1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
// vespa api-key command
// Author: mpolden
package cmd
import (
"fmt"
"io/ioutil"
"log"
"github.com/spf13/cobra"
"github.com/vespa-engine/vespa/client/go/util"
"github.com/vespa-engine/vespa/client/go/vespa"
)
var overwriteKey bool
func init() {
apiKeyCmd.Flags().BoolVarP(&overwriteKey, "force", "f", false, "Force overwrite of existing API key")
apiKeyCmd.MarkPersistentFlagRequired(applicationFlag)
}
var example string
func apiKeyExample() string {
if vespa.Auth0AccessTokenEnabled() {
return "$ vespa auth api-key -a my-tenant.my-app.my-instance"
} else {
return "$ vespa api-key -a my-tenant.my-app.my-instance"
}
}
var apiKeyCmd = &cobra.Command{
Use: "api-key",
Short: "Create a new user API key for authentication with Vespa Cloud",
Example: apiKeyExample(),
DisableAutoGenTag: true,
Args: cobra.ExactArgs(0),
Run: doApiKey,
}
var deprecatedApiKeyCmd = &cobra.Command{
Use: "api-key",
Short: "Create a new user API key for authentication with Vespa Cloud",
Example: apiKeyExample(),
DisableAutoGenTag: true,
Args: cobra.ExactArgs(0),
Hidden: true,
Deprecated: "use 'vespa auth api-key' instead",
Run: doApiKey,
}
func doApiKey(_ *cobra.Command, _ []string) {
cfg, err := LoadConfig()
if err != nil {
fatalErr(err, "Could not load config")
return
}
app := getApplication()
apiKeyFile := cfg.APIKeyPath(app.Tenant)
if util.PathExists(apiKeyFile) && !overwriteKey {
printErrHint(fmt.Errorf("File %s already exists", apiKeyFile), "Use -f to overwrite it")
printPublicKey(apiKeyFile, app.Tenant)
return
}
apiKey, err := vespa.CreateAPIKey()
if err != nil {
fatalErr(err, "Could not create API key")
return
}
if err := ioutil.WriteFile(apiKeyFile, apiKey, 0600); err == nil {
printSuccess("API private key written to ", apiKeyFile)
printPublicKey(apiKeyFile, app.Tenant)
if vespa.Auth0AccessTokenEnabled() {
if err == nil {
if err := cfg.Set(cloudAuthFlag, "api-key"); err != nil {
fatalErr(err, "Could not write config")
}
if err := cfg.Write(); err != nil {
fatalErr(err)
}
}
}
} else {
fatalErr(err, "Failed to write ", apiKeyFile)
}
}
func printPublicKey(apiKeyFile, tenant string) {
pemKeyData, err := ioutil.ReadFile(apiKeyFile)
if err != nil {
fatalErr(err, "Failed to read ", apiKeyFile)
return
}
key, err := vespa.ECPrivateKeyFrom(pemKeyData)
if err != nil {
fatalErr(err, "Failed to load key")
return
}
pemPublicKey, err := vespa.PEMPublicKeyFrom(key)
if err != nil {
fatalErr(err, "Failed to extract public key")
return
}
fingerprint, err := vespa.FingerprintMD5(pemPublicKey)
if err != nil {
fatalErr(err, "Failed to extract fingerprint")
}
log.Printf("\nThis is your public key:\n%s", color.Green(pemPublicKey))
log.Printf("Its fingerprint is:\n%s\n", color.Cyan(fingerprint))
log.Print("\nTo use this key in Vespa Cloud click 'Add custom key' at")
log.Printf(color.Cyan("%s/tenant/%s/keys").String(), getConsoleURL(), tenant)
log.Print("and paste the entire public key including the BEGIN and END lines.")
}
|
