-
Notifications
You must be signed in to change notification settings - Fork 76
/
Copy pathmain.go
77 lines (66 loc) · 2.52 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
/*
* Copyright 2020 VMware, Inc. All rights reserved. Licensed under the Apache v2 License.
*/
package main
import (
"flag"
"fmt"
"net/url"
"os"
"github.com/vmware/go-vcloud-director/v3/govcd"
)
var (
username string
password string
org string
apiEndpoint string
customAdfsRptId string
)
func init() {
flag.StringVar(&username, "username", "", "Username")
flag.StringVar(&password, "password", "", "Password")
flag.StringVar(&org, "org", "System", "Org name. Default is 'System'")
flag.StringVar(&apiEndpoint, "endpoint", "", "API endpoint (e.g. 'https://hostname/api')")
flag.StringVar(&customAdfsRptId, "rpt", "", "Custom Relaying party trust ID. Default is vCD SAML Entity ID")
}
// Usage:
// # go build -o auth
// # ./auth --username [email protected] --password asdasd --org my-org --endpoint https://192.168.1.160/api
func main() {
flag.Parse()
if username == "" || password == "" || org == "" || apiEndpoint == "" {
fmt.Printf("At least 'username', 'password', 'org' and 'endpoint' must be specified\n")
os.Exit(1)
}
vcdURL, err := url.Parse(apiEndpoint)
if err != nil {
fmt.Printf("Error parsing supplied endpoint %s: %s", apiEndpoint, err)
os.Exit(2)
}
// Create VCD client allowing insecure TLS connection and using SAML auth.
// WithSamlAdfs() allows SAML authentication when vCD uses Microsoft Active Directory
// Federation Services (ADFS) as SAML IdP. The code below allows to authenticate ADFS using
// WS-TRUST endpoint "/adfs/services/trust/13/usernamemixed"
// Input parameters:
// user - username for authentication against ADFS server (e.g. '[email protected]' or 'test-forest.net\test')
// password - password for authentication against ADFS server
// org - Org to authenticate to. Can be 'System'.
// customAdfsRptId - override relaying party trust ID. If it is empty - vCD Entity ID will be used
// as Relaying Party Trust ID.
vcdCli := govcd.NewVCDClient(*vcdURL, true, govcd.WithSamlAdfs(true, customAdfsRptId))
err = vcdCli.Authenticate(username, password, org)
if err != nil {
fmt.Println(err)
os.Exit(3)
}
// To prove authentication worked - just fetch all edge gateways and dump them on the screen
edgeGatewayResults, err := vcdCli.Query(map[string]string{"type": "edgeGateway"})
if err != nil {
fmt.Printf("Error retrieving Edge Gateways: %s\n", err)
os.Exit(4)
}
fmt.Printf("Found %d Edge Gateways\n", len(edgeGatewayResults.Results.EdgeGatewayRecord))
for _, v := range edgeGatewayResults.Results.EdgeGatewayRecord {
fmt.Println(v.Name)
}
}