fastlyctl 1.0.14 → 1.0.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 987113b9085a2a49c56a460d19ca8dd4d865627cf54a479b1969cdcfb6038ade
-  data.tar.gz: 85b785765d0343e55335146d6ad7db9629ccfb58c3323620e22287d403594de5
+  metadata.gz: 30b17a038f6872f8c9c6d0fd30242b713b1367f3661bb4bbc5a5425193f0e478
+  data.tar.gz: bca56f0c9c3858382eac21186f8aacfdef9637b0bb7e41e958205f896f2294b8
 SHA512:
-  metadata.gz: cbf7e09910fdfb6de30cca198e65f650577c953f1d67e4732ae10f94908de697a0e2a22b90e94b3e25a947f2fbd42c8507b6a666fb57a1ffd20c4e63209ab2cb
-  data.tar.gz: 779371688739cd0900402a39d506b06c8bad7e902097444a062fa58404a435bd7f4718c17f4601793e1da83b0ace1d7f8acbfef6fa4e08efcc77be27fcacb9d1
+  metadata.gz: f291b8dc06677ad0018a5228b4a3083d7842781b9a5535a22ac8db76af611514cf518a2ad0a9733bb63e10ba3982ad1607515e25de6481685d982c5e96e4d793
+  data.tar.gz: ee2524ad989093dfe37de83b6e999f804c752aee8cf7c6bb5eb090aa7402f625321ee1073f09a125bb3cdd5283b56f9698954021dd00feadf4ae35cb7a0efb29

data/README.md

@@ -321,6 +321,22 @@ Flags:
   * --d: When used with the create command, specifies that the snippet should be dynamic.
   * --y: Answer yes to all prompts
 
+### tls
+
+#### managed
+
+Usage:
+
+```
+fastlyctl tls managed [subcommand] [domain]
+```
+
+Available Subcommands:
+  * create: Create a Managed TLS Subscription for `[domain]`
+  * status: Print the status of all Managed TLS Subscriptions
+  * challenges: Print the challenges available for the verification of a certificate for `[domain]`
+  * delete: Delete a Managed TLS Subscription for `[domain]`
+
 ### token
 
 Manipulate tokens for an account.
@@ -371,10 +387,6 @@ Flags:
 
 The `--debug` flag is available on any command. Using it will cause fastlyctl to print the libcurl output for any requests it makes.
 
-## Contributing
-
-Submit a pull request. Don't break anything.
-
 ## License
 
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/fastlyctl.gemspec

@@ -34,4 +34,5 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency "thor", "~> 0.19.4"
   spec.add_runtime_dependency 'diffy', '~> 3.2.1'
   spec.add_runtime_dependency 'launchy', '~> 2.4.3', '>= 2.4.3'
+  spec.add_runtime_dependency 'openssl', '~> 2.1.2', '>= 2.1.2'
 end

data/lib/fastlyctl.rb

@@ -6,23 +6,23 @@ require "uri"
 require "launchy"
 require "erb"
 require "pp"
+require "openssl"
 
 require "fastlyctl/version"
 require "fastlyctl/fetcher"
 require "fastlyctl/clone_utils"
 require "fastlyctl/utils"
+require "fastlyctl/subcommand_patch"
 require "fastlyctl/cli"
 
 include ERB::Util
 
 module FastlyCTL
-  COOKIE_JAR = ENV['HOME'] + "/.fastlyctl_cookie_jar"
   TOKEN_FILE = ENV['HOME'] + "/.fastlyctl_token"
   FASTLY_API = "https://api.fastly.com"
-  FASTLY_APP = "https://manage.fastly.com"
+  FASTLY_RT_API = "https://rt.fastly.com"
   TANGO_PATH = "/configure/services/"
 
