From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.ciao.gmane.io!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: questions about correct reveal-mode usage to hide passwords Date: Thu, 11 Jun 2020 14:09:55 +0000 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="ciao.gmane.io:159.69.161.202"; logging-data="34060"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) To: emacs-devel@gnu.org Cancel-Lock: sha1:L4ciHUMACEtt9FurnfURPT2kRh4= Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu Jun 11 16:10:59 2020 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jjNv0-0008iR-8k for ged-emacs-devel@m.gmane-mx.org; Thu, 11 Jun 2020 16:10:58 +0200 Original-Received: from localhost ([::1]:47778 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jjNuz-0005Cv-Au for ged-emacs-devel@m.gmane-mx.org; Thu, 11 Jun 2020 10:10:57 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:56112) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jjNuA-0004Tg-Qz for emacs-devel@gnu.org; Thu, 11 Jun 2020 10:10:06 -0400 Original-Received: from ciao.gmane.io ([159.69.161.202]:33922) by eggs.gnu.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jjNu9-0004WK-Oh for emacs-devel@gnu.org; Thu, 11 Jun 2020 10:10:06 -0400 Original-Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1jjNu6-0007VJ-Rf for emacs-devel@gnu.org; Thu, 11 Jun 2020 16:10:02 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Received-SPF: pass client-ip=159.69.161.202; envelope-from=ged-emacs-devel@m.gmane-mx.org; helo=ciao.gmane.io X-detected-operating-system: by eggs.gnu.org: First seen = 2020/06/11 10:10:03 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -8 X-Spam_score: -0.9 X-Spam_bar: / X-Spam_report: (-0.9 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:252112 Archived-At: Hello, Following up on some old threads, I am trying to convert `authinfo-mode' (which Lars wrote) into a proper minor mode that can be used anywhere. I named the new minor mode `auth-source-reveal-mode' because in the Emacs scope, it will primarily live in auth-source.el and be used for visually hiding passwords in netrc/authinfo/JSON files. I am including the change below, and it's also in the branch scratch/tzz/auth-source-reveal-mode I ran into two problems with converting `authinfo-mode': * it doesn't update when the buffer is changed, but rather does one initial scan to install the overlays and then turns on `reveal-mode'. So further editing doesn't update, e.g. "password xyz" edited to "pass xyz" doesn't remove the hiding on xyz. I tried to add after-change functions but they don't seem to work well. Managing the overlays is a bit of a chore. It feels like reveal-mode should have a more automatic way of tracking this but I couldn't find it. I would appreciate some help there. * it doesn't have JSON support, so I'll need to add that. Re-parsing the entire buffer is too expensive. Is there a way to scan a smaller region using the built-in JSON parser? Or should I drop down to regular expressions to match "password": "xyz"? Currently that's a (debug) TODO and not as important as the above. (While researching this, I compared notes with the external packages hidepw-mode and password-mode. One[1] uses font-lock mode to adapt to change dynamically, which works well for live editing, but you can't see the password when you're editing it. The other[2] also doesn't seem to handle editing changes.) [1] https://github.com/jekor/hidepw/blob/master/hidepw.el [2] https://github.com/juergenhoetzel/password-mode/blob/master/password-mode.el Thanks! Ted -------------------------------------------------------------------- ;;; Tiny minor mode for editing .netrc/.authinfo modes (that basically ;;; just hides passwords). (defcustom auth-source-reveal-regex "password" "Regexp matching tokens or JSON keys in .authinfo/.netrc/JSON files. The text following the tokens or under the JSON keys will be hidden." :type 'regexp :version "27.1") (defcustom auth-source-reveal-json-modes '(json-mode js-mode js2-mode rjsx-mode) "List of symbols for modes that should use JSON parsing logic." :type 'list :version "27.1") (defun auth-source-reveal--propertize (start end hide) (save-excursion (goto-char start) (if (member major-mode auth-source-reveal-json-modes) ;; JSON modes (debug) ;; non-JSON modes (save-restriction (narrow-to-region (min (point-at-bol) start) (max (point-at-eol) end)) (cl-dolist (o (overlays-in (point-min) (point-max))) (when (overlay-get o 'display) (delete-overlay o))) (while (re-search-forward (format "\\(\\s-\\|^\\)\\(%s\\)\\s-+" auth-source-reveal-regex) nil t) (when (auth-source-netrc-looking-at-token) (let ((overlay (make-overlay (match-beginning 0) (match-end 0)))) (auth-source-reveal--display overlay hide) (overlay-put overlay 'reveal-toggle-invisible #'auth-source-reveal--display)))))))) (defun auth-source-reveal--display (overlay hide) (if hide (overlay-put overlay 'display ;; Make a string of * of the same size as the original (propertize (make-string 6 ?*) 'face 'warning)) (overlay-put overlay 'display nil))) (defun auth-source-reveal-after-change-function (start stop n) (auth-source-reveal--propertize start stop auth-source-reveal-mode)) ;; (progn ;; (setq auth-source-reveal-json-modes '(emacs-lisp-mode lisp-interaction-mode)) ;; (auth-source-reveal-mode t)) ;; (auth-source-reveal-mode -1) ;;;###autoload (define-minor-mode auth-source-reveal-mode "Toggle password hiding for auth-source files using `reveal-mode'. If called interactively, enable auth-source-reveal mode if ARG is positive, and disable it if ARG is zero or negative. If called from Lisp, also enable the mode if ARG is omitted or nil, and toggle it if ARG is toggle; disable the mode otherwise. When auth-source-reveal mode is enabled, password will be hidden using an overlay. See `auth-source-password-hide-regex' for the regex matching the tokens and keys associated with passwords." ;; The initial value. :init-value nil ;; The indicator for the mode line. :lighter " asr" :group 'auth-source (auth-source-do-trivia "Setting auth-source-reveal-mode to %S" auth-source-reveal-mode) (if auth-source-reveal-mode (add-hook 'after-change-functions #'auth-source-reveal-after-change-function nil t) (remove-hook 'after-change-functions #'auth-source-reveal-after-change-function t)) (auth-source-reveal--propertize (point-min) (point-max) auth-source-reveal-mode) (reveal-mode (if auth-source-reveal-mode 1 -1)))