Os login (#50)

Add OS Login support + change key storage format
2021-07-04 18:37:28 +02:00
parent ef268fd7b2
commit 91c6dbb2b7
11 changed files with 533 additions and 456 deletions
--- a/cloud/google_oslogin.go
+++ b/cloud/google_oslogin.go
@@ -0,0 +1,62 @@
+package cloud
+
+import (
+	"crypto/sha256"
+	"fmt"
+	"speedrun/key"
+
+	"github.com/apex/log"
+	"google.golang.org/api/oslogin/v1"
+)
+
+func (c *GCPClient) AddUserKey(key *key.Key) error {
+	parent := fmt.Sprintf("users/%s", c.client_email)
+
+	authorizedKey, err := key.MarshalAuthorizedKey()
+	if err != nil {
+		return err
+	}
+
+	sshPublicKey := &oslogin.SshPublicKey{
+		Key: string(authorizedKey),
+	}
+
+	_, err = c.oslogin.Users.ImportSshPublicKey(parent, sshPublicKey).Do()
+	return err
+}
+
+func (c *GCPClient) RemoveUserKey(key *key.Key) error {
+	authorizedKey, err := key.MarshalAuthorizedKey()
+	if err != nil {
+		return err
+	}
+
+	name := fmt.Sprintf("users/%s/sshPublicKeys/%x", c.client_email, sha256.Sum256([]byte(authorizedKey)))
+	_, err = c.oslogin.Users.SshPublicKeys.Delete(name).Do()
+	return err
+}
+
+func (c *GCPClient) ListUserKeys() error {
+	parent := fmt.Sprintf("users/%s", c.client_email)
+
+	profile, err := c.oslogin.Users.GetLoginProfile(parent).Do()
+	if err != nil {
+		return err
+	}
+
+	for _, k := range profile.SshPublicKeys {
+		log.Info(k.Key)
+	}
+	return nil
+}
+
+func (c *GCPClient) GetSAUsername() (string, error) {
+	parent := fmt.Sprintf("users/%s", c.client_email)
+
+	profile, err := c.oslogin.Users.GetLoginProfile(parent).Do()
+	if err != nil {
+		return "", err
+	}
+
+	return profile.PosixAccounts[0].Username, nil
+}