Ported CLI from commander to yargs because yargs suits our large CLI better and is easier to develop with. Split commands into separate files since the file was getting annoyingly long.

2026-04-18 08:03:30 +02:00 · 2016-12-21 01:09:08 +09:00
parent 72a16ed2ff
commit cc736ba0ac
35 changed files with 2006 additions and 1538 deletions
--- a/lib/cli/auth-saml2/index.js
+++ b/lib/cli/auth-saml2/index.js
@@ -0,0 +1,73 @@
+module.exports.command = 'auth-saml2'
+
+module.exports.describe = 'Start a SAML 2.0 auth unit.'
+
+module.exports.builder = function(yargs) {
+  return yargs
+    .env('STF_AUTH_SAML2')
+    .strict()
+    .option('app-url', {
+      alias: 'a'
+    , describe: 'URL to the app unit.'
+    , type: 'string'
+    , demand: true
+    })
+    .option('port', {
+      alias: 'p'
+    , describe: 'The port to bind to.'
+    , type: 'number'
+    , default: process.env.PORT || 7120
+    })
+    .option('saml-id-provider-entry-point-url', {
+      describe: 'SAML 2.0 identity provider URL.'
+    , type: 'string'
+    , default: process.env.SAML_ID_PROVIDER_ENTRY_POINT_URL
+    , demand: true
+    })
+    .option('saml-id-provider-issuer', {
+      describe: 'SAML 2.0 identity provider issuer.'
+    , type: 'string'
+    , default: process.env.SAML_ID_PROVIDER_ISSUER
+    , demand: true
+    })
+    .option('saml-id-provider-cert-path', {
+      describe: 'SAML 2.0 identity provider certificate file path.'
+    , type: 'string'
+    , default: process.env.SAML_ID_PROVIDER_CERT_PATH
+    })
+    .option('secret', {
+      alias: 's'
+    , describe: 'The secret to use for auth JSON Web Tokens. Anyone who ' +
+        'knows this token can freely enter the system if they want, so keep ' +
+        'it safe.'
+    , type: 'string'
+    , default: process.env.SECRET
+    , demand: true
+    })
+    .option('ssid', {
+      alias: 'i'
+    , describe: 'The name of the session ID cookie.'
+    , type: 'string'
+    , default: process.env.SSID || 'ssid'
+    })
+    .epilog('Each option can be be overwritten with an environment variable ' +
+      'by converting the option to uppercase, replacing dashes with ' +
+      'underscores and prefixing it with `STF_AUTH_SAML2_` (e.g. ' +
+      '`STF_AUTH_SAML2_SECRET`). Legacy environment variables like ' +
+      'SAML_ID_PROVIDER_ISSUER are still accepted, too, but consider them ' +
+      'deprecated.')
+}
+
+module.exports.handler = function(argv) {
+  return require('../../units/auth/saml2')({
+    port: argv.port
+  , secret: argv.secret
+  , ssid: argv.ssid
+  , appUrl: argv.appUrl
+  , saml: {
+      entryPoint: argv.samlIdProviderEntryPointUrl
+    , issuer: argv.samlIdProviderIssuer
+    , certPath: argv.samlIdProviderCertPath
+    }
+  })
+}