. image:: //img.shields.io/pypi/v/keyring.svg :target: //pypi.org/project/keyring . image:: //img.shields.io/pypi/pyversions/keyring.svg . image:: //github.com/jaraco/keyring/workflows/tests/badge.svg :target: //github.com/jaraco/keyring/actions?query=workflow%3A%22tests%22 :alt: tests . image:: //img.shields.io/badge/code%20style-black-000000.svg :target: //github.com/psf/black :alt: Code style: Black . image:: //readthedocs.org/projects/keyring/badge/?version=latest :target: //keyring.readthedocs.io/en/latest/?badge=latest . image:: //img.shields.io/badge/skeleton-2022-informational :target: //blog.jaraco.com/skeleton . image:: //tidelift.com/badges/package/pypi/keyring :target: //tidelift.com/subscription/pkg/pypi-keyring?utm_source=pypi-keyring&utm_medium=readme . image:: //badges.gitter.im/jaraco/keyring.svg :alt: Join the chat at //gitter.im/jaraco/keyring :target: //gitter.im/jaraco/keyring?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge The Python keyring library provides an easy way to access the system keyring service from python. It can be used in any application that needs safe password storage. These recommended keyring backends are supported: * macOS `Keychain `_ * Freedesktop `Secret Service `_ supports many DE including GNOME [requires `secretstorage `_] * KDE4 & KDE5 `KWallet `_ [requires `dbus `_] * `Windows Credential Locker `_ Other keyring implementations are available through `Third-Party Backends`_. Installation - Linux ==================== On Linux, the KWallet backend relies on dbus-python_, which does not always install correctly when using pip [compilation is needed]. For best results, install dbus-python as a system package. . _dbus-python: //gitlab.freedesktop.org/dbus/dbus-python Compatibility - macOS ===================== macOS keychain supports macOS 11 [Big Sur] and later requires Python 3.8.7 or later with the "universal2" binary. See `#525 `_ for details. Using Keyring ============= The basic usage of keyring is pretty simple: just call ``keyring.set_password`` and ``keyring.get_password``:: >>> import keyring >>> keyring.set_password["system", "username", "password"] >>> keyring.get_password["system", "username"] 'password' Command-line Utility -------------------- Keyring supplies a ``keyring`` command which is installed with the package. After installing keyring in most environments, the command should be available for setting, getting, and deleting passwords. For more usage information, invoke with no arguments or with ``--help`` as so:: $ keyring --help $ keyring set system username Password for 'username' in 'system': $ keyring get system username password The command-line functionality is also exposed as an executable package, suitable for invoking from Python like so:: $ python -m keyring --help $ python -m keyring set system username Password for 'username' in 'system': $ python -m keyring get system username password Tab Completion -------------- If installed via a package manager [apt, pacman, nix, homebrew, etc], these shell completions may already have been distributed with the package [no action required]. Keyring provides tab completion if the ``completion`` extra is installed:: $ pip install 'keyring[completion]' Then, generate shell completions, something like:: $ keyring --print-completion bash | sudo tee /usr/share/bash-completion/completions/keyring $ keyring --print-completion zsh | sudo tee /usr/share/zsh/site-functions/_keyring $ keyring --print-completion tcsh | sudo tee /etc/profile.d/keyring.csh **Note**: the path of `/usr/share` is mainly for GNU/Linux. For other OSs, consider: - macOS [Homebrew x86]: /usr/local/share - macOS [Homebrew ARM]: /opt/homebrew/share - Android [Termux]: /data/data/com.termux/files/usr/share - Windows [mingw64 of msys2]: /mingw64/share - ... After installing the shell completions, enable them following your shell's recommended instructions. e.g.: - bash: install [bash-completion][//github.com/scop/bash-completion], and ensure ``. /usr/share/bash-completion/bash_completion`` in ``~/.bashrc``. - zsh: ensure ``autoload -Uz compinit && compinit`` appears in ``~/.zshrc``, then ``grep -w keyring ~/.zcompdump`` to verify keyring appears, indicating it was installed correctly. Configuring =========== The python keyring lib contains implementations for several backends. The library will attempt to automatically choose the most suitable backend for the current environment. Users may also specify the preferred keyring in a config file or by calling the ``set_keyring[]`` function. Config file path ---------------- The configuration is stored in a file named "keyringrc.cfg" found in a platform-specific location. To determine where the config file is stored, run