command/auth: setting tokens works
This commit is contained in:
Mitchell Hashimoto
parent
e3593d8bdc
commit
47a293579f
|
|
@ -1,7 +1,11 @@
|
|||
package command
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/vault/helper/password"
|
||||
)
|
||||
|
||||
// AuthCommand is a Command that handles authentication.
|
||||
|
|
@ -30,6 +34,59 @@ func (c *AuthCommand) Run(args []string) int {
|
|||
return 1
|
||||
}
|
||||
|
||||
tokenHelper, err := c.TokenHelper()
|
||||
if err != nil {
|
||||
c.Ui.Error(fmt.Sprintf(
|
||||
"Error initializing token helper: %s\n\n"+
|
||||
"Please verify that the token helper is available and properly\n"+
|
||||
"configured for your system. Please refer to the documentation\n"+
|
||||
"on token helpers for more information.",
|
||||
err))
|
||||
return 1
|
||||
}
|
||||
|
||||
// token is where the final token will go
|
||||
var token string
|
||||
if method == "" {
|
||||
if len(args) > 0 {
|
||||
token = args[0]
|
||||
|
||||
// TODO(mitchellh): stdin
|
||||
} else {
|
||||
// No arguments given, read the token from user input
|
||||
fmt.Printf("Token (will be hidden): ")
|
||||
token, err = password.Read(os.Stdin)
|
||||
if err != nil {
|
||||
c.Ui.Error(fmt.Sprintf(
|
||||
"Error attempting to ask for token. The raw error message\n"+
|
||||
"is shown below, but the most common reason for this error is\n"+
|
||||
"that you attempted to pipe a value into auth. If you want to\n"+
|
||||
"pipe the token, please pass '-' as the token argument.\n\n"+
|
||||
"Raw error: %s", err))
|
||||
return 1
|
||||
}
|
||||
}
|
||||
|
||||
if token == "" {
|
||||
c.Ui.Error(fmt.Sprintf(
|
||||
"A token must be passed to auth. Please view the help\n" +
|
||||
"for more information."))
|
||||
return 1
|
||||
}
|
||||
} else {
|
||||
// TODO(mitchellh): other auth methods
|
||||
}
|
||||
|
||||
// Store the token!
|
||||
if err := tokenHelper.Store(token); err != nil {
|
||||
c.Ui.Error(fmt.Sprintf(
|
||||
"Error storing token: %s\n\n"+
|
||||
"Authentication was not successful and did not persist.\n"+
|
||||
"Please reauthenticate, or fix the issue above if possible.",
|
||||
err))
|
||||
return 1
|
||||
}
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,11 +1,45 @@
|
|||
package command
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/mitchellh/cli"
|
||||
)
|
||||
|
||||
func TestAuth_token(t *testing.T) {
|
||||
testAuthInit(t)
|
||||
|
||||
ui := new(cli.MockUi)
|
||||
c := &AuthCommand{
|
||||
Meta: Meta{
|
||||
Ui: ui,
|
||||
},
|
||||
}
|
||||
|
||||
args := []string{
|
||||
"foo",
|
||||
}
|
||||
if code := c.Run(args); code != 0 {
|
||||
t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
|
||||
}
|
||||
|
||||
helper, err := c.TokenHelper()
|
||||
if err != nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
actual, err := helper.Get()
|
||||
if err != nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
if actual != "foo" {
|
||||
t.Fatalf("bad: %s", actual)
|
||||
}
|
||||
}
|
||||
|
||||
func TestAuth_argsWithMethod(t *testing.T) {
|
||||
ui := new(cli.MockUi)
|
||||
c := &AuthCommand{
|
||||
|
|
@ -39,3 +73,12 @@ func TestAuth_tooManyArgs(t *testing.T) {
|
|||
t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
|
||||
}
|
||||
}
|
||||
|
||||
func testAuthInit(t *testing.T) {
|
||||
td, err := ioutil.TempDir("", "vault")
|
||||
if err != nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
os.Setenv("HOME", td)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -44,19 +44,21 @@ func LoadConfig(path string) (*Config, error) {
|
|||
return nil, fmt.Errorf("Error expanding config path: %s", err)
|
||||
}
|
||||
|
||||
contents, err := ioutil.ReadFile(path)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
obj, err := hcl.Parse(string(contents))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var config Config
|
||||
if err := hcl.DecodeObject(&config, obj); err != nil {
|
||||
return nil, err
|
||||
contents, err := ioutil.ReadFile(path)
|
||||
if !os.IsNotExist(err) {
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
obj, err := hcl.Parse(string(contents))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if err := hcl.DecodeObject(&config, obj); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return &config, nil
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/hashicorp/vault/api"
|
||||
"github.com/hashicorp/vault/command/token"
|
||||
"github.com/mitchellh/cli"
|
||||
)
|
||||
|
||||
|
|
@ -126,3 +127,19 @@ func (m *Meta) FlagSet(n string, fs FlagSetFlags) *flag.FlagSet {
|
|||
|
||||
return f
|
||||
}
|
||||
|
||||
// TokenHelper returns the token helper that is configured for Vault.
|
||||
func (m *Meta) TokenHelper() (*token.Helper, error) {
|
||||
config, err := m.Config()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
path := config.TokenHelper
|
||||
if path == "" {
|
||||
path = "disk"
|
||||
}
|
||||
|
||||
path = token.HelperPath(path)
|
||||
return &token.Helper{Path: path}, nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue