bosh_cli 1.2902.0 → 1.2905.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cli/client/uaa.rb +67 -13
  3. data/lib/cli/uaa_login_strategy.rb +7 -4
  4. data/lib/cli/version.rb +1 -1
  5. metadata +11 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 19c9cd4f833a3224f4d43207e1c66cfe52920a65
4
- data.tar.gz: 59021c4b5c48314318d6b9607c80ed04ed62db01
3
+ metadata.gz: de2564930c27f2fd9d359408cf6db62f24b3fa4d
4
+ data.tar.gz: ee4c60205ad3c57171787bd1d596c34a499875ba
5
5
  SHA512:
6
- metadata.gz: 76e5c79e0300f5359af52aea8fa6b407c6245154888c9cb4eaf74fe056545240e940f3c07e48a4a0ed0a7abc58077732bbf5b3311b33cd94403969a79a2028fb
7
- data.tar.gz: 3946323d25b1b5d95c7b5b10c9c8427a10c1f19d8f62c740c64cc011e02b403479f7e3995307998f6c302359eec1043339ef774ad3785a9fbe88783be4c006c4
6
+ metadata.gz: 17e44063a1bf787858122d8631f2b3107e00b33cb6215adca4cb5fa1ef8db197c43e11ed6fecb9979867b8940c6580405e69474851ed885bc7bedb1dec1027d6
7
+ data.tar.gz: cbc4ec1c66b8ff81d5abb5a21c316c7283935075d2647e4b387fbcb4c06534502d5100558e0dba5a1c62e0dc527356e6db3c893644e95bc079aff4ace556e4e3
data/lib/cli/client/uaa.rb CHANGED
@@ -5,43 +5,97 @@ module Bosh
5
5
  module Cli
6
6
  module Client
7
7
  class Uaa
8
+ class AccessInfo < Struct.new(:username, :token); end
9
+
8
10
  def initialize(options, ssl_ca_file)
9
11
  url = options.fetch('url')
10
12
  unless URI.parse(url).instance_of?(URI::HTTPS)
11
13
  err('Failed to connect to UAA, HTTPS protocol is required')
12
14
  end
13
15
  @ssl_ca_file = ssl_ca_file
14
- @token_issuer = CF::UAA::TokenIssuer.new(url, 'bosh_cli', nil, { ssl_ca_file: ssl_ca_file })
16
+
17
+ token_decoder = TokenDecoder.new
18
+ if ENV['BOSH_CLIENT'] && ENV['BOSH_CLIENT_SECRET']
19
+ @token_issuer = ClientTokenIssuer.new(url, ssl_ca_file, token_decoder)
20
+ else
21
+ @token_issuer = PasswordTokenIssuer.new(url, ssl_ca_file, token_decoder)
22
+ end
15
23
  end
16
24
 
17
25
  def prompts
18
- @token_issuer.prompts.map do |field, (type, display_text)|
19
- Prompt.new(field, type, display_text)
20
- end
26
+ @token_issuer.prompts
21
27
  rescue CF::UAA::SSLException => e
22
28
  raise e unless @ssl_ca_file.nil?
23
29
  err('Invalid SSL Cert. Use --ca-cert to specify SSL certificate')
24
30
  end
25
31
 
26
32
  def login(credentials)
27
- token = @token_issuer.implicit_grant_with_creds(credentials)
28
- if token
29
- decoded = CF::UAA::TokenCoder.decode(
30
- token.info['access_token'],
31
- { verify: false }, # token signature not verified because CLI doesn't have the secret key
32
- nil, nil)
33
- full_token = "#{token.info['token_type']} #{token.info['access_token']}"
34
- { username: decoded['user_name'], token: full_token }
35
- end
33
+ @token_issuer.access_info(credentials)
34
+ rescue CF::UAA::TargetError => e
35
+ err("Failed to log in: #{e.info['error_description']}")
36
36
  rescue CF::UAA::BadResponse
37
37
  nil
38
38
  end
39
39
 