the following:: python -c "import keyring.util.platform_; print[keyring.util.platform_.config_root[]]" Some keyrings also store the keyring data in the file system. To determine where the data files are stored, run:: python -c "import keyring.util.platform_; print[keyring.util.platform_.data_root[]]" Config file content ------------------- To specify a keyring backend, set the **default-keyring** option to the full path of the class for that backend, such as ``keyring.backends.OS_X.Keyring``. If **keyring-path** is indicated, keyring will add that path to the Python module search path before loading the backend. For example, this config might be used to load the ``SimpleKeyring`` from the ``simplekeyring`` module in the ``./demo`` directory [not implemented]:: [backend] default-keyring=simplekeyring.SimpleKeyring keyring-path=demo Third-Party Backends ==================== In addition to the backends provided by the core keyring package for the most common and secure use cases, there are additional keyring backend implementations available for other use cases. Simply install them to make them available: - `keyrings.cryptfile `_ - Encrypted text file storage. - `keyring_jeepney `__ - a pure Python backend using the secret service DBus API for desktop Linux. - `keyrings.alt `_ - "alternate", possibly-insecure backends, originally part of the core package, but available for opt-in. - `gsheet-keyring `_ - a backend that stores secrets in a Google Sheet. For use with `ipython-secrets `_. - `bitwarden-keyring `_ - a backend that stores secrets in the `BitWarden `_ password manager. - `sagecipher `_ - an encryption backend which uses the ssh agent protocol's signature operation to derive the cipher key. - `keyrings.osx_keychain_keys `_ - OSX keychain key-management, for private, public, and symmetric keys. Write your own keyring backend ============================== The interface for the backend is defined by ``keyring.backend.KeyringBackend``. Every backend should derive from that base class and define a ``priority`` attribute and three functions: ``get_password[]``, ``set_password[]``, and ``delete_password[]``. The ``get_credential[]`` function may be defined if desired. See the ``backend`` module for more detail on the interface of this class. Keyring employs entry points to allow any third-party package to implement backends without any modification to the keyring itself. Those interested in creating new backends are encouraged to create new, third-party packages in the ``keyrings`` namespace, in a manner modeled by the `keyrings.alt package `_. See the ``setup.cfg`` file in that project for hints on how to create the requisite entry points. Backends that prove essential may be considered for inclusion in the core library, although the ease of installing these third-party packages should mean that extensions may be readily available. To create an extension for Keyring, please submit a pull request to have your extension mentioned as an available extension. Runtime Configuration ===================== Keyring additionally allows programmatic configuration of the backend calling the api ``set_keyring[]``. The indicated backend will subsequently be used to store and retrieve passwords. To invoke ``set_keyring``:: # define a new keyring class which extends the KeyringBackend import keyring.backend class TestKeyring[keyring.backend.KeyringBackend]: """A test keyring which always outputs the same password """ priority = 1 def set_password[self, servicename, username, password]: pass def get_password[self, servicename, username]: return "password from TestKeyring" def delete_password[self, servicename, username]: pass # set the keyring for keyring lib keyring.set_keyring[TestKeyring[]] # invoke the keyring lib try: keyring.set_password["demo-service", "tarek", "passexample"] print["password stored successfully"] except keyring.errors.PasswordSetError: print["failed to store password"] print["password", keyring.get_password["demo-service", "tarek"]] Disabling Keyring ================= In many cases, uninstalling keyring will never be necessary. Especially on Windows and macOS, the behavior of keyring is usually degenerate, meaning it will return empty values to the caller, allowing the caller to fall back to some other behavior. In some cases, the default behavior of keyring is undesirable and it would be preferable to disable the keyring behavior altogether. There are several mechanisms to disable keyring: - Uninstall keyring. Most applications are tolerant to keyring not being installed. Uninstalling keyring should cause those applications to fall back to the behavior without keyring. This approach affects the Python environment where keyring