Merge pull request #2 from Cimpress-MCP/refactoring

Refactoring

.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec/spec_helper

.travis.yml

@@ -0,0 +1,16 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0
+addons:
+  code_climate:
+    repo_token:
+      secure: "XbKXMtcF/NnFr9JMuJNRzgsUcDcHxGi5jVc2B4HGT4EHDUnOV/06SfTTJMiLz3hgIgH1dpEgt+4cjAzAmZrmZrViY3rOH0MU1f6eAF4+BPMb0JwKYnPxTyPF5RjsWf0aFe6JdYM1S1T7EpP2XUAlV9ppmCYKrYUEa/OAXsz4ruU="
+deploy:
+  provider: rubygems
+  api_key:
+    secure: "CFXaOgtLypVc3/Nn3NFyeTYJ3rR/KNua2FPFHc02h5K/TPm8PMlHsYEB3e9OpithnC5cLqPUUlyZL4Gz7QC4zxX0G4luNVz+ZXdueMk1GBstK9QMsrjOQMKnQTCPaK/3x2/53kuPWMjYSyn5+ICkf/Omq1EVD4YEplhSvIRA9QQ="
+  gem: zanzibar
+  on:
+    tags: true
+    all_branches: true

Gemfile

@@ -1,9 +1,15 @@
 source 'https://rubygems.org'
 
 gem 'savon'
-gem 'savon_spec'
+
-gem 'rspec'
+group :test do
-gem 'webmock'
+  gem 'rake'
+  gem 'savon_spec'
+  gem 'rspec'
+  gem 'webmock'
+  gem "codeclimate-test-reporter"
+  gem 'zanzibar', path: '.'
+end
 
 # Specify your gem's dependencies in zanzibar.gemspec
 gemspec

README.md

@@ -1,5 +1,5 @@
 # Zanzibar
-
+[![Gem Version](https://badge.fury.io/rb/zanzibar.svg)](http://badge.fury.io/rb/zanzibar)
 
 Zanzibar is a utility to retrieve secrets from a Secret Server installation. It supports retrieval of a password, public/private key, or secret attachment.
 
@@ -51,6 +51,20 @@ secrets.download_attachment(:scrt_id => 3456, :path => 'secrets/')
 
 ```
 
+### Command Line
+
+Zanzibar comes bundled with the [`zamioculcas`](http://en.wikipedia.org/wiki/Zamioculcas) command-line utility that can be used for fetching passwords and downloading keys from outside of Ruby.
+
+`Zamioculcas` supports most actions provided by Zanzibar itself. Because it operates on the command-line, it can be used as part of a pipeline or within a bash script.
+
+```bash
+# if you don't pipe in a password, you will be prompted to enter one.
+# this will download the private key from secret 1984 to the current directory
+cat ./local-password | zamioculcas 1984 -s server.example.com -d example.com -t privatekey
+
+ssh user@someremote -i ./private_key
+```
+
 ## Contributing
 
 1. Fork it ( https://github.com/Cimpress-MCP/zanzibar/fork )

Rakefile

@@ -1,10 +1,8 @@
 require "bundler/gem_tasks"
+require "bundler/setup" # load up our gem environment (incl. local zanzibar)
+require 'rspec/core/rake_task'
+require 'zanzibar/version'
 
-task 'test' do
+task :default => [:test]
-  Dir.chdir('test')
-  system("rspec zanzibar_spec.rb")
-end
 
-task 'install_dependencies' do
+RSpec::Core::RakeTask.new(:test)
-  system('bundle install')
-end

bin/zamioculcas

@@ -0,0 +1,70 @@
+#! ruby
+
+require 'zanzibar'
+require 'optparse'
+
+options = {
+  :domain => 'local'
+}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: zamioculcas -d domain [-w wsdl] [-k] [-p] [secret_id]"
+
+  opts.on("-d", "--domain DOMAIN", "Specify domain") do |v|
+    options[:domain] = v
+  end
+
+  opts.on("-w", "--wsdl WSDL", "Specify WSDL location") do |v|
+    options[:wsdl] = v
+  end
+
+  opts.on("-s", "--server SERVER", "Secret server hostname or IP") do |v|
+    options[:server] = v
+  end
+
+  opts.on("-k", "--no-check-certificate", "Don't run SSL certificate checks") do |v|
+    options[:globals] = {:ssl_verify_mode => :none}
+  end
+
+  opts.on("-p", "--password PASSWORD", "Specify password") do |v|
+    options[:pwd] = v
+  end
+
+  opts.on("-t", "--type TYPE", "Specify the type of secret") do |v|
+    options[:type] = v
+  end
+
+  opts.on("-u", "--user USER", "Specify the username") do |v|
+    options[:username] = v
+  end
+  
+end.parse!
