diff --git a/authenticate.go b/authenticate.go index 4bac85e..2347941 100644 --- a/authenticate.go +++ b/authenticate.go @@ -12,8 +12,6 @@ import ( "path/filepath" ) -var authCmd *flag.FlagSet - type AuthenticateRequest struct { Accountid string `json:"accountid"` Username string `json:"username"` @@ -24,7 +22,106 @@ type AuthenticateResponse struct { Token string `json:"token"` } -func authLocalGetToken() { +type RoleToken struct { + Token string `json:"token"` +} + +type AttachRoleToIdentityRequest struct { + Identity string `json:"identity"` + Role string `json:"role"` +} + +var authCmd *flag.FlagSet + +var identityCommands = []Command{ + { + Names: []string{"login"}, + Description: "Login with username and password", + Handler: authLocalAuthenticate, + }, + { + Names: []string{"attachrole"}, + Description: "Attach Role to Identity", + Handler: authAttachRoleToIdentity, + }, +} + +func authAttachRoleToIdentity(args []string) { + var useRole string + var targetIdentity string + var targetRole string + + authAttachRoleCmd := flag.NewFlagSet("attachrole", flag.ExitOnError) + + authAttachRoleCmd.StringVar(&useRole, "use-role", "", "Using role (required)") + authAttachRoleCmd.StringVar(&targetIdentity, "target-identity", "", "Target identity (required)") + authAttachRoleCmd.StringVar(&targetRole, "target-role", "", "Target role (required)") + + authAttachRoleCmd.Parse(args) + + if useRole == "" { + fmt.Println("Error: --use-role is required") + os.Exit(1) + } + + if targetIdentity == "" { + fmt.Println("Error: --target-identity is required") + os.Exit(1) + } + if targetRole == "" { + fmt.Println("Error: --target-role is required") + os.Exit(1) + } + + // Get the role token we will use + roleData, err := os.ReadFile("/home/farhan/.pcloud/roles/" + useRole + ".json") + if err != nil { + fmt.Printf("Error opening identity file: %v\n", err) + os.Exit(1) + } + + var roleToken RoleToken + err = json.Unmarshal(roleData, &roleToken) + if err != nil { + fmt.Printf("Error reading identity file: %v\n", err) + os.Exit(1) + } + + var attachRoleToIdentityRequest AttachRoleToIdentityRequest + + attachRoleToIdentityRequest.Identity = targetIdentity + attachRoleToIdentityRequest.Role = targetRole + + attachRoleToIdentityRequestData, err := json.Marshal(attachRoleToIdentityRequest) + if err != nil { + fmt.Println("Error encoding JSON:", err) + os.Exit(1) + } + url := endpoint + "/identity/allow-role-to-identity" + req, err := http.NewRequest("POST", url, bytes.NewBuffer(attachRoleToIdentityRequestData)) + if err != nil { + log.Fatal("Error creating request:", err) + } + + req.Header.Set("Content-Type", "application/json") + req.Header.Set("Authorization", "Bearer "+roleToken.Token) + + // Set headers + req.Header.Set("Content-Type", "application/json") + + client := &http.Client{} + resp, err := client.Do(req) + if err != nil { + log.Fatal("Error making request:", err) + } + defer resp.Body.Close() + + fmt.Println("Response status:", resp.Status) + + if resp.StatusCode != http.StatusOK { + log.Fatal("Attach role to identity failed with status:", resp.Status) + } + // fmt.Printf("Attaching role %s to identity %s\n", targetRole, targetIdentity) } @@ -35,6 +132,11 @@ func authLocalAuthenticate(args []string) { var outputFormat string var saveProfile string + // fmt.Println("----") + // fmt.Println(args) + + authCmd = flag.NewFlagSet("authenticate", flag.ExitOnError) + authCmd.StringVar(&saveProfile, "save-profile", "", "Save authentication profile with given name") authCmd.StringVar(&authUsername, "u", "", "Username (required)") authCmd.StringVar(&authUsername, "username", "", "Username (required)") @@ -148,7 +250,26 @@ func authLocalAuthenticate(args []string) { } } +/* func authenticateMain(args []string) { authCmd = flag.NewFlagSet("auth", flag.ExitOnError) authLocalAuthenticate(args) } +*/ + +func authenticateMain(args []string) { + if len(args) < 1 { + fmt.Println("Error: subcommand is required") + os.Exit(1) + } + subcommand := args[0] + + cmd := findCommand(subcommand, identityCommands) + if cmd == nil { + fmt.Println("Error: unknown command:", subcommand) + os.Exit(1) + } + + cmd.Handler(args[1:]) + +} diff --git a/main.go b/main.go index 63a5fcb..a83050b 100644 --- a/main.go +++ b/main.go @@ -21,8 +21,8 @@ var commands = []Command{ Handler: roleMain, }, { - Names: []string{"auth", "authorization"}, - Description: "Role Management", + Names: []string{"authenticate", "authentication", "auth"}, + Description: "Authentication Management", Handler: authenticateMain, }, { diff --git a/role.go b/role.go index fc94b28..35674d1 100644 --- a/role.go +++ b/role.go @@ -109,6 +109,11 @@ func assumeRole(args []string) { os.Exit(1) } + if apiresponse.Status != "success" { + fmt.Printf("Error assuming role: %s\n", apiresponse.Message) + os.Exit(1) + } + home, err := os.UserHomeDir() if err != nil { panic(err) @@ -223,6 +228,8 @@ func roleMain(args []string) { } subcommand := args[0] + fmt.Println("Sub command", subcommand) + cmd := findCommand(subcommand, roleCommands) if cmd == nil { fmt.Println("Error: unknown command:", subcommand)