bosh_cli 1.2980.0 → 1.2981.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b746e2346f147c8bcb5ab4e32ffd42ee2068ba5e
4
- data.tar.gz: e272f8007bfb9d325d11cbcc055ca082c9288a6b
3
+ metadata.gz: a8e1d3bf5c54dd7d88ea097bc989c0fee02b2481
4
+ data.tar.gz: 52c1003f0a7f996c73e66987953a4087e58ccca8
5
5
  SHA512:
6
- metadata.gz: 9ceffbe0e4a7eae7b9cecd7db1a1813fd41c72506f38f459628d7b63782472e9e42ca30145fbc70093a3652320e9856e92c3e34802867aa7fef9558d18ca2a76
7
- data.tar.gz: 4d2aeedcdaa87c14c0d48ea9422e184dda6872b506c4348e8f6eb8176fc241d838bd5fbf08344b52a337d9cc990890add37c5d3511fb3eff2e0430ef2a514c0b
6
+ metadata.gz: 9c16af5b713b12caa76ad0711b80905d9cfca32cb24fbf6f57a94bfd3588425b58c9aed8ef7b817ac91c466e6f5a04176fcc5a04ed61fb08527f1bd83b6af19f
7
+ data.tar.gz: 3cdbb9050100b5f0ee45ce0ac2c957f682072aca593fcbe08ac29ad337433a203392110760ba156447086915a53f6cd3a4ee0b66bffb9a2af3b5d372539ff3c4
data/lib/cli.rb CHANGED
@@ -107,6 +107,9 @@ require 'cli/command_handler'
107
107
  require 'cli/runner'
108
108
  require 'cli/base_command'
109
109
 
110
+ require 'cli/client/uaa/token_provider'
111
+ require 'cli/client/uaa/auth_info'
112
+
110
113
  tmpdir = Dir.mktmpdir
111
114
  at_exit { FileUtils.rm_rf(tmpdir) }
112
115
  ENV['TMPDIR'] = tmpdir
@@ -1,5 +1,3 @@
1
- # Copyright (c) 2009-2012 VMware, Inc.
2
-
3
1
  module Bosh::Cli
4
2
  module Command
5
3
  class Base
@@ -102,11 +100,15 @@ module Bosh::Cli
102
100
  end
103
101
 
104
102
  def credentials
105
- auth_token = config.token(target)
106
- return Bosh::Cli::Client::UaaCredentials.new(auth_token) if auth_token
103
+ director_client = Client::Director.new(target)
104
+ auth_info = Client::Uaa::AuthInfo.new(director_client, ENV, config.ca_cert(target))
105
+ token_decoder = Client::Uaa::TokenDecoder.new
106
+ uaa_token_provider = Client::Uaa::TokenProvider.new(auth_info, config, token_decoder, target)
107
+ auth_token = uaa_token_provider.token
108
+ return Client::UaaCredentials.new(auth_token) if auth_token
107
109
 
108
110
  if username && password
109
- return Bosh::Cli::Client::BasicCredentials.new(username, password)
111
+ return Client::BasicCredentials.new(username, password)
110
112
  end
111
113
 
