From e5497baeb60afc96d6d76f2276110a2b1ee056bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz>
Date: Tue, 5 Nov 2024 17:59:22 +0100
Subject: [PATCH] Python linting

---
 vault-login.py | 52 +++++++++++++++++++++++++++++---------------------
 1 file changed, 30 insertions(+), 22 deletions(-)

diff --git a/vault-login.py b/vault-login.py
index a206a1d..5f7b3f7 100755
--- a/vault-login.py
+++ b/vault-login.py
@@ -8,18 +8,18 @@
 import json
 import os
 import re
-import requests
 import shutil
 import subprocess
 import sys
 
+import requests
+
 payload = {
     "grant_type": "client_credentials",
     "scope": "openid profile eduperson_entitlement email voperson_id",
 }
 token_url = "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/token"
-userinfo_url = \
-        "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/userinfo"
+userinfo_url = "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/userinfo"
 
 # input
 if "CLIENT_ID" in os.environ:
@@ -32,39 +32,47 @@ else:
     payload["client_secret"] = input("OIDC Client Secret: ")
 
 # get OIDC token
-r = requests.post(token_url, data=payload)
+r = requests.post(token_url, data=payload, timeout=20)
 data = json.loads(r.text)
-if 'access_token' not in data:
-    print('Error getting access token')
+if "access_token" not in data:
+    print("Error getting access token")
     sys.exit(1)
 print("# export OIDC_ACCESS_TOKEN='%s'" % data["access_token"])
 
 # get vault token
 token = None
-p = subprocess.Popen([
-    shutil.which("vault"),
-    "write",
-    "auth/jwt/login",
-    "jwt=%s" % data["access_token"],
-    ], stdout=subprocess.PIPE)
-for line in p.stdout:
-    print('# %s' % line.decode("UTF-8").rstrip())
-    m = re.search(r'^token\s+(.*)', line.decode("UTF-8"))
-    if m is not None:
-        token = m.group(1)
+vaultbin = shutil.which("vault")
+if vaultbin is None:
+    print("vault command not found")
+    sys.exit(1)
+p = subprocess.Popen(
+    [
+        vaultbin,
+        "write",
+        "auth/jwt/login",
+        "jwt=%s" % data["access_token"],
+    ],
+    stdout=subprocess.PIPE,
+)
+if p.stdout is not None:
+    for line in p.stdout:
+        print("# %s" % line.decode("UTF-8").rstrip())
+        m = re.search(r"^token\s+(.*)", line.decode("UTF-8"))
+        if m is not None:
+            token = m.group(1)
 retval = p.wait()
 if token is None:
-    print('Error signing to vault (no token returned)')
+    print("Error signing to vault (no token returned)")
     sys.exit(1)
 print("export VAULT_TOKEN='%s'" % token)
 if retval != 0:
-    print('Error signing to vault (code %d returned)' % retval)
+    print("Error signing to vault (code %d returned)" % retval)
     sys.exit(1)
 
 # store vault token
-token_path = os.path.expanduser('~/.vault-token')
-with open(token_path, 'w') as f:
+token_path = os.path.expanduser("~/.vault-token")
+with open(token_path, "w") as f:
     pass
 os.chmod(token_path, 0o600)
-with open(token_path, 'w') as f:
+with open(token_path, "w") as f:
     f.write(token)
-- 
GitLab