-
Notifications
You must be signed in to change notification settings - Fork 794
/
Copy pathpassword.rb
39 lines (35 loc) · 1.2 KB
/
password.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# frozen_string_literal: true
require 'digest/sha1'
# @summary
# Hash a string as mysql's "PASSWORD()" function would do it
#
Puppet::Functions.create_function(:'mysql::password') do
# @param password
# Plain text password.
# @param sensitive
# If the mysql password hash should be of datatype Sensitive[String]
#
# @return hash
# The mysql password hash from the clear text password.
#
dispatch :password do
required_param 'Variant[String, Sensitive[String]]', :password
optional_param 'Boolean', :sensitive
return_type 'Variant[String, Sensitive[String]]'
end
def password(password, sensitive = false)
password = password.unwrap if password.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive)
result_string = if %r{\*[A-F0-9]{40}$}.match?(password) || %r{0x24412430303524[A-F0-9]{63}$}.match?(password)
password
elsif password.empty?
''
else
"*#{Digest::SHA1.hexdigest(Digest::SHA1.digest(password)).upcase}"
end
if sensitive
Puppet::Pops::Types::PSensitiveType::Sensitive.new(result_string)
else
result_string
end
end
end