github.com/minio/mc@v0.0.0-20240503112107-b471de8d1882/cmd/idp-ldap-accesskey-info.go (about) 1 // Copyright (c) 2015-2023 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package cmd 19 20 import ( 21 "strings" 22 "time" 23 24 "github.com/charmbracelet/lipgloss" 25 humanize "github.com/dustin/go-humanize" 26 "github.com/minio/cli" 27 json "github.com/minio/colorjson" 28 "github.com/minio/mc/pkg/probe" 29 "github.com/minio/pkg/v2/console" 30 ) 31 32 var idpLdapAccesskeyInfoCmd = cli.Command{ 33 Name: "info", 34 Usage: "info about given access key pairs for LDAP", 35 Action: mainIDPLdapAccesskeyInfo, 36 Before: setGlobalsFromContext, 37 Flags: globalFlags, 38 OnUsageError: onUsageError, 39 CustomHelpTemplate: `NAME: 40 {{.HelpName}} - {{.Usage}} 41 42 USAGE: 43 {{.HelpName}} [FLAGS] TARGET ACCESSKEY [ACCESSKEY...] 44 45 FLAGS: 46 {{range .VisibleFlags}}{{.}} 47 {{end}} 48 EXAMPLES: 49 1. Get info for the access key "testkey" 50 {{.Prompt}} {{.HelpName}} local/ testkey 51 2. Get info for the access keys "testkey" and "testkey2" 52 {{.Prompt}} {{.HelpName}} local/ testkey testkey2 53 `, 54 } 55 56 type ldapAccesskeyMessage struct { 57 op string 58 Status string `json:"status"` 59 AccessKey string `json:"accessKey"` 60 SecretKey string `json:"secretKey,omitempty"` 61 ParentUser string `json:"parentUser,omitempty"` 62 AccountStatus string `json:"accountStatus,omitempty"` 63 ImpliedPolicy bool `json:"impliedPolicy,omitempty"` 64 Policy json.RawMessage `json:"policy,omitempty"` 65 Name string `json:"name,omitempty"` 66 Description string `json:"description,omitempty"` 67 Expiration *time.Time `json:"expiration,omitempty"` 68 } 69 70 func (m ldapAccesskeyMessage) String() string { 71 switch m.op { 72 case "info": 73 expirationStr := "NONE" 74 if m.Expiration != nil && !m.Expiration.IsZero() && !m.Expiration.Equal(timeSentinel) { 75 expirationStr = humanize.Time(*m.Expiration) 76 } 77 policyStr := "embedded" 78 if m.ImpliedPolicy { 79 policyStr = "implied" 80 } 81 82 labelStyle := lipgloss.NewStyle().Foreground(lipgloss.Color("#04B575")) // green 83 o := strings.Builder{} 84 85 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Access Key:"), m.AccessKey)) 86 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Parent User:"), m.ParentUser)) 87 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Policy:"), policyStr)) 88 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Name:"), m.Name)) 89 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Description:"), m.Description)) 90 o.WriteString(iFmt(0, "%s %s\n\n", labelStyle.Render("Expiration:"), expirationStr)) 91 92 return o.String() 93 94 case "create": 95 expirationStr := "NONE" 96 if m.Expiration != nil && !m.Expiration.IsZero() && !m.Expiration.Equal(timeSentinel) { 97 expirationStr = m.Expiration.String() 98 } 99 100 labelStyle := lipgloss.NewStyle().Foreground(lipgloss.Color("#04B575")) // green 101 o := strings.Builder{} 102 103 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Access Key:"), m.AccessKey)) 104 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Secret Key:"), m.SecretKey)) 105 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Expiration:"), expirationStr)) 106 o.WriteString(iFmt(0, "%s %s\n", labelStyle.Render("Name:"), m.Name)) 107 o.WriteString(iFmt(0, "%s %s\n\n", labelStyle.Render("Description:"), m.Description)) 108 109 return o.String() 110 case "remove": 111 return console.Colorize("RemoveAccessKey", "Successfully removed access key `"+m.AccessKey+"`.") 112 } 113 return "" 114 } 115 116 func (m ldapAccesskeyMessage) JSON() string { 117 jsonMessageBytes, e := json.MarshalIndent(m, "", " ") 118 fatalIf(probe.NewError(e), "Unable to marshal into JSON.") 119 120 return string(jsonMessageBytes) 121 } 122 123 func mainIDPLdapAccesskeyInfo(ctx *cli.Context) error { 124 if len(ctx.Args()) < 2 { 125 showCommandHelpAndExit(ctx, 1) // last argument is exit code 126 } 127 128 args := ctx.Args() 129 aliasedURL := args.Get(0) 130 accessKeys := args.Tail() 131 132 // Create a new MinIO Admin Client 133 client, err := newAdminClient(aliasedURL) 134 fatalIf(err, "Unable to initialize admin connection.") 135 136 for _, accessKey := range accessKeys { 137 // Assume service account by default 138 res, e := client.InfoServiceAccount(globalContext, accessKey) 139 if e != nil { 140 // If not a service account must be sts 141 tempRes, e := client.TemporaryAccountInfo(globalContext, accessKey) 142 if e != nil { 143 errorIf(probe.NewError(e), "Unable to retrieve access key "+accessKey+" info.") 144 } else { 145 m := ldapAccesskeyMessage{ 146 op: "info", 147 AccessKey: accessKey, 148 Status: "success", 149 ParentUser: tempRes.ParentUser, 150 AccountStatus: tempRes.AccountStatus, 151 ImpliedPolicy: tempRes.ImpliedPolicy, 152 Policy: json.RawMessage(tempRes.Policy), 153 Name: tempRes.Name, 154 Description: tempRes.Description, 155 Expiration: tempRes.Expiration, 156 } 157 158 printMsg(m) 159 } 160 } else { 161 m := ldapAccesskeyMessage{ 162 op: "info", 163 AccessKey: accessKey, 164 Status: "success", 165 ParentUser: res.ParentUser, 166 AccountStatus: res.AccountStatus, 167 ImpliedPolicy: res.ImpliedPolicy, 168 Policy: json.RawMessage(res.Policy), 169 Name: res.Name, 170 Description: res.Description, 171 Expiration: res.Expiration, 172 } 173 174 printMsg(m) 175 } 176 } 177 178 return nil 179 }