openstack_cli 0.13.5

// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0
//
// WARNING: This file is automatically generated from OpenAPI schema using
// `openstack-codegenerator`.

//! Create Saml2 command
//!
//! Wraps invoking of the `v3/auth/OS-FEDERATION/saml2` with `POST` method

use clap::Args;
use eyre::{OptionExt, WrapErr};
use tracing::info;

use openstack_sdk::AsyncOpenStack;

use crate::Cli;
use crate::OpenStackCliError;
use crate::output::OutputProcessor;

use clap::ValueEnum;
use dialoguer::Password;
use openstack_sdk::api::QueryAsync;
use openstack_sdk::api::identity::v3::auth::os_federation::saml2::create;
use serde_json::Value;

/// Exchange a scoped token for a SAML assertion.
///
/// POST /v3/auth/OS-FEDERATION/saml2
#[derive(Args)]
pub struct Saml2Command {
    /// Request Query parameters
    #[command(flatten)]
    query: QueryParameters,

    /// Path parameters
    #[command(flatten)]
    path: PathParameters,

    /// An `auth` object.
    #[command(flatten)]
    auth: Auth,
}

/// Query parameters
#[derive(Args)]
struct QueryParameters {}

/// Path parameters
#[derive(Args)]
struct PathParameters {}
/// ApplicationCredential Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct ApplicationCredential {
    /// The ID of the application credential used for authentication. If not
    /// provided, the application credential must be identified by its name and
    /// its owning user.
    #[arg(help_heading = "Body parameters", long)]
    id: Option<String>,

    /// The name of the application credential used for authentication. If
    /// provided, must be accompanied by a user object.
    #[arg(help_heading = "Body parameters", long)]
    name: Option<String>,

    /// The secret for authenticating the application credential.
    #[arg(help_heading = "Body parameters", long, required = false)]
    secret: Option<String>,

    /// A user object, required if an application credential is identified by
    /// name and not ID.
    #[arg(help_heading = "Body parameters", long, value_name="JSON", value_parser=crate::common::parse_json)]
    user: Option<Value>,
}

#[derive(Clone, Eq, Ord, PartialEq, PartialOrd, ValueEnum)]
enum Methods {
    ApplicationCredential,
    Password,
    Token,
    Totp,
}

/// PasswordUser Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct PasswordUser {
    /// A `domain` object
    #[arg(help_heading = "Body parameters", long, value_name="JSON", value_parser=crate::common::parse_json)]
    domain: Option<Value>,

    /// The ID of the user. Required if you do not specify the user name.
    #[arg(help_heading = "Body parameters", long)]
    id: Option<String>,

    /// The user name. Required if you do not specify the ID of the user. If
    /// you specify the user name, you must also specify the domain, by ID or
    /// name.
    #[arg(help_heading = "Body parameters", long)]
    name: Option<String>,

    /// User Password
    #[arg(help_heading = "Body parameters", long)]
    password: Option<String>,
}

/// Password Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct Password {
    /// A `user` object.
    #[command(flatten)]
    user: Option<PasswordUser>,
}

/// Token Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct Token {
    /// Authorization Token value
    #[arg(help_heading = "Body parameters", long, required = false)]
    id: Option<String>,
}

/// TotpUser Body data
#[derive(Args, Clone)]
#[group(required = true, multiple = true)]
struct TotpUser {
    /// A `domain` object
    #[arg(help_heading = "Body parameters", long, value_name="JSON", value_parser=crate::common::parse_json)]
    domain: Option<Value>,

    /// The user ID
    #[arg(help_heading = "Body parameters", long)]
    id: Option<String>,

    /// The user name
    #[arg(help_heading = "Body parameters", long)]
    name: Option<String>,

    /// MFA passcode
    #[arg(help_heading = "Body parameters", long, required = false)]
    passcode: Option<String>,
}

/// Totp Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct Totp {
    #[command(flatten)]
    user: TotpUser,
}

