Class: Aptible::CLI::Agent

Inherits:

Thor

• Object
• Thor
• Aptible::CLI::Agent

Includes:

Helpers::Ssh, Helpers::System, Helpers::Token, Subcommands::Apps, Subcommands::Backup, Subcommands::Config, Subcommands::DB, Subcommands::Deploy, Subcommands::Domains, Subcommands::Endpoints, Subcommands::Environment, Subcommands::Inspect, Subcommands::Logs, Subcommands::Operation, Subcommands::Ps, Subcommands::Rebuild, Subcommands::Restart, Subcommands::SSH, Subcommands::Services, Thor::Actions

Defined in:

lib/aptible/cli/agent.rb

Constant Summary

Constants included from Subcommands::Deploy

Subcommands::Deploy::DOCKER_IMAGE_DEPLOY_ARGS, Subcommands::Deploy::NULL_SHA1

Constants included from Helpers::Token

Helpers::Token::TOKEN_ENV_VAR

Class Method Summary

• .exit_on_failure? ⇒ Boolean

  Forward return codes on failures.

Instance Method Summary

• #initialize ⇒ Agent constructor

  A new instance of Agent.

• #login ⇒ Object
• #version ⇒ Object

Methods included from Subcommands::Endpoints

included

Methods included from Subcommands::Inspect

included, #inspect_resource

Methods included from Subcommands::Operation

included

Methods included from Subcommands::Backup

included

Methods included from Subcommands::SSH

included

Methods included from Subcommands::Services

included

Methods included from Subcommands::Restart

included

Methods included from Subcommands::Deploy

included

Methods included from Subcommands::Rebuild

included

Methods included from Subcommands::Ps

included

Methods included from Subcommands::Logs

included

Methods included from Subcommands::Environment

included

Methods included from Subcommands::Domains

included

Methods included from Subcommands::DB

included

Methods included from Subcommands::Config

included

Methods included from Subcommands::Apps

included

Methods included from Helpers::System

#ask_then_line, #which

Methods included from Helpers::Ssh

#connect_to_ssh_portal, #exit_with_ssh_portal, #with_ssh_cmd

Methods included from Helpers::Token

#current_token_hash, #fetch_token, #save_token, #token_file

Constructor Details

#initialize ⇒ Agent

Returns a new instance of Agent.

# File 'lib/aptible/cli/agent.rb', line 69

def initialize(*)
  nag_toolbelt unless toolbelt?
  Aptible::Resource.configure { |conf| conf.user_agent = version_string }
  warn_sso_enforcement
  super
end

Class Method Details

.exit_on_failure? ⇒ Boolean

Forward return codes on failures.

Returns:

• (Boolean)

# File 'lib/aptible/cli/agent.rb', line 65

def self.exit_on_failure?
  true
end

Instance Method Details

#login ⇒ Object

# File 'lib/aptible/cli/agent.rb', line 93

def login
  if options[:sso]
    begin
      token = options[:sso]
      token = ask('Paste token copied from Dashboard:') if token == 'sso'
      Base64.urlsafe_decode64(token.split('.').first)
      save_token(token)
      CLI.logger.info "Token written to #{token_file}"
      return
    rescue StandardError
      raise Thor::Error, 'Invalid token provided for SSO'
    end
  end

  email = options[:email] || ask('Email: ')
  password = options[:password] || ask_then_line(
    'Password: ', echo: false
  )

  token_options = { email: email, password: password }

  otp_token = options[:otp_token]
  token_options[:otp_token] = otp_token if otp_token

  begin
    lifetime = '1w'
    lifetime = '12h' if token_options[:otp_token] || token_options[:u2f]
    lifetime = options[:lifetime] if options[:lifetime]

    duration = ChronicDuration.parse(lifetime)
    if duration.nil?
      raise Thor::Error, "Invalid token lifetime requested: #{lifetime}"
    end

    token_options[:expires_in] = duration
    token = Aptible::Auth::Token.create(token_options)
  rescue OAuth2::Error => e
    # If a MFA is require but a token wasn't provided,
    # prompt the user for MFA authentication and retry
    if e.code != 'otp_token_required'
      raise Thor::Error, 'Could not authenticate with given ' \
                         "credentials: #{e.code}"
    end

    u2f = (e.response.parsed['exception_context'] || {})['u2f']

    q = Queue.new
    mfa_threads = []

    # If the user has added a security key and their computer supports it,
    # allow them to use it
    if u2f && !which('u2f-host').nil?
      origin = Aptible::Auth::Resource.new.get.href
      app_id = Aptible::Auth::Resource.new.utf_trusted_facets.href

      challenge = u2f.fetch('challenge')

      devices = u2f.fetch('devices').map do |dev|
        Helpers::SecurityKey::Device.new(
          dev.fetch('version'), dev.fetch('key_handle')
        )
      end

      puts 'Enter your 2FA token or touch your Security Key once it ' \
           'starts blinking.'

      mfa_threads << Thread.new do
        token_options[:u2f] = Helpers::SecurityKey.authenticate(
          origin, app_id, challenge, devices
        )

        puts ''

        q.push(nil)
      end
    end

    mfa_threads << Thread.new do
      token_options[:otp_token] = options[:otp_token] || ask(
        '2FA Token: '
      )

      q.push(nil)
    end

    # Block until one of the threads completes
    q.pop

    mfa_threads.each do |thr|
      sleep 0.5 until thr.status != 'run'
      thr.kill
    end.each(&:join)

    retry
  end

  save_token(token.access_token)
  CLI.logger.info "Token written to #{token_file}"

  lifetime_format = { units: 2, joiner: ', ' }
  token_lifetime = (token.expires_at - token.created_at).round
  expires_in = ChronicDuration.output(token_lifetime, lifetime_format)
  CLI.logger.info "This token will expire after #{expires_in} " \
                  '(use --lifetime to customize)'
end

#version ⇒ Object

# File 'lib/aptible/cli/agent.rb', line 77

def version
  Formatter.render(Renderer.current) do |root|
    root.keyed_object('version') do |node|
      node.value('version', version_string)
    end
  end
end