From 0b6663f8b33dfa09aa08ca4fc7febe5947549765 Mon Sep 17 00:00:00 2001 From: SergioLangaritaBenitez Date: Wed, 14 Aug 2024 12:51:53 +0200 Subject: [PATCH] oidc-token implementation --- cmd/cluster_add.go | 11 +++++++++-- pkg/cluster/cluster.go | 6 ++++++ pkg/config/config.go | 3 ++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/cmd/cluster_add.go b/cmd/cluster_add.go index 3ff53f1..c2e90db 100644 --- a/cmd/cluster_add.go +++ b/cmd/cluster_add.go @@ -37,11 +37,17 @@ func clusterAddFunc(cmd *cobra.Command, args []string) error { var err error oidcAccountName, _ := cmd.Flags().GetString("oidc-account-name") + oidcToken, _ := cmd.Flags().GetString("oidc-token") if oidcAccountName != "" { if len(args) != 2 { cmd.SilenceUsage = false return errors.New("if the \"--oidc-account-name\" flag is set only 2 arguments are allowed") } + } else if oidcToken != "" { + if len(args) != 2 { + cmd.SilenceUsage = false + return errors.New("if the \"--oidc-token\" flag is set only 2 arguments are allowed") + } } else { if len(args) == 2 { cmd.SilenceUsage = false @@ -76,7 +82,7 @@ func clusterAddFunc(cmd *cobra.Command, args []string) error { disableSSL, _ := cmd.Flags().GetBool("disable-ssl") - err = conf.AddCluster(configPath, identifier, endpoint, username, pass, oidcAccountName, !disableSSL) + err = conf.AddCluster(configPath, identifier, endpoint, username, pass, oidcAccountName, oidcToken, !disableSSL) if err != nil { return err } @@ -88,7 +94,7 @@ func clusterAddFunc(cmd *cobra.Command, args []string) error { func makeClusterAddCmd() *cobra.Command { clusterAddCmd := &cobra.Command{ - Use: "add IDENTIFIER ENDPOINT {USERNAME {PASSWORD | --password-stdin} | --oidc-account-name ACCOUNT}", + Use: "add IDENTIFIER ENDPOINT {USERNAME {PASSWORD | --password-stdin} | --oidc-account-name ACCOUNT | --oidc-token TOKEN}", Short: "Add a new existing cluster to oscar-cli", Args: cobra.RangeArgs(2, 4), Aliases: []string{"a"}, @@ -98,6 +104,7 @@ func makeClusterAddCmd() *cobra.Command { clusterAddCmd.Flags().Bool("disable-ssl", false, "disable verification of ssl certificates for the added cluster") clusterAddCmd.Flags().Bool("password-stdin", false, "take the password from stdin") clusterAddCmd.Flags().StringP("oidc-account-name", "o", "", "OIDC account name to authenticate using oidc-agent. Note that oidc-agent must be started and properly configured\n(See: https://indigo-dc.gitbook.io/oidc-agent/)") + clusterAddCmd.Flags().StringP("oidc-token", "t", "", "OIDC token to authenticate using oidc-token. Note that oidc-token must be started and properly configured\n(See: https://mytoken.data.kit.edu/)") return clusterAddCmd } diff --git a/pkg/cluster/cluster.go b/pkg/cluster/cluster.go index 8863747..450ae76 100644 --- a/pkg/cluster/cluster.go +++ b/pkg/cluster/cluster.go @@ -51,6 +51,7 @@ type Cluster struct { AuthUser string `json:"auth_user,omitempty"` AuthPassword string `json:"auth_password,omitempty"` OIDCAccountName string `json:"oidc_account_name,omitempty"` + OIDCToken string `json:"oidc_token,omitempty"` SSLVerify bool `json:"ssl_verify"` Memory string `json:"memory"` LogLevel string `json:"log_level"` @@ -108,6 +109,11 @@ func (cluster *Cluster) GetClient(args ...int) *http.Client { token: token, transport: transport, } + } else if cluster.OIDCToken != "" { + transport = &tokenRoundTripper{ + token: cluster.OIDCToken, + transport: transport, + } } else { // Use basic auth transport = &basicAuthRoundTripper{ diff --git a/pkg/config/config.go b/pkg/config/config.go index c199b3b..9962471 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -119,13 +119,14 @@ func (config *Config) writeConfig(configPath string) (err error) { } // AddCluster adds a new cluster to the config -func (config *Config) AddCluster(configPath string, id string, endpoint string, authUser string, authPassword string, oidcAccountName string, sslVerify bool) error { +func (config *Config) AddCluster(configPath string, id string, endpoint string, authUser string, authPassword string, oidcAccountName string, oidcToken string, sslVerify bool) error { // Add (or overwrite) the new cluster config.Oscar[id] = &cluster.Cluster{ Endpoint: endpoint, AuthUser: authUser, AuthPassword: authPassword, OIDCAccountName: oidcAccountName, + OIDCToken: oidcToken, SSLVerify: sslVerify, Memory: defaultMemory, LogLevel: defaultLogLevel,