cf-uaac 1.3.0

data/lib/cli/client_reg.rb

@@ -0,0 +1,103 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'cli/common'
+
+module CF::UAA
+
+class ClientCli < CommonCli
+
+  topic "Client Application Registrations", "reg"
+
+  CLIENT_SCHEMA = { scope: "list", authorized_grant_types: "list", 
+      authorities: "list", access_token_validity: "seconds", 
+      refresh_token_validity: "seconds", redirect_uri: "list" }
+  CLIENT_SCHEMA.each { |k, v| define_option(k, "--#{k} <#{v}>") }
+
+  def client_info(defaults)
+    info = {client_id: defaults["client_id"] || opts[:client_id]}
+    info[:client_secret] = opts[:secret] if opts[:secret]
+    del_attrs = Util.arglist(opts[:del_attrs], [])
+    CLIENT_SCHEMA.each_with_object(info) do |(k, p), info|
+      next if del_attrs.include?(k)
+      default = Util.strlist(defaults[k.to_s])
+      if opts.key?(k)
+        info[k] = opts[k].nil? || opts[k].empty? ? default : opts[k]
+      else 
+        info[k] = opts[:interact] ? 
+          info[k] = askd("#{k.to_s.gsub('_', ' ')} (#{p})", default): default
+      end
+      info[k] = Util.arglist(info[k]) if p == "list"
+      info.delete(k) unless info[k]
+    end
+  end
+
+  desc "clients", "List client registrations" do
+    pp scim_request { |cr| cr.all_pages(:client) }
+  end
+
+  desc "client get [name]", "Get specific client registration" do |name|
+    pp scim_request { |cr| cr.get(:client, cr.id(:client, clientname(name))) }
+  end
+
+  define_option :clone, "--clone <other_client>", "get default client settings from existing client"
+  define_option :interact, "--[no-]interactive", "-i", "interactively verify all values"
+
+  desc "client add [name]", "Add client registration",
+      *CLIENT_SCHEMA.keys, :clone, :secret, :interact do |name|
+    pp scim_request { |cr|
+      opts[:client_id] = clientname(name)
+      opts[:secret] = verified_pwd("New client secret", opts[:secret])
+      defaults = opts[:clone] ? cr.get(opts[:clone]) : {}
+      defaults.delete("client_id")
+      cr.add(:client, client_info(defaults))
+    }
+  end
+
+  desc "client update [name]", "Update client registration", *CLIENT_SCHEMA.keys, 
+      :del_attrs, :interact do |name|
+    pp scim_request { |cr|
+      opts[:client_id] = clientname(name)
+      info = client_info(cr.get(:client, opts[:client_id]))
+      info.length > 1 ? cr.put(:client, info) : gripe("Nothing to update. Use -i for interactive update.")
+    }
+  end
+
+  desc "client delete [name]", "Delete client registration" do |name|
+    pp scim_request { |cr| 
+      cr.delete(:client, clientname(name)) 
+      "client registration deleted"
+    }
+  end
+
+  desc "secret set [name]", "Set client secret", :secret do |name|
+    pp scim_request { |cr|
+      cr.change_secret(clientname(name), verified_pwd("New secret", opts[:secret]))
+      "client secret successfully set"
+    }
+  end
+
+  define_option :old_secret, "-o", "--old_secret <secret>", "current secret"
+  desc "secret change", "Change secret for authenticated client in current context", :old_secret, :secret do
+    return gripe "context not set" unless client_id = Config.context.to_s
+    scim_request { |cr|
+      old = opts[:old_secret] || ask_pwd("Current secret")
+      cr.change_secret(client_id, verified_pwd("New secret", opts[:secret]), old)
+      "client secret successfully changed"
+    }
+  end
+
+end
+
+end
+

data/lib/cli/common.rb

@@ -0,0 +1,187 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'cli/base'
+require 'cli/config'
+require 'uaa'
+
+module CF::UAA
+
+class CommonCli < Topic
+
+  def trace?; opts[:trace] end
+  def debug?; opts[:debug] end
+
+  def auth_header
+    unless (ttype = Config.value(:token_type)) && (token = Config.value(:access_token))
+      raise "Need an access token to complete this command. Please login."
