brightbox-cli 1.4.3 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/Gemfile.lock +7 -7
  4. data/README +44 -0
  5. data/README.rdoc +44 -0
  6. data/brightbox-cli.gemspec +1 -1
  7. data/lib/brightbox-cli/config.rb +1 -0
  8. data/lib/brightbox-cli/config/authentication_tokens.rb +1 -0
  9. data/lib/brightbox-cli/config/gpg_encrypted_passwords.rb +39 -0
  10. data/lib/brightbox-cli/version.rb +1 -1
  11. data/lib/brightbox_cli.rb +1 -0
  12. metadata +7 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 29533e756026749e72115155385719115451994b
4
- data.tar.gz: b603ce0f0d7806cce0d5026305ba1dbeeb646e5f
3
+ metadata.gz: bf43e59f5f1a48d1640ab74aa4b0a10405704b44
4
+ data.tar.gz: ddccb12e250a6b96e087f38c9bfb9bc30f8ac9eb
5
5
  SHA512:
6
- metadata.gz: 0ac0ab798b0c7d52e2bbf19289c199e69adc93eea542ea044e1cbb6fc5f143f036da11fe1dd3b469bca7bdb9ba3c5a785989e315823a300e5a1dd5735935dc68
7
- data.tar.gz: 6b026cb3b891744bb34fec64ca7241b4ad1ecfd640ef34d90f57d7e02fd421ca3cfd0e69c5411aeb7f07817fd3fa673916472555e778f8aeb4cf055cab798c4c
6
+ metadata.gz: 7b3ea4869fcd217e4f8ea3e0418e5bac03607d7be2579f136f4babb6b3d3e00e7fe63511b5e36f447e3c20e4b0291e08b45d497f301040cdfe861261fe5a625c
7
+ data.tar.gz: 998d29050504582fd18e37acb3f0ea885559ae77f2fcb72bd763ecb37d870ea694a0602df42fadf8be948db2ea1d2f906ca915df4cf8658ef8f3e630845cca7f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ### v1.5.0 / 2015-02-13
2
+ [Full Changelog](https://github.com/brightbox/brightbox-cli/compare/v1.4.3...v1.5.0)
3
+
4
+ Enhancements:
5
+
6
+ * Add support for GPG stored user passwords.
7
+
1
8
  ### v1.4.3 / 2015-02-12
2
9
  [Full Changelog](https://github.com/brightbox/brightbox-cli/compare/v1.4.2...v1.4.3)
3
10
 
data/Gemfile.lock CHANGED
@@ -1,13 +1,13 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- brightbox-cli (1.4.3)
4
+ brightbox-cli (1.5.0)
5
5
  fog-brightbox (~> 0.7, >= 0.7.1)
6
6
  fog-core (~> 1.25)
7
7
  gli (~> 2.9)
8
8
  highline (~> 1.6)
9
9
  hirb (~> 0.6)
10
- i18n
10
+ i18n (~> 0.6.0)
11
11
  mime-types (~> 1.25)
12
12
  multi_json
13
13
 
@@ -17,12 +17,12 @@ GEM
17
17
  builder (3.2.2)
18
18
  coderay (1.0.9)
19
19
  diff-lcs (1.2.5)
20
- excon (0.42.1)
20
+ excon (0.44.2)
21
21
  fog-brightbox (0.7.1)
22
22
  fog-core (~> 1.22)
23
23
  fog-json
24
24
  inflecto (~> 0.0.2)
25
- fog-core (1.27.2)
25
+ fog-core (1.28.0)
26
26
  builder
27
27
  excon (~> 0.38)
28
28
  formatador (~> 0.2)
@@ -34,8 +34,8 @@ GEM
34
34
  formatador (0.2.5)
35
35
  gli (2.12.2)
36
36
  highline (1.6.21)
37
- hirb (0.7.2)
38
- i18n (0.7.0)
37
+ hirb (0.7.3)
38
+ i18n (0.6.11)
39
39
  inflecto (0.0.2)
40
40
  metaclass (0.0.1)
41
41
  method_source (0.8.1)
@@ -45,7 +45,7 @@ GEM
45
45
  multi_json (1.10.1)
46
46
  net-scp (1.2.1)
47
47
  net-ssh (>= 2.6.5)
48
- net-ssh (2.9.1)
48
+ net-ssh (2.9.2)
49
49
  pry (0.9.12.2)
50
50
  coderay (~> 1.0.5)
51
51
  method_source (~> 0.8)
data/README CHANGED
@@ -51,6 +51,50 @@ To browse available resources use the resource name as the command:
51
51
 
