Class: CF::UAA::TokenCli

Inherits:
CommonCli show all
Defined in:
lib/uaa/cli/token.rb

Constant Summary collapse

CF_TOKEN_FILE =
File.join ENV["HOME"], ".cf_token"
CF_TARGET_FILE =
File.join ENV["HOME"], ".cf_target"

Instance Method Summary collapse

Methods inherited from CommonCli

#askd, #auth_header, #clientid, #clientname, #clientsecret, #complain, #debug?, #handle_request, #passcode, #scim_common_list, #scim_get_helper, #scim_get_object, #scim_get_user_object, #scim_request, #trace?, #update_target_info, #username, #userpwd, #verified_pwd

Methods inherited from Topic

#add_command, #ask, #ask_pwd, commands, define_option, desc, #gripe, #help_col_start, #initialize, #opt_help, #opt_strs, option_defs, #opts, #pp, #print_tree, #say, #say_cmd_helper, #say_command_help, #say_commands, #say_definition, #say_help, #terminal_columns, topic

Constructor Details

This class inherits a constructor from CF::UAA::Topic

Instance Method Details

#issuer_request(client_id, secret = nil, code_verifier = nil) ⇒ Object



93
94
95
96
97
98
99
100
101
102
103
104
# File 'lib/uaa/cli/token.rb', line 93

def issuer_request(client_id, secret = nil, code_verifier = nil)
  update_target_info
  yield TokenIssuer.new(Config.target.to_s, client_id, secret,
      { token_target: Config.target_value(:token_endpoint),
        basic_auth: Config.target_value(:basic_auth),
        use_pkce: true,
        code_verifier: code_verifier,
        skip_ssl_validation: Config.target_value(:skip_ssl_validation),
        ssl_ca_file: Config.target_value(:ca_cert) })
rescue Exception => e
  complain e
end

#say_success(grant) ⇒ Object



73
74
75
# File 'lib/uaa/cli/token.rb', line 73

def say_success(grant)
  say "\nSuccessfully fetched token via #{grant} grant.\nTarget: #{Config.target}\nContext: #{Config.context}, from client #{Config[:client_id]}\n\n"
end

#set_context(token_info) ⇒ Object



77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# File 'lib/uaa/cli/token.rb', line 77

def set_context(token_info)
  return gripe "attempt to get token failed\n" unless token_info && token_info["access_token"]
  contents = TokenCoder.decode(token_info["access_token"], verify: false)
  new_context = contents["user_name"] || contents["client_id"] || "bad_token"
  Config.delete(Config.target, new_context)
  Config.context = new_context
  did_save = true
  (did_save &= Config.add_opts(user_id: contents["user_id"])) if contents["user_id"]
  (did_save &= Config.add_opts(client_id: contents["client_id"])) if contents["client_id"]
  jti = token_info.delete("jti") if token_info.has_key? "jti"
  did_save &= Config.add_opts token_info
  (did_save &= Config.add_opts(scope: contents["scope"])) if contents["scope"]
  (did_save &= Config.add_opts(jti: jti)) if jti
  did_save
end

#use_browser(client_id, secret = nil, grant = nil) ⇒ Object



167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
# File 'lib/uaa/cli/token.rb', line 167

def use_browser(client_id, secret = nil, grant = nil)
  do_authcode = (not grant.nil?) && (grant == 'authcode')
  code_verifier = SecureRandom.base64(96).tr("+/", "-_").tr("=", "")
  catcher = Stub::Server.new(TokenCatcher,
      logger: Util.default_logger(debug? ? :debug : trace? ? :trace : :info),
      info: {client_id: client_id, client_secret: secret, code_verifier: code_verifier, do_authcode: do_authcode},
      port: opts[:port]).run_on_thread
  uri = issuer_request(client_id, secret, code_verifier) { |ti|
    do_authcode ? ti.authcode_uri("#{catcher.url}/authcode", opts[:scope]) :
        ti.implicit_uri("#{catcher.url}/callback", opts[:scope])
  }
  return unless catcher.info[:uri] = uri
  say " and launching browser with #{uri}"
  Launchy.open(uri, debug: false, dry_run: false)
  print "waiting for token "
  while catcher.info[:uri] || !catcher.info[:token_info]
    sleep 5
    print "."
  end
  say_success(do_authcode ? "authorization code" : "implicit") if set_context(catcher.info[:token_info])
  return unless opts[:cf]
  begin
    cf_target = File.open(CF_TARGET_FILE, 'r') { |f| f.read.strip }
    tok_json = File.open(CF_TOKEN_FILE, 'r') { |f| f.read } if File.exist?(CF_TOKEN_FILE)
    cf_tokens = Util.json_parse(tok_json, :none) || {}
    cf_tokens[cf_target] = auth_header
    File.open(CF_TOKEN_FILE, 'w') { |f| f.write(cf_tokens.to_json) }
  rescue Exception => e
    gripe "\nUnable to save token to cf token file"
    complain e
  end
end