/
auth.go
158 lines (130 loc) · 3.54 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
package auth
import (
"fmt"
"github.com/astronomerio/astro-cli/cluster"
"github.com/astronomerio/astro-cli/docker"
"github.com/astronomerio/astro-cli/houston"
"github.com/astronomerio/astro-cli/messages"
"github.com/astronomerio/astro-cli/pkg/httputil"
"github.com/astronomerio/astro-cli/pkg/input"
"github.com/pkg/errors"
)
var (
http = httputil.NewHTTPClient()
api = houston.NewHoustonClient(http)
)
// basicAuth handles authentication with the houston api
func basicAuth(username string) (string, error) {
password, _ := input.InputPassword(messages.INPUT_PASSWORD)
token, err := api.CreateBasicToken(username, password)
if err != nil {
return "", errors.Wrap(err, "failed to fetch local/db auth token")
}
return token.Token.Value, nil
}
func getWorkspaceByLabel(label string) *houston.Workspace {
workspaces, err := api.GetWorkspaceAll()
if err != nil {
return nil
}
for _, ws := range workspaces {
if ws.Label == label {
return &ws
}
}
return nil
}
// oAuth handles oAuth with houston api
func oAuth(oAuthUrl string) string {
fmt.Println("\n" + messages.HOUSTON_OAUTH_REDIRECT)
fmt.Println(oAuthUrl + "\n")
return input.InputText(messages.INPUT_OAUTH_TOKEN)
}
// registryAuth authenticates with the private registry
func registryAuth() error {
c, err := cluster.GetCurrentCluster()
if err != nil {
return err
}
registry := "registry." + c.Domain
token := c.Token
err = docker.ExecLogin(registry, "user", token)
if err != nil {
return err
}
fmt.Printf(messages.REGISTRY_AUTH_SUCCESS, registry)
return nil
}
// Login handles authentication to houston and registry
func Login(domain string, oAuthOnly bool) error {
var token string
var err error
// If no domain specified
// Create cluster if it does not exist
if len(domain) != 0 {
if !cluster.Exists(domain) {
// Save new cluster since it did not exists
err = cluster.SetCluster(domain)
if err != nil {
return err
}
}
// Switch cluster now that we ensured cluster exists
err = cluster.Switch(domain)
if err != nil {
return err
}
}
c, err := cluster.GetCurrentCluster()
if err != nil {
return err
}
authConfig, err := api.GetAuthConfig()
if err != nil {
return errors.Wrap(err, "failed to fetch auth config")
}
username := ""
if !oAuthOnly && authConfig.LocalEnabled {
username = input.InputText(messages.INPUT_USERNAME)
}
if len(username) == 0 {
if authConfig.GoogleEnabled || authConfig.Auth0Enabled || authConfig.GithubEnabled {
token = oAuth(c.GetAppURL() + "/login?source=cli")
} else {
return errors.New("cannot authenticate, oauth is disabled")
}
} else {
if authConfig.LocalEnabled {
token, err = basicAuth(username)
if err != nil {
return errors.Wrap(err, "local auth login failed")
}
} else {
fmt.Println(messages.HOUSTON_BASIC_AUTH_DISABLED)
}
}
c.SetContextKey("token", token)
// Attempt to set projectworkspace if there is only one workspace
workspaces, err := api.GetWorkspaceAll()
if err != nil {
return nil
}
if len(workspaces) == 1 && len(c.Workspace) == 0 {
w := workspaces[0]
c.SetContextKey("workspace", w.Uuid)
fmt.Printf(messages.CONFIG_SET_DEFAULT_WORKSPACE, w.Label, w.Uuid)
}
if len(workspaces) != 1 && len(c.Workspace) == 0 {
fmt.Printf(messages.CLI_SET_WORKSPACE_EXAMPLE)
}
err = registryAuth()
if err != nil {
fmt.Printf(messages.REGISTRY_AUTH_FAIL)
}
return nil
}
// Logout logs a user out of the docker registry. Will need to logout of Houston next.
func Logout(domain string) {
c, _ := cluster.GetCluster(domain)
c.SetContextKey("token", "")
}