52
52
  Command structure may be subject to change.
53
53
 
54
+ === Using GPG to secure passwords
55
+
56
+ If you use an OAuth application to access your accounts
57
+ (https://www.brightbox.com/docs/guides/manager/oauth-applications/) then you
58
+ frequently need to renter your password.
59
+
60
+ From v1.5.0 you can store your password locally encrypted by GPG (https://www.gnupg.org/)
61
+ which will decrypt the password when needed. This will prompt for your GPG key
62
+ if not available to the GPG agent using your OS's configured pinentry program.
63
+
64
+ You need to have setup GPG with your own keys and have configured the pinentry
65
+ to prompt you when the key is locked.
66
+
67
+ The password file is named after your configuration's alias:
68
+
69
+ $ brightbox config
70
+ alias client_id secret api_url auth_url
71
+ ------------------------------------------------------------------------------------------------------------------
72
+ *main app-12345 xxxxxxxxxxxxxxx https://api.gb1.brightbox.com https://api.gb1.brightbox.com
73
+ ------------------------------------------------------------------------------------------------------------------
74
+
75
+ The alias here is `main`. To prepare the password run this command:
76
+
77
+ $ gpg --encrypt --recipient gpg@example.com > ~/.brightbox/main.password.gpg
78
+ (type your password)<RETURN>
79
+ <CTRL+D>
80
+ # Test it with...
81
+ $ gpg --decrypt ~/.brightbox/main.password.gpg
82
+ password!2015
83
+ $ brightbox accounts
84
+ INFO: client_id: app-12345 (main)
85
+ INFO: Decrypting /home/user/.brightbox/main.password.gpg to obtain password
86
+ gpg: encrypted with 2048-bit RSA key, ID ABCDE890, created 2015-01-01
87
+ "Jason Null <gpg@example.com>"
88
+ Your API credentials have been updated, please re-run your command.
89
+
90
+ Now when making commands you should only have to unlock your keyring to avoid
91
+ typing your password.
92
+
93
+ If you are prompted to enter your password still then the file may be named
94
+ incorrectly or there may be an issue with your GPG configuration.
95
+
96
+ To remove the password delete the `~/.brightbox/main.password.gpg` file.
97
+
54
98
  == Usage guides
55
99
 
56
100
  * http://docs.brightbox.com/reference/cli
data/README.rdoc CHANGED
@@ -51,6 +51,50 @@ To browse available resources use the resource name as the command:
51
51
 
52
52
  Command structure may be subject to change.
53
53
 
54
+ === Using GPG to secure passwords
55
+
56
+ If you use an OAuth application to access your accounts
57
+ (https://www.brightbox.com/docs/guides/manager/oauth-applications/) then you
58
+ frequently need to renter your password.
59
+
60
+ From v1.5.0 you can store your password locally encrypted by GPG (https://www.gnupg.org/)
61
+ which will decrypt the password when needed. This will prompt for your GPG key
62
+ if not available to the GPG agent using your OS's configured pinentry program.
63
+
64
+ You need to have setup GPG with your own keys and have configured the pinentry
65
+ to prompt you when the key is locked.
66
+
67
+ The password file is named after your configuration's alias:
68
+
69
+ $ brightbox config
70
+ alias client_id secret api_url auth_url
71
+ ------------------------------------------------------------------------------------------------------------------
72
+ *main app-12345 xxxxxxxxxxxxxxx https://api.gb1.brightbox.com https://api.gb1.brightbox.com
73
+ ------------------------------------------------------------------------------------------------------------------
74
+
75
+ The alias here is `main`. To prepare the password run this command:
76
+
77
+ $ gpg --encrypt --recipient gpg@example.com > ~/.brightbox/main.password.gpg
78
+ (type your password)<RETURN>
79
+ <CTRL+D>
80
+ # Test it with...
81
+ $ gpg --decrypt ~/.brightbox/main.password.gpg
82
+ password!2015
83
+ $ brightbox accounts
84
+ INFO: client_id: app-12345 (main)
85
+ INFO: Decrypting /home/user/.brightbox/main.password.gpg to obtain password
86
+ gpg: encrypted with 2048-bit RSA key, ID ABCDE890, created 2015-01-01
87
+ "Jason Null <gpg@example.com>"
88
+ Your API credentials have been updated, please re-run your command.
89
+
90
+ Now when making commands you should only have to unlock your keyring to avoid
91
+ typing your password.
92
+
93
+ If you are prompted to enter your password still then the file may be named
94
+ incorrectly or there may be an issue with your GPG configuration.
95
+
96
+ To remove the password delete the `~/.brightbox/main.password.gpg` file.
97
+
54
98
  == Usage guides
55
99
 
