diff --git a/openconnect_sso/app.py b/openconnect_sso/app.py index afc35d8..fa199e5 100644 --- a/openconnect_sso/app.py +++ b/openconnect_sso/app.py @@ -108,6 +108,10 @@ def configure_logger(logger, level): async def _run(args, cfg): + if args.reset_credentials: + del Credentials(args.user).password + del Credentials(args.user).totp + credentials = None if cfg.credentials: credentials = cfg.credentials diff --git a/openconnect_sso/cli.py b/openconnect_sso/cli.py index 5613f0f..a5a0c3f 100755 --- a/openconnect_sso/cli.py +++ b/openconnect_sso/cli.py @@ -115,6 +115,13 @@ def create_argparser(): credentials_group.add_argument( "-u", "--user", help="Authenticate as the given user", default=None ) + credentials_group.add_argument( + "--reset-credentials", + dest="reset_credentials", + help="Delete saved credentials from keyring", + action="store_true", + default=False + ) return parser diff --git a/openconnect_sso/config.py b/openconnect_sso/config.py index b805662..cb2fae1 100644 --- a/openconnect_sso/config.py +++ b/openconnect_sso/config.py @@ -121,6 +121,14 @@ def password(self, value): keyring.set_password(APP_NAME, self.username, value) except keyring.errors.KeyringError: logger.info("Cannot save password to keyring.") + + @password.deleter + def password(self): + try: + return keyring.delete_password(APP_NAME, self.username) + except keyring.errors.KeyringError: + logger.info("Cannot delete saved password from keyring.") + return "" @property def totp(self): @@ -138,6 +146,14 @@ def totp(self, value): except keyring.errors.KeyringError: logger.info("Cannot save totp secret to keyring.") + @totp.deleter + def totp(self): + try: + return keyring.delete_password(APP_NAME, "totp/" + self.username) + except keyring.errors.KeyringError: + logger.info("Cannot delete saved totp secret from keyring.") + return "" + @attr.s class Config(ConfigNode):