mirror of
https://github.com/davidallendj/magellan.git
synced 2025-12-20 03:27:03 -07:00
84 lines
2.7 KiB
Go
84 lines
2.7 KiB
Go
package cmd
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"os"
|
|
|
|
magellan "github.com/OpenCHAMI/magellan/internal"
|
|
"github.com/lestrrat-go/jwx/jwt"
|
|
"github.com/spf13/cobra"
|
|
)
|
|
|
|
var (
|
|
loginUrl string
|
|
targetHost string
|
|
targetPort int
|
|
tokenPath string
|
|
forceLogin bool
|
|
noBrowser bool
|
|
)
|
|
|
|
var loginCmd = &cobra.Command{
|
|
Use: "login",
|
|
Short: "Log in with identity provider for access token",
|
|
Long: "",
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
// check if we have a valid JWT before starting login
|
|
if !forceLogin {
|
|
// try getting the access token from env var
|
|
testToken := []byte(os.Getenv("OCHAMI_ACCESS_TOKEN"))
|
|
if testToken == nil {
|
|
// try reading access token from a file
|
|
b, err := os.ReadFile(tokenPath)
|
|
if err != nil {
|
|
fmt.Printf("failed to read access token from file: %v\n", err)
|
|
return
|
|
}
|
|
testToken = b
|
|
}
|
|
// parse into jwt.Token to validate
|
|
token, err := jwt.Parse(testToken)
|
|
if err != nil {
|
|
fmt.Printf("failed to parse access token contents: %v\n", err)
|
|
return
|
|
}
|
|
// check if the token is invalid and we need a new one
|
|
err = jwt.Validate(token)
|
|
if err != nil {
|
|
fmt.Printf("failed to validate access token...fetching a new one")
|
|
} else {
|
|
fmt.Printf("found a valid token...skipping login (use the '-f/--force' flag to login anyway)")
|
|
return
|
|
}
|
|
}
|
|
|
|
// start the login flow
|
|
var err error
|
|
accessToken, err = magellan.Login(loginUrl, targetHost, targetPort)
|
|
if errors.Is(err, http.ErrServerClosed) {
|
|
fmt.Printf("\n=========================================\nServer closed.\n=========================================\n\n")
|
|
} else if err != nil {
|
|
fmt.Printf("failed to start server: %v\n", err)
|
|
}
|
|
|
|
// if we got a new token successfully, save it to the token path
|
|
if accessToken != "" && tokenPath != "" {
|
|
err := os.WriteFile(tokenPath, []byte(accessToken), os.ModePerm)
|
|
if err != nil {
|
|
fmt.Printf("failed to write access token to file: %v\n", err)
|
|
}
|
|
}
|
|
},
|
|
}
|
|
|
|
func init() {
|
|
loginCmd.Flags().StringVar(&loginUrl, "url", "http://127.0.0.1:3333/login", "set the login URL")
|
|
loginCmd.Flags().StringVar(&targetHost, "target-host", "127.0.0.1", "set the target host to return the access code")
|
|
loginCmd.Flags().IntVar(&targetPort, "target-port", 5000, "set the target host to return the access code")
|
|
loginCmd.Flags().BoolVarP(&forceLogin, "force", "f", false, "start the login process even with a valid token")
|
|
loginCmd.Flags().StringVar(&tokenPath, "token-path", ".ochami-token", "set the path the load/save the access token")
|
|
loginCmd.Flags().BoolVar(&noBrowser, "no-browser", false, "prevent the default browser from being opened automatically")
|
|
rootCmd.AddCommand(loginCmd)
|
|
}
|