Credentials Management
Using Squore Agent, it is possible to save your credentials to disk and encrypt them by using a master key.
Storing credentials on disk, will help avoid typing your password every time you create a project, and also avoid saving the password in your script files.
Credentials and master key are stored in respective files, credentials.xml and credentialsSecurity.xml, located in folder:
-
Linux: $HOME/.squore
-
Windows: %USERPROFILE%\.squore
Saving credentials
To store credentials, simply execute the following command and provide the prompted information:
java -jar squore-agent.jar --save-credentials
Where:
-
Server Id, is the server URL for which to save the password or token. It can be Squore’s URL, SCM’s or any other tool’s.
-
Login, is the username for which to save the password or token. (Optional in case of a token).
-
Token, is the user token (Authentication and Security).
-
Password, is the user password.
The credentials.xml file looks as follows:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<credentials version="1.0">
<server>
<id>http://localhost:8180</id>
<credential>
<login>demo</login>
<token>eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjIsImlhd[...]</token>
<password>demo</password>
</credential>
</server>
...
</credentials>
The encryption confirmation prompt can be bypassed by using the --ignore-master-key option in the command line, as follows:
|
The interactive prompt can be bypassed by directly providing the information in the command line, as follows:
|
If you want to clear the credentials, simply remove the file $HOME/.squore/credentials.xml on Linux or %USERPROFILE%\.squore\credentials.xml on Windows. |
Encrypting credentials
It is possible to define a master key in order to encrypt the credentials defined in the credentials.xml file.
To define the master key, simply execute the following command and provide the prompted information:
java -jar squore-agent.jar --encrypt-master-key
Where:
-
Master key, is the passphrase/password that will be used to encrypt the credentials.
The file credentialsSecurity.xml will be generated containing the encrypted master key:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<credentialsSecurity>
<masterKey>{t/+kctF9r6gHitDsnLrWWQcxmGESPbuISPnnJsTNqZ8=}</masterKey>
</credentialsSecurity>
Then, any credentials added using Squore Agent will be encrypted in the credentials.xml file:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<credentials version="1.0">
<server>
<id>http://localhost:8180/</id>
<credential>
<login>demo</login>
<token>eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjIsImlhd[...]</token>
<password>demo</password>
</credential>
</server>
<server>
<id>http://svn/server/url/project/trunk/</id>
<credential>
<login>username</login>
<password>{JaUtuyMkEBcHvJRqj7a2c5V4Mv8gVPPrlgCLmpaGhoE=}</password>
</credential>
</server>
...
</credentials>
The interactive prompt can be bypassed by directly providing the information in the command line, as follows:
|
If you want to clear the master key, simply remove the file $HOME/.squore/credentialsSecurity.xml on Linux or %USERPROFILE%\.squore\credentialsSecurity.xml on Windows. |
Migrating old credentials format
Old credentials format stored in file .squorerc, can be migrated to the new credentials.xml format.
Just execute the following command:
java -jar squore-agent.jar http://localhost:8180 --migrate-legacy-data
If the credentials already exists in the credentials.xml file, they will not be replaced. |