praetorian-cli 2.1.2__tar.gz → 2.1.3__tar.gz

{praetorian_cli-2.1.2/praetorian_cli.egg-info → praetorian_cli-2.1.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: praetorian-cli
-Version: 2.1.2
+Version: 2.1.3
 Summary: For interacting with the Chariot API
 Home-page: https://github.com/praetorian-inc/praetorian-cli
 Author: Praetorian
@@ -70,20 +70,26 @@ pip install praetorian-cli
 ## Signing up
 
 Register for an account for [Chariot](http://chariot.praetorian.com) using the instructions
-in [our documentation](https://docs.praetorian.com/hc/en-us/articles/25784233986587-Account-Creation-and-Attack-Surface-Setup).
+in [our documentation](https://docs.praetorian.com/hc/en-us/articles/38048335323547-Account-Creation-and-Attack-Surface-Setup).
 
 ## Authentication
 
-Once you have signed up and chosen your username and password, you will need to
-provide the credentials to the CLI for interacting with Chariot. Depending on your
-use cases and security requirements, you can use one of the following methods:
+Once you can properly access Chariot through the UI. You can obtain API credentials through the UI under
+Settings -> User Settings -> API Keys. Be sure to careful copy the API credentials you created as
+you will need to provide them to the CLI for interacting with Chariot. 
 
-### Using the keychain file
+**Note**: SSO Organizations should provision access through API Keys as well.
 
-This method stores credentials in a keychain file.
+### Using API Keys 
 
-1. Run `praetorian configure` and follow the prompts. In most use cases, use the
-   default values for `profile name`, `URL of backend API`, and `client ID`.
+This is the authentication method for CLI. You can authenticate using either a keychain file or environment variables.
+
+#### Using the keychain file
+
+This method stores your API key in a keychain file.
+
+1. Run `praetorian configure` and follow the prompts to set up authentication. 
+Use the default values for `profile name`, `URL of backend API`, and `client ID`.
 2. It creates `~/.praetorian/keychain.ini`, which should read like this:
 
 ```
@@ -91,23 +97,23 @@ This method stores credentials in a keychain file.
 name = chariot
 client_id = 795dnnr45so7m17cppta0b295o
 api = https://d0qcl2e18h.execute-api.us-east-2.amazonaws.com/chariot
-username = lara.lynch@acme.com
-password = 8epu9bQ2kqb8qwd.GR
+api_key_id = your-api-key-id-here
+api_key_secret = your-api-key-here
 ```
 
-### Using environment variables
+#### Using environment variables
 
-This method uses in-memory environment variables to pass credentials to
-the CLI. There is no need for a keychain file on disk. This enables the users to choose
-a credential storage method suitable for their use cases. To use this method, set the
-following environment variables:
+This method uses in-memory environment variables to pass your API key to
+the CLI. There is no need for a keychain file on disk. This enables you to choose
+a credential storage method suitable for your use cases. To use this method, set the
+following environment variable:
 
 ```zsh
-export PRAETORIAN_CLI_USERNAME=lara.lynch@acme.com
-export PRAETORIAN_CLI_PASSWORD=8epu9bQ2kqb8qwd.GR
+export PRAETORIAN_CLI_API_KEY_ID=your-api-key-id-here
+export PRAETORIAN_CLI_API_KEY_SECRET=your-api-key-here
 ```
 
-For more advanced configuration options, as well as SSO. See
+For more advanced configuration options or managing access in SSO organizations see
 [the documentation on configuration](https://github.com/praetorian-inc/praetorian-cli/blob/main/docs/configure.md).
 
 # Using the CLI

{praetorian_cli-2.1.2 → praetorian_cli-2.1.3}/README.md

@@ -51,20 +51,26 @@ pip install praetorian-cli
 ## Signing up
 
 Register for an account for [Chariot](http://chariot.praetorian.com) using the instructions
-in [our documentation](https://docs.praetorian.com/hc/en-us/articles/25784233986587-Account-Creation-and-Attack-Surface-Setup).
+in [our documentation](https://docs.praetorian.com/hc/en-us/articles/38048335323547-Account-Creation-and-Attack-Surface-Setup).
 
 ## Authentication
 
-Once you have signed up and chosen your username and password, you will need to
-provide the credentials to the CLI for interacting with Chariot. Depending on your
-use cases and security requirements, you can use one of the following methods:
+Once you can properly access Chariot through the UI. You can obtain API credentials through the UI under
+Settings -> User Settings -> API Keys. Be sure to careful copy the API credentials you created as
+you will need to provide them to the CLI for interacting with Chariot. 
 