+
+raise OptionParser::MissingArgument if options[:server].nil?
+options[:type] = "password" if options[:type].nil?
+
+unless STDIN.tty? || options[:pwd]
+  options[:pwd] = $stdin.read.strip
+end
+
+secret_id = Integer(ARGV.pop)
+if(!secret_id)
+  fail "no secret!"
+end
+
+unless options[:wsdl] || options[:server].nil?
+  options[:wsdl] = "https://#{options[:server]}/webservices/sswebservice.asmx?wsdl"
+end
+
+scrt = Zanzibar::Zanzibar.new(options)
+
+case options[:type]
+when "password"
+  $stdout.write "#{scrt.get_password(secret_id)}\n"
+when "privatekey"
+  scrt.download_private_key(:scrt_id=>secret_id)
+when "publickey"
+  scrt.download_public_key(:scrt_id=>secret_id)
+else
+  $stderr.write "#{options[:type]} is not a known type."
+end

lib/zanzibar.rb

@@ -1,209 +1,188 @@
-require "zanzibar/version"
+require "zanzibar/version"
-require 'savon'
+require 'savon'
-require 'io/console'
+require 'io/console'
-require 'fileutils'
+require 'fileutils'
-
+
-module Zanzibar
+module Zanzibar
-
+
-  ##
+  ##
-  # Class for interacting with Secret Server
+  # Class for interacting with Secret Server
-  class Zanzibar
+  class Zanzibar
-
+
-    ##
+    ##
-    # @param args{:domain, :wsdl, :pwd, :globals{}}
+    # @param args{:domain, :wsdl, :pwd, :username, :globals{}}
-
+
-    def initialize(args = {})
+    def initialize(args = {})
-      if args[:wsdl]
+
-        @@wsdl = args[:wsdl]
+      if args[:username]
-      else
+        @@username = args[:username]
-        @@wsdl = get_wsdl_location
+      else
-      end
+        @@username = ENV['USER']
-      if args[:pwd]
+      end
-          @@password = args[:pwd]
+
-      else
+      if args[:wsdl]
-        @@password = prompt_for_password
+        @@wsdl = args[:wsdl]
-      end
+      else
-      if args[:domain]
+        @@wsdl = get_wsdl_location
-        @@domain = args[:domain]
+      end
-      else
+      if args[:pwd]
-        @@domain = prompt_for_domain
+          @@password = args[:pwd]
-      end
+      else
-      args[:globals] = {} unless args[:globals]
+        @@password = prompt_for_password
-      init_client(args[:globals])
+      end
-    end
+      if args[:domain]
-
+        @@domain = args[:domain]
-    ## Initializes the Savon client class variable with the wdsl document location and optional global variables
+      else
-    # @param globals{}, optional
+        @@domain = prompt_for_domain
-
+      end
-    def init_client(globals = {})
+      args[:globals] = {} unless args[:globals]
-      globals = {} if globals == nil
+      init_client(args[:globals])
-      @@client = Savon.client(globals) do
+    end
-        wsdl @@wsdl
+
-      end
+    ## Initializes the Savon client class variable with the wdsl document location and optional global variables
-    end
+    # @param globals{}, optional
-
+
-    ## Gets the user's password if none is provided in the constructor.
+    def init_client(globals = {})
-    # @return [String] the password for the current user
+      globals = {} if globals == nil
-
+      @@client = Savon.client(globals) do
-    def prompt_for_password
+        wsdl @@wsdl
-      puts "Please enter password for #{ENV['USER']}:"
+      end
-      return STDIN.noecho(&:gets).chomp
+    end
-    end
+
-
+    ## Gets the user's password if none is provided in the constructor.
-    ## Gets the wsdl document location if none is provided in the constructor
+    # @return [String] the password for the current user
-    # @return [String] the location of the WDSL document
+
-
+    def prompt_for_password
-    def get_wsdl_location
+      puts "Please enter password for #{@@username}:"
-      puts "Enter the URL of the Secret Server WSDL:"
+      return STDIN.noecho(&:gets).chomp
-      return STDIN.gets.chomp
+    end
-    end
+
-
+    ## Gets the wsdl document location if none is provided in the constructor
-    ## Gets the domain of the Secret Server installation if none is provided in the constructor
+    # @return [String] the location of the WDSL document
-    # @return [String] the domain of the secret server installation
+
-
+    def prompt_for_wsdl_location
-    def prompt_for_domain
+      puts "Enter the URL of the Secret Server WSDL:"
-      puts "Enter the domain of your Secret Server:"
+      return STDIN.gets.chomp
-      return STDIN.gets.chomp
+    end
-    end
+
-
+    ## Gets the domain of the Secret Server installation if none is provided in the constructor
-
+    # @return [String] the domain of the secret server installation
-    ## Get an authentication token for interacting with Secret Server. These are only good for about 10 minutes so just get a new one each time.