+    end
+    "#{ttype} #{token}"
+  end
+
+  def username(name); name || ask("User name") end
+  def userpwd(pwd = opts[:password]); pwd || ask_pwd("Password") end
+  def clientname(name = opts[:client]); name || ask("Client name") end
+  def clientsecret(name = opts[:secret]); name || ask_pwd("Client secret") end
+
+  def verified_pwd(prompt, pwd = nil)
+    while pwd.nil?
+      pwd_a = ask_pwd prompt
+      pwd_b = ask_pwd "Verify #{prompt.downcase}"
+      pwd = pwd_a if pwd_a == pwd_b
+    end
+    pwd
+  end
+
+  def askd(prompt, defary)
+    return ask(prompt) unless defary
+    result = ask("#{prompt} [#{Util.strlist(defary)}]")
+    result.nil? || result.empty? ? defary : result
+  end
+
+  def complain(e)
+    case e
+    when TargetError then gripe "\n#{e.message}:\n#{JSON.pretty_generate(e.info)}"
+    when Exception
+      gripe "\n#{e.class}: #{e.message}\n\n"
+      gripe e.backtrace if trace?
+    when String then gripe e
+    else gripe "unknown type of gripe: #{e.class}, #{e}"
+    end
+  end
+
+  def handle_request
+    yield
+  rescue Exception => e
+    complain e
+  end
+
+  def scim_request
+    yield Scim.new(Config.target, auth_header)
+  rescue Exception => e
+    complain e
+  end
+
+  def update_target_info(info = nil)
+    return if !info && Config.target_value(:prompts)
+    info ||= Misc.server(Config.target)
+    Config.target_opts(prompts: info['prompts'])
+    Config.target_opts(token_endpoint: info['token_endpoint']) if info['token_endpoint']
+    info
+  end
+
+end
+
+class MiscCli < CommonCli
+
+  topic "Miscellaneous", "misc"
+
+  desc "version", "Display version" do
+    say "UAA client #{CLI_VERSION}"
+  end
+
+  define_option :trace, "--[no-]trace", "-t", "display extra verbose debug information"
+  define_option :debug, "--[no-]debug", "-d", "display debug information"
+  define_option :help, "--[no-]help", "-h", "display helpful information"
+  define_option :version, "--[no-]version", "-v", "show version"
+  define_option :config, "--config [string|file]", "file to get/save configuration information or yaml string"
+
+  desc "help [topic|command...]", "Display summary or details of command or topic" do |*args|
+    # handle hidden command, output commands in form for bash completion
+    return say_commands if args.length == 1 && args[0] == "commands"
+    args.empty? ? say_help : say_command_help(args)
+  end
+
+  def normalize_url(url, scheme = nil)
+    url = url.strip.gsub(/\/*$/, "")
+    raise ArgumentError, "invalid whitespace in target url" if url =~ /\s/
+    unless url =~ /^https?:\/\//
+      return unless scheme
+      url = "#{scheme}://#{url}"
+    end
+    url = URI.parse(url)
+    url.host.downcase!