-### Using the keychain file
+**Note**: SSO Organizations should provision access through API Keys as well.
 
-This method stores credentials in a keychain file.
+### Using API Keys 
 
-1. Run `praetorian configure` and follow the prompts. In most use cases, use the
-   default values for `profile name`, `URL of backend API`, and `client ID`.
+This is the authentication method for CLI. You can authenticate using either a keychain file or environment variables.
+
+#### Using the keychain file
+
+This method stores your API key in a keychain file.
+
+1. Run `praetorian configure` and follow the prompts to set up authentication. 
+Use the default values for `profile name`, `URL of backend API`, and `client ID`.
 2. It creates `~/.praetorian/keychain.ini`, which should read like this:
 
 ```
@@ -72,23 +78,23 @@ This method stores credentials in a keychain file.
 name = chariot
 client_id = 795dnnr45so7m17cppta0b295o
 api = https://d0qcl2e18h.execute-api.us-east-2.amazonaws.com/chariot
-username = lara.lynch@acme.com
-password = 8epu9bQ2kqb8qwd.GR
+api_key_id = your-api-key-id-here
+api_key_secret = your-api-key-here
 ```
 
-### Using environment variables
+#### Using environment variables
 
-This method uses in-memory environment variables to pass credentials to
-the CLI. There is no need for a keychain file on disk. This enables the users to choose
-a credential storage method suitable for their use cases. To use this method, set the
-following environment variables:
+This method uses in-memory environment variables to pass your API key to
+the CLI. There is no need for a keychain file on disk. This enables you to choose
+a credential storage method suitable for your use cases. To use this method, set the
+following environment variable:
 
 ```zsh
-export PRAETORIAN_CLI_USERNAME=lara.lynch@acme.com
-export PRAETORIAN_CLI_PASSWORD=8epu9bQ2kqb8qwd.GR
+export PRAETORIAN_CLI_API_KEY_ID=your-api-key-id-here
+export PRAETORIAN_CLI_API_KEY_SECRET=your-api-key-here
 ```
 
-For more advanced configuration options, as well as SSO. See
+For more advanced configuration options or managing access in SSO organizations see
 [the documentation on configuration](https://github.com/praetorian-inc/praetorian-cli/blob/main/docs/configure.md).
 
 # Using the CLI

praetorian_cli-2.1.3/praetorian_cli/handlers/configure.py

@@ -0,0 +1,28 @@
+import click
+from praetorian_cli.sdk.keychain import Keychain, DEFAULT_API, DEFAULT_CLIENT_ID, DEFAULT_PROFILE
+
+@click.command()
+@click.option('--email', is_flag=True, help='Use email/password authentication instead of API key')
+@click.pass_context
+def configure(click_context, email):
+    """ Configure the CLI with API key (default) or email/password authentication """
+    
+    if email:
+        email_address = click.prompt("Enter your email")
+        password = click.prompt("Enter your password", hide_input=True)
+        api_key_id = None
+        api_key_secret = None
+    else:
+        api_key_id = click.prompt("Enter your API Key ID")
+        api_key_secret = click.prompt("Enter your API Key secret", hide_input=True)
+        email_address = None
+        password = None
+
+    profile_name = click.prompt("Enter the profile name to configure", default=DEFAULT_PROFILE, show_default=True)
+    url = click.prompt("Enter the URL of backend API", default=DEFAULT_API, show_default=True)
+    client_id = click.prompt("Enter the client ID", default=DEFAULT_CLIENT_ID, show_default=True)
+    assume_role = click.prompt("Enter the assume-role account, if any", default='', show_default=False)
+
+    Keychain.configure(email_address, password, profile_name, url, client_id, assume_role, api_key_id, api_key_secret)
+
+

{praetorian_cli-2.1.2 → praetorian_cli-2.1.3}/praetorian_cli/sdk/entities/jobs.py

@@ -33,10 +33,10 @@ class Jobs:
         return self.api.search.by_key_prefix(f'#job#{prefix_filter}', offset, pages)
 
     def is_failed(self, job):
-        return job['status'].startswith('JF')
+        return job and job['status'] and job['status'].startswith('JF')
 
     def is_passed(self, job):
-        return job['status'].startswith('JP')
+        return job and job['status'] and job['status'].startswith('JP')
 
     def system_job_key(self, source, id):
         return f'#job#{id}#system#{source}'

