func readSshKeyPathFromConsole(details, savedDetails *config.ArtifactoryDetails) error {
if details.SshKeyPath == "" {
ioutils.ScanFromConsole("SSH key file path", &details.SshKeyPath, savedDetails.SshKeyPath)
}
details.SshKeyPath = cliutils.ReplaceTildeWithUserHome(details.SshKeyPath)
exists, err := ioutils.IsFileExists(details.SshKeyPath)
if err != nil {
return err
}
if !exists {
log.Warn("Could not find SSH key file at:", details.SshKeyPath)
}
return nil
}
func Config(details, defaultDetails *config.ArtifactoryDetails, interactive,
shouldEncPassword bool) (*config.ArtifactoryDetails, error) {
if details == nil {
details = new(config.ArtifactoryDetails)
}
var err error
if interactive {
if defaultDetails == nil {
defaultDetails, err = config.ReadArtifactoryConf()
if err != nil {
return nil, err
}
}
if details.Url == "" {
ioutils.ScanFromConsole("Artifactory URL", &details.Url, defaultDetails.Url)
}
if strings.Index(details.Url, "ssh://") == 0 || strings.Index(details.Url, "SSH://") == 0 {
err = readSshKeyPathFromConsole(details, defaultDetails)
if err != nil {
return nil, err
}
} else {
if details.ApiKey == "" && details.Password == "" {
ioutils.ScanFromConsole("API key (leave empty for basic authentication)", &details.ApiKey, "")
}
if details.ApiKey == "" {
ioutils.ReadCredentialsFromConsole(details, defaultDetails)
}
}
}
err = checkSingleAuthMethod(details)
if err != nil {
return nil, err
}
details.Url = cliutils.AddTrailingSlashIfNeeded(details.Url)
if shouldEncPassword {
details, err = encryptPassword(details)
if err != nil {
return nil, err
}
}
config.SaveArtifactoryConf(details)
return details, nil
}
func initTransport(artDetails *config.ArtifactoryDetails) error {
// Remove once SystemCertPool supports windows
caCertPool, err := LoadSystemRoots()
err = cliutils.CheckError(err)
if err != nil {
return err
}
err = loadCertificates(caCertPool)
if err != nil {
return err
}
// Setup HTTPS client
tlsConfig := &tls.Config{
RootCAs: caCertPool,
ClientSessionCache: tls.NewLRUClientSessionCache(1)}
tlsConfig.BuildNameToCertificate()
artDetails.Transport = &http.Transport{TLSClientConfig: tlsConfig}
return nil
}
func encryptPassword(details *config.ArtifactoryDetails) (*config.ArtifactoryDetails, error) {
if details.Password == "" {
return details, nil
}
log.Info("\nEncrypting password...")
response, encPassword, err := utils.GetEncryptedPasswordFromArtifactory(details)
if err != nil {
return nil, err
}
switch response.StatusCode {
case 409:
message := "\nYour Artifactory server is not configured to encrypt passwords.\n" +
"You may use \"art config --enc-password=false\""
err = cliutils.CheckError(errors.New(message))
case 200:
details.Password = encPassword
log.Info("Done encrypting password.")
default:
err = cliutils.CheckError(errors.New("\nArtifactory response: " + response.Status))
}
return details, err
}
func createArtifactoryDetails(c *cli.Context, includeConfig bool) (*config.ArtifactoryDetails, error) {
if includeConfig {
details, err := offerConfig(c)
if err != nil {
return nil, err
}
if details != nil {
return details, nil
}
}
details := new(config.ArtifactoryDetails)
details.Url = c.String("url")
details.ApiKey = c.String("apikey")
details.User = c.String("user")
details.Password = c.String("password")
details.SshKeyPath = c.String("ssh-key-path")
if includeConfig {
confDetails, err := commands.GetConfig()
if err != nil {
return nil, err
}
if details.Url == "" {
details.Url = confDetails.Url
}
if !isAuthMethodSet(details) {
if details.ApiKey == "" {
details.ApiKey = confDetails.ApiKey
}
if details.User == "" {
details.User = confDetails.User
}
if details.Password == "" {
details.Password = confDetails.Password
}
if details.SshKeyPath == "" {
details.SshKeyPath = confDetails.SshKeyPath
}
}
}
details.Url = cliutils.AddTrailingSlashIfNeeded(details.Url)
return details, nil
}
func SshAuthentication(details *config.ArtifactoryDetails) error {
_, host, port, err := parseUrl(details.Url)
if err != nil {
return err
}
log.Info("Performing SSH authentication...")
if details.SshKeyPath == "" {
err := cliutils.CheckError(errors.New("Cannot invoke the SshAuthentication function with no SSH key path. "))
if err != nil {
return err
}
}
buffer, err := ioutil.ReadFile(details.SshKeyPath)
err = cliutils.CheckError(err)
if err != nil {
return err
}
key, err := ssh.ParsePrivateKey(buffer)
err = cliutils.CheckError(err)
if err != nil {
return err
}
sshConfig := &ssh.ClientConfig{
User: "******",
Auth: []ssh.AuthMethod{
ssh.PublicKeys(key),
},
}
hostAndPort := host + ":" + strconv.Itoa(port)
connection, err := ssh.Dial("tcp", hostAndPort, sshConfig)
err = cliutils.CheckError(err)
if err != nil {
return err
}
defer connection.Close()
session, err := connection.NewSession()
err = cliutils.CheckError(err)
if err != nil {
return err
}
defer session.Close()
stdout, err := session.StdoutPipe()
err = cliutils.CheckError(err)
if err != nil {
return err
}
var buf bytes.Buffer
go io.Copy(&buf, stdout)
session.Run("jfrog-authenticate")
var result SshAuthResult
err = json.Unmarshal(buf.Bytes(), &result)
err = cliutils.CheckError(err)
if err != nil {
return err
}
details.Url = cliutils.AddTrailingSlashIfNeeded(result.Href)
details.SshAuthHeaders = result.Headers
log.Info("SSH authentication successful.")
return nil
}