-  Cookies = File.exist?(FastlyCTL::COOKIE_JAR) ? JSON.parse(File.read(FastlyCTL::COOKIE_JAR)) : {}
   # Don't allow header splitting with the key
-  Token = File.exist?(FastlyCTL::TOKEN_FILE) ? File.read(FastlyCTL::TOKEN_FILE) : false
+  Token = File.exist?(FastlyCTL::TOKEN_FILE) ? File.read(FastlyCTL::TOKEN_FILE) : (ENV['FASTLYCLI_TOKEN'] ? ENV['FASTLYCLI_TOKEN'] : false)
 end

data/lib/fastlyctl/cli.rb

@@ -17,6 +17,7 @@ require "fastlyctl/commands/acl"
 require "fastlyctl/commands/copy"
 require "fastlyctl/commands/logging"
 require "fastlyctl/commands/condition"
+require "fastlyctl/commands/tls"
 
 
 module FastlyCTL
@@ -24,7 +25,7 @@ module FastlyCTL
     class_option :debug, :desc => 'Enabled debug mode output'
 
     def initialize(a,b,c)
-      unless File.exist?(FastlyCTL::TOKEN_FILE)
+      unless File.exist?(FastlyCTL::TOKEN_FILE) || ENV['FASTLYCLI_TOKEN']
         if yes?("Unable to locate API token. Would you like to login first?")
           self.login
         end

data/lib/fastlyctl/clone_utils.rb

@@ -16,7 +16,6 @@ module FastlyCTL
       "vcl" => {},
       "snippet" => {},
       "logging/s3" => {},
-      "logging/s3canary" => {},
       "logging/azureblob" => {},
       "logging/cloudfiles" => {},
       "logging/digitalocean" => {},
@@ -53,6 +52,10 @@ module FastlyCTL
         obj.merge!(FastlyCTL::Fetcher.api_request(:get, "/service/#{source_sid}/snippet/#{obj["id"]}"))
       end
 
+      if type.start_with?("logging/") && obj["response_condition"] == ""
+        obj.delete("response_condition")
+      end
+
       obj_id = obj["id"]
       obj = FastlyCTL::CloneUtils.filter(type,obj)
 
@@ -60,12 +63,12 @@ module FastlyCTL
 
       if main === true
         # the "main-ness" of the vcl does not get carried over during creation. must explicitly set main
-        FastlyCTL::Fetcher.api_request(:put, "/service/#{sid}/version/#{version}/vcl/#{URI.escape(obj["name"])}/main")
+        FastlyCTL::Fetcher.api_request(:put, "/service/#{sid}/version/#{version}/vcl/#{FastlyCTL::Utils.percent_encode(obj["name"])}/main")
       end
 
       if type == "director"
         backends.each do |b|
-          FastlyCTL::Fetcher.api_request(:post, "/service/#{sid}/version/#{version}/director/#{URI.escape(obj["name"])}/backend/#{b}", body: obj )
+          FastlyCTL::Fetcher.api_request(:post, "/service/#{sid}/version/#{version}/director/#{FastlyCTL::Utils.percent_encode(obj["name"])}/backend/#{b}", body: obj )
         end
       end
 

data/lib/fastlyctl/commands/acl.rb

@@ -20,7 +20,7 @@ module FastlyCTL
       version = FastlyCTL::Fetcher.get_writable_version(id) unless options[:version]
       version ||= options[:version]
 
-      encoded_name = URI.escape(name) if name
+      encoded_name = FastlyCTL::Utils.percent_encode(name) if name
 
       case action
       when "create"

data/lib/fastlyctl/commands/condition.rb

@@ -32,7 +32,7 @@ module FastlyCTL
         version = FastlyCTL::Fetcher.get_writable_version(id) unless options[:version]
         version ||= options[:version].to_i
 
-        encoded_name = URI.escape(name) if name
+        encoded_name = FastlyCTL::Utils.percent_encode(name) if name
 
         case action 
             when "list"

data/lib/fastlyctl/commands/copy.rb

@@ -19,7 +19,7 @@ module FastlyCTL
       path += "/#{obj_name}" unless obj_type == "settings"
       obj = FastlyCTL::Fetcher.api_request(:get, path)
 
-      encoded_name = URI.escape(obj_name)
+      encoded_name = FastlyCTL::Utils.percent_encode(obj_name)
 
       if (obj_type == "settings")
         puts "Copying settings from #{id} version #{source_version} to #{target_id} version #{target_version}..."

data/lib/fastlyctl/commands/dictionary.rb

@@ -20,7 +20,7 @@ module FastlyCTL
       version = FastlyCTL::Fetcher.get_writable_version(id) unless options[:version]
       version ||= options[:version]
 
