Python linting

e5497bae · František Dvořák · 66c78806 · e5497bae
Commit e5497bae authored 4 months ago by František Dvořák
--- a/vault-login.py
+++ b/vault-login.py
@@ -8,18 +8,18 @@
 import json
 import os
 import re
-import requests
 import shutil
 import subprocess
 import sys

+import requests
+
 payload = {
    "grant_type": "client_credentials",
    "scope": "openid profile eduperson_entitlement email voperson_id",
 }
 token_url = "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/token"
-userinfo_url = \
-        "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/userinfo"
+userinfo_url = "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/userinfo"

 # input
 if "CLIENT_ID" in os.environ:
@@ -32,39 +32,47 @@ else:
    payload["client_secret"] = input("OIDC Client Secret: ")

 # get OIDC token
-r = requests.post(token_url, data=payload)
+r = requests.post(token_url, data=payload, timeout=20)
 data = json.loads(r.text)
-if 'access_token' not in data:
-    print('Error getting access token')
+if "access_token" not in data:
+    print("Error getting access token")
    sys.exit(1)
 print("# export OIDC_ACCESS_TOKEN='%s'" % data["access_token"])

 # get vault token
 token = None
-p = subprocess.Popen([
-    shutil.which("vault"),
-    "write",
-    "auth/jwt/login",
-    "jwt=%s" % data["access_token"],
-    ], stdout=subprocess.PIPE)
-for line in p.stdout:
-    print('# %s' % line.decode("UTF-8").rstrip())
-    m = re.search(r'^token\s+(.*)', line.decode("UTF-8"))
-    if m is not None:
-        token = m.group(1)
+vaultbin = shutil.which("vault")
+if vaultbin is None:
+    print("vault command not found")
+    sys.exit(1)
+p = subprocess.Popen(
+    [
+        vaultbin,
+        "write",
+        "auth/jwt/login",
+        "jwt=%s" % data["access_token"],
+    ],
+    stdout=subprocess.PIPE,
+)
+if p.stdout is not None:
+    for line in p.stdout:
+        print("# %s" % line.decode("UTF-8").rstrip())
+        m = re.search(r"^token\s+(.*)", line.decode("UTF-8"))
+        if m is not None:
+            token = m.group(1)
 retval = p.wait()
 if token is None:
-    print('Error signing to vault (no token returned)')
+    print("Error signing to vault (no token returned)")
    sys.exit(1)
 print("export VAULT_TOKEN='%s'" % token)
 if retval != 0:
-    print('Error signing to vault (code %d returned)' % retval)
+    print("Error signing to vault (code %d returned)" % retval)
    sys.exit(1)

 # store vault token
-token_path = os.path.expanduser('~/.vault-token')
-with open(token_path, 'w') as f:
+token_path = os.path.expanduser("~/.vault-token")
+with open(token_path, "w") as f:
    pass
 os.chmod(token_path, 0o600)
-with open(token_path, 'w') as f:
+with open(token_path, "w") as f:
    f.write(token)