func (c *loginCmd) Main() { schemes := NewSchemeMap() if c.url == "" { Usage(c, "--url is required") } if c.user == "" { Usage(c, "--user is required") } if c.homeDir == "" { c.homeDir = path.Join(os.Getenv("HOME"), ".affinity") } serverUrl, err := url.Parse(c.url) if err != nil { die(err) } schemes.Register(usso.NewOauthCli(fmt.Sprintf("affinity@%s", serverUrl.Host), &PasswordPrompter{})) user, err := ParseUser(c.user) if err != nil { die(err) } scheme := schemes.Token(user.Scheme) if scheme == nil { die(fmt.Errorf("Scheme '%s' is not supported", user.Scheme)) } token, err := scheme.Authorize(user) if err != nil { die(err) } authStore, err := client.NewFileAuthStore(c.homeDir) if err != nil { die(err) } err = authStore.Set(token, serverUrl.Host) if err != nil { die(err) } }
func (c *serveCmd) Main() { if c.extName == "" { Usage(c, "--name is required") } c.serviceAdmins = strings.Split(c.serviceAdminCsv, ",") for i := range c.serviceAdmins { c.serviceAdmins[i] = strings.TrimSpace(c.serviceAdmins[i]) } session, err := mgo.Dial(c.mongo) if err != nil { die(err) } store, err := mongo.NewMongoStore(session, c.dbname, "", "") if err != nil { die(err) } s := NewGroupServer(store) // Grant service role to configured admins for _, serviceAdmin := range c.serviceAdmins { admin := rbac.NewAdmin(store, group.GroupRoles) u, err := affinity.ParseUser(serviceAdmin) if err != nil { die(err) } err = admin.Grant(u, group.ServiceRole, group.ServiceResource) if err != nil { log.Println("Warning:", err) } } s.Schemes.Register(usso.NewOauthCli(c.extName, &affinity.PasswordUnavailable{})) err = http.ListenAndServe(c.addr, s) die(err) }