mirror of
https://github.com/ansible/awx.git
synced 2024-11-02 01:21:21 +03:00
Merge pull request #6580 from ryanpetrello/invalid-decryption-key
provide a more helpful error message for secret decryption failures
This commit is contained in:
Ryan Petrello
GitHub
commit
45def3988d
@ -1,14 +1,17 @@
|
||||
import base64
|
||||
import hashlib
|
||||
import logging
|
||||
|
||||
import six
|
||||
from cryptography.fernet import Fernet
|
||||
from cryptography.fernet import Fernet, InvalidToken
|
||||
|
||||
from django.utils.encoding import smart_str
|
||||
|
||||
|
||||
__all__ = ['get_encryption_key', 'encrypt_field', 'decrypt_field', 'decrypt_value']
|
||||
|
||||
logger = logging.getLogger('awx.main.utils.encryption')
|
||||
|
||||
|
||||
def get_encryption_key(field_name, pk=None):
|
||||
'''
|
||||
@ -83,4 +86,16 @@ def decrypt_field(instance, field_name, subfield=None):
|
||||
return value
|
||||
key = get_encryption_key(field_name, getattr(instance, 'pk', None))
|
||||
|
||||
return decrypt_value(key, value)
|
||||
try:
|
||||
return decrypt_value(key, value)
|
||||
except InvalidToken:
|
||||
logger.exception(
|
||||
"Failed to decrypt `%s(pk=%s).%s`; if you've recently restored from "
|
||||
"a database backup or are running in a clustered environment, "
|
||||
"check that your `SECRET_KEY` value is correct",
|
||||
instance.__class__.__name__,
|
||||
getattr(instance, 'pk', None),
|
||||
field_name,
|
||||
exc_info=True
|
||||
)
|
||||
raise
|
||||
|
||||
Loading…
Reference in New Issue
Block a user