-      encoded_name = URI.escape(name) if name
+      encoded_name = FastlyCTL::Utils.percent_encode(name) if name
 
       case action
       when "create"
@@ -49,14 +49,14 @@ module FastlyCTL
         abort "Must specify name for dictionary" unless name
         abort "Must specify key and value for dictionary item" unless (key && value)
         dict = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/dictionary/#{encoded_name}")
-        FastlyCTL::Fetcher.api_request(:put, "/service/#{id}/dictionary/#{dict["id"]}/item/#{key}", params: { item_value: value })   
+        FastlyCTL::Fetcher.api_request(:put, "/service/#{id}/dictionary/#{dict["id"]}/item/#{FastlyCTL::Utils.percent_encode(key)}", params: { item_value: value })   
 
         say("Dictionary item #{key} set to #{value}.")   
       when "remove"
         abort "Must specify name for dictionary" unless name
         abort "Must specify key for dictionary item" unless key
         dict = FastlyCTL::Fetcher.api_request(:get, "/service/#{id}/version/#{version}/dictionary/#{encoded_name}")
-        FastlyCTL::Fetcher.api_request(:delete, "/service/#{id}/dictionary/#{dict["id"]}/item/#{key}")
+        FastlyCTL::Fetcher.api_request(:delete, "/service/#{id}/dictionary/#{dict["id"]}/item/#{FastlyCTL::Utils.percent_encode(key)}")
 
         say("Item #{key} removed from dictionary #{name}.")
       when "list_items"

data/lib/fastlyctl/commands/login.rb

@@ -13,23 +13,21 @@ module FastlyCTL
 
       say("Proceeding with username/password login...")
 
-      login_results = FastlyCTL::Fetcher.login
+      username = ask("Username: ")
+      password = ask("Password: ", :echo => false)
+      say("")
 
-      File.open(FastlyCTL::COOKIE_JAR , 'w+') {|f| f.write(JSON.dump(FastlyCTL::Cookies)) }
-      File.chmod(0600, FastlyCTL::COOKIE_JAR)
-
-      say("Creating root scoped token...")
-
-      if login_results[:user].include?("@fastly.com") && !login_results[:user].include?("+")
+      if username.include?("@fastly.com") && !username.include?("+")
         scope = "root"
       else
         scope = "global"
       end
 
+      say("Creating #{scope} scope token...")
+
       o = {
-        user: login_results[:user],
-        pass: login_results[:pass],
-        code: login_results[:code],
+        username: username,
+        password: password,
         scope: scope,
         name: "fastlyctl_token"
       }

data/lib/fastlyctl/commands/purge_all.rb

@@ -3,11 +3,10 @@ module FastlyCTL
     desc "purge_all", "Purge all content from a service."
     method_option :service, :aliases => ["--s"]
     def purge_all
-      parsed_id = FastlyCTL::Utils.parse_directory
+      id = FastlyCTL::Utils.parse_directory unless options[:service]
+      id ||= options[:service]
 
-      id = FastlyCTL::Utils.parse_directory
-
-      abort "Could not parse service id from directory. Use --s <service> to specify, vcl download, then try again." unless (id || options[:service])
+      abort "Could not parse service id from directory. Use --s <service> to specify, vcl download, then try again." unless id
 
       FastlyCTL::Fetcher.api_request(:post, "/service/#{id}/purge_all")
 

data/lib/fastlyctl/commands/snippet.rb

@@ -18,7 +18,7 @@ module FastlyCTL
       version = FastlyCTL::Fetcher.get_writable_version(id) unless options[:version]
       version ||= options[:version].to_i
 