+
-    # Will raise an error if there is an issue with the authentication.
+    def prompt_for_domain
-    # @return the authentication token for the current user.
+      puts "Enter the domain of your Secret Server:"
-
+      return STDIN.gets.chomp
-    def get_token
+    end
-      begin
+
-        response = @@client.call(:authenticate, message: { username: ENV['USER'], password: @@password, organization: "", domain: @@domain }).hash
+
-        if response[:envelope][:body][:authenticate_response][:authenticate_result][:errors]
+    ## Get an authentication token for interacting with Secret Server. These are only good for about 10 minutes so just get a new one each time.
-          raise "Error generating the authentication token for user #{ENV['USER']}: #{response[:envelope][:body][:authenticate_response][:authenticate_result][:errors][:string]}"
+    # Will raise an error if there is an issue with the authentication.
-        end
+    # @return the authentication token for the current user.
-        response[:envelope][:body][:authenticate_response][:authenticate_result][:token]
+
-      rescue Savon::Error => err
+    def get_token
-        raise "There was an error generating the authentiaton token for user #{ENV['USER']}: #{err}"
+      begin
-      end
+        response = @@client.call(:authenticate, message: { username: @@username, password: @@password, organization: "", domain: @@domain })
-    end
+          .hash[:envelope][:body][:authenticate_response][:authenticate_result]
-
+        raise "Error generating the authentication token for user #{@@username}: #{response[:errors][:string]}"  if response[:errors]
-    ## Get a secret returned as a hash
+        response[:token]
-    # Will raise an error if there was an issue getting the secret
+      rescue Savon::Error => err
-    # @param [Integer] the secret id
+        raise "There was an error generating the authentiaton token for user #{@@username}: #{err}"
-    # @return [Hash] the secret hash retrieved from the wsdl
+      end
-
+    end
-    def get_secret(scrt_id, token = nil)
+
-      begin
+    ## Get a secret returned as a hash
-        secret = @@client.call(:get_secret, message: { token: token || get_token, secretId: scrt_id}).hash
+    # Will raise an error if there was an issue getting the secret
-        if secret[:envelope][:body][:get_secret_response][:get_secret_result][:errors]
+    # @param [Integer] the secret id
-          raise "There was an error getting secret #{scrt_id}: #{secret[:envelope][:body][:get_secret_response][:get_secret_result][:errors][:string]}"
+    # @return [Hash] the secret hash retrieved from the wsdl
-        end
+
-        return secret
+    def get_secret(scrt_id, token = nil)
-      rescue Savon::Error => err
+      begin
-        raise "There was an error getting the secret with id #{scrt_id}: #{err}"
+        secret = @@client.call(:get_secret, message: { token: token || get_token, secretId: scrt_id}).hash[:envelope][:body][:get_secret_response][:get_secret_result]
-      end
+        raise "There was an error getting secret #{scrt_id}: #{secret[:errors][:string]}" if secret[:errors]
-    end
+        return secret
-
+      rescue Savon::Error => err
-    ## Retrieve a simple password from a secret
+        raise "There was an error getting the secret with id #{scrt_id}: #{err}"
-    # Will raise an error if there are any issues
+      end
-    # @param [Integer] the secret id
+    end
-    # @return [String] the password for the given secret
+
-
+    ## Retrieve a simple password from a secret
-    def get_password(scrt_id)
+    # Will raise an error if there are any issues
-      begin
+    # @param [Integer] the secret id
-        secret = get_secret(scrt_id)
+    # @return [String] the password for the given secret
-        return secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item][1][:value]
+
-      rescue Savon::Error => err
+    def get_password(scrt_id)
-        raise "There was an error getting the password for secret #{scrt_id}: #{err}"
+      begin
-      end
+        secret = get_secret(scrt_id)
-    end
+        secret_items = secret[:secret][:items][:secret_item]
-
+        return get_secret_item_by_field_name(secret_items,"Password")[:value]
-    ## Get the secret item id that relates to a key file or attachment.
+      rescue Savon::Error => err
-    # Will raise on error
+        raise "There was an error getting the password for secret #{scrt_id}: #{err}"
-    # @param [Integer] the secret id
+      end
-    # @param [String] the type of secret item to get, one of privatekey, publickey, attachment
+    end
-    # @return [Integer] the secret item id
+
-
+    def write_secret_to_file(path, secret_response)
-    def get_scrt_item_id(scrt_id, type, token)
+      File.open(File.join(path, secret_response[:file_name]), 'wb') do |file|
-      secret = get_secret(scrt_id, token)
+        file.puts Base64.decode64(secret_response[:file_attachment])
-      case type
+      end
-        when 'privatekey'
+    end
-          ## Get private key item id
+
-          secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
+    def get_secret_item_by_field_name(secret_items, field_name)
-            return item[:id] if item[:field_name] == 'Private Key'
+      secret_items.each do |item|
-          end
+        return item if item[:field_name] == field_name
-        when 'publickey'
+      end
-          ## Get public key item id
+    end
-          secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
+
-            return item[:id] if item[:field_name] == 'Public Key'
+    ## Get the secret item id that relates to a key file or attachment.
