aspera-cli 4.4.0 → 4.5.0

data/lib/aspera/cli/plugins/ats.rb

@@ -44,9 +44,7 @@ module Aspera
           commands=[:create,:list,:show,:modify,:delete,:node,:cluster,:entitlement]
           command=self.options.get_next_command(commands)
           # those dont require access key id
-          unless [:create,:list].include?(command)
-            access_key_id=self.options.get_option(:id,:mandatory)
-          end
+          access_key_id=self.instance_identifier() unless [:create,:list].include?(command)
           case command
           when :create
             params=self.options.get_option(:params,:optional) || {}
@@ -102,21 +100,24 @@ module Aspera
             ak_data=ats_api_pub_v1.read("access_keys/#{access_key_id}")[:data]
             server_data=@ats_api_pub.all_servers.select {|i| i['id'].start_with?(ak_data['transfer_server_id'])}.first
             raise CliError,"no such server found" if server_data.nil?
+            base_url=server_data['transfer_setup_url']
             api_node=Rest.new({
-              :base_url => server_data['transfer_setup_url'],
+              :base_url => base_url,
               :auth     => {
               :type     => :basic,
               :username => access_key_id,
-              :password => @agents[:secret].get_secret(access_key_id)}})
+              :password => @agents[:config].get_secret(url: base_url,username: access_key_id)
+              }})
             command=self.options.get_next_command(Node::COMMON_ACTIONS)
             return Node.new(@agents.merge(skip_basic_auth_options: true, node_api: api_node)).execute_action(command)
           when :cluster
+            base_url=ats_api_pub_v1.params[:base_url]
             rest_params={
-              :base_url => ats_api_pub_v1.params[:base_url],
+              :base_url => base_url,
               :auth     => {
               :type     => :basic,
               :username => access_key_id,
-              :password => @agents[:secret].get_secret(access_key_id)
+              :password => @agents[:config].get_secret(url: base_url, username: access_key_id)
               }}
             api_ak_auth=Rest.new(rest_params)
             return {:type=>:single_object, :data=>api_ak_auth.read("servers")[:data]}
@@ -132,10 +133,10 @@ module Aspera
           when :list
             return {:type=>:object_list, :data=>@ats_api_pub.all_servers, :fields=>['id','cloud','region']}
           when :show
-            server_id=self.options.get_option(:id,:optional)
-            if server_id.nil?
+            if self.options.get_option(:cloud,:optional) or self.options.get_option(:region,:optional)
               server_data=server_by_cloud_region
             else
+              server_id=instance_identifier()
               server_data=@ats_api_pub.all_servers.select {|i| i['id'].eql?(server_id)}.first
               raise "no such server id" if server_data.nil?
             end
@@ -160,7 +161,7 @@ module Aspera
         def execute_action_api_key
           command=self.options.get_next_command([:instances, :create, :list, :show, :delete])
           if [:show,:delete].include?(command)
-            concerned_id=self.options.get_option(:id,:mandatory)
+            concerned_id=self.instance_identifier()
           end
           rest_add_header={}
           if !command.eql?(:instances)

data/lib/aspera/cli/plugins/bss.rb

@@ -46,7 +46,7 @@ module Aspera
               # give fields to keep order
               return {:type=>:object_list, :data=>result['data'][object],:fields=> FIELDS['bssSubscriptions']}
             when :show
-              id = self.options.get_option(:id,:mandatory)
+              id = self.instance_identifier()
               request={
                 'variables'=>{'id'=>id},
                 'query'=>"query($id: ID!) {#{object}(id: $id) { #{all_fields('bssSubscriptions')} roleAssignments(uniqueSubjectId: true) { id subjectId } instances { id state planId serviceId ssmSubscriptionId entitlement { id } aocOrganization { id subdomainName name status tier urlId trialExpiresAt users(organizationAdmin: true) { id name email atsAdmin subscriptionAdmin } } } } }"
@@ -55,7 +55,7 @@ module Aspera
               result.delete('instances')
               return {:type=>:single_object, :data=>result}
             when :instances
-              id = self.options.get_option(:id,:mandatory)
+              id = self.instance_identifier()
               request={
                 'variables'=>{'id'=>id},
                 'query'=>"query($id: ID!) {#{object}(id: $id) { aocOrganization { id subdomainName name status tier urlId trialExpiresAt } } } }"

