diff options
| author | Leandro Alves <ldalves@gmail.com> | 2021-11-18 15:27:59 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-18 15:27:59 +0100 |
| commit | 4dd9f111330b5b6e54da2f2351bb8960a324546f (patch) | |
| tree | fffe6b524b4ad01026c38c4cd16edf802fbfc0b8 /client | |
| parent | 46d1ce434cc7c4149ca9c1ba812888022cfee296 (diff) | |
| parent | df131d07f0812393f1a56195729cad5d6c5afe7c (diff) | |
Merge pull request #20095 from vespa-engine/ldalves/device-flow-config
Use system api to get config
Diffstat (limited to 'client')
| -rw-r--r-- | client/go/auth0/auth0.go | 49 | ||||
| -rw-r--r-- | client/go/cmd/login.go | 2 | ||||
| -rw-r--r-- | client/go/cmd/logout.go | 2 | ||||
| -rw-r--r-- | client/go/vespa/target.go | 2 |
4 files changed, 35 insertions, 20 deletions
diff --git a/client/go/auth0/auth0.go b/client/go/auth0/auth0.go index 0cb613f13b7..377d56a1637 100644 --- a/client/go/auth0/auth0.go +++ b/client/go/auth0/auth0.go @@ -9,6 +9,7 @@ import ( "fmt" "io/ioutil" "net/http" + "net/url" "os" "os/signal" "path/filepath" @@ -16,7 +17,6 @@ import ( "sync" "time" - "github.com/joeshaw/envdecode" "github.com/lestrrat-go/jwx/jwt" "github.com/pkg/browser" "github.com/vespa-engine/vespa/client/go/auth" @@ -41,21 +41,19 @@ type System struct { type Auth0 struct { Authenticator *auth.Authenticator system string + systemApiUrl string initOnce sync.Once errOnce error Path string config config } -// default to vespa-cd.auth0.com -var ( - authCfg struct { - Audience string `env:"AUTH0_AUDIENCE,default=https://vespa-cd.auth0.com/api/v2/"` - ClientID string `env:"AUTH0_CLIENT_ID,default=4wYWA496zBP28SLiz0PuvCt8ltL11DZX"` - DeviceCodeEndpoint string `env:"AUTH0_DEVICE_CODE_ENDPOINT,default=https://vespa-cd.auth0.com/oauth/device/code"` - OauthTokenEndpoint string `env:"AUTH0_OAUTH_TOKEN_ENDPOINT,default=https://vespa-cd.auth0.com/oauth/token"` - } -) +type authCfg struct { + Audience string `json:"audience"` + ClientID string `json:"client-id"` + DeviceCodeEndpoint string `json:"device-code-endpoint"` + OauthTokenEndpoint string `json:"oauth-token-endpoint"` +} func ContextWithCancel() context.Context { ctx, cancel := context.WithCancel(context.Background()) @@ -71,22 +69,39 @@ func ContextWithCancel() context.Context { // GetAuth0 will try to initialize the config context, as well as figure out if // there's a readily available system. -func GetAuth0(configPath string, systemName string) (*Auth0, error) { +func GetAuth0(configPath string, systemName string, systemApiUrl string) (*Auth0, error) { a := Auth0{} a.Path = configPath a.system = systemName - if err := envdecode.StrictDecode(&authCfg); err != nil { - return nil, fmt.Errorf("could not decode env: %w", err) + a.systemApiUrl = systemApiUrl + c, err := a.getDeviceFlowConfig() + if err != nil { + return nil, fmt.Errorf("cannot get auth config: %w", err) } a.Authenticator = &auth.Authenticator{ - Audience: authCfg.Audience, - ClientID: authCfg.ClientID, - DeviceCodeEndpoint: authCfg.DeviceCodeEndpoint, - OauthTokenEndpoint: authCfg.OauthTokenEndpoint, + Audience: c.Audience, + ClientID: c.ClientID, + DeviceCodeEndpoint: c.DeviceCodeEndpoint, + OauthTokenEndpoint: c.OauthTokenEndpoint, } return &a, nil } +func (a *Auth0) getDeviceFlowConfig() (authCfg, error) { + systemApiUrl, _ := url.Parse(a.systemApiUrl + "/auth0/v1/device-flow-config") + r, err := http.Get(systemApiUrl.String()) + if err != nil { + return authCfg{}, fmt.Errorf("cannot get auth config: %w", err) + } + defer r.Body.Close() + var res authCfg + err = json.NewDecoder(r.Body).Decode(&res) + if err != nil { + return authCfg{}, fmt.Errorf("cannot decode response: %w", err) + } + return res, nil +} + // IsLoggedIn encodes the domain logic for determining whether we're // logged in. This might check our config storage, or just in memory. func (a *Auth0) IsLoggedIn() bool { diff --git a/client/go/cmd/login.go b/client/go/cmd/login.go index 0e09a6d6244..7607fbb99d9 100644 --- a/client/go/cmd/login.go +++ b/client/go/cmd/login.go @@ -24,7 +24,7 @@ var loginCmd = &cobra.Command{ if err != nil { return err } - a, err := auth0.GetAuth0(cfg.AuthConfigPath(), getSystemName()) + a, err := auth0.GetAuth0(cfg.AuthConfigPath(), getSystemName(), getApiURL()) if err != nil { return err } diff --git a/client/go/cmd/logout.go b/client/go/cmd/logout.go index 18b7a2166ad..e3cfe6733eb 100644 --- a/client/go/cmd/logout.go +++ b/client/go/cmd/logout.go @@ -24,7 +24,7 @@ var logoutCmd = &cobra.Command{ if err != nil { return err } - a, err := auth0.GetAuth0(cfg.AuthConfigPath(), getSystemName()) + a, err := auth0.GetAuth0(cfg.AuthConfigPath(), getSystemName(), getApiURL()) if err != nil { return err } diff --git a/client/go/vespa/target.go b/client/go/vespa/target.go index 92ed441c619..46ca7e9706a 100644 --- a/client/go/vespa/target.go +++ b/client/go/vespa/target.go @@ -280,7 +280,7 @@ func (t *cloudTarget) PrepareApiRequest(req *http.Request, sigKeyId string) erro } func (t *cloudTarget) addAuth0AccessToken(request *http.Request) error { - a, err := auth0.GetAuth0(t.authConfigPath, t.systemName) + a, err := auth0.GetAuth0(t.authConfigPath, t.systemName, t.apiURL) system, err := a.PrepareSystem(auth0.ContextWithCancel()) if err != nil { return err |