dnsmadeeasy 0.2.3 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f3fe4a8e5e7490cd827fe1c39b7cb9eec1458ee6
-  data.tar.gz: 6b3f939c99808e319bcd77a4f77f34a456a3957f
+  metadata.gz: 0f567aee61ac65f6e851a7499a66f0da8639d1d9
+  data.tar.gz: 44825d6fcde3259791f194696da581ebbebc658c
 SHA512:
-  metadata.gz: ceed4e0e1ac07e7047ba55b39e723c6203c050add20167419f200ef2be3c513400b6a9b628c496bf7ab5e6177cd52be072213fcaa7edecf231bd0c19772b8613
-  data.tar.gz: 5d33110950c9d523d9c7a25bd4f57f3cef57f42a788d8f138374d67dfb1bbf991850f3133b0e994c79c6c08a7ec9bd136b2b48736193a1a08b37550cba80abb9
+  metadata.gz: 3935c9a7b0211ca35321ce1040352e12d8df876d8f1cc4b049bd987a711596cc353c5caa57a47b2dd97b3d4d7569f58a5da4e47b2f83351527c0340db94a9545
+  data.tar.gz: 70d6e6a69d8e8f66e5875d45dba02ac6ac50da4092ba4e1da195ac525d35e894fa01cf439f54576e1883003c2f1ee9877bb96f1b3277ece96b692b3fe5cd8246

data/.codeclimate.yml

@@ -0,0 +1,30 @@
+---
+engines:
+  duplication:
+    enabled: false
+    config:
+      languages:
+      - ruby
+      - javascript
+      - python
+      - php
+  fixme:
+    enabled: false
+  rubocop:
+    enabled: true
+    checks:
+      Rubocop/Metrics/MethodLength:
+        enabled: false
+      Rubocop/Metrics/CyclomaticComplexity:
+        enabled: false
+ratings:
+  paths:
+  - "**.inc"
+  - "**.js"
+  - "**.jsx"
+  - "**.module"
+  - "**.php"
+  - "**.py"
+  - "**.rb"
+exclude_paths:
+- spec/

data/README.md

@@ -12,36 +12,20 @@ This is a fully featured REST API client for DnsMadeEasy provider. DME is an **e
 
 **DnsMadeEasy** allows you to fetch, create, update DNS records, as long as you know your API key and the secret.
 
+### Setting up Credentials
+
 You can find your API Key and Secret on the [Account Settings Page](https://cp.dnsmadeeasy.com/account/info) of their UI.
 
 Once you have the key and the secret, you have several choices:
 
-  1. Perhaps the most conveniently, you can store them in a small YAML file, that must be placed in a specific location within your home folder:  `~/.dnsmadeeasy/credentials.yml`. The file should look like this one below (NOTE: these are not real credentials, btw):
-
-      ```yaml
-      # file: ~/.dnsmadeeasy/credentials.yml
-      credentials:
-        api_key: 2062259f-f666b17-b1fa3b48-042ad4030
-        api_secret: 2265bc3-e31ead-95b286312e-c215b6a0
-      ```
-
-      With this file existing, you can query right away, by using the shortcut module `DME`, such as         
-
-      ```ruby
-      require 'dme'
-      DME.domains.data.first.name #=> 'moo.gamespot.com'
-      ```
-
-  2. Or, you can directly instantiate a new instance of the `Client` class, by passing your API key and API secrets as arguments:
+  1. You can directly instantiate a new instance of the `Client` class, by passing your API key and API secrets as arguments:
 
       ```ruby
       require 'dnsmadeeasy'
       @client = DnsMadeEasy::Api::Client.new(api_key, api_secret)
       ```
 
-      The advantage of this method is that you can query multiple DnsMadeEasy accounts from the same Ruby VM. With other methods, only one account can be connected to.
-
-  3. Or, you can use the `DnsMadeEasy.configure` method to configure the key/secret pair, and then use `DnsMadeEasy` namespace to call the methods:
+  2. Or, you can use the `DnsMadeEasy.configure` method to configure the key/secret pair, and then use `DnsMadeEasy` namespace to call the methods:
 
      ```ruby
      require 'dnsmadeeasy'
@@ -54,6 +38,63 @@ Once you have the key and the secret, you have several choices:
      DnsMadeEasy.domains.data.first.name #=> 'moo.gamespot.com'     
      ```
 
