def initial_token(vault_client, opt):
"""Generate our first token based on workstation configuration"""
app_filename = appid_file()
token_filename = token_file()
if 'VAULT_TOKEN' in os.environ and os.environ['VAULT_TOKEN']:
log('Token derived from VAULT_TOKEN environment variable', opt)
return os.environ['VAULT_TOKEN'].strip()
elif 'VAULT_USER_ID' in os.environ and \
'VAULT_APP_ID' in os.environ and \
os.environ['VAULT_USER_ID'] and os.environ['VAULT_APP_ID']:
token = app_token(vault_client, os.environ['VAULT_APP_ID'].strip(),
os.environ['VAULT_USER_ID'].strip())
log("Token derived from VAULT_APP_ID and VAULT_USER_ID", opt)
return token
elif 'VAULT_ROLE_ID' in os.environ and \
'VAULT_SECRET_ID' in os.environ and \
os.environ['VAULT_ROLE_ID'] and os.environ['VAULT_SECRET_ID']:
token = approle_token(vault_client, os.environ['VAULT_ROLE_ID'],
os.environ['VAULT_SECRET_ID'])
log("Token derived from VAULT_ROLE_ID and VAULT_SECRET_ID", opt)
return token
elif app_filename:
token = yaml.safe_load(open(app_filename).read().strip())
if 'app_id' in token and 'user_id' in token:
token = app_token(vault_client, token['app_id'], token['user_id'])
log("Token derived from %s" % app_filename, opt)
return token
elif token_filename:
log("Token derived from %s" % token_filename, opt)
return open(token_filename, 'r').read().strip()
else:
raise aomi.exceptions.AomiCredentials('unknown method')
def init_token(self):
"""Generate our first token based on workstation configuration"""
app_filename = appid_file()
token_filename = token_file()
approle_filename = approle_file()
token = None
if 'VAULT_ROLE_ID' in os.environ and \
'VAULT_SECRET_ID' in os.environ and \
os.environ['VAULT_ROLE_ID'] and os.environ['VAULT_SECRET_ID']:
token = approle_token(self,
os.environ['VAULT_ROLE_ID'],
os.environ['VAULT_SECRET_ID'])
LOG.debug("Token derived from VAULT_ROLE_ID and VAULT_SECRET_ID")
elif 'VAULT_TOKEN' in os.environ and os.environ['VAULT_TOKEN']:
LOG.debug('Token derived from VAULT_TOKEN environment variable')
token = os.environ['VAULT_TOKEN'].strip()
elif 'VAULT_USER_ID' in os.environ and \
'VAULT_APP_ID' in os.environ and \
os.environ['VAULT_USER_ID'] and os.environ['VAULT_APP_ID']:
LOG.debug("Token derived from VAULT_APP_ID and VAULT_USER_ID")
token = app_token(self,
os.environ['VAULT_APP_ID'].strip(),
os.environ['VAULT_USER_ID'].strip())
elif approle_filename:
creds = yaml.safe_load(open(approle_filename).read().strip())
if 'role_id' in creds and 'secret_id' in creds:
LOG.debug("Token derived from approle file")
token = approle_token(self,
creds['role_id'],
creds['secret_id'])
elif token_filename:
LOG.debug("Token derived from %s", token_filename)
try:
token = open(token_filename, 'r').read().strip()
except IOError as os_exception:
if os_exception.errno == 21:
raise aomi.exceptions.AomiFile('Bad Vault token file')
raise
elif app_filename:
token = yaml.safe_load(open(app_filename).read().strip())
if 'app_id' in token and 'user_id' in token:
LOG.debug("Token derived from %s", app_filename)
token = app_token(self,
token['app_id'],
token['user_id'])
else:
raise aomi.exceptions.AomiCredentials('unknown method')
return token
def init_token(self):
"""Generate our first token based on workstation configuration"""
app_filename = appid_file()
token_filename = token_file()
