Class: CF::UAA::TokenCli

Inherits:

CommonCli

• Object
• Topic
• CommonCli
• CF::UAA::TokenCli

Defined in:

lib/uaa/cli/token.rb

Constant Summary

CF_TOKEN_FILE =

File.join ENV["HOME"], ".cf_token"

CF_TARGET_FILE =

File.join ENV["HOME"], ".cf_target"

Instance Method Summary

• #issuer_request(client_id, secret = nil, code_verifier = nil) ⇒ Object
• #say_success(grant) ⇒ Object
• #set_context(token_info) ⇒ Object
• #use_browser(client_id, secret = nil, grant = nil) ⇒ Object

Methods inherited from CommonCli

#askd, #auth_header, #clientid, #clientname, #clientsecret, #complain, #debug?, #handle_request, #passcode, #scim_common_list, #scim_get_helper, #scim_get_object, #scim_get_user_object, #scim_request, #trace?, #update_target_info, #username, #userpwd, #verified_pwd

Methods inherited from Topic

#add_command, #ask, #ask_pwd, commands, define_option, desc, #gripe, #help_col_start, #initialize, #opt_help, #opt_strs, option_defs, #opts, #pp, #print_tree, #say, #say_cmd_helper, #say_command_help, #say_commands, #say_definition, #say_help, #terminal_columns, topic

Constructor Details

This class inherits a constructor from CF::UAA::Topic

Instance Method Details

#issuer_request(client_id, secret = nil, code_verifier = nil) ⇒ Object

# File 'lib/uaa/cli/token.rb', line 93

def issuer_request(client_id, secret = nil, code_verifier = nil)
  update_target_info
  yield TokenIssuer.new(Config.target.to_s, client_id, secret,
      { token_target: Config.target_value(:token_endpoint),
        basic_auth: Config.target_value(:basic_auth),
        use_pkce: true,
        code_verifier: code_verifier,
        skip_ssl_validation: Config.target_value(:skip_ssl_validation),
        ssl_ca_file: Config.target_value(:ca_cert) })
rescue Exception => e
  complain e
end

#say_success(grant) ⇒ Object

# File 'lib/uaa/cli/token.rb', line 73

def say_success(grant)
  say "\nSuccessfully fetched token via #{grant} grant.\nTarget: #{Config.target}\nContext: #{Config.context}, from client #{Config[:client_id]}\n\n"
end

#set_context(token_info) ⇒ Object

# File 'lib/uaa/cli/token.rb', line 77

def set_context(token_info)
  return gripe "attempt to get token failed\n" unless token_info && token_info["access_token"]
  contents = TokenCoder.decode(token_info["access_token"], verify: false)
  new_context = contents["user_name"] || contents["client_id"] || "bad_token"
  Config.delete(Config.target, new_context)
  Config.context = new_context
  did_save = true
  (did_save &= Config.add_opts(user_id: contents["user_id"])) if contents["user_id"]
  (did_save &= Config.add_opts(client_id: contents["client_id"])) if contents["client_id"]
  jti = token_info.delete("jti") if token_info.has_key? "jti"
  did_save &= Config.add_opts token_info
  (did_save &= Config.add_opts(scope: contents["scope"])) if contents["scope"]
  (did_save &= Config.add_opts(jti: jti)) if jti
  did_save
end

#use_browser(client_id, secret = nil, grant = nil) ⇒ Object

# File 'lib/uaa/cli/token.rb', line 167

def use_browser(client_id, secret = nil, grant = nil)
  do_authcode = (not grant.nil?) && (grant == 'authcode')
  code_verifier = SecureRandom.base64(96).tr("+/", "-_").tr("=", "")
  catcher = Stub::Server.new(TokenCatcher,
      logger: Util.default_logger(debug? ? :debug : trace? ? :trace : :info),
      info: {client_id: client_id, client_secret: secret, code_verifier: code_verifier, do_authcode: do_authcode},
      port: opts[:port]).run_on_thread
  uri = issuer_request(client_id, secret, code_verifier) { |ti|
    do_authcode ? ti.authcode_uri("#{catcher.url}/authcode", opts[:scope]) :
        ti.implicit_uri("#{catcher.url}/callback", opts[:scope])
  }
  return unless catcher.info[:uri] = uri
  say " and launching browser with #{uri}"
  Launchy.open(uri, debug: false, dry_run: false)
  print "waiting for token "
  while catcher.info[:uri] || !catcher.info[:token_info]
    sleep 5
    print "."
  end
  say_success(do_authcode ? "authorization code" : "implicit") if set_context(catcher.info[:token_info])
  return unless opts[:cf]
  begin
    cf_target = File.open(CF_TARGET_FILE, 'r') { |f| f.read.strip }
    tok_json = File.open(CF_TOKEN_FILE, 'r') { |f| f.read } if File.exist?(CF_TOKEN_FILE)
    cf_tokens = Util.json_parse(tok_json, :none) || {}
    cf_tokens[cf_target] = auth_header
    File.open(CF_TOKEN_FILE, 'w') { |f| f.write(cf_tokens.to_json) }
  rescue Exception => e
    gripe "\nUnable to save token to cf token file"
    complain e
  end
end