TerribleDev/zanzibar
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: TerribleDev:v0.0.8
Branches Tags
TerribleDev:master
TerribleDev:v0.2.0 TerribleDev:v0.1.27 TerribleDev:v0.1.24 TerribleDev:v0.1.23 TerribleDev:v0.1.22 TerribleDev:v0.1.21 TerribleDev:0.1.20 TerribleDev:0.1.19 TerribleDev:0.1.18 TerribleDev:0.1.17 TerribleDev:0.1.16 TerribleDev:0.1.15 TerribleDev:0.1.13 TerribleDev:0.1.12 TerribleDev:0.1.11 TerribleDev:0.1.10 TerribleDev:0.1.9 TerribleDev:v0.0.8
...
compare: TerribleDev:0.1.10
Branches Tags
TerribleDev:master
TerribleDev:v0.2.0 TerribleDev:v0.1.27 TerribleDev:v0.1.24 TerribleDev:v0.1.23 TerribleDev:v0.1.22 TerribleDev:v0.1.21 TerribleDev:0.1.20 TerribleDev:0.1.19 TerribleDev:0.1.18 TerribleDev:0.1.17 TerribleDev:0.1.16 TerribleDev:0.1.15 TerribleDev:0.1.13 TerribleDev:0.1.12 TerribleDev:0.1.11 TerribleDev:0.1.10 TerribleDev:0.1.9 TerribleDev:v0.0.8

16 Commits
v0.0.8 ... 0.1.10

Author SHA1 Message Date
Jason Davis-Cooke
b2e4aaa5e1 Merge pull request #2 from Cimpress-MCP/refactoring 
Refactoring
 2015-01-15 14:33:54 -05:00
Jason Davis-Cooke
fce5fc4d08 Maintain backwards compatibility, add legacy tests, some readability improvements 2015-01-15 14:08:50 -05:00
Jason Davis-Cooke
10cfad0a5d Reduce duplication 2015-01-15 13:41:19 -05:00
Jason Davis-Cooke
8b889dfd96 version bump 2015-01-15 13:08:31 -05:00
Jason Davis-Cooke
c542b56a5a Refactoring 2015-01-15 13:03:22 -05:00
Jason Davis-Cooke
d69123471b Update travis to publish on tags 2015-01-15 09:56:55 -05:00
Jason Davis-Cooke
44d9c34e91 Update version number after merging PR, update repo token 2015-01-15 09:50:01 -05:00
Jason Davis-Cooke
03e60e3206 Merge pull request #1 from maclennann/master 
Zamioculcas bin + project structure stuff
 2015-01-15 09:21:32 -05:00
Norm MacLennan
60f987718a zamioculcas readme 2015-01-15 09:09:09 -05:00
Norm MacLennan
a7ab8e3c02 removing redundant rake task 2015-01-15 08:28:13 -05:00
Norm MacLennan
06fac7ffb6 whitelist code climate 2015-01-15 08:02:17 -05:00
Norm MacLennan
c6ca1d6cb8 code climate setup 2015-01-15 07:57:50 -05:00
Norm MacLennan
10601fc927 test fewer rubies 2015-01-15 07:36:25 -05:00
Norm MacLennan
da0c27da54 make test the default rake task 2015-01-15 07:28:00 -05:00
Norm MacLennan
adae2dcdcc bit of refactoring and adding zamioculcas bin 2015-01-15 07:24:14 -05:00
Jason Davis-Cooke
0328ebd878 Update README.md 2015-01-13 13:28:04 -05:00
21 changed files with 1189 additions and 1062 deletions
Expand all files Collapse all files

2
.rspec Normal file
View File

@@ -0,0 +1,2 @@
--color
--require spec/spec_helper

16
.travis.yml Normal file
View File

@@ -0,0 +1,16 @@
language: ruby
rvm:
- 1.9.3
- 2.0.0
addons:
code_climate:
repo_token:
secure: "XbKXMtcF/NnFr9JMuJNRzgsUcDcHxGi5jVc2B4HGT4EHDUnOV/06SfTTJMiLz3hgIgH1dpEgt+4cjAzAmZrmZrViY3rOH0MU1f6eAF4+BPMb0JwKYnPxTyPF5RjsWf0aFe6JdYM1S1T7EpP2XUAlV9ppmCYKrYUEa/OAXsz4ruU="
deploy:
provider: rubygems
api_key:
