Exemple #1
0
def login(dcos_url, password_str, password_env, password_file, provider,
          username, key_path):
    """
    :param dcos_url: URL of DC/OS cluster
    :type dcos_url: str
    :param password_str: password
    :type password_str: str
    :param password_env: name of environment variable with password
    :type password_env: str
    :param password_file: path to file with password
    :type password_file: bool
    :param provider: name of provider to authentication with
    :type provider: str
    :param username: username
    :type username: str
    :param key_path: path to file with private key
    :type param: str
    :rtype: int
    """

    password = _get_password(password_str, password_env, password_file)
    if provider is None:
        if username and password:
            auth.dcos_uid_password_auth(dcos_url, username, password)
        elif username and key_path:
            auth.servicecred_auth(dcos_url, username, key_path)
        else:
            try:
                providers = auth.get_providers()
                # Let users know if they have non-default providers configured
                # This is a weak check, we should check default versions per
                # DC/OS version since defaults will change. jj
                if len(providers) > 2:
                    msg = ("\nYour cluster has several authentication "
                           "providers enabled. Run `dcos auth "
                           "list-providers` to see all providers and `dcos "
                           "auth login --provider <provider-id>` to "
                           "authenticate with a specific provider\n")
                    emitter.publish(DefaultError(msg))
            except DCOSException:
                pass
            finally:
                auth.header_challenge_auth(dcos_url)
    else:
        providers = auth.get_providers()
        if providers.get(provider):
            _trigger_client_method(provider, providers[provider], username,
                                   password, key_path)
        else:
            msg = "Provider [{}] not configured on your cluster"
            raise DCOSException(msg.format(provider))

    return 0
Exemple #2
0
def _trigger_client_method(provider,
                           provider_info,
                           username=None,
                           password=None,
                           key_path=None):
    """
    Trigger client method for authentication type user requested

    :param provider: provider_id requested by user
    :type provider: str
    :param provider_info: info about auth type defined by provider
    :param provider_info: dict
    :param username: username
    :type username: str
    :param password: password
    :type password: str
    :param key_path: path to file with service key
    :type param: str
    :rtype: None
    """

    client_method = provider_info.get("client-method")
    dcos_url = config.get_config_val("core.dcos_url")

    if client_method == "browser-prompt-authtoken":
        auth.browser_prompt_auth(dcos_url, provider_info)
    elif client_method == "browser-prompt-oidcidtoken-get-authtoken":
        auth.oidc_implicit_flow_auth(dcos_url)
    elif client_method == "dcos-usercredential-post-receive-authtoken" or \
            client_method == "dcos-credential-post-receive-authtoken":
        if not username or not password:
            msg = "Please specify username and password for provider [{}]"
            raise DCOSException(msg.format(provider))
        auth.dcos_uid_password_auth(dcos_url, username, password)
    elif client_method == "dcos-servicecredential-post-receive-authtoken":
        if not username or not key_path:
            msg = "Please specify username and service key for provider [{}]"
            raise DCOSException(msg.format(provider))
        auth.servicecred_auth(dcos_url, username, key_path)
    else:
        msg = "Authentication by provider [{}] is not supported by this CLI"
        raise DCOSException(msg.format(provider))