92 lines
2.2 KiB
Go
92 lines
2.2 KiB
Go
package command
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/mitchellh/cli"
|
|
"github.com/posener/complete"
|
|
)
|
|
|
|
// Ensure we are implementing the right interfaces.
|
|
var _ cli.Command = (*AuthDisableCommand)(nil)
|
|
var _ cli.CommandAutocomplete = (*AuthDisableCommand)(nil)
|
|
|
|
// AuthDisableCommand is a Command that enables a new endpoint.
|
|
type AuthDisableCommand struct {
|
|
*BaseCommand
|
|
}
|
|
|
|
func (c *AuthDisableCommand) Synopsis() string {
|
|
return "Disables an auth provider"
|
|
}
|
|
|
|
func (c *AuthDisableCommand) Help() string {
|
|
helpText := `
|
|
Usage: vault auth-disable [options] PATH
|
|
|
|
Disables an existing authentication provider at the given PATH. The argument
|
|
corresponds to the PATH of the mount, not the TYPE!. Once the auth provider
|
|
is disabled its path can no longer be used to authenticate. All access tokens
|
|
generated via the disabled auth provider are revoked.
|
|
|
|
This command will block until all tokens are revoked.
|
|
|
|
Disable the authentication provider at userpass/:
|
|
|
|
$ vault auth-disable userpass
|
|
|
|
For a full list of examples, please see the documentation.
|
|
|
|
` + c.Flags().Help()
|
|
|
|
return strings.TrimSpace(helpText)
|
|
}
|
|
|
|
func (c *AuthDisableCommand) Flags() *FlagSets {
|
|
return c.flagSet(FlagSetHTTP)
|
|
}
|
|
|
|
func (c *AuthDisableCommand) AutocompleteArgs() complete.Predictor {
|
|
return c.PredictVaultAuths()
|
|
}
|
|
|
|
func (c *AuthDisableCommand) AutocompleteFlags() complete.Flags {
|
|
return c.Flags().Completions()
|
|
}
|
|
|
|
func (c *AuthDisableCommand) Run(args []string) int {
|
|
f := c.Flags()
|
|
|
|
if err := f.Parse(args); err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 1
|
|
}
|
|
|
|
args = f.Args()
|
|
switch {
|
|
case len(args) < 1:
|
|
c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args)))
|
|
return 1
|
|
case len(args) > 1:
|
|
c.UI.Error(fmt.Sprintf("Too many arguments (expected 1, got %d)", len(args)))
|
|
return 1
|
|
}
|
|
|
|
path := ensureTrailingSlash(sanitizePath(args[0]))
|
|
|
|
client, err := c.Client()
|
|
if err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 2
|
|
}
|
|
|
|
if err := client.Sys().DisableAuth(path); err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error disabling auth at %s: %s", path, err))
|
|
return 2
|
|
}
|
|
|
|
c.UI.Output(fmt.Sprintf("Success! Disabled the auth provider (if it existed) at: %s", path))
|
|
return 0
|
|
}
|