112
114
  nil
@@ -2,7 +2,66 @@ module Bosh
2
2
  module Cli
3
3
  module Client
4
4
  module Uaa
5
- class AccessInfo < Struct.new(:username, :token); end
5
+ class AccessInfo
6
+ EXPIRATION_DEADLINE_IN_SECONDS = 30
7
+
8
+ def self.from_config(config_access_token, refresh_token, token_decoder)
9
+ token_type, access_token = config_access_token.split(' ')
10
+ return nil unless token_type && access_token
11
+
12
+ token_info = CF::UAA::TokenInfo.new({
13
+ access_token: access_token,
14
+ refresh_token: refresh_token,
15
+ token_type: token_type,
16
+ })
17
+ new(token_info, token_decoder)
18
+ end
19
+
20
+ def initialize(token_info, token_decoder)
21
+ @token_info = token_info
22
+ @token_decoder = token_decoder
23
+ end
24
+
25
+ def auth_header
26
+ @token_info.auth_header
27
+ end
28
+
29
+ def refresh_token
30
+ @token_info.info[:refresh_token] || @token_info.info['refresh_token']
31
+ end
32
+
33
+ def was_issued_for?(other_username)
34
+ username == other_username
35
+ end
36
+
37
+ def expires_soon?
38
+ expiration = token_data[:exp] || token_data['exp']
39
+ (Time.at(expiration).to_i - Time.now.to_i) < EXPIRATION_DEADLINE_IN_SECONDS
40
+ end
41
+
42
+ def token_data
43
+ @token_data ||= @token_decoder.decode(@token_info)
44
+ end
45
+
46
+ def to_hash
47
+ {
48
+ 'access_token' => auth_header,
49
+ 'refresh_token' => refresh_token
50
+ }
51
+ end
52
+ end
53
+
54
+ class ClientAccessInfo < AccessInfo
55
+ def username
56
+ token_data['client_id']
57
+ end
58
+ end
59
+
60
+ class PasswordAccessInfo < AccessInfo
61
+ def username
62
+ token_data['user_name']
63
+ end
64
+ end
6
65
  end
7
66
  end
8
67
  end
@@ -0,0 +1,54 @@
1
+ require 'cli/errors'
2
+
3
+ module Bosh
4
+ module Cli
5
+ module Client
6
+ module Uaa
7
+ class AuthInfo
8
+ class ValidationError < Bosh::Cli::CliError; end
9
+
10
+ attr_reader :ssl_ca_file, :client_id, :client_secret
11
+
12
+ def initialize(director, env, ssl_ca_file)
13
+ @director = director
14
+ @client_id, @client_secret = env['BOSH_CLIENT'], env['BOSH_CLIENT_SECRET']
15
+ @ssl_ca_file = ssl_ca_file
16
+ end
17
+
18
+ def client_auth?
19
+ !@client_id.nil? && !@client_secret.nil?
20
+ end
21
+
22
+ def uaa?
23
+ auth_info['type'] == 'uaa'
24
+ end
25
+
26
+ def url
27
+ auth_info.fetch('options', {}).fetch('url', nil)
28
+ end
29
+
30
+ def validate!
31
+ return unless uaa?
32
+
33
+ unless URI.parse(url).instance_of?(URI::HTTPS)
34
+ raise ValidationError.new('HTTPS protocol is required')
35
+ end
36
+ end
37
+
38
+ private
39
+
40
+ def auth_info
41
+ director_info.fetch('user_authentication', {})
42
+ end
43
+
44
+ def director_info
45
+ @director_info ||= @director.get_status
46
+ rescue Bosh::Cli::AuthError
47
+ {}
48
+ end
49
+ end
50
+ end
51
+ end
52
+ end
53
+ end
54
+
@@ -0,0 +1,61 @@
1
+ require 'uaa'
2
+ require 'uri'
3
+ require 'cli/client/uaa/client_token_issuer'
4
+ require 'cli/client/uaa/password_token_issuer'
5
+ require 'cli/client/uaa/token_decoder'
6
+
7
+ module Bosh
8
+ module Cli
9
+ module Client
10
+ module Uaa
11
+ class Client
12
+ def initialize(target, auth_info, config)
13
+ @target = target
14
+ token_decoder = TokenDecoder.new
15
+ if auth_info.client_auth?
16
+ token_issuer = ClientTokenIssuer.new(auth_info, token_decoder)
17
+ else
18
+ token_issuer = PasswordTokenIssuer.new(auth_info, token_decoder)
19
+ end
20
+ @ssl_ca_file = auth_info.ssl_ca_file
21
+ @token_issuer = token_issuer
22
+ @config = config
23
+ end
24
+
25
+ def prompts
26
+ @token_issuer.prompts
27
+ rescue CF::UAA::SSLException => e
28
+ raise e unless @ssl_ca_file.nil?
29
+ err('Invalid SSL Cert. Use --ca-cert option when setting target to specify SSL certificate')
30
+ end
31
+
32
+ def access_info(prompt_responses)
33
+ with_save { @token_issuer.access_info(prompt_responses) }
34
+ rescue CF::UAA::TargetError => e
35
+ err("Failed to log in: #{e.info['error_description']}")
36
+ rescue CF::UAA::BadResponse
37
+ nil
38
+ end
39
+
40
+ def refresh(access_info)
41
+ with_save { @token_issuer.refresh(access_info) }
42
+ rescue CF::UAA::TargetError
43
+ nil
44
+ end
45
+
46
+ private
47
+
48
+ def with_save
49
+ access_info = yield
50
+ if access_info.auth_header
51
+ @config.set_credentials(@target, access_info.to_hash)
52
+ @config.save
53
+ end
54
+
55
+ access_info
56
+ end
57
+ end
58
+ end
59
+ end
60
+ end
61
+ end
@@ -1,10 +1,12 @@
1
+ require 'cli/client/uaa/access_info'
2
+
1
3
  module Bosh
2
4
  module Cli
3
5
  module Client
4
6
  module Uaa
5
7
  class ClientTokenIssuer
6
- def initialize(options, token_decoder)
7
- @token_issuer = CF::UAA::TokenIssuer.new(options.url, options.client_id, options.client_secret, {ssl_ca_file: options.ssl_ca_file})
8
+ def initialize(auth_info, token_decoder)
9
+ @auth_info = auth_info
8
10
  @token_decoder = token_decoder
9
11
  end
10
12
 