/// Identity Body data
#[derive(Args, Clone)]
#[group(required = true, multiple = true)]
struct Identity {
    /// An application credential object.
    #[command(flatten)]
    application_credential: Option<ApplicationCredential>,

    /// The authentication method. For password authentication, specify
    /// `password`.
    ///
    /// Parameter is an array, may be provided multiple times.
    #[arg(action=clap::ArgAction::Append, help_heading = "Body parameters", long, required=false)]
    methods: Vec<Methods>,

    /// The `password` object, contains the authentication information.
    #[command(flatten)]
    password: Option<Password>,

    /// A `token` object
    #[command(flatten)]
    token: Option<Token>,

    /// Multi Factor Authentication information
    #[command(flatten)]
    totp: Option<Totp>,
}

/// OsTrustTrust Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct OsTrustTrust {
    #[arg(help_heading = "Body parameters", long)]
    id: Option<String>,
}

/// ScopeDomain Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct ScopeDomain {
    /// Domain id
    #[arg(help_heading = "Body parameters", long)]
    id: Option<String>,

    /// Domain name
    #[arg(help_heading = "Body parameters", long)]
    name: Option<String>,
}

/// System Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct System {
    #[arg(action=clap::ArgAction::Set, help_heading = "Body parameters", long)]
    all: Option<bool>,
}

/// Scope Body data
#[derive(Args, Clone)]
#[group(required = false, multiple = true)]
struct Scope {
    #[command(flatten)]
    domain: Option<ScopeDomain>,

    #[command(flatten)]
    os_trust_trust: Option<OsTrustTrust>,

    #[arg(help_heading = "Body parameters", long, value_name="JSON", value_parser=crate::common::parse_json)]
    project: Option<Value>,

    #[command(flatten)]
    system: Option<System>,
}

/// Auth Body data
#[derive(Args, Clone)]
struct Auth {
    /// An `identity` object.
    #[command(flatten)]
    identity: Identity,

    /// The authorization scope, including the system (Since v3.10), a project,
    /// or a domain (Since v3.4). If multiple scopes are specified in the same
    /// request (e.g. project and domain or domain and system) an HTTP 400 Bad
    /// Request will be returned, as a token cannot be simultaneously scoped to
    /// multiple authorization targets. An ID is sufficient to uniquely
    /// identify a project but if a project is specified by name, then the
    /// domain of the project must also be specified in order to uniquely
    /// identify the project by name. A domain scope may be specified by either
    /// the domain’s ID or name with equivalent results.
    #[command(flatten)]
    scope: Option<Scope>,
}

impl Saml2Command {
    /// Perform command action
    pub async fn take_action(
        &self,
        parsed_args: &Cli,
        client: &mut AsyncOpenStack,
    ) -> Result<(), OpenStackCliError> {
        info!("Create Saml2");

        let op = OutputProcessor::from_args(
            parsed_args,
            Some("identity.auth/OS_FEDERATION/saml2"),
            Some("create"),
        );
        op.validate_args(parsed_args)?;

        let mut ep_builder = create::Request::builder();

        // Set body parameters
        // Set Request.auth data
        let args = &self.auth;
        let mut auth_builder = create::AuthBuilder::default();

        let mut identity_builder = create::IdentityBuilder::default();
        if let Some(val) = &&args.identity.application_credential {
            let mut application_credential_builder =
                create::ApplicationCredentialBuilder::default();
            if let Some(val) = &val.id {
                application_credential_builder.id(val);
            }
            if let Some(val) = &val.name {
                application_credential_builder.name(val);
            }

            application_credential_builder.secret(&val.secret);
            if let Some(val) = &val.user {
                application_credential_builder
                    .user(serde_json::from_value::<create::User>(val.to_owned())?);
            }
            identity_builder.application_credential(
                application_credential_builder
                    .build()
                    .wrap_err("error preparing the request data")?,
            );
        }