56
100
  * http://docs.brightbox.com/reference/cli
data/brightbox-cli.gemspec CHANGED
@@ -22,7 +22,7 @@ Gem::Specification.new do |s|
22
22
  s.add_dependency "fog-brightbox", "~> 0.7", ">= 0.7.1"
23
23
  s.add_dependency "fog-core", "~> 1.25"
24
24
  s.add_dependency "gli", "~> 2.9"
25
- s.add_dependency "i18n"
25
+ s.add_dependency "i18n", "~> 0.6.0"
26
26
  s.add_dependency "mime-types", "~> 1.25"
27
27
  s.add_dependency "multi_json"
28
28
  s.add_dependency "highline", "~> 1.6"
data/lib/brightbox-cli/config.rb CHANGED
@@ -12,6 +12,7 @@ module Brightbox
12
12
  require 'ini'
13
13
  include Brightbox::Logging
14
14
  include Brightbox::Config::Cache
15
+ include Brightbox::Config::GpgEncryptedPasswords
15
16
  include Brightbox::Config::AuthenticationTokens
16
17
  include Brightbox::Config::Accounts
17
18
  include Brightbox::Config::Clients
data/lib/brightbox-cli/config/authentication_tokens.rb CHANGED
@@ -189,6 +189,7 @@ module Brightbox
189
189
  def update_tokens_with_user_credentials(password = nil)
190
190
  user_application = Brightbox::Config::UserApplication.new(selected_config, client_name)
191
191
 
192
+ password = gpg_password unless password
192
193
  password = prompt_for_password unless password
193
194
 
194
195
  # FIXME: options are required to work
data/lib/brightbox-cli/config/gpg_encrypted_passwords.rb ADDED
@@ -0,0 +1,39 @@
1
+ module Brightbox
2
+ module Config
3
+ module GpgEncryptedPasswords
4
+ attr_accessor :gpg_password
5
+
6
+ def gpg_encrypted_password_filename
7
+ file_name = "#{client_name}.password.gpg"
8
+ @gpg_encrypted_password_filename ||= File.join(config_directory, file_name)
9
+ end
10
+
11
+ # Return the password from gpg if it's possible
12
+ def gpg_password
13
+ if defined?(@gpg_password) && !@gpg_password.nil?
14
+ return @gpg_password
15
+ end
16
+ if File.exist?(gpg_encrypted_password_filename)
17
+ @gpg_password = gpg_decrypt_password
18
+ else
19
+ @gpg_password = nil
20
+ end
21
+ end
22
+
23
+ private
24
+
25
+ # Use gpg to decrypt the password
26
+ def gpg_decrypt_password
27
+ info "INFO: Decrypting #{gpg_encrypted_password_filename} to obtain password"
28
+ begin
29
+ IO::popen(["gpg", "--decrypt", gpg_encrypted_password_filename], "r") do |io|
30
+ io.read.chomp
31
+ end
32
+ rescue Errno::ENOENT
33
+ nil
34
+ end
35
+ end
36
+
37
+ end
38
+ end
39
+ end
data/lib/brightbox-cli/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Brightbox
2
- VERSION = "1.4.3" unless defined?(Brightbox::VERSION)
2
+ VERSION = "1.5.0" unless defined?(Brightbox::VERSION)
3
3
  end
data/lib/brightbox_cli.rb CHANGED
@@ -65,6 +65,7 @@ require_relative 'brightbox-cli/tables'
65
65
  require_relative "brightbox-cli/logging"
66
66
  require_relative "brightbox-cli/api"
67
67
  require_relative "brightbox-cli/config/cache"
68
+ require_relative "brightbox-cli/config/gpg_encrypted_passwords"
68
69
  require_relative "brightbox-cli/config/authentication_tokens"
69
70
  require_relative "brightbox-cli/config/accounts"
70
71
  require_relative "brightbox-cli/config/clients"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: brightbox-cli
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.3
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - John Leach
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-02-12 00:00:00.000000000 Z
11
+ date: 2015-02-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: fog-brightbox
@@ -62,16 +62,16 @@ dependencies:
62
62
  name: i18n
63
63
  requirement: !ruby/object:Gem::Requirement
64
64
  requirements:
65
- - - ">="
65
+ - - "~>"
66
66
  - !ruby/object:Gem::Version
67
- version: '0'
67
+ version: 0.6.0
68
68
  type: :runtime
69
69
  prerelease: false
70
70
  version_requirements: !ruby/object:Gem::Requirement
71
71
  requirements:
72
- - - ">="
72
+ - - "~>"
73
73
  - !ruby/object:Gem::Version
74
- version: '0'
74
+ version: 0.6.0
75
75
  - !ruby/object:Gem::Dependency
76
76
  name: mime-types
77
77
  requirement: !ruby/object:Gem::Requirement
@@ -341,6 +341,7 @@ files:
341
341
  - lib/brightbox-cli/config/cache.rb
342
342
  - lib/brightbox-cli/config/clients.rb
343
343
  - lib/brightbox-cli/config/dirty.rb
344
+ - lib/brightbox-cli/config/gpg_encrypted_passwords.rb
344
345
  - lib/brightbox-cli/config/section_name_deduplicator.rb
345
346
  - lib/brightbox-cli/config/sections.rb
346
347
  - lib/brightbox-cli/config/to_fog.rb