diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 22978f4..b341585 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,14 +4,14 @@ on: push: pull_request: schedule: - - cron: '47 3 * * *' + - cron: '37 3 * * *' jobs: build: strategy: matrix: - python-version: ["3.x", "3.11", "3.10", "3.9", "pypy-3.9", "3.8", "pypy-3.8", "3.7", "pypy-3.7"] + python-version: ["3.x", "3.11", "3.10", "3.9", "3.8", "3.7"] platform: [ubuntu-latest, macos-latest, windows-latest] exclude: - platform: windows-latest @@ -25,6 +25,14 @@ jobs: uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} + - name: Install zbar shared lib for QReader (Linux) + if: runner.os == 'Linux' + run: | + sudo apt-get install -y libzbar0 + - name: Install zbar shared lib for QReader (macOS) + if: runner.os == 'macOS' + run: | + brew install zbar - name: Install dependencies run: | python -m pip install --upgrade pip diff --git a/.github/workflows/ci_docker.yml b/.github/workflows/ci_docker.yml new file mode 100644 index 0000000..fb01f8d --- /dev/null +++ b/.github/workflows/ci_docker.yml @@ -0,0 +1,76 @@ +name: "Docker: build and publish" + +# How to setup: https://event-driven.io/en/how_to_buid_and_push_docker_image_with_github_actions/ +# How to run: https://aschmelyun.com/blog/using-docker-run-inside-of-github-actions/ + +on: + # run it on push to the default repository branch + push: + # branches: [master] + # run it during pull request + # pull_request: + +jobs: + # define job to build and publish docker image + build-and-push-docker-image: + name: Build Docker image and push to repositories + # run only when code is compiling and tests are passing + runs-on: ubuntu-latest + + # steps to perform in job + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + # setup Docker build action + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Login to Github Packages + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GHCR_IO_TOKEN }} + + - name: "no_qr_reader: Build image and push to Docker Hub and GitHub Container Registry" + uses: docker/build-push-action@v2 + with: + # relative path to the place where source code with Dockerfile is located + platforms: linux/amd64,linux/arm64 + context: . + file: Dockerfile_no_qr_reader + # Note: tags has to be all lower-case + tags: | + scit0/extract_otp_secret_keys_no_qr_reader:latest + ghcr.io/scito/extract_otp_secret_keys_no_qr_reader:latest + # build on feature branches, push only on master branch + # TODO push: ${{ github.ref == 'refs/heads/master' }} + push: true + + - name: "qr_reader: Build image and push to Docker Hub and GitHub Container Registry" + uses: docker/build-push-action@v2 + with: + platforms: linux/amd64,linux/arm64 + # relative path to the place where source code with Dockerfile is located + context: . + # Note: tags has to be all lower-case + tags: | + scit0/extract_otp_secret_keys:latest + ghcr.io/scito/extract_otp_secret_keys:latest + # build on feature branches, push only on master branch + # TODO push: ${{ github.ref == 'refs/heads/master' }} + push: true + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/Dockerfile b/Dockerfile index 37f7f1e..5c2403e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,17 @@ -FROM python:3.11-alpine +FROM python:3.11-slim-bullseye WORKDIR /extract COPY . . -RUN pip install -r requirements.txt +ARG run_tests=true + +RUN apt-get update && apt-get install -y libzbar0 python3-opencv nano \ + && pip install -r requirements.txt \ + && if [[ "$run_tests" == "true" ]] ; then /extract/run_pytest.sh ; else echo "Not running tests..." ; fi WORKDIR /files -ENTRYPOINT [ "python", "/extract/extract_otp_secret_keys.py" ] +ENTRYPOINT ["python", "/extract/extract_otp_secret_keys.py"] + +LABEL org.opencontainers.image.source https://github.com/scito/extract_otp_secret_keys diff --git a/Dockerfile_no_qr_reader b/Dockerfile_no_qr_reader new file mode 100644 index 0000000..9ca838a --- /dev/null +++ b/Dockerfile_no_qr_reader @@ -0,0 +1,16 @@ +FROM python:3.11-alpine + +WORKDIR /extract + +COPY . . + +ARG run_tests=true + +RUN pip install protobuf qrcode Pillow \ + && if [[ "$run_tests" == "true" ]] ; then /extract/run_pytest.sh test_extract_otp_secret_keys_pytest.py -k "not qreader" --relaxed ; else echo "Not running tests..." ; fi + +WORKDIR /files + +ENTRYPOINT ["python", "/extract/extract_otp_secret_keys.py"] + +LABEL org.opencontainers.image.source https://github.com/scito/extract_otp_secret_keys diff --git a/Pipfile b/Pipfile index 5bdd714..899e049 100644 --- a/Pipfile +++ b/Pipfile @@ -4,15 +4,11 @@ verify_ssl = true name = "pypi" [packages] -protobuf = "==4.21.12" +protobuf = "*" qrcode = "*" pillow = "*" -wheel = "==0.38.4" -pytest = "==7.2.0" -flake8 = "==6.0.0" -pylint = "==2.15.9" -qreader = "==1.3.1" -opencv-python = "==4.6.0.66" +qreader = "*" +opencv-python = "*" [dev-packages] pytest = "*" diff --git a/Pipfile.lock b/Pipfile.lock index cb5fc84..6a11ca0 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "0aea0eade4cf314b23a91c56582b66626a03b15f8e089b568ad55186cf8e6163" + "sha256": "2f4059c8dbac6be85b1e3b2c2032b884d48dc6a7fd520ffdebb951e23246a23e" }, "pipfile-spec": 6, "requires": { @@ -16,135 +16,39 @@ ] }, "default": { - "astroid": { - "hashes": [ - "sha256:10e0ad5f7b79c435179d0d0f0df69998c4eef4597534aae44910db060baeb907", - "sha256:1493fe8bd3dfd73dc35bd53c9d5b6e49ead98497c47b2307662556a5692d29d7" - ], - "markers": "python_full_version >= '3.7.2'", - "version": "==2.12.13" - }, - "attrs": { - "hashes": [ - "sha256:29e95c7f6778868dbd49170f98f8818f78f3dc5e0e37c0b1f474e3561b240836", - "sha256:c9227bfc2f01993c03f68db37d1d15c9690188323c067c641f1a35ca58185f99" - ], - "markers": "python_version >= '3.6'", - "version": "==22.2.0" - }, - "colorama": { - "hashes": [ - "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", - "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6" - ], - "markers": "sys_platform == 'win32'", - "version": "==0.4.6" - }, - "dill": { - "hashes": [ - "sha256:a07ffd2351b8c678dfc4a856a3005f8067aea51d6ba6c700796a4d9e280f39f0", - "sha256:e5db55f3687856d8fbdab002ed78544e1c4559a130302693d839dfe8f93f2373" - ], - "markers": "python_version < '3.11'", - "version": "==0.3.6" - }, - "exceptiongroup": { - "hashes": [ - "sha256:542adf9dea4055530d6e1279602fa5cb11dab2395fa650b8674eaec35fc4a828", - "sha256:bd14967b79cd9bdb54d97323216f8fdf533e278df937aa2a90089e7d6e06e5ec" - ], - "markers": "python_version < '3.11'", - "version": "==1.0.4" - }, - "flake8": { - "hashes": [ - "sha256:3833794e27ff64ea4e9cf5d410082a8b97ff1a06c16aa3d2027339cd0f1195c7", - "sha256:c61007e76655af75e6785a931f452915b371dc48f56efd765247c8fe68f2b181" - ], - "index": "pypi", - "version": "==6.0.0" - }, - "iniconfig": { - "hashes": [ - "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3", - "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32" - ], - "version": "==1.1.1" - }, - "isort": { - "hashes": [ - "sha256:6db30c5ded9815d813932c04c2f85a360bcdd35fed496f4d8f35495ef0a261b6", - "sha256:c033fd0edb91000a7f09527fe5c75321878f98322a77ddcc81adbd83724afb7b" - ], - "markers": "python_full_version >= '3.7.0'", - "version": "==5.11.4" - }, - "lazy-object-proxy": { - "hashes": [ - "sha256:0c1c7c0433154bb7c54185714c6929acc0ba04ee1b167314a779b9025517eada", - "sha256:14010b49a2f56ec4943b6cf925f597b534ee2fe1f0738c84b3bce0c1a11ff10d", - "sha256:4e2d9f764f1befd8bdc97673261b8bb888764dfdbd7a4d8f55e4fbcabb8c3fb7", - "sha256:4fd031589121ad46e293629b39604031d354043bb5cdf83da4e93c2d7f3389fe", - "sha256:5b51d6f3bfeb289dfd4e95de2ecd464cd51982fe6f00e2be1d0bf94864d58acd", - "sha256:6850e4aeca6d0df35bb06e05c8b934ff7c533734eb51d0ceb2d63696f1e6030c", - "sha256:6f593f26c470a379cf7f5bc6db6b5f1722353e7bf937b8d0d0b3fba911998858", - "sha256:71d9ae8a82203511a6f60ca5a1b9f8ad201cac0fc75038b2dc5fa519589c9288", - "sha256:7e1561626c49cb394268edd00501b289053a652ed762c58e1081224c8d881cec", - "sha256:8f6ce2118a90efa7f62dd38c7dbfffd42f468b180287b748626293bf12ed468f", - "sha256:ae032743794fba4d171b5b67310d69176287b5bf82a21f588282406a79498891", - "sha256:afcaa24e48bb23b3be31e329deb3f1858f1f1df86aea3d70cb5c8578bfe5261c", - "sha256:b70d6e7a332eb0217e7872a73926ad4fdc14f846e85ad6749ad111084e76df25", - "sha256:c219a00245af0f6fa4e95901ed28044544f50152840c5b6a3e7b2568db34d156", - "sha256:ce58b2b3734c73e68f0e30e4e725264d4d6be95818ec0a0be4bb6bf9a7e79aa8", - "sha256:d176f392dbbdaacccf15919c77f526edf11a34aece58b55ab58539807b85436f", - "sha256:e20bfa6db17a39c706d24f82df8352488d2943a3b7ce7d4c22579cb89ca8896e", - "sha256:eac3a9a5ef13b332c059772fd40b4b1c3d45a3a2b05e33a361dee48e54a4dad0", - "sha256:eb329f8d8145379bf5dbe722182410fe8863d186e51bf034d2075eb8d85ee25b" - ], - "markers": "python_version >= '3.7'", - "version": "==1.8.0" - }, - "mccabe": { - "hashes": [ - "sha256:348e0240c33b60bbdf4e523192ef919f28cb2c3d7d5c7794f74009290f236325", - "sha256:6c2d30ab6be0e4a46919781807b4f0d834ebdd6c6e3dca0bda5a15f863427b6e" - ], - "markers": "python_version >= '3.6'", - "version": "==0.7.0" - }, "numpy": { "hashes": [ - "sha256:0104d8adaa3a4cc60c2777cab5196593bf8a7f416eda133be1f3803dd0838886", - "sha256:0885d9a7666cafe5f9876c57bfee34226e2b2847bfb94c9505e18d81011e5401", - "sha256:12bba5561d8118981f2f1ff069ecae200c05d7b6c78a5cdac0911f74bc71cbd1", - "sha256:2f8e0df2ecc1928ef7256f18e309c9d6229b08b5be859163f5caa59c93d53646", - "sha256:4445f472b246cad6514cc09fbb5ecb7aab09ca2acc3c16f29f8dca6c468af501", - "sha256:4d01f7832fa319a36fd75ba10ea4027c9338ede875792f7bf617f4b45056fc3a", - "sha256:4f5e78b8b710cd7cd1a8145994cfffc6ddd5911669a437777d8cedfce6c83a98", - "sha256:667b5b1f6a352419e340f6475ef9930348ae5cb7fca15f2cc3afcb530823715e", - "sha256:6e73a1f4f5b74a42abb55bc2b3d869f1b38cbc8776da5f8b66bf110284f7a437", - "sha256:73cf2c5b5a07450f20a0c8e04d9955491970177dce8df8d6903bf253e53268e0", - "sha256:7ad6a024a32ee61d18f5b402cd02e9c0e22c0fb9dc23751991b3a16d209d972e", - "sha256:8b1ddfac6a82d4f3c8e99436c90b9c2c68c0bb14658d1684cdd00f05fab241f5", - "sha256:90075ef2c6ac6397d0035bcd8b298b26e481a7035f7a3f382c047eb9c3414db0", - "sha256:9387c7d6d50e8f8c31e7bfc034241e9c6f4b3eb5db8d118d6487047b922f82af", - "sha256:9af91f794d2d3007d91d749ebc955302889261db514eb24caef30e03e8ec1e41", - "sha256:ab11f6a7602cf8ea4c093e091938207de3068c5693a0520168ecf4395750f7ea", - "sha256:ac4fe68f1a5a18136acebd4eff91aab8bed00d1ef2fdb34b5d9192297ffbbdfc", - "sha256:ada6c1e9608ceadaf7020e1deea508b73ace85560a16f51bef26aecb93626a72", - "sha256:c4ab7c9711fe6b235e86487ca74c1b092a6dd59a3cb45b63241ea0a148501853", - "sha256:cec79ff3984b2d1d103183fc4a3361f5b55bbb66cb395cbf5a920a4bb1fd588d", - "sha256:cf8960f72997e56781eb1c2ea256a70124f92a543b384f89e5fb3503a308b1d3", - "sha256:d7f223554aba7280e6057727333ed357b71b7da7422d02ff5e91b857888c25d1", - "sha256:dbb0490f0a880700a6cc4d000384baf19c1f4df59fff158d9482d4dbbca2b239", - "sha256:e63d2157f9fc98cc178870db83b0e0c85acdadd598b134b00ebec9e0db57a01f", - "sha256:ec3e5e8172a0a6a4f3c2e7423d4a8434c41349141b04744b11a90e017a95bad5", - "sha256:f3c4a9a9f92734a4728ddbd331e0124eabbc968a0359a506e8e74a9b0d2d419b", - "sha256:f9168790149f917ad8e3cf5047b353fefef753bd50b07c547da0bdf30bc15d91", - "sha256:fe44e925c68fb5e8db1334bf30ac1a1b6b963b932a19cf41d2e899cf02f36aab" - ], - "markers": "python_version >= '3.9'", - "version": "==1.24.0" + "sha256:0044f7d944ee882400890f9ae955220d29b33d809a038923d88e4e01d652acd9", + "sha256:0e3463e6ac25313462e04aea3fb8a0a30fb906d5d300f58b3bc2c23da6a15398", + "sha256:179a7ef0889ab769cc03573b6217f54c8bd8e16cef80aad369e1e8185f994cd7", + "sha256:2386da9a471cc00a1f47845e27d916d5ec5346ae9696e01a8a34760858fe9dd2", + "sha256:26089487086f2648944f17adaa1a97ca6aee57f513ba5f1c0b7ebdabbe2b9954", + "sha256:28bc9750ae1f75264ee0f10561709b1462d450a4808cd97c013046073ae64ab6", + "sha256:28e418681372520c992805bb723e29d69d6b7aa411065f48216d8329d02ba032", + "sha256:442feb5e5bada8408e8fcd43f3360b78683ff12a4444670a7d9e9824c1817d36", + "sha256:6ec0c021cd9fe732e5bab6401adea5a409214ca5592cd92a114f7067febcba0c", + "sha256:7094891dcf79ccc6bc2a1f30428fa5edb1e6fb955411ffff3401fb4ea93780a8", + "sha256:84e789a085aabef2f36c0515f45e459f02f570c4b4c4c108ac1179c34d475ed7", + "sha256:87a118968fba001b248aac90e502c0b13606721b1343cdaddbc6e552e8dfb56f", + "sha256:8e669fbdcdd1e945691079c2cae335f3e3a56554e06bbd45d7609a6cf568c700", + "sha256:ad2925567f43643f51255220424c23d204024ed428afc5aad0f86f3ffc080086", + "sha256:b0677a52f5d896e84414761531947c7a330d1adc07c3a4372262f25d84af7bf7", + "sha256:b07b40f5fb4fa034120a5796288f24c1fe0e0580bbfff99897ba6267af42def2", + "sha256:b09804ff570b907da323b3d762e74432fb07955701b17b08ff1b5ebaa8cfe6a9", + "sha256:b162ac10ca38850510caf8ea33f89edcb7b0bb0dfa5592d59909419986b72407", + "sha256:b31da69ed0c18be8b77bfce48d234e55d040793cebb25398e2a7d84199fbc7e2", + "sha256:caf65a396c0d1f9809596be2e444e3bd4190d86d5c1ce21f5fc4be60a3bc5b36", + "sha256:cfa1161c6ac8f92dea03d625c2d0c05e084668f4a06568b77a25a89111621566", + "sha256:dae46bed2cb79a58d6496ff6d8da1e3b95ba09afeca2e277628171ca99b99db1", + "sha256:ddc7ab52b322eb1e40521eb422c4e0a20716c271a306860979d450decbb51b8e", + "sha256:de92efa737875329b052982e37bd4371d52cabf469f83e7b8be9bb7752d67e51", + "sha256:e274f0f6c7efd0d577744f52032fdd24344f11c5ae668fe8d01aac0422611df1", + "sha256:ed5fb71d79e771ec930566fae9c02626b939e37271ec285e9efaf1b5d4370e7d", + "sha256:ef85cf1f693c88c1fd229ccd1055570cb41cdf4875873b7728b6301f12cd05bf", + "sha256:f1b739841821968798947d3afcefd386fa56da0caf97722a5de53e07c4ccedc7" + ], + "markers": "python_version >= '3.10'", + "version": "==1.24.1" }, "opencv-python": { "hashes": [ @@ -159,14 +63,6 @@ "index": "pypi", "version": "==4.6.0.66" }, - "packaging": { - "hashes": [ - "sha256:2198ec20bd4c017b8f9717e00f0c8714076fc2fd93816750ab48e2c41de2cfd3", - "sha256:957e2148ba0e1a3b282772e791ef1d8083648bc131c8ab0c1feba110ce1146c3" - ], - "markers": "python_version >= '3.7'", - "version": "==22.0" - }, "pillow": { "hashes": [ "sha256:03150abd92771742d4a8cd6f2fa6246d847dcd2e332a18d0c15cc75bf6703040", @@ -234,22 +130,6 @@ "index": "pypi", "version": "==9.3.0" }, - "platformdirs": { - "hashes": [ - "sha256:1a89a12377800c81983db6be069ec068eee989748799b946cce2a6e80dcc54ca", - "sha256:b46ffafa316e6b83b47489d240ce17173f123a9b9c83282141c3daf26ad9ac2e" - ], - "markers": "python_version >= '3.7'", - "version": "==2.6.0" - }, - "pluggy": { - "hashes": [ - "sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159", - "sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3" - ], - "markers": "python_version >= '3.6'", - "version": "==1.0.0" - }, "protobuf": { "hashes": [ "sha256:1f22ac0ca65bb70a876060d96d914dae09ac98d114294f77584b0d2644fa9c30", @@ -270,38 +150,6 @@ "index": "pypi", "version": "==4.21.12" }, - "pycodestyle": { - "hashes": [ - "sha256:347187bdb476329d98f695c213d7295a846d1152ff4fe9bacb8a9590b8ee7053", - "sha256:8a4eaf0d0495c7395bdab3589ac2db602797d76207242c17d470186815706610" - ], - "markers": "python_version >= '3.6'", - "version": "==2.10.0" - }, - "pyflakes": { - "hashes": [ - "sha256:ec55bf7fe21fff7f1ad2f7da62363d749e2a470500eab1b555334b67aa1ef8cf", - "sha256:ec8b276a6b60bd80defed25add7e439881c19e64850afd9b346283d4165fd0fd" - ], - "markers": "python_version >= '3.6'", - "version": "==3.0.1" - }, - "pylint": { - "hashes": [ - "sha256:18783cca3cfee5b83c6c5d10b3cdb66c6594520ffae61890858fe8d932e1c6b4", - "sha256:349c8cd36aede4d50a0754a8c0218b43323d13d5d88f4b2952ddfe3e169681eb" - ], - "index": "pypi", - "version": "==2.15.9" - }, - "pytest": { - "hashes": [ - "sha256:892f933d339f068883b6fd5a459f03d85bfcb355e4981e146d2c7616c21fef71", - "sha256:c4014eb40e10f11f355ad4e3c2fb2c6c6d1919c73f3b5a433de4708202cade59" - ], - "index": "pypi", - "version": "==7.2.0" - }, "pyzbar": { "hashes": [ "sha256:13e3ee5a2f3a545204a285f41814d5c0db571967e8d4af8699a03afc55182a9c", @@ -323,100 +171,6 @@ ], "index": "pypi", "version": "==1.3.1" - }, - "tomli": { - "hashes": [ - "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", - "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" - ], - "markers": "python_version < '3.11'", - "version": "==2.0.1" - }, - "tomlkit": { - "hashes": [ - "sha256:07de26b0d8cfc18f871aec595fda24d95b08fef89d147caa861939f37230bf4b", - "sha256:71b952e5721688937fb02cf9d354dbcf0785066149d2855e44531ebdd2b65d73" - ], - "markers": "python_version >= '3.6'", - "version": "==0.11.6" - }, - "wheel": { - "hashes": [ - "sha256:965f5259b566725405b05e7cf774052044b1ed30119b5d586b2703aafe8719ac", - "sha256:b60533f3f5d530e971d6737ca6d58681ee434818fab630c83a734bb10c083ce8" - ], - "index": "pypi", - "version": "==0.38.4" - }, - "wrapt": { - "hashes": [ - "sha256:00b6d4ea20a906c0ca56d84f93065b398ab74b927a7a3dbd470f6fc503f95dc3", - "sha256:01c205616a89d09827986bc4e859bcabd64f5a0662a7fe95e0d359424e0e071b", - "sha256:02b41b633c6261feff8ddd8d11c711df6842aba629fdd3da10249a53211a72c4", - "sha256:07f7a7d0f388028b2df1d916e94bbb40624c59b48ecc6cbc232546706fac74c2", - "sha256:11871514607b15cfeb87c547a49bca19fde402f32e2b1c24a632506c0a756656", - "sha256:1b376b3f4896e7930f1f772ac4b064ac12598d1c38d04907e696cc4d794b43d3", - "sha256:21ac0156c4b089b330b7666db40feee30a5d52634cc4560e1905d6529a3897ff", - "sha256:257fd78c513e0fb5cdbe058c27a0624c9884e735bbd131935fd49e9fe719d310", - "sha256:2b39d38039a1fdad98c87279b48bc5dce2c0ca0d73483b12cb72aa9609278e8a", - "sha256:2cf71233a0ed05ccdabe209c606fe0bac7379fdcf687f39b944420d2a09fdb57", - "sha256:2fe803deacd09a233e4762a1adcea5db5d31e6be577a43352936179d14d90069", - "sha256:3232822c7d98d23895ccc443bbdf57c7412c5a65996c30442ebe6ed3df335383", - "sha256:34aa51c45f28ba7f12accd624225e2b1e5a3a45206aa191f6f9aac931d9d56fe", - "sha256:36f582d0c6bc99d5f39cd3ac2a9062e57f3cf606ade29a0a0d6b323462f4dd87", - "sha256:380a85cf89e0e69b7cfbe2ea9f765f004ff419f34194018a6827ac0e3edfed4d", - "sha256:40e7bc81c9e2b2734ea4bc1aceb8a8f0ceaac7c5299bc5d69e37c44d9081d43b", - "sha256:43ca3bbbe97af00f49efb06e352eae40434ca9d915906f77def219b88e85d907", - "sha256:4fcc4649dc762cddacd193e6b55bc02edca674067f5f98166d7713b193932b7f", - "sha256:5a0f54ce2c092aaf439813735584b9537cad479575a09892b8352fea5e988dc0", - "sha256:5a9a0d155deafd9448baff28c08e150d9b24ff010e899311ddd63c45c2445e28", - "sha256:5b02d65b9ccf0ef6c34cba6cf5bf2aab1bb2f49c6090bafeecc9cd81ad4ea1c1", - "sha256:60db23fa423575eeb65ea430cee741acb7c26a1365d103f7b0f6ec412b893853", - "sha256:642c2e7a804fcf18c222e1060df25fc210b9c58db7c91416fb055897fc27e8cc", - "sha256:6a9a25751acb379b466ff6be78a315e2b439d4c94c1e99cb7266d40a537995d3", - "sha256:6b1a564e6cb69922c7fe3a678b9f9a3c54e72b469875aa8018f18b4d1dd1adf3", - "sha256:6d323e1554b3d22cfc03cd3243b5bb815a51f5249fdcbb86fda4bf62bab9e164", - "sha256:6e743de5e9c3d1b7185870f480587b75b1cb604832e380d64f9504a0535912d1", - "sha256:709fe01086a55cf79d20f741f39325018f4df051ef39fe921b1ebe780a66184c", - "sha256:7b7c050ae976e286906dd3f26009e117eb000fb2cf3533398c5ad9ccc86867b1", - "sha256:7d2872609603cb35ca513d7404a94d6