-          end
+    # Will raise on error
-        when 'attachment'
+    # @param [Integer] the secret id
-          ## Get attachment item id. This currently only supports secrets with one attachment.
+    # @param [String] the type of secret item to get, one of privatekey, publickey, attachment
-          secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
+    # @return [Integer] the secret item id
-            return item[:id] if item[:field_name] == 'Attachment'
+
-          end
+    def get_scrt_item_id(scrt_id, type, token)
-        else
+      secret = get_secret(scrt_id, token)
-          raise "Unknown type, #{type}."
+      secret_items = secret[:secret][:items][:secret_item]
-        end
+      begin
-    end
+        return get_secret_item_by_field_name(secret_items, type)[:id]
-
+      rescue
-    ## Downloads the private key for a secret and places it where Zanzibar is running, or :path if specified
+        raise "Unknown type, #{type}."
-    # Raise on error
+      end
-    # @param [Hash] args, :scrt_id, :scrt_item_id - optional, :path - optional
+    end
-
+
-    def download_private_key(args = {})
+    ## Downloads a file for a secret and places it where Zanzibar is running, or :path if specified
-      token = get_token
+    # Raise on error
-      FileUtils.mkdir_p(args[:path]) if args[:path]
+    # @param [Hash] args, :scrt_id, :type (one of "Private Key", "Public Key", "Attachment"), :scrt_item_id - optional, :path - optional
-      path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
+
-      begin
+
-        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'privatekey', token)}).hash
+    def download_secret_file(args = {})
-        if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
+      token = get_token
-          raise "There was an error getting the private key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
+      FileUtils.mkdir_p(args[:path]) if args[:path]
-        end
+      path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
-        File.open(File.join(path, response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_name]), 'wb') do |file|
+      begin
-          file.puts Base64.decode64(response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_attachment])
+        response = @@client.call(:download_file_attachment_by_item_id, message:
-        end
+          { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], args[:type], token)})
-      rescue Savon::Error => err
+            .hash[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result]
-        raise "There was an error getting the private key for secret #{args[:scrt_id]}: #{err}"
+        raise "There was an error getting the #{args[:type]} for secret #{args[:scrt_id]}: #{response[:errors][:string]}"  if response[:errors]
-      end
+        write_secret_to_file(path, response)
-    end
+      rescue Savon::Error => err
-
+        raise "There was an error getting the #{args[:type]} for secret #{args[:scrt_id]}: #{err}"
-    ## Downloads the public key for a secret and places it where Zanzibar is running, or :path if specified
+      end
-    # Raise on error
+    end
-    # @param [Hash] args, :scrt_id, :scrt_item_id - optional, :path - optional
+
-
+
-    def download_public_key(args = {})
+    ## Methods to maintain backwards compatibility
-      token = get_token
+    def download_private_key(args = {})
-      FileUtils.mkdir_p(args[:path]) if args[:path]
+      args[:type] = 'Private Key'
-      path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
+      download_secret_file(args)
-      begin
+    end
-        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'publickey', token)}).hash
+
-        if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
+    def download_public_key(args = {})
-          raise "There was an error getting the public key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
+      args[:type] = 'Public Key'
-      end
+      download_secret_file(args)
-        File.open(File.join(path, response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_name]), 'wb') do |file|
+    end
-          file.puts Base64.decode64(response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_attachment])
+
-        end
+    def download_attachment(args = {})
-      rescue Savon::Error => err
+      args[:type] = 'Attachment'
-        raise "There was an error getting the public key for secret #{args[:scrt_id]}: #{err}"
+      download_secret_file(args)
-      end
+    end
-    end
+
-
+  end
-    ## Downloads an attachment for a secret and places it where Zanzibar is running, or :path if specified
+end
-    # Raise on error
-    # @param [Hash] args, :scrt_id, :scrt_item_id - optional, :path - optional
-
-    def download_attachment(args = {})
-      token = get_token
