Project

keyrod

0.0
No commit activity in last 3 years
No release in over 3 years
CLI for authenticating OIDC clients in EGI Federated Cloud
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.16
~> 12.3
~> 3.7
~> 0.53
~> 3.3

Runtime

~> 0.14
~> 0.20
~> 2.0
 Project Readme

Keyrod

Keyrod

CLI for authorizing OIDC credentials against EGI Federated Cloud OpenNebula sites.

Keyrod allows to authorize either with access token or refresh token coupled with client id and client secret. After successful authentication, user receives OpenNebula login token.

Requirements

  • Ruby 2.2.6+
  • Rubygems

Installation

From Rubygems

gem install keyrod

From source

git clone https://github.com/cduongt/keyrod.git
cd keyrod
gem install bundler
bundle install

Configuration

Location

Configuration file can be saved in these paths:

  • ~/.keyrod/keyrod.yml
  • /etc/keyrod/keyrod.yml
  • PATH_TO_GEM/keyrod/keyrod.yml - this is default location

Usage

$ keyrod help token

Usage:
  keyrod token -p, --identity-provider=IDENTITY-PROVIDER -s, --site=SITE

Options:
      [--debug], [--no-debug]                                # Runs Keyrod in debug mode
      [--ca-dir=CA-DIR]                                      # CA directory
      [--verify-ssl], [--no-verify-ssl]                      # Check SSL certificate of FedCloud site
                                                             # Default: true
  -s, --site=SITE                                            # EGI FedCloud Site
                                                             # Default: http://localhost/
  -a, [--access-token=ACCESS-TOKEN]                          # Access token for authentication
  -g, [--group=GROUP]                                        # Group to join
  -f, [--interactive-fallback], [--no-interactive-fallback]  # Fallback to interactive mode if group is not set
  -p, --identity-provider=IDENTITY-PROVIDER                  # Identity provider for token
  -r, [--refresh-token=REFRESH-TOKEN]                        # Refresh token for creating access token
  -o, [--oidc-site=OIDC-SITE]                                # OIDC site for authenticating refresh token
                                                             # Default: http://localhost/token
  -i, [--client-id=CLIENT-ID]                                # OIDC client ID
  -t, [--client-secret=CLIENT-SECRET]                        # OIDC client secret