secure: "CFXaOgtLypVc3/Nn3NFyeTYJ3rR/KNua2FPFHc02h5K/TPm8PMlHsYEB3e9OpithnC5cLqPUUlyZL4Gz7QC4zxX0G4luNVz+ZXdueMk1GBstK9QMsrjOQMKnQTCPaK/3x2/53kuPWMjYSyn5+ICkf/Omq1EVD4YEplhSvIRA9QQ="
gem: zanzibar
on:
tags: true
all_branches: true

12
Gemfile
View File

@@ -1,9 +1,15 @@
source 'https://rubygems.org'
gem 'savon'
gem 'savon_spec'
gem 'rspec'
gem 'webmock'
group :test do
gem 'rake'
gem 'savon_spec'
gem 'rspec'
gem 'webmock'
gem "codeclimate-test-reporter"
gem 'zanzibar', path: '.'
end
# Specify your gem's dependencies in zanzibar.gemspec
gemspec

16
README.md
View File

@@ -1,5 +1,5 @@
# Zanzibar
[![Gem Version](https://badge.fury.io/rb/zanzibar.svg)](http://badge.fury.io/rb/zanzibar)
Zanzibar is a utility to retrieve secrets from a Secret Server installation. It supports retrieval of a password, public/private key, or secret attachment.
@@ -51,6 +51,20 @@ secrets.download_attachment(:scrt_id => 3456, :path => 'secrets/')
```
### Command Line
Zanzibar comes bundled with the [`zamioculcas`](http://en.wikipedia.org/wiki/Zamioculcas) command-line utility that can be used for fetching passwords and downloading keys from outside of Ruby.
`Zamioculcas` supports most actions provided by Zanzibar itself. Because it operates on the command-line, it can be used as part of a pipeline or within a bash script.
```bash
# if you don't pipe in a password, you will be prompted to enter one.
# this will download the private key from secret 1984 to the current directory
cat ./local-password | zamioculcas 1984 -s server.example.com -d example.com -t privatekey
ssh user@someremote -i ./private_key
```
## Contributing
1. Fork it ( https://github.com/Cimpress-MCP/zanzibar/fork )

12
Rakefile
View File

@@ -1,10 +1,8 @@
require "bundler/gem_tasks"
require "bundler/setup" # load up our gem environment (incl. local zanzibar)
require 'rspec/core/rake_task'
require 'zanzibar/version'
task 'test' do
Dir.chdir('test')
system("rspec zanzibar_spec.rb")
end
task :default => [:test]
task 'install_dependencies' do
system('bundle install')
end
RSpec::Core::RakeTask.new(:test)

70
bin/zamioculcas Normal file
View File

@@ -0,0 +1,70 @@
#! ruby
require 'zanzibar'
require 'optparse'
options = {
:domain => 'local'
}
OptionParser.new do |opts|
opts.banner = "Usage: zamioculcas -d domain [-w wsdl] [-k] [-p] [secret_id]"
opts.on("-d", "--domain DOMAIN", "Specify domain") do |v|
options[:domain] = v
end
opts.on("-w", "--wsdl WSDL", "Specify WSDL location") do |v|
options[:wsdl] = v
end
opts.on("-s", "--server SERVER", "Secret server hostname or IP") do |v|
options[:server] = v
end
opts.on("-k", "--no-check-certificate", "Don't run SSL certificate checks") do |v|
options[:globals] = {:ssl_verify_mode => :none}
end
opts.on("-p", "--password PASSWORD", "Specify password") do |v|
options[:pwd] = v
end
opts.on("-t", "--type TYPE", "Specify the type of secret") do |v|
options[:type] = v
end
opts.on("-u", "--user USER", "Specify the username") do |v|
options[:username] = v
end
end.parse!
