Skip to content

Commit 0a8fabc

Browse files
author
Matthew Dobson
authored
Merge pull request #125 from apigee-internal/saml-integration
SAML integration start.
2 parents 830d1fb + cbfc457 commit 0a8fabc

File tree

4 files changed

+119
-108
lines changed

4 files changed

+119
-108
lines changed

cli/cmd.js

Lines changed: 23 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -26,21 +26,37 @@ const setup = function setup() {
2626
.option('-v, --virtualHosts <virtualHosts>', 'override virtualHosts (default: "default,secure")')
2727
.option('-u, --username <user>', 'username of the organization admin')
2828
.option('-p, --password <password>', 'password of the organization admin')
29+
.option('-t, --token <token>', 'OAuth token to use with management API')
2930
.option('-r, --url <url>', 'organization\'s custom API URL (https://api.example.com)')
3031
.option('-d, --debug', 'execute with debug output')
3132
.option('-c, --configDir <configDir>', 'Set the directory where configs are written.')
3233
.option('-x, --proxyName <proxyName>', 'Set the custom proxy name for edgemicro-auth')
3334
.action((options) => {
3435
options.error = optionError;
35-
if (!options.username) { return options.error('username is required'); }
36-
if (!options.org) { return options.error('org is required'); }
37-
if (!options.env) { return options.error('env is required'); }
38-
options.configDir = options.configDir || process.env.EDGEMICRO_CONFIG_DIR;
39-
promptForPassword(options,(options)=>{
40-
if (!options.password) { return options.error('password is required'); }
36+
options.token = options.token || process.env.EDGEMICRO_SAML_TOKEN;
37+
38+
if(options.token) {
39+
//If there is a token lets configure with standard opts.
40+
if (!options.org) { return options.error('org is required'); }
41+
if (!options.env) { return options.error('env is required'); }
42+
options.configDir = options.configDir || process.env.EDGEMICRO_CONFIG_DIR;
4143
configure.configure(options, () => {
4244
});
43-
})
45+
46+
} else {
47+
//If there is no token then we can go through the password process
48+
if (!options.username) { return options.error('username is required'); }
49+
if (!options.org) { return options.error('org is required'); }
50+
if (!options.env) { return options.error('env is required'); }
51+
options.configDir = options.configDir || process.env.EDGEMICRO_CONFIG_DIR;
52+
promptForPassword(options,(options)=>{
53+
if (!options.password) { return options.error('password is required'); }
54+
configure.configure(options, () => {
55+
});
56+
})
57+
}
58+
59+
4460
});
4561

4662
commander

cli/lib/cert-lib.js

Lines changed: 78 additions & 95 deletions
Original file line numberDiff line numberDiff line change
@@ -55,10 +55,7 @@ CertLogic.prototype.checkCertWithPassword = function(options, callback) {
5555
this.managementUri, options.org, options.env, this.vaultName);
5656
request({
5757
uri: uri,
58-
auth: {
59-
username: options.username,
60-
password: options.password
61-
}
58+
auth: generateCredentialsObject(options)
6259
}, function(err, res, body) {
6360
err = translateError(err, res);
6461
if (err) {
@@ -77,10 +74,7 @@ CertLogic.prototype.checkPrivateCert = function(options, callback) {
7774

