Skip to content

Commit

Permalink
move roundTripperAndTokenProvider function to go-tsuruclient
Browse files Browse the repository at this point in the history
  • Loading branch information
wpjunior committed Apr 3, 2024
1 parent 0cbda6c commit 1e295e0
Show file tree
Hide file tree
Showing 7 changed files with 10 additions and 154 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ require (
github.com/pmorie/go-open-service-broker-client v0.0.0-20180330214919-dca737037ce6
github.com/sabhiram/go-gitignore v0.0.0-20171017070213-362f9845770f
github.com/tsuru/gnuflag v0.0.0-20151217162021-86b8c1b864aa
github.com/tsuru/go-tsuruclient v0.0.0-20240403135512-9b622fd21811
github.com/tsuru/go-tsuruclient v0.0.0-20240403173008-e8ea92a75f9b
github.com/tsuru/tablecli v0.0.0-20190131152944-7ded8a3383c6
github.com/tsuru/tsuru v0.0.0-20240325190920-410c71393b77
golang.org/x/net v0.20.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -675,8 +675,8 @@ github.com/tsuru/config v0.0.0-20201023175036-375aaee8b560 h1:fniQ/BmYAHdnNmY333
github.com/tsuru/config v0.0.0-20201023175036-375aaee8b560/go.mod h1:mj6t8JKWU51GScTT50XRmDj65T5XhTyNvO5FUNV5zS4=
github.com/tsuru/gnuflag v0.0.0-20151217162021-86b8c1b864aa h1:JlLQP1xa13a994p/Aau2e3K9xXYaHNoNvTDVIMHSUa4=
github.com/tsuru/gnuflag v0.0.0-20151217162021-86b8c1b864aa/go.mod h1:UibOSvkMFKRe/eiwktAPAvQG8L+p8nYsECJvu3Dgw7I=
github.com/tsuru/go-tsuruclient v0.0.0-20240403135512-9b622fd21811 h1:g5ktNzfiJg3KbxKHmSfkxZ/VjVAuYv1LTNwAU0//HSU=
github.com/tsuru/go-tsuruclient v0.0.0-20240403135512-9b622fd21811/go.mod h1:qwh/KJ6ypa2GISRI79XFOHhnSjGOe1cZVPHF3nfrf18=
github.com/tsuru/go-tsuruclient v0.0.0-20240403173008-e8ea92a75f9b h1:De7rIp7qigWFMpdxukKcUPFDjacmwN4drji6i4X+hT0=
github.com/tsuru/go-tsuruclient v0.0.0-20240403173008-e8ea92a75f9b/go.mod h1:qwh/KJ6ypa2GISRI79XFOHhnSjGOe1cZVPHF3nfrf18=
github.com/tsuru/tablecli v0.0.0-20190131152944-7ded8a3383c6 h1:1XDdWFAjIbCSG1OjN9v9KdWhuM8UtYlFcfHe/Ldkchk=
github.com/tsuru/tablecli v0.0.0-20190131152944-7ded8a3383c6/go.mod h1:ztYpOhW+u1k21FEqp7nZNgpWbr0dUKok5lgGCZi+1AQ=
github.com/tsuru/tsuru v0.0.0-20240325190920-410c71393b77 h1:cuWFjNLaemdQZhojqJbb/rOXO97tlcPeLAHg/x+EQGk=
Expand Down
60 changes: 0 additions & 60 deletions tsuru/auth/oidc.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,10 @@
package auth

import (
"context"
stdContext "context"
"fmt"
"net"
"net/http"
"os"
"reflect"
"time"

"github.com/tsuru/go-tsuruclient/pkg/config"
Expand Down Expand Up @@ -104,60 +101,3 @@ func oidcLogin(ctx *cmd.Context, loginInfo *authTypes.SchemeInfo) error {
server.Shutdown(timedCtx)
return nil
}

func NewOIDCTokenSource(tokenV2 *config.TokenV2) oauth2.TokenSource {
baseTokenSource := tokenV2.OAuth2Config.TokenSource(context.Background(), tokenV2.OAuth2Token)
return newTokenSourceFSStorage(baseTokenSource, tokenV2)
}

type TokenSourceFSStorage struct {
BaseTokenSource oauth2.TokenSource
LastToken *config.TokenV2
}

var _ oauth2.TokenSource = &TokenSourceFSStorage{}

func (t *TokenSourceFSStorage) Token() (*oauth2.Token, error) {
newToken, err := t.BaseTokenSource.Token()
if err != nil {
return nil, err
}

if !reflect.DeepEqual(t.LastToken.OAuth2Token, newToken) {
fmt.Fprintf(os.Stderr, "The OIDC token was refreshed and expiry in %s\n", time.Since(newToken.Expiry)*-1)

t.LastToken.OAuth2Token = newToken
err = config.WriteTokenV2(*t.LastToken)
if err != nil {
fmt.Fprintf(os.Stderr, "Could not write refreshed token: %s\n", err.Error())
return nil, err
}

err = config.WriteTokenV1(newToken.AccessToken)
if err != nil {
fmt.Fprintf(os.Stderr, "Could not write legacy refreshed token: %s\n", err.Error())
return nil, err
}
}

return newToken, nil
}

func newTokenSourceFSStorage(baseTokenSource oauth2.TokenSource, tokenV2 *config.TokenV2) oauth2.TokenSource {
return &TokenSourceFSStorage{
BaseTokenSource: baseTokenSource,
LastToken: tokenV2,
}
}

