Пример #1
0
func (c *loginCmd) Main() {
	schemes := NewSchemeMap()

	if c.url == "" {
		Usage(c, "--url is required")
	}
	if c.user == "" {
		Usage(c, "--user is required")
	}
	if c.homeDir == "" {
		c.homeDir = path.Join(os.Getenv("HOME"), ".affinity")
	}

	serverUrl, err := url.Parse(c.url)
	if err != nil {
		die(err)
	}
	schemes.Register(usso.NewOauthCli(fmt.Sprintf("affinity@%s", serverUrl.Host),
		&PasswordPrompter{}))

	user, err := ParseUser(c.user)
	if err != nil {
		die(err)
	}

	scheme := schemes.Token(user.Scheme)
	if scheme == nil {
		die(fmt.Errorf("Scheme '%s' is not supported", user.Scheme))
	}

	token, err := scheme.Authorize(user)
	if err != nil {
		die(err)
	}

	authStore, err := client.NewFileAuthStore(c.homeDir)
	if err != nil {
		die(err)
	}

	err = authStore.Set(token, serverUrl.Host)
	if err != nil {
		die(err)
	}
}
Пример #2
0
func (c *serveCmd) Main() {
	if c.extName == "" {
		Usage(c, "--name is required")
	}

	c.serviceAdmins = strings.Split(c.serviceAdminCsv, ",")
	for i := range c.serviceAdmins {
		c.serviceAdmins[i] = strings.TrimSpace(c.serviceAdmins[i])
	}

	session, err := mgo.Dial(c.mongo)
	if err != nil {
		die(err)
	}
	store, err := mongo.NewMongoStore(session, c.dbname, "", "")
	if err != nil {
		die(err)
	}

	s := NewGroupServer(store)

	// Grant service role to configured admins
	for _, serviceAdmin := range c.serviceAdmins {
		admin := rbac.NewAdmin(store, group.GroupRoles)
		u, err := affinity.ParseUser(serviceAdmin)
		if err != nil {
			die(err)
		}
		err = admin.Grant(u, group.ServiceRole, group.ServiceResource)
		if err != nil {
			log.Println("Warning:", err)
		}
	}

	s.Schemes.Register(usso.NewOauthCli(c.extName, &affinity.PasswordUnavailable{}))
	err = http.ListenAndServe(c.addr, s)
	die(err)
}