open-vault/builtin/credential/github/cli.go

package github

import (
	"fmt"
	"os"
	"strings"

	"github.com/hashicorp/vault/api"
)

type CLIHandler struct{}

func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, error) {
	mount, ok := m["mount"]
	if !ok {
		mount = "github"
	}

	token, ok := m["token"]
	if !ok {
		if token = os.Getenv("VAULT_AUTH_GITHUB_TOKEN"); token == "" {
			return nil, fmt.Errorf("GitHub token should be provided either as 'value' for 'token' key,\nor via an env var VAULT_AUTH_GITHUB_TOKEN")
		}
	}

	path := fmt.Sprintf("auth/%s/login", mount)
	secret, err := c.Logical().Write(path, map[string]interface{}{
		"token": token,
	})
	if err != nil {
		return nil, err
	}
	if secret == nil {
		return nil, fmt.Errorf("empty response from credential provider")
	}

	return secret, nil
}

func (h *CLIHandler) Help() string {
	help := `
Usage: vault auth -method=github [CONFIG K=V...]

  The GitHub authentication provider allows users to authenticate using a
  GitHub personal access token. Users can generate a personal access token
  from the settings page on their GitHub account.

  Authenticate using a GitHub token:

      $ vault auth -method=github token=abcd1234

Configuration:

  mount=<string>
      Path where the GitHub credential provider is mounted. This is usually
      provided via the -path flag in the "vault auth" command, but it can be
      specified here as well. If specified here, it takes precedence over
      the value for -path. The default value is "github".

  token=<string>
      GitHub personal access token to use for authentication.
`

	return strings.TrimSpace(help)
}
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`package github`

			`import (`
			`"fmt"`
Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token 2016-06-09 17:38:46 +00:00			`"os"`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`"strings"`

			`"github.com/hashicorp/vault/api"`
			`)`

			`type CLIHandler struct{}`

Change auth helper interface to api.Secret. (#3263) This allows us to properly handle wrapped responses. Fixes #3217 2017-08-31 20:57:00 +00:00			`func (h CLIHandler) Auth(c api.Client, m map[string]string) (*api.Secret, error) {`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`mount, ok := m["mount"]`
			`if !ok {`
			`mount = "github"`
			`}`

			`token, ok := m["token"]`
			`if !ok {`
s/VAULT_GITHUB_AUTH_TOKEN/VAULT_AUTH_GITHUB_TOKEN 2016-06-09 18:00:56 +00:00			`if token = os.Getenv("VAULT_AUTH_GITHUB_TOKEN"); token == "" {`
Change auth helper interface to api.Secret. (#3263) This allows us to properly handle wrapped responses. Fixes #3217 2017-08-31 20:57:00 +00:00			`return nil, fmt.Errorf("GitHub token should be provided either as 'value' for 'token' key,\nor via an env var VAULT_AUTH_GITHUB_TOKEN")`
Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token 2016-06-09 17:38:46 +00:00			`}`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`}`

			`path := fmt.Sprintf("auth/%s/login", mount)`
			`secret, err := c.Logical().Write(path, map[string]interface{}{`
			`"token": token,`
			`})`
			`if err != nil {`
Change auth helper interface to api.Secret. (#3263) This allows us to properly handle wrapped responses. Fixes #3217 2017-08-31 20:57:00 +00:00			`return nil, err`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`}`
			`if secret == nil {`
Change auth helper interface to api.Secret. (#3263) This allows us to properly handle wrapped responses. Fixes #3217 2017-08-31 20:57:00 +00:00			`return nil, fmt.Errorf("empty response from credential provider")`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`}`

Change auth helper interface to api.Secret. (#3263) This allows us to properly handle wrapped responses. Fixes #3217 2017-08-31 20:57:00 +00:00			`return secret, nil`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`}`

			`func (h *CLIHandler) Help() string {`
			help := `
Update help output for github auth 2017-09-02 22:50:03 +00:00			`Usage: vault auth -method=github [CONFIG K=V...]`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00
Update help output for github auth 2017-09-02 22:50:03 +00:00			`The GitHub authentication provider allows users to authenticate using a`
			`GitHub personal access token. Users can generate a personal access token`
			`from the settings page on their GitHub account.`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00
Update help output for github auth 2017-09-02 22:50:03 +00:00			`Authenticate using a GitHub token:`
command/auth, github: improve cli docs /cc @sethvargo 2015-06-16 17:05:11 +00:00
Update help output for github auth 2017-09-02 22:50:03 +00:00			`$ vault auth -method=github token=abcd1234`
command/auth, github: improve cli docs /cc @sethvargo 2015-06-16 17:05:11 +00:00
Update help output for github auth 2017-09-02 22:50:03 +00:00			`Configuration:`

			`mount=<string>`
			`Path where the GitHub credential provider is mounted. This is usually`
			`provided via the -path flag in the "vault auth" command, but it can be`
			`specified here as well. If specified here, it takes precedence over`
			`the value for -path. The default value is "github".`

			`token=<string>`
			`GitHub personal access token to use for authentication.`
			`
credential/github: CLI handler 2015-04-06 16:53:43 +00:00
			`return strings.TrimSpace(help)`
			`}`