Skip to content

Commit 4bdd166

Browse files
spbsolublespbsoluble
committed
fix(auth): Add prompt for providing oauth access token directly rather than force client id and client secret.
fix(auth): For interactive passwords trim leading and/or trailing `\n` characters. Signed-off-by: spbsoluble <[email protected]>
1 parent 91376ae commit 4bdd166

File tree

3 files changed

+77
-33
lines changed

3 files changed

+77
-33
lines changed

cmd/login.go

Lines changed: 74 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -379,7 +379,7 @@ func promptForInteractivePassword(parameterName string, defaultValue string) str
379379

380380
// Trim newline and check if password is empty; if so, return default
381381
if len(password) > 0 {
382-
password = password[:len(password)-1]
382+
password = strings.Trim(password, "\n")
383383
}
384384
if password == "" {
385385
return defaultValue
@@ -442,51 +442,93 @@ func authInteractive(
442442
}
443443
}
444444
} else if serverConf.AuthType == "oauth" {
445-
if serverConf.ClientID == "" || forcePrompt {
446-
serverConf.ClientID = promptForInteractiveParameter(
447-
"Keyfactor Command OAuth Client ID",
448-
serverConf.ClientID,
445+
if serverConf.AccessToken == "" || forcePrompt {
446+
log.Debug().Msg("prompting for OAuth access token")
447+
serverConf.AccessToken = promptForInteractiveParameter(
448+
"Keyfactor Command OAuth Access Token (to use client ID and secret, leave blank)",
449+
serverConf.AccessToken,
449450
)
450451
}
451-
if serverConf.ClientSecret == "" || forcePrompt {
452-
serverConf.ClientSecret = promptForInteractivePassword(
453-
"Keyfactor Command OAuth Client Secret",
454-
serverConf.ClientSecret,
455-
)
456-
}
457-
if serverConf.OAuthTokenUrl == "" || forcePrompt {
458-
serverConf.OAuthTokenUrl = promptForInteractiveParameter(
459-
"Keyfactor Command OAuth Token URL",
460-
serverConf.OAuthTokenUrl,
461-
)
462-
}
463-
if len(serverConf.Scopes) == 0 || forcePrompt {
464-
scopesCsv := promptForInteractiveParameter(
465-
"OAuth Scopes",
466-
strings.Join(serverConf.Scopes, ","),
467-
)
468-
serverConf.Scopes = strings.Split(scopesCsv, ",")
469-
}
470-
if serverConf.Audience == "" || forcePrompt {
471-
serverConf.Audience = promptForInteractiveParameter(
472-
"OAuth Audience",
473-
serverConf.Audience,
474-
)
452+
if serverConf.AccessToken == "" {
453+
log.Debug().Msg("no oauth access token provided")
454+
if serverConf.ClientID == "" || forcePrompt {
455+
log.Debug().
456+
Str("serverConf.ClientID", serverConf.ClientID).
457+
Msg("prompting for OAuth client ID")
458+
serverConf.ClientID = promptForInteractiveParameter(
459+
"Keyfactor Command OAuth Client ID",
460+
serverConf.ClientID,
461+
)
462+
}
463+
if serverConf.ClientSecret == "" || forcePrompt {
464+
log.Debug().Msg("prompting for OAuth client secret")
465+
serverConf.ClientSecret = promptForInteractivePassword(
466+
"Keyfactor Command OAuth Client Secret",
467+
serverConf.ClientSecret,
468+
)
469+
}
470+
471+
if serverConf.OAuthTokenUrl == "" || forcePrompt {
472+
log.Debug().
473+
Str("serverConf.OAuthTokenUrl", serverConf.OAuthTokenUrl).
474+
Msg("prompting for OAuth token URL")
475+
serverConf.OAuthTokenUrl = promptForInteractiveParameter(
476+
"Keyfactor Command OAuth Token URL",
477+
serverConf.OAuthTokenUrl,
478+
)
479+
}
480+
if len(serverConf.Scopes) == 0 || forcePrompt {
481+
log.Debug().
482+
Strs("serverConf.Scopes", serverConf.Scopes).
483+
Msg("prompting for OAuth scopes")
484+
scopesCsv := promptForInteractiveParameter(
485+
"OAuth Scopes",
486+
strings.Join(serverConf.Scopes, ","),
487+
)
488+
serverConf.Scopes = strings.Split(scopesCsv, ",")
489+
}
490+
if serverConf.Audience == "" || forcePrompt {
491+
log.Debug().Msg("prompting for OAuth audience")
492+
serverConf.Audience = promptForInteractiveParameter(
493+
"OAuth Audience",
494+
serverConf.Audience,
495+
)
496+
}
497+
} else {
498+
log.Debug().
499+
Str("serverConf.AccessToken", hashSecretValue(serverConf.AccessToken)).
500+
Msg("using provided OAuth access token")
475501
}
476502
}
477503