+     Once you configure the keys, you can also use the shortcut module to save you some typing:
+     
+     ```ruby
+     require 'dnsmadeeasy/dme'
+     DME.domains.data.first.name #=> 'moo.gamespot.com'
+     ```
+     
+     This has the advantage of being much shorter, but might conflict with existing modules in your Ruby VM. 
+     In this case, just do not require `dnsmadeeasy/dme` and only require `dnsmadeeasy`, and you'll be fine.
+     Otherwise, using `DME` is identical to using `DnsMadeEasy`, assuming you required `dnsmadeeasy/dme` file.
+
+  3. Configuring API keys as above is easy, and can be done using environment variables. Alternatively, it may be convenient to store credentials in a YAML file. 
+
+     * If filename is not specified, there is default location where this file is searched, which is `~/.dnsmadeeasy/credentials.yml`.
+     * If filename is provided, it will be read, and must conform to the following format:
+   
+     **Simple Credentials Format**
+
+      ```yaml
+      # file: ~/.dnsmadeeasy/credentials.yml
+      credentials:
+          api_key: 2062259f-f666b17-b1fa3b48-042ad4030
+          api_secret: 2265bc3-e31ead-95b286312e-c215b6a0
+      ```
+
+     **Multi-Account Credentials Format**
+     
+     Below you see two accounts, with production key and secret being encrypted. See [further below](#encryption) about encrypting your key and secrets.
+
+      ```yaml
+      accounts:
+        - name: development
+          default_account: true
+          credentials:
+            api_key: 12345678-a8f8-4466-ffff-2324aaaa9098
+            api_secret: 43009899-abcc-ffcc-eeee-09f809808098
+        - name: production
+          credentials:
+            api_key: "BAhTOh1TeW06OkRhdGE6OldyYXBwZXJT............"
+            api_secret: "BAhTOh1TeW06OkRhdGE6OldyYXBwZ............"
+            encryption_key: spec/fixtures/sym.key
+      ```
+
+     You can use the following method to access both simple and multi-account YAML configurations:
+     
+     ```ruby
+     require 'dnsmadeeasy'
+     DnsMadeEasy.configure_from_file(file, account_name = nil, encryption_key = nil)
+
+     # for example:
+     DnsMadeEasy.configure_from_file('config/dme.yaml', 'production')
+     DnsMadeEasy.domains #=> [ ... ]
+
+     # or with encrypted key passed as an argument to decrypt YAML values:
+     DnsMadeEasy.configure_from_file('config/dme.yaml', 'production', ENV['PRODUCTION_KEY'])
+     ```
+   
 ### Which Namespace to Use? What is `DME` versus `DnsMadeEasy`?
 
 Since `DnsMadeEasy` is a bit of a mouthful, we decided to offer (in addition to the standard `DnsMadeEasy` namespace) the abbreviated module `DME` that simply forwards all messages to the module `DnsMadeEasy`. If in your Ruby VM there is no conflicting top-level class `DME`, then you can `require 'dnsmadeeasy/dme'` to get all of the DnsMadeEasy client library functionality without having to type the full name once. You can even do `require 'dme'`.
@@ -67,20 +108,21 @@ In a nutshell you have three ways to access all methods provided by the [`DnsMad
  1. Instantiate and use the client class directly,
  2. Use the top-level module `DnsMadeEasy` with `require 'dnsmadeeasy'`
  3. Use the shortened top-level module `DME` with `require 'dnsmadeeasy/dme'`
-
+   
+      
 ### Examples
 
-If you are planning on accessing *only one DnsMadeEasy account from the same Ruby VM*, it's recommended that you save your credentials (the API key and the secret) in the above mentioned file `~/.dnsmadeeasy/credentials.yml`.
-
+Whether or not you are accessing a single account or multiple, it is recommended that you save your credentials (the API key and the secret) encrypted in the above mentioned file `~/.dnsmadeeasy/credentials.yml` (or any file of you preference).
 ___
 
 > **NOTE:**
 > 
-> * DO NOT check that file into your repo!  
-> * The examples that follow assume credentials have been read from that file.
-
+> * DO NOT check that file into your repo! 
+> * If you use encryption, do not check in your key!  
 ___
 