-      encoded_name = URI.escape(name) if name
+      encoded_name = FastlyCTL::Utils.percent_encode(name) if name
 
       filename = options.key?(:filename) ? options[:filename] : "#{name}.snippet"
 

data/lib/fastlyctl/commands/tls.rb

@@ -0,0 +1,70 @@
+require "fastlyctl/commands/tls/managed"
+
+module FastlyCTL
+  class TLSSubCmd < SubCommandBase
+    SubcommandPrefix = "tls"
+
+    desc "managed SUBCOMMAND ...ARGS", "Interface with Fastly Managed TLS Subscriptions (lets-encrypt)"
+    subcommand "managed", TLSManagedSubCmd
+  end
+
+  class CLI < Thor
+    desc "tls SUBCOMMAND ...ARGS", "Interface with Fastly TLS"
+    subcommand "tls", TLSSubCmd
+  end
+
+  module TLSUtils
+    def self.get_tls_configs
+      data = FastlyCTL::Fetcher.api_request(:get,"/tls/configurations",{use_vnd:true})["data"]
+      if data.length == 0
+        thor = Thor::Shell::Basic.new
+        thor.say "No TLS Configurations found. You may need to upgrade to a paid account if you are using a free account."
+        thor.say "If you need assistance, please contact support@fastly.com."
+        if (thor.yes?("Would you like to open the TLS configuration page in the Fastly app?"))
+          FastlyCTL::Utils.open_app_path("/network/domains")
+        end
+        abort
+      end
+
+      return data
+    end
+
+    def self.select_tls_config(configs)
+      thor = Thor::Shell::Basic.new
+      if configs.length == 1
+        thor.say "Using TLS Configuration #{configs[0]["id"]} - #{configs[0]["name"]}"
+        return configs[0]
+      end
+
+      loop do
+        i = 1
+        configs.each do |c|
+          bulk = c["attributes"]["bulk"] ? " [Platform TLS]" : ""
+          thor.say("[#{i}]#{bulk} #{c["id"]} - #{c["name"]}\n")
+          i += 1
+        end
+
+        selected = thor.ask("Which TLS Configuration would you like to use? Please type the number next to the configuration(s) above.").to_i
+        if selected > 0 && selected <= (configs.length+1)
+          selected -= 1
+          thor.say "Using TLS Configuration #{configs[selected]["id"]} - #{configs[selected]["name"]}"
+          return configs[selected]
+        end
+
+        thor.say "#{selcted} is in invalid selection. Please try again."
+      end
+    end
+
+    def self.print_challenges(tls_authorization)
+      thor = Thor::Shell::Basic.new
+      thor.say "\nIn order to verify your ownership of the domain, the Certificate Authority provided the following challenges:"
+      tls_authorization["attributes"]["challenges"].each do |challenge|
+        thor.say("\n#{challenge["type"]}: Create #{challenge["record_type"]} record for #{challenge["record_name"]} with value(s) of:")
+        challenge["values"].each do |val|
+          thor.say("    #{val}")
+        end
+      end
+      thor.say("\nNote: If you don't want to move all traffic to Fastly right now, use the managed-dns option. The other options result in traffic for that hostname being directed to Fastly.")
+    end
+  end
+end