@@ -13,13 +15,26 @@ module Bosh
13
15
  end
14
16
 
15
17
  def access_info(_)
16
- token = @token_issuer.client_credentials_grant
17
- decoded = @token_decoder.decode(token)
18
+ @auth_info.validate!
19
+
20
+ token = token_issuer.client_credentials_grant
21
+ ClientAccessInfo.new(token, @token_decoder)
22
+ end
23
+
24
+ def refresh(_)
25
+ # For client credentials there is no refresh token, so obtain access token again
26
+ access_info(_)
27
+ end
18
28
 
19
- username = decoded['client_id'] if decoded
29
+ private
20
30
 
21
- access_token = "#{token.info['token_type']} #{token.info['access_token']}"
22
- AccessInfo.new(username, access_token)
31
+ def token_issuer
32
+ @token_issuer ||= CF::UAA::TokenIssuer.new(
33
+ @auth_info.url,
34
+ @auth_info.client_id,
35
+ @auth_info.client_secret,
36
+ { ssl_ca_file: @auth_info.ssl_ca_file }
37
+ )
23
38
  end
24
39
  end
25
40
  end
@@ -18,15 +18,15 @@ module Bosh
18
18
  end
19
19
  end
20
20
 
21
- def access_info(credentials)
22
- credentials = credentials.select { |_, c| !c.empty? }
21
+ def access_info(prompt_responses)
22
+ credentials = prompt_responses.select { |_, c| !c.empty? }
23
23
  token = @token_issuer.owner_password_credentials_grant(credentials)
24
- decoded = @token_decoder.decode(token)
25
-
26
- username = decoded['user_name'] if decoded
27
- access_token = "#{token.info['token_type']} #{token.info['access_token']}"
24
+ PasswordAccessInfo.new(token, @token_decoder)
25
+ end
28
26
 
