base for using IBMid as authentication

Author: allmightyspiff

SoftLayer/CLI/config/setup.py

@@ -19,7 +19,7 @@ def get_api_key(client, username, secret):
     """
 
     # Try to use a client with username/api key
-    if len(secret) == 64:
+    if len(secret) == 64 or username == 'apikey':
         try:
             client['Account'].getCurrentUser()
             return secret
@@ -40,7 +40,10 @@ def get_api_key(client, username, secret):
 @click.command()
 @environment.pass_env
 def cli(env):
-    """Edit configuration."""
+    """Setup the ~/.softlayer file with username and apikey.
+
+    Set the username to 'apikey' for cloud.ibm.com accounts.
+    """
 
     username, secret, endpoint_url, timeout = get_user_input(env)
     new_client = SoftLayer.Client(username=username, api_key=secret, endpoint_url=endpoint_url, timeout=timeout)

SoftLayer/CLI/hardware/bandwidth.py

@@ -1,4 +1,4 @@
-"""Get details for a hardware device."""
+"""GBandwidth data over date range. Bandwidth is listed in GB"""
 # :license: MIT, see LICENSE for more details.
 
 import click

SoftLayer/auth.py

@@ -73,10 +73,17 @@ def __init__(self, username, api_key):
 
     def get_request(self, request):
         """Sets token-based auth headers."""
-        request.headers['authenticate'] = {
-            'username': self.username,
-            'apiKey': self.api_key,
-        }
+
+        # See https://cloud.ibm.com/docs/iam?topic=iam-iamapikeysforservices for why this is the way it is
+        if self.username == 'apikey':
+            request.transport_user = self.username
+            request.transport_password = self.api_key
+        else:
+            request.headers['authenticate'] = {
+                'username': self.username,
+                'apiKey': self.api_key,
+            }
+
         return request
 
     def __repr__(self):

SoftLayer/transports.py

@@ -170,6 +170,10 @@ def __call__(self, request):
         largs = list(request.args)
         headers = request.headers
 
+        auth = None
+        if request.transport_user:
+            auth = requests.auth.HTTPBasicAuth(request.transport_user, request.transport_password)
+
         if request.identifier is not None:
             header_name = request.service + 'InitParameters'
             headers[header_name] = {'id': request.identifier}
@@ -208,6 +212,7 @@ def __call__(self, request):
         try:
             resp = self.client.request('POST', request.url,
                                        data=request.payload,
+                                       auth=auth,
                                        headers=request.transport_headers,
                                        timeout=self.timeout,
                                        verify=request.verify,
@@ -253,6 +258,7 @@ def print_reproduceable(self, request):
         from string import Template
         output = Template('''============= testing.py =============
 import requests
+from requests.auth import HTTPBasicAuth
 from requests.adapters import HTTPAdapter
 from urllib3.util.retry import Retry
 from xml.etree import ElementTree
@@ -261,6 +267,9 @@ def print_reproduceable(self, request):
 retry = Retry(connect=3, backoff_factor=3)
 adapter = HTTPAdapter(max_retries=retry)
 client.mount('https://', adapter)
+# This is only needed if you are using an cloud.ibm.com api key
+#auth=HTTPBasicAuth('apikey', YOUR_CLOUD_API_KEY)
+auth=None
 url = '$url'
 payload = """$payload"""
 transport_headers = $transport_headers
@@ -269,7 +278,7 @@ def print_reproduceable(self, request):
 cert = $cert
 proxy = $proxy
 response = client.request('POST', url, data=payload, headers=transport_headers, timeout=timeout,
-               verify=verify, cert=cert, proxies=proxy)
+               verify=verify, cert=cert, proxies=proxy, auth=auth)
 xml = ElementTree.fromstring(response.content)
 ElementTree.dump(xml)
 ==========================''')

docs/cli.rst

@@ -48,6 +48,8 @@ To check the configuration, you can use `slcli config show`.
 	:..............:..................................................................:
 
 
+If you are using an account created from the https://cloud.ibm.com portal, your username will be literally `apikey`, and use the key provided. `How to create an IBM apikey <https://cloud.ibm.com/docs/iam?topic=iam-userapikey#create_user_key>`_
+
 To see more about the config file format, see :ref:`config_file`.
 
 .. _usage-examples:

docs/cli/config.rst

@@ -0,0 +1,18 @@
+.. _cli_config:
+
+Config
+========
+
+`Creating an IBMID apikey <https://cloud.ibm.com/docs/iam?topic=iam-userapikey#create_user_key>`_
+`IBMid for services <https://cloud.ibm.com/docs/iam?topic=iam-iamapikeysforservices>`_
+
+`Creating a SoftLayer apikey <https://cloud.ibm.com/docs/customer-portal?topic=customer-portal-customerportal_api>`_
+
+.. click:: SoftLayer.CLI.config.setup:cli
+    :prog: config setup
+    :show-nested:
+
+
+.. click:: SoftLayer.CLI.config.show:cli
+    :prog: config show
+    :show-nested:

docs/config_file.rst

@@ -25,3 +25,13 @@ automatically by the `slcli setup` command detailed here:
   api_key = oyVmeipYQCNrjVS4rF9bHWV7D75S6pa1fghFl384v7mwRCbHTfuJ8qRORIqoVnha
   endpoint_url = https://api.softlayer.com/xmlrpc/v3/
   timeout = 40
+
+
+*Cloud.ibm.com Config Example*
+::
+
+  [softlayer]
+  username = apikey
+  api_key = 123cNyhzg45Ab6789ADyzwR_2LAagNVbySgY73tAQOz1
+  endpoint_url = https://api.softlayer.com/rest/v3.1/
+  timeout = 40