data/lib/fastlyctl/commands/tls/managed.rb

@@ -0,0 +1,119 @@
+module FastlyCTL
+  class TLSManagedSubCmd < SubCommandBase
+    SubcommandPrefix = "tls managed"
+    DomainRegex = /(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]/
+
+    desc "create <domain>", "Create a Fastly Managed TLS Subscription for [domain]. A Certificate will be requested from lets-encrypt once you satisfy one of the challenges. You can learn more about the challenge types here: https://letsencrypt.org/docs/challenge-types/ and Fastly's API documentation here: https://docs.fastly.com/api/tls-subscriptions."
+    def create(domain)
+      abort "Must specify valid domain name" unless domain =~ DomainRegex
+
+      tls_configs = FastlyCTL::TLSUtils.get_tls_configs
+      tls_config = FastlyCTL::TLSUtils.select_tls_config(tls_configs)
+
+      payload = {
+        data: {
+          type: "tls_subscription",
+          attributes: {
+            certificate_authority: "lets-encrypt"
+          },
+          relationships: {
+            tls_domains: {
+              data: [
+                {
+                  type: "tls_domain",
+                  id: domain
+                }
+              ]
+            },
+            tls_configuration: {
+              data: {
+                type: "tls_configuration",
+                id: tls_config["id"]
+              }
+            }
+          }
+        }
+      }
+
+      subscription = FastlyCTL::Fetcher.api_request(:post,"/tls/subscriptions", {
+        body: payload.to_json,
+        use_vnd: true
+      })
+
+      tls_authorization = FastlyCTL::Utils.filter_vnd(subscription["included"],"tls_authorization")
+      abort "Unable to fetch TLS Authorization for the domain." unless tls_authorization.length > 0
+      FastlyCTL::TLSUtils.print_challenges(tls_authorization[0])
+    end
+
+    desc "status", "Print status of Fastly Managed TLS Subscriptions"
+    def status
+      subscriptions = FastlyCTL::Fetcher.api_request(:get,"/tls/subscriptions", {
+        use_vnd: true
+      })
+
+      if subscriptions["data"].length == 0
+        say("No Fastly Managed TLS Subscriptions found.")
+        abort
+      end
+
+      subscriptions["data"].each do |subscription|
+        output = subscription["relationships"]["tls_domains"]["data"][0]["id"]
+        output += " - " + subscription["attributes"]["certificate_authority"]
+        output += " - " + subscription["attributes"]["state"]
+        say(output)
+      end
+    end
+
+    desc "challenges", "Print challenges available for a domain's verification."
+    def challenges(domain)
+      abort "Must specify valid domain name" unless domain =~ DomainRegex
+
+      domains = FastlyCTL::Fetcher.api_request(:get,"/tls/domains?include=tls_subscriptions.tls_authorizations", {
+        use_vnd: true
+      })
+
+      tls_authorizations = FastlyCTL::Utils.filter_vnd(domains["included"],"tls_authorization")
+
+      tls_authorizations.each do |tls_authorization|
+        tls_authorization["attributes"]["challenges"].each do |challenge|
+          if challenge["record_name"] == domain
+            FastlyCTL::TLSUtils.print_challenges(tls_authorization)
+            abort
+          end
+        end
+      end
+
+      say("#{domain} not found in domain list.")
+    end
+
+    desc "delete", "Delete a Fastly Managed TLS Subscription"
+    def delete(domain)
+      abort "Must specify valid domain name" unless domain =~ DomainRegex
+
+      activation = FastlyCTL::Fetcher.api_request(:get,"/tls/activations?filter[tls_domain.id]=#{domain}", {use_vnd: true})
+
+      if activation["data"].length >= 1
+        say("TLS is currently active for #{domain}. If you proceed, Fastly will no longer be able to serve TLS requests to clients for #{domain}.")
+        answer = ask("Please type the name of the domain to confirm deactivation and deletion of the Fastly Managed TLS subscription: ")
+        abort "Supplied domain does not match the domain requested for deletion--aborting." unless answer == domain
+
+        FastlyCTL::Fetcher.api_request(:delete,"/tls/activations/#{activation["data"][0]["id"]}",{use_vnd:true})
+      end
+
+      subscriptions = FastlyCTL::Fetcher.api_request(:get,"/tls/subscriptions", {
+        use_vnd: true
+      })
+
+      subscriptions["data"].each do |subscription|
+        next unless subscription["relationships"]["tls_domains"]["data"][0]["id"] == domain 
+        
+        FastlyCTL::Fetcher.api_request(:delete,"/tls/subscriptions/#{subscription["id"]}",{use_vnd:true})
+        
+        say("TLS Subscription for #{domain} has been deleted.")
+        abort
+      end
+
+      say("No TLS Subscription found for #{domain}...")
+    end
+  end
+end

data/lib/fastlyctl/commands/token.rb

@@ -20,25 +20,27 @@ module FastlyCTL
         scope = options[:scope]
         scope ||= "global"
 
-        say("You must login again to create tokens.")
+        say("You must authenticate again to create tokens.")
 
-        login_results = FastlyCTL::Fetcher.login
-
-        name = ask("What would you like to name your token?")
+        username = ask("Username: ")
+        password = ask("Password: ", :echo => false)
+        say("")
 
+        name = ask("What would you like to name your token? (enter here):")
         o = {
-          user: login_results[:user],
-          pass: login_results[:pass],
-          code: login_results[:code],
+          username: username,
+          password: password,
           scope: scope,
-          name: name
-        }
-
-        o[:services] = options[:services].split(",") if options[:services]
+          name: name || "fastlyctl_token"
+        }.compare_by_identity
 
