chore: Add script to generate pypi mfa qr (microsoft#2150)

* chore: Add script to generate pypi mfa qr * nit * fixed formatting * propagate caught exception --------- Co-authored-by: Mark Hamilton <[email protected]>
JessicaXYWang · Jan 31, 2024 · fa9ba2e · fa9ba2e
1 parent 9b008b5
commit fa9ba2e
Showing 1 changed file with 48 additions and 0 deletions.
diff --git a/tools/pypi/generate-pypi-mfa-qr.py b/tools/pypi/generate-pypi-mfa-qr.py
@@ -0,0 +1,48 @@
+import qrcode
+import subprocess
+from io import BytesIO
+from PIL import Image
+from azure.identity import DefaultAzureCredential
+from azure.keyvault.secrets import SecretClient
+
+vault_url = "https://mmlspark-keys.vault.azure.net"
+secret_name = "pypi-mfa-uri"
+
+
+def retrieve_secret_from_keyvault(vault_url, secret_name):
+    try:
+        return (
+            SecretClient(vault_url=vault_url, credential=DefaultAzureCredential())
+            .get_secret(secret_name)
+            .value
+        )
+    except Exception as e:
+        raise Exception(
+            "Failed to retrieve the secret from Azure Key Vault. Ensure you are logged in with an appropiate account with 'az login'",
+            e,
+        )
+
+
+def generate_qr_code(text):
+    qr = qrcode.QRCode(
+        version=1,
+        error_correction=qrcode.constants.ERROR_CORRECT_L,
+        box_size=10,
+        border=4,
+    )
+    qr.add_data(text)
+    qr.make(fit=True)
+    qr_img = qr.make_image(fill_color="black", back_color="white")
+    return qr_img
+
+
+def main():
+    keyvault_secret_value = retrieve_secret_from_keyvault(vault_url, secret_name)
+
+    if keyvault_secret_value is not None:
+        qr_img = generate_qr_code(keyvault_secret_value)
+        qr_img.show()
+
+
+if __name__ == "__main__":
+    main()