-      FileUtils.mkdir_p(args[:path]) if args[:path]
-      path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
-      begin
-        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'attachment', token)}).hash
-        if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
-          raise "There was an error getting the attachment for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
-      end
-        File.open(File.join(path, response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_name]), 'wb') do |file|
-          file.puts Base64.decode64(response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_attachment])
-        end
-      rescue Savon::Error => err
-        raise "There was an error getting the attachment from secret #{args[:scrt_id]}: #{err}"
-      end
-    end
-  end
-end

lib/zanzibar/version.rb

@@ -1,3 +1,3 @@
-module Zanzibar
+module Zanzibar
-  VERSION = "0.0.8"
+  VERSION = "0.1.10"
-end
+end

spec/responses/attachment_response.xml

@@ -1,12 +1,12 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
-<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-  <soap:Body>
+  <soap:Body>
-    <DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
+    <DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
-      <DownloadFileAttachmentByItemIdResult>
+      <DownloadFileAttachmentByItemIdResult>
-        <Errors />
+        <Errors />
-        <FileAttachment>SSBhbSBhIHNlY3JldCBhdHRhY2htZW50</FileAttachment>
+        <FileAttachment>SSBhbSBhIHNlY3JldCBhdHRhY2htZW50</FileAttachment>
-        <FileName>attachment.txt</FileName>
+        <FileName>attachment.txt</FileName>
-      </DownloadFileAttachmentByItemIdResult>
+      </DownloadFileAttachmentByItemIdResult>
-    </DownloadFileAttachmentByItemIdResponse>
+    </DownloadFileAttachmentByItemIdResponse>
-  </soap:Body>
+  </soap:Body>
-</soap:Envelope>
+</soap:Envelope>

spec/responses/download_private_key_response.xml

@@ -1,12 +1,12 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
-<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-  <soap:Body>
+  <soap:Body>
-    <DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
+    <DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
-      <DownloadFileAttachmentByItemIdResult>
+      <DownloadFileAttachmentByItemIdResult>
-        <Errors />
+        <Errors />
-        <FileAttachment>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkgLS0tLS0KemFuemliYXJUZXN0UGFzc3dvcmQKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</FileAttachment>
+        <FileAttachment>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkgLS0tLS0KemFuemliYXJUZXN0UGFzc3dvcmQKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</FileAttachment>
-        <FileName>zanzi_key</FileName>
+        <FileName>zanzi_key</FileName>
-      </DownloadFileAttachmentByItemIdResult>
+      </DownloadFileAttachmentByItemIdResult>
-    </DownloadFileAttachmentByItemIdResponse>
+    </DownloadFileAttachmentByItemIdResponse>
-  </soap:Body>
+  </soap:Body>
-</soap:Envelope>
+</soap:Envelope>

spec/responses/get_secret_with_attachment_response.xml

@@ -1,57 +1,57 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
-<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-  <soap:Body>
+  <soap:Body>
-    <GetSecretResponse xmlns="urn:thesecretserver.com">
+    <GetSecretResponse xmlns="urn:thesecretserver.com">
-      <GetSecretResult>
+      <GetSecretResult>
-        <Errors />
+        <Errors />
-        <Secret>
+        <Secret>
-          <Name>Zanzi Secret Attachment</Name>
+          <Name>Zanzi Secret Attachment</Name>
-          <Items>
+          <Items>
-            <SecretItem>
+            <SecretItem>
-              <Value>N/A</Value>
+              <Value>N/A</Value>
-              <Id>20144</Id>
+              <Id>20144</Id>
-              <FieldId>284</FieldId>
+              <FieldId>284</FieldId>
-              <FieldName>Username</FieldName>
+              <FieldName>Username</FieldName>
-              <IsFile>false</IsFile>
+              <IsFile>false</IsFile>
-              <IsNotes>false</IsNotes>
+              <IsNotes>false</IsNotes>
-              <IsPassword>false</IsPassword>
+              <IsPassword>false</IsPassword>
-              <FieldDisplayName>Username</FieldDisplayName>
+              <FieldDisplayName>Username</FieldDisplayName>
-            </SecretItem>
+            </SecretItem>
-            <SecretItem>
+            <SecretItem>
-              <Value>N/A</Value>
+              <Value>N/A</Value>
-              <Id>20145</Id>
+              <Id>20145</Id>
-              <FieldId>285</FieldId>
+              <FieldId>285</FieldId>
-              <FieldName>Password</FieldName>
+              <FieldName>Password</FieldName>
-              <IsFile>false</IsFile>
+              <IsFile>false</IsFile>