raise OptionParser::MissingArgument if options[:server].nil?
options[:type] = "password" if options[:type].nil?
unless STDIN.tty? || options[:pwd]
options[:pwd] = $stdin.read.strip
end
secret_id = Integer(ARGV.pop)
if(!secret_id)
fail "no secret!"
end
unless options[:wsdl] || options[:server].nil?
options[:wsdl] = "https://#{options[:server]}/webservices/sswebservice.asmx?wsdl"
end
scrt = Zanzibar::Zanzibar.new(options)
case options[:type]
when "password"
$stdout.write "#{scrt.get_password(secret_id)}\n"
when "privatekey"
scrt.download_private_key(:scrt_id=>secret_id)
when "publickey"
scrt.download_public_key(:scrt_id=>secret_id)
else
$stderr.write "#{options[:type]} is not a known type."
end

397
lib/zanzibar.rb
View File

@@ -1,209 +1,188 @@
require "zanzibar/version"
require 'savon'
require 'io/console'
require 'fileutils'
module Zanzibar
##
# Class for interacting with Secret Server
class Zanzibar
##
# @param args{:domain, :wsdl, :pwd, :globals{}}
def initialize(args = {})
if args[:wsdl]
@@wsdl = args[:wsdl]
else
@@wsdl = get_wsdl_location
end
if args[:pwd]
@@password = args[:pwd]
else
@@password = prompt_for_password
end
if args[:domain]
@@domain = args[:domain]
else
@@domain = prompt_for_domain
end
args[:globals] = {} unless args[:globals]
init_client(args[:globals])
end
## Initializes the Savon client class variable with the wdsl document location and optional global variables
# @param globals{}, optional
def init_client(globals = {})
globals = {} if globals == nil
@@client = Savon.client(globals) do
wsdl @@wsdl
end
end
## Gets the user's password if none is provided in the constructor.
# @return [String] the password for the current user
def prompt_for_password
puts "Please enter password for #{ENV['USER']}:"
return STDIN.noecho(&:gets).chomp
end
## Gets the wsdl document location if none is provided in the constructor
# @return [String] the location of the WDSL document
def get_wsdl_location
puts "Enter the URL of the Secret Server WSDL:"
return STDIN.gets.chomp
end
## Gets the domain of the Secret Server installation if none is provided in the constructor
# @return [String] the domain of the secret server installation
def prompt_for_domain
puts "Enter the domain of your Secret Server:"
return STDIN.gets.chomp
end
## Get an authentication token for interacting with Secret Server. These are only good for about 10 minutes so just get a new one each time.
# Will raise an error if there is an issue with the authentication.
# @return the authentication token for the current user.
def get_token
begin
response = @@client.call(:authenticate, message: { username: ENV['USER'], password: @@password, organization: "", domain: @@domain }).hash
if response[:envelope][:body][:authenticate_response][:authenticate_result][:errors]
raise "Error generating the authentication token for user #{ENV['USER']}: #{response[:envelope][:body][:authenticate_response][:authenticate_result][:errors][:string]}"
end
response[:envelope][:body][:authenticate_response][:authenticate_result][:token]
rescue Savon::Error => err
raise "There was an error generating the authentiaton token for user #{ENV['USER']}: #{err}"
end
end
## Get a secret returned as a hash
# Will raise an error if there was an issue getting the secret
# @param [Integer] the secret id
# @return [Hash] the secret hash retrieved from the wsdl
def get_secret(scrt_id, token = nil)
begin
secret = @@client.call(:get_secret, message: { token: token || get_token, secretId: scrt_id}).hash
if secret[:envelope][:body][:get_secret_response][:get_secret_result][:errors]
raise "There was an error getting secret #{scrt_id}: #{secret[:envelope][:body][:get_secret_response][:get_secret_result][:errors][:string]}"
end
return secret
rescue Savon::Error => err
raise "There was an error getting the secret with id #{scrt_id}: #{err}"
end
end
## Retrieve a simple password from a secret
# Will raise an error if there are any issues
# @param [Integer] the secret id
# @return [String] the password for the given secret
def get_password(scrt_id)
begin
secret = get_secret(scrt_id)
return secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item][1][:value]
rescue Savon::Error => err
raise "There was an error getting the password for secret #{scrt_id}: #{err}"
