def login(dcos_url, password_str, password_env, password_file, provider, username, key_path): """ :param dcos_url: URL of DC/OS cluster :type dcos_url: str :param password_str: password :type password_str: str :param password_env: name of environment variable with password :type password_env: str :param password_file: path to file with password :type password_file: bool :param provider: name of provider to authentication with :type provider: str :param username: username :type username: str :param key_path: path to file with private key :type param: str :rtype: int """ password = _get_password(password_str, password_env, password_file) if provider is None: if username and password: auth.dcos_uid_password_auth(dcos_url, username, password) elif username and key_path: auth.servicecred_auth(dcos_url, username, key_path) else: try: providers = auth.get_providers() # Let users know if they have non-default providers configured # This is a weak check, we should check default versions per # DC/OS version since defaults will change. jj if len(providers) > 2: msg = ("\nYour cluster has several authentication " "providers enabled. Run `dcos auth " "list-providers` to see all providers and `dcos " "auth login --provider <provider-id>` to " "authenticate with a specific provider\n") emitter.publish(DefaultError(msg)) except DCOSException: pass finally: auth.header_challenge_auth(dcos_url) else: providers = auth.get_providers() if providers.get(provider): _trigger_client_method(provider, providers[provider], username, password, key_path) else: msg = "Provider [{}] not configured on your cluster" raise DCOSException(msg.format(provider)) return 0
def _trigger_client_method(provider, provider_info, username=None, password=None, key_path=None): """ Trigger client method for authentication type user requested :param provider: provider_id requested by user :type provider: str :param provider_info: info about auth type defined by provider :param provider_info: dict :param username: username :type username: str :param password: password :type password: str :param key_path: path to file with service key :type param: str :rtype: None """ client_method = provider_info.get("client-method") dcos_url = config.get_config_val("core.dcos_url") if client_method == "browser-prompt-authtoken": auth.browser_prompt_auth(dcos_url, provider_info) elif client_method == "browser-prompt-oidcidtoken-get-authtoken": auth.oidc_implicit_flow_auth(dcos_url) elif client_method == "dcos-usercredential-post-receive-authtoken" or \ client_method == "dcos-credential-post-receive-authtoken": if not username or not password: msg = "Please specify username and password for provider [{}]" raise DCOSException(msg.format(provider)) auth.dcos_uid_password_auth(dcos_url, username, password) elif client_method == "dcos-servicecredential-post-receive-authtoken": if not username or not key_path: msg = "Please specify username and service key for provider [{}]" raise DCOSException(msg.format(provider)) auth.servicecred_auth(dcos_url, username, key_path) else: msg = "Authentication by provider [{}] is not supported by this CLI" raise DCOSException(msg.format(provider))