478504
if serverConf.APIPath == "" || forcePrompt {
505+
log.Debug().
506+
Str("serverConf.APIPath", serverConf.APIPath).
507+
Msg("prompting for API path")
479508
serverConf.APIPath = promptForInteractiveParameter("Keyfactor Command API path", serverConf.APIPath)
480509
}
481510

482511
if serverConf.CACertPath == "" || forcePrompt {
512+
log.Debug().
513+
Str("serverConf.CACertPath", serverConf.CACertPath).
514+
Msg("prompting for CA cert path")
483515
serverConf.CACertPath = promptForInteractiveParameter("Keyfactor Command CA Cert Path", serverConf.CACertPath)
484516
}
517+
if !serverConf.SkipTLSVerify || forcePrompt {
518+
log.Debug().
519+
Bool("serverConf.SkipTLSVerify", serverConf.SkipTLSVerify).
520+
Msg("prompting for Skip TLS Verify")
521+
serverConf.SkipTLSVerify = promptForInteractiveParameter(
522+
"Keyfactor Command Skip TLS Verify [true,false]",
523+
fmt.Sprintf("%t", serverConf.SkipTLSVerify),
524+
) == "true"
525+
}
485526

486527
if profileName == "" {
487-
profileName = "default"
528+
profileName = auth_providers.DefaultConfigProfile
488529
}
489530
if configPath == "" {
531+
log.Debug().Msg("configPath is empty, calling prepHomeDir()")
490532
userHomeDir, hErr := prepHomeDir()
491533
if hErr != nil {
492534
//log.Println("[ERROR] Unable to create home directory: ", hErr)
@@ -502,13 +544,15 @@ func authInteractive(
502544
confFile.Servers[profileName] = *serverConf
503545

504546
if saveConfig {
547+
log.Debug().Bool("saveConfig", saveConfig).Msg("calling writeConfigFile()")
505548
saveErr := writeConfigFile(&confFile, configPath)
506549
if saveErr != nil {
507550
//log.Println("[ERROR] Unable to save configuration file to disk: ", saveErr)
508551
log.Error().Err(saveErr)
509552
return confFile, saveErr
510553
}
511554
}
555+
log.Debug().Msg("authInteractive() returning")
512556
return confFile, nil
513557
}
514558

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ require (
99
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0
1010
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0
1111
github.com/Jeffail/gabs v1.4.0
12-
github.com/Keyfactor/keyfactor-auth-client-go v1.1.0-rc.3
12+
github.com/Keyfactor/keyfactor-auth-client-go v1.1.0-rc.4
1313
github.com/Keyfactor/keyfactor-go-client-sdk/v2 v2.0.0-rc.2
1414
github.com/Keyfactor/keyfactor-go-client/v3 v3.0.0-rc.11
1515
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,8 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mx
1818
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
1919
github.com/Jeffail/gabs v1.4.0 h1://5fYRRTq1edjfIrQGvdkcd22pkYUrHZ5YC/H2GJVAo=
2020
github.com/Jeffail/gabs v1.4.0/go.mod h1:6xMvQMK4k33lb7GUUpaAPh6nKMmemQeg5d4gn7/bOXc=
21-
github.com/Keyfactor/keyfactor-auth-client-go v1.1.0-rc.3 h1:pQvbBM3DmSDdGMLh9s648Md+fHOoZtL7tjmVnHNDeVc=
22-
github.com/Keyfactor/keyfactor-auth-client-go v1.1.0-rc.3/go.mod h1:Ia3VmXsumFrr01BMc1Rp5OpDWmfXWjdeMituda14T4I=
21+
github.com/Keyfactor/keyfactor-auth-client-go v1.1.0-rc.4 h1:2TTlhVjPvPV6UrKN/VEqdcNGb4mgwAcsLcGuoQofg28=
22+
github.com/Keyfactor/keyfactor-auth-client-go v1.1.0-rc.4/go.mod h1:Ia3VmXsumFrr01BMc1Rp5OpDWmfXWjdeMituda14T4I=
2323
github.com/Keyfactor/keyfactor-go-client-sdk/v2 v2.0.0-rc.2 h1:RNrfgrC+mPvqOc1wPsFjB4thuw7qJbP3gOycRDcRwxI=
2424
github.com/Keyfactor/keyfactor-go-client-sdk/v2 v2.0.0-rc.2/go.mod h1:11WXGG9VVKSV0EPku1IswjHbGGpzHDKqD4pe2vD7vas=
2525
github.com/Keyfactor/keyfactor-go-client/v3 v3.0.0-rc.11 h1:nYc7fEidu26ZKGwEByQNr2EWPCsCs0zxnHUKnRT6/rY=

0 commit comments

Comments
 (0)