RubyGems - knife-azure - Versions diffs - 2.0.10 → 2.0.11 - Mend

knife-azure 2.0.10 → 2.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/azure/resource_management/windows_credentials.rb +135 -133
data/lib/chef/knife/azurerm_base.rb +5 -5
data/lib/knife-azure/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 421e56a8d002b2bb7022398433511fac65f9e55cd29fb3810936529ea30f3ace
-  data.tar.gz: e6c63b1880fba1c082780110ccec6716b021310740545afea80761489f4b7d0a
+  metadata.gz: f6de7af42a6cf8184a9f2b57ad1556034f129f49812c9c3573a70a22cf95c6fe
+  data.tar.gz: c1aac2ac6eb7c5e0127d8971a3de4fd5fdb085f4521a6c414c857259e20a825e
 SHA512:
-  metadata.gz: a4ad09a979499a003d731e68072cb226ebebefa7deb3cb94ce538fd34b43db639306d4dcb94fe2ec1111028c9b6425654e5e67fb5a548a601989ad9981d00b91
-  data.tar.gz: c320ed5f22cf82143575ec73353925cc2b7567e16335cca11456f876d461b25d951ac63bf481f308bfe4f5de55c97c533121be8d775a1d30007ad97ed53467a2
+  metadata.gz: 215f6a9ebf1f3339e589c48bd86ddf0c762426b26a05972b0660c541f7caedcaa695ed8f38da63fe354eff53af2a2a2caa50f3a2959d268d2e8f2e2cb75d488d
+  data.tar.gz: 3d3ee631a0e3a68fd3af1c50298ceecf7ac04978b1928be79f552e0405bff167cd92793aa4e90e9344ead46cc4518ab359a4eb391a4b1a3b45f6e5602f7c32ea