type OIDCTokenProvider struct {
OAuthTokenSource oauth2.TokenSource
}

func (ts *OIDCTokenProvider) Token() (string, error) {
t, err := ts.OAuthTokenSource.Token()
if err != nil {
return "", err
}
return t.AccessToken, nil
}
42 changes: 0 additions & 42 deletions tsuru/auth/oidc_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -93,45 +93,3 @@ func (s *S) TestOIDChLogin(c *check.C) {
},
})
}

type fakeTokenSource struct{}

func (f *fakeTokenSource) Token() (*oauth2.Token, error) {
return &oauth2.Token{
AccessToken: "access-token-321",
Expiry: time.Now().Add(time.Hour),
}, nil
}

func (s *S) TestTokenSourceFSStorage(c *check.C) {

config.SetFileSystem(&fstest.RecordingFs{})

defer func() {
config.ResetFileSystem()
}()

fts := &fakeTokenSource{}
tokenSourceFSStorage := &TokenSourceFSStorage{
BaseTokenSource: fts,
LastToken: &config.TokenV2{
OAuth2Token: &oauth2.Token{
AccessToken: "access-token-123",
},
},
}

token, err := tokenSourceFSStorage.Token()
c.Assert(err, check.IsNil)

c.Assert(token.AccessToken, check.Equals, "access-token-321")

tokenV1fromConfig, err := config.ReadTokenV1()
c.Assert(err, check.IsNil)
c.Assert(tokenV1fromConfig, check.Equals, "access-token-321")

tokenV2fromConfig, err := config.ReadTokenV2()
c.Assert(err, check.IsNil)
c.Assert(tokenV2fromConfig.OAuth2Token.AccessToken, check.Equals, "access-token-321")

}
7 changes: 0 additions & 7 deletions tsuru/http/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,13 +45,6 @@ func Test(t *testing.T) { check.TestingT(t) }

var globalManager *cmd.Manager

func targetInit() {
f, _ := config.Filesystem().Create(config.JoinWithUserDir(".tsuru", "target"))
f.Write([]byte("http://localhost"))
f.Close()
config.WriteOnTargetList("test", "http://localhost")
}

func (s *S) TestShouldSetCloseToTrue(c *check.C) {
os.Setenv("TSURU_VERBOSITY", "2")
defer func() {
Expand Down
18 changes: 0 additions & 18 deletions tsuru/http/transport_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,7 @@ import (
"net/http"
"os"

"github.com/tsuru/go-tsuruclient/pkg/config"
"github.com/tsuru/tsuru/cmd/cmdtest"
"github.com/tsuru/tsuru/fs/fstest"
check "gopkg.in/check.v1"
)

Expand Down Expand Up @@ -71,19 +69,3 @@ func (s *S) TestVerboseRoundTripperDumpRequestResponse2(c *check.C) {
"*************************** </Response uri=\"/users\"> **********************************\n")

}

func (s *S) TestTokenV1RoundTripperShouldIncludeTheHeaderAuthorizationWhenTsuruTokenFileExists(c *check.C) {
os.Unsetenv("TSURU_TOKEN")
config.SetFileSystem(&fstest.RecordingFs{FileContent: "mytoken"})
targetInit()
defer func() {
config.ResetFileSystem()
}()
request, err := http.NewRequest("GET", "/", nil)
c.Assert(err, check.IsNil)
trans := cmdtest.Transport{Message: "", Status: http.StatusOK}
rt := &TokenV1RoundTripper{RoundTripper: &trans}
_, err = rt.RoundTrip(request)
c.Assert(err, check.IsNil)
c.Assert(request.Header.Get("Authorization"), check.Equals, "bearer mytoken")
}
31 changes: 7 additions & 24 deletions tsuru/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,9 @@ import (

"github.com/ajg/form"
"github.com/pkg/errors"
goTsuruClient "github.com/tsuru/go-tsuruclient/pkg/client"
"github.com/tsuru/go-tsuruclient/pkg/config"

"github.com/tsuru/tsuru-client/tsuru/admin"
"github.com/tsuru/tsuru-client/tsuru/auth"
"github.com/tsuru/tsuru-client/tsuru/client"
Expand Down Expand Up @@ -313,7 +315,11 @@ func main() {

func initAuthorization() {
name := cmd.ExtractProgramName(os.Args[0])
roundTripper, tokenProvider := roundTripperAndTokenProvider()
roundTripper, tokenProvider, err := goTsuruClient.RoundTripperAndTokenProvider()
if err != nil {
fmt.Fprintf(os.Stderr, "Could not read token V2: %q\n", err.Error())
os.Exit(1)
}

tsuruHTTP.AuthenticatedClient = tsuruHTTP.NewTerminalClient(tsuruHTTP.TerminalClientOptions{
RoundTripper: roundTripper,
Expand All @@ -325,29 +331,6 @@ func initAuthorization() {
config.DefaultTokenProvider = tokenProvider
}

func roundTripperAndTokenProvider() (http.RoundTripper, config.TokenProvider) {
tokenV2, err := config.ReadTokenV2()
if err != nil {
fmt.Fprintf(os.Stderr, "Could not read token V2: %q\n", err.Error())
os.Exit(1)
}

teamToken := config.ReadTeamToken()
if tokenV2 != nil && tokenV2.Scheme == "oidc" && teamToken == "" {
oidcTokenSource := auth.NewOIDCTokenSource(tokenV2)
tokenProvider := &auth.OIDCTokenProvider{OAuthTokenSource: oidcTokenSource}

roundTripper := &oauth2.Transport{
Base: http.DefaultTransport,
Source: oidcTokenSource,
}

return roundTripper, tokenProvider
}

return tsuruHTTP.NewTokenV1RoundTripper(), config.TokenProviderV1()
}

type versionCmd struct{}

func (c *versionCmd) Info() *cmd.Info {
Expand Down

0 comments on commit 1e295e0

Please sign in to comment.