end
end
## Get the secret item id that relates to a key file or attachment.
# Will raise on error
# @param [Integer] the secret id
# @param [String] the type of secret item to get, one of privatekey, publickey, attachment
# @return [Integer] the secret item id
def get_scrt_item_id(scrt_id, type, token)
secret = get_secret(scrt_id, token)
case type
when 'privatekey'
## Get private key item id
secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
return item[:id] if item[:field_name] == 'Private Key'
end
when 'publickey'
## Get public key item id
secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
return item[:id] if item[:field_name] == 'Public Key'
end
when 'attachment'
## Get attachment item id. This currently only supports secrets with one attachment.
secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
return item[:id] if item[:field_name] == 'Attachment'
end
else
raise "Unknown type, #{type}."
end
end
## Downloads the private key for a secret and places it where Zanzibar is running, or :path if specified
# Raise on error
# @param [Hash] args, :scrt_id, :scrt_item_id - optional, :path - optional
def download_private_key(args = {})
token = get_token
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'privatekey', token)}).hash
if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
raise "There was an error getting the private key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
end
File.open(File.join(path, response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_name]), 'wb') do |file|
file.puts Base64.decode64(response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_attachment])
end
rescue Savon::Error => err
raise "There was an error getting the private key for secret #{args[:scrt_id]}: #{err}"
end
end
## Downloads the public key for a secret and places it where Zanzibar is running, or :path if specified
# Raise on error
# @param [Hash] args, :scrt_id, :scrt_item_id - optional, :path - optional
def download_public_key(args = {})
token = get_token
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'publickey', token)}).hash
if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
raise "There was an error getting the public key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
end
File.open(File.join(path, response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_name]), 'wb') do |file|
file.puts Base64.decode64(response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_attachment])
end
rescue Savon::Error => err
raise "There was an error getting the public key for secret #{args[:scrt_id]}: #{err}"
end
end
## Downloads an attachment for a secret and places it where Zanzibar is running, or :path if specified
# Raise on error
# @param [Hash] args, :scrt_id, :scrt_item_id - optional, :path - optional
def download_attachment(args = {})
token = get_token
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'attachment', token)}).hash
if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
raise "There was an error getting the attachment for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
end
File.open(File.join(path, response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_name]), 'wb') do |file|
file.puts Base64.decode64(response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:file_attachment])
end
rescue Savon::Error => err
raise "There was an error getting the attachment from secret #{args[:scrt_id]}: #{err}"
end
end
end
end
require "zanzibar/version"
require 'savon'
require 'io/console'
require 'fileutils'
module Zanzibar
##
# Class for interacting with Secret Server
class Zanzibar
##
# @param args{:domain, :wsdl, :pwd, :username, :globals{}}
def initialize(args = {})
if args[:username]
@@username = args[:username]
else
@@username = ENV['USER']
end
if args[:wsdl]
@@wsdl = args[:wsdl]
else
@@wsdl = get_wsdl_location
end
if args[:pwd]
@@password = args[:pwd]
else
@@password = prompt_for_password
end
if args[:domain]
@@domain = args[:domain]
else
@@domain = prompt_for_domain
end
args[:globals] = {} unless args[:globals]
init_client(args[:globals])
end
## Initializes the Savon client class variable with the wdsl document location and optional global variables
# @param globals{}, optional
def init_client(globals = {})
globals = {} if globals == nil
@@client = Savon.client(globals) do
wsdl @@wsdl
end
end
## Gets the user's password if none is provided in the constructor.
# @return [String] the password for the current user
def prompt_for_password
puts "Please enter password for #{@@username}:"
return STDIN.noecho(&:gets).chomp
end
## Gets the wsdl document location if none is provided in the constructor
# @return [String] the location of the WDSL document
def prompt_for_wsdl_location
puts "Enter the URL of the Secret Server WSDL:"
return STDIN.gets.chomp
end
## Gets the domain of the Secret Server installation if none is provided in the constructor
# @return [String] the domain of the secret server installation
def prompt_for_domain
puts "Enter the domain of your Secret Server:"
return STDIN.gets.chomp
end
## Get an authentication token for interacting with Secret Server. These are only good for about 10 minutes so just get a new one each time.
