bosh_cli 1.2980.0 → 1.2981.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/cli.rb +3 -0
- data/lib/cli/base_command.rb +7 -5
- data/lib/cli/client/uaa/access_info.rb +60 -1
- data/lib/cli/client/uaa/auth_info.rb +54 -0
- data/lib/cli/client/uaa/client.rb +61 -0
- data/lib/cli/client/uaa/client_token_issuer.rb +22 -7
- data/lib/cli/client/uaa/password_token_issuer.rb +7 -7
- data/lib/cli/client/uaa/token_decoder.rb +2 -1
- data/lib/cli/client/uaa/token_provider.rb +70 -0
- data/lib/cli/commands/login.rb +8 -17
- data/lib/cli/commands/misc.rb +7 -5
- data/lib/cli/config.rb +27 -2
- data/lib/cli/uaa_login_strategy.rb +4 -10
- data/lib/cli/version.rb +1 -1
- metadata +12 -11
- data/lib/cli/client/uaa.rb +0 -41
- data/lib/cli/client/uaa/options.rb +0 -34
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a8e1d3bf5c54dd7d88ea097bc989c0fee02b2481
|
4
|
+
data.tar.gz: 52c1003f0a7f996c73e66987953a4087e58ccca8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9c16af5b713b12caa76ad0711b80905d9cfca32cb24fbf6f57a94bfd3588425b58c9aed8ef7b817ac91c466e6f5a04176fcc5a04ed61fb08527f1bd83b6af19f
|
7
|
+
data.tar.gz: 3cdbb9050100b5f0ee45ce0ac2c957f682072aca593fcbe08ac29ad337433a203392110760ba156447086915a53f6cd3a4ee0b66bffb9a2af3b5d372539ff3c4
|
data/lib/cli.rb
CHANGED
@@ -107,6 +107,9 @@ require 'cli/command_handler'
|
|
107
107
|
require 'cli/runner'
|
108
108
|
require 'cli/base_command'
|
109
109
|
|
110
|
+
require 'cli/client/uaa/token_provider'
|
111
|
+
require 'cli/client/uaa/auth_info'
|
112
|
+
|
110
113
|
tmpdir = Dir.mktmpdir
|
111
114
|
at_exit { FileUtils.rm_rf(tmpdir) }
|
112
115
|
ENV['TMPDIR'] = tmpdir
|
data/lib/cli/base_command.rb
CHANGED
@@ -1,5 +1,3 @@
|
|
1
|
-
# Copyright (c) 2009-2012 VMware, Inc.
|
2
|
-
|
3
1
|
module Bosh::Cli
|
4
2
|
module Command
|
5
3
|
class Base
|
@@ -102,11 +100,15 @@ module Bosh::Cli
|
|
102
100
|
end
|
103
101
|
|
104
102
|
def credentials
|
105
|
-
|
106
|
-
|
103
|
+
director_client = Client::Director.new(target)
|
104
|
+
auth_info = Client::Uaa::AuthInfo.new(director_client, ENV, config.ca_cert(target))
|
105
|
+
token_decoder = Client::Uaa::TokenDecoder.new
|
106
|
+
uaa_token_provider = Client::Uaa::TokenProvider.new(auth_info, config, token_decoder, target)
|
107
|
+
auth_token = uaa_token_provider.token
|
108
|
+
return Client::UaaCredentials.new(auth_token) if auth_token
|
107
109
|
|
108
110
|
if username && password
|
109
|
-
return
|
111
|
+
return Client::BasicCredentials.new(username, password)
|
110
112
|
end
|
111
113
|
|
112
114
|
nil
|
@@ -2,7 +2,66 @@ module Bosh
|
|
2
2
|
module Cli
|
3
3
|
module Client
|
4
4
|
module Uaa
|
5
|
-
class AccessInfo
|
5
|
+
class AccessInfo
|
6
|
+
EXPIRATION_DEADLINE_IN_SECONDS = 30
|
7
|
+
|
8
|
+
def self.from_config(config_access_token, refresh_token, token_decoder)
|
9
|
+
token_type, access_token = config_access_token.split(' ')
|
10
|
+
return nil unless token_type && access_token
|
11
|
+
|
12
|
+
token_info = CF::UAA::TokenInfo.new({
|
13
|
+
access_token: access_token,
|
14
|
+
refresh_token: refresh_token,
|
15
|
+
token_type: token_type,
|
16
|
+
})
|
17
|
+
new(token_info, token_decoder)
|
18
|
+
end
|
19
|
+
|
20
|
+
def initialize(token_info, token_decoder)
|
21
|
+
@token_info = token_info
|
22
|
+
@token_decoder = token_decoder
|
23
|
+
end
|
24
|
+
|
25
|
+
def auth_header
|
26
|
+
@token_info.auth_header
|
27
|
+
end
|
28
|
+
|
29
|
+
def refresh_token
|
30
|
+
@token_info.info[:refresh_token] || @token_info.info['refresh_token']
|
31
|
+
end
|
32
|
+
|
33
|
+
def was_issued_for?(other_username)
|
34
|
+
username == other_username
|
35
|
+
end
|
36
|
+
|
37
|
+
def expires_soon?
