shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-22 18:50:08 +03:00
Code Releases Wiki Activity

feature #754: Add CLI functionality for ssh and x509

Browse Source
This commit is contained in:
Daniel Molina 2011-08-23 16:29:38 +02:00
parent 4ae6c2d8f0
commit 3769652006
2 changed files with 129 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
src/cli/one_helper/oneuser_helper.rb
View File

@ -47,6 +47,67 @@ class OneUserHelper < OpenNebulaHelper::OneHelper
return 0, password
end
def password(options)
if options[:ssh]
require 'ssh_auth'
options[:key] ||= ENV['HOME']+'/.ssh/id_rsa'
begin
sshauth = SshAuth.new(:private_key=>options[:key])
rescue Exception => e
return -1, e.message
end
return 0, sshauth.public_key
elsif options[:x509]
require 'x509_auth'
options[:cert] ||= ENV['X509_USER_CERT']
begin
x509auth = X509Auth.new(:cert=>options[:cert])
rescue Exception => e
return -1, e.message
end
return 0, x509auth.dn
else
return -1, "You have to specify an Auth method or define a password"
end
end
def login(username, options)
if options[:ssh]
require 'ssh_auth'
options[:key] ||= ENV['HOME']+'/.ssh/id_rsa'
begin
auth = SshAuth.new(:private_key=>options[:key])
rescue Exception => e
return -1, e.message
end
elsif options[:x509]
require 'x509_auth'
options[:cert] ||= ENV['X509_USER_CERT']
options[:key] ||= ENV['X509_USER_KEY']
begin
auth = X509Auth.new(:cert=>options[:cert], :key=>options[:key])
rescue Exception => e
return -1, e.message
end
else
return -1, "You have to specify an Auth method"
end
auth.login(username, options[:time])
return 0, 'export ONE_AUTH=' << auth.class::PROXY_PATH
end
private
def factory(id=nil)

72
src/cli/oneuser
View File

@ -59,7 +59,42 @@ cmd=CommandParser::CmdParser.new(ARGV) do
:description => "Store plain password"
}
create_options = [READ_FILE, PLAIN]
SSH={
:name => "ssh",
:large => "--ssh",
:description => "SSH Auth system"
}
X509={
:name => "x509",
:large => "--x509",
:description => "x509 Auth system"
}
KEY={
:name => "key",
:short => "-k private_key",
:large => "--key private_key",
:format => String,
:description => "Path to the Private Key of the User"
}
CERT={
:name => "cert",
:large => "--cert s",
:format => String,
:description => "Path to the Certificate of the User"
}
TIME={
:name => "time",
:large => "--time x",
:format => Integer,
:description => "Token duration in hours, (default 1)"
}
create_options = [READ_FILE, PLAIN, SSH, X509, KEY, CERT]
login_options = [SSH, X509, KEY, CERT, TIME]
########################################################################
# Formatters for arguments
@ -86,13 +121,42 @@ cmd=CommandParser::CmdParser.new(ARGV) do
create_desc = <<-EOT.unindent
Creates a new User
Examples:
oneuser create my_user my_password
oneuser create my_user /tmp/mypass -r
oneuser create my_user --ssh --key /tmp/id_rsa
oneuser create my_user --x509 --cert /tmp/my_cert.pem
EOT
command :create, create_desc, :username, :password,
command :create, create_desc, :username, [:password, nil],
:options=>create_options do
helper.create_resource(options) do |user|
user.allocate(args[0], args[1])
if args[1].nil?
rc = helper.password(options)
if rc.first == 0
pass = rc[1]
else
exit_with_code *rc
end
else
pass = args[1]
end
helper.create_resource(options) do |user|
user.allocate(args[0], pass)
end
end
login_desc = <<-EOT.unindent
Creates the Login token for authentication
Examples:
oneuser login my_user --ssh --key /tmp/id_rsa --time 72000
oneuser login my_user --x509 --cert /tmp/my_cert.pem \
--key /tmp/my_key.pk --time 72000
EOT
command :login, login_desc, :username, [:password, nil],
:options=>create_options do
helper.login(args[0], options)
end
delete_desc = <<-EOT.unindent