# Will raise an error if there is an issue with the authentication.
# @return the authentication token for the current user.
def get_token
begin
response = @@client.call(:authenticate, message: { username: @@username, password: @@password, organization: "", domain: @@domain })
.hash[:envelope][:body][:authenticate_response][:authenticate_result]
raise "Error generating the authentication token for user #{@@username}: #{response[:errors][:string]}" if response[:errors]
response[:token]
rescue Savon::Error => err
raise "There was an error generating the authentiaton token for user #{@@username}: #{err}"
end
end
## Get a secret returned as a hash
# Will raise an error if there was an issue getting the secret
# @param [Integer] the secret id
# @return [Hash] the secret hash retrieved from the wsdl
def get_secret(scrt_id, token = nil)
begin
secret = @@client.call(:get_secret, message: { token: token || get_token, secretId: scrt_id}).hash[:envelope][:body][:get_secret_response][:get_secret_result]
raise "There was an error getting secret #{scrt_id}: #{secret[:errors][:string]}" if secret[:errors]
return secret
rescue Savon::Error => err
raise "There was an error getting the secret with id #{scrt_id}: #{err}"
end
end
## Retrieve a simple password from a secret
# Will raise an error if there are any issues
# @param [Integer] the secret id
# @return [String] the password for the given secret
def get_password(scrt_id)
begin
secret = get_secret(scrt_id)
secret_items = secret[:secret][:items][:secret_item]
return get_secret_item_by_field_name(secret_items,"Password")[:value]
rescue Savon::Error => err
raise "There was an error getting the password for secret #{scrt_id}: #{err}"
end
end
def write_secret_to_file(path, secret_response)
File.open(File.join(path, secret_response[:file_name]), 'wb') do |file|
file.puts Base64.decode64(secret_response[:file_attachment])
end
end
def get_secret_item_by_field_name(secret_items, field_name)
secret_items.each do |item|
return item if item[:field_name] == field_name
end
end
## Get the secret item id that relates to a key file or attachment.
# Will raise on error
# @param [Integer] the secret id
# @param [String] the type of secret item to get, one of privatekey, publickey, attachment
# @return [Integer] the secret item id
def get_scrt_item_id(scrt_id, type, token)
secret = get_secret(scrt_id, token)
secret_items = secret[:secret][:items][:secret_item]
begin
return get_secret_item_by_field_name(secret_items, type)[:id]
rescue
raise "Unknown type, #{type}."