data/lib/azure/resource_management/windows_credentials.rb CHANGED Viewed

@@ -23,159 +23,161 @@ require "mixlib/shellout"
 require "ffi"
 require "chef/win32/api"
-module Azure::ARM
+module Azure
+  module ARM
-  module ReadCred
+    module ReadCred
-    extend Chef::ReservedNames::Win32::API
-    extend FFI::Library
+      extend Chef::ReservedNames::Win32::API
+      extend FFI::Library
-    ffi_lib "Advapi32"
+      ffi_lib "Advapi32"
-    CRED_TYPE_GENERIC = 1
-    CRED_TYPE_DOMAIN_PASSWORD = 2
-    CRED_TYPE_DOMAIN_CERTIFICATE = 3
-    CRED_TYPE_DOMAIN_VISIBLE_PASSWORD = 4
+      CRED_TYPE_GENERIC = 1
+      CRED_TYPE_DOMAIN_PASSWORD = 2
+      CRED_TYPE_DOMAIN_CERTIFICATE = 3
+      CRED_TYPE_DOMAIN_VISIBLE_PASSWORD = 4
-    # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724284(v=vs.85).aspx
-    class FILETIME < FFI::Struct
-      layout :dwLowDateTime, :DWORD,
-        :dwHighDateTime, :DWORD
-    end
-    # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374790(v=vs.85).aspx
-    class CREDENTIAL_ATTRIBUTE < FFI::Struct
-      layout :Keyword, :LPTSTR,
-        :Flags, :DWORD,
-        :ValueSize, :DWORD,
-        :Value, :LPBYTE
-    end
-    # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374788(v=vs.85).aspx
-    class CREDENTIAL_OBJECT < FFI::Struct
-      layout :Flags, :DWORD,
-        :Type, :DWORD,
-        :TargetName, :LPTSTR,
-        :Comment, :LPTSTR,
-        :LastWritten, FILETIME,
-        :CredentialBlobSize, :DWORD,
-        :CredentialBlob, :LPBYTE,
-        :Persist, :DWORD,
-        :AttributeCount, :DWORD,
-        :Attributes, CREDENTIAL_ATTRIBUTE,
-        :TargetAlias, :LPTSTR,
-        :UserName, :LPTSTR
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724284(v=vs.85).aspx
+      class FILETIME < FFI::Struct
+        layout :dwLowDateTime, :DWORD,
+          :dwHighDateTime, :DWORD
       end
-    # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374804(v=vs.85).aspx
-    safe_attach_function :CredReadW, %i{LPCTSTR DWORD DWORD pointer}, :BOOL
-  end
-  module WindowsCredentials
-    include Chef::Mixin::WideString
-    include ReadCred
-    def token_details_from_WCM
-      target = target_name
-      if target && !target.empty?
-        target_pointer = wstring(target)
-        info_ptr = FFI::MemoryPointer.new(:pointer)
-        cred = CREDENTIAL_OBJECT.new info_ptr
-        cred_result = CredReadW(target_pointer, CRED_TYPE_GENERIC, 0, cred)
-        translated_cred = CREDENTIAL_OBJECT.new(info_ptr.read_pointer)
-        target_obj = translated_cred[:TargetName].read_wstring.split("::") if translated_cred[:TargetName].read_wstring
-        cred_blob = translated_cred[:CredentialBlob].get_bytes(0, translated_cred[:CredentialBlobSize]).split("::")
-        tokentype = target_obj.select { |obj| obj.include? "tokenType" }
-        user = target_obj.select { |obj| obj.include? "userId" }
-        clientid = target_obj.select { |obj| obj.include? "clientId" }
-        expiry_time = target_obj.select { |obj| obj.include? "expiresOn" }
-        access_token = cred_blob.select { |obj| obj.include? "a:" }
-        refresh_token = cred_blob.select { |obj| obj.include? "r:" }
-        credential = {}
-        credential[:tokentype] = tokentype[0].split(":")[1]
-        credential[:user] = user[0].split(":")[1]
-        credential[:token] = access_token[0].split(":")[1]
-        # Todo: refresh_token is not complete currently
-        # target_name method needs to be modified for that
-        credential[:refresh_token] = refresh_token[0].split(":")[1]
-        credential[:clientid] = clientid[0].split(":")[1]
-        credential[:expiry_time] = expiry_time[0].split("expiresOn:")[1].delete("\\")
-        # Free memory pointed by info_ptr
-        info_ptr.free
-      else
-        raise "TargetName Not Found"
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374790(v=vs.85).aspx
+      class CREDENTIAL_ATTRIBUTE < FFI::Struct
+        layout :Keyword, :LPTSTR,
+          :Flags, :DWORD,
+          :ValueSize, :DWORD,
+          :Value, :LPBYTE
       end
-      credential
-    rescue => error
-      ui.error("#{error.message}")
-      Chef::Log.debug("#{error.backtrace.join("\n")}")
-      exit
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374788(v=vs.85).aspx
+      class CREDENTIAL_OBJECT < FFI::Struct
+        layout :Flags, :DWORD,
+          :Type, :DWORD,
+          :TargetName, :LPTSTR,
+          :Comment, :LPTSTR,
+          :LastWritten, FILETIME,
+          :CredentialBlobSize, :DWORD,
+          :CredentialBlob, :LPBYTE,
+          :Persist, :DWORD,
+          :AttributeCount, :DWORD,
+          :Attributes, CREDENTIAL_ATTRIBUTE,
+          :TargetAlias, :LPTSTR,
+          :UserName, :LPTSTR
+        end
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374804(v=vs.85).aspx
+      safe_attach_function :CredReadW, %i{LPCTSTR DWORD DWORD pointer}, :BOOL
     end
-    # Todo: For getting the complete refreshToken, both credentials (ending with --0-2 and --1-2) have to be read
-    def target_name
-      # cmdkey command is used for accessing windows credential manager.
-      # Multiple credentials get created in windows credential manager for a single Azure account in xplat-cli
-      # One of them is for common tanent id, which can't be used
-      # Others end with --0-x,--1-x,--2-x etc, where x represents the total no. of credentails across which the token is divided
-      # The one ending with --0-x has the complete accessToken in the credentialBlob.
-      # Refresh Token is split across both credentials (ending with --0-x and --1-x).
-      # Xplat splits the credentials based on the number of bytes of the tokens.
-      # Hence the access token is always found in the one which start with --0-
-      # So selecting the credential on the basis of --0-
-      xplat_creds_cmd = Mixlib::ShellOut.new('cmdkey /list | findstr AzureXplatCli | findstr \--0- | findstr -v common')
-      result = xplat_creds_cmd.run_command
-      target_names = []
-      if result.stdout.empty?
-        Chef::Log.debug("Unable to find a credential with --0- and falling back to looking for any credential.")
