client: add support for OXIDE_PROFILE (#332)

Allow reading the authentication profile from the `OXIDE_PROFILE`
environment variable.

Author: lgfa29

oxide/lib.go

@@ -26,6 +26,10 @@ const (
 	// HostEnvVar is the environment variable that contains the host.
 	HostEnvVar = "OXIDE_HOST"
 
+	// ProfileEnvVar is the environment variable that contains the credentials
+	// profile to use.
+	ProfileEnvVar = "OXIDE_PROFILE"
+
 	// credentialsFile is the name of the file the Oxide CLI stores credentials in.
 	credentialsFile = "credentials.toml"
 
@@ -89,47 +93,42 @@ type authCredentials struct {
 }
 
 // NewClient creates a new client for the Oxide API. To authenticate with
-// environment variables, set OXIDE_HOST and OXIDE_TOKEN accordingly. Pass in a
-// non-nil *Config to set the various configuration options on a Client. When
-// setting the host and token through the *Config, these will override any set
-// environment variables. The Profile and UseDefaultProfile fields will pull
-// authentication information from the credentials.toml file generated by
-// the Oxide CLI. These are mutally exclusive with each other and the Host and
-// Token fields.
+// environment variables, set either OXIDE_HOST and OXIDE_TOKEN, or
+// OXIDE_PROFILE accordingly. Pass in a non-nil *Config to set the various
+// configuration options on a Client. When setting the host, token, or profile
+// through the *Config, these will override any set environment variables. The
+// Profile and UseDefaultProfile fields will pull authentication information
+// from the credentials.toml file generated by the Oxide CLI. These are
+// mutually exclusive with each other and the Host and Token fields.
 func NewClient(cfg *Config) (*Client, error) {
 	token := os.Getenv(TokenEnvVar)
 	host := os.Getenv(HostEnvVar)
+	profile := os.Getenv(ProfileEnvVar)
+	useDefaultProfile := false
 	userAgent := defaultUserAgent()
 	httpClient := &http.Client{
 		Timeout: 600 * time.Second,
 	}
 
-	// Layer in the user-provided configuration if provided.
+	// Layer in the user-provided configuration if provided and override
+	// environment variables when needed.
 	if cfg != nil {
-		if cfg.Profile != "" || cfg.UseDefaultProfile {
-			if cfg.Profile != "" && cfg.UseDefaultProfile {
-				return nil, errors.New("cannot authenticate with both default profile and a defined profile")
-			}
-
-			if cfg.Host != "" || cfg.Token != "" {
-				return nil, errors.New("cannot authenticate with both a profile and host/token")
-			}
-
-			fileCreds, err := getProfile(*cfg)
-			if err != nil {
-				return nil, fmt.Errorf("unable to retrieve profile: %w", err)
-			}
-
-			token = fileCreds.token
-			host = fileCreds.host
-		}
+		useDefaultProfile = cfg.UseDefaultProfile
 
 		if cfg.Host != "" {
 			host = cfg.Host
+			profile = cfg.Profile // Ignore OXIDE_PROFILE.
 		}
 
 		if cfg.Token != "" {
 			token = cfg.Token
+			profile = cfg.Profile // Ignore OXIDE_PROFILE.
+		}
+
+		if cfg.Profile != "" {
+			profile = cfg.Profile
+			host = cfg.Host   // Ignore OXIDE_HOST.
+			token = cfg.Token // Ignore OXIDE_TOKEN.
 		}
 
 		if cfg.UserAgent != "" {
@@ -141,6 +140,33 @@ func NewClient(cfg *Config) (*Client, error) {
 		}
 	}
 
