190 lines
4.2 KiB
Go
190 lines
4.2 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package command
|
|
|
|
import (
|
|
"fmt"
|
|
"sort"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/hashicorp/vault/api"
|
|
"github.com/mitchellh/cli"
|
|
"github.com/posener/complete"
|
|
)
|
|
|
|
var (
|
|
_ cli.Command = (*AuthListCommand)(nil)
|
|
_ cli.CommandAutocomplete = (*AuthListCommand)(nil)
|
|
)
|
|
|
|
type AuthListCommand struct {
|
|
*BaseCommand
|
|
|
|
flagDetailed bool
|
|
}
|
|
|
|
func (c *AuthListCommand) Synopsis() string {
|
|
return "Lists enabled auth methods"
|
|
}
|
|
|
|
func (c *AuthListCommand) Help() string {
|
|
helpText := `
|
|
Usage: vault auth list [options]
|
|
|
|
Lists the enabled auth methods on the Vault server. This command also outputs
|
|
information about the method including configuration and human-friendly
|
|
descriptions. A TTL of "system" indicates that the system default is in use.
|
|
|
|
List all enabled auth methods:
|
|
|
|
$ vault auth list
|
|
|
|
List all enabled auth methods with detailed output:
|
|
|
|
$ vault auth list -detailed
|
|
|
|
` + c.Flags().Help()
|
|
|
|
return strings.TrimSpace(helpText)
|
|
}
|
|
|
|
func (c *AuthListCommand) Flags() *FlagSets {
|
|
set := c.flagSet(FlagSetHTTP | FlagSetOutputFormat)
|
|
|
|
f := set.NewFlagSet("Command Options")
|
|
|
|
f.BoolVar(&BoolVar{
|
|
Name: "detailed",
|
|
Target: &c.flagDetailed,
|
|
Default: false,
|
|
Usage: "Print detailed information such as configuration and replication " +
|
|
"status about each auth method. This option is only applicable to " +
|
|
"table-formatted output.",
|
|
})
|
|
|
|
return set
|
|
}
|
|
|
|
func (c *AuthListCommand) AutocompleteArgs() complete.Predictor {
|
|
return nil
|
|
}
|
|
|
|
func (c *AuthListCommand) AutocompleteFlags() complete.Flags {
|
|
return c.Flags().Completions()
|
|
}
|
|
|
|
func (c *AuthListCommand) Run(args []string) int {
|
|
f := c.Flags()
|
|
|
|
if err := f.Parse(args); err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 1
|
|
}
|
|
|
|
args = f.Args()
|
|
if len(args) > 0 {
|
|
c.UI.Error(fmt.Sprintf("Too many arguments (expected 0, got %d)", len(args)))
|
|
return 1
|
|
}
|
|
|
|
client, err := c.Client()
|
|
if err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 2
|
|
}
|
|
|
|
auths, err := client.Sys().ListAuth()
|
|
if err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error listing enabled authentications: %s", err))
|
|
return 2
|
|
}
|
|
|
|
switch Format(c.UI) {
|
|
case "table":
|
|
if c.flagDetailed {
|
|
c.UI.Output(tableOutput(c.detailedMounts(auths), nil))
|
|
return 0
|
|
}
|
|
c.UI.Output(tableOutput(c.simpleMounts(auths), nil))
|
|
return 0
|
|
default:
|
|
return OutputData(c.UI, auths)
|
|
}
|
|
}
|
|
|
|
func (c *AuthListCommand) simpleMounts(auths map[string]*api.AuthMount) []string {
|
|
paths := make([]string, 0, len(auths))
|
|
for path := range auths {
|
|
paths = append(paths, path)
|
|
}
|
|
sort.Strings(paths)
|
|
|
|
out := []string{"Path | Type | Accessor | Description | Version"}
|
|
for _, path := range paths {
|
|
mount := auths[path]
|
|
out = append(out, fmt.Sprintf("%s | %s | %s | %s | %s", path, mount.Type, mount.Accessor, mount.Description, mount.PluginVersion))
|
|
}
|
|
|
|
return out
|
|
}
|
|
|
|
func (c *AuthListCommand) detailedMounts(auths map[string]*api.AuthMount) []string {
|
|
paths := make([]string, 0, len(auths))
|
|
for path := range auths {
|
|
paths = append(paths, path)
|
|
}
|
|
sort.Strings(paths)
|
|
|
|
calcTTL := func(typ string, ttl int) string {
|
|
switch {
|
|
case typ == "system", typ == "cubbyhole":
|
|
return ""
|
|
case ttl != 0:
|
|
return strconv.Itoa(ttl)
|
|
default:
|
|
return "system"
|
|
}
|
|
}
|
|
|
|
out := []string{"Path | Plugin | Accessor | Default TTL | Max TTL | Token Type | Replication | Seal Wrap | External Entropy Access | Options | Description | UUID | Version | Running Version | Running SHA256 | Deprecation Status"}
|
|
for _, path := range paths {
|
|
mount := auths[path]
|
|
|
|
defaultTTL := calcTTL(mount.Type, mount.Config.DefaultLeaseTTL)
|
|
maxTTL := calcTTL(mount.Type, mount.Config.MaxLeaseTTL)
|
|
|
|
replication := "replicated"
|
|
if mount.Local {
|
|
replication = "local"
|
|
}
|
|
|
|
pluginName := mount.Type
|
|
if pluginName == "plugin" {
|
|
pluginName = mount.Config.PluginName
|
|
}
|
|
|
|
out = append(out, fmt.Sprintf("%s | %s | %s | %s | %s | %s | %s | %t | %v | %s | %s | %s | %s | %s | %s | %s",
|
|
path,
|
|
pluginName,
|
|
mount.Accessor,
|
|
defaultTTL,
|
|
maxTTL,
|
|
mount.Config.TokenType,
|
|
replication,
|
|
mount.SealWrap,
|
|
mount.ExternalEntropyAccess,
|
|
mount.Options,
|
|
mount.Description,
|
|
mount.UUID,
|
|
mount.PluginVersion,
|
|
mount.RunningVersion,
|
|
mount.RunningSha256,
|
|
mount.DeprecationStatus,
|
|
))
|
|
}
|
|
|
|
return out
|
|
}
|