public function testTokenExistsForEmail()
{
$tokens_cache = new TokensCache();
$tokens_dir = $tokens_cache->getCacheDir();
$creds = getBehatCredentials();
$file_name = $tokens_dir . '/' . $creds['username'];
setOutputDestination($file_name);
$this->assertTrue($this->auth->tokenExistsForEmail($creds['username']));
resetOutputDestination($file_name);
$this->assertFalse($this->auth->tokenExistsForEmail('invalid'));
}
/**
* Ensures the user is logged in or errs.
*
* @return [boolean] Always true
*/
public static function ensureLogin()
{
$session = Session::instance()->getData();
$auth = new Auth();
if (!$auth->loggedIn()) {
if (isset($session->refresh)) {
$auth->logInViaMachineToken($session->refresh);
} else {
throw new TerminusException('Please login first with `terminus auth login`', array(), 1);
}
}
return true;
}
/**
* Make a request to the Pantheon API
*
* @param [string] $realm Permissions realm for data request (e.g. user,
* site organization, etc. Can also be "public" to simply pull read-only
* data that is not privileged.
* @param [string] $uuid The UUID of the item in the realm to access
* @param [string] $path API path (URL)
* @param [string] $method HTTP method to use
* @param [mixed] $options A native PHP data structure (e.g. int, string,
* array, or stdClass) to be sent along with the request
* @return [array] $data
*/
public static function request($realm, $uuid, $path = false, $method = 'GET', $options = null)
{
if (!in_array($realm, array('login', 'user', 'public'))) {
Auth::loggedIn();
}
try {
$cache = Terminus::get_cache();
if (!in_array($realm, array('login', 'user'))) {
$options['cookies'] = array('X-Pantheon-Session' => Session::getValue('session'));
$options['verify'] = false;
}
$url = Endpoint::get(array('realm' => $realm, 'uuid' => $uuid, 'path' => $path));
if (Terminus::get_config('debug')) {
Logger::debug('Request URL: ' . $url);
}
$resp = Request::send($url, $method, $options);
$json = $resp->getBody(true);
$data = array('info' => $resp->getInfo(), 'headers' => $resp->getRawHeaders(), 'json' => $json, 'data' => json_decode($json), 'status_code' => $resp->getStatusCode());
return $data;
} catch (Guzzle\Http\Exception\BadResponseException $e) {
$response = $e->getResponse();
\Terminus::error("%s", $response->getBody(true));
} catch (Guzzle\Http\Exception\HttpException $e) {
$request = $e->getRequest();
$sanitized_request = TerminusCommand::stripSensitiveData((string) $request, TerminusCommand::$blacklist);
\Terminus::error('Request %s had failed: %s', array($sanitized_request, $e->getMessage()));
} catch (Exception $e) {
\Terminus::error('Unrecognised request failure: %s', $e->getMessage());
}
}
/**
* Log in as a user
*
* ## OPTIONS
* [<email>]
* : Email address to log in as.
*
* [--password=<value>]
* : Log in non-interactively with this password. Useful for automation.
*
* [--machine-token=<value>]
* : Authenticates using a machine token from your dashboard. Stores the
* token for future use.
*
* [--debug]
* : dump call information when logging in.
*/
public function login($args, $assoc_args)
{
if (!empty($args)) {
$email = array_shift($args);
}
if (isset($assoc_args['machine-token']) && $assoc_args['machine-token'] !== true) {
// Try to log in using a machine token, if provided.
$token_data = ['token' => $assoc_args['machine-token']];
$this->auth->logInViaMachineToken($token_data);
} elseif (isset($email) && $this->auth->tokenExistsForEmail($email)) {
// Try to log in using a machine token, if the account email was provided.
$this->auth->logInViaMachineToken(compact('email'));
} elseif (empty($args) && isset($_SERVER['TERMINUS_MACHINE_TOKEN'])) {
// Try to log in using a machine token, if it's in the $_SERVER.
$token_data = ['token' => $_SERVER['TERMINUS_MACHINE_TOKEN']];
$this->auth->logInViaMachineToken($token_data);
} elseif (isset($_SERVER['TERMINUS_USER']) && $this->auth->tokenExistsForEmail($_SERVER['TERMINUS_USER'])) {
// Try to log in using a machine token, if $_SERVER provides account email.
$this->auth->logInViaMachineToken(['email' => $_SERVER['TERMINUS_USER']]);
} elseif (!isset($email) && ($only_token = $this->auth->getOnlySavedToken())) {
// Try to log in using a machine token, if there is only one saved token.
$this->auth->logInViaMachineToken(['email' => $only_token['email']]);
} else {
if (isset($email) && isset($assoc_args['password'])) {
$password = $assoc_args['password'];
$this->auth->logInViaUsernameAndPassword($email, $assoc_args['password']);
} else {
$this->log()->info("Please visit the Dashboard to generate a machine token:\n{url}", ['url' => Auth::getMachineTokenCreationUrl()]);
exit(1);
}
}
$this->log()->debug(get_defined_vars());
Terminus::launchSelf('art', array('fist'));
}
/**
* Make a request to the Dashbord's internal API.
*
* @param $realm
* Permissions realm for data request: currently "user" or "site" but in the
* future this could also be "organization" or another high-level business
* object (e.g. "product" for managing your app). Can also be "public" to
* simply pull read-only data that is not privileged.
*
* @param $uuid
* The UUID of the item in the realm you want to access.
*
* @param $method
* HTTP method (verb) to use.
