From a2b68d5975d57da3eb3e7eeb1c69d653c3ebc30e Mon Sep 17 00:00:00 2001 From: Alex Wilson Date: Fri, 11 Sep 2015 15:38:50 -0700 Subject: [PATCH] PUBAPI-1146 Divorce wanted between *_KEY_ID env vars and keyId actually sent to server --- bin/sdc-chmod | 7 ++----- bin/sdc-info | 7 ++----- lib/cli_common.js | 15 +++++++-------- lib/cloudapi.js | 6 +++++- lib/shared.js | 14 +++++++------- package.json | 2 +- 6 files changed, 24 insertions(+), 27 deletions(-) diff --git a/bin/sdc-chmod b/bin/sdc-chmod index 5f90561..b5ad0ce 100755 --- a/bin/sdc-chmod +++ b/bin/sdc-chmod @@ -89,13 +89,10 @@ if (require.main === module) { opts.log = log; - var identity = (opts.user) ? - util.format('%s/users/%s', opts.account, opts.user): - opts.account; - opts.sign = auth.cliSigner({ keyId: opts.keyId, - user: identity + user: opts.account, + subuser: opts.user }); var resource = opts._args[1]; diff --git a/bin/sdc-info b/bin/sdc-info index 37abf5e..2fa7266 100755 --- a/bin/sdc-info +++ b/bin/sdc-info @@ -70,13 +70,10 @@ if (require.main === module) { process.exit(1); } - var identity = (opts.user) ? - util.format('%s/users/%s', opts.account, opts.user): - opts.account; - opts.sign = auth.cliSigner({ keyId: opts.keyId, - user: identity + user: opts.account, + subuser: opts.user }); var cloudapi = new CloudAPI(opts); diff --git a/lib/cli_common.js b/lib/cli_common.js index 41b3d4b..74a3c5b 100644 --- a/lib/cli_common.js +++ b/lib/cli_common.js @@ -18,7 +18,9 @@ url.name = 'url'; // --- Globals var KV_RE = new RegExp('^([^=]+)=(.*)$'); -var SSH_KEY_ID_RE = /^[0-9a-f]{2}(?:\:[0-9a-f]{2}){15}$/i; +var SSH_HEX_KEY_ID_RE = /^(MD5:)?[0-9a-f]{2}(?:\:[0-9a-f]{2}){15}$/i; +/*JSSTYLED*/ +var SSH_BASE64_KEY_ID_RE = /^[A-Z0-9]+:[-A-Za-z0-9+\/=]+$/; var URL_RE = '^https?\://.+'; var DeprecatedOptions = { @@ -281,7 +283,8 @@ module.exports = { 'Either --keyId or (env) SDC_KEY_ID must be specified'); } - if (!parsed.keyId.match(SSH_KEY_ID_RE)) { + if (!parsed.keyId.match(SSH_HEX_KEY_ID_RE) && + !parsed.keyId.match(SSH_BASE64_KEY_ID_RE)) { usage(usageStr, 1, '--keyId or (env) SDC_KEY_ID must be a valid SSH key ID'); } @@ -327,14 +330,10 @@ module.exports = { parsed.user = process.env.SDC_USER; } - var identity = (parsed.user) ? - format('%s/users/%s', parsed.account, parsed.user): - parsed.account; - - parsed.sign = smartdc.cliSigner({ keyId: parsed.keyId, - user: identity + user: parsed.account, + subuser: parsed.user }); return callback(parsed); diff --git a/lib/cloudapi.js b/lib/cloudapi.js index 4c757db..c72f97a 100644 --- a/lib/cloudapi.js +++ b/lib/cloudapi.js @@ -138,8 +138,12 @@ function _signRequest(opts, cb) { return (cb(null)); } + var ident = obj.user; + if (obj.subuser !== undefined) + ident = sprintf('%s/users/%s', obj.user, obj.subuser); + opts.headers.authorization = sprintf(SIGNATURE, - obj.user, + ident, obj.keyId, obj.algorithm, obj.signature); diff --git a/lib/shared.js b/lib/shared.js index d6bf734..bfa157f 100644 --- a/lib/shared.js +++ b/lib/shared.js @@ -12,7 +12,9 @@ var smartdc = require('../lib/cloudapi'), CloudAPI = smartdc.CloudAPI; -var SSH_KEY_ID_RE = /^[0-9a-f]{2}(?:\:[0-9a-f]{2}){15}$/i; +var SSH_HEX_KEY_ID_RE = /^(MD5:)?[0-9a-f]{2}(?:\:[0-9a-f]{2}){15}$/i; +/*JSSTYLED*/ +var SSH_BASE64_KEY_ID_RE = /^[A-Z0-9]+:[-A-Za-z0-9+\/=]+$/; var URL_RE = '^https?\://.+'; @@ -109,7 +111,8 @@ function checkRequiredOptions(opts, args, callback) { 'Either --key or (env) SDC_KEY_ID must be specified')); } - if (!opts.keyId.match(SSH_KEY_ID_RE)) { + if (!opts.keyId.match(SSH_HEX_KEY_ID_RE) && + !opts.keyId.match(SSH_BASE64_KEY_ID_RE)) { return callback(new Error( '--keyId or (env) SDC_KEY_ID must be a valid SSH key ID')); } @@ -143,13 +146,10 @@ function checkRequiredOptions(opts, args, callback) { '--url or (env) SDC_URL must be a valid URL')); } - var identity = (opts.user) ? - util.format('%s/users/%s', opts.account, opts.user): - opts.account; - opts.sign = auth.cliSigner({ keyId: opts.keyId, - user: identity + user: opts.account, + subuser: opts.user }); if (opts.role) { diff --git a/package.json b/package.json index 925f8c2..fa7704f 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "restify": "2.8.5", "bunyan": "1.3.4", "clone": "0.1.6", - "smartdc-auth": "1.0.4", + "smartdc-auth": "2.0.1", "cmdln": "3.2.1", "dashdash": "1.7.3", "vasync": "1.6.2"