FilesExpand file tree

 main

/

otp-agent

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

executable file

·

71 lines (66 loc) · 2.54 KB

 main

/

otp-agent

Top

File metadata and controls

• Code
• Blame

executable file

·

71 lines (66 loc) · 2.54 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

#!/usr/bin/python3

#

# Automate vpn connections that require a one-time password.

# Requirements:

# - secretstorage (find on pypi)

# - pyotp (likewise)

#

# usage: ./otp-agent name-of-connection

#

# The connection will be activated and when networkmanager asks for a secret,

# it will be provided. If the secret isn't known yet, it will be asked and

# stored with the secretstorage api (so in e.g. your gnome keyring)

import dbus.mainloop.glib

from gi.repository import GObject

import NetworkManager

import pyotp

import traceback

import secretstorage

import sys

def main():

print("Connecting to %s" % sys.argv[1])

dbus.mainloop.glib.DBusGMainLoop(set_as_default=True)

loop = GObject.MainLoop()

agent = SecretAgent(loop)

for connection in NetworkManager.Settings.ListConnections():

settings = connection.GetSettings()['connection']

if settings['id'] == sys.argv[1]:

NetworkManager.NetworkManager.ActivateConnection(connection, "/", "/")

loop.run()

break

else:

print("Connection %s not found" % sys.argv[1])

class SecretAgent(NetworkManager.SecretAgent):

def __init__(self, loop):

self.loop = loop

self.collection = secretstorage.get_default_collection(secretstorage.dbus_init())

super(SecretAgent, self).__init__('net.seveas.otp-agent')

def GetSecrets(self, settings, connection, setting_name, hints, flags):

try:

print("NetworkManager is asking us for a secret")

if setting_name != 'vpn':

return {}

attrs = {

'xdg:schema': 'net.seveas.otp-agent',

'hostname': settings['vpn']['data']['remote'],

}

items = list(self.collection.search_items(attrs))

if not items:

print("No secrets found yet, asking user")

secret = input("Enter secret code for %s: " % settings['vpn']['data']['remote'])

self.collection.create_item(settings['vpn']['data']['remote'], attrs, secret)

items = list(self.collection.search_items(attrs))

else:

print("Found secret key, generating otp code")

secret = items[0].get_secret().decode('ascii')

otp = pyotp.TOTP(secret).now()

print("otp code: %s" % otp)

return {setting_name: {'secrets': {'password': otp}}}

except:

import traceback

traceback.print_exc()

return {}

finally:

self.loop.quit()

if __name__ == '__main__':

main()