+        options[:services].split(",").each do |v|
+          o["services[]"] = v
+        end if options[:services]
         o[:customer] = options[:customer] if options[:customer]
 
         resp = FastlyCTL::Fetcher.create_token(o)
+        say("token: #{resp["access_token"]}")
 
       when "delete"
         id = ask("What is the ID of the token you'd like to delete?")

data/lib/fastlyctl/commands/watch.rb

@@ -13,7 +13,7 @@ module FastlyCTL
       pop = pop.upcase if pop
 
       while true
-        data = FastlyCTL::Fetcher.api_request(:get,"/rt/v1/channel/#{service}/ts/#{ts ? ts : 'h/limit/120'}", :endpoint => :app)
+        data = FastlyCTL::Fetcher.api_request(:get,"/rt/v1/channel/#{service}/ts/#{ts ? ts : 'h/limit/120'}", :endpoint => :rt)
         
         unless data["Data"].length > 0
           say("No data to display!")
@@ -33,7 +33,8 @@ module FastlyCTL
         # gbps
         uncacheable = agg["pass"] + agg["synth"] + agg["errors"]
         bw = ((agg["resp_header_bytes"] + agg["resp_body_bytes"]).to_f * 8.0) / 1000000000.0
-        hit_rate = (1.0 - ((agg["miss"] - agg["shield"]).to_f / ((agg["requests"] - uncacheable).to_f))) * 100.0
+        shield = agg["shield"] || 0
+        hit_rate = (1.0 - ((agg["miss"] - shield).to_f / ((agg["requests"] - uncacheable).to_f))) * 100.0
         passes = agg["pass"]
         miss_time = agg["miss"] > 0 ? ((agg["miss_time"] / agg["miss"]) * 1000).round(0) : 0
         synth = agg["synth"]

data/lib/fastlyctl/fetcher.rb

@@ -5,28 +5,32 @@ module FastlyCTL
       options[:params] ||= {}
       options[:headers] ||= {}
       options[:body] ||= nil
-      options[:force_session] ||= false
+      options[:disable_token] ||= false
       options[:expected_responses] ||= [200]
+      options[:use_vnd] ||= false
 
       headers = {"Accept" => "application/json", "Connection" => "close", "User-Agent" => "FastlyCTL: https://github.com/fastly/fastlyctl"}
 
       if options[:endpoint] == :app
         headers["Referer"] = FastlyCTL::FASTLY_APP
-        headers["X-CSRF-Token"] = FastlyCTL::Cookies["fastly.csrf"] if FastlyCTL::Cookies["fastly.csrf"]
         headers["Fastly-API-Request"] = "true"
       end
 
-      if FastlyCTL::Token && !options[:force_session]
+      if FastlyCTL::Token && !options[:disable_token]
         headers["Fastly-Key"] = FastlyCTL::Token
-      else
-        headers["Cookie"] = "" if FastlyCTL::Cookies.length > 0
-        FastlyCTL::Cookies.each do |k,v|
-          headers["Cookie"] << "#{k}=#{v};"
-        end
       end
 
       headers["Content-Type"] = "application/x-www-form-urlencoded" if (method == :post || method == :put)
 
+      if options[:use_vnd]
+        headers["Accept"] = "application/vnd.api+json"
+
+        if (method == :post || method == :put)
+          headers["Content-Type"] = "application/vnd.api+json"
+        end
+        options[:expected_responses].push(*[201,202,203,204])
+      end
+
       headers.merge!(options[:headers]) if options[:headers].count > 0
 
       # dont allow header splitting on anything
@@ -34,7 +38,7 @@ module FastlyCTL
         headers[k] = v.gsub(/\r|\n/,'')
       end
 
-      url = "#{options[:endpoint] == :api ? FastlyCTL::FASTLY_API : FastlyCTL::FASTLY_APP}#{path}"
+      url = "#{options[:endpoint] == :api ? FastlyCTL::FASTLY_API : FastlyCTL::FASTLY_RT_API}#{path}"
 
       response = Typhoeus::Request.new(
         url,
@@ -44,35 +48,43 @@ module FastlyCTL
         body: options[:body]
       ).run
 
