Test locked keyring

* tests/conftest.py : Implement `LockedBackend` inheriting `KeyringBackend` and throwing `KeyringLocked` on access.

* tests\utils\test_authenticator.py : Test that locked keyrings still lead to a request.

* tests\utils\test_password_manager.py : Test that locked keyrings do not fail.

tests/conftest.py

@@ -12,9 +12,11 @@
 from typing import Any
 
 import httpretty
+import keyring
 import pytest
 
 from keyring.backend import KeyringBackend
+from keyring.errors import KeyringLocked
 
 from poetry.config.config import Config as BaseConfig
 from poetry.config.dict_config_source import DictConfigSource
@@ -113,31 +115,48 @@ def delete_password(self, service: str, username: str | None) -> None:
             del self._passwords[service][username]
 
 
+class LockedBackend(KeyringBackend):
+    @classmethod
+    def priority(cls) -> int:
+        return 42
+
+    def set_password(self, service: str, username: str | None, password: Any) -> None:
+        raise KeyringLocked()
+
+    def get_password(self, service: str, username: str | None) -> Any:
+        raise KeyringLocked()
+
+    def get_credential(self, service: str, username: str | None) -> Any:
+        raise KeyringLocked()
+
+    def delete_password(self, service: str, username: str | None) -> None:
+        raise KeyringLocked()
+
+
 @pytest.fixture()
 def dummy_keyring() -> DummyBackend:
     return DummyBackend()
 
 
 @pytest.fixture()
 def with_simple_keyring(dummy_keyring: DummyBackend) -> None:
-    import keyring
-
     keyring.set_keyring(dummy_keyring)
 
 
 @pytest.fixture()
 def with_fail_keyring() -> None:
-    import keyring
-
     from keyring.backends.fail import Keyring
 
     keyring.set_keyring(Keyring())  # type: ignore[no-untyped-call]
 
 
 @pytest.fixture()
-def with_null_keyring() -> None:
-    import keyring
+def with_locked_keyring() -> None:
+    keyring.set_keyring(LockedBackend())  # type: ignore[no-untyped-call]
+
 
+@pytest.fixture()
+def with_null_keyring() -> None:
     from keyring.backends.null import Keyring
 
     keyring.set_keyring(Keyring())  # type: ignore[no-untyped-call]
@@ -151,8 +170,6 @@ def with_chained_fail_keyring(mocker: MockerFixture) -> None:
         "keyring.backend.get_all_keyring",
         lambda: [Keyring()],  # type: ignore[no-untyped-call]
     )
-    import keyring
-
     from keyring.backends.chainer import ChainerBackend
 
     keyring.set_keyring(ChainerBackend())  # type: ignore[no-untyped-call]
@@ -166,8 +183,6 @@ def with_chained_null_keyring(mocker: MockerFixture) -> None:
         "keyring.backend.get_all_keyring",
         lambda: [Keyring()],  # type: ignore[no-untyped-call]
     )
-    import keyring
-
     from keyring.backends.chainer import ChainerBackend
 
     keyring.set_keyring(ChainerBackend())  # type: ignore[no-untyped-call]
@@ -206,8 +221,6 @@ def config(
     auth_config_source: DictConfigSource,
     mocker: MockerFixture,
 ) -> Config:
-    import keyring
-
     from keyring.backends.fail import Keyring
 
     keyring.set_keyring(Keyring())  # type: ignore[no-untyped-call]

tests/utils/test_authenticator.py

@@ -94,6 +94,19 @@ def test_authenticator_uses_username_only_credentials(
     assert request.headers["Authorization"] == "Basic Zm9vMDAxOg=="
 
 
+def test_authenticator_ignores_locked_keyring(
+    mock_config: Config,
+    mock_remote: None,
+    http: type[httpretty.httpretty],
+    with_locked_keyring: None,
+) -> None:
+    authenticator = Authenticator(mock_config, NullIO())
+    authenticator.request("get", "https://[email protected]/files/foo-0.1.0.tar.gz")
+    request = http.last_request()
+
+    assert request.headers["Authorization"] == "Basic Zm9vMDAxOg=="
+
+
 def test_authenticator_uses_password_only_credentials(
     mock_config: Config, mock_remote: None, http: type[httpretty.httpretty]
 ) -> None:

tests/utils/test_password_manager.py

@@ -190,6 +190,13 @@ def test_keyring_raises_errors_on_keyring_errors(
         key_ring.delete_password("foo", "bar")
 
 
+def test_keyring_returns_none_on_locked_keyring(with_locked_keyring: None) -> None:
+    key_ring = PoetryKeyring("poetry")
+
+    cred = key_ring.get_credential("any password", "any name")
+    assert cred.password is None
+
+
 def test_keyring_with_chainer_backend_and_fail_keyring_should_be_unavailable(
     with_chained_fail_keyring: None,
 ) -> None:
@@ -222,6 +229,12 @@ def test_fail_keyring_should_be_unavailable(
     assert not key_ring.is_available()
 
 
+def test_locked_keyring_should_be_available(with_locked_keyring: None) -> None:
+    key_ring = PoetryKeyring("poetry")
+
+    assert key_ring.is_available()
+
+
 def test_get_http_auth_from_environment_variables(
     environ: None, config: Config
 ) -> None: