Class: Legate::CLI::AuthSchemeCommands
Overview
Scheme management subcommands
Instance Method Summary
collapse
#auth_manager, #credential_type_description, #mask_sensitive_value, #print_header, #print_row, #scheme_type_description, #sensitive_field?
Methods inherited from BaseCommand
#tree
Instance Method Details
#create(name) ⇒ Object
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
# File 'lib/legate/cli/auth_commands.rb', line 135
def create(name)
scheme_name = name.to_sym
scheme_type = options[:type].to_sym
if auth_manager.get_scheme(scheme_name)
puts ::CLI::UI.fmt("{{red:Scheme already exists:}} #{name}")
exit 1
end
scheme = case scheme_type
when :api_key
Legate::Auth::Schemes::ApiKey.new
when :http_bearer
Legate::Auth::Schemes::HTTPBearer.new
when :oauth2
Legate::Auth::Schemes::OAuth2.new(
authorization_url: options[:authorization_url],
token_url: options[:token_url],
scopes: options[:scopes]&.split(/\s+/),
use_pkce: options[:use_pkce],
revocation_url: options[:revocation_url]
)
when :oidc, :openid_connect
Legate::Auth::Schemes::OpenIDConnect.new(
authorization_url: options[:authorization_url],
token_url: options[:token_url],
userinfo_url: options[:userinfo_url],
scopes: options[:scopes]&.split(/\s+/),
use_pkce: options[:use_pkce]
)
when :service_account
Legate::Auth::Schemes::ServiceAccount.new(
token_url: options[:token_url],
scopes: options[:scopes]&.split(/\s+/)
)
when :google_service_account
Legate::Auth::Schemes::GoogleServiceAccount.new(
scopes: options[:scopes]&.split(/\s+/)
)
else
puts ::CLI::UI.fmt("{{red:Unsupported scheme type:}} #{scheme_type}")
exit 1
end
auth_manager.register_scheme(scheme, scheme_name)
puts ::CLI::UI.fmt("{{green:✓}} Scheme '#{name}' created successfully")
end
|
#delete(name) ⇒ Object
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
|
# File 'lib/legate/cli/auth_commands.rb', line 185
def delete(name)
scheme_name = name.to_sym
unless auth_manager.get_scheme(scheme_name)
puts ::CLI::UI.fmt("{{red:Scheme not found:}} #{name}")
exit 1
end
url_mappings = auth_manager.instance_variable_get(:@url_mappings) || []
dependent = url_mappings.select { |m| m[:scheme_name] == scheme_name }
if dependent.any? && !options[:force]
puts ::CLI::UI.fmt("{{red:Cannot delete}} - scheme is used by #{dependent.size} URL mapping(s)")
puts 'Use --force to delete anyway'
exit 1
end
auth_manager.unregister_scheme(scheme_name)
puts ::CLI::UI.fmt("{{green:✓}} Scheme '#{name}' deleted")
end
|
#list ⇒ Object
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
# File 'lib/legate/cli/auth_commands.rb', line 85
def list
schemes = auth_manager.instance_variable_get(:@schemes) || {}
if schemes.empty?
puts ::CLI::UI.fmt('{{yellow:No authentication schemes registered.}}')
return
end
("Authentication Schemes (#{schemes.size})")
puts
schemes.each do |name, scheme|
puts ::CLI::UI.fmt(" {{bold:#{name}}} {{gray:(#{scheme.scheme_type})}}")
puts " #{scheme_type_description(scheme.scheme_type)}"
puts
end
end
|
#show(name) ⇒ Object
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
# File 'lib/legate/cli/auth_commands.rb', line 104
def show(name)
scheme = auth_manager.get_scheme(name.to_sym)
unless scheme
puts ::CLI::UI.fmt("{{red:Scheme not found:}} #{name}")
exit 1
end
("Scheme: #{name}")
print_row('Type', scheme.scheme_type)
print_row('Class', scheme.class.name.split('::').last)
print_row('Description', scheme_type_description(scheme.scheme_type))
config = scheme.to_h
config.each do |key, value|
next if key == :type
print_row(key.to_s.capitalize, value) if value
end
end
|