+The examples that follow assume credentials have already been configured, and so we explore the API.
+
 Using the `DME` module (or `DnsMadeEasy` if you prefer) you can access all of your records through the available API method calls, for example:
 
 ```ruby
@@ -190,6 +232,42 @@ Here is the complete of all methods supported by the `DnsMadeEasy::Api::Client`:
 * `find_first`
 * `find_record_ids`
 
+
+<a name="encryption"></a>
+
+### Encryption
+
+It was mentioned above that the credentials YAML file may contain encrypted values. This facility is provided by the encryption gem [Sym](https://github.com/kigster/sym). 
+
+In order to encrypt your values, you need to perform the following steps:
+
+```bash
+gem install sym
+
+# let's generate a new key and save it to a file:
+sym -g -o my.key
+
+# if you are on Mac OS-X, you can import the key into the KeyChain.
+# this creates an entry in the keychain named 'my.key' that can be used later.
+sym -g -x my.key
+```
+
+Once you have the key generated, first, **make sure to never commit this to any repo!**. You can use 1Password for it, or something like that.
+
+Let's encrypt our actual API key:
+
+```bash
+api_key="12345678-a8f8-4466-ffff-2324aaaa9098"
+api_secret="43009899-abcc-ffcc-eeee-09f809808098"
+sym -ck my.key -e -s "${api_key}"
+# => prints the encrypted value
+
+# On a mac, you can copy it to clipboard:
+sym -ck my.key -e -s "${api_secret}" | pbcopy
+```
+
+Now, you place the encrypted values in the YAML file, and you can save "my.key" as the value against `encryption_key:` at the same level as the `api_key` and `api_secret` in the YAML file. This value can either point to a file path, or be a keychain name, or even a name of an environment variable. For full details, please see [sym documentation](https://github.com/kigster/sym#using-sym-with-the-command-line). 
+
 ## CLI Client
 
 This library offers a simple CLI client `dme` that maps the command line arguments to method arguments for corresponding actions:

data/Rakefile

@@ -24,3 +24,11 @@ end
 RSpec::Core::RakeTask.new(:spec)
 
 task :default => :spec
+task :gem => :install do
+  gem = `ls -1 *.gemspec | sed 's/\.gemspec//g'`.chomp
+  puts "gem is #{gem}"
+  puts `gem uninstall -ax #{gem}`.chomp
+  file=`ls -1 pkg`.chomp
+  puts `gem install pkg/#{file}`
+end
+

data/dnsmadeeasy.gemspec

@@ -43,6 +43,7 @@ https://github.com/kigster/dnsmadeeasy
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'sym'
   spec.add_dependency 'hashie'
   spec.add_dependency 'colored2'
   spec.add_dependency 'awesome_print'

data/lib/dnsmadeeasy.rb

@@ -7,36 +7,72 @@ require 'dnsmadeeasy/credentials'
 require 'dnsmadeeasy/api/client'
 
 module DnsMadeEasy
-  class Error < StandardError;  end
-  class AuthenticationError < Error; end
-  class APIKeyAndSecretMissingError < Error; end
+  class Error < StandardError;
+  end
+  class AuthenticationError < Error;
+  end
+  class APIKeyAndSecretMissingError < Error;
+  end
+  class InvalidCredentialKeys < Error;
+  end
+  class AbstractMethodError < Error;
+  end
+  class InvalidCredentialsFormatError < Error;
+  end
+  class NoSuchAccountError < Error;
+  end
 
   class << self
-    attr_accessor :api_key, :api_secret
+    attr_accessor :default_api_key,
+                  :default_api_secret
+
+    def configure
+      yield(self) if block_given?
+    end
+
+    def configure_from_file(file = nil,
+                            account_name = nil,
+                            encryption_key = nil)
 
-    def credentials=(file)
-      @creds = ::DnsMadeEasy::Credentials.load(file)
-      if @creds && @creds.valid?
+      credentials = ::DnsMadeEasy::Credentials.keys_from_file(
+        filename:       file || ::DnsMadeEasy::Credentials.default_credentials_path(user: ENV['USER']),
+        account_name:   account_name,
+        encryption_key: encryption_key)
+      if credentials
         configure do |config|
-          config.api_key = @creds.api_key
-          config.api_secret = @creds.api_secret
+          config.api_key    = credentials.api_key
