diff options
Diffstat (limited to 'deps/rabbitmq_auth_backend_oauth2/src/Elixir.RabbitMQ.CLI.Ctl.Commands.AddUaaKeyCommand.erl')
-rw-r--r-- | deps/rabbitmq_auth_backend_oauth2/src/Elixir.RabbitMQ.CLI.Ctl.Commands.AddUaaKeyCommand.erl | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/deps/rabbitmq_auth_backend_oauth2/src/Elixir.RabbitMQ.CLI.Ctl.Commands.AddUaaKeyCommand.erl b/deps/rabbitmq_auth_backend_oauth2/src/Elixir.RabbitMQ.CLI.Ctl.Commands.AddUaaKeyCommand.erl new file mode 100644 index 0000000000..6571ba9c59 --- /dev/null +++ b/deps/rabbitmq_auth_backend_oauth2/src/Elixir.RabbitMQ.CLI.Ctl.Commands.AddUaaKeyCommand.erl @@ -0,0 +1,143 @@ +%% This Source Code Form is subject to the terms of the Mozilla Public +%% License, v. 2.0. If a copy of the MPL was not distributed with this +%% file, You can obtain one at https://mozilla.org/MPL/2.0/. +%% +%% Copyright (c) 2007-2020 VMware, Inc. or its affiliates. All rights reserved. +%% +-module('Elixir.RabbitMQ.CLI.Ctl.Commands.AddUaaKeyCommand'). + +-behaviour('Elixir.RabbitMQ.CLI.CommandBehaviour'). + +-export([ + usage/0, + validate/2, + merge_defaults/2, + banner/2, + run/2, + switches/0, + aliases/0, + output/2, + formatter/0 + ]). + + +usage() -> + <<"add_uaa_key <name> [--json=<json_key>] [--pem=<public_key>] [--pem_file=<pem_file>]">>. + +switches() -> + [{json, string}, + {pem, string}, + {pem_file, string}]. + +aliases() -> []. + +validate([], _Options) -> {validation_failure, not_enough_args}; +validate([_,_|_], _Options) -> {validation_failure, too_many_args}; +validate([_], Options) -> + Json = maps:get(json, Options, undefined), + Pem = maps:get(pem, Options, undefined), + PemFile = maps:get(pem_file, Options, undefined), + case {is_binary(Json), is_binary(Pem), is_binary(PemFile)} of + {false, false, false} -> + {validation_failure, + {bad_argument, <<"No key specified">>}}; + {true, false, false} -> + validate_json(Json); + {false, true, false} -> + validate_pem(Pem); + {false, false, true} -> + validate_pem_file(PemFile); + {_, _, _} -> + {validation_failure, + {bad_argument, <<"There can be only one key type">>}} + end. + +validate_json(Json) -> + case rabbit_json:try_decode(Json) of + {ok, _} -> + case uaa_jwt:verify_signing_key(json, Json) of + ok -> ok; + {error, {fields_missing_for_kty, Kty}} -> + {validation_failure, + {bad_argument, + <<"Key fields are missing fot kty \"", Kty/binary, "\"">>}}; + {error, unknown_kty} -> + {validation_failure, + {bad_argument, <<"\"kty\" field is invalid">>}}; + {error, no_kty} -> + {validation_failure, + {bad_argument, <<"Json key should contain \"kty\" field">>}}; + {error, Err} -> + {validation_failure, {bad_argument, Err}} + end; + {error, _} -> + {validation_failure, {bad_argument, <<"Invalid JSON">>}}; + error -> + {validation_failure, {bad_argument, <<"Invalid JSON">>}} + end. + +validate_pem(Pem) -> + case uaa_jwt:verify_signing_key(pem, Pem) of + ok -> ok; + {error, invalid_pem_string} -> + {validation_failure, <<"Unable to read a key from the PEM string">>}; + {error, Err} -> + {validation_failure, Err} + end. + +validate_pem_file(PemFile) -> + case uaa_jwt:verify_signing_key(pem_file, PemFile) of + ok -> ok; + {error, enoent} -> + {validation_failure, {bad_argument, <<"PEM file not found">>}}; + {error, invalid_pem_file} -> + {validation_failure, <<"Unable to read a key from the PEM file">>}; + {error, Err} -> + {validation_failure, Err} + end. + +merge_defaults(Args, #{pem_file := FileName} = Options) -> + AbsFileName = filename:absname(FileName), + {Args, Options#{pem_file := AbsFileName}}; +merge_defaults(Args, Options) -> {Args, Options}. + +banner([Name], #{json := Json}) -> + <<"Adding UAA signing key \"", + Name/binary, + "\" in JSON format: \"", + Json/binary, "\"">>; +banner([Name], #{pem := Pem}) -> + <<"Adding UAA signing key \"", + Name/binary, + "\" public key: \"", + Pem/binary, "\"">>; +banner([Name], #{pem_file := PemFile}) -> + <<"Adding UAA signing key \"", + Name/binary, + "\" filename: \"", + PemFile/binary, "\"">>. + +run([Name], #{node := Node} = Options) -> + {Type, Value} = case Options of + #{json := Json} -> {json, Json}; + #{pem := Pem} -> {pem, Pem}; + #{pem_file := PemFile} -> {pem_file, PemFile} + end, + case rabbit_misc:rpc_call(Node, + uaa_jwt, add_signing_key, + [Name, Type, Value]) of + {ok, _Keys} -> ok; + {error, Err} -> {error, Err} + end. + +output(E, _Opts) -> + 'Elixir.RabbitMQ.CLI.DefaultOutput':output(E). + +formatter() -> 'Elixir.RabbitMQ.CLI.Formatters.Erlang'. + + + + + + + |