approle_filename = approle_file()
if 'VAULT_ROLE_ID' in os.environ and \
'VAULT_SECRET_ID' in os.environ and \
os.environ['VAULT_ROLE_ID'] and os.environ['VAULT_SECRET_ID']:
token = approle_token(self, os.environ['VAULT_ROLE_ID'],
os.environ['VAULT_SECRET_ID'])
LOG.info("Token derived from VAULT_ROLE_ID and VAULT_SECRET_ID")
return token
elif 'VAULT_TOKEN' in os.environ and os.environ['VAULT_TOKEN']:
LOG.info('Token derived from VAULT_TOKEN environment variable')
return os.environ['VAULT_TOKEN'].strip()
elif 'VAULT_USER_ID' in os.environ and \
'VAULT_APP_ID' in os.environ and \
os.environ['VAULT_USER_ID'] and os.environ['VAULT_APP_ID']:
token = app_token(self, os.environ['VAULT_APP_ID'].strip(),
os.environ['VAULT_USER_ID'].strip())
LOG.info("Token derived from VAULT_APP_ID and VAULT_USER_ID")
return token
elif approle_filename:
creds = yaml.safe_load(open(approle_filename).read().strip())
if 'role_id' in creds and 'secret_id' in creds:
token = approle_token(self, creds['role_id'],
creds['secret_id'])
LOG.info("Token derived from approle file")
return token
elif token_filename:
LOG.info("Token derived from %s", token_filename)
try:
return open(token_filename, 'r').read().strip()
except IOError as os_exception:
if os_exception.errno == 21:
raise aomi.exceptions.AomiFile('Bad Vault token file')
raise
elif app_filename:
token = yaml.safe_load(open(app_filename).read().strip())
if 'app_id' in token and 'user_id' in token:
token = app_token(self, token['app_id'], token['user_id'])
LOG.info("Token derived from %s", app_filename)
return token
else:
raise aomi.exceptions.AomiCredentials('unknown method')
def help_me(parser, opt):
"""Handle display of help and whatever diagnostics"""
print("aomi v%s" % version)
print('Get started with aomi'
' https://autodesk.github.io/aomi/quickstart')
if opt.verbose:
tf_str = 'Token File,' if token_file() else ''
app_str = 'AppID File,' if appid_file() else ''
tfe_str = 'Token Env,' if 'VAULT_TOKEN' in os.environ else ''
appre_str = 'App Role Env,' if 'VAULT_ROLE_ID' in os.environ and \
'VAULT_SECRET_ID' in os.environ else ''
appe_str = 'AppID Env,' if 'VAULT_USER_ID' in os.environ and \
'VAULT_APP_ID' in os.environ else ''
log(("Auth Hints Present : %s%s%s%s%s" %
(tf_str, app_str, tfe_str, appre_str, appe_str))[:-1], opt)
log(
"Vault Server %s" %
os.environ['VAULT_ADDR'] if 'VAULT_ADDR' in os.environ else '??',
opt)
parser.print_help()
sys.exit(0)
def help_me(parser, opt):
"""Handle display of help and whatever diagnostics"""
print("aomi v%s" % version)
print('Get started with aomi'
' https://autodesk.github.io/aomi/quickstart')
if opt.verbose == 2:
tf_str = 'Token File,' if token_file() else ''
app_str = 'AppID File,' if appid_file() else ''
approle_str = 'Approle File,' if approle_file() else ''
tfe_str = 'Token Env,' if 'VAULT_TOKEN' in os.environ else ''
appre_str = 'App Role Env,' if 'VAULT_ROLE_ID' in os.environ and \
'VAULT_SECRET_ID' in os.environ else ''
appe_str = 'AppID Env,' if 'VAULT_USER_ID' in os.environ and \
'VAULT_APP_ID' in os.environ else ''
LOG.info(("Auth Hints Present : %s%s%s%s%s%s" %
(tf_str, app_str, approle_str, tfe_str,
appre_str, appe_str))[:-1])
LOG.info("Vault Server %s" %
os.environ['VAULT_ADDR']
if 'VAULT_ADDR' in os.environ else '??')
parser.print_help()
sys.exit(0)