+          config.api_secret = credentials.api_secret
         end
+      else
+        raise APIKeyAndSecretMissingError, "Unable to load valid api keys from #{file}!"
       end
     end
 
-    def configure
-      yield(self) if block_given?
+    def api_key=(value)
+      self.default_api_key = value
+    end
+
+    def api_secret=(value)
+      self.default_api_secret = value
     end
 
     def client(**options)
       @client ||= create_client(false, **options)
     end
 
-
     def sandbox_client(**options)
       @sandbox_client ||= create_client(true, **options)
     end
 
+    def create_client(sandbox = false,
+                      api_key: self.default_api_key,
+                      api_secret: self.default_api_secret,
+
+                      **options)
+      raise APIKeyAndSecretMissingError, 'Please set #api_key and #api_secret' unless api_key && api_secret
+      ::DnsMadeEasy::Api::Client.new(api_key, api_secret, sandbox, **options)
+    end
+
     # Basically delegate it all to the Client instance
     # if the method call is supported.
     #
@@ -47,25 +83,5 @@ module DnsMadeEasy
         super(method, *args, &block)
       end
     end
-
-    def default!
-      assign_default_credentials
-    end
-
-
-    def assign_default_credentials
-      if Credentials.exist?
-        self.credentials = Credentials.default_credentials_file
-      end
-    end
-
-    private
-
-    def create_client(sandbox = false, **options)
-      default! unless api_key && api_secret
-      raise APIKeyAndSecretMissingError, 'Please set #api_key and #api_secret' unless api_key && api_secret
-      ::DnsMadeEasy::Api::Client.new(api_key, api_secret, sandbox, **options)
-    end
   end
-
 end

data/lib/dnsmadeeasy/credentials.rb

@@ -1,136 +1,98 @@
 require 'yaml'
+require 'dnsmadeeasy'
+require 'hashie/extensions/mash/symbolize_keys'
+require 'sym'
+
+require_relative 'credentials/api_keys'
+require_relative 'credentials/yaml_file'
 
 module DnsMadeEasy
-  # Credentials file should look like this:
+  # A Facade module
+  #
+  # ## Usage
+  #
+  #         @creds = DnsMadeEasy::Credentials.create(key, secret)
+  #         @creds.api_key #=> ...
+  #         @creds.api_secret # > ...
+  #
+  # ### From a single-level YAML file that looks like this:
+  #
+  # ```yaml
+  # credentials:
+  #    api_key: 12345678-a8f8-4466-ffff-2324aaaa9098
+  #    api_secret: 43009899-abcc-ffcc-eeee-09f809808098
+  # ````
+  #
+  #         @creds = DnsMadeEasy::Credentials.keys_from_file(filename: file)
+  #         @creds.api_key #=> '12345678-a8f8-4466-ffff-2324aaaa9098'
   #
-  # Usage:
+  # #### From a default filename ~/.dnsmadeeasy/credentials.yml
   #
-  # Example 1. Assuming file ~/.dnsmadeeasy/credentials.yml exists:
+  #         @creds = DnsMadeEasy::Credentials.keys_from_file
   #
-  #       DnsMadeEasy::Credentials.exist? #=> true
-  #       creds = DnsMadeEasy::Credentials.load
+  # ### From a multi-account file
   #
-  #       creds.api_key #=> key
-  #       creds.api_secret #=> secret
+  # Multi-account YAML file must look like this:
   #
+  # ```yaml
+  # accounts:
+  #   - name: production
+  #     default_account: true
+  #     credentials:
+  #       api_key: "BAhTOh1TeW06OkRhdGE6OldyYXBwZXJTdHJ1Y3QLOhNlbmNyeXB0ZWRfZGF0YSJV9HFDvF4KUwQLqevf4zvsKO1Yk04kRimAHAfNgoFO0dtRb6OjREyI43uzFV7z63FGjzXcBBG9KDUdj6OowbDw2z86nkTpakkKuIP31HCPZkQ6B2l2IhV2LPWTPSfDruDxi_ToEfbQOhBjaXBoZXJfbmFtZSIQQUVTLTI1Ni1DQkM6CXNhbHQwOgx2ZXJzaW9uaQY6DWNvbXByZXNzVA=="
+  #       api_secret: "BAhTOh1TeW06OkRhdGE6OldyYXBwZXJTdHJ1Y3QLOhNlbmNyeXB0ZWRfZGF0YSJVHE1D3mpTsUseEdm3NWox7xdeQExobVx3-dHnEJoK9XYXawoPvtgroxOhsaYxZtxz_ZeHtSDZwu0eyDVyZ-XDo-vxalo9cQ2FOm05hVQaebo6B2l2IhVosiRfW5FnRK4BxfwPytLcOhBjaXBoZXJfbmFtZSIQQUVTLTI1Ni1DQkM6CXNhbHQwOgx2ZXJzaW9uaQY6DWNvbXByZXNzVA=="
+  #       encryption_key: spec/fixtures/sym.key
+  #   - name: preview
+  #     credentials:
+  #       api_key: "BAhTOh1TeW06OkRhdGE6OldyYXBwZXJTdHJ1Y3QLOhNlbmNyeXB0ZWRfZGF0YSJV9HFDvF4KUwQLqevf4zvsKO1Yk04kRimAHAfNgoFO0dtRb6OjREyI43uzFV7z63FGjzXcBBG9KDUdj6OowbDw2z86nkTpakkKuIP31HCPZkQ6B2l2IhV2LPWTPSfDruDxi_ToEfbQOhBjaXBoZXJfbmFtZSIQQUVTLTI1Ni1DQkM6CXNhbHQwOgx2ZXJzaW9uaQY6DWNvbXByZXNzVA=="
