Skip to content

Commit

Permalink
Merge pull request #257 from IBM-Cloud/dev
Browse files Browse the repository at this point in the history
Promote dev to master
  • Loading branch information
jorge-ibm authored Sep 16, 2021
2 parents 9b63e2d + ccf0da0 commit aeb0b24
Show file tree
Hide file tree
Showing 19 changed files with 987 additions and 128 deletions.
21 changes: 21 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# This is an example configuration to enable detect-secrets in the pre-commit hook.
# Add this file to the root folder of your repository.
#
# Read pre-commit hook framework https://pre-commit.com/ for more details about the structure of config yaml file and how git pre-commit would invoke each hook.
#
# This line indicates we will use the hook from ibm/detect-secrets to run scan during committing phase.
# Whitewater/whitewater-detect-secrets would sync code to ibm/detect-secrets upon merge.
- repo: https://github.com/ibm/detect-secrets
# If you desire to use a specific version of detect-secrets, you can replace `master` with other git revisions such as branch, tag or commit sha.
# You are encouraged to use static refs such as tags, instead of branch name
#
# Running "pre-commit autoupdate" would automatically updates rev to latest tag
rev: master
hooks:
- id: detect-secrets # pragma: whitelist secret
# Add options for detect-secrets-hook binary. You can run `detect-secrets-hook --help` to list out all possible options.
# You may also run `pre-commit run detect-secrets` to preview the scan result.
# when "--baseline" without "--use-all-plugins", pre-commit scan with just plugins in baseline file
# when "--baseline" with "--use-all-plugins", pre-commit scan with all available plugins
# add "--fail-on-non-audited" to fail pre-commit for unaudited potential secrets
args: [--baseline, .secrets.baseline, --use-all-plugins, --fail-on-non-audited]
68 changes: 57 additions & 11 deletions .secrets.baseline
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,17 @@
"files": "^.secrets.baseline$",
"lines": null
},
"generated_at": "2021-04-16T18:38:00Z",
"generated_at": "2021-09-15T17:17:42Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
},
{
"name": "ArtifactoryDetector"
},
{
"name": "AzureStorageKeyDetector"
},
{
"base64_limit": 4.5,
"name": "Base64HighEntropyString"
Expand All @@ -25,6 +28,7 @@
"name": "CloudantDetector"
},
{
"ghe_instance": "github.ibm.com",
"name": "GheDetector"
},
{
Expand All @@ -47,6 +51,9 @@
{
"name": "MailchimpDetector"
},
{
"name": "NpmDetector"
},
{
"name": "PrivateKeyDetector"
},
Expand All @@ -56,6 +63,9 @@
{
"name": "SoftlayerDetector"
},
{
"name": "SquareOAuthDetector"
},
{
"name": "StripeDetector"
},
Expand All @@ -77,59 +87,77 @@
"hashed_secret": "c2df5d3d760ff42f33fb38e2534d4c1b7ddde3ab",
"is_secret": false,
"is_verified": false,
"line_number": 26,
"line_number": 29,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "c287d1da815abde11f19d14ab6f9dba01f57698e",
"is_secret": false,
"is_verified": false,
"line_number": 27,
"line_number": 30,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "41aaaaa69550b140807e70dcc170a497dbeadf0d",
"is_secret": false,
"is_verified": false,
"line_number": 30,
"line_number": 33,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "ca51a3e5092ede254e7121c4fc9fb07a0a55f2a0",
"is_secret": false,
"is_verified": false,
"line_number": 31,
"line_number": 34,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "d327b16674fb457f595a2bc5cdbd98f8143632be",
"is_secret": false,
"is_verified": false,
"line_number": 32,
"line_number": 35,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "3c81615afb40d1889fc2e1fff551a8b59b4e80ce",
"is_secret": false,
"is_verified": false,
"line_number": 36,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "3438d9111af8058916e075b463bd7a6583cbf012",
"is_secret": false,
"is_verified": false,
"line_number": 212,
"line_number": 233,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "53213c46677ac6f5576c44a4cbbdbe186d67cb00",
"is_secret": false,
"is_verified": false,
"line_number": 214,
"line_number": 235,
"type": "Secret Keyword",
"verified_result": null
}
],
"bluemix/authentication/iam/iam_test.go": [
{
"hashed_secret": "c8f0df25bade89c1873f5f01b85bcfb921443ac6",
"is_secret": false,
"is_verified": false,
"line_number": 19,
"type": "JSON Web Token",
"verified_result": null
}
],
"bluemix/authentication/uaa/uaa.go": [
{
"hashed_secret": "3438d9111af8058916e075b463bd7a6583cbf012",
Expand All @@ -140,6 +168,16 @@
"verified_result": null
}
],
"bluemix/configuration/core_config/bx_config_test.go": [
{
"hashed_secret": "9507a758af9127f99a700b500657fd558b705dc9",
"is_secret": false,
"is_verified": false,
"line_number": 274,
"type": "JSON Web Token",
"verified_result": null
}
],
"bluemix/configuration/core_config/cf_config.go": [
{
"hashed_secret": "e85f6eac7402c010fcea6b6d024a1875ac213f99",
Expand Down Expand Up @@ -167,19 +205,27 @@
"type": "JSON Web Token",
"verified_result": null
},
{
"hashed_secret": "42be9b0e85dc9f0fcb42c69058b133fd23dfde2b",
"is_secret": false,
"is_verified": false,
"line_number": 21,
"type": "JSON Web Token",
"verified_result": null
},
{
"hashed_secret": "73f596843cdc77ecc6a0a4cdc5b5d89071ad1b79",
"is_secret": false,
"is_verified": false,
"line_number": 19,
"line_number": 25,
"type": "JSON Web Token",
"verified_result": null
},
{
"hashed_secret": "63a47776714d85556701c61dd731a302ed132385",
"is_secret": false,
"is_verified": false,
"line_number": 27,
"line_number": 33,
"type": "Hex High Entropy String",
"verified_result": null
}
Expand Down Expand Up @@ -537,7 +583,7 @@
}
]
},
"version": "0.13.1+ibm.34.dss",
"version": "0.13.1+ibm.45.dss",
"word_list": {
"file": null,
"hash": null
Expand Down
5 changes: 4 additions & 1 deletion CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Contributing to Atom
# Contributing to IBM Cloud CLI SDK

