60 lines
1.5 KiB
Rust
60 lines
1.5 KiB
Rust
//! CLI module for user features
|
|
//!
|
|
//! The `sshca user` sub-command handles user-based operations, such
|
|
//! as signing an SSH user certificate.
|
|
mod login;
|
|
|
|
use std::time::Duration;
|
|
|
|
use argh::FromArgs;
|
|
|
|
use crate::MainResult;
|
|
|
|
/// Manage host keys and certificates
|
|
#[derive(FromArgs)]
|
|
#[argh(subcommand, name = "user")]
|
|
pub(crate) struct Args {
|
|
#[argh(subcommand)]
|
|
command: UserSubcommand,
|
|
}
|
|
|
|
#[derive(FromArgs)]
|
|
#[argh(subcommand)]
|
|
enum UserSubcommand {
|
|
Login(LoginArgs),
|
|
}
|
|
|
|
/// Log in and obtain an SSH user certificate
|
|
#[derive(FromArgs)]
|
|
#[argh(subcommand, name = "login")]
|
|
struct LoginArgs {
|
|
/// listen socket address for OIDC callback (default: 127.0.0.1:8976)
|
|
#[argh(option, short = 'l')]
|
|
callback_listen_address: Option<String>,
|
|
|
|
/// oidc callback timeout, in seconds (default: 300)
|
|
#[argh(option, short = 't')]
|
|
callback_timeout: Option<u64>,
|
|
}
|
|
|
|
/// Main entry point for `sshca user`
|
|
pub(crate) async fn main(args: Args) -> MainResult {
|
|
match args.command {
|
|
UserSubcommand::Login(args) => login(args).await,
|
|
}
|
|
}
|
|
|
|
/// Entry point for `sshca user login`
|
|
async fn login(args: LoginArgs) -> MainResult {
|
|
let listen = match args.callback_listen_address {
|
|
Some(s) => Some(s.parse()?),
|
|
None => None,
|
|
};
|
|
let timeout = args.callback_timeout.map(Duration::from_secs);
|
|
let url = super::get_sshca_server_url()?;
|
|
let config = login::get_oidc_config(&url).await?;
|
|
let token = login::login(config, listen, timeout).await?;
|
|
println!("{}", token);
|
|
Ok(())
|
|
}
|