TerribleDev/zanzibar
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bit of refactoring and adding zamioculcas bin

Browse Source
This commit is contained in:
Norm MacLennan
2015-01-15 07:24:14 -05:00
parent 0328ebd878
commit adae2dcdcc
18 changed files with 888 additions and 805 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.rspec Normal file
View File

@@ -0,0 +1,2 @@
--color
--require spec/spec_helper

5
.travis.yml Normal file
View File

@@ -0,0 +1,5 @@
language: ruby
rvm:
- 1.9.3
- 2.0.0
- 2.1.0

11
Gemfile
View File

@@ -1,9 +1,14 @@
source 'https://rubygems.org'
gem 'savon'
gem 'savon_spec'
gem 'rspec'
gem 'webmock'
group :test do
gem 'rake'
gem 'savon_spec'
gem 'rspec'
gem 'webmock'
gem 'zanzibar', path: '.'
end
# Specify your gem's dependencies in zanzibar.gemspec
gemspec

13
Rakefile
View File

@@ -1,10 +1,11 @@
require "bundler/gem_tasks"
require "bundler/setup" # load up our gem environment (incl. local zanzibar)
require 'rspec/core/rake_task'
require 'zanzibar/version'
task 'test' do
Dir.chdir('test')
system("rspec zanzibar_spec.rb")
end
RSpec::Core::RakeTask.new(:test)
task 'install_dependencies' do
system('bundle install')
task :install_local do
system "rake build"
system "gem install ./pkg/zanzibar-#{Zanzibar::VERSION}.gem"
end

70
bin/zamioculcas Normal file
View File

@@ -0,0 +1,70 @@
#! ruby
require 'zanzibar'
require 'optparse'
options = {
:domain => 'local'
}
OptionParser.new do |opts|
opts.banner = "Usage: zamioculcas -d domain [-w wsdl] [-k] [-p] [secret_id]"
opts.on("-d", "--domain DOMAIN", "Specify domain") do |v|
options[:domain] = v
end
opts.on("-w", "--wsdl WSDL", "Specify WSDL location") do |v|
options[:wsdl] = v
end
opts.on("-s", "--server SERVER", "Secret server hostname or IP") do |v|
options[:server] = v
end
opts.on("-k", "--no-check-certificate", "Don't run SSL certificate checks") do |v|
options[:globals] = {:ssl_verify_mode => :none}
end
opts.on("-p", "--password PASSWORD", "Specify password") do |v|
options[:pwd] = v
end
opts.on("-t", "--type TYPE", "Specify the type of secret") do |v|
options[:type] = v
end
opts.on("-u", "--user USER", "Specify the username") do |v|
options[:username] = v
end
end.parse!
raise OptionParser::MissingArgument if options[:server].nil?
options[:type] = "password" if options[:type].nil?
unless STDIN.tty? || options[:pwd]
options[:pwd] = $stdin.read.strip
end
secret_id = Integer(ARGV.pop)
if(!secret_id)
fail "no secret!"
end
unless options[:wsdl] || options[:server].nil?
options[:wsdl] = "https://#{options[:server]}/webservices/sswebservice.asmx?wsdl"
end
scrt = Zanzibar::Zanzibar.new(options)
case options[:type]
when "password"
$stdout.write "#{scrt.get_password(secret_id)}\n"
when "privatekey"
scrt.download_private_key(:scrt_id=>secret_id)
when "publickey"
scrt.download_public_key(:scrt_id=>secret_id)
else
$stderr.write "#{options[:type]} is not a known type."
end