-              <IsNotes>false</IsNotes>
+              <IsNotes>false</IsNotes>
-              <IsPassword>true</IsPassword>
+              <IsPassword>true</IsPassword>
-              <FieldDisplayName>Password</FieldDisplayName>
+              <FieldDisplayName>Password</FieldDisplayName>
-            </SecretItem>
+            </SecretItem>
-            <SecretItem>
+            <SecretItem>
-              <Value />
+              <Value />
-              <Id>20148</Id>
+              <Id>20148</Id>
-              <FieldId>287</FieldId>
+              <FieldId>287</FieldId>
-              <FieldName>Attachment</FieldName>
+              <FieldName>Attachment</FieldName>
-              <IsFile>true</IsFile>
+              <IsFile>true</IsFile>
-              <IsNotes>false</IsNotes>
+              <IsNotes>false</IsNotes>
-              <IsPassword>false</IsPassword>
+              <IsPassword>false</IsPassword>
-              <FieldDisplayName>Attachment</FieldDisplayName>
+              <FieldDisplayName>Attachment</FieldDisplayName>
-            </SecretItem>
+            </SecretItem>
-          </Items>
+          </Items>
-          <Id>3456</Id>
+          <Id>3456</Id>
-          <SecretTypeId>6028</SecretTypeId>
+          <SecretTypeId>6028</SecretTypeId>
-          <FolderId>85</FolderId>
+          <FolderId>85</FolderId>
-          <IsWebLauncher>false</IsWebLauncher>
+          <IsWebLauncher>false</IsWebLauncher>
-          <Active>true</Active>
+          <Active>true</Active>
-          <CheckOutMinutesRemaining xsi:nil="true" />
+          <CheckOutMinutesRemaining xsi:nil="true" />
-          <IsCheckedOut xsi:nil="true" />
+          <IsCheckedOut xsi:nil="true" />
-          <CheckOutUserDisplayName />
+          <CheckOutUserDisplayName />
-          <CheckOutUserId xsi:nil="true" />
+          <CheckOutUserId xsi:nil="true" />
-          <IsOutOfSync xsi:nil="true" />
+          <IsOutOfSync xsi:nil="true" />
-          <IsRestricted>false</IsRestricted>
+          <IsRestricted>false</IsRestricted>
-          <OutOfSyncReason />
+          <OutOfSyncReason />
-        </Secret>
+        </Secret>
-      </GetSecretResult>
+      </GetSecretResult>
-    </GetSecretResponse>
+    </GetSecretResponse>
-  </soap:Body>
+  </soap:Body>
-</soap:Envelope>
+</soap:Envelope>

spec/responses/get_secret_with_keys_response.xml

@@ -1,47 +1,47 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
-<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-  <soap:Body>
+  <soap:Body>
-    <GetSecretResponse xmlns="urn:thesecretserver.com">
+    <GetSecretResponse xmlns="urn:thesecretserver.com">
-      <GetSecretResult>
+      <GetSecretResult>
-        <Errors />
+        <Errors />
-        <Secret>
+        <Secret>
-          <Name>Zanzibar Test Keys</Name>
+          <Name>Zanzibar Test Keys</Name>
-          <Items>
+          <Items>
-            <SecretItem>
+            <SecretItem>
-              <Value />
+              <Value />
-              <Id>15214</Id>
+              <Id>15214</Id>
-              <FieldId>486</FieldId>
+              <FieldId>486</FieldId>
-              <FieldName>Private Key</FieldName>
+              <FieldName>Private Key</FieldName>
-              <IsFile>true</IsFile>
+              <IsFile>true</IsFile>
-              <IsNotes>false</IsNotes>
+              <IsNotes>false</IsNotes>
-              <IsPassword>false</IsPassword>
+              <IsPassword>false</IsPassword>
-              <FieldDisplayName>Private Key</FieldDisplayName>
+              <FieldDisplayName>Private Key</FieldDisplayName>
-            </SecretItem>
+            </SecretItem>
-            <SecretItem>
+            <SecretItem>
-              <Value />
+              <Value />
-              <Id>15215</Id>
+              <Id>15215</Id>
-              <FieldId>487</FieldId>
+              <FieldId>487</FieldId>
-              <FieldName>Public Key</FieldName>
+              <FieldName>Public Key</FieldName>
-              <IsFile>true</IsFile>
+              <IsFile>true</IsFile>
-              <IsNotes>false</IsNotes>
+              <IsNotes>false</IsNotes>
-              <IsPassword>false</IsPassword>
+              <IsPassword>false</IsPassword>
-              <FieldDisplayName>Public Key</FieldDisplayName>
+              <FieldDisplayName>Public Key</FieldDisplayName>
-            </SecretItem>
+            </SecretItem>
-          </Items>
+          </Items>
-          <Id>2345</Id>
+          <Id>2345</Id>
-          <SecretTypeId>6054</SecretTypeId>
+          <SecretTypeId>6054</SecretTypeId>
-          <FolderId>85</FolderId>
+          <FolderId>85</FolderId>
-          <IsWebLauncher>false</IsWebLauncher>
+          <IsWebLauncher>false</IsWebLauncher>
-          <Active>true</Active>
+          <Active>true</Active>
