1use netidx::{config::Config, resolver_client::DesiredAuth};
2use structopt::StructOpt;
3
4#[derive(StructOpt, Debug, Clone)]
5pub struct ClientParams {
6 #[structopt(short = "c", long = "config", help = "path to the client config")]
7 pub config: Option<String>,
8 #[structopt(short = "a", long = "auth", help = "auth mechanism")]
9 pub auth: Option<DesiredAuth>,
10 #[structopt(long = "upn", help = "kerberos upn, only if auth = krb5")]
11 pub upn: Option<String>,
12 #[structopt(long = "spn", help = "kerberos spn, only if auth = krb5")]
13 pub spn: Option<String>,
14 #[structopt(
15 long = "identity",
16 help = "the tls identity to publish as, default_identity if omitted"
17 )]
18 pub identity: Option<String>,
19}
20
21impl ClientParams {
22 pub fn load(&self) -> (Config, DesiredAuth) {
23 let cfg = match &self.config {
24 None => Config::load_default().expect("failed to load default netidx config"),
25 Some(path) => Config::load(path).expect("failed to load netidx config"),
26 };
27 let auth = match self.auth.clone().unwrap_or_else(|| cfg.default_auth()) {
28 auth @ (DesiredAuth::Anonymous | DesiredAuth::Local) => auth,
29 DesiredAuth::Krb5 { .. } => {
30 DesiredAuth::Krb5 { upn: self.upn.clone(), spn: self.spn.clone() }
31 }
32 DesiredAuth::Tls { .. } => {
33 DesiredAuth::Tls { identity: self.identity.clone() }
34 }
35 };
36 match &auth {
37 DesiredAuth::Krb5 { .. } => (),
38 DesiredAuth::Anonymous | DesiredAuth::Local | DesiredAuth::Tls { .. } => {
39 if self.upn.is_some() || self.spn.is_some() {
40 panic!("upn/spn may only be specified for krb5 auth")
41 }
42 }
43 }
44 match &auth {
45 DesiredAuth::Tls { .. } => (),
46 DesiredAuth::Anonymous | DesiredAuth::Local | DesiredAuth::Krb5 { .. } => {
47 if self.identity.is_some() {
48 panic!("identity may only be specified for tls auth")
49 }
50 }
51 }
52 (cfg, auth)
53 }
54}