57
lib/zanzibar.rb
View File

@@ -10,9 +10,16 @@ module Zanzibar
class Zanzibar
##
# @param args{:domain, :wsdl, :pwd, :globals{}}
# @param args{:domain, :wsdl, :pwd, :username, :globals{}}
def initialize(args = {})
if args[:username]
@@username = args[:username]
else
@@username = ENV['USER']
end
if args[:wsdl]
@@wsdl = args[:wsdl]
else
@@ -46,7 +53,7 @@ module Zanzibar
# @return [String] the password for the current user
def prompt_for_password
puts "Please enter password for #{ENV['USER']}:"
puts "Please enter password for #{@@username}:"
return STDIN.noecho(&:gets).chomp
end
@@ -73,13 +80,13 @@ module Zanzibar
def get_token
begin
response = @@client.call(:authenticate, message: { username: ENV['USER'], password: @@password, organization: "", domain: @@domain }).hash
response = @@client.call(:authenticate, message: { username: @@username, password: @@password, organization: "", domain: @@domain }).hash
if response[:envelope][:body][:authenticate_response][:authenticate_result][:errors]
raise "Error generating the authentication token for user #{ENV['USER']}: #{response[:envelope][:body][:authenticate_response][:authenticate_result][:errors][:string]}"
raise "Error generating the authentication token for user #{@@username}: #{response[:envelope][:body][:authenticate_response][:authenticate_result][:errors][:string]}"
end
response[:envelope][:body][:authenticate_response][:authenticate_result][:token]
rescue Savon::Error => err
raise "There was an error generating the authentiaton token for user #{ENV['USER']}: #{err}"
raise "There was an error generating the authentiaton token for user #{@@username}: #{err}"
end
end
@@ -108,12 +115,19 @@ module Zanzibar
def get_password(scrt_id)
begin
secret = get_secret(scrt_id)
return secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item][1][:value]
secret_items = secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item]
return get_secret_item_by_field_name(secret_items,"Password")[:value]
rescue Savon::Error => err
raise "There was an error getting the password for secret #{scrt_id}: #{err}"
end
end
def get_secret_item_by_field_name(secret_items, field_name)
secret_items.each do |item|
return item if item[:field_name] == field_name
end
end
## Get the secret item id that relates to a key file or attachment.
# Will raise on error
# @param [Integer] the secret id
@@ -122,25 +136,12 @@ module Zanzibar
def get_scrt_item_id(scrt_id, type, token)
secret = get_secret(scrt_id, token)
case type
when 'privatekey'
## Get private key item id
secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
return item[:id] if item[:field_name] == 'Private Key'
end
when 'publickey'
## Get public key item id
secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
return item[:id] if item[:field_name] == 'Public Key'
end
when 'attachment'
## Get attachment item id. This currently only supports secrets with one attachment.
secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
return item[:id] if item[:field_name] == 'Attachment'
end
else
raise "Unknown type, #{type}."
end
secret_items = secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item]
begin
return get_secret_item_by_field_name(secret_items, type)[:id]
rescue
raise "Unknown type, #{type}."
end
end
## Downloads the private key for a secret and places it where Zanzibar is running, or :path if specified
@@ -152,7 +153,7 @@ module Zanzibar
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'privatekey', token)}).hash
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'Private Key', token)}).hash
if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
raise "There was an error getting the private key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
end
@@ -173,7 +174,7 @@ module Zanzibar
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'publickey', token)}).hash
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'Public Key', token)}).hash
if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
raise "There was an error getting the public key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
end
@@ -194,7 +195,7 @@ module Zanzibar
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'attachment', token)}).hash
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'Attachment', token)}).hash
if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
raise "There was an error getting the attachment for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
end

24
test/responses/attachment_response.xml → spec/responses/attachment_response.xml
View File

@@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>SSBhbSBhIHNlY3JldCBhdHRhY2htZW50</FileAttachment>
<FileName>attachment.txt</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>SSBhbSBhIHNlY3JldCBhdHRhY2htZW50</FileAttachment>
<FileName>attachment.txt</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>

0
test/responses/authenticate_response.xml → spec/responses/authenticate_response.xml
View File

24
test/responses/download_private_key_response.xml → spec/responses/download_private_key_response.xml
View File

@@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkgLS0tLS0KemFuemliYXJUZXN0UGFzc3dvcmQKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</FileAttachment>
<FileName>zanzi_key</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkgLS0tLS0KemFuemliYXJUZXN0UGFzc3dvcmQKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</FileAttachment>
<FileName>zanzi_key</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>

0
test/responses/download_public_key_response.xml → spec/responses/download_public_key_response.xml
View File

0
test/responses/get_secret_response.xml → spec/responses/get_secret_response.xml
View File

114
test/responses/get_secret_with_attachment_response.xml → spec/responses/get_secret_with_attachment_response.xml
View File