d608fc13211563571117046c9d2bcc3d7", - "sha256:7ef58fb89674095bfc57c4069e95d7a31cfdc0939e2a579882ac7d55aadfd2a1", - "sha256:80bb5c256f1415f747011dc3604b59bc1f91c6e7150bd7db03b19170ee06b320", - "sha256:81b19725065dcb43df02b37e03278c011a09e49757287dca60c5aecdd5a0b8ed", - "sha256:833b58d5d0b7e5b9832869f039203389ac7cbf01765639c7309fd50ef619e0b1", - "sha256:88bd7b6bd70a5b6803c1abf6bca012f7ed963e58c68d76ee20b9d751c74a3248", - "sha256:8ad85f7f4e20964db4daadcab70b47ab05c7c1cf2a7c1e51087bfaa83831854c", - "sha256:8c0ce1e99116d5ab21355d8ebe53d9460366704ea38ae4d9f6933188f327b456", - "sha256:8d649d616e5c6a678b26d15ece345354f7c2286acd6db868e65fcc5ff7c24a77", - "sha256:903500616422a40a98a5a3c4ff4ed9d0066f3b4c951fa286018ecdf0750194ef", - "sha256:9736af4641846491aedb3c3f56b9bc5568d92b0692303b5a305301a95dfd38b1", - "sha256:988635d122aaf2bdcef9e795435662bcd65b02f4f4c1ae37fbee7401c440b3a7", - "sha256:9cca3c2cdadb362116235fdbd411735de4328c61425b0aa9f872fd76d02c4e86", - "sha256:9e0fd32e0148dd5dea6af5fee42beb949098564cc23211a88d799e434255a1f4", - "sha256:9f3e6f9e05148ff90002b884fbc2a86bd303ae847e472f44ecc06c2cd2fcdb2d", - "sha256:a85d2b46be66a71bedde836d9e41859879cc54a2a04fad1191eb50c2066f6e9d", - "sha256:a9a52172be0b5aae932bef82a79ec0a0ce87288c7d132946d645eba03f0ad8a8", - "sha256:aa31fdcc33fef9eb2552cbcbfee7773d5a6792c137b359e82879c101e98584c5", - "sha256:b014c23646a467558be7da3d6b9fa409b2c567d2110599b7cf9a0c5992b3b471", - "sha256:b21bb4c09ffabfa0e85e3a6b623e19b80e7acd709b9f91452b8297ace2a8ab00", - "sha256:b5901a312f4d14c59918c221323068fad0540e34324925c8475263841dbdfe68", - "sha256:b9b7a708dd92306328117d8c4b62e2194d00c365f18eff11a9b53c6f923b01e3", - "sha256:d1967f46ea8f2db647c786e78d8cc7e4313dbd1b0aca360592d8027b8508e24d", - "sha256:d52a25136894c63de15a35bc0bdc5adb4b0e173b9c0d07a2be9d3ca64a332735", - "sha256:d77c85fedff92cf788face9bfa3ebaa364448ebb1d765302e9af11bf449ca36d", - "sha256:d79d7d5dc8a32b7093e81e97dad755127ff77bcc899e845f41bf71747af0c569", - "sha256:dbcda74c67263139358f4d188ae5faae95c30929281bc6866d00573783c422b7", - "sha256:ddaea91abf8b0d13443f6dac52e89051a5063c7d014710dcb4d4abb2ff811a59", - "sha256:dee0ce50c6a2dd9056c20db781e9c1cfd33e77d2d569f5d1d9321c641bb903d5", - "sha256:dee60e1de1898bde3b238f18340eec6148986da0455d8ba7848d50470a7a32fb", - "sha256:e2f83e18fe2f4c9e7db597e988f72712c0c3676d337d8b101f6758107c42425b", - "sha256:e3fb1677c720409d5f671e39bac6c9e0e422584e5f518bfd50aa4cbbea02433f", - "sha256:ee2b1b1769f6707a8a445162ea16dddf74285c3964f605877a20e38545c3c462", - "sha256:ee6acae74a2b91865910eef5e7de37dc6895ad96fa23603d1d27ea69df545015", - "sha256:ef3f72c9666bba2bab70d2a8b79f2c6d2c1a42a7f7e2b0ec83bb2f9e383950af" - ], - "markers": "python_version < '3.11'", - "version": "==1.14.1" } }, "develop": { @@ -436,30 +190,14 @@ "markers": "python_version >= '3.6'", "version": "==22.2.0" }, - "colorama": { - "hashes": [ - "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", - "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6" - ], - "markers": "sys_platform == 'win32'", - "version": "==0.4.6" - }, "dill": { "hashes": [ "sha256:a07ffd2351b8c678dfc4a856a3005f8067aea51d6ba6c700796a4d9e280f39f0", "sha256:e5db55f3687856d8fbdab002ed78544e1c4559a130302693d839dfe8f93f2373" ], - "markers": "python_version < '3.11'", + "markers": "python_version >= '3.11'", "version": "==0.3.6" }, - "exceptiongroup": { - "hashes": [ - "sha256:542adf9dea4055530d6e1279602fa5cb11dab2395fa650b8674eaec35fc4a828", - "sha256:bd14967b79cd9bdb54d97323216f8fdf533e278df937aa2a90089e7d6e06e5ec" - ], - "markers": "python_version < '3.11'", - "version": "==1.0.4" - }, "flake8": { "hashes": [ "sha256:3833794e27ff64ea4e9cf5d410082a8b97ff1a06c16aa3d2027339cd0f1195c7", @@ -572,14 +310,6 @@ "index": "pypi", "version": "==7.2.0" }, - "tomli": { - "hashes": [ - "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", - "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" - ], - "markers": "python_version < '3.11'", - "version": "==2.0.1" - }, "tomlkit": { "hashes": [ "sha256:07de26b0d8cfc18f871aec595fda24d95b08fef89d147caa861939f37230bf4b", @@ -663,7 +393,7 @@ "sha256:ee6acae74a2b91865910eef5e7de37dc6895ad96fa23603d1d27ea69df545015", "sha256:ef3f72c9666bba2bab70d2a8b79f2c6d2c1a42a7f7e2b0ec83bb2f9e383950af" ], - "markers": "python_version < '3.11'", + "markers": "python_version >= '3.11'", "version": "==1.14.1" } } diff --git a/README.md b/README.md index 2df19de..d5deba5 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,18 @@ cd extract_otp_secret_keys ## Usage +### With builtin QR decoder + +1. Open "Google Authenticator" app on the mobile phone +2. Export the QR codes from "Google Authenticator" app +4. Save the captured QR codes as image files, e.g. example_export.png +5. Transfer the images files to the computer where his script is installed. +6. Call this script with the file as input: + + python extract_otp_secret_keys.py example_export.png + +### With external QR decoder app + 1. Open "Google Authenticator" app on the mobile phone 2. Export the QR codes from "Google Authenticator" app 3. Read QR codes with a QR code reader (e.g. from another phone) @@ -31,10 +43,10 @@ cd extract_otp_secret_keys ## Program help: arguments and options -
usage: extract_otp_secret_keys.py [-h] [--json FILE] [--csv FILE] [--keepass FILE] [--printqr] [--saveqr DIR] [--verbose | --quiet] infile +## Dependencies @@ -57,25 +75,96 @@ Known to work with For protobuf versions 3.14.0 or similar or Python 3.6, use the extract_otp_secret_keys version 1.4.0. -### Optional +### Shared libs installation for reading QR code images + +For reading QR code images the zbar library must be installed. +If you do not extract directly from images, you do not need to install the zbar shared library. + +For a detailed installation documentation of [pyzbar](https://github.com/NaturalHistoryMuseum/pyzbar#installation). + +#### Windows + +The zbar DLLs are included with the Windows Python wheels. On other operating systems, you will need to install the zbar shared library. + +#### Linux (Debian, Ubuntu, ...) + + sudo apt-get install libzbar0 + +#### Linux (OpenSUSE) + + sudo zypper install libzbar0 + +#### Linux (Fedora) + + sudo dnf install libzbar0 + +#### Mac OS X + + brew install zbar -For printing QR codes, the qrcode module is required, otherwise it can be omitted. +## Examples - pip install qrcode[pil] +### Printing otp secrets form text file + + python extract_otp_secret_keys.py example_export.txt + +### Printing otp secrets from image file + + python extract_otp_secret_keys.py example_export.png + +### Printing otp secrets multiple files + + python extract_otp_secret_keys.py example_*.txt + python extract_otp_secret_keys.py example_*.png + python extract_otp_secret_keys.py example_export.