-          <CheckOutMinutesRemaining xsi:nil="true" />
+          <CheckOutMinutesRemaining xsi:nil="true" />
-          <IsCheckedOut xsi:nil="true" />
+          <IsCheckedOut xsi:nil="true" />
-          <CheckOutUserDisplayName />
+          <CheckOutUserDisplayName />
-          <CheckOutUserId xsi:nil="true" />
+          <CheckOutUserId xsi:nil="true" />
-          <IsOutOfSync xsi:nil="true" />
+          <IsOutOfSync xsi:nil="true" />
-          <IsRestricted>false</IsRestricted>
+          <IsRestricted>false</IsRestricted>
-          <OutOfSyncReason />
+          <OutOfSyncReason />
-        </Secret>
+        </Secret>
-      </GetSecretResult>
+      </GetSecretResult>
-    </GetSecretResponse>
+    </GetSecretResponse>
-  </soap:Body>
+  </soap:Body>
-</soap:Envelope>
+</soap:Envelope>

spec/spec/spec_helper.rb

@@ -15,6 +15,9 @@
 #
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 require 'webmock/rspec'
+require "codeclimate-test-reporter"
+CodeClimate::TestReporter.start
+
 RSpec.configure do |config|
   # rspec-expectations config goes here. You can use an alternate
   # assertion/expectation library such as wrong or the stdlib/minitest
@@ -39,6 +42,10 @@ RSpec.configure do |config|
     mocks.verify_partial_doubles = true
   end
 
+  config.after(:suite) do
+    WebMock.disable_net_connect!(:allow => 'codeclimate.com')
+  end
+  
 # The settings below are suggested to provide a good initial experience
 # with RSpec, but feel free to customize to your heart's content.
 =begin

spec/zanzibar_spec.rb

@@ -0,0 +1,116 @@
+require 'zanzibar'
+require 'savon'
+require 'webmock'
+require 'rspec'
+require 'webmock/rspec'
+
+include WebMock::API
+
+describe "Zanzibar Test" do
+
+  client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "spec/scrt.wsdl")
+  auth_xml = File.read('spec/responses/authenticate_response.xml')
+  secret_xml = File.read('spec/responses/get_secret_response.xml')
+  secret_with_key_xml = File.read('spec/responses/get_secret_with_keys_response.xml')
+  secret_with_attachment_xml = File.read('spec/responses/get_secret_with_attachment_response.xml')
+  private_key_xml = File.read('spec/responses/download_private_key_response.xml')
+  public_key_xml = File.read('spec/responses/download_public_key_response.xml')
+  attachment_xml = File.read('spec/responses/attachment_response.xml')
+
+
+  it 'should return an auth token' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200)
+
+    expect(client.get_token).to eq("imatoken")
+  end
+
+  it 'should get a secret' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200).then.
+        to_return(:body => secret_xml, :status => 200)
+
+    expect(client.get_secret(1234)[:secret][:name]).to eq("Zanzi Test Secret")
+  end
+
+  it 'should get a password' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200).then.
+        to_return(:body => secret_xml, :status => 200)
+
+    expect(client.get_password(1234)).to eq("zanziUserPassword")
+  end
+
+  it 'should download a private key' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200).then.
+          to_return(:body => secret_with_key_xml, :status => 200).then.
+            to_return(:body => private_key_xml, :status => 200)
+
+      client.download_secret_file(:scrt_id => 2345, :type => 'Private Key')
+      expect(File.exist? 'zanzi_key')
+      expect(File.read('zanzi_key')).to eq("-----BEGIN RSA PRIVATE KEY -----\nzanzibarTestPassword\n-----END RSA PRIVATE KEY-----\n")
+      File.delete('zanzi_key')
+    end
+
+    it 'should download a private key legacy' do
+      stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+        to_return(:body => auth_xml, :status => 200).then.
+            to_return(:body => secret_with_key_xml, :status => 200).then.
+              to_return(:body => private_key_xml, :status => 200)
+
+        client.download_private_key(:scrt_id => 2345)
+        expect(File.exist? 'zanzi_key')
+        expect(File.read('zanzi_key')).to eq("-----BEGIN RSA PRIVATE KEY -----\nzanzibarTestPassword\n-----END RSA PRIVATE KEY-----\n")
+        File.delete('zanzi_key')
+      end
+
+
+  it 'should download a public key' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200).then.
+          to_return(:body => secret_with_key_xml, :status => 200).then.
+            to_return(:body => public_key_xml, :status => 200)
+
+      client.download_secret_file(:scrt_id => 2345, :type => 'Public Key')
+      expect(File.exist? 'zanzi_key.pub')
+      expect(File.read('zanzi_key.pub')).to eq("1234PublicKey5678==\n")
+      File.delete('zanzi_key.pub')
+    end
+
+    it 'should download a public key legacy' do
+      stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+        to_return(:body => auth_xml, :status => 200).then.
+            to_return(:body => secret_with_key_xml, :status => 200).then.