+  #       api_secret: "BAhTOh1TeW06OkRhdGE6OldyYXBwZXJTdHJ1Y3QLOhNlbmNyeXB0ZWRfZGF0YSJVHE1D3mpTsUseEdm3NWox7xdeQExobVx3-dHnEJoK9XYXawoPvtgroxOhsaYxZtxz_ZeHtSDZwu0eyDVyZ-XDo-vxalo9cQ2FOm05hVQaebo6B2l2IhVosiRfW5FnRK4BxfwPytLcOhBjaXBoZXJfbmFtZSIQQUVTLTI1Ni1DQkM6CXNhbHQwOgx2ZXJzaW9uaQY6DWNvbXByZXNzVA=="
+  #       encryption_key:
+  #   - name: staging
+  #     credentials:
+  #       api_key: 12345678-a8f8-4466-ffff-2324aaaa9098
+  #       api_secret: 43009899-abcc-ffcc-eeee-09f809808098
   #
-  # Example 2. Assuming another file: ~/.private/dnsmadeeasy.yml:
+  # ```
   #
-  #       DnsMadeEasy::Credentials.exist? #=> false
-  #       DnsMadeEasy::Credentials.exist?('~/.private/dnsmadeeasy.yml') #=> true
+  # Here we have multiple credentials account, one of which can have 'default_account: true'
+  # Each account has a name that's used in `account_name` argument. Finally, if the keys
+  # are encrypted, the key can either be referenced in the YAML file itself (in the above
+  # case it points to a file name — see documentation on the gem Sym about various formats
+  # of the key).
   #
-  #       creds = DnsMadeEasy::Credentials.load('~/.private/dnsmadeeasy.yml')
-  #       creds.api_key #=> key
-  #       creds.api_secret #=> secret
+  # Note that in this case, encryption key is optional, since the YAML file
+  # actually specifies the key.
   #
+  #         @creds = DnsMadeEasy::Credentials.keys_from_file(
+  #                            filename: 'spec/fixtures/credentials-multi-account.yml',
+  #                            account_name: 'production')
   #
-  class Credentials < Hash
-    #DEFAULT_CREDENTIALS_FILE = File.expand_path('~/.dnsmadeeasy/credentials.yml').freeze
+  #
+  # )
 
-    class CredentialsFileNotFound < StandardError
-    end
+  module Credentials
 
-    #
-    # Class Methods
-    #
-    #
     class << self
-      # Default credential file that's used if no argument is passed.
-      attr_accessor :default_credentials_file
 
-      def exist?(file = default_credentials_file)
-        File.exist?(file)
+      # Create a new instance of Credentials::ApiKeys
+      def create(key, secret, encryption_key = nil)
+        ApiKeys.new(key, secret, encryption_key)
       end
 
-      def load(file = default_credentials_file)
-        validate_argument(file)
+      def keys_from_file(filename: default_credentials_path,
+                         account_name: nil,
+                         encryption_key: nil)
 
-        new.tap do |local|
-          local.merge!(parse_file(file)) if exist?(file)
-          local.symbolize!
-        end
+        YamlFile.new(filename: filename).keys(account_name:   account_name,
+                                    encryption_key: encryption_key)
       end
 
-
-      private
-
-      def validate_argument(file)
-        unless file && File.exist?(file)
-          raise CredentialsFileNotFound, "File #{file} could not be found"
-        end
+      # @return String path to the default credentials file.
+      def default_credentials_path(user: nil)
+        user ?
+          File.expand_path(Dir.home(user) + '/.dnsmadeeasy/credentials.yml').freeze :
+          File.expand_path('~/.dnsmadeeasy/credentials.yml').freeze
       end
-
-
-      def parse_file(file)
-        YAML.load(read_file(file))
-      end
-
-
-      def read_file(file)
-        File.read(file)
-      end
-    end
-
-    # Set the default
-    self.default_credentials_file ||= File.expand_path('~/.dnsmadeeasy/credentials.yml').freeze
-
-    # Instance Methods
-    # NOTE: we are subclassing Hash, which isn't awesome, but gets the job done.
-
-    def symbolize(param_hash = self)
-      Hash.new.tap { |hash|
-        param_hash.each_pair do |key, key_value|
-          value = recurse_if_needed(key_value)
-          symbolize_key(hash, key, value)
-        end
-      }
-    end
-
-    public
-
-    def valid?
-      api_key && api_secret
