CLI for authorizing OIDC credentials against EGI Federated Cloud OpenNebula sites.
Keyrod allows to authorize either with access token or refresh token coupled with client id and client secret. After successful authentication, user receives OpenNebula login token.
- Ruby 2.2.6+
- Rubygems
gem install keyrodgit clone https://github.com/cduongt/keyrod.git
cd keyrod
gem install bundler
bundle installConfiguration file can be saved in these paths:
~/.keyrod/keyrod.yml/etc/keyrod/keyrod.ymlPATH_TO_GEM/keyrod/keyrod.yml- this is default location
$ keyrod help token
Usage:
keyrod token -p, --identity-provider=IDENTITY-PROVIDER -s, --site=SITE
Options:
[--debug], [--no-debug] # Runs Keyrod in debug mode
[--ca-dir=CA-DIR] # CA directory
[--verify-ssl], [--no-verify-ssl] # Check SSL certificate of FedCloud site
# Default: true
-s, --site=SITE # EGI FedCloud Site
# Default: http://localhost/
-a, [--access-token=ACCESS-TOKEN] # Access token for authentication
-g, [--group=GROUP] # Group to join
-f, [--interactive-fallback], [--no-interactive-fallback] # Fallback to interactive mode if group is not set
-p, --identity-provider=IDENTITY-PROVIDER # Identity provider for token
-r, [--refresh-token=REFRESH-TOKEN] # Refresh token for creating access token
-o, [--oidc-site=OIDC-SITE] # OIDC site for authenticating refresh token
# Default: http://localhost/token
-i, [--client-id=CLIENT-ID] # OIDC client ID
-t, [--client-secret=CLIENT-SECRET] # OIDC client secret