|
38
|
+
expiration = token_data[:exp] || token_data['exp']
|
39
|
+
(Time.at(expiration).to_i - Time.now.to_i) < EXPIRATION_DEADLINE_IN_SECONDS
|
40
|
+
end
|
41
|
+
|
42
|
+
def token_data
|
43
|
+
@token_data ||= @token_decoder.decode(@token_info)
|
44
|
+
end
|
45
|
+
|
46
|
+
def to_hash
|
47
|
+
{
|
48
|
+
'access_token' => auth_header,
|
49
|
+
'refresh_token' => refresh_token
|
50
|
+
}
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
class ClientAccessInfo < AccessInfo
|
55
|
+
def username
|
56
|
+
token_data['client_id']
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
class PasswordAccessInfo < AccessInfo
|
61
|
+
def username
|
62
|
+
token_data['user_name']
|
63
|
+
end
|
64
|
+
end
|
6
65
|
end
|
7
66
|
end
|
8
67
|
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
require 'cli/errors'
|
2
|
+
|
3
|
+
module Bosh
|
4
|
+
module Cli
|
5
|
+
module Client
|
6
|
+
module Uaa
|
7
|
+
class AuthInfo
|
8
|
+
class ValidationError < Bosh::Cli::CliError; end
|
9
|
+
|
10
|
+
attr_reader :ssl_ca_file, :client_id, :client_secret
|
11
|
+
|
12
|
+
def initialize(director, env, ssl_ca_file)
|
13
|
+
@director = director
|
14
|
+
@client_id, @client_secret = env['BOSH_CLIENT'], env['BOSH_CLIENT_SECRET']
|
15
|
+
@ssl_ca_file = ssl_ca_file
|
16
|
+
end
|
17
|
+
|
18
|
+
def client_auth?
|
19
|
+
!@client_id.nil? && !@client_secret.nil?
|
20
|
+
end
|
21
|
+
|
22
|
+
def uaa?
|
23
|
+
auth_info['type'] == 'uaa'
|
24
|
+
end
|
25
|
+
|
26
|
+
def url
|
27
|
+
auth_info.fetch('options', {}).fetch('url', nil)
|
28
|
+
end
|
29
|
+
|
30
|
+
def validate!
|
31
|
+
return unless uaa?
|
32
|
+
|
33
|
+
unless URI.parse(url).instance_of?(URI::HTTPS)
|
34
|
+
raise ValidationError.new('HTTPS protocol is required')
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
private
|
39
|
+
|
40
|
+
def auth_info
|
41
|
+
director_info.fetch('user_authentication', {})
|
42
|
+
end
|
43
|
+
|
44
|
+
def director_info
|
45
|
+
@director_info ||= @director.get_status
|
46
|
+
rescue Bosh::Cli::AuthError
|
47
|
+
{}
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
@@ -0,0 +1,61 @@
|
|
1
|
+
require 'uaa'
|
2
|
+
require 'uri'
|
3
|
+
require 'cli/client/uaa/client_token_issuer'
|
4
|
+
require 'cli/client/uaa/password_token_issuer'
|
5
|
+
require 'cli/client/uaa/token_decoder'
|
6
|
+
|
7
|
+
module Bosh
|
8
|
+
module Cli
|
9
|
+
module Client
|
10
|
+
module Uaa
|
11
|
+
class Client
|
12
|
+
def initialize(target, auth_info, config)
|
13
|
+
@target = target
|
14
|
+
token_decoder = TokenDecoder.new
|
15
|
+
if auth_info.client_auth?