-      if options[:expected_responses].include?(response.response_code)
-        if response.headers["Set-Cookie"]
-          response.headers["Set-Cookie"] = [response.headers["Set-Cookie"]] if response.headers["Set-Cookie"].is_a? String
-          response.headers["Set-Cookie"].each do |c|
-            name, value = c.match(/^([^=]*)=([^;]*).*/i).captures
-            FastlyCTL::Cookies[name] = value
-          end
-        end
-      else
+      if !options[:expected_responses].include?(response.response_code)
         case response.response_code
-          when 400
-            error = "400: Bad API request--got bad request response."
-          when 403
-            error = "403: Access Denied by API. Run login command to authenticate."
-          when 404
-            error = "404: Service does not exist or bad path requested."
-          when 503
-            error = "503: API is offline."
-          else
-            error = "API responded with status #{response.response_code}."
+        when 400
+          error = "400: Bad API request--something was wrong with the request made by FastlyCTL."
+        when 403
+          error = "403: Access Denied by API. Run login command to authenticate."
+        when 404
+          error = "404: Service does not exist or bad path requested."
+        when 503
+          error = "503: Error from Fastly API--see details below."
+        when 0
+          error = "0: Network connection error occurred."
+        else
+          error = "API responded with status #{response.response_code}."
         end
 
         error += " Method: #{method.to_s.upcase}, Path: #{path}\n"
-        error += "Message from API: #{response.response_body}"
+
+        if (options[:use_vnd]) 
+          begin
+            error_resp = JSON.parse(response.response_body)
+          rescue JSON::ParserError
+            error_resp = {"errors" => [{"title" => "Error parsing response JSON","details" => "No further information available. Please file a github issue at https://github.com/fastly/fastlyctl"}]}
+          end
+
+          error_resp["errors"].each do |e|
+            next unless e.key?("title") && e.key?("detail")
+            error += e["title"] + " --- " + e["detail"] + "\n"
+          end
+        else
+          error += "Message from API: #{response.response_body}"
+        end
 
         abort error
       end
 
-      return response.response_body if (response.headers["Content-Type"] != "application/json")
+      return response.response_body unless (response.headers["Content-Type"] =~ /json$/)
 
       if response.response_body.length > 1
         begin
@@ -161,7 +173,7 @@ module FastlyCTL
     end
 
     def self.upload_snippet(service,version,content,name)
-      return FastlyCTL::Fetcher.api_request(:put, "/service/#{service}/version/#{version}/snippet/#{name}", {:endpoint => :api, body: {
+      return FastlyCTL::Fetcher.api_request(:put, "/service/#{service}/version/#{version}/snippet/#{FastlyCTL::Utils.percent_encode(name)}", {:endpoint => :api, body: {
           content: content
         }
       })
@@ -178,7 +190,7 @@ module FastlyCTL
         end
       end
 
-      response = FastlyCTL::Fetcher.api_request(:put, "/service/#{service}/version/#{version}/vcl/#{name}", {:endpoint => :api, body: params, expected_responses: [200,404]})
+      response = FastlyCTL::Fetcher.api_request(:put, "/service/#{service}/version/#{version}/vcl/#{FastlyCTL::Utils.percent_encode(name)}", {:endpoint => :api, body: params, expected_responses: [200,404]})
 
       # The VCL got deleted so recreate it.
       if response["msg"] == "Record not found"
@@ -186,61 +198,33 @@ module FastlyCTL
       end
     end
 
-    def self.login
-      thor = Thor::Shell::Basic.new
-
-      user = thor.ask("Username: ")
-      pass = thor.ask("Password: ", :echo => false)
-
-      resp = FastlyCTL::Fetcher.api_request(:post, "/login", { :endpoint => :app, params: { user: user, password: pass}})
-
-      if resp["needs_two_factor_auth"]
-        two_factor = true
-
-        thor.say("\nTwo factor auth enabled on account, second factor needed.")
-        code = thor.ask('Please enter verification code:', echo: false)
-
-        resp = FastlyCTL::Fetcher.api_request(:post, "/two_factor_auth/verify", {force_session: true, :endpoint => :app, params: { token: code }} )
-      else
-        thor.say("\nTwo factor auth is NOT enabled. You should go do that immediately.")
-      end
-
-      thor.say("Login successful!")
-
-      return { user: user, pass: pass, two_factor: two_factor, code: code }
-    end
-
     def self.create_token(options)
       thor = Thor::Shell::Basic.new
 
       headers = {}
-      headers["Fastly-OTP"] = options[:code] if options[:code]
-
-      FastlyCTL::Fetcher.api_request(:post, "/sudo", {
-        force_session: true,
+      resp = FastlyCTL::Fetcher.api_request(:post, "/tokens", {
+        disable_token: true,
         endpoint: :api,
-        params: {
-          user: options[:user],
-          password: options[:pass]
-        },
-        headers: headers
+        body: options,
+        headers: headers,
+        expected_responses: [200,400]
       })
 
