Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bugfix: WinVaultKeyring.get_credential with non-existent username returns credential of other user (#698) #699

Merged
merged 8 commits into from
Oct 26, 2024
9 changes: 5 additions & 4 deletions keyring/backends/Windows.py
Original file line number Diff line number Diff line change
Expand Up @@ -162,9 +162,10 @@ def get_credential(self, service, username):
# get the credentials associated with the provided username
if username:
res = self._get_password(self._compound_name(username, service))
# get any first password under the service name
# get a credential matching service and username if provided
if not res:
res = self._get_password(service)
if not res:
return None
cred = self._get_password(service)
jaraco marked this conversation as resolved.
Show resolved Hide resolved
res = cred if username is None or username == cred["UserName"] else None
if not res:
return None
jaraco marked this conversation as resolved.
Show resolved Hide resolved
return SimpleCredential(res['UserName'], res.value)
17 changes: 17 additions & 0 deletions keyring/testing/backend.py
Original file line number Diff line number Diff line change
Expand Up @@ -181,3 +181,20 @@ def test_new_with_properties(self):
assert alt.foo == 'bar'
with pytest.raises(AttributeError):
self.keyring.foo # noqa: B018

def test_wrong_username_returns_none(self):
keyring = self.keyring
service = 'test_wrong_username_returns_none'
cred = keyring.get_credential(service, None)
assert cred is None

password_1 = 'password1'
password_2 = 'password2'
self.set_password(service, 'user1', password_1)
self.set_password(service, 'user2', password_2)

assert keyring.get_credential(service, "user1").password == password_1
assert keyring.get_credential(service, "user2").password == password_2

# Missing/wrong username should not return a cred
assert keyring.get_credential(service, "nobody!") is None
1 change: 1 addition & 0 deletions newsfragments/698.bugfix.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
In get_credential, now returns None when the indicated username is not found.
Loading