From e78c97235192f52f940eeef35abd78886a9ac491 Mon Sep 17 00:00:00 2001
From: Mitchell Hashimoto <mitchell.hashimoto@gmail.com>
Date: Sun, 29 Mar 2015 16:42:45 -0700
Subject: [PATCH] command/auth: boilerplate

---
 command/auth.go      | 29 ++++++++++++++++++++++-------
 command/auth_test.go | 41 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+), 7 deletions(-)
 create mode 100644 command/auth_test.go

diff --git a/command/auth.go b/command/auth.go
index 922114b72..12747f187 100644
--- a/command/auth.go
+++ b/command/auth.go
@@ -18,6 +18,18 @@ func (c *AuthCommand) Run(args []string) int {
 		return 1
 	}
 
+	args = flags.Args()
+	if len(args) > 1 {
+		flags.Usage()
+		c.Ui.Error("\nError: auth expects at most one argument")
+		return 1
+	}
+	if method != "" && len(args) > 0 {
+		flags.Usage()
+		c.Ui.Error("\nError: auth expects no arguments if -method is specified")
+		return 1
+	}
+
 	return 0
 }
 
@@ -27,15 +39,18 @@ func (c *AuthCommand) Synopsis() string {
 
 func (c *AuthCommand) Help() string {
 	helpText := `
-Usage: vault auth [options]
+Usage: vault auth [options] [token]
 
-  Outputs instructions for authenticating with vault.
+  Authenticate with Vault with the given token or via any supported
+  authentication backend.
 
-  Vault authentication is always done via environmental variables. The
-  specific environmental variables and the meaning for each environmental
-  variable varies depending on the auth mechanism that Vault is using.
-  This command outputs the mechanism vault is using along with documentation
-  for how to authenticate.
+  If no -method is specified, then the token is expected. If it is not
+  given on the command-line, it will be asked via user input. If the
+  token is "-", it will be read from stdin.
+
+  By specifying -method, alternate authentication methods can be used
+  such as OAuth or TLS certificates. For these, additional -var flags
+  may be required. It is an error to specify a token with -method.
 
 General Options:
 
diff --git a/command/auth_test.go b/command/auth_test.go
new file mode 100644
index 000000000..99a156e3c
--- /dev/null
+++ b/command/auth_test.go
@@ -0,0 +1,41 @@
+package command
+
+import (
+	"testing"
+
+	"github.com/mitchellh/cli"
+)
+
+func TestAuth_argsWithMethod(t *testing.T) {
+	ui := new(cli.MockUi)
+	c := &AuthCommand{
+		Meta: Meta{
+			Ui: ui,
+		},
+	}
+
+	args := []string{
+		"-method=foo",
+		"bar",
+	}
+	if code := c.Run(args); code != 1 {
+		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
+	}
+}
+
+func TestAuth_tooManyArgs(t *testing.T) {
+	ui := new(cli.MockUi)
+	c := &AuthCommand{
+		Meta: Meta{
+			Ui: ui,
+		},
+	}
+
+	args := []string{
+		"foo",
+		"bar",
+	}
+	if code := c.Run(args); code != 1 {
+		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
+	}
+}