-      params = {
-          name: options[:name],
-          scope: options[:scope],
-          user: options[:user],
-          password: options[:pass]
-      }
-
-      params[:services] = options[:services] if options[:services]
+      if resp.has_key?("msg") && resp["msg"] == "2fa.verify"
+        thor.say("\nTwo factor auth enabled on account, second factor needed.")
+        code = thor.ask('Please enter verification code:', echo: false)
 
-      resp = FastlyCTL::Fetcher.api_request(:post, "/tokens", {
-        force_session: true,
-        endpoint: :api,
-        params: params,
-        headers: headers
-      })
+        headers = {}
+        headers["Fastly-OTP"] = code
+        resp = FastlyCTL::Fetcher.api_request(:post, "/tokens", {
+          disable_token: true,
+          endpoint: :api,
+          body: options,
+          headers: headers
+        })
+      elsif resp.has_key?("msg")
+        abort "ERROR: #{resp}"
+      end
 
       thor.say("\n#{resp["id"]} created.")
 

data/lib/fastlyctl/subcommand_patch.rb

@@ -0,0 +1,5 @@
+class SubCommandBase < Thor
+  def self.banner(command, namespace = nil, subcommand = false)
+  	basename + " " + self::SubcommandPrefix + " " + command.usage
+  end
+end

data/lib/fastlyctl/utils.rb

@@ -4,6 +4,10 @@ module FastlyCTL
       Launchy.open(FastlyCTL::FASTLY_APP + FastlyCTL::TANGO_PATH + id)
     end
 
+    def self.open_app_path(path)
+      Launchy.open(FastlyCTL::FASTLY_APP + path)
+    end
+
     def self.parse_directory(path=false)
       directory = Dir.pwd unless path
       directory = path if path
@@ -68,5 +72,21 @@ module FastlyCTL
 
       return diff
     end
+
+    def self.percent_encode(string)
+      # CGI.escape replace whitespace to "+" which is "%20" in a percent-encoding manner
+      CGI.escape(string).gsub('+', '%20')
+    end
+
+    def self.filter_vnd(haystack,needle)
+      results = []
+      haystack.each do |i|
+        next unless i["type"] == needle
+
+        results.push(i)
+      end
+
+      return results
+    end
   end
 end

data/lib/fastlyctl/version.rb

@@ -1,3 +1,3 @@
 module FastlyCTL
-  VERSION = "1.0.14"
+  VERSION = "1.0.19"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fastlyctl
 version: !ruby/object:Gem::Version
-  version: 1.0.14
+  version: 1.0.19
 platform: ruby
 authors:
 - Stephen Basile
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-09-17 00:00:00.000000000 Z
+date: 2020-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: typhoeus
@@ -72,6 +72,26 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 2.4.3
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.2
 description: This gem provides a CLI for managing Fastly configurations
 email:
 - stephen@fastly.com
@@ -111,10 +131,13 @@ files:
 - lib/fastlyctl/commands/purge_all.rb
 - lib/fastlyctl/commands/skeleton.rb
 - lib/fastlyctl/commands/snippet.rb
+- lib/fastlyctl/commands/tls.rb
+- lib/fastlyctl/commands/tls/managed.rb
 - lib/fastlyctl/commands/token.rb
 - lib/fastlyctl/commands/upload.rb
 - lib/fastlyctl/commands/watch.rb
 - lib/fastlyctl/fetcher.rb
+- lib/fastlyctl/subcommand_patch.rb
 - lib/fastlyctl/utils.rb
 - lib/fastlyctl/version.rb
 homepage: http://www.github.com/fastly/fastlyctl
@@ -137,7 +160,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.1
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: CLI tool for interacting with the Fastly API