* + python extract_otp_secret_keys.py example_*.txt example_*.png + +### Printing otp secrets from stdin (text) + + python extract_otp_secret_keys.py - < example_export.txt + +### Printing otp secrets from stdin (image) + + python extract_otp_secret_keys.py = < example_export.png + +### Printing otp secrets csv to stdout + + python extract_otp_secret_keys.py --csv - example_export.txt + +### Printing otp secrets csv to stdout without header line + + python extract_otp_secret_keys.py --csv - example_*.png | tail -n+2 + +### Reading from stdin and printing to stdout + + cat example_*.txt | python extract_otp_secret_keys.py --csv - - | tail -n+2 ## Features * Free and open source -* Supports Google Authenticator export +* Supports Google Authenticator exports (and compatible apps like Aegis Authenticator) * All functionality in one Python script: extract_otp_secret_keys.py (except protobuf generated code in protobuf_generated_python) * Supports TOTP and HOTP * Generates QR codes -* Various export formats: +* Reads QR Code images +* Exports to various formats: * CSV * JSON * Dedicated CSV for KeePass * QR code images -* Supports reading from stdin and writing to stdout by specifying '-' +* Supports reading from stdin and writing to stdout +* Reads from various import image formats containing export QR codes: (See [OpenCV docu](https://docs.opencv.org/3.4/d4/da8/group__imgcodecs.html#ga288b8b3da0892bd651fce07b3bbd3a56)) + * Portable Network Graphics - *.png + * WebP - *.webp + * JPEG files - *.jpeg, *.jpg, *.jpe + * TIFF files - *.tiff, *.tif + * Windows bitmaps - *.bmp, *.dib + * JPEG 2000 files - *.jp2 + * Portable image format - *.pbm, *.pgm, *.ppm *.pxm, *.pnm + * Sun rasters - *.sr, *.ras + * OpenEXR Image files - *.exr + * Radiance HDR - *.hdr, *.pic + * Raster and Vector geospatial data supported by GDAL * Errors and warnings are written to stderr * Many ways to run the script: * Native Python @@ -85,6 +174,10 @@ For printing QR codes, the qrcode module is required, otherwise it can be omitte * VSCode devcontainer * devbox * pip +* Compatible with multiple platforms (tested by CI): + * Linux + * macOS + * Windows ## KeePass @@ -216,10 +309,29 @@ Install [Docker](https://docs.docker.com/get-docker/). Build and run the app within the container: ```bash -docker build . -t extract_otp -docker run --rm -v "$(pwd)":/files:ro extract_otp -p example_export.txt +docker build . -t extract_otp_secret_keys --pull +docker run --rm -v "$(pwd)":/files:ro extract_otp_secret_keys example_export.txt +docker run --rm -v "$(pwd)":/files:ro extract_otp_secret_keys example_export.png ``` +docker run --rm -v "$(pwd)":/files:ro -i extract_otp_secret_keys = < example_export.png +docker run --entrypoint /bin/bash -it --rm -v "$(pwd)":/files:ro extract_otp_secret_keys +docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secret_keys + +docker build . -t extract_otp_secret_keys_no_qr_reader -f Dockerfile_no_qr_reader --pull +docker build . -t extract_otp_secret_keys_no_qr_reader -f Dockerfile_no_qr_reader --pull --build-arg run_tests=false +docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secret_keys_no_qr_reader +docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secret_keys_no_qr_reader test_extract_otp_secret_keys_pytest.py -k "not qreader" +docker run --rm -v "$(pwd)":/files:ro extract_otp_secret_keys_no_qr_reader example_export.txt +docker run --rm -v "$(pwd)":/files:ro -i extract_otp_secret_keys_no_qr_reader - < example_export.txt +docker build . -t extract_otp_secret_keys_no_qr_reader -f Dockerfile_no_qr_reader --pull && docker run --entrypoint /extract/run_pytest.sh --rm -v "$(pwd)":/files:ro extract_otp_secret_keys_no_qr_reader test_extract_otp_secret_keys_pytest.py -k "not qreader" -vvv --relaxed -s + +docker pull scit0/extract_otp_secret_keys +docker pull scit0/extract_otp_secret_keys_no_qr_reader + +docker pull ghcr.io/scito/extract_otp_secret_keys +docker pull ghcr.io/scito/extract_otp_secret_keys_no_qr_reader + ## Tests ### PyTest @@ -268,6 +380,8 @@ pip install -U -r requirements.txt * [ZBar](https://github.com/mchehab/zbar) is an open source software suite for reading bar codes from various sources, including webcams. * [Aegis Authenticator](https://github.com/beemdevelopment/Aegis) is a free, secure and open source 2FA app for Android. * [Android OTP Extractor](https://github.com/puddly/android-otp-extractor) can extract your tokens from popular Android OTP apps and export them in a standard format or just display them as QR codes for easy importing. [Requires a _rooted_ Android phone.] +* [Python QReader](https://github.com/Eric-Canas/QReader) +* [pyzbar](https://github.com/NaturalHistoryMuseum/pyzbar) *** diff --git a/conftest.py b/conftest.py new file mode 100644 index 0000000..9c66a08 --- /dev/null +++ b/conftest.py @@ -0,0 +1,10 @@ +import pytest + + +def pytest_addoption(parser): + parser.addoption( "--relaxed", action='store_true', help="run tests in relaxed mode") + + +@pytest.fixture +def relaxed(request): + return request.config.getoption("--relaxed") diff --git a/example_export.png b/example_export.png new file mode 100644 index 0000000..0a4d2b7 Binary files /dev/null and b/example_export.png differ diff --git a/extract_otp_secret_keys.py b/extract_otp_secret_keys.py index 47d8012..f467783 100644 --- a/extract_otp_secret_keys.py +++ b/extract_otp_secret_keys.py @@ -43,31 +43,33 @@ import argparse import base64 -import fileinput -import sys import csv +import fileinput +import importlib import json -import cv2 -from qreader import QReader -from urllib.parse import parse_qs, urlencode, urlparse, quote -from os import path, makedirs -from re import compile as rcompile -import protobuf_generated_python.google_auth_pb2 - +import os +import re +import sys +import urllib.parse as urlparse -verbose = False -quiet = True +import protobuf_generated_python.google_auth_pb2 +# These dynamic import are below: +# import cv2 +# import numpy +# from qreader import QReader def sys_main(): main(sys.argv[1:]) def main(sys_args): - global verbose, quiet + global verbose, quiet, qreader_available # allow to use sys.stdout with with (avoid closing) sys.stdout.close = lambda: None + # sys.stdout.reconfigure(encoding='utf-8') + args = parse_args(sys_args) verbose = args.verbose if args.verbose else 0 @@ -80,21 +82,21 @@ def main(sys_args): def parse_args(sys_args): - formatter = lambda prog: argparse.HelpFormatter(prog, max_help_position=52) - arg_parser = argparse.ArgumentParser(formatter_class=formatter) - arg_parser.add_argument('infile', - help="image file containing a QR code from a Google Authenticator export or a text file " - "or - for stdin with \"otpauth-migration://...\" URLs separated by newlines. Lines " - "starting with # are ignored.") + formatter = lambda prog: argparse.RawDescriptionHelpFormatter(prog, max_help_position=52) + example_text = '''examples: +python extract_otp_secret_keys.py example_*.txt +python extract_otp_secret_keys.py - < example_export.txt +python extract_otp_secret_keys.py --csv - example_*.png | tail -n+2 +python extract_otp_secret_keys.py = < example_export.png''' + + arg_parser = argparse.ArgumentParser(formatter_class=formatter, + epilog=example_text) + arg_parser.add_argument('infile', help='1) file or - for stdin with "otpauth-migration://..." URLs separated by newlines, lines starting with # are ignored; or 2) image file containing a QR code or = for stdin for an image containing a QR code', nargs='+') arg_parser.add_argument('--json', '-j', help='export json file or - for stdout', metavar=('FILE')) arg_parser.add_argument('--csv', '-c', help='export csv file or - for stdout', metavar=('FILE')) - arg_parser.add_argument('--keepass', '-k', help='export totp/hotp csv file(s) for KeePass, - for stdout', - metavar=('FILE')) - arg_parser.add_argument('--printqr', '-p', help='print QR code(s) as text to the terminal (requires qrcode module)', - action='store_true') - arg_parser.add_argument('--saveqr', '-s', - help='save QR code(s) as images to the given folder (requires qrcode module)', - metavar=('DIR')) + arg_parser.add_argument('--keepass', '-k', help='export totp/hotp csv file(s) for KeePass, - for stdout', metavar=('FILE')) + arg_parser.add_argument('--printqr', '-p', help='print QR code(s) as text to the terminal (requires qrcode module)', action='store_true') + arg_parser.add_argument('--saveqr', '-s', help='save QR code(s) as images to the given folder (requires qrcode module)', metavar=('DIR')) output_group = arg_parser.add_mutually_exclusive_group() output_group.add_argument('--verbose', '-v', help='verbose output', action='count') output_group.add_argument('--quiet', '-q', help='no stdout output, except output set by -', action='store_true') @@ -110,112 +112,148 @@ def extract_otps(args): otps = [] - lines = get_lines_from_file(args.infile) - - i = j = 0 - - for line in lines: - if verbose: - print(line) - if line.startswith('#') or line == '': - continue - i += 1 - payload = get_payload_from_line(line, i, args) - - # pylint: disable=no-member - for raw_otp in payload.otp_parameters: - j += 1 - if verbose: - print('\n{}. Secret Key'.format(j)) - secret = convert_secret_from_bytes_to_base32_str(raw_otp.secret) - otp_type_enum = get_enum_name_by_number(raw_otp, 'type') - otp_type = get_otp_type_str_from_code(raw_otp.type) - otp_url = build_otp_url(secret, raw_otp) - otp = { - "name": raw_otp.name, - "secret": secret, - "issuer": raw_otp.issuer, - "type": otp_type, - "counter": raw_otp.counter if raw_otp.type == 1 else None, - "url": otp_url - } - if not quiet: - print_otp(otp) - if args.printqr: - print_qr(args, otp_url) - if args.saveqr: - save_qr(otp, args, j) - if not quiet: - print() - - otps.append(otp) - + i = j = k = 0 + if verbose: print('Input files: {}'.format(args.infile)) + for infile in args.infile: + if verbose: print('Processing infile {}'.format(infile)) + k += 1 + for line in get_lines_from_file(infile): + if verbose: print(line) + if line.startswith('#') or line == '': continue + i += 1 + payload = get_payload_from_line(line, i, infile) + + # pylint: disable=no-member + for raw_otp in payload.otp_parameters: + j += 1 + if verbose: print('\n{}. Secret Key'.format(j)) + secret = convert_secret_from_bytes_to_base32_str(raw_otp.secret) + otp_type_enum = get_enum_name_by_number(raw_otp, 'type') + otp_type = get_otp_type_str_from_code(raw_otp.type) + otp_url = build_otp_url(secret, raw_otp) + otp = { + "name": raw_otp.name, + "secret": secret, + "issuer": raw_otp.issuer, + "type": otp_type, + "counter": raw_otp.counter if raw_otp.type == 1 else None, + "url": otp_url + } + if not quiet: + print_otp(otp) + if args.printqr: + print_qr(args, otp_url) + if args.saveqr: + save_qr(otp, args, j) + if not quiet: + print() + + otps.append(otp) + if verbose: print('{} infile(s) processed'.format(k)) return otps -def get_lines_from_file(filepath): - global verbose +def get_lines_from_file(filename): + global qreader_available + # stdin stream cannot be rewinded, thus distinguish, use - for utf-8 stdin and = for binary image stdin + if filename != '=': + check_file_exists(filename) + lines = read_lines_from_text_file(filename) + if lines or filename == '-': + return lines - # Check if this is an image file - if(path.splitext(filepath)[1][1:].lower() in ('bmp', 'jpg', 'jpeg', 'png', 'tif', 'tiff')): - # It's an image file, so try to read it as a QR Code - try: - decoder = QReader() + # could not process text file, try reading as image + if filename != '-': + return convert_img_to_line(filename) - if not path.isfile(filepath): - eprint('\nERROR: Input file provided is non-existent or not a file.' - '\ninput file: {}'.format(filepath)) - return [] - image = cv2.imread(filepath) - if image is None: - eprint('\nERROR: Unable to open file for reading. Please ensure that you have read access to the ' - 'file and that the file is a valid image file.