Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/airflow/models/crypto.py: 50%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

30 statements  

1# 

2# Licensed to the Apache Software Foundation (ASF) under one 

3# or more contributor license agreements. See the NOTICE file 

4# distributed with this work for additional information 

5# regarding copyright ownership. The ASF licenses this file 

6# to you under the Apache License, Version 2.0 (the 

7# "License"); you may not use this file except in compliance 

8# with the License. You may obtain a copy of the License at 

9# 

10# http://www.apache.org/licenses/LICENSE-2.0 

11# 

12# Unless required by applicable law or agreed to in writing, 

13# software distributed under the License is distributed on an 

14# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 

15# KIND, either express or implied. See the License for the 

16# specific language governing permissions and limitations 

17# under the License. 

18from __future__ import annotations 

19 

20import logging 

21 

22from airflow.configuration import conf 

23from airflow.exceptions import AirflowException 

24from airflow.typing_compat import Protocol 

25 

26log = logging.getLogger(__name__) 

27 

28 

29class FernetProtocol(Protocol): 

30 """This class is only used for TypeChecking (for IDEs, mypy, etc).""" 

31 

32 def decrypt(self, b): 

33 """Decrypt with Fernet.""" 

34 

35 def encrypt(self, b): 

36 """Encrypt with Fernet.""" 

37 

38 

39class NullFernet: 

40 """ 

41 A "Null" encryptor class that doesn't encrypt or decrypt but that presents a similar interface to Fernet. 

42 

43 The purpose of this is to make the rest of the code not have to know the 

44 difference, and to only display the message once, not 20 times when 

45 `airflow db migrate` is run. 

46 """ 

47 

48 is_encrypted = False 

49 

50 def decrypt(self, b): 

51 """Decrypt with Fernet.""" 

52 return b 

53 

54 def encrypt(self, b): 

55 """Encrypt with Fernet.""" 

56 return b 

57 

58 

59_fernet: FernetProtocol | None = None 

60 

61 

62def get_fernet(): 

63 """ 

64 Deferred load of Fernet key. 

65 

66 This function could fail either because Cryptography is not installed 

67 or because the Fernet key is invalid. 

68 

69 :return: Fernet object 

70 :raises: airflow.exceptions.AirflowException if there's a problem trying to load Fernet 

71 """ 

72 from cryptography.fernet import Fernet, MultiFernet 

73 

74 global _fernet 

75 

76 if _fernet: 

77 return _fernet 

78 

79 try: 

80 fernet_key = conf.get("core", "FERNET_KEY") 

81 if not fernet_key: 

82 log.warning("empty cryptography key - values will not be stored encrypted.") 

83 _fernet = NullFernet() 

84 else: 

85 _fernet = MultiFernet( 

86 [Fernet(fernet_part.encode("utf-8")) for fernet_part in fernet_key.split(",")] 

87 ) 

88 _fernet.is_encrypted = True 

89 except (ValueError, TypeError) as value_error: 

90 raise AirflowException(f"Could not create Fernet object: {value_error}") 

91 

92 return _fernet