|
16
|
+
token_issuer = ClientTokenIssuer.new(auth_info, token_decoder)
|
17
|
+
else
|
18
|
+
token_issuer = PasswordTokenIssuer.new(auth_info, token_decoder)
|
19
|
+
end
|
20
|
+
@ssl_ca_file = auth_info.ssl_ca_file
|
21
|
+
@token_issuer = token_issuer
|
22
|
+
@config = config
|
23
|
+
end
|
24
|
+
|
25
|
+
def prompts
|
26
|
+
@token_issuer.prompts
|
27
|
+
rescue CF::UAA::SSLException => e
|
28
|
+
raise e unless @ssl_ca_file.nil?
|
29
|
+
err('Invalid SSL Cert. Use --ca-cert option when setting target to specify SSL certificate')
|
30
|
+
end
|
31
|
+
|
32
|
+
def access_info(prompt_responses)
|
33
|
+
with_save { @token_issuer.access_info(prompt_responses) }
|
34
|
+
rescue CF::UAA::TargetError => e
|
35
|
+
err("Failed to log in: #{e.info['error_description']}")
|
36
|
+
rescue CF::UAA::BadResponse
|
37
|
+
nil
|
38
|
+
end
|
39
|
+
|
40
|
+
def refresh(access_info)
|
41
|
+
with_save { @token_issuer.refresh(access_info) }
|
42
|
+
rescue CF::UAA::TargetError
|
43
|
+
nil
|
44
|
+
end
|
45
|
+
|
46
|
+
private
|
47
|
+
|
48
|
+
def with_save
|
49
|
+
access_info = yield
|
50
|
+
if access_info.auth_header
|
51
|
+
@config.set_credentials(@target, access_info.to_hash)
|
52
|
+
@config.save
|
53
|
+
end
|
54
|
+
|
55
|
+
access_info
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -1,10 +1,12 @@
|
|
1
|
+
require 'cli/client/uaa/access_info'
|
2
|
+
|
1
3
|
module Bosh
|
2
4
|
module Cli
|
3
5
|
module Client
|
4
6
|
module Uaa
|
5
7
|
class ClientTokenIssuer
|
6
|
-
def initialize(
|
7
|
-
@
|
8
|
+
def initialize(auth_info, token_decoder)
|
9
|
+
@auth_info = auth_info
|
8
10
|
@token_decoder = token_decoder
|
9
11
|
end
|
10
12
|
|
@@ -13,13 +15,26 @@ module Bosh
|
|
13
15
|
end
|
14
16
|
|
15
17
|
def access_info(_)
|
16
|
-
|
17
|
-
|
18
|
+
@auth_info.validate!
|
19
|
+
|
20
|
+
token = token_issuer.client_credentials_grant
|
21
|
+
ClientAccessInfo.new(token, @token_decoder)
|
22
|
+
end
|
23
|
+
|
24
|
+
def refresh(_)
|
25
|
+
# For client credentials there is no refresh token, so obtain access token again
|
26
|
+
access_info(_)
|
27
|
+
end
|
18
28
|
|
19
|
-
|
29
|
+
private
|
20
30
|
|
21
|
-
|
22
|
-
|
31
|
+
def token_issuer
|
32
|
+
@token_issuer ||= CF::UAA::TokenIssuer.new(
|
33
|
+
@auth_info.url,
|
34
|
+
@auth_info.client_id,
|
35
|
+
@auth_info.client_secret,
|
36
|
+
{ ssl_ca_file: @auth_info.ssl_ca_file }
|
37
|
+
)
|
23
38
|
end
|
24
39
|
end
|
25
40
|
end
|
@@ -18,15 +18,15 @@ module Bosh
|
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
21
|
-
def access_info(
|
22
|
-
credentials =
|
21
|
+
def access_info(prompt_responses)
|
22
|
+
credentials = prompt_responses.select { |_, c| !c.empty? }
|
23
23
|
token = @token_issuer.owner_password_credentials_grant(credentials)
|
24
|
-
|
25
|
-
|
26
|
-
username = decoded['user_name'] if decoded
|
27
|
-
access_token = "#{token.info['token_type']} #{token.info['access_token']}"
|
24
|
+
PasswordAccessInfo.new(token, @token_decoder)
|
25
|
+
end
|
28
26
|
|
29
|
-
|
27
|
+
def refresh(access_info)
|
28