\ninput file: {}'.format(filepath)) - return [] +def read_lines_from_text_file(filename): + if verbose: print('Reading lines of {}'.format(filename)) + finput = fileinput.input(filename) + try: + lines = [] + for line in (line.strip() for line in finput): + if verbose: print(line) + if is_binary(line): + abort('\nBinary input was given in stdin, please use = instead of - as infile argument for images.') + # unfortunately yield line leads to random test fails + lines.append(line) + if not lines: + eprint("WARN: {} is empty".format(filename.replace('-', 'stdin'))) + return lines + except UnicodeDecodeError: + if filename == '-': + abort('\nERROR: Unable to open text file form stdin. ' + 'In case you want read an image file from stdin, you must use "=" instead of "-".') + else: # The file is probably an image, process below + return None + finally: + finput.close() - decoded_text = decoder.detect_and_decode(image=image) - if decoded_text is None: - eprint('\nERROR: Unable to read QR Code from file.\ninput file: {}'.format(filepath)) + +def convert_img_to_line(filename): + try: + import cv2 + import numpy + except Exception as e: + eprint("WARNING: No cv2 or numpy module installed. Exception: {}".format(str(e))) + return [] + if verbose: print('Reading image {}'.format(filename)) + try: + if filename != '=': + image = cv2.imread(filename) + else: + try: + stdin = sys.stdin.buffer.read() + except AttributeError: + # Workaround for pytest, since pytest cannot monkeypatch sys.stdin.buffer + stdin = sys.stdin.read() + if not stdin: + eprint("WARN: stdin is empty") + try: + img_array = numpy.frombuffer(stdin, dtype='uint8') + except TypeError as e: + abort('\nERROR: Cannot read binary stdin buffer. Exception: {}'.format(str(e))) + if not img_array.size: return [] + image = cv2.imdecode(img_array, cv2.IMREAD_UNCHANGED) - return [decoded_text] - except Exception as e: - eprint('\nERROR: Encountered exception "{}".\ninput file: {}'.format(str(e), filepath)) - return [] - else: - # Not an image file, so assume it's a text file and proceed as usual - lines = [] - finput = fileinput.input(filepath) + if image is None: + abort('\nERROR: Unable to open file for reading.\ninput file: {}'.format(filename)) + + # dynamic import of QReader since this module has a dependency to zbar lib and import it only when necessary try: - for line in (line.strip() for line in finput): - if verbose: - print(line) - if line.startswith('#') or line == '': - continue - lines.append(line) - finally: - finput.close() - return lines + from qreader import QReader + except ImportError as e: + abort(''' +ERROR: Cannot import QReader module. This problem is probably due to the missing zbar shared library. +On Linux and macOS libzbar0 must be installed. +See in README.md for the installation of the libzbar0. +Exception: {}'''.format(str(e))) + + decoder = QReader() + decoded_text = decoder.detect_and_decode(image=image) + if decoded_text is None: + abort('\nERROR: Unable to read QR Code from file.\ninput file: {}'.format(filename)) + return [decoded_text] + except Exception as e: + abort('\nERROR: Encountered exception "{}".\ninput file: {}'.format(str(e), filename)) -def get_payload_from_line(line, i, args): + +def get_payload_from_line(line, i, infile): global verbose if not line.startswith('otpauth-migration://'): - eprint( - '\nWARN: line is not a otpauth-migration:// URL\ninput file: {}\nline "{}"\nProbably a wrong file was given'.format( - args.infile, line)) - parsed_url = urlparse(line) + eprint( '\nWARN: line is not a otpauth-migration:// URL\ninput file: {}\nline "{}"\nProbably a wrong file was given'.format(infile, line)) + parsed_url = urlparse.urlparse(line) if verbose > 1: print('\nDEBUG: parsed_url={}'.format(parsed_url)) try: - params = parse_qs(parsed_url.query, strict_parsing=True) + params = urlparse.parse_qs(parsed_url.query, strict_parsing=True) except: # Not necessary for Python >= 3.11 params = [] if verbose > 1: print('\nDEBUG: querystring params={}'.format(params)) if 'data' not in params: - eprint( - '\nERROR: no data query parameter in input URL\ninput file: {}\nline "{}"\nProbably a wrong file was given'.format( - args.infile, line)) - sys.exit(1) + abort('\nERROR: no data query parameter in input URL\ninput file: {}\nline "{}"\nProbably a wrong file was given'.format(infile, line)) data_base64 = params['data'][0] if verbose > 1: print('\nDEBUG: data_base64={}'.format(data_base64)) data_base64_fixed = data_base64.replace(' ', '+') @@ -225,9 +263,8 @@ def get_payload_from_line(line, i, args): try: payload.ParseFromString(data) except: - eprint('\nERROR: Cannot decode otpauth-migration migration payload.') - eprint('data={}'.format(data_base64)) - exit(1) + abort('\nERROR: Cannot decode otpauth-migration migration payload.\n' + 'data={}'.format(data_base64)) if verbose: print('\n{}. Payload Line'.format(i), payload, sep='\n') @@ -252,8 +289,7 @@ def build_otp_url(secret, raw_otp): url_params = {'secret': secret} if raw_otp.type == 1: url_params['counter'] = raw_otp.counter if raw_otp.issuer: url_params['issuer'] = raw_otp.issuer - otp_url = 'otpauth://{}/{}?'.format(get_otp_type_str_from_code(raw_otp.type), quote(raw_otp.name)) + urlencode( - url_params) + otp_url = 'otpauth://{}/{}?'.format(get_otp_type_str_from_code(raw_otp.type), urlparse.quote(raw_otp.name)) + urlparse.urlencode( url_params) return otp_url @@ -270,12 +306,11 @@ def print_otp(otp): def save_qr(otp, args, j): dir = args.saveqr - if not (path.exists(dir)): makedirs(dir, exist_ok=True) - pattern = rcompile(r'[\W_]+') + if not (os.path.exists(dir)): os.makedirs(dir, exist_ok=True) + pattern = re.compile(r'[\W_]+') file_otp_name = pattern.sub('', otp['name']) file_otp_issuer = pattern.sub('', otp['issuer']) - save_qr_file(args, otp['url'], - '{}/{}-{}{}.png'.format(dir, j, file_otp_name, '-' + file_otp_issuer if file_otp_issuer else '')) + save_qr_file(args, otp['url'], '{}/{}-{}{}.png'.format(dir, j, file_otp_name, '-' + file_otp_issuer if file_otp_issuer else '')) return file_otp_issuer @@ -330,8 +365,7 @@ def write_keepass_csv(args, otps): count_totp_entries += 1 if has_hotp: with open_file_or_stdout_for_csv(otp_filename_hotp) as outfile: - writer = csv.DictWriter(outfile, - ["Title", "User Name", "HmacOtp-Secret-Base32", "HmacOtp-Counter", "Group"]) + writer = csv.DictWriter(outfile, ["Title", "User Name", "HmacOtp-Secret-Base32", "HmacOtp-Counter", "Group"]) writer.writeheader() for otp in otps: if otp['type'] == 'hotp': @@ -344,10 +378,8 @@ def write_keepass_csv(args, otps): }) count_hotp_entries += 1 if not quiet: - if count_totp_entries > 0: print( - "Exported {} totp entries to keepass csv file {}".format(count_totp_entries, otp_filename_totp)) - if count_hotp_entries > 0: print( - "Exported {} hotp entries to keepass csv file {}".format(count_hotp_entries, otp_filename_hotp)) + if count_totp_entries > 0: print( "Exported {} totp entries to keepass csv file {}".format(count_totp_entries, otp_filename_totp)) + if count_hotp_entries > 0: print( "Exported {} hotp entries to keepass csv file {}".format(count_hotp_entries, otp_filename_hotp)) def write_json(args, otps): @@ -367,7 +399,7 @@ def has_otp_type(otps, otp_type): def add_pre_suffix(file, pre_suffix): '''filename.ext, pre -> filename.pre.ext''' - name, ext = path.splitext(file) + name, ext = os.path.splitext(file) return name + "." + pre_suffix + (ext if ext else "") @@ -386,10 +418,34 @@ def open_file_or_stdout_for_csv(filename): return open(filename, "w", encoding='utf-8', newline='') if filename != '-' else sys.stdout +def check_file_exists(filename): + if filename != '-' and not os.path.isfile(filename): + abort('\nERROR: Input file provided is non-existent or not a file.' + '\ninput file: {}'.format(filename)) + + +def is_binary(line): + try: + line.startswith('#') + return False + except (UnicodeDecodeError, AttributeError, TypeError): + return True + + +def check_module_available(module_name): + module_spec = importlib.util.find_spec(module_name) + return module_spec is not None + + def eprint(*args, **kwargs): '''Print to stderr.''' print(*args, file=sys.stderr, **kwargs) +def abort(*args, **kwargs): + eprint(*args, **kwargs) + sys.exit(1) + + if __name__ == '__main__': sys_main() diff --git a/pytest.ini b/pytest.ini new file mode 100644 index 0000000..f9a13fe --- /dev/null +++ b/pytest.ini @@ -0,0 +1,3 @@ +[pytest] +markers = + qreader: QR image reader tests diff --git a/requirements-dev.txt b/requirements-dev.txt index cd0cf17..8202127 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -2,5 +2,3 @@ wheel pytest flake8 pylint -qreader -opencv-python diff --git a/run_pytest.sh b/run_pytest.sh new file mode 100755 index 0000000..e77ffae --- /dev/null +++ b/run_pytest.sh @@ -0,0 +1,3 @@ +#!/bin/sh +cd /extract +pip install -U pytest && pytest "$@" diff --git a/setup.py b/setup.py index 2613dad..8c9d510 100644 --- a/setup.py +++ b/setup.py @@ -48,7 +48,9 @@ setup( install_requires=[ 'protobuf', 'qrcode', - 'Pillow' + 'Pillow', + 'qreader', + 'opencv-python' ], project_urls={ diff --git a/test/empty_file.txt b/test/empty_file.txt new file mode 100644 index 0000000..e69de29 diff --git a/test/print_verbose_output.txt b/test/print_verbose_output.txt index da20bf7..cf01dae 100644 --- a/test/print_verbose_output.txt +++ b/test/print_verbose_output.txt @@ -1,3 +1,24 @@ +Input files: ['example_export.txt'] +Processing infile example_export.txt +Reading lines of example_export.txt +# 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/ +# Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY +# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi +otpauth-migration://offline?data=CjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACjr4JKK%2B%2F%2F%2F%2F%2F8B + +# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY +otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACEAEYASAAKLzjp5n4%2F%2F%2F%2F%2FwE%3D + +# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi +# otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY +otpauth-migration://offline?data=CigKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpIAEoATACCjUKEPqlBekzoNEukL7qlsjBCDYSDnBpQHJhc3BiZXJyeXBpGgtyYXNwYmVycnlwaSABKAEwAhABGAEgACiQ7OOa%2Bf%2F%2F%2F%2F8B + +# otpauth://hotp/hotp%20demo?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&counter=4 +otpauth-migration://offline?data=CiUKEPqlBekzoNEukL7qlsjBCDYSCWhvdHAgZGVtbyABKAEwATgEEAEYASAAKNuv15j6%2F%2F%2F%2F%2FwE%3D + +# otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY +# Name: "encoding: ¿äÄéÉ? (demo)" +otpauth-migration://offline?data=CjYKEPqlBekzoNEukL7qlsjBCDYSHGVuY29kaW5nOiDCv8Okw4TDqcOJPyAoZGVtbykgASgBMAIQARgBIAAorfCurv%2F%2F%2F%2F%2F%2FAQ%3D%3D # 2FA example from https://www.raspberrypi.org/blog/setting-up-two-factor-authentication-on-your-raspberry-pi/ # Secret key: 7KSQL2JTUDIS5EF65KLMRQIIGY # otpauth://totp/pi@raspberrypi?secret=7KSQL2JTUDIS5EF65KLMRQIIGY&issuer=raspberrypi @@ -136,3 +157,4 @@ Secret: 7KSQL2JTUDIS5EF65KLMRQIIGY Type: totp otpauth://totp/encoding%3A%20%C2%BF%C3%A4%C3%84%C3%A9%C3%89%3F%20%28demo%29?secret=7KSQL2JTUDIS5EF65KLMRQIIGY +1 infile(s) processed diff --git a/test_extract_otp_secret_keys_pytest.py b/test_extract_otp_secret_keys_pytest.py index 110d239..0031971 100644 --- a/test_extract_otp_secret_keys_pytest.py +++ b/test_extract_otp_secret_keys_pytest.py @@ -18,13 +18,17 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, seeusage: extract_otp_secret_keys.py [-h] [--json FILE] [--csv FILE] [--keepass FILE] [--printqr] [--saveqr DIR] [--verbose | --quiet] infile [infile ...] positional arguments: - infile file or - for stdin with "otpauth-migration://..." URLs separated by newlines, lines starting with # are ignored + infile 1) file or - for stdin with "otpauth-migration://..." URLs separated by newlines, lines starting with # are ignored; or 2) image file containing a QR code or = for stdin for an image containing a QR code options: -h, --help show this help message and exit @@ -44,7 +56,13 @@ options: --printqr, -p print QR code(s) as text to the terminal (requires qrcode module) --saveqr DIR, -s DIR save QR code(s) as images to the given folder (requires qrcode module) --verbose, -v verbose output - --quiet, -q no stdout output, except output set by -+ --quiet, -q no stdout output, except output set by - + +examples: +python extract_otp_secret_keys.py example_*.txt +python extract_otp_secret_keys.py - < example_export.txt +python extract_otp_secret_keys.py --csv - example_*.png | tail -n+2 +python extract_otp_secret_keys.py = < example_export.png