would otherwise have been installed. - Configure the Null keyring in the environment. Set ``PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring`` in the environment, and the ``Null`` [degenerate] backend will be used. This approach affects all uses of Keyring where that variable is set. - Permanently configure the Null keyring for the user by running ``keyring --disable`` or ``python -m keyring --disable``. This approach affects all uses of keyring for that user. Altering Keyring Behavior ========================= Keyring provides a mechanism to alter the keyring's behavior through environment variables. Each backend implements a ``KeyringBackend.set_properties_from_env``, which when invoked will find all environment variables beginning with ``KEYRING_PROPERTY_{NAME}`` and will set a property for each ``{NAME.lower[]}`` on the keyring. This method is invoked during initialization for the default/configured keyring. This mechanism may be used to set some useful values on various keyrings, including: - keychain; macOS, path to an alternate keychain file - appid; Linux/SecretService, alternate ID for the application Using Keyring on Ubuntu 16.04 ============================= The following is a complete transcript for installing keyring in a virtual environment on Ubuntu 16.04. No config file was used:: $ sudo apt install python3-venv libdbus-glib-1-dev $ cd /tmp $ pyvenv py3 $ source py3/bin/activate $ pip install -U pip $ pip install secretstorage dbus-python $ pip install keyring $ python >>> import keyring >>> keyring.get_keyring[] >>> keyring.set_password["system", "username", "password"] >>> keyring.get_password["system", "username"] 'password' Using Keyring on headless Linux systems ======================================= It is possible to use the SecretService backend on Linux systems without X11 server available [only D-Bus is required]. In this case: * Install the `GNOME Keyring`_ daemon. * Start a D-Bus session, e.g. run ``dbus-run-session -- sh`` and run the following commands inside that shell. * Run ``gnome-keyring-daemon`` with ``--unlock`` option. The description of that option says: Read a password from stdin, and use it to unlock the login keyring or create it if the login keyring does not exist. When that command is started, enter a password into stdin and press Ctrl+D [end of data]. After that, the daemon will fork into the background [use ``--foreground`` option to block]. * Now you can use the SecretService backend of Keyring. Remember to run your application in the same D-Bus session as the daemon. . _GNOME Keyring: //wiki.gnome.org/Projects/GnomeKeyring Using Keyring on headless Linux systems in a Docker container ============================================================= It is possible to use keyring with the SecretService backend in Docker containers as well. All you need to do is install the necessary dependencies and add the `--privileged` flag to avoid any `Operation not permitted` errors when attempting to unlock the system's keyring. The following is a complete transcript for installing keyring on a Ubuntu 18:04 container:: docker run -it -d --privileged ubuntu:18.04 $ apt-get update $ apt install -y gnome-keyring python3-venv python3-dev $ python3 -m venv venv $ source venv/bin/activate # source a virtual environment to avoid polluting your system $ pip3 install --upgrade pip $ pip3 install keyring $ dbus-run-session -- sh # this will drop you into a new D-bus shell $ echo 'somecredstorepass' | gnome-keyring-daemon --unlock # unlock the system's keyring $ python >>> import keyring >>> keyring.get_keyring[] >>> keyring.set_password["system", "username", "password"] >>> keyring.get_password["system", "username"] 'password' Integration =========== API --- The keyring lib has a few functions: * ``get_keyring[]``: Return the currently-loaded keyring implementation. * ``get_password[service, username]``: Returns the password stored in the active keyring. If the password does not exist, it will return None. * ``get_credential[service, username]``: Return a credential object stored in the active keyring. This object contains at least ``username`` and ``password`` attributes for the specified service, where the returned ``username`` may be different from the argument. * ``set_password[service, username, password]``: Store the password in the keyring. * ``delete_password[service, username]``: Delete the password stored in keyring. If the password does not exist, it will raise an exception. In all cases, the parameters [``service``, ``username``, ``password``] should be Unicode text. Exceptions ---------- The keyring lib raises the following exceptions: * ``keyring.errors.KeyringError``: Base Error class for all