     end
-
-
-    def symbolize!
-      hash = symbolize(self)
-      clear
-      merge!(hash)
-    end
-
-
-    def api_key
-      credentials && credentials[:api_key]
-    end
-
-
-    def api_secret
-      credentials && credentials[:api_secret]
-    end
-
-
-    private
-
-    def symbolize_key(hash, key, value)
-      case key
-        when String, Symbol
-          hash[key.to_sym] = value
-        else
-          hash[key.to_s.to_sym] = value
-      end
-    end
-
-
-    def recurse_if_needed(key_value)
-      key_value.is_a?(Hash) ? symbolize(key_value) : key_value
-    end
-
-
-    def credentials
-      self[:credentials] || {}
-    end
-
-
   end
 end

data/lib/dnsmadeeasy/credentials/api_keys.rb

@@ -0,0 +1,77 @@
+require 'yaml'
+require 'dnsmadeeasy'
+require 'hashie/extensions/mash/symbolize_keys'
+require 'sym'
+require 'sym/app'
+require 'digest'
+
+module DnsMadeEasy
+  module Credentials
+    #
+    # Immutable instance with key and secret.
+    #
+    class ApiKeys
+      API_KEY_REGEX = /^([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12})$/
+
+      attr_reader :api_key,
+                  :api_secret,
+                  :encryption_key,
+                  :default,
+                  :account_name
+
+      include Sym
+
+      def initialize(key, secret, encryption_key = nil, default: false, account_name: nil)
+        raise InvalidCredentialKeys, "Key and Secret can not be nil" if key.nil? || secret.nil?
+
+        @default      = default
+        @account_name = account_name
+
+        if !valid?(key, secret) && encryption_key
+          @encryption_key = sym_resolve(encryption_key)
+          @api_key    = decr(key, @encryption_key)
+          @api_secret = decr(secret, @encryption_key)
+        else
+          @api_key    = key
+          @api_secret = secret
+        end
+
+        raise InvalidCredentialKeys, "Key [#{api_key}] or Secret [#{api_secret}] has failed validation for its format" unless valid?
+      end
+
+      def sym_resolve(encryption_key)
+        null_output = ::File.open('/dev/null', 'w')
+        result = Sym::Application.new({ cache_passwords: true, key: encryption_key }, $stdin, null_output, null_output).execute
+        if result.is_a?(Hash)
+          raise InvalidCredentialKeys, "Unable to decrypt the data, error is: #{result[:exception]}"
+        else
+          result
+        end
+      end
+
+      def to_s
+        "<#{self.class.name}#key=[s#{rofl(api_key)}] secret=[#{rofl(api_secret)}] encryption_key=[#{rofl(encryption_key)}]>"
+      end
+
+      def rofl(key)
+        Digest::SHA256::hexdigest(key) if key
+      end
+
+      def valid?(key = self.api_key, secret = self.api_secret)
+        key &&
+          secret &&
+          API_KEY_REGEX.match(key) &&
+          API_KEY_REGEX.match(secret)
+      end
+
+      def ==(other)
+        other.is_a?(ApiKeys) &&
+          other.valid? &&
+          other.api_key == api_key &&
+          other.api_secret == api_secret
+      end
+
+      alias eql? ==
+    end
+  end
+end

data/lib/dnsmadeeasy/credentials/yaml_file.rb

@@ -0,0 +1,75 @@
+require 'yaml'
+require 'dnsmadeeasy'
+require 'hashie/extensions/symbolize_keys'
+require 'sym'
+require_relative 'api_keys'
+
+module DnsMadeEasy
+  module Credentials
+
+    class YamlFile
+      attr_accessor :filename, :account, :mash
+
+      def initialize(filename: default_credentials_path)
+        self.filename = filename
+        parse! if exist?
+      end
+
+      def keys(account_name: nil, encryption_key: nil)
+        return nil unless exist?
+        return nil if mash.nil?
+
+        creds = if mash.accounts.is_a?(Array)
+                  account = if account_name
+                              mash.accounts.find { |a| a.name == account_name.to_s }
+                            else
+                              mash.accounts.find { |a| a.default_account }
+                            end
+
+                  raise DnsMadeEasy::APIKeyAndSecretMissingError,