|
+
token = @token_issuer.refresh_token_grant(access_info.refresh_token)
|
29
|
+
PasswordAccessInfo.new(token, @token_decoder)
|
30
30
|
end
|
31
31
|
end
|
32
32
|
end
|
@@ -4,8 +4,9 @@ module Bosh
|
|
4
4
|
module Uaa
|
5
5
|
class TokenDecoder
|
6
6
|
def decode(token)
|
7
|
+
access_token = token.info['access_token'] || token.info[:access_token]
|
7
8
|
CF::UAA::TokenCoder.decode(
|
8
|
-
|
9
|
+
access_token,
|
9
10
|
{verify: false}, # token signature not verified because CLI doesn't have the secret key
|
10
11
|
nil, nil)
|
11
12
|
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
require 'cli/client/uaa/client'
|
2
|
+
|
3
|
+
module Bosh
|
4
|
+
module Cli
|
5
|
+
module Client
|
6
|
+
module Uaa
|
7
|
+
class TokenProvider
|
8
|
+
def initialize(auth_info, config, token_decoder, target)
|
9
|
+
@auth_info = auth_info
|
10
|
+
@config = config
|
11
|
+
@token_decoder = token_decoder
|
12
|
+
@target = target
|
13
|
+
end
|
14
|
+
|
15
|
+
def token
|
16
|
+
config_access_token = @config.access_token(@target)
|
17
|
+
|
18
|
+
if @auth_info.client_auth?
|
19
|
+
access_info = client_access_info(config_access_token)
|
20
|
+
else
|
21
|
+
access_info = password_access_info(config_access_token)
|
22
|
+
end
|
23
|
+
|
24
|
+
access_info.auth_header if access_info
|
25
|
+
end
|
26
|
+
|
27
|
+
private
|
28
|
+
|
29
|
+
def uaa_client
|
30
|
+
@uaa_client ||= Bosh::Cli::Client::Uaa::Client.new(@target, @auth_info, @config)
|
31
|
+
end
|
32
|
+
|
33
|
+
def client_access_info(config_access_token)
|
34
|
+
unless config_access_token
|
35
|
+
return uaa_client.access_info({})
|
36
|
+
end
|
37
|
+
|
38
|
+
access_info = ClientAccessInfo.from_config(config_access_token, nil, @token_decoder)
|
39
|
+
return nil unless access_info
|
40
|
+
|
41
|
+
if access_info.was_issued_for?(@auth_info.client_id)
|
42
|
+
return refresh_if_needed(access_info)
|
43
|
+
end
|
44
|
+
uaa_client.access_info({})
|
45
|
+
end
|
46
|
+
|
47
|
+
def password_access_info(config_access_token)
|
48
|
+
return nil unless config_access_token
|
49
|
+
|
50
|
+
access_info = PasswordAccessInfo.from_config(config_access_token, @config.refresh_token(@target), @token_decoder)
|
51
|
+
return nil unless access_info
|
52
|
+
|
53
|
+
refresh_if_needed(access_info)
|
54
|
+
end
|
55
|
+
|
56
|
+
def refresh_if_needed(access_info)
|
57
|
+
if access_info.expires_soon?
|
58
|
+
uaa_client.refresh(access_info)
|
59
|
+
else
|
60
|
+
access_info
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
|
70
|
+
|
data/lib/cli/commands/login.rb
CHANGED
@@ -1,7 +1,6 @@
|
|
1
1
|
require 'cli/basic_login_strategy'
|
2
2
|
require 'cli/uaa_login_strategy'
|
3
|
-
require 'cli/client/uaa'
|
4
|
-
require 'cli/client/uaa/options'
|
3
|
+
require 'cli/client/uaa/client'
|
5
4
|
require 'cli/terminal'
|
6
5
|
|
7
6
|
module Bosh::Cli::Command
|
@@ -12,11 +11,10 @@ module Bosh::Cli::Command
|
|
12
11
|
'The username and password can also be ' +
|
13
12
|
'set in the BOSH_USER and BOSH_PASSWORD ' +
|
14
13
|
'environment variables.'
