Matteo Scandolo | a428586 | 2020-12-01 18:10:10 -0800 | [diff] [blame] | 1 | /* |
| 2 | Copyright 2014 The Kubernetes Authors. |
| 3 | |
| 4 | Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | you may not use this file except in compliance with the License. |
| 6 | You may obtain a copy of the License at |
| 7 | |
| 8 | http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | |
| 10 | Unless required by applicable law or agreed to in writing, software |
| 11 | distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | See the License for the specific language governing permissions and |
| 14 | limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package clientcmd |
| 18 | |
| 19 | import ( |
| 20 | "encoding/json" |
| 21 | "fmt" |
| 22 | "io" |
| 23 | "io/ioutil" |
| 24 | "os" |
| 25 | |
| 26 | "golang.org/x/crypto/ssh/terminal" |
| 27 | |
| 28 | clientauth "k8s.io/client-go/tools/auth" |
| 29 | ) |
| 30 | |
| 31 | // AuthLoaders are used to build clientauth.Info objects. |
| 32 | type AuthLoader interface { |
| 33 | // LoadAuth takes a path to a config file and can then do anything it needs in order to return a valid clientauth.Info |
| 34 | LoadAuth(path string) (*clientauth.Info, error) |
| 35 | } |
| 36 | |
| 37 | // default implementation of an AuthLoader |
| 38 | type defaultAuthLoader struct{} |
| 39 | |
| 40 | // LoadAuth for defaultAuthLoader simply delegates to clientauth.LoadFromFile |
| 41 | func (*defaultAuthLoader) LoadAuth(path string) (*clientauth.Info, error) { |
| 42 | return clientauth.LoadFromFile(path) |
| 43 | } |
| 44 | |
| 45 | type PromptingAuthLoader struct { |
| 46 | reader io.Reader |
| 47 | } |
| 48 | |
| 49 | // LoadAuth parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist. |
| 50 | func (a *PromptingAuthLoader) LoadAuth(path string) (*clientauth.Info, error) { |
| 51 | // Prompt for user/pass and write a file if none exists. |
| 52 | if _, err := os.Stat(path); os.IsNotExist(err) { |
| 53 | authPtr, err := a.Prompt() |
| 54 | auth := *authPtr |
| 55 | if err != nil { |
| 56 | return nil, err |
| 57 | } |
| 58 | data, err := json.Marshal(auth) |
| 59 | if err != nil { |
| 60 | return &auth, err |
| 61 | } |
| 62 | err = ioutil.WriteFile(path, data, 0600) |
| 63 | return &auth, err |
| 64 | } |
| 65 | authPtr, err := clientauth.LoadFromFile(path) |
| 66 | if err != nil { |
| 67 | return nil, err |
| 68 | } |
| 69 | return authPtr, nil |
| 70 | } |
| 71 | |
| 72 | // Prompt pulls the user and password from a reader |
| 73 | func (a *PromptingAuthLoader) Prompt() (*clientauth.Info, error) { |
| 74 | var err error |
| 75 | auth := &clientauth.Info{} |
| 76 | auth.User, err = promptForString("Username", a.reader, true) |
| 77 | if err != nil { |
| 78 | return nil, err |
| 79 | } |
| 80 | auth.Password, err = promptForString("Password", nil, false) |
| 81 | if err != nil { |
| 82 | return nil, err |
| 83 | } |
| 84 | return auth, nil |
| 85 | } |
| 86 | |
| 87 | func promptForString(field string, r io.Reader, show bool) (result string, err error) { |
| 88 | fmt.Printf("Please enter %s: ", field) |
| 89 | if show { |
| 90 | _, err = fmt.Fscan(r, &result) |
| 91 | } else { |
| 92 | var data []byte |
| 93 | if terminal.IsTerminal(int(os.Stdin.Fd())) { |
| 94 | data, err = terminal.ReadPassword(int(os.Stdin.Fd())) |
| 95 | result = string(data) |
| 96 | } else { |
| 97 | return "", fmt.Errorf("error reading input for %s", field) |
| 98 | } |
| 99 | } |
| 100 | return result, err |
| 101 | } |
| 102 | |
| 103 | // NewPromptingAuthLoader is an AuthLoader that parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist. |
| 104 | func NewPromptingAuthLoader(reader io.Reader) *PromptingAuthLoader { |
| 105 | return &PromptingAuthLoader{reader} |
| 106 | } |
| 107 | |
| 108 | // NewDefaultAuthLoader returns a default implementation of an AuthLoader that only reads from a config file |
| 109 | func NewDefaultAuthLoader() AuthLoader { |
| 110 | return &defaultAuthLoader{} |
| 111 | } |