*
* @param $data
* A native PHP data structure (int, string, arary or simple object) to be
* sent along with the request. Will be encoded as JSON for you.
*/
public static function request($realm, $uuid, $path = FALSE, $method = 'GET', $options = NULL)
{
if (!in_array($realm, array('login', 'user', 'public')) and !Terminus::is_test()) {
Auth::loggedIn();
}
try {
$cache = Terminus::get_cache();
// combine session realm uuid and path to get a unique key
// @todo need cache "groups"
$cachekey = md5(Session::getValue('user_uuid') . $uuid . $realm . $path);
$data = $cache->get_data($cachekey);
// check the request cache
if ("GET" == $method and !Terminus::get_config('nocache') and !getenv('CLI_TEST_MODE') and !empty($data)) {
if (Terminus::get_config('debug')) {
Logger::debug('CacheKey: ' . $cachekey);
}
return (array) $data;
}
// for some methods we'll assume the cache should be invalidated
if (in_array($method, array("POST", "PUT", "DELETE"))) {
$cache->flush(null, 'session');
}
if (!in_array($realm, array('login', 'user'))) {
$options['cookies'] = array('X-Pantheon-Session' => Session::getValue('session'));
$options['verify'] = false;
}
$url = Endpoint::get(array('realm' => $realm, 'uuid' => $uuid, 'path' => $path));
if (Terminus::get_config('debug')) {
Logger::debug('Request URL: ' . $url);
}
$resp = Request::send($url, $method, $options);
$json = $resp->getBody(TRUE);
$data = array('info' => $resp->getInfo(), 'headers' => $resp->getRawHeaders(), 'json' => $json, 'data' => json_decode($json), 'status_code' => $resp->getStatusCode());
$cache->put_data($cachekey, $data);
return $data;
} catch (Guzzle\Http\Exception\BadResponseException $e) {
$response = $e->getResponse();
\Terminus::error("%s", $response->getBody(TRUE));
} catch (Guzzle\Http\Exception\HttpException $e) {
$request = $e->getRequest();
//die(Terminus_Command::stripSensitiveData());
$sanitized_request = Terminus_Command::stripSensitiveData((string) $request, Terminus_Command::$_blacklist);
\Terminus::error("Request %s had failed: %s", array($sanitized_request, $e->getMessage()));
} catch (Exception $e) {
\Terminus::error("Unrecognised request failure: %s", $e->getMessage());
}
}
/**
* Ensures the user is logged in or errs.
*
* @return bool Always true
* @throws TerminusException
*/
public static function ensureLogin()
{
$session = Session::instance()->getData();
$auth = new Auth();
if (!$auth->loggedIn()) {
if ($token = $auth->getOnlySavedToken()) {
$auth->logInViaMachineToken($token);
} else {
if (isset($_SERVER['TERMINUS_MACHINE_TOKEN']) && ($token = $_SERVER['TERMINUS_MACHINE_TOKEN'])) {
$auth->logInViaMachineToken(compact('token'));
} else {
if (isset($_SERVER['TERMINUS_USER']) && ($email = $_SERVER['TERMINUS_USER'])) {
$auth->logInViaMachineToken(compact('email'));
} else {
$message = 'You are not logged in. Run `auth login` to ';
$message .= 'authenticate or `help auth login` for more info.';
$auth->logger->warning($message);
exit(1);
}
}
}
}
return true;
}
/**
* Logs you in to Pantheon
*
* @param string[] $options Elements as follow:
* string username Your Pantheon username
* string password Your Pantheon password
* @return void
* @throws TerminusException
*/
private function logIn(array $options)
{
if (is_null($options['username']) || is_null($options['password'])) {
throw new TerminusException('You need to supply both a username and a password to the constructor.');
}
$auth = new Auth();
$auth->logInViaUsernameAndPassword($options['username'], $options['password']);
}
/**
* Object constructor.
*/
public function __construct()
{
Auth::ensureLogin();
parent::__construct();
$this->sites = new Sites();
}
/**
* Show a list of your sites on Pantheon
* @package Terminus
* @version 2.0
*/
public function __construct()
{
parent::__construct();
Auth::loggedIn();
}
/**
* Instantiates object, ensures login
*
* @return [Instruments_Command] $this
*/
public function __construct()
{
Auth::ensureLogin();
parent::__construct();
}
/**
* Object constructor
*
* @param array $options Options to construct the command object
* @return SiteCommand
*/
public function __construct(array $options = [])
{
Auth::ensureLogin();
parent::__construct($options);
$this->sites = new Sites();
}
/**
* Instantiates object, ensures login
*
* @param array $options Options to construct the command object
* @returns InstrumentsCommand
*/
public function __construct(array $options = [])
{
Auth::ensureLogin();
parent::__construct($options);
}
/**
* Show a list of your sites on Pantheon
* @package Terminus
* @version 2.0
*/
public function __construct()
{
parent::__construct();
Auth::loggedIn();
$this->sitesCache = new SitesCache();
}
/**
* Logs in with Behad credentials to enable Behat fixture use
*
* @return void
*/
function logInWithBehatCredentials()
{
$creds = getBehatCredentials();
$auth = new Auth();
$auth->logInViaUsernameAndPassword($creds['username'], $creds['password']);
}
function testGetMachineTokenCreationUrl()
{
$url = Auth::getMachineTokenCreationUrl();
$this->assertInternalType('string', $url);
$this->assertInternalType('integer', strpos($url, 'machine-token/create'));
}