|
15
|
-
option '--ca-cert FILE', String, 'Path to client certificate provided to UAA server'
|
16
14
|
def login(username = nil, password = nil)
|
17
15
|
target_required
|
18
16
|
|
19
|
-
login_strategy(
|
17
|
+
login_strategy(director).login(target, username.to_s, password.to_s)
|
20
18
|
end
|
21
19
|
|
22
20
|
# bosh logout
|
@@ -31,25 +29,18 @@ module Bosh::Cli::Command
|
|
31
29
|
|
32
30
|
private
|
33
31
|
|
34
|
-
def
|
35
|
-
director.get_status
|
36
|
-
rescue Bosh::Cli::AuthError
|
37
|
-
{}
|
38
|
-
end
|
39
|
-
|
40
|
-
def login_strategy(director_info)
|
32
|
+
def login_strategy(director)
|
41
33
|
terminal = Bosh::Cli::Terminal.new(HighLine.new, BoshExtensions)
|
42
|
-
auth_info =
|
34
|
+
auth_info = Bosh::Cli::Client::Uaa::AuthInfo.new(director, ENV, config.ca_cert)
|
43
35
|
|
44
|
-
if auth_info
|
45
|
-
|
46
|
-
|
47
|
-
Bosh::Cli::UaaLoginStrategy.new(terminal, uaa, config, interactive?)
|
36
|
+
if auth_info.uaa?
|
37
|
+
uaa_client = Bosh::Cli::Client::Uaa::Client.new(target, auth_info, config)
|
38
|
+
Bosh::Cli::UaaLoginStrategy.new(terminal, uaa_client, interactive?)
|
48
39
|
else
|
49
40
|
Bosh::Cli::BasicLoginStrategy.new(terminal, director, config, interactive?)
|
50
41
|
end
|
51
42
|
|
52
|
-
rescue Bosh::Cli::Client::Uaa::
|
43
|
+
rescue Bosh::Cli::Client::Uaa::AuthInfo::ValidationError => e
|
53
44
|
err("Failed to connect to UAA: #{e.message}")
|
54
45
|
end
|
55
46
|
end
|
data/lib/cli/commands/misc.rb
CHANGED
@@ -83,11 +83,6 @@ module Bosh::Cli::Command
|
|
83
83
|
end
|
84
84
|
|
85
85
|
director_url = normalize_url(director_url)
|
86
|
-
if target && director_url == normalize_url(target)
|
87
|
-
say("Target already set to `#{target_name.make_green}'")
|
88
|
-
return
|
89
|
-
end
|
90
|
-
|
91
86
|
director = Bosh::Cli::Client::Director.new(director_url)
|
92
87
|
|
93
88
|
begin
|
@@ -104,6 +99,13 @@ module Bosh::Cli::Command
|
|
104
99
|
config.target_version = status["version"]
|
105
100
|
config.target_uuid = status["uuid"]
|
106
101
|
|
102
|
+
old_ca_cert_path = config.ca_cert
|
103
|
+
expanded_ca_cert_path = config.save_ca_cert_path(options[:ca_cert])
|
104
|
+
if old_ca_cert_path != expanded_ca_cert_path
|
105
|
+
say("Updating certificate file path to `#{expanded_ca_cert_path.to_s.make_green}'")
|
106
|
+
nl
|
107
|
+
end
|
108
|
+
|
107
109
|
unless name.blank?