data/lib/aspera/cli/plugins/config.rb

@@ -2,7 +2,6 @@ require 'aspera/cli/basic_auth_plugin'
 require 'aspera/cli/extended_value'
 require 'aspera/fasp/installation'
 require 'aspera/fasp/parameters'
-require 'aspera/api_detector'
 require 'aspera/open_application'
 require 'aspera/aoc'
 require 'aspera/proxy_auto_config'
@@ -10,6 +9,8 @@ require 'aspera/uri_reader'
 require 'aspera/rest'
 require 'aspera/persistency_action_once'
 require 'aspera/id_generator'
+require 'aspera/keychain/encrypted_hash'
+require 'aspera/keychain/macos_security'
 require 'xmlsimple'
 require 'base64'
 require 'net/smtp'
@@ -31,6 +32,7 @@ module Aspera
         CONF_PRESET_VERSION='version'
         CONF_PRESET_DEFAULT='default'
         CONF_PRESET_GLOBAL='global_common_defaults'
+        CONF_PRESET_SECRETS='default_secrets'
         CONF_PLUGIN_SYM = :config # Plugins::Config.name.split('::').last.downcase.to_sym
         CONF_GLOBAL_SYM = :config
         # old tool name
@@ -48,7 +50,7 @@ module Aspera
         SERVER_COMMAND='server'
         CONNECT_WEB_URL = 'https://d3gcli72yxqn2z.cloudfront.net/connect'
         CONNECT_VERSIONS = 'connectversions.js'
-        TRANSFER_SDK_ARCHIVE_URL = 'https://ibm.biz/aspera_sdk'
+        TRANSFER_SDK_ARCHIVE_URL = 'https://ibm.biz/aspera_transfer_sdk'
         DEMO='demo'
         DEMO_SERVER_PRESET='demoserver'
         AOC_PATH_API_CLIENTS='admin/api-clients'
@@ -69,7 +71,7 @@ END_OF_TEMPLATE
         :CONF_PRESET_GLOBAL,:PROGRAM_NAME_V1,:PROGRAM_NAME_V2,:DEFAULT_REDIRECT,:ASPERA_PLUGINS_FOLDERNAME,
         :RUBY_FILE_EXT,:AOC_COMMAND_V1,:AOC_COMMAND_V2,:AOC_COMMAND_V3,:AOC_COMMAND_CURRENT,:DEMO,
         :TRANSFER_SDK_ARCHIVE_URL,:AOC_PATH_API_CLIENTS,:DEMO_SERVER_PRESET,:EMAIL_TEST_TEMPLATE,:EXTV_INCLUDE_PRESETS,
-        :EXTV_PRESET,:DEFAULT_CHECK_NEW_VERSION_DAYS,:DEFAULT_PRIV_KEY_FILENAME,:SERVER_COMMAND
+        :EXTV_PRESET,:DEFAULT_CHECK_NEW_VERSION_DAYS,:DEFAULT_PRIV_KEY_FILENAME,:SERVER_COMMAND,:CONF_PRESET_SECRETS
         def option_preset; nil; end
 
