Restructuring role, working through Allow Role to Identity functionality
This commit is contained in:
127
authenticate.go
127
authenticate.go
@@ -12,8 +12,6 @@ import (
|
||||
"path/filepath"
|
||||
)
|
||||
|
||||
var authCmd *flag.FlagSet
|
||||
|
||||
type AuthenticateRequest struct {
|
||||
Accountid string `json:"accountid"`
|
||||
Username string `json:"username"`
|
||||
@@ -24,7 +22,106 @@ type AuthenticateResponse struct {
|
||||
Token string `json:"token"`
|
||||
}
|
||||
|
||||
func authLocalGetToken() {
|
||||
type RoleToken struct {
|
||||
Token string `json:"token"`
|
||||
}
|
||||
|
||||
type AttachRoleToIdentityRequest struct {
|
||||
Identity string `json:"identity"`
|
||||
Role string `json:"role"`
|
||||
}
|
||||
|
||||
var authCmd *flag.FlagSet
|
||||
|
||||
var identityCommands = []Command{
|
||||
{
|
||||
Names: []string{"login"},
|
||||
Description: "Login with username and password",
|
||||
Handler: authLocalAuthenticate,
|
||||
},
|
||||
{
|
||||
Names: []string{"attachrole"},
|
||||
Description: "Attach Role to Identity",
|
||||
Handler: authAttachRoleToIdentity,
|
||||
},
|
||||
}
|
||||
|
||||
func authAttachRoleToIdentity(args []string) {
|
||||
var useRole string
|
||||
var targetIdentity string
|
||||
var targetRole string
|
||||
|
||||
authAttachRoleCmd := flag.NewFlagSet("attachrole", flag.ExitOnError)
|
||||
|
||||
authAttachRoleCmd.StringVar(&useRole, "use-role", "", "Using role (required)")
|
||||
authAttachRoleCmd.StringVar(&targetIdentity, "target-identity", "", "Target identity (required)")
|
||||
authAttachRoleCmd.StringVar(&targetRole, "target-role", "", "Target role (required)")
|
||||
|
||||
authAttachRoleCmd.Parse(args)
|
||||
|
||||
if useRole == "" {
|
||||
fmt.Println("Error: --use-role is required")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
if targetIdentity == "" {
|
||||
fmt.Println("Error: --target-identity is required")
|
||||
os.Exit(1)
|
||||
}
|
||||
if targetRole == "" {
|
||||
fmt.Println("Error: --target-role is required")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
// Get the role token we will use
|
||||
roleData, err := os.ReadFile("/home/farhan/.pcloud/roles/" + useRole + ".json")
|
||||
if err != nil {
|
||||
fmt.Printf("Error opening identity file: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
var roleToken RoleToken
|
||||
err = json.Unmarshal(roleData, &roleToken)
|
||||
if err != nil {
|
||||
fmt.Printf("Error reading identity file: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
var attachRoleToIdentityRequest AttachRoleToIdentityRequest
|
||||
|
||||
attachRoleToIdentityRequest.Identity = targetIdentity
|
||||
attachRoleToIdentityRequest.Role = targetRole
|
||||
|
||||
attachRoleToIdentityRequestData, err := json.Marshal(attachRoleToIdentityRequest)
|
||||
if err != nil {
|
||||
fmt.Println("Error encoding JSON:", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
url := endpoint + "/identity/allow-role-to-identity"
|
||||
req, err := http.NewRequest("POST", url, bytes.NewBuffer(attachRoleToIdentityRequestData))
|
||||
if err != nil {
|
||||
log.Fatal("Error creating request:", err)
|
||||
}
|
||||
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
req.Header.Set("Authorization", "Bearer "+roleToken.Token)
|
||||
|
||||
// Set headers
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
|
||||
client := &http.Client{}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
log.Fatal("Error making request:", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
fmt.Println("Response status:", resp.Status)
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
log.Fatal("Attach role to identity failed with status:", resp.Status)
|
||||
}
|
||||
// fmt.Printf("Attaching role %s to identity %s\n", targetRole, targetIdentity)
|
||||
|
||||
}
|
||||
|
||||
@@ -35,6 +132,11 @@ func authLocalAuthenticate(args []string) {
|
||||
var outputFormat string
|
||||
var saveProfile string
|
||||
|
||||
// fmt.Println("----")
|
||||
// fmt.Println(args)
|
||||
|
||||
authCmd = flag.NewFlagSet("authenticate", flag.ExitOnError)
|
||||
|
||||
authCmd.StringVar(&saveProfile, "save-profile", "", "Save authentication profile with given name")
|
||||
authCmd.StringVar(&authUsername, "u", "", "Username (required)")
|
||||
authCmd.StringVar(&authUsername, "username", "", "Username (required)")
|
||||
@@ -148,7 +250,26 @@ func authLocalAuthenticate(args []string) {
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
func authenticateMain(args []string) {
|
||||
authCmd = flag.NewFlagSet("auth", flag.ExitOnError)
|
||||
authLocalAuthenticate(args)
|
||||
}
|
||||
*/
|
||||
|
||||
func authenticateMain(args []string) {
|
||||
if len(args) < 1 {
|
||||
fmt.Println("Error: subcommand is required")
|
||||
os.Exit(1)
|
||||
}
|
||||
subcommand := args[0]
|
||||
|
||||
cmd := findCommand(subcommand, identityCommands)
|
||||
if cmd == nil {
|
||||
fmt.Println("Error: unknown command:", subcommand)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
cmd.Handler(args[1:])
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user