@@ -1,57 +1,57 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzi Secret Attachment</Name>
<Items>
<SecretItem>
<Value>N/A</Value>
<Id>20144</Id>
<FieldId>284</FieldId>
<FieldName>Username</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Username</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value>N/A</Value>
<Id>20145</Id>
<FieldId>285</FieldId>
<FieldName>Password</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>true</IsPassword>
<FieldDisplayName>Password</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>20148</Id>
<FieldId>287</FieldId>
<FieldName>Attachment</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Attachment</FieldDisplayName>
</SecretItem>
</Items>
<Id>3456</Id>
<SecretTypeId>6028</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzi Secret Attachment</Name>
<Items>
<SecretItem>
<Value>N/A</Value>
<Id>20144</Id>
<FieldId>284</FieldId>
<FieldName>Username</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Username</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value>N/A</Value>
<Id>20145</Id>
<FieldId>285</FieldId>
<FieldName>Password</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>true</IsPassword>
<FieldDisplayName>Password</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>20148</Id>
<FieldId>287</FieldId>
<FieldName>Attachment</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Attachment</FieldDisplayName>
</SecretItem>
</Items>
<Id>3456</Id>
<SecretTypeId>6028</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>

94
test/responses/get_secret_with_keys_response.xml → spec/responses/get_secret_with_keys_response.xml
View File

@@ -1,47 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzibar Test Keys</Name>
<Items>
<SecretItem>
<Value />
<Id>15214</Id>
<FieldId>486</FieldId>
<FieldName>Private Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Private Key</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>15215</Id>
<FieldId>487</FieldId>
<FieldName>Public Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Public Key</FieldDisplayName>
</SecretItem>
</Items>
<Id>2345</Id>
<SecretTypeId>6054</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzibar Test Keys</Name>
<Items>
<SecretItem>
<Value />
<Id>15214</Id>
<FieldId>486</FieldId>
<FieldName>Private Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Private Key</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>15215</Id>
<FieldId>487</FieldId>
<FieldName>Public Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Public Key</FieldDisplayName>
</SecretItem>
</Items>
<Id>2345</Id>
<SecretTypeId>6054</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>

1258
test/scrt.wsdl → spec/scrt.wsdl
View File

File diff suppressed because it is too large Load Diff

0
test/spec/spec_helper.rb → spec/spec/spec_helper.rb
View File

18
test/zanzibar_spec.rb → spec/zanzibar_spec.rb
View File

@@ -1,4 +1,4 @@
require '../lib/zanzibar.rb'
require 'zanzibar'
require 'savon'
require 'webmock'
require 'rspec'
@@ -8,14 +8,14 @@ include WebMock::API
describe "Zanzibar Test" do
client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "scrt.wsdl")
auth_xml = File.read('responses/authenticate_response.xml')
secret_xml = File.read('responses/get_secret_response.xml')
secret_with_key_xml = File.read('responses/get_secret_with_keys_response.xml')
secret_with_attachment_xml = File.read('responses/get_secret_with_attachment_response.xml')
private_key_xml = File.read('responses/download_private_key_response.xml')
public_key_xml = File.read('responses/download_public_key_response.xml')
attachment_xml = File.read('responses/attachment_response.xml')
client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "spec/scrt.wsdl")
auth_xml = File.read('spec/responses/authenticate_response.xml')
secret_xml = File.read('spec/responses/get_secret_response.xml')
secret_with_key_xml = File.read('spec/responses/get_secret_with_keys_response.xml')
secret_with_attachment_xml = File.read('spec/responses/get_secret_with_attachment_response.xml')
private_key_xml = File.read('spec/responses/download_private_key_response.xml')
public_key_xml = File.read('spec/responses/download_public_key_response.xml')
attachment_xml = File.read('spec/responses/attachment_response.xml')
it 'should return an auth token' do

2
test/.rspec
View File

@@ -1,2 +0,0 @@
--color
--require spec_helper

1
zanzibar.gemspec
View File

@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
spec.require_paths = ["lib"]
spec.add_dependency "rubyntlm", "~> 0.4.0"
spec.add_development_dependency "bundler", "~> 1.7"
spec.add_development_dependency "rake", "~> 10.0"
spec.add_runtime_dependency "savon", "~> 2.8.0"