         def option_preset=(value)
@@ -86,12 +88,12 @@ END_OF_TEMPLATE
 
         def initialize(env,tool_name,help_url,version,main_folder)
           super(env)
-          raise 'missing secret manager' if @agents[:secret].nil?
           @plugins={}
           @plugin_lookup_folders=[]
           @use_plugin_defaults=true
           @config_presets=nil
           @connect_versions=nil
+          @vault=nil
           @program_version=version
           @tool_name=tool_name
           @help_url=help_url
@@ -111,24 +113,25 @@ END_OF_TEMPLATE
           # add preset handler (needed for smtp)
           ExtendedValue.instance.set_handler(EXTV_PRESET,:reader,lambda{|v|preset_by_name(v)})
           ExtendedValue.instance.set_handler(EXTV_INCLUDE_PRESETS,:decoder,lambda{|v|expanded_with_preset_includes(v)})
+          # load defaults before it can be overriden
+          self.add_plugin_default_preset(CONF_GLOBAL_SYM)
+          self.options.parse_options!
           self.options.set_obj_attr(:ascp_path,self,:option_ascp_path)
           self.options.set_obj_attr(:use_product,self,:option_use_product)
           self.options.set_obj_attr(:preset,self,:option_preset)
-          self.options.set_obj_attr(:secret,@agents[:secret],:default_secret)
-          self.options.set_obj_attr(:secrets,@agents[:secret],:all_secrets)
           self.options.add_opt_switch(:no_default,'-N','do not load default configuration for plugin') { @use_plugin_defaults=false }
           self.options.add_opt_boolean(:override,'Wizard: override existing value')
           self.options.add_opt_boolean(:use_generic_client,'Wizard: AoC: use global or org specific jwt client id')
           self.options.add_opt_boolean(:default,'Wizard: set as default configuration for specified plugin (also: update)')
           self.options.add_opt_boolean(:test_mode,'Wizard: skip private key check step')
+          self.options.add_opt_simple(:preset,'-PVALUE','load the named option preset from current config file')
           self.options.add_opt_simple(:pkeypath,'Wizard: path to private key for JWT')
           self.options.add_opt_simple(:ascp_path,'path to ascp')
           self.options.add_opt_simple(:use_product,'use ascp from specified product')
           self.options.add_opt_simple(:smtp,'smtp configuration (extended value: hash)')
           self.options.add_opt_simple(:fpac,'proxy auto configuration URL')
-          self.options.add_opt_simple(:preset,'-PVALUE','load the named option preset from current config file')
           self.options.add_opt_simple(:secret,'default secret')
-          self.options.add_opt_simple(:secrets,'secret repository (Hash)')
+          self.options.add_opt_simple(:secrets,'secret vault')
           self.options.add_opt_simple(:sdk_url,'URL to get SDK')
           self.options.add_opt_simple(:sdk_folder,'SDK folder path')
           self.options.add_opt_simple(:notif_to,'email recipient for notification of transfers')
@@ -142,7 +145,6 @@ END_OF_TEMPLATE
           self.options.set_option(:sdk_folder,File.join(@main_folder,'sdk'))
           self.options.set_option(:override,:no)
           self.options.parse_options!
-          raise CliBadArgument,'secrets shall be Hash' unless @agents[:secret].all_secrets.is_a?(Hash)
           Fasp::Installation.instance.folder=self.options.get_option(:sdk_folder,:mandatory)
         end
 
@@ -191,8 +193,8 @@ END_OF_TEMPLATE
         # retrieve structure from cloud (CDN) with all versions available
         def connect_versions
           if @connect_versions.nil?
-            api_connect_cdn=Rest.new({:base_url=>CONNECT_WEB_URL})
-            javascript=api_connect_cdn.call({:operation=>'GET',:subpath=>CONNECT_VERSIONS})
+            api_connect_cdn=Rest.new({base_url: CONNECT_WEB_URL})
+            javascript=api_connect_cdn.call({operation: 'GET',subpath: CONNECT_VERSIONS})
             # get result on one line
             connect_versions_javascript=javascript[:http].body.gsub(/\r?\n\s*/,'')
             Log.log.debug("javascript=[\n#{connect_versions_javascript}\n]")
@@ -238,9 +240,9 @@ END_OF_TEMPLATE
 
         # instanciate a plugin
         # plugins must be Capitalized
-        def self.plugin_new(plugin_name_sym,env)
+        def self.plugin_class(plugin_name_sym)
           # Module.nesting[2] is Aspera::Cli
-          return Object::const_get("#{Module.nesting[2].to_s}::Plugins::#{plugin_name_sym.to_s.capitalize}").new(env)
+          return Object::const_get("#{Module.nesting[2].to_s}::Plugins::#{plugin_name_sym.to_s.capitalize}")
         end
 