+              to_return(:body => public_key_xml, :status => 200)
+
+        client.download_public_key(:scrt_id => 2345)
+        expect(File.exist? 'zanzi_key.pub')
+        expect(File.read('zanzi_key.pub')).to eq("1234PublicKey5678==\n")
+        File.delete('zanzi_key.pub')
+      end
+
+  it 'should download an attachment' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200).then.
+          to_return(:body => secret_with_attachment_xml, :status => 200).then.
+            to_return(:body => attachment_xml, :status => 200)
+
+    client.download_secret_file(:scrt_id => 3456, :type => 'Attachment')
+    expect(File.exist? 'attachment.txt')
+    expect(File.read('attachment.txt')).to eq("I am a secret attachment\n")
+    File.delete('attachment.txt')
+  end
+
+  it 'should download an attachment legacy' do
+    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
+      to_return(:body => auth_xml, :status => 200).then.
+          to_return(:body => secret_with_attachment_xml, :status => 200).then.
+            to_return(:body => attachment_xml, :status => 200)
+
+    client.download_attachment(:scrt_id => 3456)
+    expect(File.exist? 'attachment.txt')
+    expect(File.read('attachment.txt')).to eq("I am a secret attachment\n")
+    File.delete('attachment.txt')
+  end
+end

test/.rspec

@@ -1,2 +0,0 @@
---color
---require spec_helper

test/zanzibar_spec.rb

@@ -1,80 +0,0 @@
-require '../lib/zanzibar.rb'
-require 'savon'
-require 'webmock'
-require 'rspec'
-require 'webmock/rspec'
-
-include WebMock::API
-
-describe "Zanzibar Test" do
-
-  client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "scrt.wsdl")
-  auth_xml = File.read('responses/authenticate_response.xml')
-  secret_xml = File.read('responses/get_secret_response.xml')
-  secret_with_key_xml = File.read('responses/get_secret_with_keys_response.xml')
-  secret_with_attachment_xml = File.read('responses/get_secret_with_attachment_response.xml')
-  private_key_xml = File.read('responses/download_private_key_response.xml')
-  public_key_xml = File.read('responses/download_public_key_response.xml')
-  attachment_xml = File.read('responses/attachment_response.xml')
-
-
-  it 'should return an auth token' do
-    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
-      to_return(:body => auth_xml, :status => 200)
-
-    expect(client.get_token).to eq("imatoken")
-  end
-
-  it 'should get a secret' do
-    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
-      to_return(:body => auth_xml, :status => 200).then.
-        to_return(:body => secret_xml, :status => 200)
-
-    expect(client.get_secret(1234)[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:name]).to eq("Zanzi Test Secret")
-  end
-
-  it 'should get a password' do
-    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
-      to_return(:body => auth_xml, :status => 200).then.
-        to_return(:body => secret_xml, :status => 200)
-
-    expect(client.get_password(1234)).to eq("zanziUserPassword")
-  end
-
-  it 'should download a private key' do
-    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
-      to_return(:body => auth_xml, :status => 200).then.
-          to_return(:body => secret_with_key_xml, :status => 200).then.
-            to_return(:body => private_key_xml, :status => 200)
-
-      client.download_private_key(:scrt_id => 2345)
-      expect(File.exist? 'zanzi_key')
-      expect(File.read('zanzi_key')).to eq("-----BEGIN RSA PRIVATE KEY -----\nzanzibarTestPassword\n-----END RSA PRIVATE KEY-----\n")
-      File.delete('zanzi_key')
-    end
-
-
-  it 'should download a public key' do
-    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
-      to_return(:body => auth_xml, :status => 200).then.
-          to_return(:body => secret_with_key_xml, :status => 200).then.
-            to_return(:body => public_key_xml, :status => 200)
-
-      client.download_public_key(:scrt_id => 2345)
-      expect(File.exist? 'zanzi_key.pub')
-      expect(File.read('zanzi_key.pub')).to eq("1234PublicKey5678==\n")
-      File.delete('zanzi_key.pub')
-    end
-
-  it 'should download an attachment' do
-    stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
-      to_return(:body => auth_xml, :status => 200).then.
-          to_return(:body => secret_with_attachment_xml, :status => 200).then.
-            to_return(:body => attachment_xml, :status => 200)
-
-    client.download_attachment(:scrt_id => 3456)
-    expect(File.exist? 'attachment.txt')
-    expect(File.read('attachment.txt')).to eq("I am a secret attachment\n")
-    File.delete('attachment.txt')
-  end
-end

zanzibar.gemspec

@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
+  spec.add_dependency "rubyntlm", "~> 0.4.0"
   spec.add_development_dependency "bundler", "~> 1.7"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_runtime_dependency "savon", "~> 2.8.0"