authentication file corresponding \n\
 to following pubkey `{pubkey_cksum}`?"
-        confirm(message, abort=True)
-    key.save_seedhex_file(file)
+        click.confirm(message, abort=True)
+    key.save_seedhex_file(auth_file)
     print(
-        f"Authentication file 'authfile' generated and stored in current\
- folder for following public key: {pubkey_cksum}",
+        f"Authentication file '{auth_file}' generated and stored for public key: {pubkey_cksum}",
     )
 
 
-@pass_context
-def auth_by_auth_file(ctx: Context) -> SigningKey:
+@click.pass_context
+def auth_by_auth_file(ctx: click.Context) -> SigningKey:
     """
     Uses an authentication file to generate the key
     Authfile can either be:
@@ -96,7 +96,7 @@ def auth_by_auth_file(ctx: Context) -> SigningKey:
 
 
 def auth_by_seed() -> SigningKey:
-    seedhex = getpass("Please enter your seed on hex format: ")
+    seedhex = click.prompt("Please enter your seed on hex format", hide_input=True)
     try:
         return SigningKey.from_seedhex(seedhex)
     # To be fixed upstream in DuniterPy
@@ -106,10 +106,18 @@ def auth_by_seed() -> SigningKey:
         sys.exit(FAILURE_EXIT_STATUS)
 
 
-@pass_context
-def auth_by_scrypt(ctx: Context) -> SigningKey:
-    salt = getpass("Please enter your Scrypt Salt (Secret identifier): ")
-    password = getpass("Please enter your Scrypt password (masked): ")
+@click.pass_context
+def auth_by_scrypt(ctx: click.Context) -> SigningKey:
+    salt = click.prompt(
+        "Please enter your Scrypt Salt (Secret identifier)",
+        hide_input=True,
+        default="",
+    )
+    password = click.prompt(
+        "Please enter your Scrypt password (masked)",
+        hide_input=True,
+        default="",
+    )
 
     if ctx.obj["AUTH_SCRYPT_PARAMS"]:
         n, r, p = ctx.obj["AUTH_SCRYPT_PARAMS"].split(",")
@@ -133,9 +141,13 @@ def auth_by_scrypt(ctx: Context) -> SigningKey:
 
 
 def auth_by_wif() -> SigningKey:
-    wif_hex = getpass("Enter your WIF or Encrypted WIF address (masked): ")
-    password = getpass(
-        "(Leave empty in case WIF format) Enter the Encrypted WIF password (masked): ",
+    wif_hex = click.prompt(
+        "Enter your WIF or Encrypted WIF address (masked)",
+        hide_input=True,
+    )
+    password = click.prompt(
+        "(Leave empty in case WIF format) Enter the Encrypted WIF password (masked)",
+        hide_input=True,
     )
     try:
         return SigningKey.from_wif_or_ewif_hex(wif_hex, password)