+                        (account_name ? "account #{account_name} was not found" : 'default account does not exist') unless account
+
+                  raise DnsMadeEasy::InvalidCredentialsFormatError,
+                        'Expected account entry to have "credentials" key' unless account.credentials
+
+                  account.credentials
+
+                elsif mash.credentials
+                  mash.credentials
+
+                else
+                  raise DnsMadeEasy::InvalidCredentialsFormatError,
+                        'expected either "accounts" or "credentials" as the top-level key'
+                end
+
+        creds ? ApiKeys.new(creds.api_key,
+                            creds.api_secret,
+                            encryption_key || creds.encryption_key) : nil
+      end
+
+      def to_s
+        "file #{filename}"
+      end
+
+      private
+
+      def parse!
+        self.mash = Hashie::Extensions::SymbolizeKeys.symbolize_keys(load_hash)
+      end
+
+      def exist?
+        ::File.exist?(filename)
+      end
+
+      def contents
+        ::File.read(filename)
+      end
+
+      def load_hash
+        Hashie::Mash.new(YAML.load(contents))
+      end
+
+    end
+
+  end
+end

data/lib/dnsmadeeasy/runner.rb

@@ -8,28 +8,25 @@ require 'dnsmadeeasy/api/client'
 
 module DnsMadeEasy
   class Runner
-    SUPPORTED_FORMATS = %w(json yaml)
+    SUPPORTED_FORMATS = %w(json json_pretty yaml pp)
 
     attr_accessor :format, :argv, :operation
 
-
     def initialize(argv = nil)
-      self.argv = argv || ARGV.dup
-      configure_authentication
+      self.argv   = argv || ARGV.dup
       self.format = process_flags_format
     end
 
-
     def execute!
       if argv.empty? || argv.size < 1
         print_help_message
       else
+        configure_authentication
         self.operation = argv.shift.to_sym
         exit call_through_client(operation)
       end
     end
 
-
     private
 
     def call_through_client(method)
@@ -52,7 +49,10 @@ module DnsMadeEasy
           print_signature(method, sig) :
           print_error('Action', "#{method.to_s.bold.yellow}", 'has generated an error'.red, exception: e)
         1
-      rescue NoMethodError
+      rescue NoMethodError => e
+
+        puts e.backtrace.reverse.join("\n").red
+
         print_error('Action', "#{method.to_s.bold.yellow}", 'is not valid.'.red)
         puts 'HINT: try running ' + 'dme operations'.bold.green + ' to see the list of valid operations.'
         2
@@ -62,7 +62,6 @@ module DnsMadeEasy
       end
     end
 
-
     def print_error(*args, exception: nil)
       unless args.empty?
         puts <<-EOF
@@ -77,19 +76,17 @@ module DnsMadeEasy
       end
     end
 
-
     def print_signature(method, sig)
       puts <<-EOF
 #{'Error: '.bold.yellow}
-  #{'You are missing some arguments for this operation:'.red}
+      #{'You are missing some arguments for this operation:'.red}
 
-#{'Correct Usage: '.bold.yellow}
-  #{method.to_s.bold.green} #{sig.join(' ').blue }
+      #{'Correct Usage: '.bold.yellow}
+      #{method.to_s.bold.green} #{sig.join(' ').blue }
 
       EOF
     end
 
-
     def process_flags_format
       if argv.first&.start_with?('--')
         format = argv.shift.gsub(/^--/, '')
@@ -108,45 +105,64 @@ module DnsMadeEasy
       format
     end
 
-
     def configure_authentication
-      if ENV['DNSMADEEASY_API_KEY'] && ENV['DNSMADEEASY_API_SECRET']
-        DnsMadeEasy.configure do |config|
-          config.api_key    = ENV['DNSMADEEASY_API_KEY']
-          config.api_secret = ENV['DNSMADEEASY_API_SECRET']
-        end
+      keys = DnsMadeEasy::Credentials.keys_from_file(
+        filename: ENV['DNSMADEEASY_CREDENTIALS_FILE'] || DnsMadeEasy::Credentials.default_credentials_path(user: ENV['USER'])
+      )
+      if keys
+        DnsMadeEasy.api_key = keys.api_key
+        DnsMadeEasy.api_secret = keys.api_secret
       else
-        DnsMadeEasy.credentials = (ENV['DNSMADEEASY_CREDENTIALS'] || DnsMadeEasy::Credentials.default_credentials_file)
+        raise DnsMadeEasy::APIKeyAndSecretMissingError
       end
