func (ah *CbAuthHandler) GetCredentials() (string, string, error) {
u, p, err := cbauth.GetHTTPServiceAuth(ah.Hostport)
if err != nil {
return "", "", err
}
return u, p, nil
}
func (ah *CbAuthHandler) GetCredentials() (string, string) {
u, p, err := cbauth.GetHTTPServiceAuth(ah.Hostport)
if err != nil {
panic(err)
}
return u, p
}
// CBAuthURL rewrites a URL with credentials, for use in a cbauth'ed
// environment.
func CBAuthURL(urlStr string) (string, error) {
u, err := url.Parse(urlStr)
if err != nil {
return "", err
}
cbUser, cbPasswd, err := cbauth.GetHTTPServiceAuth(u.Host)
if err != nil {
return "", err
}
u.User = url.UserPassword(cbUser, cbPasswd)
return u.String(), nil
}
func UrlWithAuth(urlStr string) (string, error) {
u, err := url.Parse(urlStr)
if err != nil {
return "", err
}
if authType == "cbauth" {
adminUser, adminPasswd, err := cbauth.GetHTTPServiceAuth(u.Host)
if err != nil {
return "", err
}
u.User = url.UserPassword(adminUser, adminPasswd)
}
return u.String(), nil
}
func ClusterAuthUrl(cluster string) (string, error) {
if strings.HasPrefix(cluster, "http") {
u, err := url.Parse(cluster)
if err != nil {
return "", err
}
cluster = u.Host
}
adminUser, adminPasswd, err := cbauth.GetHTTPServiceAuth(cluster)
if err != nil {
return "", err
}
clusterUrl := url.URL{
Scheme: "http",
Host: cluster,
User: url.UserPassword(adminUser, adminPasswd),
}
return clusterUrl.String(), nil
}
func NewAuditSvc(uri string) (*AuditSvc, error) {
parsedUri, err := url.Parse(uri)
if err != nil {
return nil, err
}
u, p, err := cbauth.GetHTTPServiceAuth(parsedUri.Host)
if err != nil {
return nil, err
}
service := &AuditSvc{
uri: uri,
u: u,
p: p,
initialized: false,
client: make(chan *mcc.Client, PoolClients),
}
err = service.init()
if err != nil {
return nil, err
}
log.Printf("audit: created new audit service")
return service, nil
}
func main() {
flag.Parse()
/*
NOTE. This example requires the following environment variables to be set.
CBAUTH_REVRPC_URL
e.g
CBAUTH_REVRPC_URL="http://*****:*****@127.0.0.1:9000/_cbauth"
*/
url, err := url.Parse(*serverURL)
if err != nil {
log.Printf("Failed to parse url %v", err)
return
}
hostPort := url.Host
user, bucket_password, err := cbauth.GetHTTPServiceAuth(hostPort)
if err != nil {
log.Printf("Failed %v", err)
return
}
log.Printf(" HTTP Servce username %s password %s", user, bucket_password)
client, err := couchbase.ConnectWithAuthCreds(*serverURL, user, bucket_password)
if err != nil {
log.Printf("Connect failed %v", err)
return
}
cbpool, err := client.GetPool("default")
if err != nil {
log.Printf("Failed to connect to default pool %v", err)
return
}
mUser, mPassword, err := cbauth.GetMemcachedServiceAuth(hostPort)
if err != nil {
log.Printf(" failed %v", err)
return
}
var cbbucket *couchbase.Bucket
cbbucket, err = cbpool.GetBucketWithAuth(*bucketName, mUser, mPassword)
if err != nil {
log.Printf("Failed to connect to bucket %v", err)
return
}
log.Printf(" Bucket name %s Bucket %v", *bucketName, cbbucket)
err = cbbucket.Set("k1", 5, "value")
if err != nil {
log.Printf("set failed error %v", err)
return
}
if *authUser != "" {
creds, err := cbauth.Auth(*authUser, *authPswd)
if err != nil {
log.Printf(" failed %v", err)
return
}
permission := fmt.Sprintf("cluster.bucket[%s].data!read", *bucketName)
canAccess, err := creds.IsAllowed(permission)
if err != nil {
log.Printf(" error %v checking permission %v", err, permission)
} else {
log.Printf(" result of checking permission %v : %v", permission, canAccess)
}
}
}
func main() {
flag.Parse()
/*
NOTE. This example requires the following environment variables to be set.
NS_SERVER_CBAUTH_URL
NS_SERVER_CBAUTH_USER
NS_SERVER_CBAUTH_PWD
e.g
NS_SERVER_CBAUTH_URL="http://localhost:9000/_cbauth"
NS_SERVER_CBAUTH_USER="******"
NS_SERVER_CBAUTH_PWD="asdasd"
*/
url, err := url.Parse(*serverURL)
if err != nil {
log.Printf("Failed to parse url %v", err)
return
}
hostPort := url.Host
user, bucket_password, err := cbauth.GetHTTPServiceAuth(hostPort)
if err != nil {
log.Printf("Failed %v", err)
return
}
log.Printf(" HTTP Servce username %s password %s", user, bucket_password)
client, err := couchbase.ConnectWithAuthCreds(*serverURL, user, bucket_password)
if err != nil {
log.Printf("Connect failed %v", err)
return
}
cbpool, err := client.GetPool("default")
if err != nil {
log.Printf("Failed to connect to default pool %v", err)
return
}
mUser, mPassword, err := cbauth.GetMemcachedServiceAuth(hostPort)
if err != nil {
log.Printf(" failed %v", err)
return
}
var cbbucket *couchbase.Bucket
cbbucket, err = cbpool.GetBucketWithAuth(*bucketName, mUser, mPassword)
if err != nil {
log.Printf("Failed to connect to bucket %v", err)
return
}
log.Printf(" Bucket name %s Bucket %v", *bucketName, cbbucket)
err = cbbucket.Set("k1", 5, "value")
if err != nil {
log.Printf("set failed error %v", err)
return
}
if *authUser != "" {
creds, err := cbauth.Auth(*authUser, *authPswd)
if err != nil {
log.Printf(" failed %v", err)
return
}
canAccess, err := creds.CanAccessBucket(*bucketName)
if err != nil {
log.Printf(" can't access bucket %v", err)
}
log.Printf(" results canaccess %v bucket %v", canAccess, *bucketName)
canRead, err := creds.CanReadBucket(*bucketName)
if err != nil {
log.Printf(" can't read bucket %v", err)
}
log.Printf(" results canread %v bucket %v", canRead, *bucketName)
canDDL, err := creds.CanDDLBucket(*bucketName)
if err != nil {
log.Printf(" can't DDL bucket %v", err)
}
log.Printf(" results canDDL %v bucket %v", canDDL, *bucketName)
}
}