exceptions in keyring lib. * ``keyring.errors.InitError``: Raised when the keyring cannot be initialized. * ``keyring.errors.PasswordSetError``: Raised when the password cannot be set in the keyring. * ``keyring.errors.PasswordDeleteError``: Raised when the password cannot be deleted in the keyring. Get Involved ============ Python keyring lib is an open community project and eagerly welcomes contributors. * Repository: //github.com/jaraco/keyring/ * Bug Tracker: //github.com/jaraco/keyring/issues/ * Mailing list: //groups.google.com/group/python-keyring For Enterprise ============== Available as part of the Tidelift Subscription. This project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use. `Learn more `_. Security Contact ================ To report a security vulnerability, please use the `Tidelift security contact `_. Tidelift will coordinate the fix and disclosure. Security Considerations ======================= Each built-in backend may have security considerations to understand before using this library. Authors of tools or libraries utilizing ``keyring`` are encouraged to consider these concerns. As with any list of known security concerns, this list is not exhaustive. Additional issues can be added as needed. - macOS Keychain - Any Python script or application can access secrets created by ``keyring`` from that same Python executable without the operating system prompting the user for a password. To cause any specific secret to prompt for a password every time it is accessed, locate the credential using the ``Keychain Access`` application, and in the ``Access Control`` settings, remove ``Python`` from the list of allowed applications. - Freedesktop Secret Service - No analysis has been performed - KDE4 & KDE5 KWallet - No analysis has been performed - Windows Credential Locker - No analysis has been performed Making Releases =============== This project makes use of automated releases and continuous integration. The simple workflow is to tag a commit and push it to Github. If it passes tests in CI, it will be automatically deployed to PyPI. Other things to consider when making a release: - Check that the changelog is current for the intended release. Running Tests ============= Tests are continuously run in Github Actions. To run the tests locally, install and invoke `tox `_. Background ========== The project was based on Tarek Ziade's idea in `this post`_. Kang Zhang initially carried it out as a `Google Summer of Code`_ project, and Tarek mentored Kang on this project. . _this post: //tarekziade.wordpress.com/2009/03/27/pycon-hallway-session-1-a-keyring-library-for-python/ . _Google Summer of Code: //socghop.appspot.com/
Dữ liệu thô
{ "_id": null, "home_page": "//github.com/jaraco/keyring", "name": "keyring", "maintainer": "Jason R. Coombs", "docs_url": null, "requires_python": ">=3.7", "maintainer_email": "jaraco@jaraco.com", "keywords": "", "author": "Kang Zhang", "author_email": "jobo.zh@gmail.com", "download_url": "//files.pythonhosted.org/packages/55/fe/282f4c205add8e8bb3a1635cbbac59d6def2e0891b145aa553a0e40dd2d0/keyring-23.13.1.tar.gz", "platform": null, "description": ". image:: //img.shields.io/pypi/v/keyring.svg\n :target: //pypi.org/project/keyring\n\n. image:: //img.shields.io/pypi/pyversions/keyring.svg\n\n. image:: //github.com/jaraco/keyring/workflows/tests/badge.svg\n :target: //github.com/jaraco/keyring/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n. image:: //img.shields.io/badge/code%20style-black-000000.svg\n :target: //github.com/psf/black\n :alt: Code style: Black\n\n. image:: //readthedocs.org/projects/keyring/badge/?version=latest\n :target: //keyring.readthedocs.io/en/latest/?badge=latest\n\n. image:: //img.shields.io/badge/skeleton-2022-informational\n :target: //blog.jaraco.com/skeleton\n\n. image:: //tidelift.com/badges/package/pypi/keyring\n :target: //tidelift.com/subscription/pkg/pypi-keyring?utm_source=pypi-keyring&utm_medium=readme\n\n. image:: //badges.gitter.im/jaraco/keyring.svg\n :alt: Join the chat at //gitter.im/jaraco/keyring\n :target: //gitter.im/jaraco/keyring?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge\n\nThe Python keyring library provides an easy way to access the\nsystem keyring service from python. It can be used in any\napplication that needs safe password storage.\n\nThese recommended keyring backends are supported:\n\n* macOS `Keychain\n `_\n* Freedesktop `Secret Service\n `_ supports many DE including\n GNOME [requires `secretstorage `_]\n* KDE4 & KDE5 `KWallet `_\n [requires `dbus `_]\n* `Windows Credential Locker\n `_\n\nOther keyring implementations are available through `Third-Party Backends`_.