def Run(self, args): oslogin_client = client.OsloginClient(self.ReleaseTrack()) account = properties.VALUES.core.account.GetOrFail() project = properties.VALUES.core.project.Get(required=True) project_ref = resources.REGISTRY.Parse( project, params={'user': account}, collection='oslogin.users.projects') current_profile = oslogin_client.GetLoginProfile(account) account_id = None for account in current_profile.posixAccounts: if account.accountId == project: account_id = account.accountId if account_id: console_io.PromptContinue( 'Posix accounts associated with project ID [{0}] will be deleted.' .format(project), default=True, cancel_on_no=True) res = oslogin_client.DeletePosixAccounts(project_ref) log.DeletedResource(account_id, details='posix account(s)') return res else: log.warn('No profile found with accountId [{0}]'.format(project))
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = properties.VALUES.core.account.Get() keys = oslogin_utils.GetKeysFromProfile(user_email, oslogin_client) return keys
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = gaia.GetAuthenticatedGaiaEmail(oslogin_client.client.http) keys = oslogin_utils.GetKeysFromProfile(user_email, oslogin_client) return keys
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" key = flags.GetKeyFromArgs(args) oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = properties.VALUES.core.account.Get() expiry = oslogin_utils.ConvertTtlArgToExpiry(args.ttl) return oslogin_client.ImportSshPublicKey(user_email, key, expiration_time=expiry)
def CheckForOsloginAndGetUser(instance, project, requested_user, public_key, release_track): """Check instance/project metadata for oslogin and return updated username. Check to see if OS Login is enabled in metadata and if it is, return the OS Login user and a boolean value indicating if OS Login is being used. Args: instance: instance, The object representing the instance we are connecting to. project: project, The object representing the current project. requested_user: str, The default or requested username to connect as. public_key: str, The public key of the user connecting. release_track: release_track, The object representing the release track. Returns: tuple, A string containing the oslogin username and a boolean indicating wheather oslogin is being used. """ # Instance metadata has priority use_oslogin = False oslogin_enabled = _MetadataHasOsloginEnable(instance.metadata) if oslogin_enabled is None: project_metadata = project.commonInstanceMetadata oslogin_enabled = _MetadataHasOsloginEnable(project_metadata) if not oslogin_enabled: return requested_user, use_oslogin # Connect to the oslogin API and add public key to oslogin user account. oslogin = oslogin_client.OsloginClient(release_track) if not oslogin: log.warning( 'OS Login is enabled on Instance/Project, but is not available ' 'in the {0} version of gcloud.'.format(release_track.id)) return requested_user, use_oslogin user_email = properties.VALUES.core.account.Get() login_profile = oslogin.ImportSshPublicKey(user_email, public_key) use_oslogin = True # Get the username for the oslogin user. If the username is the same as the # default user, return that one. Otherwise, return the 'primary' username. # If no 'primary' exists, return the first username. oslogin_user = None for pa in login_profile.loginProfile.posixAccounts: oslogin_user = oslogin_user or pa.username if pa.username == requested_user: return requested_user, use_oslogin elif pa.primary: oslogin_user = pa.username log.warning( 'Using OS Login user [{0}] instead of default user [{1}]'.format( oslogin_user, requested_user)) return oslogin_user, use_oslogin
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" key = flags.GetKeyFromArgs(args) oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = properties.VALUES.core.account.Get() keys = oslogin_utils.GetKeyDictionaryFromProfile(user_email, oslogin_client) fingerprint = oslogin_utils.FindKeyInKeyList(key, keys) if fingerprint: return oslogin_client.DeleteSshPublicKey(user_email, fingerprint) else: raise client.OsloginKeyNotFoundError('Cannot find requested SSH key.')
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" key = flags.GetKeyFromArgs(args) oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = gaia.GetAuthenticatedGaiaEmail(oslogin_client.client.http) keys = oslogin_utils.GetKeyDictionaryFromProfile( user_email, oslogin_client) fingerprint = oslogin_utils.FindKeyInKeyList(key, keys) expiry = oslogin_utils.ConvertTtlArgToExpiry(args.ttl) if fingerprint: return oslogin_client.UpdateSshPublicKey(user_email, fingerprint, keys[fingerprint], 'expirationTimeUsec', expiration_time=expiry) else: raise client.OsloginKeyNotFoundError( 'Cannot find requested SSH key.')
def CheckForOsloginAndGetUser(self, instance, project, requested_user, release_track): """Checks instance/project metadata for oslogin and update username.""" # Instance metadata has priority use_oslogin = False oslogin_enabled = _MetadataHasOsloginEnable(instance.metadata) if oslogin_enabled is None: project_metadata = project.commonInstanceMetadata oslogin_enabled = _MetadataHasOsloginEnable(project_metadata) if not oslogin_enabled: return requested_user, use_oslogin # Connect to the oslogin API and add public key to oslogin user account. oslogin = oslogin_client.OsloginClient(release_track) if not oslogin: log.warning( 'OS Login is enabled on Instance/Project, but is not available ' 'in the {0} version of gcloud.'.format(release_track.id)) return requested_user, use_oslogin public_key = self.keys.GetPublicKey().ToEntry(include_comment=True) user_email = properties.VALUES.core.account.Get() login_profile = oslogin.ImportSshPublicKey(user_email, public_key) use_oslogin = True # Get the username for the oslogin user. If the username is the same as the # default user, return that one. Otherwise, return the 'primary' username. # If no 'primary' exists, return the first username. oslogin_user = None for pa in login_profile.loginProfile.posixAccounts: oslogin_user = oslogin_user or pa.username if pa.username == requested_user: return requested_user, use_oslogin elif pa.primary: oslogin_user = pa.username log.warning( 'Using OS Login user [{0}] instead of default user [{1}]'.format( oslogin_user, requested_user)) return oslogin_user, use_oslogin
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" key = flags.GetKeyFromArgs(args) oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = (properties.VALUES.auth.impersonate_service_account.Get() or properties.VALUES.core.account.Get()) keys = oslogin_utils.GetKeyDictionaryFromProfile( user_email, oslogin_client) fingerprint = oslogin_utils.FindKeyInKeyList(key, keys) expiry = oslogin_utils.ConvertTtlArgToExpiry(args.ttl) if fingerprint: return oslogin_client.UpdateSshPublicKey(user_email, fingerprint, keys[fingerprint], 'expirationTimeUsec', expiration_time=expiry) else: raise client.OsloginKeyNotFoundError( 'Cannot find requested SSH key.')
def Run(self, args): """See ssh_utils.BaseSSHCLICommand.Run.""" oslogin_client = client.OsloginClient(self.ReleaseTrack()) user_email = (properties.VALUES.auth.impersonate_service_account.Get() or properties.VALUES.core.account.Get()) return oslogin_client.GetLoginProfile(user_email)