Skip to content
This repository has been archived by the owner on May 23, 2019. It is now read-only.

CIF tokens

Jump to bottom
Gabriel Iovino edited this page Jun 4, 2015 · 7 revisions

Tokens are used for authorization. Tokens are managed by the /opt/cif/bin/cif-tokens tool.

List tokens

Run the cif-tokens tool with no command line switches

$ /opt/cif/bin/cif-tokens
username       groups   admin read write acl expires revoked token                                                           
cif-smrt       everyone            yes                       cbe063846786db05ebe494475f65efde533749ba516206c17c65580218b96a7b
cif-worker     everyone       yes  yes                       7d9a03a682f76e6bc486d0aacc230370a4fe362dc9417bd5f48ffbe9c0f09209
root@localhost everyone       yes  yes                       ab284e119df6e40f55681d854a76dc4dc1c09b65ea8689d02d993e939c408460

Add a user

$ /opt/cif/bin/cif-tokens --new --user john.smith@example.com
username               groups   admin read write acl expires revoked token                                                           
john.smith@example.com everyone       yes                            b76b0ac05393936c34aa3151f3d0a123f822e6c83f73c887fd0f3de96c15797b

Delete a user

/opt/cif/bin/cif-tokens --delete --username john.smith@example.com
[2015-03-25T11:54:22,932Z][INFO]: 1 tokens deleted...

Modify a user

The only things you can modify to an existing user are:

  • generate a new token
  • remove a token
  • revoke a user / token

If you want to change the following properties you have delete the user and create a new user:

  • username
  • admin flag
  • expires date

Usage text

/opt/cif/bin/cif-tokens -h

Usage: /opt/cif/bin/cif-tokens [OPTION]

Options:

    -h, --help      this message     
   
    --username      specify a username
    --admin         set the admin flag for the user
    --read          set read permissions for a token
    --write         set write permissions for a token
    --expires       set an expiration date for the token
    --groups        specify the groups for the user (default: everyone)
    
Actions:

    --new           generate a new token               
    --delete        remove token
    --revoke        revoke a user / token
    --import        import tokens list from v1 instance (bin/cif_apikeys_export) using STDIN
    --import-path   specify a path to read for importing tokens (aka: apikeys in v1)
    
    --write-enable  enable write access for a specified user / token
    --write-disable disable write access for a specified user / token
    
Advanced:

    --generate-config-path      generate a new config with token
    --generate-config-remote    default: https://localhost
    --generate-config-tls       default: true

Storage:

    --storage       default: elasticsearch
    --storage-host  default: localhost:9200

 Examples:
    /opt/cif/bin/cif-tokens --new --user me@example.com --expires 2016-07-01 --admin
    /opt/cif/bin/cif-tokens --new --user root --groups everyone,groupA,groupB

Creative Commons License

Clone this wiki locally