+    url.to_s.to_sym
+  end
+
+  def bad_uaa_url(url, info)
+    info.replace(Misc.server(url.to_s))
+    nil
+  rescue Exception => e
+    "failed to access #{url}: #{e.message}"
+  end
+
+  define_option :force, "--[no-]force", "-f", "set even if target does not respond"
+  desc "target [uaa_url]", "Display current or set new target", :force do |uaa_url|
+    msg, info = nil, {}
+    if uaa_url
+      if uaa_url.to_i.to_s == uaa_url
+        return gripe "invalid target index" unless url = Config.target?(uaa_url.to_i)
+      elsif url = normalize_url(uaa_url)
+        return gripe msg if (msg = bad_uaa_url(url, info)) unless opts[:force] || Config.target?(url)
+      elsif !Config.target?(url = normalize_url(uaa_url, "https")) &&
+            !Config.target?(url = normalize_url(uaa_url, "http"))
+        if opts[:force]
+          url = normalize_url(uaa_url, "https")
+        elsif bad_uaa_url((url = normalize_url(uaa_url, "https")), info)
+          return gripe msg if msg = bad_uaa_url((url = normalize_url(uaa_url, "http")), info)
+        end
+      end
+      Config.target = url # we now have a canonical url set to https if possible
+      update_target_info(info) if info[:prompts]
+    end
+    return say "no target set" unless Config.target
+    return say "target set to #{Config.target}" unless Config.context
+    say "target set to #{Config.target}, with context #{Config.context}"
+  end
+
+  desc "targets", "Display all targets" do
+    cfg = Config.config
+    return say "\nno targets\n" if cfg.empty?
+    cfg.each_with_index { |(k, v), i| pp "#{i} #{v[:current] ? '*' : ' '} #{k}" }
+    say "\n"
+  end
+
+  def config_pp(tgt = nil, ctx = nil)
+    Config.config.each_with_index do |(k, v), i|
+      next if tgt && tgt != k
+      say ""
+      splat = v[:current] ? '*' : ' '
+      pp "[#{i}]#{splat}[#{k}]"
+      v.each {|tk, tv| pp(tv, 2, terminal_columns, tk) unless [:contexts, :current, :prompts].include?(tk)}
+      next unless v[:contexts]
+      v[:contexts].each_with_index do |(sk, sv), si|
+        next if ctx && ctx != sk
+        say ""
+        splat = sv[:current] && v[:current]? '*' : ' '
+        sv.delete(:current)
+        pp "[#{si}]#{splat}[#{sk}]", 2
+        pp sv, 4
+      end
+    end
+    say ""
+  end
+
+  desc "context [name]", "Display or set current context" do |ctx|
+    ctx = ctx.to_i if ctx.to_i.to_s == ctx
+    Config.context = ctx if ctx && Config.valid_context(ctx)
+    (opts[:trace] ? Config.add_opts(trace: true) : Config.delete_attr(:trace)) if opts.key?(:trace)
+    return say "no context set in target #{Config.target}" unless Config.context
+    config_pp Config.target, Config.context
+  end
+
+  desc "contexts", "Display all contexts" do config_pp end
+
+end
+
+end

data/lib/cli/config.rb

@@ -0,0 +1,163 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'yaml'
+require 'uaa/util'
+
+module CF::UAA
+
+class Config
+
+  class << self; attr_reader :target, :context end
+
+  def self.config; @config ? @config.dup : {} end
+  def self.loaded?; !!@config end
+  def self.yaml; YAML.dump(Util.hash_keys(@config, :tostr)) end
+  def self.target?(tgt) tgt if @config[tgt = subhash_key(@config, tgt)] end
+
+  # if a yaml string is provided, config is loaded from the string, otherwise
+  # config is assumed to be a file name to read and store config.
