Module: Conjur::Authn
- Defined in:
- lib/conjur/authn.rb
Class Method Summary collapse
- .ask_for_credentials(options = {}) ⇒ Object
- .authenticate(options = {}) ⇒ Object
- .connect(cls = nil, options = {}) ⇒ Object
- .delete_credentials ⇒ Object
- .env_credentials ⇒ Object
- .fetch_credentials(options = {}) ⇒ Object
- .get_credentials(options = {}) ⇒ Object
- .host ⇒ Object
- .login(options = {}) ⇒ Object
- .netrc ⇒ Object
- .read_credentials ⇒ Object
- .write_credentials ⇒ Object
Class Method Details
.ask_for_credentials(options = {}) ⇒ Object
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'lib/conjur/authn.rb', line 83 def ask_for_credentials( = {}) raise "No Conjur credentials provided or found" if [:noask] # also use stderr here, because we might be prompting for a password as part # of a command like user:create that we'd want to send to a file. require 'highline' require 'conjur/api' hl = HighLine.new $stdin, $stderr user = [:username] || hl.ask("Enter your username to log into Conjur: ") pass = [:password] || hl.ask("Please enter your password (it will not be echoed): "){ |q| q.echo = false } api_key = if cas_server = [:"cas-server"] Conjur::API.login_cas(user, pass, cas_server) else Conjur::API.login(user, pass) end @credentials = [user, api_key] end |
.authenticate(options = {}) ⇒ Object
34 35 36 37 |
# File 'lib/conjur/authn.rb', line 34 def authenticate( = {}) require 'conjur/api' Conjur::API.authenticate(*get_credentials()) end |
.connect(cls = nil, options = {}) ⇒ Object
104 105 106 107 108 109 110 111 |
# File 'lib/conjur/authn.rb', line 104 def connect(cls = nil, = {}) if cls.nil? require 'conjur/api' require 'conjur/base' cls = Conjur::API end cls.new_from_key(*get_credentials()) end |
.delete_credentials ⇒ Object
39 40 41 42 |
# File 'lib/conjur/authn.rb', line 39 def delete_credentials netrc.delete host netrc.save end |
.env_credentials ⇒ Object
60 61 62 63 64 65 66 |
# File 'lib/conjur/authn.rb', line 60 def env_credentials if (login = ENV['CONJUR_AUTHN_LOGIN']) && (api_key = ENV['CONJUR_AUTHN_API_KEY']) [ login, api_key ] else nil end end |
.fetch_credentials(options = {}) ⇒ Object
72 73 74 75 |
# File 'lib/conjur/authn.rb', line 72 def fetch_credentials( = {}) ask_for_credentials() write_credentials end |
.get_credentials(options = {}) ⇒ Object
56 57 58 |
# File 'lib/conjur/authn.rb', line 56 def get_credentials( = {}) @credentials ||= (env_credentials || read_credentials || fetch_credentials()) end |
.login(options = {}) ⇒ Object
29 30 31 32 |
# File 'lib/conjur/authn.rb', line 29 def login( = {}) delete_credentials get_credentials() end |
.netrc ⇒ Object
48 49 50 51 52 53 54 |
# File 'lib/conjur/authn.rb', line 48 def netrc args = [] if path = Conjur::Config[:netrc_path] args.unshift(path) end @netrc ||= Netrc.read(*args) end |
.read_credentials ⇒ Object
68 69 70 |
# File 'lib/conjur/authn.rb', line 68 def read_credentials netrc[host] end |
.write_credentials ⇒ Object
77 78 79 80 81 |
# File 'lib/conjur/authn.rb', line 77 def write_credentials netrc[host] = @credentials netrc.save @credentials end |