Allow secure user password update.

This patch allows the ability for user password to be updated via
a command prompt so the password doesnt show up in the bash history.
The prompted password is asked twice to verify the match.
If user cntl-D's the prompt a message appears suggesting user to use
either of the options to update the password.

Fixes: bug#938315

Change-Id: I4271ae569b922f33c34f9b015a7ee6f760414e39

1 files changed, 22 insertions, 1 deletions

diff --git a/keystoneclient/utils.py b/keystoneclient/utils.py
index 3d708ca..f45ec34 100644
--- a/keystoneclient/utils.py
+++ b/keystoneclient/utils.py
@@ -1,5 +1,7 @@
-import uuid
+import getpass
 import hashlib
+import sys
+import uuid
 
 import prettytable
 
@@ -128,3 +130,22 @@ def hash_signed_token(signed_text):
     hash_ = hashlib.md5()
     hash_.update(signed_text)
     return hash_.hexdigest()
+
+
+def prompt_for_password():
+    """
+     Prompt user for password if not provided so the password
+     doesn't show up in the bash history.
+    """
+    if not (hasattr(sys.stdin, 'isatty') and sys.stdin.isatty()):
+        # nothing to do
+        return
+
+    while True:
+        try:
+            new_passwd = getpass.getpass('New Password: ')
+            rep_passwd = getpass.getpass('Repeat New Password: ')
+            if new_passwd == rep_passwd:
+                return new_passwd
+        except EOFError:
+            return