\n\nInstallation - Linux\n====================\n\nOn Linux, the KWallet backend relies on dbus-python_, which does not always\ninstall correctly when using pip [compilation is needed]. For best results,\ninstall dbus-python as a system package.\n\n. _dbus-python: //gitlab.freedesktop.org/dbus/dbus-python\n\nCompatibility - macOS\n=====================\n\nmacOS keychain supports macOS 11 [Big Sur] and later requires Python 3.8.7\nor later with the \"universal2\" binary. See\n`#525 `_ for details.\n\nUsing Keyring\n=============\n\nThe basic usage of keyring is pretty simple: just call\n``keyring.set_password`` and ``keyring.get_password``::\n\n >>> import keyring\n >>> keyring.set_password[\"system\", \"username\", \"password\"]\n >>> keyring.get_password[\"system\", \"username\"]\n 'password'\n\nCommand-line Utility\n--------------------\n\nKeyring supplies a ``keyring`` command which is installed with the\npackage. After installing keyring in most environments, the\ncommand should be available for setting, getting, and deleting\npasswords. For more usage information, invoke with no arguments\nor with ``--help`` as so::\n\n $ keyring --help\n $ keyring set system username\n Password for 'username' in 'system':\n $ keyring get system username\n password\n\nThe command-line functionality is also exposed as an executable\npackage, suitable for invoking from Python like so::\n\n $ python -m keyring --help\n $ python -m keyring set system username\n Password for 'username' in 'system':\n $ python -m keyring get system username\n password\n\nTab Completion\n--------------\n\nIf installed via a package manager [apt, pacman, nix, homebrew, etc],\nthese shell completions may already have been distributed with the package\n[no action required].\n\nKeyring provides tab completion if the ``completion`` extra is installed::\n\n $ pip install 'keyring[completion]'\n\nThen, generate shell completions, something like::\n\n $ keyring --print-completion bash | sudo tee /usr/share/bash-completion/completions/keyring\n $ keyring --print-completion zsh | sudo tee /usr/share/zsh/site-functions/_keyring\n $ keyring --print-completion tcsh | sudo tee /etc/profile.d/keyring.csh\n\n**Note**: the path of `/usr/share` is mainly for GNU/Linux. For other OSs,\nconsider:\n\n- macOS [Homebrew x86]: /usr/local/share\n- macOS [Homebrew ARM]: /opt/homebrew/share\n- Android [Termux]: /data/data/com.termux/files/usr/share\n- Windows [mingw64 of msys2]: /mingw64/share\n- ...\n\nAfter installing the shell completions, enable them following your shell's\nrecommended instructions. e.g.:\n\n- bash: install [bash-completion][//github.com/scop/bash-completion],\n and ensure ``. /usr/share/bash-completion/bash_completion`` in ``~/.bashrc``.\n- zsh: ensure ``autoload -Uz compinit && compinit`` appears in ``~/.zshrc``,\n then ``grep -w keyring ~/.zcompdump`` to verify keyring appears, indicating\n it was installed correctly.\n\nConfiguring\n===========\n\nThe python keyring lib contains implementations for several backends. The\nlibrary will attempt to\nautomatically choose the most suitable backend for the current\nenvironment. Users may also specify the preferred keyring in a\nconfig file or by calling the ``set_keyring[]`` function.\n\nConfig file path\n----------------\n\nThe configuration is stored in a file named \"keyringrc.cfg\"\nfound in a platform-specific location. To determine\nwhere the config file is stored, run the following::\n\n python -c \"import keyring.util.platform_; print[keyring.util.platform_.config_root[]]\"\n\nSome keyrings also store the keyring data in the file system.\nTo determine where the data files are stored, run::\n\n python -c \"import keyring.util.platform_; print[keyring.util.platform_.data_root[]]\"\n\nConfig file content\n-------------------\n\nTo specify a keyring backend, set the **default-keyring** option to the\nfull path of the class for that backend, such as\n``keyring.backends.OS_X.Keyring``.\n\nIf **keyring-path** is indicated, keyring will add that path to the Python\nmodule search path before loading the backend.\n\nFor example, this config might be used to load the\n``SimpleKeyring`` from the ``simplekeyring`` module in\nthe ``./demo`` directory [not implemented]::\n\n [backend]\n default-keyring=simplekeyring.SimpleKeyring\n keyring-path=demo\n\nThird-Party Backends\n====================\n\nIn addition to the backends provided by the core keyring package for\nthe most common and secure use cases, there\nare additional keyring backend implementations available for other\nuse cases. Simply install them to make them available:\n\n- `keyrings.cryptfile `_\n - Encrypted text file storage.\n- `keyring_jeepney `__ - a\n pure Python backend using the secret service DBus API for desktop\n Linux.