{praetorian_cli-2.1.2 → praetorian_cli-2.1.3}/praetorian_cli/sdk/keychain.py

@@ -15,6 +15,10 @@ DEFAULT_CLIENT_ID = '795dnnr45so7m17cppta0b295o'
 DEFAULT_PROFILE = 'United States'
 DEFAULT_KEYCHAIN_FILEPATH = join(Path.home(), '.praetorian', 'keychain.ini')
 
+API_KEY_ID = 'api_key_id'
+API_KEY_SECRET = 'api_key_secret'
+    
+
 
 class Keychain:
 
@@ -66,8 +70,8 @@ class Keychain:
 
         self.load_env('username', 'PRAETORIAN_CLI_USERNAME', required=False)
         self.load_env('password', 'PRAETORIAN_CLI_PASSWORD', required=False)
-        self.load_env('api_key_id', 'PRAETORIAN_CLI_API_KEY_ID', required=False)
-        self.load_env('api_key_secret', 'PRAETORIAN_CLI_API_KEY_SECRET', required=False)
+        self.load_env(API_KEY_ID, 'PRAETORIAN_CLI_API_KEY_ID', required=False)
+        self.load_env(API_KEY_SECRET, 'PRAETORIAN_CLI_API_KEY_SECRET', required=False)
 
         if self.account is None:
             self.account = self.config.get(self.profile, 'account', fallback=None)
@@ -88,7 +92,7 @@ class Keychain:
             if self.has_api_key():
                 response = requests.get(
                     f"{self.base_url()}/token",
-                    params={'id': self.api_key_id(), 'key': self.api_key()}
+                    params={'id': self.api_key_id(), 'key': self.api_key_secret()}
                 )
                 if response.status_code != 200:
                     error(f"API key authentication failed: {response.text}")
@@ -123,15 +127,15 @@ class Keychain:
 
     def api_key_id(self):
         """ Get the api_key_id field from the keychain profile """
-        return self.get_option('api_key_id')
+        return self.get_option(API_KEY_ID)
 
-    def api_key(self):
+    def api_key_secret(self):
         """ Get the api_key field from the keychain profile """
-        return self.get_option('api_key_secret')
+        return self.get_option(API_KEY_SECRET)
 
     def has_api_key(self):
         """ Check if API key credentials are available """
-        return bool(self.api_key_id() and self.api_key())
+        return bool(self.api_key_id() and self.api_key_secret())
 
     def get_option(self, option_name):
         return self.load().config.get(self.profile, option_name, fallback=None)
@@ -146,7 +150,7 @@ class Keychain:
 
     @staticmethod
     def configure(username, password, profile=DEFAULT_PROFILE, api=DEFAULT_API, client_id=DEFAULT_CLIENT_ID,
-                  account=None, api_key_id=None, api_key=None):
+                  account=None, api_key_id=None, api_key_secret=None):
         """ Update or insert a new profile to the keychain file at the default location.
             If the keychain file does not exist, create it. """
         new_profile = {
@@ -165,10 +169,10 @@ class Keychain:
             new_profile['account'] = account
 
         if api_key_id:
-            new_profile['api_key_id'] = api_key_id
+            new_profile[API_KEY_ID] = api_key_id
 
-        if api_key:
-            new_profile['api_key'] = api_key
+        if api_key_secret:
+            new_profile[API_KEY_SECRET] = api_key_secret
 
         config = ConfigParser()
         config.read(DEFAULT_KEYCHAIN_FILEPATH)

{praetorian_cli-2.1.2 → praetorian_cli-2.1.3/praetorian_cli.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: praetorian-cli
-Version: 2.1.2
+Version: 2.1.3
 Summary: For interacting with the Chariot API
 Home-page: https://github.com/praetorian-inc/praetorian-cli
 Author: Praetorian
@@ -70,20 +70,26 @@ pip install praetorian-cli
 ## Signing up
 
 Register for an account for [Chariot](http://chariot.praetorian.com) using the instructions
-in [our documentation](https://docs.praetorian.com/hc/en-us/articles/25784233986587-Account-Creation-and-Attack-Surface-Setup).
+in [our documentation](https://docs.praetorian.com/hc/en-us/articles/38048335323547-Account-Creation-and-Attack-Surface-Setup).
 
 ## Authentication
 
-Once you have signed up and chosen your username and password, you will need to
-provide the credentials to the CLI for interacting with Chariot. Depending on your
-use cases and security requirements, you can use one of the following methods:
+Once you can properly access Chariot through the UI. You can obtain API credentials through the UI under
+Settings -> User Settings -> API Keys. Be sure to careful copy the API credentials you created as
+you will need to provide them to the CLI for interacting with Chariot. 
 
