Restructuring role, working through Allow Role to Identity functionality
This commit is contained in:
127
authenticate.go
127
authenticate.go
@@ -12,8 +12,6 @@ import (
|
|||||||
"path/filepath"
|
"path/filepath"
|
||||||
)
|
)
|
||||||
|
|
||||||
var authCmd *flag.FlagSet
|
|
||||||
|
|
||||||
type AuthenticateRequest struct {
|
type AuthenticateRequest struct {
|
||||||
Accountid string `json:"accountid"`
|
Accountid string `json:"accountid"`
|
||||||
Username string `json:"username"`
|
Username string `json:"username"`
|
||||||
@@ -24,7 +22,106 @@ type AuthenticateResponse struct {
|
|||||||
Token string `json:"token"`
|
Token string `json:"token"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func authLocalGetToken() {
|
type RoleToken struct {
|
||||||
|
Token string `json:"token"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type AttachRoleToIdentityRequest struct {
|
||||||
|
Identity string `json:"identity"`
|
||||||
|
Role string `json:"role"`
|
||||||
|
}
|
||||||
|
|
||||||
|
var authCmd *flag.FlagSet
|
||||||
|
|
||||||
|
var identityCommands = []Command{
|
||||||
|
{
|
||||||
|
Names: []string{"login"},
|
||||||
|
Description: "Login with username and password",
|
||||||
|
Handler: authLocalAuthenticate,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Names: []string{"attachrole"},
|
||||||
|
Description: "Attach Role to Identity",
|
||||||
|
Handler: authAttachRoleToIdentity,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
func authAttachRoleToIdentity(args []string) {
|
||||||
|
var useRole string
|
||||||
|
var targetIdentity string
|
||||||
|
var targetRole string
|
||||||
|
|
||||||
|
authAttachRoleCmd := flag.NewFlagSet("attachrole", flag.ExitOnError)
|
||||||
|
|
||||||
|
authAttachRoleCmd.StringVar(&useRole, "use-role", "", "Using role (required)")
|
||||||
|
authAttachRoleCmd.StringVar(&targetIdentity, "target-identity", "", "Target identity (required)")
|
||||||
|
authAttachRoleCmd.StringVar(&targetRole, "target-role", "", "Target role (required)")
|
||||||
|
|
||||||
|
authAttachRoleCmd.Parse(args)
|
||||||
|
|
||||||
|
if useRole == "" {
|
||||||
|
fmt.Println("Error: --use-role is required")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
if targetIdentity == "" {
|
||||||
|
fmt.Println("Error: --target-identity is required")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
if targetRole == "" {
|
||||||
|
fmt.Println("Error: --target-role is required")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the role token we will use
|
||||||
|
roleData, err := os.ReadFile("/home/farhan/.pcloud/roles/" + useRole + ".json")
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("Error opening identity file: %v\n", err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
var roleToken RoleToken
|
||||||
|
err = json.Unmarshal(roleData, &roleToken)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("Error reading identity file: %v\n", err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
var attachRoleToIdentityRequest AttachRoleToIdentityRequest
|
||||||
|
|
||||||
|
attachRoleToIdentityRequest.Identity = targetIdentity
|
||||||
|
attachRoleToIdentityRequest.Role = targetRole
|
||||||
|
|
||||||
|
attachRoleToIdentityRequestData, err := json.Marshal(attachRoleToIdentityRequest)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error encoding JSON:", err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
url := endpoint + "/identity/allow-role-to-identity"
|
||||||
|
req, err := http.NewRequest("POST", url, bytes.NewBuffer(attachRoleToIdentityRequestData))
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal("Error creating request:", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
req.Header.Set("Content-Type", "application/json")
|
||||||
|
req.Header.Set("Authorization", "Bearer "+roleToken.Token)