end
end
## Downloads a file for a secret and places it where Zanzibar is running, or :path if specified
# Raise on error
# @param [Hash] args, :scrt_id, :type (one of "Private Key", "Public Key", "Attachment"), :scrt_item_id - optional, :path - optional
def download_secret_file(args = {})
token = get_token
FileUtils.mkdir_p(args[:path]) if args[:path]
path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
begin
response = @@client.call(:download_file_attachment_by_item_id, message:
{ token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], args[:type], token)})
.hash[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result]
raise "There was an error getting the #{args[:type]} for secret #{args[:scrt_id]}: #{response[:errors][:string]}" if response[:errors]
write_secret_to_file(path, response)
rescue Savon::Error => err
raise "There was an error getting the #{args[:type]} for secret #{args[:scrt_id]}: #{err}"
end
end
## Methods to maintain backwards compatibility
def download_private_key(args = {})
args[:type] = 'Private Key'
download_secret_file(args)
end
def download_public_key(args = {})
args[:type] = 'Public Key'
download_secret_file(args)
end
def download_attachment(args = {})
args[:type] = 'Attachment'
download_secret_file(args)
end
end
end

6
lib/zanzibar/version.rb
View File

@@ -1,3 +1,3 @@
module Zanzibar
VERSION = "0.0.8"
end
module Zanzibar
VERSION = "0.1.10"
end

24
test/responses/attachment_response.xml → spec/responses/attachment_response.xml
View File

@@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>SSBhbSBhIHNlY3JldCBhdHRhY2htZW50</FileAttachment>
<FileName>attachment.txt</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>SSBhbSBhIHNlY3JldCBhdHRhY2htZW50</FileAttachment>
<FileName>attachment.txt</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>

0
test/responses/authenticate_response.xml → spec/responses/authenticate_response.xml
View File

24
test/responses/download_private_key_response.xml → spec/responses/download_private_key_response.xml
View File

@@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkgLS0tLS0KemFuemliYXJUZXN0UGFzc3dvcmQKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</FileAttachment>
<FileName>zanzi_key</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<DownloadFileAttachmentByItemIdResponse xmlns="urn:thesecretserver.com">
<DownloadFileAttachmentByItemIdResult>
<Errors />
<FileAttachment>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkgLS0tLS0KemFuemliYXJUZXN0UGFzc3dvcmQKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</FileAttachment>
<FileName>zanzi_key</FileName>
</DownloadFileAttachmentByItemIdResult>
</DownloadFileAttachmentByItemIdResponse>
</soap:Body>
</soap:Envelope>

0
test/responses/download_public_key_response.xml → spec/responses/download_public_key_response.xml
View File

0
test/responses/get_secret_response.xml → spec/responses/get_secret_response.xml
View File

114
test/responses/get_secret_with_attachment_response.xml → spec/responses/get_secret_with_attachment_response.xml
View File

@@ -1,57 +1,57 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzi Secret Attachment</Name>
<Items>
<SecretItem>
<Value>N/A</Value>
<Id>20144</Id>
<FieldId>284</FieldId>
<FieldName>Username</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Username</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value>N/A</Value>
<Id>20145</Id>
<FieldId>285</FieldId>
<FieldName>Password</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>true</IsPassword>
<FieldDisplayName>Password</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>20148</Id>
<FieldId>287</FieldId>
<FieldName>Attachment</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Attachment</FieldDisplayName>
</SecretItem>
</Items>
<Id>3456</Id>
<SecretTypeId>6028</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzi Secret Attachment</Name>
<Items>
<SecretItem>
<Value>N/A</Value>
<Id>20144</Id>
<FieldId>284</FieldId>
<FieldName>Username</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Username</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value>N/A</Value>
<Id>20145</Id>
<FieldId>285</FieldId>
<FieldName>Password</FieldName>
<IsFile>false</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>true</IsPassword>
<FieldDisplayName>Password</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>20148</Id>
<FieldId>287</FieldId>
<FieldName>Attachment</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Attachment</FieldDisplayName>
</SecretItem>
</Items>
<Id>3456</Id>
<SecretTypeId>6028</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>

94
test/responses/get_secret_with_keys_response.xml → spec/responses/get_secret_with_keys_response.xml
View File

@@ -1,47 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzibar Test Keys</Name>
<Items>
