v1.14.6/builtin/credential/userpass/cli.go - hashicorp/vault - Git at Google

 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0

 package userpass

 import (
 	"fmt"
 	"os"
 	"strings"

 	pwd "github.com/hashicorp/go-secure-stdlib/password"
 	"github.com/hashicorp/vault/api"
 	"github.com/mitchellh/mapstructure"
 )

 type CLIHandler struct {
 	DefaultMount string
 }

 func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, error) {
 	var data struct {
 		Username string `mapstructure:"username"`
 		Password string `mapstructure:"password"`
 		Mount    string `mapstructure:"mount"`
 	}
 	if err := mapstructure.WeakDecode(m, &data); err != nil {
 		return nil, err
 	}

 	if data.Username == "" {
 		return nil, fmt.Errorf("'username' must be specified")
 	}
 	if data.Password == "" {
 		fmt.Fprintf(os.Stderr, "Password (will be hidden): ")
 		password, err := pwd.Read(os.Stdin)
 		fmt.Fprintf(os.Stderr, "\n")
 		if err != nil {
 			return nil, err
 		}
 		data.Password = password
 	}
 	if data.Mount == "" {
 		data.Mount = h.DefaultMount
 	}

 	options := map[string]interface{}{
 		"password": data.Password,
 	}

 	path := fmt.Sprintf("auth/%s/login/%s", data.Mount, data.Username)
 	secret, err := c.Logical().Write(path, options)
 	if err != nil {
 		return nil, err
 	}
 	if secret == nil {
 		return nil, fmt.Errorf("empty response from credential provider")
 	}

 	return secret, nil
 }

 func (h *CLIHandler) Help() string {
 	help := `
 Usage: vault login -method=userpass [CONFIG K=V...]

   The userpass auth method allows users to authenticate using Vault's
   internal user database.

   Authenticate as "sally":

       $ vault login -method=userpass username=sally
       Password (will be hidden):

   Authenticate as "bob":

       $ vault login -method=userpass username=bob password=password

 Configuration:

   password=<string>
       Password to use for authentication. If not provided, the CLI will prompt
       for this on stdin.

   username=<string>
       Username to use for authentication.
 `

 	return strings.TrimSpace(help)
 }
	// Copyright (c) HashiCorp, Inc.
	// SPDX-License-Identifier: MPL-2.0

	package userpass

	import (
	"fmt"
	"os"
	"strings"

	pwd "github.com/hashicorp/go-secure-stdlib/password"
	"github.com/hashicorp/vault/api"
	"github.com/mitchellh/mapstructure"
	)

	type CLIHandler struct {
	DefaultMount string
	}

	func (h CLIHandler) Auth(c api.Client, m map[string]string) (*api.Secret, error) {
	var data struct {
	Username string `mapstructure:"username"`
	Password string `mapstructure:"password"`
	Mount string `mapstructure:"mount"`
	}
	if err := mapstructure.WeakDecode(m, &data); err != nil {
	return nil, err
	}

	if data.Username == "" {
	return nil, fmt.Errorf("'username' must be specified")
	}
	if data.Password == "" {
	fmt.Fprintf(os.Stderr, "Password (will be hidden): ")
	password, err := pwd.Read(os.Stdin)
	fmt.Fprintf(os.Stderr, "\n")
	if err != nil {
	return nil, err
	}
	data.Password = password
	}
	if data.Mount == "" {
	data.Mount = h.DefaultMount
	}

	options := map[string]interface{}{
	"password": data.Password,
	}

	path := fmt.Sprintf("auth/%s/login/%s", data.Mount, data.Username)
	secret, err := c.Logical().Write(path, options)
	if err != nil {
	return nil, err
	}
	if secret == nil {
	return nil, fmt.Errorf("empty response from credential provider")
	}

	return secret, nil
	}

	func (h *CLIHandler) Help() string {
	help := `
	Usage: vault login -method=userpass [CONFIG K=V...]

	The userpass auth method allows users to authenticate using Vault's
	internal user database.

	Authenticate as "sally":

	$ vault login -method=userpass username=sally
	Password (will be hidden):

	Authenticate as "bob":

	$ vault login -method=userpass username=bob password=password

	Configuration:

	password=<string>
	Password to use for authentication. If not provided, the CLI will prompt
	for this on stdin.

	username=<string>
	Username to use for authentication.
	`

	return strings.TrimSpace(help)
	}