-        xplat_creds_cmd = Mixlib::ShellOut.new("cmdkey /list | findstr AzureXplatCli | findstr -v common")
+    module WindowsCredentials
+      include Chef::Mixin::WideString
+      include ReadCred
+      def token_details_from_WCM
+        target = target_name
+        if target && !target.empty?
+          target_pointer = wstring(target)
+          info_ptr = FFI::MemoryPointer.new(:pointer)
+          cred = CREDENTIAL_OBJECT.new info_ptr
+          cred_result = CredReadW(target_pointer, CRED_TYPE_GENERIC, 0, cred)
+          translated_cred = CREDENTIAL_OBJECT.new(info_ptr.read_pointer)
+          target_obj = translated_cred[:TargetName].read_wstring.split("::") if translated_cred[:TargetName].read_wstring
+          cred_blob = translated_cred[:CredentialBlob].get_bytes(0, translated_cred[:CredentialBlobSize]).split("::")
+          tokentype = target_obj.select { |obj| obj.include? "tokenType" }
+          user = target_obj.select { |obj| obj.include? "userId" }
+          clientid = target_obj.select { |obj| obj.include? "clientId" }
+          expiry_time = target_obj.select { |obj| obj.include? "expiresOn" }
+          access_token = cred_blob.select { |obj| obj.include? "a:" }
+          refresh_token = cred_blob.select { |obj| obj.include? "r:" }
+          credential = {}
+          credential[:tokentype] = tokentype[0].split(":")[1]
+          credential[:user] = user[0].split(":")[1]
+          credential[:token] = access_token[0].split(":")[1]
+          # Todo: refresh_token is not complete currently
+          # target_name method needs to be modified for that
+          credential[:refresh_token] = refresh_token[0].split(":")[1]
+          credential[:clientid] = clientid[0].split(":")[1]
+          credential[:expiry_time] = expiry_time[0].split("expiresOn:")[1].delete("\\")
+          # Free memory pointed by info_ptr
+          info_ptr.free
+        else
+          raise "TargetName Not Found"
+        end
+        credential
+      rescue => error
+        ui.error("#{error.message}")
+        Chef::Log.debug("#{error.backtrace.join("\n")}")
+        exit
+      end
+      # Todo: For getting the complete refreshToken, both credentials (ending with --0-2 and --1-2) have to be read
+      def target_name
+        # cmdkey command is used for accessing windows credential manager.
+        # Multiple credentials get created in windows credential manager for a single Azure account in xplat-cli
+        # One of them is for common tanent id, which can't be used
+        # Others end with --0-x,--1-x,--2-x etc, where x represents the total no. of credentails across which the token is divided
+        # The one ending with --0-x has the complete accessToken in the credentialBlob.
+        # Refresh Token is split across both credentials (ending with --0-x and --1-x).
+        # Xplat splits the credentials based on the number of bytes of the tokens.
+        # Hence the access token is always found in the one which start with --0-
+        # So selecting the credential on the basis of --0-
+        xplat_creds_cmd = Mixlib::ShellOut.new('cmdkey /list | findstr AzureXplatCli | findstr \--0- | findstr -v common')
         result = xplat_creds_cmd.run_command
+        target_names = []
         if result.stdout.empty?
-          raise "Azure Credentials not found. Please run xplat's 'azure login' command"
+          Chef::Log.debug("Unable to find a credential with --0- and falling back to looking for any credential.")
+          xplat_creds_cmd = Mixlib::ShellOut.new("cmdkey /list | findstr AzureXplatCli | findstr -v common")
+          result = xplat_creds_cmd.run_command
+          if result.stdout.empty?
+            raise "Azure Credentials not found. Please run xplat's 'azure login' command"
+          else
+            target_names = result.stdout.split("\n")
+          end
         else
           target_names = result.stdout.split("\n")
         end
-      else
-        target_names = result.stdout.split("\n")
-      end
-      # If "azure login" is run for multiple users, there will be multiple credentials
-      # Picking up the latest logged in user's credentials
-      latest_target = latest_credential_target target_names
-      latest_target
-    end
+        # If "azure login" is run for multiple users, there will be multiple credentials
+        # Picking up the latest logged in user's credentials
+        latest_target = latest_credential_target target_names
+        latest_target
+      end
-    def latest_credential_target(targets)
-      case targets.size
-      when 0
-        raise "No Target was found for windows credentials"
-      when 1
-        targets.first.gsub("Target:", "").strip
-      else
-        latest_target = ""
-        max_expiry_time = Time.new(0)
-        # Using expiry_time to determine the latest credential
-        targets.each do |target|
-          target_obj = target.split("::")
-          expiry_time_obj = target_obj.select { |obj| obj.include? "expiresOn" }
-          expiry_time = expiry_time_obj[0].split("expiresOn:")[1].delete("\\")
-          if Time.parse(expiry_time) > max_expiry_time
-            latest_target = target
-            max_expiry_time = Time.parse(expiry_time)
+      def latest_credential_target(targets)
+        case targets.size
+        when 0
+          raise "No Target was found for windows credentials"
+        when 1
+          targets.first.gsub("Target:", "").strip
+        else
+          latest_target = ""
+          max_expiry_time = Time.new(0)
+          # Using expiry_time to determine the latest credential
+          targets.each do |target|
+            target_obj = target.split("::")
+            expiry_time_obj = target_obj.select { |obj| obj.include? "expiresOn" }
+            expiry_time = expiry_time_obj[0].split("expiresOn:")[1].delete("\\")
+            if Time.parse(expiry_time) > max_expiry_time
+              latest_target = target
+              max_expiry_time = Time.parse(expiry_time)
+            end
           end
-        end
-        latest_target.gsub("Target:", "").strip
+          latest_target.gsub("Target:", "").strip
+        end
       end
     end
-  end
+end
 end