<SecretItem>
<Value />
<Id>15214</Id>
<FieldId>486</FieldId>
<FieldName>Private Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Private Key</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>15215</Id>
<FieldId>487</FieldId>
<FieldName>Public Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Public Key</FieldDisplayName>
</SecretItem>
</Items>
<Id>2345</Id>
<SecretTypeId>6054</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors />
<Secret>
<Name>Zanzibar Test Keys</Name>
<Items>
<SecretItem>
<Value />
<Id>15214</Id>
<FieldId>486</FieldId>
<FieldName>Private Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Private Key</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value />
<Id>15215</Id>
<FieldId>487</FieldId>
<FieldName>Public Key</FieldName>
<IsFile>true</IsFile>
<IsNotes>false</IsNotes>
<IsPassword>false</IsPassword>
<FieldDisplayName>Public Key</FieldDisplayName>
</SecretItem>
</Items>
<Id>2345</Id>
<SecretTypeId>6054</SecretTypeId>
<FolderId>85</FolderId>
<IsWebLauncher>false</IsWebLauncher>
<Active>true</Active>
<CheckOutMinutesRemaining xsi:nil="true" />
<IsCheckedOut xsi:nil="true" />
<CheckOutUserDisplayName />
<CheckOutUserId xsi:nil="true" />
<IsOutOfSync xsi:nil="true" />
<IsRestricted>false</IsRestricted>
<OutOfSyncReason />
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>

1258
test/scrt.wsdl → spec/scrt.wsdl
View File

File diff suppressed because it is too large Load Diff

7
test/spec/spec_helper.rb → spec/spec/spec_helper.rb
View File

@@ -15,6 +15,9 @@
#
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
require 'webmock/rspec'
require "codeclimate-test-reporter"
CodeClimate::TestReporter.start
RSpec.configure do |config|
# rspec-expectations config goes here. You can use an alternate
# assertion/expectation library such as wrong or the stdlib/minitest
@@ -39,6 +42,10 @@ RSpec.configure do |config|
mocks.verify_partial_doubles = true
end
config.after(:suite) do
WebMock.disable_net_connect!(:allow => 'codeclimate.com')
end
# The settings below are suggested to provide a good initial experience
# with RSpec, but feel free to customize to your heart's content.
=begin

116
spec/zanzibar_spec.rb Normal file
View File

@@ -0,0 +1,116 @@
require 'zanzibar'
require 'savon'
require 'webmock'
require 'rspec'
require 'webmock/rspec'
include WebMock::API
describe "Zanzibar Test" do
client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "spec/scrt.wsdl")
auth_xml = File.read('spec/responses/authenticate_response.xml')
secret_xml = File.read('spec/responses/get_secret_response.xml')
secret_with_key_xml = File.read('spec/responses/get_secret_with_keys_response.xml')
secret_with_attachment_xml = File.read('spec/responses/get_secret_with_attachment_response.xml')
private_key_xml = File.read('spec/responses/download_private_key_response.xml')
public_key_xml = File.read('spec/responses/download_public_key_response.xml')
attachment_xml = File.read('spec/responses/attachment_response.xml')
it 'should return an auth token' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200)
expect(client.get_token).to eq("imatoken")
end
it 'should get a secret' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_xml, :status => 200)
expect(client.get_secret(1234)[:secret][:name]).to eq("Zanzi Test Secret")
end
it 'should get a password' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_xml, :status => 200)
expect(client.get_password(1234)).to eq("zanziUserPassword")
end
it 'should download a private key' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_key_xml, :status => 200).then.
to_return(:body => private_key_xml, :status => 200)
client.download_secret_file(:scrt_id => 2345, :type => 'Private Key')
expect(File.exist? 'zanzi_key')
expect(File.read('zanzi_key')).to eq("-----BEGIN RSA PRIVATE KEY -----\nzanzibarTestPassword\n-----END RSA PRIVATE KEY-----\n")
File.delete('zanzi_key')
end
it 'should download a private key legacy' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_key_xml, :status => 200).then.
to_return(:body => private_key_xml, :status => 200)
client.download_private_key(:scrt_id => 2345)
expect(File.exist? 'zanzi_key')
expect(File.read('zanzi_key')).to eq("-----BEGIN RSA PRIVATE KEY -----\nzanzibarTestPassword\n-----END RSA PRIVATE KEY-----\n")
File.delete('zanzi_key')
end
it 'should download a public key' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_key_xml, :status => 200).then.
to_return(:body => public_key_xml, :status => 200)
client.download_secret_file(:scrt_id => 2345, :type => 'Public Key')
expect(File.exist? 'zanzi_key.pub')
expect(File.read('zanzi_key.pub')).to eq("1234PublicKey5678==\n")
File.delete('zanzi_key.pub')
end
it 'should download a public key legacy' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_key_xml, :status => 200).then.
