status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 22:06:20 +00:00
Code Issues Projects Releases Wiki Activity
consul/command/acl/token/read/token_read.go
hashicorp-copywrite[bot] 5fb9df1640
[COMPLIANCE] License changes (#18443) 
* Adding explicit MPL license for sub-package

This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.

* Adding explicit MPL license for sub-package

This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.

* Updating the license from MPL to Business Source License

Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl.

* add missing license headers

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

---------

Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
2023-08-11 09:12:13 -04:00

171 lines
4.1 KiB
Go
Raw Blame History

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1
package tokenread
import (
"flag"
"fmt"
"strings"
"github.com/mitchellh/cli"
"github.com/hashicorp/consul/api"
"github.com/hashicorp/consul/command/acl"
"github.com/hashicorp/consul/command/acl/token"
"github.com/hashicorp/consul/command/flags"
)
func New(ui cli.Ui) *cmd {
c := &cmd{UI: ui}
c.init()
return c
}
type cmd struct {
UI cli.Ui
flags *flag.FlagSet
http *flags.HTTPFlags
help string
tokenAccessorID string
self bool
showMeta bool
format string
expanded bool
tokenID string // DEPRECATED
}
func (c *cmd) init() {
c.flags = flag.NewFlagSet("", flag.ContinueOnError)
c.flags.BoolVar(&c.showMeta, "meta", false, "Indicates that token metadata such "+
"as the content hash and Raft indices should be shown for each entry")
c.flags.BoolVar(&c.self, "self", false, "Indicates that the current HTTP token "+
"should be read by secret ID instead of expecting a -accessor-id option")
c.flags.BoolVar(&c.expanded, "expanded", false, "Indicates that the contents of the "+
" policies and roles affecting the token should also be shown.")
c.flags.StringVar(&c.tokenAccessorID, "accessor-id", "", "The Accessor ID of the token to read. "+
"It may be specified as a unique ID prefix but will error if the prefix "+
"matches multiple token Accessor IDs")
c.flags.StringVar(
&c.format,
"format",
token.PrettyFormat,
fmt.Sprintf("Output format {%s}", strings.Join(token.GetSupportedFormats(), "|")),
)
c.http = &flags.HTTPFlags{}
flags.Merge(c.flags, c.http.ClientFlags())
flags.Merge(c.flags, c.http.ServerFlags())
flags.Merge(c.flags, c.http.MultiTenancyFlags())
c.help = flags.Usage(help, c.flags)
// Deprecations
c.flags.StringVar(&c.tokenID, "id", "",
"DEPRECATED. Use -accessor-id instead.")
}
func (c *cmd) Run(args []string) int {
if err := c.flags.Parse(args); err != nil {
return 1
}
client, err := c.http.APIClient()
if err != nil {
c.UI.Error(fmt.Sprintf("Error connecting to Consul agent: %s", err))
return 1
}
var t *api.ACLToken
var expanded *api.ACLTokenExpanded
if !c.self {
tokenAccessor := c.tokenAccessorID
if tokenAccessor == "" {
if c.tokenID == "" {
c.UI.Error("Must specify the -accessor-id parameter")
return 1
} else {
tokenAccessor = c.tokenID
c.UI.Warn("Use the -accessor-id parameter to specify token by Accessor ID")
}
}
tok, err := acl.GetTokenAccessorIDFromPartial(client, tokenAccessor)
if err != nil {
c.UI.Error(fmt.Sprintf("Error determining token ID: %v", err))
return 1
}
if !c.expanded {
t, _, err = client.ACL().TokenRead(tok, nil)
} else {
expanded, _, err = client.ACL().TokenReadExpanded(tok, nil)
}
if err != nil {
c.UI.Error(fmt.Sprintf("Error reading token %q: %v", tok, err))
return 1
}
} else {
// TODO: consider updating this CLI command and underlying HTTP API endpoint
// to support expanded read of a "self" token, which is a much better user workflow.
if c.expanded {
c.UI.Error("Cannot use both -expanded and -self. Instead, use -expanded and -accessor-id=<accessor id>.")
return 1
}
t, _, err = client.ACL().TokenReadSelf(nil)
if err != nil {
c.UI.Error(fmt.Sprintf("Error reading token: %v", err))
return 1
}
}
formatter, err := token.NewFormatter(c.format, c.showMeta)
if err != nil {
c.UI.Error(err.Error())
return 1
}
var out string
if !c.expanded {
out, err = formatter.FormatToken(t)
} else {
out, err = formatter.FormatTokenExpanded(expanded)
}
if err != nil {
c.UI.Error(err.Error())
return 1
}
if out != "" {
c.UI.Info(out)
}
return 0
}
func (c *cmd) Synopsis() string {
return synopsis
}
func (c *cmd) Help() string {
return flags.Usage(c.help, nil)
}
const (
synopsis = "Read an ACL token"
help = `
Usage: consul acl token read [options] -accessor-id TOKENID
This command will retrieve and print out the details of
a single token.
Using a partial ID:
$ consul acl token read -accessor-id 4be56c77-82
Using the full ID:
$ consul acl token read -accessor-id 4be56c77-8244-4c7d-b08c-667b8c71baed
`
)
Reference in New Issue View Git Blame Copy Permalink