cf-uaac 1.3.1 → 1.3.3

data/NOTICE.TXT

@@ -0,0 +1,10 @@
+Cloud Foundry 2012.02.03 Beta
+Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved. 
+
+This product is licensed to you under the Apache License, Version 2.0 (the "License").  
+You may not use this product except in compliance with the License.  
+
+This product includes a number of subcomponents with
+separate copyright notices and license terms. Your use of these
+subcomponents is subject to the terms and conditions of the 
+subcomponent's license, as noted in the LICENSE file. 

data/Rakefile

@@ -10,7 +10,6 @@
 # subcomponent's license, as noted in the LICENSE file.
 #
 
-require "rdoc/task"
 require "rspec/core/rake_task"
 require "bundler/gem_tasks" # only available in bundler >= 1.0.15
 require "ci/reporter/rake/rspec"
@@ -27,11 +26,6 @@ RSpec::Core::RakeTask.new("test") do |t|
   t.pattern = "spec/**/*_spec.rb"
 end
 
-RDoc::Task.new do |rd|
-  rd.rdoc_files.include("lib/**/*.rb")
-  rd.rdoc_dir = "doc"
-end
-
 task :ci => [:pre_coverage, :rcov_reports, "ci:setup:rspec", :test]
 task :cov => [:pre_coverage, :test, :view_coverage]
 task :coverage => [:pre_coverage, :test]

data/bin/uaas

@@ -2,6 +2,55 @@
 
 $:.unshift File.expand_path File.join __FILE__, '..', '..', 'lib'
 require 'stub/uaa'
+require 'cli/base'
+require 'cli/version'
+
+module CF::UAA
+
+Util.default_logger(:trace)
+
+class ServerTopic < Topic
+  topic "", "run"
+  desc "version", "Display version" do say "version #{CLI_VERSION}"  end
+  define_option :trace, "--[no-]trace", "-t", "display extra verbose debug information"
+  define_option :debug, "--[no-]debug", "-d", "display debug information"
+  define_option :help, "--[no-]help", "-h", "display helpful information"
+  define_option :version, "--[no-]version", "-v", "show version"
+
+  desc "help [topic|command...]", "Display summary or details of command or topic" do |*args|
+    args.empty? ? say_help : say_command_help(args)
+  end
+
+  define_option :port, "--port <number>", "-p", "port for server to listen on"
+  define_option :root, "--root <path>", "-r", "root path of UAA resources, e.g. /uaa"
+  desc "run", "Run the UAA server", :port, :root do
+    CF::UAA::StubUAA.new(port: (opts[:port] || "8080").to_i, root: opts[:root],
+        logger: Util.default_logger).run
+  end
+
+end
+
+class ServerCli < BaseCli
+  @overview = "UAA Stub Server Command Line\nProvides partial uaa server support suitable for testing uaac."
+  @topics = [ServerTopic]
+  @global_options = [:help, :version, :debug, :trace]
+  @input, @output = $stdin, $stdout
+
+  def self.handle_bad_command(args, msg)
+    @output.puts "\n#{msg}"
+    run args.unshift("help")
+    nil
+  end
+
+  def self.preprocess_options(args, opts)
+    return args.replace(["version"]) if opts[:version]
+    return args.unshift("help") if args.empty? || opts[:help] && args[0] != "version"
+    Util.default_logger(opts[:trace]? :trace: opts[:debug]? :debug: :warn, @output)
+  end
+
+end
+
+end
+
+exit CF::UAA::ServerCli.run ? 0 : 1
 
-CF::UAA::Util.default_logger(:trace)
-CF::UAA::StubUAA.new.run('localhost', 8080)

data/cf-uaac.gemspec

@@ -38,10 +38,10 @@ Gem::Specification.new do |s|
   s.add_development_dependency "simplecov"
   s.add_development_dependency "simplecov-rcov"
   s.add_development_dependency "ci_reporter"
-  s.add_runtime_dependency "cf-uaa-lib", ">= 1.3.1"
+  s.add_runtime_dependency "cf-uaa-lib", ">= 1.3.3", "<= 1.3.3"
   s.add_runtime_dependency "highline"
   s.add_runtime_dependency "eventmachine"
   s.add_runtime_dependency "launchy"
   s.add_runtime_dependency "em-http-request", ">= 1.0.0.beta.3"
-
+  s.add_runtime_dependency "json_pure"
 end

data/lib/cli/base.rb

@@ -13,6 +13,7 @@
 
 require 'highline'
 require 'optparse'
+require 'json/pure'
 
 module CF; module UAA end end
 
@@ -56,10 +57,10 @@ class Topic
     @highline = HighLine.new(input, output)
   end
 
