Hi everyone,
I have written a Python script within a toolbox that uses a hidden string as an input parameter. This is intended to allow the user to log in to an ArcGIS Portal and access specific portal elements. However, the script fails due to an invalid password error.
Here's a summary of what I've tried:
Using getParameterAsText():
input_password = arcpy.GetParameterAsText(1)
Using getParameter with the arcgisscripting module:
import arcgisscripting
gp = arcgisscripting.create()
portal_password = gp.GetParameterAsText(1)
This returns a hashed version of the password, which also doesn't work for the login. Despite these attempts, the login fails, indicating that the password is not being correctly handled.
Here is the relevant part of my code (without using the arcgisscripting module):
import arcpy
from arcgis.gis import GIS
# Input parameters
input_username = arcpy.GetParameterAsText(0) # Username
input_password = arcpy.GetParameterAsText(1) # Password (Hidden String)
# Constants
portal_url = "https://www.arcgis.com" # ArcGIS Portal URL
allowed_usernames = ["user1@ENV", "user2@ENV", "user3@ENV"] # Example allowed usernames
# Construct the portal username
portal_username = input_username
arcpy.AddMessage(f"Portal Username: {portal_username}")
# Check the length of the password
arcpy.AddMessage(f"Password length: {len(input_password)}")
# Authenticate the user
if portal_username in allowed_usernames:
arcpy.AddMessage("Username is allowed")
try:
# Attempt to log in
gis = GIS(portal_url, portal_username, input_password)
arcpy.AddMessage("Authentication successful")
# Additional code to utilize portal elements
except Exception as e:
arcpy.AddError(f"Authentication failed: {str(e)}")
else:
arcpy.AddError("Username is not allowed")
Does anyone know how to properly handle hidden string parameters for passwords in scripts? Are there any other methods or best practices to ensure the password is correctly passed and decrypted?
Any help would be greatly appreciated!
Thanks!
Daniel
