Add silent mode (#27)

Author: mbilski

README.md

@@ -64,6 +64,7 @@ The available flags are:
       --client-id string         client identifier
       --client-secret string     client secret
       --grant-type string        grant type
+  -h, --help                     help for oauthc
       --insecure                 allow insecure connections
       --no-pkce                  disable proof key for code exchange (PKCE)
       --password string          resource owner password credentials grant flow password
@@ -73,6 +74,7 @@ The available flags are:
       --response-types strings   response type
       --scopes strings           requested scopes
       --signing-key string       path or url to signing key in jwks format
+  -s, --silent                   silent mode
       --tls-cert string          path to tls cert pem file
       --tls-key string           path to tls key pem file
       --tls-root-ca string       path to tls root ca pem file
@@ -209,9 +211,24 @@ oauth2c https://oauth2c.us.authz.cloudentity.io/oauth2c/demo \
   --client-secret HCwQ5uuUWBRHd04ivjX5Kl0Rz8zxMOekeLtqzki0GPc \
   --grant-type refresh_token\
   --auth-method client_secret_basic \
-  --refresh-token 1X1IvWR8p5rgKnH2YNmHGd4pZp8Dq-85xzUQuJejT_g.O_DS8Y4eiTS5jZ47_eBv3VbwP4zQUyxjNVW93AyU82k
+  --refresh-token $REFRESH_TOKEN
 ```
 
+> **Note** In order to use this command, you must first set the REFRESH_TOKEN environment variable
+>
+> ``` sh
+> export REFRESH_TOKEN=`oauth2c https://oauth2c.us.authz.cloudentity.io/oauth2c/demo \
+>   --client-id cauktionbud6q8ftlqq0 \
+>   --client-secret HCwQ5uuUWBRHd04ivjX5Kl0Rz8zxMOekeLtqzki0GPc \
+>   --response-types code \
+>   --response-mode query \
+>   --grant-type authorization_code \
+>   --auth-method client_secret_basic \
+>   --scopes openid,email,offline_access \
+>   --no-pkce \
+>   --silent | jq -r .refresh_token`
+> ```
+
 [Learn more about the refresh token flow](https://cloudentity.com/developers/basics/oauth-grant-types/refresh-token-flow/)
 
 #### Password

cmd/log.go

@@ -7,6 +7,7 @@ import (
 	"crypto/x509"
 	"encoding/json"
 	"encoding/pem"
+	"strconv"
 	"strings"
 
 	"github.com/cloudentity/oauth2c/internal/oauth2"
@@ -16,7 +17,110 @@ import (
 	"github.com/tidwall/pretty"
 )
 
+func Logln() {
+	if silent {
+		return
+	}
+
+	pterm.Println()
+}
+
+func Logfln(msg string, args ...interface{}) {
+	if silent {
+		return
+	}
+
+	pterm.Printfln(msg, args...)
+}
+
+func LogHeader(msg string) {
+	if silent {
+		return
+	}
+
+	pterm.DefaultHeader.WithFullWidth().Println(msg)
+}
+
+func LogSection(msg string) {
+	if silent {
+		return
+	}
+
+	pterm.DefaultSection.Println(msg)
+}
+
+func LogAction(msg string) func(string) {
+	if silent {
+		return func(string) {}
+	}
+
+	done, _ := pterm.DefaultSpinner.Start(msg)
+	return func(s string) {
+		done.Success(s)
+	}
+}
+
+func LogBox(title string, msg string, args ...interface{}) {
+	if silent {
+		return
+	}
+
+	pterm.DefaultBox.WithTitle(title).Printfln(msg, args...)
+}
+
+func LogError(err error) {
+	pterm.Error.PrintOnError(err)
+}
+
+func LogWarning(msg string) {
+	if silent {
+		return
+	}
+
+	pterm.Warning.Println(msg)
+}
+
+func LogInputData(cc oauth2.ClientConfig) {
+	if silent {
+		return
+	}
+
+	data := pterm.TableData{
+		{"Issuer URL", cc.IssuerURL},
+		{"Grant type", cc.GrantType},
+		{"Auth method", cc.AuthMethod},
+		{"Scopes", strings.Join(cc.Scopes, ", ")},
+		{"Response types", strings.Join(cc.ResponseType, ", ")},
+		{"Response mode", cc.ResponseMode},
+		{"PKCE", strconv.FormatBool(cc.PKCE)},