         def self.flatten_all_config(t)
@@ -255,10 +257,15 @@ END_OF_TEMPLATE
 
         # set parameter and value in global config
         # creates one if none already created
-        # @return preset that contains global default
+        # @return preset name that contains global default
         def set_global_default(key,value)
           # get default preset if it exists
-          global_default_preset_name=get_plugin_default_config_name(CONF_GLOBAL_SYM) || CONF_PRESET_GLOBAL
+          global_default_preset_name=get_plugin_default_config_name(CONF_GLOBAL_SYM)
+          if global_default_preset_name.nil?
+            global_default_preset_name=CONF_PRESET_GLOBAL
+            @config_presets[CONF_PRESET_DEFAULT]||={}
+            @config_presets[CONF_PRESET_DEFAULT][CONF_GLOBAL_SYM.to_s]=global_default_preset_name
+          end
           @config_presets[global_default_preset_name]||={}
           @config_presets[global_default_preset_name][key.to_s]=value
           self.format.display_status("Updated: #{global_default_preset_name}: #{key} <- #{value}")
@@ -446,14 +453,42 @@ END_OF_TEMPLATE
             Log.log.warn("skipping plugin already registered: #{plugin_symbol}")
             return
           end
-          @plugins[plugin_symbol]={:source=>path,:require_stanza=>req}
+          @plugins[plugin_symbol]={source: path,require_stanza: req}
+        end
+
+        def identify_plugin_for_url(url)
+          plugins.each do |plugin_name_sym,plugin_info|
+            next if plugin_name_sym.eql?(CONF_PLUGIN_SYM)
+            require plugin_info[:require_stanza]
+            c=self.class.plugin_class(plugin_name_sym)
+            if c.respond_to?(:detect)
+              current_url=url
+              begin
+                res=c.send(:detect,current_url)
+                return res.merge(product: plugin_name_sym, url: current_url) unless res.nil?
+              rescue
+              end
+              begin
+                # is there a redirect ?
+                result=Rest.new({:base_url=>url}).call({operation: 'GET',subpath: '',redirect_max: 1})
+                current_url=result[:http].uri.to_s
+                # check if redirect
+                if ! url.eql?(current_url)
+                  res=c.send(:detect,current_url)
+                  return res.merge(product: plugin_name_sym, url: current_url) unless res.nil?
+                end
+              rescue
+              end
+            end
+          end
+          raise "No known application found at #{url}"
         end
 
         def execute_connect_action
           command=self.options.get_next_command([:list,:id])
           case command
           when :list
-            return {:type=>:object_list, :data=>connect_versions, :fields => ['id','title','version']}
+            return {type: :object_list, data: connect_versions, fields: ['id','title','version']}
           when :id
             connect_id=self.options.get_next_argument('id or title')
             one_res=connect_versions.select{|i|i['id'].eql?(connect_id) || i['title'].eql?(connect_id)}.first
@@ -462,13 +497,13 @@ END_OF_TEMPLATE
             case command
             when :info # shows files used
               one_res.delete('links')
-              return {:type=>:single_object, :data=>one_res}
+              return {type: :single_object, data: one_res}
             when :links # shows files used
               command=self.options.get_next_command([:list,:id])
               all_links=one_res['links']
               case command
               when :list # shows files used
-                return {:type=>:object_list, :data=>all_links}
+                return {type: :object_list, data: all_links}
               when :id
                 link_title=self.options.get_next_argument('title')
                 one_link=all_links.select {|i| i['title'].eql?(link_title)}.first
@@ -477,10 +512,10 @@ END_OF_TEMPLATE
                 when :download #
                   folder_dest=self.transfer.destination_folder('receive')
                   #folder_dest=self.options.get_next_argument('destination folder')
-                  api_connect_cdn=Rest.new({:base_url=>CONNECT_WEB_URL})
+                  api_connect_cdn=Rest.new({base_url: CONNECT_WEB_URL})
                   fileurl = one_link['href']
                   filename=fileurl.gsub(%r{.*/},'')
-                  api_connect_cdn.call({:operation=>'GET',:subpath=>fileurl,:save_to_file=>File.join(folder_dest,filename)})
+                  api_connect_cdn.call({operation: 'GET',subpath: fileurl,save_to_file: File.join(folder_dest,filename)})
                   return Main.result_status("Downloaded: #{filename}")
                 when :open #
                   OpenApplication.instance.uri(one_link['href'])
@@ -503,7 +538,7 @@ END_OF_TEMPLATE
             preset_name=set_global_default(:ascp_path,ascp_path)
             return Main.result_status("Saved to default global preset #{preset_name}")
           when :show # shows files used
-            return {:type=>:status, :data=>Fasp::Installation.instance.path(:ascp)}
+            return {type: :status, data: Fasp::Installation.instance.path(:ascp)}
           when :info # shows files used
             data=Fasp::Installation::FILES.inject({}) do |m,v|
               m[v.to_s]=Fasp::Installation.instance.path(v) rescue 'Not Found'
@@ -528,12 +563,12 @@ END_OF_TEMPLATE
               end
             end
             data['keypass']=Fasp::Installation.instance.bypass_pass
-            return {:type=>:single_object, :data=>data}
+            return {type: :single_object, data: data}
           when :products
             command=self.options.get_next_command([:list,:use])
             case command
             when :list
-              return {:type=>:object_list, :data=>Fasp::Installation.instance.installed_products, :fields=>['name','app_root']}
+              return {type: :object_list, data: Fasp::Installation.instance.installed_products, fields: ['name','app_root']}
             when :use
               default_product=self.options.get_next_argument('product name')
               Fasp::Installation.instance.use_ascp_from_product(default_product)
@@ -549,109 +584,122 @@ END_OF_TEMPLATE
           raise "unexpected case: #{command}"
         end
 
