diff --git a/src/authm_mad/remotes/server_cipher/server_cipher_auth.rb b/src/authm_mad/remotes/server_cipher/server_cipher_auth.rb index 5a88203f45..07139b5a6a 100644 --- a/src/authm_mad/remotes/server_cipher/server_cipher_auth.rb +++ b/src/authm_mad/remotes/server_cipher/server_cipher_auth.rb @@ -48,8 +48,8 @@ class ServerCipherAuth auth.rstrip! - @server_user, passwd = auth.split(':') - @key = Digest::SHA1.hexdigest(passwd) + @server_user, @passwd = auth.split(':') + @key = Digest::SHA1.hexdigest(@passwd) @cipher = OpenSSL::Cipher::Cipher.new(CIPHER) rescue @@ -70,6 +70,10 @@ class ServerCipherAuth return "#{@server_user}:#{token64}" end + # Returns a valid password string to create a user using this auth driver + def password + return @passwd + end ########################################################################### # Server side ########################################################################### diff --git a/src/authm_mad/remotes/ssh/ssh_auth.rb b/src/authm_mad/remotes/ssh/ssh_auth.rb index 3a48e8917c..477effff38 100644 --- a/src/authm_mad/remotes/ssh/ssh_auth.rb +++ b/src/authm_mad/remotes/ssh/ssh_auth.rb @@ -91,6 +91,12 @@ class SshAuth secret_crypted end + # Returns a valid password string to create a user using this auth driver. + # In this case the dn of the user certificate. + def password + @public_key + end + # Checks the proxy created with the login method def authenticate(user, token) begin diff --git a/src/authm_mad/remotes/x509/x509_auth.rb b/src/authm_mad/remotes/x509/x509_auth.rb index caf0cfdb3b..325027f25d 100644 --- a/src/authm_mad/remotes/x509/x509_auth.rb +++ b/src/authm_mad/remotes/x509/x509_auth.rb @@ -79,8 +79,9 @@ class X509Auth write_login(login_token(user,expire)) end - # Returns the dn of the user certificate - def dn + # Returns a valid password string to create a user using this auth driver. + # In this case the dn of the user certificate. + def password @cert_chain[0].subject.to_s.delete("\s") end diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index 185beb974e..d3a78b0955 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -37,11 +37,11 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return -1, "Can not read file: #{arg}" end else - if options[:x509] - password = arg.delete("\s") - else - password = arg - end + password = arg + end + + if options[:x509] + password.delete!("\s") end return 0, password @@ -56,12 +56,10 @@ class OneUserHelper < OpenNebulaHelper::OneHelper require 'ssh_auth' begin - sshauth = SshAuth.new(:private_key=>options[:key]) + auth = SshAuth.new(:private_key=>options[:key]) rescue Exception => e return -1, e.message end - - return 0, sshauth.public_key elsif options[:x509] options[:cert] ||= ENV['X509_USER_CERT'] @@ -72,16 +70,16 @@ class OneUserHelper < OpenNebulaHelper::OneHelper require 'x509_auth' begin - cert = [File.read(options[:cert])] - x509auth = X509Auth.new(:certs_pem=>cert) + cert = [File.read(options[:cert])] + auth = X509Auth.new(:certs_pem=>cert) rescue Exception => e return -1, e.message end - - return 0, x509auth.dn else return -1, "You have to specify an Auth method or define a password" end + + return 0, auth.password end def self.login(username, options)