|
108
110
|
config.set_alias(:target, name, director_url)
|
109
111
|
end
|
data/lib/cli/config.rb
CHANGED
@@ -117,8 +117,14 @@ module Bosh::Cli
|
|
117
117
|
|
118
118
|
# @param [String] target Target director url
|
119
119
|
# @return [String] Token associated with target
|
120
|
-
def
|
121
|
-
credentials_for(target)["
|
120
|
+
def access_token(target)
|
121
|
+
credentials_for(target)["access_token"]
|
122
|
+
end
|
123
|
+
|
124
|
+
# @param [String] target Target director url
|
125
|
+
# @return [String] Refresh token associated with target
|
126
|
+
def refresh_token(target)
|
127
|
+
credentials_for(target)["refresh_token"]
|
122
128
|
end
|
123
129
|
|
124
130
|
# Deployment used to be a string that was only stored for your
|
@@ -201,6 +207,25 @@ module Bosh::Cli
|
|
201
207
|
write_global(:target_uuid, value)
|
202
208
|
end
|
203
209
|
|
210
|
+
def ca_cert(for_target=nil)
|
211
|
+
if for_target
|
212
|
+
return @config_file.fetch('ca_cert', {}).fetch(for_target, nil)
|
213
|
+
end
|
214
|
+
|
215
|
+
return nil if target.nil?
|
216
|
+
|
217
|
+
@config_file.fetch('ca_cert', {}).fetch(target, nil)
|
218
|
+
end
|
219
|
+
|
220
|
+
|
221
|
+
def save_ca_cert_path(cert_path)
|
222
|
+
expanded_path = cert_path ? File.expand_path(cert_path) : nil
|
223
|
+
@config_file['ca_cert'] ||= {}
|
224
|
+
@config_file['ca_cert'][target] = expanded_path
|
225
|
+
|
226
|
+
expanded_path
|
227
|
+
end
|
228
|
+
|
204
229
|
# Read the max parallel downloads configuration.
|
205
230
|
#
|
206
231
|
# @return [Integer] The maximum number of parallel downloads
|
@@ -4,17 +4,16 @@ require 'cli/errors'
|
|
4
4
|
module Bosh
|
5
5
|
module Cli
|
6
6
|
class UaaLoginStrategy
|
7
|
-
def initialize(terminal,
|
7
|
+
def initialize(terminal, uaa_client, interactive)
|
8
8
|
@terminal = terminal
|
9
|
-
@
|
10
|
-
@config = config
|
9
|
+
@uaa_client = uaa_client
|
11
10
|
@interactive = interactive
|
12
11
|
end
|
13
12
|
|
14
13
|
def login(target, username = nil, password = nil)
|
15
14
|
if @interactive
|
16
15
|
credentials = {}
|
17
|
-
@
|
16
|
+
@uaa_client.prompts.map do |prompt|
|
18
17
|
if prompt.password?
|
19
18
|
credentials[prompt.field] = @terminal.ask_password("#{prompt.display_text}: ")
|
20
19
|
else
|
@@ -22,13 +21,8 @@ module Bosh
|
|
22
21
|
end
|
23
22
|
end
|
24
23
|
|
25
|
-
if access_info = @
|
24
|
+
if access_info = @uaa_client.access_info(credentials)
|
26
25
|
@terminal.say_green("Logged in as `#{access_info.username}'")
|
27
|
-
|
28
|
-
if access_info.token
|
29
|
-
@config.set_credentials(target, { 'token' => access_info.token })
|
30
|
-
@config.save
|
31
|
-
end
|
32
26
|
else
|
33
27
|
err('Failed to log in')
|
34
28
|
end
|
data/lib/cli/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bosh_cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2981.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- VMware
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-06-
|
11
|
+
date: 2015-06-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bosh_common
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.
|
19
|
+
version: 1.2981.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 1.
|
26
|
+
version: 1.2981.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: bosh-template
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 1.
|
33
|
+
version: 1.2981.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 1.
|
40
|
+
version: 1.2981.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: cf-uaa-lib
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -128,14 +128,14 @@ dependencies:
|
|
128
128
|
requirements:
|
129
129
|
- - "~>"
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: 1.
|
131
|
+
version: 1.2981.0
|
132
132
|
type: :runtime
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - "~>"
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: 1.