-        ACTIONS=[:gem_path, :genkey,:plugins,:flush_tokens,:list,:overview,:open,:echo,:id,:documentation,:wizard,:export_to_cli,:detect,:coffee,:ascp,:email_test,:smtp_settings,:proxy_check,:folder,:file,:check_update,:initdemo]
+        # legacy actions available globally
+        PRESET_GBL_ACTIONS=[:list,:overview].freeze
+        # require existing preset
+        PRESET_EXST_ACTIONS=[:show,:delete,:get,:unset].freeze
+        # require id
+        PRESET_INSTANCE_ACTIONS=[PRESET_EXST_ACTIONS,:initialize,:update,:ask,:set].flatten.freeze
+        PRESET_ALL_ACTIONS=[PRESET_GBL_ACTIONS,PRESET_INSTANCE_ACTIONS].flatten.freeze
+
+        def execute_file_action(action,config_name)
+          action=self.options.get_next_command(PRESET_ALL_ACTIONS) if action.nil?
+          config_name=instance_identifier() if config_name.nil? and PRESET_INSTANCE_ACTIONS.include?(action)
+          # those operations require existing option
+          raise "no such preset: #{config_name}" if PRESET_EXST_ACTIONS.include?(action) and !@config_presets.has_key?(config_name)
+          selected_preset=@config_presets[config_name]
+          case action
+          when :list
+            return {type: :value_list, data: @config_presets.keys, name: 'name'}
+          when :overview
+            return {type: :object_list, data: self.class.flatten_all_config(@config_presets)}
+          when :show
+            raise "no such config: #{config_name}" if selected_preset.nil?
+            return {type: :single_object, data: selected_preset}
+          when :delete
+            @config_presets.delete(config_name)
+            save_presets_to_config_file
+            return Main.result_status("Deleted: #{config_name}")
+          when :get
+            param_name=self.options.get_next_argument('parameter name')
+            value=selected_preset[param_name]
+            raise "no such option in preset #{config_name} : #{param_name}" if value.nil?
+            case value
+            when Numeric,String; return {type: :text, data: ExtendedValue.instance.evaluate(value.to_s)}
+            end
+            return {type: :single_object, data: value}
+          when :unset
+            param_name=self.options.get_next_argument('parameter name')
+            selected_preset.delete(param_name)
+            save_presets_to_config_file
+            return Main.result_status("Removed: #{config_name}: #{param_name}")
+          when :set
+            param_name=self.options.get_next_argument('parameter name')
+            param_value=self.options.get_next_argument('parameter value')
+            if !@config_presets.has_key?(config_name)
+              Log.log.debug("no such config name: #{config_name}, initializing")
+              selected_preset=@config_presets[config_name]={}
+            end
+            if selected_preset.has_key?(param_name)
+              Log.log.warn("overwriting value: #{selected_preset[param_name]}")
+            end
+            selected_preset[param_name]=param_value
+            save_presets_to_config_file
+            return Main.result_status("Updated: #{config_name}: #{param_name} <- #{param_value}")
+          when :initialize
+            config_value=self.options.get_next_argument('extended value (Hash)')
+            if @config_presets.has_key?(config_name)
+              Log.log.warn("configuration already exists: #{config_name}, overwriting")
+            end
+            @config_presets[config_name]=config_value
+            save_presets_to_config_file
+            return Main.result_status("Modified: #{@option_config_file}")
+          when :update
+            #  get unprocessed options
+            theopts=self.options.get_options_table
+            Log.log.debug("opts=#{theopts}")
+            @config_presets[config_name]||={}
+            @config_presets[config_name].merge!(theopts)
+            # fix bug in 4.4 (creating key "true" in "default" preset)
+            @config_presets[CONF_PRESET_DEFAULT].delete(true) if @config_presets[CONF_PRESET_DEFAULT].is_a?(Hash)
+            save_presets_to_config_file
+            return Main.result_status("Updated: #{config_name}")
+          when :ask
+            self.options.ask_missing_mandatory=:yes
+            @config_presets[config_name]||={}
+            self.options.get_next_argument('option names',:multiple).each do |optionname|
+              option_value=self.options.get_interactive(:option,optionname)
+              @config_presets[config_name][optionname]=option_value
+            end
+            save_presets_to_config_file
+            return Main.result_status("Updated: #{config_name}")
+          end
+        end
+
+        ACTIONS=[PRESET_GBL_ACTIONS,:id,:preset,:open,:documentation,:genkey,:gem_path,:plugins,:flush_tokens,:echo,:wizard,:export_to_cli,:detect,:coffee,:ascp,:email_test,:smtp_settings,:proxy_check,:folder,:file,:check_update,:initdemo,:vault].flatten.freeze
 
