diff --git a/news/8090.bugfix b/news/8090.bugfix new file mode 100644 index 00000000000..e9f2b7cbb9e --- /dev/null +++ b/news/8090.bugfix @@ -0,0 +1,3 @@ +Only attempt to use the keyring once and if it fails, don't try again. +This prevents spamming users with several keyring unlock prompts when they +cannot unlock or don't want to do so. diff --git a/src/pip/_internal/network/auth.py b/src/pip/_internal/network/auth.py index ca729fcdf5e..c49deaaf1b7 100644 --- a/src/pip/_internal/network/auth.py +++ b/src/pip/_internal/network/auth.py @@ -44,6 +44,7 @@ def get_keyring_auth(url, username): # type: (str, str) -> Optional[AuthInfo] """Return the tuple auth for a given url from keyring.""" + global keyring if not url or not keyring: return None @@ -69,6 +70,7 @@ def get_keyring_auth(url, username): logger.warning( "Keyring is skipped due to an exception: %s", str(exc), ) + keyring = None return None diff --git a/tests/unit/test_network_auth.py b/tests/unit/test_network_auth.py index 08320cfa143..8116b627f79 100644 --- a/tests/unit/test_network_auth.py +++ b/tests/unit/test_network_auth.py @@ -242,3 +242,29 @@ def test_keyring_get_credential(monkeypatch, url, expect): assert auth._get_new_credentials( url, allow_netrc=False, allow_keyring=True ) == expect + + +class KeyringModuleBroken(object): + """Represents the current supported API of keyring, but broken""" + + def __init__(self): + self._call_count = 0 + + def get_credential(self, system, username): + self._call_count += 1 + raise Exception("This keyring is broken!") + + +def test_broken_keyring_disables_keyring(monkeypatch): + keyring_broken = KeyringModuleBroken() + monkeypatch.setattr(pip._internal.network.auth, 'keyring', keyring_broken) + + auth = MultiDomainBasicAuth(index_urls=["http://example.com/"]) + + assert keyring_broken._call_count == 0 + for i in range(5): + url = "http://example.com/path" + str(i) + assert auth._get_new_credentials( + url, allow_netrc=False, allow_keyring=True + ) == (None, None) + assert keyring_broken._call_count == 1