From 1219aa811a44e33f2c1ed57d88b3265c55c8d06b Mon Sep 17 00:00:00 2001
From: Emmanouil Kampitakis <madonius@users.noreply.github.com>
Date: Thu, 14 Feb 2019 23:02:24 +0100
Subject: [PATCH] Feature/alphanumeric password in passwordstore (#38121)

* Alphanumeric only password may be generated

* Bump the ansible version this will have been added to 2.8
---
 lib/ansible/plugins/lookup/passwordstore.py | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/lib/ansible/plugins/lookup/passwordstore.py b/lib/ansible/plugins/lookup/passwordstore.py
index 89c389ae483..be74dc9b8b2 100644
--- a/lib/ansible/plugins/lookup/passwordstore.py
+++ b/lib/ansible/plugins/lookup/passwordstore.py
@@ -51,6 +51,11 @@ DOCUMENTATION = """
         type: bool
         default: 'no'
         version_added: 2.7
+      nosymbols:
+        description: use alphanumeric characters
+        type: bool
+        default: 'no'
+        version_added: 2.8
 """
 EXAMPLES = """
 # Debug is used for examples, BAD IDEA to show passwords on screen
@@ -72,6 +77,9 @@ EXAMPLES = """
   debug:
     msg: "{{ lookup('passwordstore', 'example/test create=true overwrite=true')}}"
 
+- name: Create an alphanumeric password
+  debug: msg="{{ lookup('passwordstore', 'example/test create=true nosymbols=true) }}"
+
 - name: Return the value for user in the KV pair user, username
   debug:
     msg: "{{ lookup('passwordstore', 'example/test subkey=user')}}"
@@ -96,6 +104,7 @@ from ansible.errors import AnsibleError, AnsibleAssertionError
 from ansible.module_utils._text import to_bytes, to_native, to_text
 from ansible.utils.encrypt import random_password
 from ansible.plugins.lookup import LookupBase
+from ansible import constants as C
 
 
 # backhacked check_output with input for python 2.7
@@ -155,7 +164,7 @@ class LookupModule(LookupBase):
                 raise AnsibleError(e)
             # check and convert values
             try:
-                for key in ['create', 'returnall', 'overwrite', 'backup']:
+                for key in ['create', 'returnall', 'overwrite', 'backup', 'nosymbols']:
                     if not isinstance(self.paramvals[key], bool):
                         self.paramvals[key] = util.strtobool(self.paramvals[key])
             except (ValueError, AssertionError) as e:
@@ -198,10 +207,15 @@ class LookupModule(LookupBase):
         return True
 
     def get_newpass(self):
+        if self.paramvals['nosymbols']:
+            chars = C.DEFAULT_PASSWORD_CHARS[:62]
+        else:
+            chars = C.DEFAULT_PASSWORD_CHARS
+
         if self.paramvals['userpass']:
             newpass = self.paramvals['userpass']
         else:
-            newpass = random_password(length=self.paramvals['length'])
+            newpass = random_password(length=self.paramvals['length'], chars=chars)
         return newpass
 
     def update_password(self):
@@ -250,6 +264,7 @@ class LookupModule(LookupBase):
             'create': False,
             'returnall': False,
             'overwrite': False,
+            'nosymbols': False,
             'userpass': '',
             'length': 16,
             'backup': False,