7875
request({
7976
uri: uri,
80-
auth: {
81-
username: options.username,
82-
password: options.password
83-
}
77+
auth: generateCredentialsObject(options)
8478
}, function(err, res) {
8579
err = translateError(err, res);
8680
if (err) {
@@ -108,45 +102,38 @@ CertLogic.prototype.installPrivateCert = function(options, callback) {
108102
const privateKey = keys.serviceKey;
109103
const publicKey = keys.certificate;
110104
const async = require('async');
111-
112-
pem.getPublicKey (publicKey, function(err, key){
113-
async.series(
114-
[
115-
function(cb) {
116-
if (!options.force) { return cb(); }
117-
deleteVault(options.username, options.password, managementUri, options.org, options.env, vaultName, cb);
118-
},
119-
function(cb) {
120-
console.log('creating vault');
121-
console.log('adding private_key');
122-
console.log('adding public_key');
123-
var entries = [
124-
{
125-
'name':'private_key',
126-
'value': privateKey
127-
},
128-
{
129-
'name': 'public_key',
130-
'value': publicKey
131-
},
132-
{
133-
'name': 'public_key1',
134-
'value': key.publicKey
135-
}
136-
]
137-
createVault(options.username, options.password, managementUri, options.org, options.env, vaultName, entries, cb);
138-
}
139-
],
140-
function(err) {
141-
if (err) {
142-
callback(err);
143-
} else {
144-
callback(null, publicKey);
145-
}
105+
async.series(
106+
[
107+
function(cb) {
108+
if (!options.force) { return cb(); }
109+
deleteVault(generateCredentialsObject(options), managementUri, options.org, options.env, vaultName, cb);
110+
},
111+
function(cb) {
112+
console.log('creating vault');
113+
console.log('adding private_key');
114+
console.log('adding public_key');
115+
var entries = [
116+
{
117+
'name':'private_key',
118+
'value': privateKey
119+
},
120+
{
121+
'name': 'public_key',
122+
'value': publicKey
123+
}
124+
]
125+
createVault(generateCredentialsObject(options), managementUri, options.org, options.env, vaultName, entries, cb);
146126
}
127+
],
128+
function(err) {
129+
if (err) {
130+
callback(err);
131+
} else {
132+
callback(null, publicKey);
133+
}
134+
}
147135
);
148136
});
149-
});
150137
}
151138

152139
CertLogic.prototype.installCertWithPassword = function(options, callback) {
@@ -162,45 +149,38 @@ CertLogic.prototype.installCertWithPassword = function(options, callback) {
162149
const publicKey = keys.certificate;
163150

164151
const async = require('async');
165-
166-
pem.getPublicKey (publicKey, function(err, key){
167-
async.series(
168-
[
169-
function(cb) {
170-
if (!options.force) { return cb(); }
171-
deleteVault(options.username, options.password, managementUri, options.org, options.env, vaultName, cb);
172-
},
173-
function(cb) {
174-
console.log('creating vault');
175-
console.log('adding private_key');
176-
console.log('adding public_key');
177-
var entries = [
178-
{
179-
'name':'private_key',
180-
'value': privateKey
181-
},
182-
{
183-
'name': 'public_key',
184-
'value': publicKey
185-
},
186-
{
187-
'name': 'public_key1',
188-
'value': key.publicKey
189-
}
190-
]
191-
createVault(options.username, options.password, managementUri, options.org, options.env, vaultName, entries, cb);
192-
}
193-
],
194-
function(err) {
195-
if (err) {
196-
callback(err);
197-
} else {
198-
callback(null, publicKey);
199-
}
152+
async.series(
153+
[
154+
function(cb) {
155+
if (!options.force) { return cb(); }
156+
deleteVault(generateCredentialsObject(options), managementUri, options.org, options.env, vaultName, cb);
157+
},
158+
function(cb) {
159+
console.log('creating vault');
160+
console.log('adding private_key');
161+
console.log('adding public_key');
162+
var entries = [
163+
{
164+
'name':'private_key',
165+
'value': privateKey
166+
},
167+
{
168+
'name': 'public_key',
169+
'value': publicKey
170+
}
171+
]
172+
createVault(generateCredentialsObject(options), managementUri, options.org, options.env, vaultName, entries, cb);
173+
}
174+
],
175+
function(err) {
176+
if (err) {
177+
callback(err);
178+
} else {
179+
callback(null, publicKey);
200180
}
181+
}
201182
);
202183
});
203-
});
204184
}
205185

206186

@@ -239,10 +219,7 @@ CertLogic.prototype.generateKeysWithPassword = function generateKeysWithPassword
239219
request({
240220
uri: credentialUrl,
241221
method: 'POST',
242-
auth: {
243-
username: options.username,
244-
password: options.password
245-
},
222+
auth: generateCredentialsObject(options),
246223
json: keys
247224
}, function(err, res) {
248225
err = translateError(err, res);
@@ -308,7 +285,7 @@ CertLogic.prototype.deleteCertWithPassword = function deleteCertWithPassword(opt
308285
const managementUri = this.managementUri ;
309286
const vaultName = this.vaultName;
310287

