warengroup/wx
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
7dd2a07186151e96992d4815583a4380272448ae
wx/src/commands/auth/login.sh
Christer Warén a37fce53e8 Update Login and Logout process
2026-01-18 18:54:36 +02:00

145 lines
3.9 KiB
Bash
Raw Blame History

wx-login(){
wxi-header "Login"
wxi-restricted --user
wxi-restricted --org
wxi-restricted --vault
wxi-header "$ORG_HEADER" h3
if [[ ! -z ${args['auth-method']} ]]
then
AUTH_METHOD=${args['auth-method']}
elif [[ ! -z ${args['token']} ]]
then
AUTH_METHOD=token
elif [[ -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != 'null' && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != '' ]]
then
AUTH_METHOD=token
elif [[ ! -z ${args['username']} ]]
then
AUTH_METHOD=ldap
else
AUTH_METHOD=ldap
fi
if [[ ! -z $AUTH_METHOD ]]
then
case $AUTH_METHOD in
ldap)
echo -n "Username: "
if [[ ! -z ${args['username']} ]]
then
USERNAME=${args['username']}
wxi-content text "$USERNAME"
else
read USERNAME
fi
echo -n "Password: "
if [[ ! -z ${args['password']} ]]
then
PASSWORD=${args['password']}
else
read -s PASSWORD
fi
if [[ ! -z $PASSWORD ]]
then
wxi-content text "****************"
else
wxi-content text ""
fi
if [[ -z $USERNAME || -z $PASSWORD ]]
then
wxi-content status "Username & Password" "Required"
wxi-footer
wxi-stop
fi
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/ldap/login/$USERNAME -X POST -d '{ "password": "'$PASSWORD'" }' -s | jq -r '.auth.client_token')
if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
then
wxi-content status "Login" "Failed"
wxi-footer
wxi-stop
fi
TOKEN=$VAULT_LOGIN
wxi-config login
;;
token)
echo -n "Token: "
if [[ ! -z ${args['token']} ]]
then
if [[ ${args['token']} != "true" ]]
then
TOKEN=${args['token']}
fi
elif [[ -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != 'null' && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != '' ]]
then
TOKEN=$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)
else
read -s TOKEN
fi
if [[ ! -z $TOKEN ]]
then
wxi-content text "***********************************************************************************************"
fi
if [[ -z $TOKEN ]]
then
wxi-content status "Token" "Required"
wxi-footer
wxi-stop
fi
if [[ ${#TOKEN} -lt 95 || ${#TOKEN} -gt 95 ]]
then
wxi-content status "Token" "Invalid"
wxi-footer
wxi-stop
fi
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew-self -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
then
wxi-content status "Login" "Failed"
wxi-footer
wx-logout &> /dev/null
wx-login
#wxi-stop
fi
TOKEN=$VAULT_LOGIN
wxi-config login
;;
*)
wxi-content status "Login Type" "Unsupported"
wxi-footer
wxi-stop
;;
esac
fi
VAULT_USERNAME=$(curl https://$VAULT_DOMAIN/v1/auth/token/lookup-self -X GET --header "X-Vault-Token: $TOKEN" -s | jq -r '.data.display_name')
if [[ -z $VAULT_USERNAME ]]
then
wxi-content status "Login" "Username Missing"
wxi-stop
elif [[ $VAULT_USERNAME != ldap* && $VAULT_USERNAME != oidc* ]]
then
wxi-content status "Login" "Authentication Method Invalid"
wxi-stop
elif [[ $VAULT_USERNAME == ldap* ]]
then
USERNAME=${VAULT_USERNAME#ldap-}
elif [[ $VAULT_USERNAME == oidc* ]]
then
USERNAME=${VAULT_USERNAME#oidc-}
fi
wxi-footer
}
Reference in New Issue View Git Blame Copy Permalink