Improve log messages for connecting/authenticating to the YubiKey

dinvlad · Aug 22, 2020 · e51869b · e51869b
1 parent 9d9ca40
commit e51869b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 7 deletions.
diff --git a/google_yubikey/device.py b/google_yubikey/device.py
@@ -26,15 +26,18 @@
 DEFAULT_LIFETIME = 3600
 
 
-def _info(message: str, file=sys.stderr):
+def _log(message: str, file=sys.stderr):
     """ Print information for the user """
     print(message, file=file)
 
 
-def get_yubikey():
+def get_yubikey(stream=sys.stderr):
     """ Sets up YubiKey communication """
+    _log('Connecting to the YubiKey...', stream)
     dev = open_device()
-    return YubiKey(dev.driver)
+    yubikey = YubiKey(dev.driver)
+    _log('Connected', stream)
+    return yubikey
 
 
 _CACHED_PIN = CachedItem()
@@ -46,7 +49,7 @@ def authenticate(yubikey: YubiKey, prompt_management_key: bool,
     """ Authenticates user to the YubiKey """
     global _CACHED_PIN, _CACHED_MGMT_KEY  # pylint: disable=global-statement
 
-    _info('Authenticating to the YubiKey...', stream)
+    _log('Authenticating to the YubiKey...', stream)
 
     pin = _CACHED_PIN.value
     if _CACHED_PIN.expired():
@@ -62,19 +65,21 @@ def authenticate(yubikey: YubiKey, prompt_management_key: bool,
         _CACHED_MGMT_KEY = CachedItem(None, mgmt_key, cache_lifetime)
     yubikey.authenticate(mgmt_key, touch_callback=prompt_for_touch)
 
+    _log('Authenticated', stream)
+
 
 def gen_private_key(yubikey: YubiKey, slot: SLOT, prompt_management_key: bool,
                     pin_policy: PIN_POLICY, touch_policy: TOUCH_POLICY,
                     subject: str, valid_days: int):
     """ Generates a private key and certificate on the YubiKey """
     authenticate(yubikey, prompt_management_key)
 
-    _info('Generating private key on YubiKey...')
+    _log('Generating private key on YubiKey...')
     public_key = yubikey.generate_key(
         slot.value, _KEY_ALG, pin_policy.value, touch_policy.value,
     )
 
-    _info('Generating certificate on YubiKey...')
+    _log('Generating certificate on YubiKey...')
     start = datetime.now()
     end = start + timedelta(days=valid_days)
     yubikey.generate_self_signed_certificate(

diff --git a/google_yubikey/metadata.py b/google_yubikey/metadata.py
@@ -208,7 +208,7 @@ def create_uwsgi_app():
     """ Sets up uWSGI app for GCE metadata server """
     opts = UWSGIOpts()
     log = _get_log('gce_metadata', opts.verbosity)
-    yubikey = get_yubikey()
+    yubikey = get_yubikey(sys.stdout)
     app = Flask(__name__)
 
     @app.before_request