-  def ask(prompt); @highline.ask("#{prompt}:  ") end
-  def ask_pwd(prompt); @highline.ask("#{prompt}:  ") { |q| q.echo = '*' } end
-  def say(msg); @output.puts(msg); msg end
-  def gripe(msg); @output.puts(msg) end
+  def ask(prompt) @highline.ask("#{prompt}:  ") end
+  def ask_pwd(prompt) @highline.ask("#{prompt}:  ") { |q| q.echo = '*' } end
+  def say(msg) @output.puts(msg); msg end
+  def gripe(msg) @output.puts(msg) end
   def opts; @options end
 
   def terminal_columns
@@ -232,16 +233,15 @@ class BaseCli
     attr_accessor :overview, :topics, :global_options
   end
 
-  def self.preprocess_options(args, opts); end # to be implemented in subclass
-  def self.too_many_args(cmd); end # to be implemented in subclass
+  def self.preprocess_options(args, opts) end # to be implemented in subclass
+  def self.handle_bad_command(args, msg) end # to be implemented in subclass
 
   def self.run(args = ARGV)
     @input ||= $stdin
     @output ||= $stdout
-    @option_defs = {}
     @output.string = "" if @output.respond_to?(:string)
     args = args.split if args.respond_to?(:split)
-    @parser = OptionParser.new
+    @option_defs, @parser, orig = {}, OptionParser.new, args
     opts = @topics.each_with_object({}) do |tpc, o|
       tpc.option_defs.each do |k, optdef|
         @parser.on(*optdef) { |v| o[k] = v }
@@ -257,11 +257,14 @@ class BaseCli
         if v[:argc] == -1
           # variable args, leave args alone
         elsif args.length > v[:argc]
-          too_many_args(v[:parts].dup)
-          return nil
+          return handle_bad_command(orig, "Too many command line parameters given.")
         elsif args.length < v[:argc]
           (v[:argc] - args.length).times { args << nil }
         end
+        opts.keys.each do |o|
+          next if v[:options].include?(o) || @global_options.include?(o)
+          return handle_bad_command(orig, "Invalid option: #{o}")
+        end
         return tpc.new(self, opts, @input, @output).send(k, *args)
       end
     end
@@ -269,7 +272,7 @@ class BaseCli
   rescue Exception => e
     @output.puts "#{File.basename($0)} error", "#{e.class}: #{e.message}", (e.backtrace if opts[:trace])
   ensure
-    puts @output.string if opts[:trace] && @print_on_trace
+    puts @output.string if opts[:trace] && @print_on_trace && @output.respond_to?(:string)
   end
 
 end

data/lib/cli/client_reg.rb

@@ -63,7 +63,7 @@ class ClientCli < CommonCli
     pp scim_request { |cr|
       opts[:client_id] = clientname(name)
       opts[:secret] = verified_pwd("New client secret", opts[:secret])
-      defaults = opts[:clone] ? Util.hash_keys!(cr.get(opts[:clone]), :tosym) : {}
+      defaults = opts[:clone] ? Util.hash_keys!(cr.get(opts[:clone]), :sym) : {}
       defaults.delete(:client_id)
       cr.add(:client, client_info(defaults))
     }
@@ -73,7 +73,7 @@ class ClientCli < CommonCli
       :del_attrs, :interact do |name|
     pp scim_request { |cr|
       opts[:client_id] = clientname(name)
-      orig = Util.hash_keys!(cr.get(:client, opts[:client_id]), :tosym)
+      orig = Util.hash_keys!(cr.get(:client, opts[:client_id]), :sym)
       info = client_info(orig)
       info.any? { |k, v| v != orig[k] } ? cr.put(:client, info) :
           gripe("Nothing to update. Use -i for interactive update.")

