Rename the mfa paramter to mfa_config

MatterMiners · May 24, 2024 · 23aba4a · 23aba4a
1 parent 2858c81
commit 23aba4a
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 16 deletions.
diff --git a/docs/source/executors/executors.rst b/docs/source/executors/executors.rst
@@ -47,7 +47,7 @@ SSH Executor
     `asyncssh documentation`_
 
     Additionally the ``SSHExecutor`` supports Multi-factor Authentication (MFA). In order to activate it, you need to
-    add ``mfa_secrets`` as parameter to the ``SSHExecutor`` containing a list of command line prompt to TOTP secrets
+    add ``mfa_config`` as parameter to the ``SSHExecutor`` containing a list of command line prompt to TOTP secrets
     mappings.
 
     .. note::
@@ -77,9 +77,9 @@ SSH Executor
         username: clown
         client_keys:
           - /opt/tardis/ssh/tardis
-        mfa_secrets:
+        mfa_config:
           - prompt: "Enter 2FA Token:"
-            secret: "IMIZDDO2I45ZSTR6XDGFSPFDUY"
+            totp: "IMIZDDO2I45ZSTR6XDGFSPFDUY"
 
 
     .. rubric:: Example configuration (`COBalD` legacy object initialisation)

diff --git a/tardis/utilities/executors/sshexecutor.py b/tardis/utilities/executors/sshexecutor.py
@@ -45,13 +45,11 @@ async def probe_max_session(connection: asyncssh.SSHClientConnection):
 
 
 class MFASSHClient(SSHClient):
-    def __init__(self, *args, mfa_secrets, **kwargs):
+    def __init__(self, *args, mfa_config, **kwargs):
         super().__init__(*args, **kwargs)
         self._mfa_responses = {}
-        for mfa_secret in mfa_secrets:
-            self._mfa_responses[mfa_secret["prompt"].strip()] = pyotp.TOTP(
-                mfa_secret["secret"]
-            )
+        for entry in mfa_config:
+            self._mfa_responses[entry["prompt"].strip()] = pyotp.TOTP(entry["totp"])
 
     async def kbdint_auth_requested(self) -> MaybeAwait[Optional[str]]:
         """
@@ -94,9 +92,9 @@ class SSHExecutor(Executor):
     def __init__(self, **parameters):
         self._parameters = parameters
         # enable Multi-factor Authentication if required
-        if mfa_secrets := self._parameters.pop("mfa_secrets", None):
+        if mfa_config := self._parameters.pop("mfa_config", None):
             self._parameters["client_factory"] = partial(
-                MFASSHClient, mfa_secrets=mfa_secrets
+                MFASSHClient, mfa_config=mfa_config
             )
         # the current SSH connection or None if it must be (re-)established
         self._ssh_connection: Optional[asyncssh.SSHClientConnection] = None

diff --git a/tests/utilities_t/executors_t/test_sshexecutor.py b/tests/utilities_t/executors_t/test_sshexecutor.py
@@ -75,17 +75,17 @@ def test_max_sessions(self):
 
 class TestMFASSHClient(TestCase):
     def setUp(self):
-        mfa_secrets = [
+        mfa_config = [
             {
                 "prompt": "Enter MFA token:",
-                "secret": "EJL2DAWFOH7QPJ3D6I2DK2ARTBEJDBIB",
+                "totp": "EJL2DAWFOH7QPJ3D6I2DK2ARTBEJDBIB",
             },
             {
                 "prompt": "Yet another token:",
-                "secret": "D22246GDKKEDK7AAM77ZH5VRDRL7Z6W7",
+                "totp": "D22246GDKKEDK7AAM77ZH5VRDRL7Z6W7",
             },
         ]
-        self.mfa_ssh_client = MFASSHClient(mfa_secrets=mfa_secrets)
+        self.mfa_ssh_client = MFASSHClient(mfa_config=mfa_config)
 
     def test_kbdint_auth_requested(self):
         self.assertEqual(run_async(self.mfa_ssh_client.kbdint_auth_requested), "")
@@ -306,9 +306,9 @@ def test_yaml_construction(test_executor, *args, **kwargs):
                    username: test
                    client_keys:
                      - TestKey
-                   mfa_secrets:
+                   mfa_config:
                      - prompt: 'Token: '
-                       secret: 123TopSecret
+                       totp: 123TopSecret
                    """
         )