Merge pull request #21 from britive/develop

twratl · web-flow · commit e4cee90cc548 · 2022-09-13T15:59:22.000-04:00
v0.3.1
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,20 @@
+# Change Log
+
+All changes to the package starting with v0.3.1 will be logged here.
+
+
+## v0.3.1 [2022-09-13]
+#### What's New
+* None
+
+### Enhancements
+* None
+
+#### Bug Fixes
+* Fixes an issue with Britive tenant credential encryption when using `backend-credential-process=encrypted-file`. If an invalid `--passphrase` is provided the encrypted credentials will now be removed and a new interactive login process will commence.
+
+#### Dependencies
+* None
+
+#### Other
+* None
diff --git a/setup.cfg b/setup.cfg
@@ -1,6 +1,6 @@
 [metadata]
 name = pybritive
-version = 0.3.0
+version = 0.3.1
 author = Britive Inc.
 author_email = support@britive.com
 description = A pure Python CLI for Britive
diff --git a/src/pybritive/helpers/credentials.py b/src/pybritive/helpers/credentials.py
@@ -56,7 +56,7 @@ def __init__(self, tenant_name: str, tenant_alias: str, cli: ConfigManager):
         self.credentials = self.load() or {}
 
     def perform_interactive_login(self):
-        self.cli.print(f'Performing interactive login against tenant {self.tenant}')
+        self.cli.print(f'Performing interactive login against tenant {self.tenant}.')
         url = f'{self.base_url}/login?token={self.auth_token}'
 
         try:
@@ -190,7 +190,10 @@ def decrypt(self, encrypted_access_token: str):
         try:
             return self.string_encryptor.decrypt(ciphertext=encrypted_access_token)
         except InvalidPassphraseException:
-            click.ClickException('invalid passphrase provided - cannot decrypt credentials.')
+            self.cli.print('invalid passphrase provided - wiping credentials and forcing a re-authentication.')
+            self.delete()
+            self.credentials = self.load() or {}
+            return self.get_token()
 
     def encrypt(self, decrypted_access_token: str):
         return self.string_encryptor.encrypt(plaintext=decrypted_access_token)