+  # config can be retrieved in yaml form from Config.yaml
+  def self.load(config = nil)
+    @config = {}
+    return unless config
+    if config =~ /^---/ || config == ""
+      @config = config == "" ? {} : YAML.load(config)
+      @config_file = nil
+    elsif File.exists?(@config_file = config)
+      if (@config = YAML.load_file(@config_file)) && @config.is_a?(Hash)
+        @config.each { |k, v| break @config = nil if k.to_s =~ / / }
+      end
+      unless @config && @config.is_a?(Hash)
+          STDERR.puts "", "Invalid config file #{@config_file}.",
+            "If it's from an old version of uaac, please remove it.",
+            "Note that the uaac command structure has changed.",
+            "Please review the new commands with 'uaac help'", ""
+          exit 1
+      end
+    else # file doesn't exist, make sure we can write it now
+      File.open(@config_file, 'w') { |f| f.write("--- {}\n\n") }
+    end
+    Util.hash_keys!(@config, :tosym)
+    @context = current_subhash(@config[@target][:contexts]) if @target = current_subhash(@config)
+  end
+
+  def self.save
+    File.open(@config_file, 'w') { |f| YAML.dump(Util.hash_keys(@config, :tostr), f) } if @config_file
+    true
+  end
+
+  def self.target=(tgt)
+    unless t = set_current_subhash(@config, tgt, @target)
+      raise ArgumentError, "invalid target, #{tgt}"
+    end
+    @context = current_subhash(@config[t][:contexts])
+    save
+    @target = t
+  end
+
+  def self.target_opts(hash)
+    raise ArgumentError, "target not set" unless @target
+    return unless hash and !hash.empty?
+    raise ArgumentError, "'contexts' is a reserved key" if hash.key?(:contexts)
+    @config[@target].merge! Util.hash_keys(hash, :tosym)
+    save
+  end
+
+  def self.target_value(attr)
+    raise ArgumentError, "target not set" unless @target
+    @config[@target][attr]
+  end
+
+  def self.context=(ctx)
+    raise ArgumentError, "target not set" unless @target
+    unless c = set_current_subhash(@config[@target][:contexts] ||= {}, ctx, @context)
+      raise ArgumentError, "invalid context, #{ctx}"
+    end
+    save
+    @context = c
+  end
+
+  def self.valid_context(ctx)
+    raise ArgumentError, "target not set" unless @target
+    k = existing_key(@config[@target][:contexts] ||= {}, ctx)
+    raise ArgumentError, "unknown context #{ctx}" unless k
+    k
+  end
+
+  def self.delete(tgt = nil, ctx = nil)
+    if tgt && ctx
+      @config[tgt][:contexts].delete(ctx = valid_context(ctx))
+      @context = nil if tgt == @target && ctx == @context
+    elsif tgt
+      @config.delete(tgt)
+      @target = @context = nil if tgt == @target
+    else
+      @target, @context, @config = nil, nil, {}
+    end
+    save
+  end
+
+  def self.add_opts(hash)
+    raise ArgumentError, "target and context not set" unless @target && @context
+    return unless hash and !hash.empty?
+    @config[@target][:contexts][@context].merge! Util.hash_keys(hash, :tosym)
+    save
+  end
+
+  def self.value(attr)
+    raise ArgumentError, "target and context not set" unless @target && @context
+    @config[@target][:contexts][@context][attr]
+  end
+
+  def self.delete_attr(attr)
+    raise ArgumentError, "target and context not set" unless @target && @context
+    @config[@target][:contexts][@context].delete(attr)
+  end
+
+  # these are all class methods and so can't really be private, but the
+  # methods below here are not intended to be part of the public interface
+  private
+
+  def self.current_subhash(hash)
+    return unless hash
+    key = nil
+    hash.each { |k, v| key ? v.delete(:current) : (key = k if v[:current]) }
+    key
+  end
+
+  # key can be an integer index of the desired subhash or the key symbol or string
+  def self.subhash_key(hash, key)
+    case key
+    when Integer then hash.each_with_index { |(k, v), i| return k if i == key }; nil
+    when String then key.downcase.to_sym
+    when Symbol then key.to_s.downcase.to_sym
+    else nil
+    end
+  end
+
+  def self.existing_key(hash, key)
+    k = subhash_key(hash, key)
+    k if hash[k]
+  end
+
+  def self.set_current_subhash(hash, newcurrent, oldcurrent)
+    return unless k = subhash_key(hash, newcurrent)
+    hash[oldcurrent].delete(:current) if oldcurrent
+    (hash[k] ||= {}).merge!(current: true)
+    k
+  end
+
+end
+
+end