deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2025-07-07 21:23:34 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Allow user to optionally specify serial number on resetpiv (#1607)

Browse Source
This commit is contained in:
Ross Scroggs
2023-02-27 08:17:20 -08:00
committed by GitHub
parent 3ad1d5c661
commit c67b214298
2 changed files with 26 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/GamCommands.txt
View File

@ -911,8 +911,8 @@ gam oauth|oauth2 refresh
gam <UserTypeEntity> check serviceaccount [scope|scopes <APIScopeURLList>] gam <UserTypeEntity> check serviceaccount [scope|scopes <APIScopeURLList>]
gam yubikey [resetpiv] gam yubikey resetpiv [yubikeyserialnumber <Number>]
gam rotate sakey yubikey yubikey_pin yubikey_slot AUTHENTICATION yubikeypin <String> yubikeyserialnumber <String> gam rotate sakey yubikey yubikey_pin yubikey_slot AUTHENTICATION yubikeyserialnumber <Number>
gam create [gcpserviceaccount|signjwtserviceaccount] gam create [gcpserviceaccount|signjwtserviceaccount]
gam enable apis [auto|manual] gam enable apis [auto|manual]

33
src/gam/__init__.py
View File

@ -7897,6 +7897,28 @@ def doShowServiceAccountKeys():
display.print_json(keys) display.print_json(keys)
def getYubiKeySerialNumber(new_data, serial_number):
try:
new_data['yubikey_serial_number'] = int(serial_number)
except ValueError:
controlflow.system_error_exit(
3,
'yubikey_serial_number must be a number')
def doResetYubiKeyPIV():
new_data = {}
i = 3
while i < len(sys.argv):
myarg = sys.argv[i].lower().replace('_', '')
if myarg == 'yubikeyserialnumber':
getYubiKeySerialNumber(new_data, sys.argv[i+1])
i += 2
else:
controlflow.invalid_argument_exit(myarg, 'gam yubikey resetpiv')
yk = yubikey.YubiKey(new_data)
yk.serial_number = yk.get_serial_number()
yk.reset_piv()
def create_signjwt_serviceaccount(): def create_signjwt_serviceaccount():
i = 3 i = 3
if i < len(sys.argv): if i < len(sys.argv):
@ -7978,12 +8000,7 @@ def doCreateOrRotateServiceAccountKeys(iam=None,
new_data['yubikey_pin'] = input('Enter your YubiKey PIN: ') new_data['yubikey_pin'] = input('Enter your YubiKey PIN: ')
i += 1 i += 1
elif myarg == 'yubikeyserialnumber': elif myarg == 'yubikeyserialnumber':
try: getYubiKeySerialNumber(new_data, sys.argv[i+1])
new_data['yubikey_serial_number'] = int(sys.argv[i+1])
except ValueError:
controlflow.system_error_exit(
3,
'yubikey_serial_number must be a number')
i += 2 i += 2
elif myarg in ['retainnone', 'retainexisting', 'replacecurrent']: elif myarg in ['retainnone', 'retainexisting', 'replacecurrent']:
mode = myarg mode = myarg
@ -12185,9 +12202,7 @@ def ProcessGAMCommand(args):
elif command in ['yubikey']: elif command in ['yubikey']:
action = sys.argv[2].lower().replace('_', '') action = sys.argv[2].lower().replace('_', '')
if action == 'resetpiv': if action == 'resetpiv':
yk = yubikey.YubiKey() doResetYubiKeyPIV()
yk.serial_number = yk.get_serial_number()
yk.reset_piv()
else: else:
controlflow.invalid_argument_exit(action, f'gam yubikey') controlflow.invalid_argument_exit(action, f'gam yubikey')
sys.exit(0) sys.exit(0)