\n- `keyrings.alt `_ - \"alternate\",\n possibly-insecure backends, originally part of the core package, but\n available for opt-in.\n- `gsheet-keyring `_\n - a backend that stores secrets in a Google Sheet. For use with\n `ipython-secrets `_.\n- `bitwarden-keyring `_\n - a backend that stores secrets in the `BitWarden `_\n password manager.\n- `sagecipher `_ - an encryption\n backend which uses the ssh agent protocol's signature operation to\n derive the cipher key.\n- `keyrings.osx_keychain_keys `_\n - OSX keychain key-management, for private, public, and symmetric keys.\n\n\nWrite your own keyring backend\n==============================\n\nThe interface for the backend is defined by ``keyring.backend.KeyringBackend``.\nEvery backend should derive from that base class and define a ``priority``\nattribute and three functions: ``get_password[]``, ``set_password[]``, and\n``delete_password[]``. The ``get_credential[]`` function may be defined if\ndesired.\n\nSee the ``backend`` module for more detail on the interface of this class.\n\nKeyring employs entry points to allow any third-party package to implement\nbackends without any modification to the keyring itself. Those interested in\ncreating new backends are encouraged to create new, third-party packages\nin the ``keyrings`` namespace, in a manner modeled by the `keyrings.alt\npackage `_. See the\n``setup.cfg`` file\nin that project for hints on how to create the requisite entry points.\nBackends that prove essential may be considered for inclusion in the core\nlibrary, although the ease of installing these third-party packages should\nmean that extensions may be readily available.\n\nTo create an extension for Keyring, please submit a pull request to\nhave your extension mentioned as an available extension.\n\nRuntime Configuration\n=====================\n\nKeyring additionally allows programmatic configuration of the\nbackend calling the api ``set_keyring[]``. The indicated backend\nwill subsequently be used to store and retrieve passwords.\n\nTo invoke ``set_keyring``::\n\n # define a new keyring class which extends the KeyringBackend\n import keyring.backend\n\n class TestKeyring[keyring.backend.KeyringBackend]:\n \"\"\"A test keyring which always outputs the same password\n \"\"\"\n priority = 1\n\n def set_password[self, servicename, username, password]:\n pass\n\n def get_password[self, servicename, username]:\n return \"password from TestKeyring\"\n\n def delete_password[self, servicename, username]:\n pass\n\n # set the keyring for keyring lib\n keyring.set_keyring[TestKeyring[]]\n\n # invoke the keyring lib\n try:\n keyring.set_password[\"demo-service\", \"tarek\", \"passexample\"]\n print[\"password stored successfully\"]\n except keyring.errors.PasswordSetError:\n print[\"failed to store password\"]\n print[\"password\", keyring.get_password[\"demo-service\", \"tarek\"]]\n\n\nDisabling Keyring\n=================\n\nIn many cases, uninstalling keyring will never be necessary.\nEspecially on Windows and macOS, the behavior of keyring is\nusually degenerate, meaning it will return empty values to\nthe caller, allowing the caller to fall back to some other\nbehavior.\n\nIn some cases, the default behavior of keyring is undesirable and\nit would be preferable to disable the keyring behavior altogether.\nThere are several mechanisms to disable keyring:\n\n- Uninstall keyring. Most applications are tolerant to keyring\n not being installed. Uninstalling keyring should cause those\n applications to fall back to the behavior without keyring.\n This approach affects the Python environment where keyring\n would otherwise have been installed.\n\n- Configure the Null keyring in the environment. Set\n ``PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring``\n in the environment, and the ``Null`` [degenerate] backend\n will be used. This approach affects all uses of Keyring where\n that variable is set.\n\n- Permanently configure the Null keyring for the user by running\n ``keyring --disable`` or ``python -m keyring --disable``.\n This approach affects all uses of keyring for that user.\n\n\nAltering Keyring Behavior\n=========================\n\nKeyring provides a mechanism to alter the keyring's behavior through\nenvironment variables. Each backend implements a\n``KeyringBackend.set_properties_from_env``, which\nwhen invoked will find all environment variables beginning with\n``KEYRING_PROPERTY_{NAME}`` and will set a property for each\n``{NAME.lower[]}`` on the keyring. This method is invoked during\ninitialization for the default/configured keyring.