-### Using the keychain file
+**Note**: SSO Organizations should provision access through API Keys as well.
 
-This method stores credentials in a keychain file.
+### Using API Keys 
 
-1. Run `praetorian configure` and follow the prompts. In most use cases, use the
-   default values for `profile name`, `URL of backend API`, and `client ID`.
+This is the authentication method for CLI. You can authenticate using either a keychain file or environment variables.
+
+#### Using the keychain file
+
+This method stores your API key in a keychain file.
+
+1. Run `praetorian configure` and follow the prompts to set up authentication. 
+Use the default values for `profile name`, `URL of backend API`, and `client ID`.
 2. It creates `~/.praetorian/keychain.ini`, which should read like this:
 
 ```
@@ -91,23 +97,23 @@ This method stores credentials in a keychain file.
 name = chariot
 client_id = 795dnnr45so7m17cppta0b295o
 api = https://d0qcl2e18h.execute-api.us-east-2.amazonaws.com/chariot
-username = lara.lynch@acme.com
-password = 8epu9bQ2kqb8qwd.GR
+api_key_id = your-api-key-id-here
+api_key_secret = your-api-key-here
 ```
 
-### Using environment variables
+#### Using environment variables
 
-This method uses in-memory environment variables to pass credentials to
-the CLI. There is no need for a keychain file on disk. This enables the users to choose
-a credential storage method suitable for their use cases. To use this method, set the
-following environment variables:
+This method uses in-memory environment variables to pass your API key to
+the CLI. There is no need for a keychain file on disk. This enables you to choose
+a credential storage method suitable for your use cases. To use this method, set the
+following environment variable:
 
 ```zsh
-export PRAETORIAN_CLI_USERNAME=lara.lynch@acme.com
-export PRAETORIAN_CLI_PASSWORD=8epu9bQ2kqb8qwd.GR
+export PRAETORIAN_CLI_API_KEY_ID=your-api-key-id-here
+export PRAETORIAN_CLI_API_KEY_SECRET=your-api-key-here
 ```
 
-For more advanced configuration options, as well as SSO. See
+For more advanced configuration options or managing access in SSO organizations see
 [the documentation on configuration](https://github.com/praetorian-inc/praetorian-cli/blob/main/docs/configure.md).
 
 # Using the CLI

{praetorian_cli-2.1.2 → praetorian_cli-2.1.3}/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = praetorian-cli
-version = 2.1.2
+version = 2.1.3
 author = Praetorian
 author_email = support@praetorian.com
 description = For interacting with the Chariot API

praetorian_cli-2.1.2/praetorian_cli/handlers/configure.py

@@ -1,25 +0,0 @@
-import click
-
-from praetorian_cli.sdk.keychain import Keychain, DEFAULT_API, DEFAULT_CLIENT_ID, DEFAULT_PROFILE
-
-
-@click.command()
-@click.option('--email', help='Email you used to register for Chariot', default='',
-              prompt='Enter your email (Type ENTER if this is set in the PRAETORIAN_CLI_USERNAME environment variable)')
-@click.option('--password', help='Password you used to register for Chariot', default='',
-              prompt='Enter your password (Type ENTER if this is set in the PRAETORIAN_CLI_PASSWORD environment variable)',
-              hide_input=True)
-@click.option('--profile-name', help='Profile name.', required=True,
-              prompt='Enter the profile name to configure', default=DEFAULT_PROFILE, show_default=True)
-@click.option('--url', help='URL to the backend API. Default provided.', required=True,
-              prompt='Enter the URL of backend API', default=DEFAULT_API)
-@click.option('--client-id', help='Client ID of the backend. Default provided.', required=True,
-              prompt='Enter the client ID', default=DEFAULT_CLIENT_ID)
-@click.option('--assume-role', help='Email address of the account to assume-role into', required=True,
-              prompt='Enter the assume-role account, if any', default='')
-@click.option('--api-key-id', help='API Key ID for authentication', default='')
-@click.option('--api-key', help='API Key for authentication', default='', hide_input=True)
-@click.pass_context
-def configure(click_context, email, password, profile_name, url, client_id, assume_role, api_key_id, api_key):
-    """ Configure the CLI """
-    Keychain.configure(email, password, profile_name, url, client_id, assume_role, api_key_id, api_key)