From 599781b3a4582b2c2cae81e76f14cd16606c04fe Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Sat, 25 Feb 2023 22:36:14 +0000
Subject: T5033: Ability to generate muliple keys from a file or link

We generate only one public key (string) from a file xxx.pub
op-mode with 'generate public-key-command user vyos lik_to_key_file'
Add ability to generate configuration (from op-mode) for multiple keys

As github keys don't use identifiers, generate uuid4 id for them
---
 src/op_mode/generate_public_key_command.py | 59 +++++++++++++++++++++---------
 1 file changed, 41 insertions(+), 18 deletions(-)

(limited to 'src')

diff --git a/src/op_mode/generate_public_key_command.py b/src/op_mode/generate_public_key_command.py
index f071ae350..8ba55c901 100755
--- a/src/op_mode/generate_public_key_command.py
+++ b/src/op_mode/generate_public_key_command.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2022 VyOS maintainers and contributors
+# Copyright (C) 2022-2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -19,28 +19,51 @@ import sys
 import urllib.parse
 
 import vyos.remote
+from vyos.template import generate_uuid4
 
-def get_key(path):
+
+def get_key(path) -> list:
+    """Get public keys from a local file or remote URL
+
+    Args:
+        path: Path to the public keys file
+
+    Returns: list of public keys split by new line
+
+    """
     url = urllib.parse.urlparse(path)
     if url.scheme == 'file' or url.scheme == '':
         with open(os.path.expanduser(path), 'r') as f:
             key_string = f.read()
     else:
         key_string = vyos.remote.get_remote_config(path)
-    return key_string.split()
-
-try:
-    username = sys.argv[1]
-    algorithm, key, identifier = get_key(sys.argv[2])
-except Exception as e:
-    print("Failed to retrieve the public key: {}".format(e))
-    sys.exit(1)
-
-print('# To add this key as an embedded key, run the following commands:')
-print('configure')
-print(f'set system login user {username} authentication public-keys {identifier} key {key}')
-print(f'set system login user {username} authentication public-keys {identifier} type {algorithm}')
-print('commit')
-print('save')
-print('exit')
+    return key_string.split('\n')
+
+
+if __name__ == "__main__":
+    first_loop = True
+
+    for k in get_key(sys.argv[2]):
+        k = k.split()
+        # Skip empty list entry
+        if k == []:
+            continue
+
+        try:
+            username = sys.argv[1]
+            # Github keys don't have identifier for example 'vyos@localhost'
+            # 'ssh-rsa AAAA... vyos@localhost'
+            # Generate uuid4 identifier
+            identifier = f'github@{generate_uuid4("")}' if sys.argv[2].startswith('https://github.com') else k[2]
+            algorithm, key = k[0], k[1]
+        except Exception as e:
+            print("Failed to retrieve the public key: {}".format(e))
+            sys.exit(1)
+
+        if first_loop:
+            print('# To add this key as an embedded key, run the following commands:')
+            print('configure')
+        print(f'set system login user {username} authentication public-keys {identifier} key {key}')
+        print(f'set system login user {username} authentication public-keys {identifier} type {algorithm}')
 
+        first_loop = False
-- 
cgit v1.2.3