|
||||||
|
|
||||||
|
// Set headers
|
||||||
|
req.Header.Set("Content-Type", "application/json")
|
||||||
|
|
||||||
|
client := &http.Client{}
|
||||||
|
resp, err := client.Do(req)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal("Error making request:", err)
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
fmt.Println("Response status:", resp.Status)
|
||||||
|
|
||||||
|
if resp.StatusCode != http.StatusOK {
|
||||||
|
log.Fatal("Attach role to identity failed with status:", resp.Status)
|
||||||
|
}
|
||||||
|
// fmt.Printf("Attaching role %s to identity %s\n", targetRole, targetIdentity)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -35,6 +132,11 @@ func authLocalAuthenticate(args []string) {
|
|||||||
var outputFormat string
|
var outputFormat string
|
||||||
var saveProfile string
|
var saveProfile string
|
||||||
|
|
||||||
|
// fmt.Println("----")
|
||||||
|
// fmt.Println(args)
|
||||||
|
|
||||||
|
authCmd = flag.NewFlagSet("authenticate", flag.ExitOnError)
|
||||||
|
|
||||||
authCmd.StringVar(&saveProfile, "save-profile", "", "Save authentication profile with given name")
|
authCmd.StringVar(&saveProfile, "save-profile", "", "Save authentication profile with given name")
|
||||||
authCmd.StringVar(&authUsername, "u", "", "Username (required)")
|
authCmd.StringVar(&authUsername, "u", "", "Username (required)")
|
||||||
authCmd.StringVar(&authUsername, "username", "", "Username (required)")
|
authCmd.StringVar(&authUsername, "username", "", "Username (required)")
|
||||||
@@ -148,7 +250,26 @@ func authLocalAuthenticate(args []string) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
func authenticateMain(args []string) {
|
func authenticateMain(args []string) {
|
||||||
authCmd = flag.NewFlagSet("auth", flag.ExitOnError)
|
authCmd = flag.NewFlagSet("auth", flag.ExitOnError)
|
||||||
authLocalAuthenticate(args)
|
authLocalAuthenticate(args)
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
|
func authenticateMain(args []string) {
|
||||||
|
if len(args) < 1 {
|
||||||
|
fmt.Println("Error: subcommand is required")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
subcommand := args[0]
|
||||||
|
|
||||||
|
cmd := findCommand(subcommand, identityCommands)
|
||||||
|
if cmd == nil {
|
||||||
|
fmt.Println("Error: unknown command:", subcommand)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
cmd.Handler(args[1:])
|
||||||
|
|
||||||
|
}
|
||||||
|
|||||||
4
main.go
4
main.go
@@ -21,8 +21,8 @@ var commands = []Command{
|
|||||||
Handler: roleMain,
|
Handler: roleMain,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Names: []string{"auth", "authorization"},
|
Names: []string{"authenticate", "authentication", "auth"},
|
||||||
Description: "Role Management",
|
Description: "Authentication Management",
|
||||||
Handler: authenticateMain,
|
Handler: authenticateMain,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|||||||
7
role.go
7
role.go
@@ -109,6 +109,11 @@ func assumeRole(args []string) {
|
|||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if apiresponse.Status != "success" {
|
||||||
|
fmt.Printf("Error assuming role: %s\n", apiresponse.Message)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
home, err := os.UserHomeDir()
|
home, err := os.UserHomeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
@@ -223,6 +228,8 @@ func roleMain(args []string) {
|
|||||||
}
|
}
|
||||||
subcommand := args[0]
|
subcommand := args[0]
|
||||||
|
|
||||||
|
fmt.Println("Sub command", subcommand)
|
||||||
|
|
||||||
cmd := findCommand(subcommand, roleCommands)
|
cmd := findCommand(subcommand, roleCommands)
|
||||||
if cmd == nil {
|
if cmd == nil {
|
||||||
fmt.Println("Error: unknown command:", subcommand)
|
fmt.Println("Error: unknown command:", subcommand)
|
||||||
|
|||||||
Reference in New Issue
Block a user