         # "config" plugin
         def execute_action
           action=self.options.get_next_command(ACTIONS)
           case action
-          when :id
-            config_name=self.options.get_next_argument('config name')
-            action=self.options.get_next_command([:show,:delete,:set,:get,:unset,:initialize,:update,:ask])
-            # those operations require existing option
-            raise "no such preset: #{config_name}" if [:show,:delete,:get,:unset].include?(action) and !@config_presets.has_key?(config_name)
-            selected_preset=@config_presets[config_name]
-            case action
-            when :show
-              raise "no such config: #{config_name}" if selected_preset.nil?
-              return {:type=>:single_object,:data=>selected_preset}
-            when :delete
-              @config_presets.delete(config_name)
-              save_presets_to_config_file
-              return Main.result_status("Deleted: #{config_name}")
-            when :get
-              param_name=self.options.get_next_argument('parameter name')
-              value=selected_preset[param_name]
-              raise "no such option in preset #{config_name} : #{param_name}" if value.nil?
-              case value
-              when Numeric,String; return {:type=>:text,:data=>ExtendedValue.instance.evaluate(value.to_s)}
-              end
-              return {:type=>:single_object,:data=>value}
-            when :unset
-              param_name=self.options.get_next_argument('parameter name')
-              selected_preset.delete(param_name)
-              save_presets_to_config_file
-              return Main.result_status("Removed: #{config_name}: #{param_name}")
-            when :set
-              param_name=self.options.get_next_argument('parameter name')
-              param_value=self.options.get_next_argument('parameter value')
-              if !@config_presets.has_key?(config_name)
-                Log.log.debug("no such config name: #{config_name}, initializing")
-                selected_preset=@config_presets[config_name]={}
-              end
-              if selected_preset.has_key?(param_name)
-                Log.log.warn("overwriting value: #{selected_preset[param_name]}")
-              end
-              selected_preset[param_name]=param_value
-              save_presets_to_config_file
-              return Main.result_status("Updated: #{config_name}: #{param_name} <- #{param_value}")
-            when :initialize
-              config_value=self.options.get_next_argument('extended value (Hash)')
-              if @config_presets.has_key?(config_name)
-                Log.log.warn("configuration already exists: #{config_name}, overwriting")
-              end
-              @config_presets[config_name]=config_value
-              save_presets_to_config_file
-              return Main.result_status("Modified: #{@option_config_file}")
-            when :update
-              default_for_plugin=self.options.get_option(:default,:mandatory)
-              #  get unprocessed options
-              theopts=self.options.get_options_table
-              Log.log.debug("opts=#{theopts}")
-              @config_presets[config_name]||={}
-              @config_presets[config_name].merge!(theopts)
-              if ! default_for_plugin.nil?
-                @config_presets[CONF_PRESET_DEFAULT]||=Hash.new
-                @config_presets[CONF_PRESET_DEFAULT][default_for_plugin]=config_name
-              end
-              save_presets_to_config_file
-              return Main.result_status("Updated: #{config_name}")
-            when :ask
-              self.options.ask_missing_mandatory=:yes
-              @config_presets[config_name]||={}
-              self.options.get_next_argument('option names',:multiple).each do |optionname|
-                option_value=self.options.get_interactive(:option,optionname)
-                @config_presets[config_name][optionname]=option_value
-              end
-              save_presets_to_config_file
-              return Main.result_status("Updated: #{config_name}")
-            end
+          when *PRESET_GBL_ACTIONS # older syntax
+            return execute_file_action(action,nil)
+          when :id # older syntax
+            return execute_file_action(nil,self.options.get_next_argument('config name'))
+          when :preset # newer syntax
+            return execute_file_action(nil,nil)
+          when :open
+            OpenApplication.instance.uri("#{@option_config_file}") #file://
+            return Main.result_nothing
           when :documentation
             section=options.get_next_argument('private key file path',:single,:optional)
             section='#'+section unless section.nil?
             OpenApplication.instance.uri("#{@help_url}#{section}")
             return Main.result_nothing
-          when :open
-            OpenApplication.instance.uri("#{@option_config_file}") #file://
-            return Main.result_nothing
           when :genkey # generate new rsa key
             private_key_path=self.options.get_next_argument('private key file path')
             generate_rsa_private_key(private_key_path,DEFAULT_PRIVKEY_LENGTH)
             return Main.result_status('Generated key: '+private_key_path)
           when :echo # display the content of a value given on command line
-            result={:type=>:other_struct, :data=>self.options.get_next_argument('value')}
+            result={type: :other_struct, data: self.options.get_next_argument('value')}
             # special for csv
             result[:type]=:object_list if result[:data].is_a?(Array) and result[:data].first.is_a?(Hash)
             return result
           when :flush_tokens
             deleted_files=Oauth.flush_tokens
-            return {:type=>:value_list, :name=>'file',:data=>deleted_files}
+            return {type: :value_list, data: deleted_files, name: 'file'}
           when :plugins
-            return {:data => @plugins.keys.map { |i| { 'plugin' => i.to_s, 'path' => @plugins[i][:source] } } , :fields => ['plugin','path'], :type => :object_list }
-          when :list
-            return {:data => @config_presets.keys, :type => :value_list, :name => 'name'}
-          when :overview
-            return {:type=>:object_list,:data=>self.class.flatten_all_config(@config_presets)}
+            return {type: :object_list, data: @plugins.keys.map { |i| { 'plugin' => i.to_s, 'path' => @plugins[i][:source] } } , fields: ['plugin','path']}
           when :wizard
             # interactive mode
             self.options.ask_missing_mandatory=true
@@ -661,7 +709,7 @@ END_OF_TEMPLATE
             instance_url=self.options.get_option(:url,:mandatory)
             # allow user to tell the preset name
             preset_name=self.options.get_option(:id,:optional)
-            appli=ApiDetector.discover_product(instance_url)
+            appli=identify_plugin_for_url(instance_url)
             plugin_name="<replace per app>"
             test_args="<replace per app>"
             case appli[:product]
@@ -704,7 +752,7 @@ END_OF_TEMPLATE
               # make username mandatory for jwt, this triggers interactive input
               self.options.get_option(:username,:mandatory)
               # instanciate AoC plugin, so that command line options are known
-              files_plugin=self.class.plugin_new(plugin_name,@agents.merge({skip_basic_auth_options: true, private_key_path: private_key_path}))
+              files_plugin=self.class.plugin_class(plugin_name).new(@agents.merge({skip_basic_auth_options: true, private_key_path: private_key_path}))
               aoc_api=files_plugin.get_api
               auto_set_pub_key=false
               auto_set_jwt=false
@@ -786,7 +834,7 @@ END_OF_TEMPLATE
             # need url / username
             add_plugin_default_preset(AOC_COMMAND_V3.to_sym)
             # instanciate AoC plugin
-            files_plugin=self.class.plugin_new(AOC_COMMAND_CURRENT,@agents) # TODO: is this line needed ?
+            files_plugin=self.class.plugin_class(AOC_COMMAND_CURRENT).new(@agents) # TODO: is this line needed ?
             url=self.options.get_option(:url,:mandatory)
             cli_conf_file=Fasp::Installation.instance.cli_conf_file
             data=JSON.parse(File.read(cli_conf_file))
@@ -818,7 +866,7 @@ END_OF_TEMPLATE
           when :detect
             # need url / username
             BasicAuthPlugin.new(@agents)
-            return Main.result_status("Found: #{ApiDetector.discover_product(self.options.get_option(:url,:mandatory))}")
+            return Main.result_status("Found: #{identify_plugin_for_url(self.options.get_option(:url,:mandatory))}")
           when :coffee
             OpenApplication.instance.uri('https://enjoyjava.com/wp-content/uploads/2018/01/How-to-make-strong-coffee.jpg')
             return Main.result_nothing
@@ -834,13 +882,13 @@ END_OF_TEMPLATE
             send_email_template({},EMAIL_TEST_TEMPLATE)
             return Main.result_nothing
           when :smtp_settings
-            return {:type=>:single_object,:data=>email_settings}
+            return {type: :single_object, data: email_settings}
           when :proxy_check
             pac_url=self.options.get_option(:fpac,:mandatory)
             server_url=self.options.get_next_argument('server url')
             return Main.result_status(Aspera::ProxyAutoConfig.new(UriReader.read(pac_url)).get_proxy(server_url))
           when :check_update
-            return {:type=>:single_object, :data=>check_gem_version}
+            return {type: :single_object, data: check_gem_version}
           when :initdemo
             if @config_presets.has_key?(DEMO_SERVER_PRESET)
               Log.log.warn("Demo server preset already present: #{DEMO_SERVER_PRESET}")
@@ -858,6 +906,46 @@ END_OF_TEMPLATE
             end
             save_presets_to_config_file
             return Main.result_status("Done")
+          when :vault
+            command=self.options.get_next_command([:init,:list,:get,:set,:delete])
+            case command
+            when :init
+              type=self.options.get_option(:value,:optional)
+              case type
+              when 'config',NilClass
+                raise "default secrets already exists" if @config_presets.has_key?(CONF_PRESET_SECRETS)
+                @config_presets[CONF_PRESET_SECRETS]={}
+                set_global_default(:secrets,"@preset:#{CONF_PRESET_SECRETS}")
+              else raise "no such vault type"
+              end
+              return Main.result_status("Done")
+            when :list
+              return {type: :object_list, data: vault.list}
+            when :set
+              # register url option
+              BasicAuthPlugin.new(@agents.merge(skip_option_header: true))
+              username=self.options.get_option(:username,:mandatory)
+              url=self.options.get_option(:url,:mandatory)
+              description=self.options.get_option(:value,:optional)
+              secret=self.options.get_next_argument('secret')
+              vault.set(username: username, url: url, description: description, secret: secret)
+              save_presets_to_config_file if vault.is_a?(Keychain::EncryptedHash)
+              return Main.result_status("Done")
+            when :get
+              # register url option
+              BasicAuthPlugin.new(@agents.merge(skip_option_header: true))
+              username=self.options.get_option(:username,:mandatory)
+              url=self.options.get_option(:url,:optional)
+              result=vault.get(username: username, url: url)
+              return {type: :single_object, data: result}
+            when :delete
+              # register url option
+              BasicAuthPlugin.new(@agents.merge(skip_option_header: true))
+              username=self.options.get_option(:username,:mandatory)
+              url=self.options.get_option(:url,:optional)
+              result=vault.delete(username: username, url: url)
+              return Main.result_status("Done")
+            end
           else raise 'INTERNAL ERROR: wrong case'
           end
         end
@@ -941,6 +1029,42 @@ END_OF_TEMPLATE
           return nil
         end # get_plugin_default_config_name
 