311-
deleteVault(options.username, options.password, managementUri, options.org, options.env, vaultName, function(err) {
288+
deleteVault(generateCredentialsObject(options), managementUri, options.org, options.env, vaultName, function(err) {
312289
if (err) {
313290
cb(err);
314291
} else {
@@ -336,18 +313,15 @@ function createCert(cb) {
336313
pem.createCertificate(options, cb);
337314
}
338315

339-
function deleteVault(username, password, managementUri, organization, environment, vaultName, cb) {
316+
function deleteVault(credentials, managementUri, organization, environment, vaultName, cb) {
340317
console.log('deleting vault');
341318

342319
var uri = util.format('%s/v1/organizations/%s/environments/%s/keyvaluemaps/%s', managementUri, organization, environment, vaultName);
343320

344321
request({
345322
uri: uri,
346323
method: 'DELETE',
347-
auth: {
348-
username: username,
349-
password: password
350-
}
324+
auth: credentials
351325
}, function(err, res) {
352326
err = translateError(err, res);
353327
if (isApigeeError(err, ERR_STORE_MISSING)) {
@@ -361,7 +335,7 @@ function deleteVault(username, password, managementUri, organization, environmen
361335

362336
}
363337

364-
function createVault(username, password, managementUri, organization, environment, vaultName, entries, cb) {
338+
function createVault(credentials, managementUri, organization, environment, vaultName, entries, cb) {
365339

366340
var storageOpts = {
367341
name: vaultName,
@@ -373,10 +347,7 @@ function createVault(username, password, managementUri, organization, environmen
373347
request({
374348
uri: uri,
375349
method: 'POST',
376-
auth: {
377-
username: username,
378-
password: password
379-
},
350+
auth: credentials,
380351
json: storageOpts
381352
}, function(err, res) {
382353
err = translateError(err, res);
@@ -436,3 +407,15 @@ function getPublicKeyPrivate(authUri, cb) {
436407
});
437408
}
438409

410+
function generateCredentialsObject(options) {
411+
if(options.token) {
412+
return {
413+
'bearer': options.token
414+
};
415+
} else {
416+
return {
417+
user: options.username,
418+
pass: options.password
419+
};
420+
}
421+
}

cli/lib/configure.js

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -38,8 +38,10 @@ Configure.prototype.configure = function configure(options, cb) {
3838
managementUri = defaultConfig.edge_config.managementUri;
3939
keySecretMessage = defaultConfig.edge_config.keySecretMessage;
4040

41-
assert(options.username, 'username is required');
42-
assert(options.password, 'password is required');
41+
if(!options.token) {
42+
assert(options.username, 'username is required');
43+
assert(options.password, 'password is required');
44+
}
4345
assert(options.org, 'org is required');
4446
assert(options.env, 'env is required');
4547

cli/lib/deploy-auth.js

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -119,10 +119,15 @@ Deployment.prototype.checkDeployedProxies = function checkDeployedProxies(option
119119
organization: options.org,
120120
environment: options.env,
121121
baseuri: this.managementUri,
122-
username: options.username,
123-
password: options.password,
124122
debug: options.debug
125123
};
124+
125+
if(options.token) {
126+
opts.token = options.token;
127+
} else {
128+
opts.username = options.username;
129+
opts.password = options.password;
130+
}
126131
const that = this;
127132
apigeetool.listDeployments(opts, function(err, proxies) {
128133
if (err) {
@@ -141,15 +146,20 @@ function deployProxyWithPassword(managementUri,authUri, options, dir, callback)
141146
organization: options.org,
142147
environments: options.env,
143148
baseuri: managementUri,
144-
username: options.username,
145-
password: options.password,
146149
debug: options.debug,
147150
verbose: options.debug,
148151
api: options.proxyName,
149152
directory: dir,
150153
virtualhosts: options.virtualHosts || DEFAULT_HOSTS
151154
};
152155

156+
if(options.token) {
157+
opts.token = options.token;
158+
} else {
159+
opts.username = options.username;
160+
opts.password = options.password;
161+
}
162+
153163
console.log('Give me a minute or two... this can take a while...');
154164
apigeetool.deployProxy(opts, function(err) {
155165
if (err) {

0 commit comments

Comments
 (0)