|
138
|
+
version: 1.2981.0
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
140
|
name: net-ssh
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
@@ -306,7 +306,7 @@ dependencies:
|
|
306
306
|
version: '0'
|
307
307
|
description: |-
|
308
308
|
BOSH CLI
|
309
|
-
|
309
|
+
4246cc
|
310
310
|
email: support@cloudfoundry.com
|
311
311
|
executables:
|
312
312
|
- bosh
|
@@ -328,13 +328,14 @@ files:
|
|
328
328
|
- lib/cli/client/credentials.rb
|
329
329
|
- lib/cli/client/director.rb
|
330
330
|
- lib/cli/client/errands_client.rb
|
331
|
-
- lib/cli/client/uaa.rb
|
332
331
|
- lib/cli/client/uaa/access_info.rb
|
332
|
+
- lib/cli/client/uaa/auth_info.rb
|
333
|
+
- lib/cli/client/uaa/client.rb
|
333
334
|
- lib/cli/client/uaa/client_token_issuer.rb
|
334
|
-
- lib/cli/client/uaa/options.rb
|
335
335
|
- lib/cli/client/uaa/password_token_issuer.rb
|
336
336
|
- lib/cli/client/uaa/prompt.rb
|
337
337
|
- lib/cli/client/uaa/token_decoder.rb
|
338
|
+
- lib/cli/client/uaa/token_provider.rb
|
338
339
|
- lib/cli/cloud_config.rb
|
339
340
|
- lib/cli/command_discovery.rb
|
340
341
|
- lib/cli/command_handler.rb
|
data/lib/cli/client/uaa.rb
DELETED
@@ -1,41 +0,0 @@
|
|
1
|
-
require 'uaa'
|
2
|
-
require 'uri'
|
3
|
-
require 'cli/client/uaa/client_token_issuer'
|
4
|
-
require 'cli/client/uaa/password_token_issuer'
|
5
|
-
require 'cli/client/uaa/token_decoder'
|
6
|
-
|
7
|
-
module Bosh
|
8
|
-
module Cli
|
9
|
-
module Client
|
10
|
-
module Uaa
|
11
|
-
class Client
|
12
|
-
def initialize(options)
|
13
|
-
token_decoder = TokenDecoder.new
|
14
|
-
if options.client_auth?
|
15
|
-
token_issuer = ClientTokenIssuer.new(options, token_decoder)
|
16
|
-
else
|
17
|
-
token_issuer = PasswordTokenIssuer.new(options, token_decoder)
|
18
|
-
end
|
19
|
-
@ssl_ca_file = options.ssl_ca_file
|
20
|
-
@token_issuer = token_issuer
|
21
|
-
end
|
22
|
-
|
23
|
-
def prompts
|
24
|
-
@token_issuer.prompts
|
25
|
-
rescue CF::UAA::SSLException => e
|
26
|
-
raise e unless @ssl_ca_file.nil?
|
27
|
-
err('Invalid SSL Cert. Use --ca-cert to specify SSL certificate')
|
28
|
-
end
|
29
|
-
|
30
|
-
def login(credentials)
|
31
|
-
@token_issuer.access_info(credentials)
|
32
|
-
rescue CF::UAA::TargetError => e
|
33
|
-
err("Failed to log in: #{e.info['error_description']}")
|
34
|
-
rescue CF::UAA::BadResponse
|
35
|
-
nil
|
36
|
-
end
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
@@ -1,34 +0,0 @@
|
|
1
|
-
require 'cli/errors'
|
2
|
-
|
3
|
-
module Bosh
|
4
|
-
module Cli
|
5
|
-
module Client
|
6
|
-
module Uaa
|
7
|
-
class Options < Struct.new(:url, :ssl_ca_file, :client_id, :client_secret)
|
8
|
-
class ValidationError < Bosh::Cli::CliError; end
|
9
|
-
|
10
|
-
def self.parse(cli_options, auth_options, env)
|
11
|
-
url = auth_options.fetch('url')
|
12
|
-
ssl_ca_file = cli_options[:ca_cert]
|
13
|
-
client_id, client_secret = env['BOSH_CLIENT'], env['BOSH_CLIENT_SECRET']
|
14
|
-
|
15
|
-
options = new(url, ssl_ca_file, client_id, client_secret)
|
16
|
-
options.validate!
|
17
|
-
options
|
18
|
-
end
|
19
|
-
|
20
|
-
def client_auth?
|
21
|
-
!client_id.nil? && !client_secret.nil?
|
22
|
-
end
|
23
|
-
|
24
|
-
def validate!
|
25
|
-
unless URI.parse(url).instance_of?(URI::HTTPS)
|
26
|
-
raise ValidationError.new('HTTPS protocol is required')
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|