From f04b0bd92ca5027e0693666a47a353aa5f8186a2 Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Mon, 8 Sep 2014 11:16:10 +0200 Subject: [PATCH] feature #2796: Show token in oneuser tool --- src/cli/one_helper/oneuser_helper.rb | 63 ++++------------------------ 1 file changed, 8 insertions(+), 55 deletions(-) diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index 95fc8b82d3..499b35657d 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -16,18 +16,9 @@ require 'one_helper' require 'one_helper/onequota_helper' - -# Interface for OpenNebula generated tokens. -class TokenAuth - def login_token(username, expire) - return OpenNebulaHelper::OneHelper.get_password - end -end +require 'time' class OneUserHelper < OpenNebulaHelper::OneHelper - - ONE_AUTH = ENV['HOME']+'/.one/one_auth' - def self.rname "USER" end @@ -100,14 +91,7 @@ class OneUserHelper < OpenNebulaHelper::OneHelper return 0, auth.password end - ############################################################################ - # Generates a token and stores it in ONE_AUTH path as defined in this class - ############################################################################ - def login(username, options) - - #----------------------------------------------------------------------- - # Init the associated Authentication class to generate the token. - #----------------------------------------------------------------------- + def self.login(username, options) case options[:driver] when OpenNebula::User::SSH_AUTH require 'opennebula/ssh_auth' @@ -119,7 +103,6 @@ class OneUserHelper < OpenNebulaHelper::OneHelper rescue Exception => e return -1, e.message end - when OpenNebula::User::X509_AUTH require 'opennebula/x509_auth' @@ -134,7 +117,6 @@ class OneUserHelper < OpenNebulaHelper::OneHelper rescue Exception => e return -1, e.message end - when OpenNebula::User::X509_PROXY_AUTH require 'opennebula/x509_auth' @@ -153,46 +135,15 @@ class OneUserHelper < OpenNebulaHelper::OneHelper rescue => e return -1, e.message end - else - auth = TokenAuth.new() #oned generated token + return -1, "You have to specify an Auth method" end - #----------------------------------------------------------------------- - # Check that ONE_AUTH target can be written - #----------------------------------------------------------------------- - if File.file?(ONE_AUTH) && !options[:force] - return -1, "File #{ONE_AUTH} exists, use --force to overwirte" - end + options[:time] ||= 3600 - #----------------------------------------------------------------------- - # Authenticate with oned using the token/passwd and set/generate the - # authentication token for the user - #----------------------------------------------------------------------- - token = auth.login_token(username, options[:time]) - login_client = OpenNebula::Client.new("#{username}:#{token}") + auth.login(username, options[:time]) - user = OpenNebula::User.new(User.build_xml, login_client) - - token_oned = user.login(username, token, options[:time]) - - return -1, token_oned.message if OpenNebula.is_error?(token_oned) - - #----------------------------------------------------------------------- - # Store the token in ONE_AUTH. - #----------------------------------------------------------------------- - begin - FileUtils.mkdir_p(File.dirname(ONE_AUTH)) - rescue Errno::EEXIST - end - - file = File.open(ONE_AUTH, "w") - file.write("#{username}:#{token_oned}") - file.close - - File.chmod(0600, ONE_AUTH) - - return 0, '' + return 0, 'export ONE_AUTH=' << auth.class::LOGIN_PATH end def format_pool(options) @@ -348,6 +299,8 @@ class OneUserHelper < OpenNebulaHelper::OneHelper puts str % ["SECONDARY GROUPS", groups.join(',') ] if groups.size > 1 puts str % ["PASSWORD", user['PASSWORD']] puts str % ["AUTH_DRIVER", user['AUTH_DRIVER']] + puts str % ["LOGIN_TOKEN", user['LOGIN_TOKEN/TOKEN']] + puts str % ["VALIDITY", "not after #{Time.at(user['LOGIN_TOKEN/EXPIRATION_TIME'].to_i)}"] if !user['LOGIN_TOKEN/EXPIRATION_TIME'].nil? puts str % ["ENABLED", OpenNebulaHelper.boolean_to_str(user['ENABLED'])]