+	if (profile != "" || useDefaultProfile) && (host != "" || token != "") {
+		return nil, errors.New("cannot authenticate with both a profile and host/token")
+	}
+	if profile != "" && useDefaultProfile {
+		return nil, errors.New("cannot authenticate with both default profile and a defined profile")
+	}
+	if profile != "" || useDefaultProfile {
+		var configDir string
+		if cfg != nil && cfg.ConfigDir != "" {
+			configDir = cfg.ConfigDir
+		} else {
+			homeDir, err := os.UserHomeDir()
+			if err != nil {
+				return nil, fmt.Errorf("unable to find user's home directory: %w", err)
+			}
+			configDir = filepath.Join(homeDir, defaultConfigDir)
+		}
+
+		authCredentials, err := getProfile(configDir, profile, useDefaultProfile)
+		if err != nil {
+			return nil, fmt.Errorf("unable to retrieve profile: %w", err)
+		}
+
+		host = authCredentials.host
+		token = authCredentials.token
+	}
+
 	errs := make([]error, 0)
 	host, err := parseBaseURL(host)
 	if err != nil {
@@ -173,20 +199,9 @@ func defaultUserAgent() string {
 
 // getProfile determines the path of the user's credentials file
 // and returns the host and token for the requested profile.
-func getProfile(cfg Config) (*authCredentials, error) {
-	configDir := cfg.ConfigDir
-	if configDir == "" {
-		homeDir, err := os.UserHomeDir()
-		if err != nil {
-			return nil, fmt.Errorf("unable to find user's home directory: %w", err)
-		}
-		configDir = filepath.Join(homeDir, defaultConfigDir)
-	}
-
-	profile := cfg.Profile
-
+func getProfile(configDir string, profile string, useDefault bool) (*authCredentials, error) {
 	// Use explicitly configured profile over default when both are set.
-	if cfg.UseDefaultProfile && profile == "" {
+	if useDefault && profile == "" {
 		configPath := filepath.Join(configDir, configFile)
 
 		var err error

oxide/lib_test.go

@@ -227,6 +227,26 @@ func Test_NewClient(t *testing.T) {
 				userAgent: "bob",
 			},
 		},
+		"succeeds with config, overrides env": {
+			env: map[string]string{
+				"OXIDE_PROFILE": "file",
+			},
+			config: func(string) *Config {
+				return &Config{
+					Host:  "http://localhost",
+					Token: "foo",
+				}
+			},
+			setHome: true,
+			expectedClient: &Client{
+				host:  "http://localhost/",
+				token: "foo",
+				client: &http.Client{
+					Timeout: 600 * time.Second,
+				},
+				userAgent: defaultUserAgent(),
+			},
+		},
 		"succeeds with profile": {
 			config: func(string) *Config {
 				return &Config{
@@ -243,6 +263,23 @@ func Test_NewClient(t *testing.T) {
 				userAgent: defaultUserAgent(),
 			},
 		},
+		"succeeds with profile from env": {
+			env: map[string]string{
+				"OXIDE_PROFILE": "file",
+			},
+			config: func(string) *Config {
+				return &Config{}
+			},
+			setHome: true,
+			expectedClient: &Client{
+				host:  "http://file-host/",
+				token: "file-token",
+				client: &http.Client{
+					Timeout: 600 * time.Second,
+				},
+				userAgent: defaultUserAgent(),
+			},
+		},
 		"succeeds with default profile": {
 			config: func(string) *Config {
 				return &Config{
@@ -311,6 +348,24 @@ func Test_NewClient(t *testing.T) {
 				userAgent: defaultUserAgent(),
 			},
 		},
+		"succeeds with host and token from different sources ": {
+			env: map[string]string{
+				"OXIDE_TOKEN": "foo",
+			},
+			config: func(string) *Config {
+				return &Config{
+					Host: "http://localhost",
+				}
+			},
+			expectedClient: &Client{
+				host:  "http://localhost/",
+				token: "foo",
+				client: &http.Client{
+					Timeout: 600 * time.Second,
+				},
+				userAgent: defaultUserAgent(),
+			},
+		},
 		"fails with missing address using config": {
 			env: map[string]string{
 				"OXIDE_HOST":  "",
@@ -441,6 +496,8 @@ func Test_NewClient(t *testing.T) {
 
 			if testCase.expectedError != "" {
 				assert.EqualError(t, err, strings.ReplaceAll(testCase.expectedError, "<OXIDE_DIR>", oxideDir))
+			} else {
+				assert.NoError(t, err)
 			}
 
 			assert.Equal(t, testCase.expectedClient, c)