40
+ private
41
+
42
+ class ClientTokenIssuer
43
+ def initialize(url, ssl_ca_file, token_decoder)
44
+ @token_issuer = CF::UAA::TokenIssuer.new(url, ENV['BOSH_CLIENT'], ENV['BOSH_CLIENT_SECRET'], {ssl_ca_file: ssl_ca_file})
45
+ @token_decoder = token_decoder
46
+ end
47
+
48
+ def prompts
49
+ {}
50
+ end
51
+
52
+ def access_info(_)
53
+ token = @token_issuer.client_credentials_grant
54
+ decoded = @token_decoder.decode(token)
55
+
56
+ username = decoded['client_id'] if decoded
57
+ AccessInfo.new(username, nil)
58
+ end
59
+ end
60
+
61
+ class PasswordTokenIssuer
62
+ def initialize(url, ssl_ca_file, token_decoder)
63
+ @token_issuer = CF::UAA::TokenIssuer.new(url, 'bosh_cli', nil, {ssl_ca_file: ssl_ca_file})
64
+ @token_decoder = token_decoder
65
+ end
66
+
67
+ def prompts
68
+ @token_issuer.prompts.map do |field, (type, display_text)|
69
+ Prompt.new(field, type, display_text)
70
+ end
71
+ end
72
+
73
+ def access_info(credentials)
74
+ credentials = credentials.select { |_, c| !c.empty? }
75
+ token = @token_issuer.owner_password_credentials_grant(credentials)
76
+ decoded = @token_decoder.decode(token)
77
+
78
+ username = decoded['user_name'] if decoded
79
+ access_token = "#{token.info['token_type']} #{token.info['access_token']}"
80
+
81
+ AccessInfo.new(username, access_token)
82
+ end
83
+ end
84
+
40
85
  class Prompt < Struct.new(:field, :type, :display_text)
41
86
  def password?
42
87
  type == 'password'
43
88
  end
44
89
  end
90
+
91
+ class TokenDecoder
92
+ def decode(token)
93
+ CF::UAA::TokenCoder.decode(
94
+ token.info['access_token'],
95
+ {verify: false}, # token signature not verified because CLI doesn't have the secret key
96
+ nil, nil)
97
+ end
98
+ end
45
99
  end
46
100
  end
47
101
  end
data/lib/cli/uaa_login_strategy.rb CHANGED
@@ -22,10 +22,13 @@ module Bosh
22
22
  end
23
23
  end
24
24
 
25
- if results = @uaa.login(credentials)
26
- @terminal.say_green("Logged in as `#{results[:username]}'")
27
- @config.set_credentials(target, { 'token' => results[:token] })
28
- @config.save
25
+ if access_info = @uaa.login(credentials)
26
+ @terminal.say_green("Logged in as `#{access_info.username}'")
27
+
28
+ if access_info.token
29
+ @config.set_credentials(target, { 'token' => access_info.token })
30
+ @config.save
31
+ end
29
32
  else
30
33
  err('Failed to log in')
31
34
  end
data/lib/cli/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Bosh
2
2
  module Cli
3
- VERSION = '1.2902.0'
3
+ VERSION = '1.2905.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bosh_cli
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2902.0
4
+ version: 1.2905.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - VMware
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-03-26 00:00:00.000000000 Z
11
+ date: 2015-03-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bosh_common
@@ -16,42 +16,42 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 1.2902.0
19
+ version: 1.2905.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 1.2902.0
26
+ version: 1.2905.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: bosh-template
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.2902.0
33
+ version: 1.2905.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.2902.0
40
+ version: 1.2905.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: cf-uaa-lib
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: 3.2.0
47
+ version: 3.2.1
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: 3.2.0
54
+ version: 3.2.1
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: json_pure
57
57
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.2902.0
131
+ version: 1.2905.0
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.2902.0
138
+ version: 1.2905.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: net-ssh
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -306,7 +306,7 @@ dependencies:
306
306
  version: '0'
307
307
  description: |-
308
308
  BOSH CLI
309
- ac0a41
309
+ 327a58
310
310
  email: support@cloudfoundry.com
311
311
  executables:
312
312
  - bosh