        identity_builder.methods(
            args.identity
                .methods
                .iter()
                .map(|x| match x {
                    Methods::ApplicationCredential => create::Methods::ApplicationCredential,
                    Methods::Password => create::Methods::Password,
                    Methods::Token => create::Methods::Token,
                    Methods::Totp => create::Methods::Totp,
                })
                .collect::<Vec<_>>(),
        );
        if let Some(val) = &&args.identity.password {
            let mut password_builder = create::PasswordBuilder::default();
            if let Some(val) = &val.user {
                let mut user_builder = create::PasswordUserBuilder::default();
                if let Some(val) = &val.domain {
                    user_builder.domain(serde_json::from_value::<create::Domain>(val.to_owned())?);
                }
                if let Some(val) = &val.id {
                    user_builder.id(val);
                }
                if let Some(val) = &val.name {
                    user_builder.name(val);
                }
                if let Some(val) = &val.password {
                    user_builder.password(val);
                }
                password_builder.user(
                    user_builder
                        .build()
                        .wrap_err("error preparing the request data")?,
                );
            }
            identity_builder.password(
                password_builder
                    .build()
                    .wrap_err("error preparing the request data")?,
            );
        }
        if let Some(val) = &&args.identity.token {
            let mut token_builder = create::TokenBuilder::default();

            token_builder.id(&val.id);
            identity_builder.token(
                token_builder
                    .build()
                    .wrap_err("error preparing the request data")?,
            );
        }
        if let Some(val) = &&args.identity.totp {
            let mut totp_builder = create::TotpBuilder::default();

            let mut user_builder = create::TotpUserBuilder::default();
            if let Some(val) = &&val.user.domain {
                user_builder.domain(serde_json::from_value::<create::Domain>(val.to_owned())?);
            }
            if let Some(val) = &&val.user.id {
                user_builder.id(val);
            }
            if let Some(val) = &&val.user.name {
                user_builder.name(val);
            }

            user_builder.passcode(&val.user.passcode);
            totp_builder.user(
                user_builder
                    .build()
                    .wrap_err("error preparing the request data")?,
            );
            identity_builder.totp(
                totp_builder
                    .build()
                    .wrap_err("error preparing the request data")?,
            );
        }
        auth_builder.identity(
            identity_builder
                .build()
                .wrap_err("error preparing the request data")?,
        );

        if let Some(val) = &args.scope {
            let mut scope_builder = create::ScopeBuilder::default();
            if let Some(val) = &val.os_trust_trust {
                let mut os_trust_trust_builder = create::OsTrustTrustBuilder::default();
                if let Some(val) = &val.id {
                    os_trust_trust_builder.id(val);
                }
                scope_builder.os_trust_trust(
                    os_trust_trust_builder
                        .build()
                        .wrap_err("error preparing the request data")?,
                );
            }
            if let Some(val) = &val.domain {
                let mut domain_builder = create::ScopeDomainBuilder::default();
                if let Some(val) = &val.id {
                    domain_builder.id(val);
                }
                if let Some(val) = &val.name {
                    domain_builder.name(val);
                }
                scope_builder.domain(
                    domain_builder
                        .build()
                        .wrap_err("error preparing the request data")?,
                );
            }
            if let Some(val) = &val.project {
                scope_builder.project(serde_json::from_value::<create::Project>(val.to_owned())?);
            }
            if let Some(val) = &val.system {
                let mut system_builder = create::SystemBuilder::default();
                if let Some(val) = &val.all {
                    system_builder.all(*val);
                }
                scope_builder.system(
                    system_builder
                        .build()
                        .wrap_err("error preparing the request data")?,
                );
            }
            auth_builder.scope(
                scope_builder
                    .build()
                    .wrap_err("error preparing the request data")?,
            );
        }

        ep_builder.auth(
            auth_builder
                .build()
                .wrap_err("error preparing the request data")?,
        );

        let ep = ep_builder
            .build()
            .map_err(|x| OpenStackCliError::EndpointBuild(x.to_string()))?;
        openstack_sdk::api::ignore(ep).query_async(client).await?;
        // Show command specific hints
        op.show_command_hint()?;
        Ok(())
    }
}