data/lib/chef/knife/azurerm_base.rb CHANGED Viewed

@@ -28,11 +28,6 @@ class Chef
       ## Manager (WCM) usage for authentication credentials storage purpose ##
       XPLAT_VERSION_WITH_WCM_DEPRECATED ||= "0.10.5".freeze
-      if Chef::Platform.windows?
-        require_relative "../../azure/resource_management/windows_credentials"
-        include Azure::ARM::WindowsCredentials
-      end
       def self.included(includer)
         includer.class_eval do
           deps do
@@ -42,6 +37,11 @@ class Chef
             require "chef/mixin/shell_out"
             require "time"
             require "json"
+            if Chef::Platform.windows?
+              require_relative "../../azure/resource_management/windows_credentials"
+              include Azure::ARM::WindowsCredentials
+            end
           end
           option :azure_resource_group_name,

data/lib/knife-azure/version.rb CHANGED Viewed

@@ -17,7 +17,7 @@
 module Knife
   module Azure
-    VERSION = "2.0.10".freeze
+    VERSION = "2.0.11".freeze
     MAJOR, MINOR, TINY = VERSION.split(".")
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knife-azure
 version: !ruby/object:Gem::Version
-  version: 2.0.10
+  version: 2.0.11
 platform: ruby
 authors:
 - Barry Davis