\n\nThis mechanism may be used to set some useful values on various\nkeyrings, including:\n\n- keychain; macOS, path to an alternate keychain file\n- appid; Linux/SecretService, alternate ID for the application\n\n\nUsing Keyring on Ubuntu 16.04\n=============================\n\nThe following is a complete transcript for installing keyring in a\nvirtual environment on Ubuntu 16.04. No config file was used::\n\n $ sudo apt install python3-venv libdbus-glib-1-dev\n $ cd /tmp\n $ pyvenv py3\n $ source py3/bin/activate\n $ pip install -U pip\n $ pip install secretstorage dbus-python\n $ pip install keyring\n $ python\n >>> import keyring\n >>> keyring.get_keyring[]\n \n >>> keyring.set_password[\"system\", \"username\", \"password\"]\n >>> keyring.get_password[\"system\", \"username\"]\n 'password'\n\n\nUsing Keyring on headless Linux systems\n=======================================\n\nIt is possible to use the SecretService backend on Linux systems without\nX11 server available [only D-Bus is required]. In this case:\n\n* Install the `GNOME Keyring`_ daemon.\n* Start a D-Bus session, e.g. run ``dbus-run-session -- sh`` and run\n the following commands inside that shell.\n* Run ``gnome-keyring-daemon`` with ``--unlock`` option. The description of\n that option says:\n\n Read a password from stdin, and use it to unlock the login keyring\n or create it if the login keyring does not exist.\n\n When that command is started, enter a password into stdin and\n press Ctrl+D [end of data]. After that, the daemon will fork into\n the background [use ``--foreground`` option to block].\n* Now you can use the SecretService backend of Keyring. Remember to\n run your application in the same D-Bus session as the daemon.\n\n. _GNOME Keyring: //wiki.gnome.org/Projects/GnomeKeyring\n\nUsing Keyring on headless Linux systems in a Docker container\n=============================================================\n\nIt is possible to use keyring with the SecretService backend in Docker containers as well.\nAll you need to do is install the necessary dependencies and add the `--privileged` flag\nto avoid any `Operation not permitted` errors when attempting to unlock the system's keyring.\n\nThe following is a complete transcript for installing keyring on a Ubuntu 18:04 container::\n\n docker run -it -d --privileged ubuntu:18.04\n\n $ apt-get update\n $ apt install -y gnome-keyring python3-venv python3-dev\n $ python3 -m venv venv\n $ source venv/bin/activate # source a virtual environment to avoid polluting your system\n $ pip3 install --upgrade pip\n $ pip3 install keyring\n $ dbus-run-session -- sh # this will drop you into a new D-bus shell\n $ echo 'somecredstorepass' | gnome-keyring-daemon --unlock # unlock the system's keyring\n\n $ python\n >>> import keyring\n >>> keyring.get_keyring[]\n \n >>> keyring.set_password[\"system\", \"username\", \"password\"]\n >>> keyring.get_password[\"system\", \"username\"]\n 'password'\n\nIntegration\n===========\n\nAPI\n---\n\nThe keyring lib has a few functions:\n\n* ``get_keyring[]``: Return the currently-loaded keyring implementation.\n* ``get_password[service, username]``: Returns the password stored in the\n active keyring. If the password does not exist, it will return None.\n* ``get_credential[service, username]``: Return a credential object stored\n in the active keyring. This object contains at least ``username`` and\n ``password`` attributes for the specified service, where the returned\n ``username`` may be different from the argument.\n* ``set_password[service, username, password]``: Store the password in the\n keyring.\n* ``delete_password[service, username]``: Delete the password stored in\n keyring. If the password does not exist, it will raise an exception.\n\nIn all cases, the parameters [``service``, ``username``, ``password``]\nshould be Unicode text.\n\n\nExceptions\n----------\n\nThe keyring lib raises the following exceptions:\n\n* ``keyring.errors.KeyringError``: Base Error class for all exceptions in keyring lib.\n* ``keyring.errors.InitError``: Raised when the keyring cannot be initialized.\n* ``keyring.errors.PasswordSetError``: Raised when the password cannot be set in the keyring.\n* ``keyring.errors.PasswordDeleteError``: Raised when the password cannot be deleted in the keyring.\n\nGet Involved\n============\n\nPython keyring lib is an open community project and eagerly\nwelcomes contributors.\n\n* Repository: //github.com/jaraco/keyring/\n* Bug Tracker: //github.com/jaraco/keyring/issues/\n* Mailing list: //groups.google.com/group/python-keyring\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.\n\nSecurity Contact\n================\n\nTo report a security vulnerability, please use the\n`Tidelift security contact `_.\nTidelift will coordinate the fix and disclosure.