:+1:First of all, thanks for your time to contribute!:tada:

Expand All @@ -16,6 +16,9 @@ We follow the offical [CodeReviewComments](https://github.com/golang/go/wiki/Cod

Make sure you have good unit test. Run `go test -cover $(go list ./...)`, and ensure coverage is above 80% for major packages (aka packages other than i18n, fakes, docs...).

#### Secret Detection
This project uses the IBM Detect Secrets Module. Install the module, by following these [instructions](https://github.com/ibm/detect-secrets#installupgrade-module). Once installed, enable the pre-commit secret detection hook by following these [instructions](https://github.com/ibm/detect-secrets#installupgrade-module) to ensure no secrets are committed to this repo.


#### Commit Message

Expand Down
4 changes: 4 additions & 0 deletions bluemix/authentication/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ func (r *TokenRequest) ResponseTypes() []ResponseType {
return r.responseTypes
}

func (r *TokenRequest) GetTokenParam(key string) string {
return r.params.Get(key)
}

func (r *TokenRequest) SetResponseType(responseTypes ...ResponseType) {
r.responseTypes = responseTypes
}
Expand Down
19 changes: 19 additions & 0 deletions bluemix/authentication/auth_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package authentication_test

import (
"testing"

"github.com/IBM-Cloud/ibm-cloud-cli-sdk/bluemix/authentication"
"github.com/IBM-Cloud/ibm-cloud-cli-sdk/bluemix/authentication/iam"
"github.com/stretchr/testify/assert"
)

func TestGetTokenParam(t *testing.T) {
req := authentication.NewTokenRequest(iam.GrantTypeCRToken)
profileParam := "myProfile"
req.SetTokenParam("profile", profileParam)

parsedParam := req.GetTokenParam("profile")

assert.Equal(t, profileParam, parsedParam)
}
21 changes: 21 additions & 0 deletions bluemix/authentication/iam/iam.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ const (
defaultClientSecret = "bx"
defaultUAAClientID = "cf"
defaultUAAClientSecret = ""
crTokenParam = "cr_token"
profileIDParam = "profile_id"
profileNameParam = "profile_name"
)

// Grant types
Expand All @@ -30,6 +33,7 @@ const (
GrantTypeDelegatedRefreshToken authentication.GrantType = "urn:ibm:params:oauth:grant-type:delegated-refresh-token" // #nosec G101
GrantTypeIdentityCookie authentication.GrantType = "urn:ibm:params:oauth:grant-type:identity-cookie"
GrantTypeDerive authentication.GrantType = "urn:ibm:params:oauth:grant-type:derive"
GrantTypeCRToken authentication.GrantType = "urn:ibm:params:oauth:grant-type:cr-token"
)

// Response types
Expand Down Expand Up @@ -81,6 +85,23 @@ func APIKeyTokenRequest(apikey string, opts ...authentication.TokenOption) *auth
return r
}

func CRTokenRequest(crToken string, profileID string, profileName string, opts ...authentication.TokenOption) *authentication.TokenRequest {
r := authentication.NewTokenRequest(GrantTypeCRToken)
r.SetTokenParam(crTokenParam, crToken)

if profileID != "" {
r.SetTokenParam(profileIDParam, profileID)
}
if profileName != "" {
r.SetTokenParam(profileNameParam, profileName)
}

for _, o := range opts {
r.WithOption(o)
}
return r
}

func RefreshTokenRequest(refreshToken string, opts ...authentication.TokenOption) *authentication.TokenRequest {
r := authentication.NewTokenRequest(GrantTypeRefreshToken)
r.SetTokenParam("refresh_token", refreshToken)
Expand Down
Loading

0 comments on commit aeb0b24

Please sign in to comment.