Add -username and -api-key to login machine method in the reva CLI

cs3org · Sep 1, 2021 · b87780c · b87780c
1 parent cbc449a
commit b87780c
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 11 deletions.
diff --git a/cmd/reva/login.go b/cmd/reva/login.go
@@ -22,24 +22,28 @@ import (
 	"bufio"
 	"context"
 	"encoding/gob"
+	"errors"
 	"fmt"
 	"io"
 	"os"
 
 	registry "github.com/cs3org/go-cs3apis/cs3/auth/registry/v1beta1"
 	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
 	rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
-	"github.com/pkg/errors"
 )
 
 var loginCommand = func() *command {
 	cmd := newCommand("login")
 	cmd.Description = func() string { return "login into the reva server" }
 	cmd.Usage = func() string { return "Usage: login <type>" }
 	listFlag := cmd.Bool("list", false, "list available login methods")
+	usernameOpt := cmd.String("username", "", "provide the username (only with machine auth)")
+	apiKeyOpt := cmd.String("api-key", "", "secret for the machine auth")
 
 	cmd.ResetFlags = func() {
 		*listFlag = false
+		*usernameOpt = ""
+		*apiKeyOpt = ""
 	}
 
 	cmd.Action = func(w ...io.Writer) error {
@@ -81,17 +85,29 @@ var loginCommand = func() *command {
 		}
 
 		authType := cmd.Args()[0]
-		reader := bufio.NewReader(os.Stdin)
-		fmt.Print("username: ")
-		username, err := read(reader)
-		if err != nil {
-			return err
-		}
+		var username, password string
+		var err error
+
+		// if the user select the machine authentication, the only way
+		// to provide the username and the password (api-key) is through
+		// the flags -username and -api-key respectively
+		if authType == "machine" {
+			username = *usernameOpt
+			password = *apiKeyOpt
+		} else {
+			// for the other methods, take the username and pw from the stdin
+			reader := bufio.NewReader(os.Stdin)
+			fmt.Print("username: ")
+			username, err = read(reader)
+			if err != nil {
+				return err
+			}
 
-		fmt.Print("password: ")
-		password, err := readPassword(0)
-		if err != nil {
-			return err
+			fmt.Print("password: ")
+			password, err = readPassword(0)
+			if err != nil {
+				return err
+			}
 		}
 
 		client, err := getClient()

diff --git a/pkg/auth/manager/machine/machine.go b/pkg/auth/manager/machine/machine.go
@@ -65,6 +65,7 @@ func New(conf map[string]interface{}) (auth.Manager, error) {
 	return m, nil
 }
 
+// Authenticate impersonate an user if the provided secret is equal to the api-key
 func (m *manager) Authenticate(ctx context.Context, username, secret string) (*user.User, map[string]*authpb.Scope, error) {
 	if m.APIKey != secret {
 		return nil, nil, errtypes.InvalidCredentials("")