# websauna.utils.secrets module¶

exception websauna.utils.secrets.MissingSecretsEnvironmentVariable[source]

Bases: Exception

Thrown when we try to interpolate an environment variable that does not exist.

websauna.utils.secrets.read_ini_secrets(secrets_file, strict=True)[source]

Read plaintext .INI file to pick up secrets.

Dummy secrets handler which does not have encryption. Reads INI file. Creates dictionary keys in format [ini section name].[ini key name] = value. Entries with a leading $are environment variable expansions. Example INI contents: [authentication] secret = CHANGEME [authomatic] # This is a secret seed used in various OAuth related keys secret = CHANGEME [facebook] consumer_key =$FACEBOOK_CONSUMER_KEY


The following secrets_file formats are supported

• A path relative to the current working directory, e.g. test-secrets.ini
• Absolute path using file:// URL: file:///etc/myproject/mysecrets.ini
• A path relative to deployed Python package. E.g. resource://websauna/conf/test-settings.ini
Parameters: secrets_file – URI like resource://websauna/conf/test-settings.ini strict – Bail out in the environment variable expansion if the environment variable is not. Useful e.g. for testing when all users are not assumed to know all secrets. In non-strict mode if the environment variable is missing the secret value is set to None. dict ConfigParser instance.
websauna.utils.secrets.resolve(uri)[source]

Resolve secrets location.