From a552dbd409e2eab56c094f51fba3e8716c560414 Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Mon, 8 Sep 2014 13:00:53 +0200 Subject: [PATCH] Revert "feature #2796: Show token in oneuser tool" This reverts commit f04b0bd92ca5027e0693666a47a353aa5f8186a2. --- src/cli/one_helper/oneuser_helper.rb | 63 ++++++++++++++++++++++++---- 1 file changed, 55 insertions(+), 8 deletions(-) diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index 499b35657d..95fc8b82d3 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -16,9 +16,18 @@ require 'one_helper' require 'one_helper/onequota_helper' -require 'time' + +# Interface for OpenNebula generated tokens. +class TokenAuth + def login_token(username, expire) + return OpenNebulaHelper::OneHelper.get_password + end +end class OneUserHelper < OpenNebulaHelper::OneHelper + + ONE_AUTH = ENV['HOME']+'/.one/one_auth' + def self.rname "USER" end @@ -91,7 +100,14 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return 0, auth.password end - def self.login(username, options) + ############################################################################ + # Generates a token and stores it in ONE_AUTH path as defined in this class + ############################################################################ + def login(username, options) + + #----------------------------------------------------------------------- + # Init the associated Authentication class to generate the token. + #----------------------------------------------------------------------- case options[:driver] when OpenNebula::User::SSH_AUTH require 'opennebula/ssh_auth' @@ -103,6 +119,7 @@ class OneUserHelper < OpenNebulaHelper::OneHelper rescue Exception => e return -1, e.message end + when OpenNebula::User::X509_AUTH require 'opennebula/x509_auth' @@ -117,6 +134,7 @@ class OneUserHelper < OpenNebulaHelper::OneHelper rescue Exception => e return -1, e.message end + when OpenNebula::User::X509_PROXY_AUTH require 'opennebula/x509_auth' @@ -135,15 +153,46 @@ class OneUserHelper < OpenNebulaHelper::OneHelper rescue => e return -1, e.message end + else - return -1, "You have to specify an Auth method" + auth = TokenAuth.new() #oned generated token end - options[:time] ||= 3600 + #----------------------------------------------------------------------- + # Check that ONE_AUTH target can be written + #----------------------------------------------------------------------- + if File.file?(ONE_AUTH) && !options[:force] + return -1, "File #{ONE_AUTH} exists, use --force to overwirte" + end - auth.login(username, options[:time]) + #----------------------------------------------------------------------- + # Authenticate with oned using the token/passwd and set/generate the + # authentication token for the user + #----------------------------------------------------------------------- + token = auth.login_token(username, options[:time]) + login_client = OpenNebula::Client.new("#{username}:#{token}") - return 0, 'export ONE_AUTH=' << auth.class::LOGIN_PATH + user = OpenNebula::User.new(User.build_xml, login_client) + + token_oned = user.login(username, token, options[:time]) + + return -1, token_oned.message if OpenNebula.is_error?(token_oned) + + #----------------------------------------------------------------------- + # Store the token in ONE_AUTH. + #----------------------------------------------------------------------- + begin + FileUtils.mkdir_p(File.dirname(ONE_AUTH)) + rescue Errno::EEXIST + end + + file = File.open(ONE_AUTH, "w") + file.write("#{username}:#{token_oned}") + file.close + + File.chmod(0600, ONE_AUTH) + + return 0, '' end def format_pool(options) @@ -299,8 +348,6 @@ class OneUserHelper < OpenNebulaHelper::OneHelper puts str % ["SECONDARY GROUPS", groups.join(',') ] if groups.size > 1 puts str % ["PASSWORD", user['PASSWORD']] puts str % ["AUTH_DRIVER", user['AUTH_DRIVER']] - puts str % ["LOGIN_TOKEN", user['LOGIN_TOKEN/TOKEN']] - puts str % ["VALIDITY", "not after #{Time.at(user['LOGIN_TOKEN/EXPIRATION_TIME'].to_i)}"] if !user['LOGIN_TOKEN/EXPIRATION_TIME'].nil? puts str % ["ENABLED", OpenNebulaHelper.boolean_to_str(user['ENABLED'])]