29
- AccessInfo.new(username, access_token)
27
+ def refresh(access_info)
28
+ token = @token_issuer.refresh_token_grant(access_info.refresh_token)
29
+ PasswordAccessInfo.new(token, @token_decoder)
30
30
  end
31
31
  end
32
32
  end
@@ -4,8 +4,9 @@ module Bosh
4
4
  module Uaa
5
5
  class TokenDecoder
6
6
  def decode(token)
7
+ access_token = token.info['access_token'] || token.info[:access_token]
7
8
  CF::UAA::TokenCoder.decode(
8
- token.info['access_token'],
9
+ access_token,
9
10
  {verify: false}, # token signature not verified because CLI doesn't have the secret key
10
11
  nil, nil)
11
12
  end
@@ -0,0 +1,70 @@
1
+ require 'cli/client/uaa/client'
2
+
3
+ module Bosh
4
+ module Cli
5
+ module Client
6
+ module Uaa
7
+ class TokenProvider
8
+ def initialize(auth_info, config, token_decoder, target)
9
+ @auth_info = auth_info
10
+ @config = config
11
+ @token_decoder = token_decoder
12
+ @target = target
13
+ end
14
+
15
+ def token
16
+ config_access_token = @config.access_token(@target)
17
+
18
+ if @auth_info.client_auth?
19
+ access_info = client_access_info(config_access_token)
20
+ else
21
+ access_info = password_access_info(config_access_token)
22
+ end
23
+
24
+ access_info.auth_header if access_info
25
+ end
26
+
27
+ private
28
+
29
+ def uaa_client
30
+ @uaa_client ||= Bosh::Cli::Client::Uaa::Client.new(@target, @auth_info, @config)
31
+ end
32
+
33
+ def client_access_info(config_access_token)
34
+ unless config_access_token
35
+ return uaa_client.access_info({})
36
+ end
37
+
38
+ access_info = ClientAccessInfo.from_config(config_access_token, nil, @token_decoder)
39
+ return nil unless access_info
40
+
41
+ if access_info.was_issued_for?(@auth_info.client_id)
42
+ return refresh_if_needed(access_info)
43
+ end
44
+ uaa_client.access_info({})
45
+ end
46
+
47
+ def password_access_info(config_access_token)
48
+ return nil unless config_access_token
49
+
50
+ access_info = PasswordAccessInfo.from_config(config_access_token, @config.refresh_token(@target), @token_decoder)
51
+ return nil unless access_info
52
+
53
+ refresh_if_needed(access_info)
54
+ end
55
+
56
+ def refresh_if_needed(access_info)
57
+ if access_info.expires_soon?
58
+ uaa_client.refresh(access_info)
59
+ else
60
+ access_info
61
+ end
62
+ end
63
+ end
64
+ end
65
+ end
66
+ end
67
+ end
68
+
69
+
70
+
@@ -1,7 +1,6 @@
1
1
  require 'cli/basic_login_strategy'
2
2
  require 'cli/uaa_login_strategy'
3
- require 'cli/client/uaa'
4
- require 'cli/client/uaa/options'
3
+ require 'cli/client/uaa/client'
5
4
  require 'cli/terminal'
6
5
 
7
6
  module Bosh::Cli::Command
@@ -12,11 +11,10 @@ module Bosh::Cli::Command
12
11
  'The username and password can also be ' +
13
12
  'set in the BOSH_USER and BOSH_PASSWORD ' +
14
13
  'environment variables.'
15
- option '--ca-cert FILE', String, 'Path to client certificate provided to UAA server'
16
14
  def login(username = nil, password = nil)
17
15
  target_required
18
16
 
19
- login_strategy(director_info).login(target, username.to_s, password.to_s)
17
+ login_strategy(director).login(target, username.to_s, password.to_s)
20
18
  end
21
19
 
22
20
  # bosh logout
@@ -31,25 +29,18 @@ module Bosh::Cli::Command
31
29
 
32
30
  private
33
31
 
34
- def director_info
35
- director.get_status
36
- rescue Bosh::Cli::AuthError
37
- {}
38
- end
39
-
40
- def login_strategy(director_info)
32
+ def login_strategy(director)
41
33
  terminal = Bosh::Cli::Terminal.new(HighLine.new, BoshExtensions)
42
- auth_info = director_info.fetch('user_authentication', {})
34
+ auth_info = Bosh::Cli::Client::Uaa::AuthInfo.new(director, ENV, config.ca_cert)
43
35
 
44
- if auth_info['type'] == 'uaa'
45
- client_options = Bosh::Cli::Client::Uaa::Options.parse(options, auth_info['options'], ENV)
46
- uaa = Bosh::Cli::Client::Uaa::Client.new(client_options)
47
- Bosh::Cli::UaaLoginStrategy.new(terminal, uaa, config, interactive?)
36
+ if auth_info.uaa?
37
+ uaa_client = Bosh::Cli::Client::Uaa::Client.new(target, auth_info, config)
38
+ Bosh::Cli::UaaLoginStrategy.new(terminal, uaa_client, interactive?)
48
39
  else
49
40
  Bosh::Cli::BasicLoginStrategy.new(terminal, director, config, interactive?)
50
41
  end
51
42
 
52
- rescue Bosh::Cli::Client::Uaa::Options::ValidationError => e
43
+ rescue Bosh::Cli::Client::Uaa::AuthInfo::ValidationError => e
53
44
  err("Failed to connect to UAA: #{e.message}")
54
45
  end
55
46
  end
@@ -83,11 +83,6 @@ module Bosh::Cli::Command
83
83
  end
84
84
 