\n\nSecurity Considerations\n=======================\n\nEach built-in backend may have security considerations to understand\nbefore using this library. Authors of tools or libraries utilizing\n``keyring`` are encouraged to consider these concerns.\n\nAs with any list of known security concerns, this list is not exhaustive.\nAdditional issues can be added as needed.\n\n- macOS Keychain\n - Any Python script or application can access secrets created by\n ``keyring`` from that same Python executable without the operating\n system prompting the user for a password. To cause any specific\n secret to prompt for a password every time it is accessed, locate\n the credential using the ``Keychain Access`` application, and in\n the ``Access Control`` settings, remove ``Python`` from the list\n of allowed applications.\n\n- Freedesktop Secret Service\n - No analysis has been performed\n\n- KDE4 & KDE5 KWallet\n - No analysis has been performed\n\n- Windows Credential Locker\n - No analysis has been performed\n\nMaking Releases\n===============\n\nThis project makes use of automated releases and continuous\nintegration. The\nsimple workflow is to tag a commit and push it to Github. If it\npasses tests in CI, it will be automatically deployed to PyPI.\n\nOther things to consider when making a release:\n\n- Check that the changelog is current for the intended release.\n\nRunning Tests\n=============\n\nTests are continuously run in Github Actions.\n\nTo run the tests locally, install and invoke\n`tox `_.\n\nBackground\n==========\n\nThe project was based on Tarek Ziade's idea in `this post`_. Kang Zhang\ninitially carried it out as a `Google Summer of Code`_ project, and Tarek\nmentored Kang on this project.\n\n. _this post: //tarekziade.wordpress.com/2009/03/27/pycon-hallway-session-1-a-keyring-library-for-python/\n. _Google Summer of Code: //socghop.appspot.com/\n", "bugtrack_url": null, "license": "", "summary": "Store and access your passwords safely.", "version": "23.13.1", "split_keywords": [], "urls": [ { "comment_text": "", "digests": { "md5": "849983ee5f5ea88993d6b303839ea02a", "sha256": "771ed2a91909389ed6148631de678f82ddc73737d85a927f382a8a1b157898cd" }, "downloads": -1, "filename": "keyring-23.13.1-py3-none-any.whl", "has_sig": false, "md5_digest": "849983ee5f5ea88993d6b303839ea02a", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 37715, "upload_time": "2022-12-18T20:24:42", "upload_time_iso_8601": "2022-12-18T20:24:42.145278Z", "url": "//files.pythonhosted.org/packages/62/db/0e9a09b2b95986dcd73ac78be6ed2bd73ebe8bac65cba7add5b83eb9d899/keyring-23.13.1-py3-none-any.whl", "yanked": false, "yanked_reason": null }, { "comment_text": "", "digests": { "md5": "a0640ab7525b4fe58061b5999cca5026", "sha256": "ba2e15a9b35e21908d0aaf4e0a47acc52d6ae33444df0da2b49d41a46ef6d678" }, "downloads": -1, "filename": "keyring-23.13.1.tar.gz", "has_sig": false, "md5_digest": "a0640ab7525b4fe58061b5999cca5026", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 59582, "upload_time": "2022-12-18T20:24:43", "upload_time_iso_8601": "2022-12-18T20:24:43.440086Z", "url": "//files.pythonhosted.org/packages/55/fe/282f4c205add8e8bb3a1635cbbac59d6def2e0891b145aa553a0e40dd2d0/keyring-23.13.1.tar.gz", "yanked": false, "yanked_reason": null } ], "upload_time": "2022-12-18 20:24:43", "github": true, "gitlab": false, "bitbucket": false, "github_user": "jaraco", "github_project": "keyring", "travis_ci": false, "coveralls": true, "github_actions": true, "tox": true, "lcname": "keyring" }
Mật khẩu khóa được lưu trữ ở đâu?
Dữ liệu nhạy cảm được mã hóa và lưu trữ trong tệp chuỗi khóa trong thư mục chính của người dùng . Khóa mặc định sử dụng mật khẩu đăng nhập để mã hóa, vì vậy người dùng không cần nhớ mật khẩu khác.
Làm cách nào để cài đặt khóa Python?
Nhấp vào tab Trình thông dịch Python trong tab dự án của bạn. Nhấp vào biểu tượng + nhỏ để thêm thư viện mới vào dự án. Bây giờ hãy nhập thư viện sẽ được cài đặt, trong ví dụ của bạn là "keyring" không có dấu ngoặc kép và nhấp vào Cài đặt gói. Đợi quá trình cài đặt kết thúc và đóng tất cả các cửa sổ bật lên
Làm thế nào để khóa hoạt động Python?
Thư viện chuỗi khóa là thư viện để truy cập các kho lưu trữ mật khẩu khác nhau theo cách thống nhất . Nó dựa trên thư viện khóa Python. Thư viện cơ sở chứa một chương trình phụ trợ dựa trên biến môi trường cơ bản. Ngoài ra, có các phần phụ trợ khác có giao diện với các cửa hàng bí mật khác có thể được cài đặt riêng.
keyrings alt là gì?
Triển khai phụ trợ vòng khóa thay thế để sử dụng với gói vòng khóa . Dây móc khóa trong gói này có thể có rủi ro bảo mật hoặc các tác động khác. Các chương trình phụ trợ này được trích xuất từ dự án khóa chính để cung cấp chúng cho những người muốn sử dụng chúng, nhưng không được khuyến khích sử dụng cho mục đích sản xuất chung.