to_return(:body => public_key_xml, :status => 200)
client.download_public_key(:scrt_id => 2345)
expect(File.exist? 'zanzi_key.pub')
expect(File.read('zanzi_key.pub')).to eq("1234PublicKey5678==\n")
File.delete('zanzi_key.pub')
end
it 'should download an attachment' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_attachment_xml, :status => 200).then.
to_return(:body => attachment_xml, :status => 200)
client.download_secret_file(:scrt_id => 3456, :type => 'Attachment')
expect(File.exist? 'attachment.txt')
expect(File.read('attachment.txt')).to eq("I am a secret attachment\n")
File.delete('attachment.txt')
end
it 'should download an attachment legacy' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_attachment_xml, :status => 200).then.
to_return(:body => attachment_xml, :status => 200)
client.download_attachment(:scrt_id => 3456)
expect(File.exist? 'attachment.txt')
expect(File.read('attachment.txt')).to eq("I am a secret attachment\n")
File.delete('attachment.txt')
end
end

2
test/.rspec
View File

@@ -1,2 +0,0 @@
--color
--require spec_helper

80
test/zanzibar_spec.rb
View File

@@ -1,80 +0,0 @@
require '../lib/zanzibar.rb'
require 'savon'
require 'webmock'
require 'rspec'
require 'webmock/rspec'
include WebMock::API
describe "Zanzibar Test" do
client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "scrt.wsdl")
auth_xml = File.read('responses/authenticate_response.xml')
secret_xml = File.read('responses/get_secret_response.xml')
secret_with_key_xml = File.read('responses/get_secret_with_keys_response.xml')
secret_with_attachment_xml = File.read('responses/get_secret_with_attachment_response.xml')
private_key_xml = File.read('responses/download_private_key_response.xml')
public_key_xml = File.read('responses/download_public_key_response.xml')
attachment_xml = File.read('responses/attachment_response.xml')
it 'should return an auth token' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200)
expect(client.get_token).to eq("imatoken")
end
it 'should get a secret' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_xml, :status => 200)
expect(client.get_secret(1234)[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:name]).to eq("Zanzi Test Secret")
end
it 'should get a password' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_xml, :status => 200)
expect(client.get_password(1234)).to eq("zanziUserPassword")
end
it 'should download a private key' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_key_xml, :status => 200).then.
to_return(:body => private_key_xml, :status => 200)
client.download_private_key(:scrt_id => 2345)
expect(File.exist? 'zanzi_key')
expect(File.read('zanzi_key')).to eq("-----BEGIN RSA PRIVATE KEY -----\nzanzibarTestPassword\n-----END RSA PRIVATE KEY-----\n")
File.delete('zanzi_key')
end
it 'should download a public key' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_key_xml, :status => 200).then.
to_return(:body => public_key_xml, :status => 200)
client.download_public_key(:scrt_id => 2345)
expect(File.exist? 'zanzi_key.pub')
expect(File.read('zanzi_key.pub')).to eq("1234PublicKey5678==\n")
File.delete('zanzi_key.pub')
end
it 'should download an attachment' do
stub_request(:any, "https://www.zanzitest.net/webservices/sswebservice.asmx").
to_return(:body => auth_xml, :status => 200).then.
to_return(:body => secret_with_attachment_xml, :status => 200).then.
to_return(:body => attachment_xml, :status => 200)
client.download_attachment(:scrt_id => 3456)
expect(File.exist? 'attachment.txt')
expect(File.read('attachment.txt')).to eq("I am a secret attachment\n")
File.delete('attachment.txt')
end
end

1
zanzibar.gemspec
View File

@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
spec.require_paths = ["lib"]
spec.add_dependency "rubyntlm", "~> 0.4.0"
spec.add_development_dependency "bundler", "~> 1.7"
spec.add_development_dependency "rake", "~> 10.0"
spec.add_runtime_dependency "savon", "~> 2.8.0"