85
85
  director_url = normalize_url(director_url)
86
- if target && director_url == normalize_url(target)
87
- say("Target already set to `#{target_name.make_green}'")
88
- return
89
- end
90
-
91
86
  director = Bosh::Cli::Client::Director.new(director_url)
92
87
 
93
88
  begin
@@ -104,6 +99,13 @@ module Bosh::Cli::Command
104
99
  config.target_version = status["version"]
105
100
  config.target_uuid = status["uuid"]
106
101
 
102
+ old_ca_cert_path = config.ca_cert
103
+ expanded_ca_cert_path = config.save_ca_cert_path(options[:ca_cert])
104
+ if old_ca_cert_path != expanded_ca_cert_path
105
+ say("Updating certificate file path to `#{expanded_ca_cert_path.to_s.make_green}'")
106
+ nl
107
+ end
108
+
107
109
  unless name.blank?
108
110
  config.set_alias(:target, name, director_url)
109
111
  end
@@ -117,8 +117,14 @@ module Bosh::Cli
117
117
 
118
118
  # @param [String] target Target director url
119
119
  # @return [String] Token associated with target
120
- def token(target)
121
- credentials_for(target)["token"]
120
+ def access_token(target)
121
+ credentials_for(target)["access_token"]
122
+ end
123
+
124
+ # @param [String] target Target director url
125
+ # @return [String] Refresh token associated with target
126
+ def refresh_token(target)
127
+ credentials_for(target)["refresh_token"]
122
128
  end
123
129
 
124
130
  # Deployment used to be a string that was only stored for your
@@ -201,6 +207,25 @@ module Bosh::Cli
201
207
  write_global(:target_uuid, value)
202
208
  end
203
209
 
210
+ def ca_cert(for_target=nil)
211
+ if for_target
212
+ return @config_file.fetch('ca_cert', {}).fetch(for_target, nil)
213
+ end
214
+
215
+ return nil if target.nil?
216
+
217
+ @config_file.fetch('ca_cert', {}).fetch(target, nil)
218
+ end
219
+
220
+
221
+ def save_ca_cert_path(cert_path)
222
+ expanded_path = cert_path ? File.expand_path(cert_path) : nil
223
+ @config_file['ca_cert'] ||= {}
224
+ @config_file['ca_cert'][target] = expanded_path
225
+
226
+ expanded_path
227
+ end
228
+
204
229
  # Read the max parallel downloads configuration.
205
230
  #
206
231
  # @return [Integer] The maximum number of parallel downloads
@@ -4,17 +4,16 @@ require 'cli/errors'
4
4
  module Bosh
5
5
  module Cli
6
6
  class UaaLoginStrategy
7
- def initialize(terminal, uaa, config, interactive)
7
+ def initialize(terminal, uaa_client, interactive)
8
8
  @terminal = terminal
9
- @uaa = uaa
10
- @config = config
9
+ @uaa_client = uaa_client
11
10
  @interactive = interactive
12
11
  end
13
12
 
14
13
  def login(target, username = nil, password = nil)
15
14
  if @interactive
16
15
  credentials = {}
17
- @uaa.prompts.map do |prompt|
16
+ @uaa_client.prompts.map do |prompt|
18
17
  if prompt.password?
19
18
  credentials[prompt.field] = @terminal.ask_password("#{prompt.display_text}: ")
20
19
  else
@@ -22,13 +21,8 @@ module Bosh
22
21
  end
23
22
  end
24
23
 