+        def vault
+          if @vault.nil?
+            vault_info=self.options.get_option(:secrets,:optional)
+            case vault_info
+            when Hash
+              @vault=Keychain::EncryptedHash.new(vault_info)
+            when /^system/
+              name=vault_info.start_with?('system:') ? vault_info[7..-1] : nil
+              case Environment.os
+              when Environment::OS_X
+                @vault=Keychain::MacosSecurity.new(name)
+              when Environment::OS_WINDOWS,Environment::OS_LINUX,Environment::OS_AIX
+                raise "not implemented"
+              else raise "Error"
+              end
+            when NilClass
+              # keep nil
+            else
+              raise CliBadArgument,'secrets shall be Hash'
+            end
+          end
+          raise "No vault defined" if @vault.nil?
+          @vault
+        end
+
+        def get_secret(options)
+          raise "options shall be Hash" unless options.is_a?(Hash)
+          raise "options shall have username" unless options.has_key?(:username)
+          secret=self.options.get_option(:secret,:optional)
+          if secret.nil?
+            secret=vault.get(options) rescue nil
+            # mandatory by default
+            raise "please provide secret for #{options[:username]}" if secret.nil? and ( options[:mandatory].nil? or options[:mandatory] )
+          end
+          return secret
+        end
       end
     end
   end