-    end
+    rescue DnsMadeEasy::APIKeyAndSecretMissingError => e
+      print_error(e.message)
 
+      puts('You can also set two environment variables: ')
+      puts('  DNSMADEEASY_API_KEY and DNSMADEEASY_API_SECRET')
+
+      exit 123
+    end
 
     def print_usage_message
       puts <<-EOF
 #{'Usage:'.bold.yellow}
-  #{'# Execute an API call:'.dark}
-  #{"dme [ #{SUPPORTED_FORMATS.map { |f| "--#{f}" }.join(' | ')} ] operation [ arg1 arg2 ... ] ".bold.green}
+      #{'# Execute an API call:'.dark}
+      #{"dme [ #{SUPPORTED_FORMATS.map { |f| "--#{f}" }.join(' | ')} ] operation [ arg1 arg2 ... ] ".bold.green}
 
-  #{'# Print suported operations:'.dark}
-  #{'dme op[erations]'.bold.green}
+      #{'# Print suported operations:'.dark}
+      #{'dme op[erations]'.bold.green}
 
       EOF
     end
 
-
     def print_help_message
       print_usage_message
 
       puts <<-EOF
-#{'Credentials:'.bold.yellow}
+#{header 'Credentials'}
   Store your credentials in a YAML file 
-  #{DnsMadeEasy::Credentials.default_credentials_file} as follows:
+  #{DnsMadeEasy::Credentials.default_credentials_path(user: ENV['USER'])} as follows:
 
   #{'credentials:
     api_key: XXXX
     api_secret: YYYY'.bold.magenta}
 
-#{'Examples:'.bold.yellow}
+  Or a multi-account version:
+
+  #{'accounts:
+    - name: production
+      credentials: 
+        api_key: XXXX
+        api_secret: YYYY
+        encryption_key: my_key
+    - name: development
+      default_account: true
+      credentials:
+        api_key: ZZZZ
+        api_secret: WWWW'.bold.magenta}
+
+#{header 'Examples:'}
    #{'dme domain moo.com 
    dme --json domain moo.com 
    dme find_all moo.com A www
@@ -157,30 +173,39 @@ module DnsMadeEasy
       exit 1
     end
 
+    def header(message)
+      "#{message.bold.yellow}"
+    end
 
     def print_supported_operations
       puts <<-EOF
-#{'Actions:'.bold.yellow}      
+#{header 'Actions:'}      
   Checkout the README and RubyDoc for the arguments to each operation,
   which is basically a method on a DnsMadeEasy::Api::Client instance.
   #{'http://www.rubydoc.info/gems/dnsmadeeasy/DnsMadeEasy/Api/Client'.blue.bold.underlined}
 
-#{'Valid Operations Are:'.bold.yellow}
-  #{DnsMadeEasy::Api::Client.public_operations.join("\n  ").green.bold}
+      #{header 'Valid Operations Are:'}
+      #{DnsMadeEasy::Api::Client.public_operations.join("\n  ").green.bold}
 
       EOF
     end
 
-
     def print_formatted(result, format = nil)
       if format
-        puts result.send("to_#{format}".to_sym)
+        if format.to_sym == :json_pretty
+          puts JSON.pretty_generate(result)
+        elsif format.to_sym == :pp
+          require 'pp'
+          pp result
+        else
+          m = "to_#{format}".to_sym
+          puts result.send(m) if result.respond_to?(m)
+        end
       else
         ap(result, indent: 10)
       end
     end
 
-
     # e.backtrack.first looks like this:
     # ..../dnsmadeeasy/lib/dnsmadeeasy/api/client.rb:143:in `create_a_record'
     def method_signature(e, method)

data/lib/dnsmadeeasy/version.rb

@@ -1,3 +1,3 @@
 module DnsMadeEasy
-  VERSION = '0.2.3'.freeze
+  VERSION = '0.3.0'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dnsmadeeasy
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.3.0
 platform: ruby
 authors:
 - Konstantin Gredeskoul
@@ -12,8 +12,22 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-12-14 00:00:00.000000000 Z
+date: 2017-12-23 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: sym
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: hashie
   requirement: !ruby/object:Gem::Requirement
@@ -182,6 +196,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".codeclimate.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
@@ -197,6 +212,8 @@ files:
 - lib/dnsmadeeasy.rb
 - lib/dnsmadeeasy/api/client.rb
 - lib/dnsmadeeasy/credentials.rb
+- lib/dnsmadeeasy/credentials/api_keys.rb
+- lib/dnsmadeeasy/credentials/yaml_file.rb
 - lib/dnsmadeeasy/dme.rb
 - lib/dnsmadeeasy/runner.rb
 - lib/dnsmadeeasy/version.rb