data/lib/cli/config.rb

@@ -22,7 +22,7 @@ class Config
 
   def self.config; @config ? @config.dup : {} end
   def self.loaded?; !!@config end
-  def self.yaml; YAML.dump(Util.hash_keys(@config, :tostr)) end
+  def self.yaml; YAML.dump(Util.hash_keys(@config, :str)) end
   def self.target?(tgt) tgt if @config[tgt = subhash_key(@config, tgt)] end
 
   # if a yaml string is provided, config is loaded from the string, otherwise
@@ -48,12 +48,12 @@ class Config
     else # file doesn't exist, make sure we can write it now
       File.open(@config_file, 'w') { |f| f.write("--- {}\n\n") }
     end
-    Util.hash_keys!(@config, :tosym)
+    Util.hash_keys!(@config, :sym)
     @context = current_subhash(@config[@target][:contexts]) if @target = current_subhash(@config)
   end
 
   def self.save
-    File.open(@config_file, 'w') { |f| YAML.dump(Util.hash_keys(@config, :tostr), f) } if @config_file
+    File.open(@config_file, 'w') { |f| YAML.dump(Util.hash_keys(@config, :str), f) } if @config_file
     true
   end
 
@@ -70,7 +70,7 @@ class Config
     raise ArgumentError, "target not set" unless @target
     return unless hash and !hash.empty?
     raise ArgumentError, "'contexts' is a reserved key" if hash.key?(:contexts)
-    @config[@target].merge! Util.hash_keys(hash, :tosym)
+    @config[@target].merge! Util.hash_keys(hash, :sym)
     save
   end
 
@@ -111,7 +111,7 @@ class Config
   def self.add_opts(hash)
     raise ArgumentError, "target and context not set" unless @target && @context
     return unless hash and !hash.empty?
-    @config[@target][:contexts][@context].merge! Util.hash_keys(hash, :tosym)
+    @config[@target][:contexts][@context].merge! Util.hash_keys(hash, :sym)
     save
   end
 

data/lib/cli/group.rb

@@ -41,15 +41,17 @@ class GroupCli < CommonCli
   end
 
   desc "group delete [name]", "Delete group" do |name|
-    pp scim_request { |ua| 
+    pp scim_request { |ua|
       ua.delete(:delete, ua.id(:group, gname(name)))
-      "success" 
+      "success"
     }
   end
 
   def id_set(objs)
-    objs.each_with_object(Set.new) {|o, s| 
-      s << (o.is_a?(String)? o: (o["id"] || o["value"]))
+    objs.each_with_object(Set.new) {|o, s|
+      id = o.is_a?(String)? o: (o["id"] || o["value"] || o["memberid"])
+      raise BadResponse, "no id found in response of current members" unless id
+      s << id
     }
   end
 

data/lib/cli/runner.rb

@@ -25,16 +25,17 @@ class Cli < BaseCli
   @topics = [MiscCli, InfoCli, TokenCli, UserCli, GroupCli, ClientCli]
   @global_options = [:help, :version, :debug, :trace, :config]
 
-  def self.configure(config_file = "", input = $stdin, output = $stdout, 
+  def self.configure(config_file = "", input = $stdin, output = $stdout,
       print_on_trace = false)
     @config_file, @input, @output = config_file, input, output
     @print_on_trace = print_on_trace
     self
   end
 
-  def self.too_many_args(cmd)
-    @output.puts "\nToo many command line parameters given."
-    run cmd.unshift("help")
+  def self.handle_bad_command(args, msg)
+    @output.puts "\n#{msg}"
+    run args.unshift("help")
+    nil
   end
 
   def self.preprocess_options(args, opts)

data/lib/cli/token.rb

@@ -27,7 +27,7 @@ class TokenCatcher < Stub::Base
         Config.target_value(:token_target))
     tkn = secret ? ti.authcode_grant(server.info.delete(:uri), data) :
         ti.implicit_grant(server.info.delete(:uri), data)
-    server.info.update(Util.hash_keys!(tkn.info, :tosym))
+    server.info.update(Util.hash_keys!(tkn.info, :sym))
     reply.text "you are now logged in and can close this window"
   rescue TargetError => e
     reply.text "#{e.message}:\r\n#{Util.json_pretty(e.info)}\r\n#{e.backtrace}"
@@ -71,7 +71,8 @@ class TokenCli < CommonCli
 