25
- if access_info = @uaa.login(credentials)
24
+ if access_info = @uaa_client.access_info(credentials)
26
25
  @terminal.say_green("Logged in as `#{access_info.username}'")
27
-
28
- if access_info.token
29
- @config.set_credentials(target, { 'token' => access_info.token })
30
- @config.save
31
- end
32
26
  else
33
27
  err('Failed to log in')
34
28
  end
@@ -1,5 +1,5 @@
1
1
  module Bosh
2
2
  module Cli
3
- VERSION = '1.2980.0'
3
+ VERSION = '1.2981.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bosh_cli
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2980.0
4
+ version: 1.2981.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - VMware
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-02 00:00:00.000000000 Z
11
+ date: 2015-06-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bosh_common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 1.2980.0
19
+ version: 1.2981.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 1.2980.0
26
+ version: 1.2981.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: bosh-template
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.2980.0
33
+ version: 1.2981.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.2980.0
40
+ version: 1.2981.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: cf-uaa-lib
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.2980.0
131
+ version: 1.2981.0
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.2980.0
138
+ version: 1.2981.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: net-ssh
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -306,7 +306,7 @@ dependencies:
306
306
  version: '0'
307
307
  description: |-
308
308
  BOSH CLI
309
- cb6c5e
309
+ 4246cc
310
310
  email: support@cloudfoundry.com
311
311
  executables:
312
312
  - bosh
@@ -328,13 +328,14 @@ files:
328
328
  - lib/cli/client/credentials.rb
329
329
  - lib/cli/client/director.rb
330
330
  - lib/cli/client/errands_client.rb
331
- - lib/cli/client/uaa.rb
332
331
  - lib/cli/client/uaa/access_info.rb
332
+ - lib/cli/client/uaa/auth_info.rb
333
+ - lib/cli/client/uaa/client.rb
333
334
  - lib/cli/client/uaa/client_token_issuer.rb
334
- - lib/cli/client/uaa/options.rb
335
335
  - lib/cli/client/uaa/password_token_issuer.rb
336
336
  - lib/cli/client/uaa/prompt.rb
337
337
  - lib/cli/client/uaa/token_decoder.rb
338
+ - lib/cli/client/uaa/token_provider.rb
338
339
  - lib/cli/cloud_config.rb
339
340
  - lib/cli/command_discovery.rb
340
341
  - lib/cli/command_handler.rb
@@ -1,41 +0,0 @@
1
- require 'uaa'
2
- require 'uri'
3
- require 'cli/client/uaa/client_token_issuer'
4
- require 'cli/client/uaa/password_token_issuer'
5
- require 'cli/client/uaa/token_decoder'
6
-
7
- module Bosh
8
- module Cli
9
- module Client
10
- module Uaa
11
- class Client
12
- def initialize(options)
13
- token_decoder = TokenDecoder.new
14
- if options.client_auth?
15
- token_issuer = ClientTokenIssuer.new(options, token_decoder)
16
- else
17
- token_issuer = PasswordTokenIssuer.new(options, token_decoder)
18
- end
19
- @ssl_ca_file = options.ssl_ca_file
20
- @token_issuer = token_issuer
21
- end
22
-
23
- def prompts
24
- @token_issuer.prompts
25
- rescue CF::UAA::SSLException => e
26
- raise e unless @ssl_ca_file.nil?
27
- err('Invalid SSL Cert. Use --ca-cert to specify SSL certificate')
28
- end
29
-
30
- def login(credentials)
31
- @token_issuer.access_info(credentials)
32
- rescue CF::UAA::TargetError => e
33
- err("Failed to log in: #{e.info['error_description']}")
34
- rescue CF::UAA::BadResponse
35
- nil
36
- end
37
- end
38
- end
39
- end
40
- end
41
- end
@@ -1,34 +0,0 @@
1
- require 'cli/errors'
2
-
3
- module Bosh
4
- module Cli
5
- module Client
6
- module Uaa
7
- class Options < Struct.new(:url, :ssl_ca_file, :client_id, :client_secret)
8
- class ValidationError < Bosh::Cli::CliError; end
9
-
10
- def self.parse(cli_options, auth_options, env)
11
- url = auth_options.fetch('url')
12
- ssl_ca_file = cli_options[:ca_cert]
13
- client_id, client_secret = env['BOSH_CLIENT'], env['BOSH_CLIENT_SECRET']
14
-
15
- options = new(url, ssl_ca_file, client_id, client_secret)
16
- options.validate!
17
- options
18
- end
19
-
20
- def client_auth?
21
- !client_id.nil? && !client_secret.nil?
22
- end
23
-
24
- def validate!
25
- unless URI.parse(url).instance_of?(URI::HTTPS)
26
- raise ValidationError.new('HTTPS protocol is required')
27
- end
28
- end
29
- end
30
- end
31
- end
32
- end
33
- end
34
-