   def issuer_request(client_id, secret = nil)
     update_target_info
-    yield TokenIssuer.new(Config.target.to_s, client_id, secret, Config.target_value(:token_endpoint))
+    yield TokenIssuer.new(Config.target.to_s, client_id, secret,
+        :token_target => Config.target_value(:token_endpoint))
   rescue Exception => e
     complain e
   end
@@ -99,7 +100,7 @@ class TokenCli < CommonCli
       ti.implicit_grant_with_creds(creds, opts[:scope]).info
     }
     return gripe "attempt to get token failed\n" unless token && token["access_token"]
-    tokinfo = TokenCoder.decode(token["access_token"], nil, nil, false)
+    tokinfo = TokenCoder.decode(token["access_token"], verify: false)
     Config.context = tokinfo["user_name"]
     Config.add_opts(user_id: tokinfo["user_id"])
     Config.add_opts token
@@ -140,8 +141,9 @@ class TokenCli < CommonCli
 
   def use_browser(client_id, secret = nil)
     catcher = Stub::Server.new(TokenCatcher,
-        Util.default_logger(debug? ? :debug : trace? ? :trace : :info),
-        client_id: client_id, client_secret: secret).run_on_thread("localhost", opts[:port])
+        logger: Util.default_logger(debug? ? :debug : trace? ? :trace : :info),
+        info: {client_id: client_id, client_secret: secret},
+        port: opts[:port]).run_on_thread
     uri = issuer_request(client_id, secret) { |ti|
       secret ? ti.authcode_uri("#{catcher.url}/authcode", opts[:scope]) :
           ti.implicit_uri("#{catcher.url}/callback", opts[:scope])
@@ -154,7 +156,7 @@ class TokenCli < CommonCli
       sleep 5
       print "."
     end
-    Config.context = TokenCoder.decode(catcher.info[:access_token], nil, nil, false)[:user_name]
+    Config.context = TokenCoder.decode(catcher.info[:access_token], verify: false)[:user_name]
     Config.add_opts catcher.info
     say_success secret ? "authorization code" : "implicit"
     return unless opts[:vmc]
@@ -190,9 +192,9 @@ class TokenCli < CommonCli
       if opts[:client] && opts[:secret]
         pp Misc.decode_token(Config.target, opts[:client], opts[:secret], token, ttype)
       else
-		seckey = opts[:key] || (Config.target_value(:signing_key) if Config.target_value(:signing_alg) !~ /rsa$/i)
-		pubkey = opts[:key] || (Config.target_value(:signing_key) if Config.target_value(:signing_alg) =~ /rsa$/i)
-        info = TokenCoder.decode(token, seckey, pubkey, seckey || pubkey)
+        seckey = opts[:key] || (Config.target_value(:signing_key) if Config.target_value(:signing_alg) !~ /rsa$/i)
+        pubkey = opts[:key] || (Config.target_value(:signing_key) if Config.target_value(:signing_alg) =~ /rsa$/i)
+        info = TokenCoder.decode(token, skey: seckey, pkey: pubkey, verify: !!(seckey || pubkey))
         say seckey || pubkey ? "\nValid token signature\n\n": "\nNote: no key given to validate token signature\n\n"
         pp info
       end

data/lib/cli/version.rb

@@ -11,8 +11,9 @@
 # subcomponent's license, as noted in the LICENSE file.
 #++
 
+# Cloud Foundry namespace
 module CF
   module UAA
-    CLI_VERSION = "1.3.1"
+    CLI_VERSION = "1.3.3"
   end
 end

data/lib/stub/scim.rb

@@ -57,11 +57,11 @@ class StubScim
         :entitlements, :roles, :x509certificates, :name, :addresses,
         :authorizations, :groups].to_set,
       client: [*COMMON_ATTRS, :client_id, :client_secret, :authorities,
-        :authorized_grant_types, :scope, :auto_approved_scope, 
+        :authorized_grant_types, :scope, :auto_approved_scope,
         :access_token_validity, :refresh_token_validity, :redirect_uri].to_set,
       group: [*COMMON_ATTRS, :displayname, :members, :owners, :readers].to_set }
   VISIBLE_ATTRS = {user: Set.new(LEGAL_ATTRS[:user] - HIDDEN_ATTRS),
-      client: Set.new(LEGAL_ATTRS[:client] - HIDDEN_ATTRS), 
+      client: Set.new(LEGAL_ATTRS[:client] - HIDDEN_ATTRS),
       group: Set.new(LEGAL_ATTRS[:group] - HIDDEN_ATTRS)}
   ATTR_NAMES = LEGAL_ATTRS.each_with_object(Set.new) { |(k, v), s|
     v.each {|a| s << a.to_s }
@@ -76,15 +76,15 @@ class StubScim
     attr if ATTR_NAMES.include?(attr) && !HIDDEN_ATTRS.include?(attr = attr.to_sym)
   end
 
-  def remove_attrs(stuff, attrs = HIDDEN_ATTRS) 
+  def remove_attrs(stuff, attrs = HIDDEN_ATTRS)
     attrs.each { |a| stuff.delete(a.to_s) }
     stuff
   end
 
-  def valid_id?(id, rtype) 
-    id && (t = @things_by_id[id]) && (rtype.nil? || t[:rtype] == rtype) 
+  def valid_id?(id, rtype)
+    id && (t = @things_by_id[id]) && (rtype.nil? || t[:rtype] == rtype)
   end
-  
+
   def ref_by_name(name, rtype) @things_by_name[rtype.to_s + name.downcase] end
 
   def ref_by_id(id, rtype = nil)
@@ -134,10 +134,10 @@ class StubScim
   end
 
   def input(stuff)
-    thing = Util.hash_keys(stuff.dup, :tosym)
+    thing = Util.hash_keys(stuff.dup, :sym)
     REFERENCES.each {|a|
       next unless thing[a]
-      thing[a] = thing[a].each_with_object(Set.new) { |r, s| 
+      thing[a] = thing[a].each_with_object(Set.new) { |r, s|
         s << (r.is_a?(Hash)? r[:value] : r )
       }
     }
@@ -146,7 +146,7 @@ class StubScim
       thing[a] = thing[a].each_with_object({}) { |v, o|
         v = {value: v} unless v.is_a?(Hash)
         # enforce values are unique by type and value
-        k = URI.encode_www_form(t: [v[:type], v: v[:value]]).downcase
+        k = Util.encode_form(t: [v[:type], v: v[:value]]).downcase
         o[k] = v
       }
     }

data/lib/stub/server.rb

@@ -89,8 +89,7 @@ class Reply
   def initialize(status = 200) @status, @headers, @cookies, @body = status, {}, [], "" end
   def to_s
     reply = "HTTP/1.1 #{@status} OK\r\n"
-    headers["server"] = "stub server"
-    headers["date"] = DateTime.now.httpdate
+    headers["server"], headers["date"] = "stub server", DateTime.now.httpdate
     headers["content-length"] = body.bytesize
     headers.each { |k, v| reply << "#{k}: #{v}\r\n" }
     @cookies.each { |c| reply << "Set-Cookie: #{c}\r\n" }
@@ -168,8 +167,14 @@ class Base
     @server, @request, @reply, @match = server, Request.new, Reply.new, nil
   end
 
+  def default_route; reply_in_kind(404, error: "path not handled") end
+
   def process
     @reply = Reply.new
+    if server.root
+      return default_route unless request.path.start_with?(server.root)
+      request.path.slice!(0..server.root.length - 1)
+    end
     @match, handler = self.class.find_route(request)
     server.logger.debug "processing request to path #{request.path} for route #{@match ? @match.regexp : 'default'}"
     send handler
@@ -177,7 +182,7 @@ class Base
     server.logger.debug "replying to path #{request.path} with #{reply.body.length} bytes of #{reply.headers['content-type']}"
     #server.logger.debug "full reply is: #{reply.body.inspect}"
   rescue Exception => e
-    server.logger.debug "exception from route handler: #{e.message}"
+    server.logger.debug "exception processing request: #{e.message}"
     server.trace { e.backtrace }
     reply_in_kind 500, e
   end
@@ -190,10 +195,6 @@ class Base
     end
   end
 
-  def default_route
-    reply_in_kind(404, error: "path not handled")
-  end
-
 end
 
 #------------------------------------------------------------------------------
@@ -216,38 +217,62 @@ module Connection
   end
 end
 
-#--------------------------------------------------------------------------
+#------------------------------------------------------------------------------
 class Server
-  attr_reader :host, :port, :status, :logger
+
+  private
+
+  def done
+    fail unless @connections.empty?
+    EM.stop if @em_thread && EM.reactor_running?
+    @connections, @status, @sig, @em_thread = [], :stopped, nil, nil
+    sleep 0.1 unless EM.reactor_thread? # give EM a chance to stop
+    logger.debug EM.reactor_running?? "server done but EM still running": "server really done"
+  end
+
+  def initialize_connection(conn)
+    logger.debug "starting connection"
+    fail unless EM.reactor_thread?
+    @connections << conn
+    conn.req_handler, conn.comm_inactivity_timeout = @req_handler.new(self), 30
+  end
+
+  public
+
+  attr_reader :host, :port, :status, :logger, :root
   attr_accessor :info
   def url; "http://#{@host}:#{@port}" end
   def trace(msg = nil, &blk); logger.trace(msg, &blk) if logger.respond_to?(:trace) end
 
-  def initialize(req_handler, logger = Logger.new($stdout), info = nil)
-    @req_handler, @logger, @info = req_handler, logger, info
+  def initialize(req_handler, options)
+    @req_handler = req_handler
+    @logger = options[:logger] || Logger.new($stdout)
+    @info = options[:info]
+    @host = options[:host] || "localhost"
+    @init_port = options[:port] || 0
+    @root = options[:root]
     @connections, @status, @sig, @em_thread = [], :stopped, nil, nil
   end
 
-  def start(hostname = "localhost", port = nil)
+  def start
     raise ArgumentError, "attempt to start a server that's already running" unless @status == :stopped
-    @host = hostname
     logger.debug "starting #{self.class} server #{@host}"
     EM.schedule do
-      @sig = EM.start_server(@host, port || 0, Connection) { |c| initialize_connection(c) }
+      @sig = EM.start_server(@host, @init_port, Connection) { |c| initialize_connection(c) }
       @port = Socket.unpack_sockaddr_in(EM.get_sockname(@sig))[0]
-      logger.debug "#{self.class} server started at #{url}, signature #{@sig}"
+      logger.info "#{self.class} server started at #{url}"
     end
     @status = :running
     self
   end
 
-  def run_on_thread(hostname = "localhost", port = 0)
+  def run_on_thread
     raise ArgumentError, "can't run on thread, EventMachine already running" if EM.reactor_running?
     logger.debug { "starting eventmachine on thread" }
     cthred = Thread.current
     @em_thread = Thread.new do
       begin
-        EM.run { start(hostname, port); cthred.run }
+        EM.run { start; cthred.run }
         logger.debug "server thread done"
       rescue Exception => e
         logger.debug { "unhandled exception on stub server thread: #{e.message}" }
@@ -260,10 +285,10 @@ class Server
     self
   end
 
-  def run(hostname = "localhost", port = 0)
+  def run
     raise ArgumentError, "can't run, EventMachine already running" if EM.reactor_running?
     @em_thread = Thread.current
-    EM.run { start(hostname, port) }
+    EM.run { start }
     logger.debug "server and event machine done"
   end
 
@@ -286,25 +311,6 @@ class Server
     done if @status != :running && @connections.empty?
   end
 
-  private
-
-  def done
-    fail unless @connections.empty?
-    EM.stop if @em_thread && EM.reactor_running?
-    @connections, @status, @sig, @em_thread = [], :stopped, nil, nil
-    sleep 0.1 unless EM.reactor_thread? # give EM a chance to stop
-    logger.debug EM.reactor_running? ?
-        "server done but EM still running" : "server really done"
-  end
-
-  def initialize_connection(conn)
-    logger.debug "starting connection"
-    fail unless EM.reactor_thread?
-    @connections << conn
-    conn.req_handler = @req_handler.new(self)
-    conn.comm_inactivity_timeout = 30
-  end
-
 end
 
 end