+		{"Client ID", cc.ClientID},
+		{"Client secret", cc.ClientSecret},
+		{"Username", cc.Username},
+		{"Password", cc.Password},
+		{"Refresh token", cc.RefreshToken},
+	}
+
+	nonEmptyData := pterm.TableData{}
+
+	for _, vs := range data {
+		if vs[1] != "" {
+			nonEmptyData = append(nonEmptyData, vs)
+		}
+	}
+
+	if err := pterm.DefaultTable.WithData(nonEmptyData).WithBoxed().Render(); err != nil {
+		pterm.Error.Println(err)
+		return
+	}
+
+	pterm.Println()
+}
+
 func LogJson(value interface{}) {
+	if silent {
+		return
+	}
+
 	output, err := json.Marshal(value)
 
 	if err != nil {
@@ -28,6 +132,10 @@ func LogJson(value interface{}) {
 }
 
 func LogRequest(r oauth2.Request) {
+	if silent {
+		return
+	}
+
 	if r.URL == nil {
 		return
 	}
@@ -71,17 +179,29 @@ func LogRequest(r oauth2.Request) {
 }
 
 func LogRequestln(request oauth2.Request) {
+	if silent {
+		return
+	}
+
 	LogRequest(request)
 	pterm.Println()
 }
 
 func LogRequestAndResponse(request oauth2.Request, response interface{}) {
+	if silent {
+		return
+	}
+
 	LogRequest(request)
 	pterm.Println(pterm.FgGray.Sprint("Response:"))
 	LogJson(response)
 }
 
 func LogRequestAndResponseln(request oauth2.Request, response interface{}) {
+	if silent {
+		return
+	}
+
 	LogRequestAndResponse(request, response)
 	pterm.Println()
 }
@@ -92,6 +212,10 @@ func LogTokenPayload(response oauth2.TokenResponse) {
 		idClaims jwt.MapClaims
 	)
 
+	if silent {
+		return
+	}
+
 	if response.AccessToken != "" {
 		if _, _, err := parser.ParseUnverified(response.AccessToken, &atClaims); err != nil {
 			pterm.Error.Println(err)
@@ -112,11 +236,19 @@ func LogTokenPayload(response oauth2.TokenResponse) {
 }
 
 func LogTokenPayloadln(response oauth2.TokenResponse) {
+	if silent {
+		return
+	}
+
 	LogTokenPayload(response)
 	pterm.Println()
 }
 
 func LogAuthMethod(config oauth2.ClientConfig) {
+	if silent {
+		return
+	}
+
 	switch config.AuthMethod {
 	case oauth2.ClientSecretBasicAuthMethod:
 		pterm.DefaultBox.WithTitle("Client Secret Basic").Printfln("Authorization = Basic BASE64-ENCODE(ClientID:ClientSecret)")
@@ -132,6 +264,10 @@ func LogAssertion(request oauth2.Request, title string, name string) {
 		err       error
 	)
 
+	if silent {
+		return
+	}
+
 	if assertion == "" {
 		return
 	}
@@ -183,3 +319,18 @@ func LogAssertion(request oauth2.Request, title string, name string) {
 
 	pterm.Println("")
 }
+
+func LogResult(result interface{}) {
+	if !silent {
+		return
+	}
+
+	output, err := json.Marshal(result)
+
+	if err != nil {
+		pterm.Error.Println(err)
+		return
+	}
+
+	pterm.Println(string(output))
+}

cmd/oauth2.go

@@ -8,14 +8,12 @@ import (
 	"fmt"
 	"net/http"
 	"os"
-	"strconv"
 	"strings"
 	"time"
 
 	"github.com/cloudentity/oauth2c/internal/oauth2"
 	"github.com/golang-jwt/jwt"
 	"github.com/imdario/mergo"
-	"github.com/pterm/pterm"
 	"github.com/spf13/cobra"
 )
 
@@ -25,6 +23,7 @@ const (
 
 var (
 	parser jwt.Parser
+	silent bool
 )
 
 func OAuth2Cmd() *cobra.Command {
@@ -44,12 +43,12 @@ func OAuth2Cmd() *cobra.Command {
 
 			if data, err = os.ReadFile(args[0]); err == nil {
 				if err = json.Unmarshal(data, &config); err != nil {
-					pterm.Error.PrintOnError(err)
+					LogError(err)
 					os.Exit(1)
 				}
 
 				if err := mergo.Merge(&cconfig, config.ToClientConfig()); err != nil {
-					pterm.Error.PrintOnError(err)
+					LogError(err)
 					os.Exit(1)
 				}
 			} else {
@@ -67,7 +66,7 @@ func OAuth2Cmd() *cobra.Command {
 
 			if cconfig.TLSCert != "" && cconfig.TLSKey != "" {
 				if cert, err = oauth2.ReadKeyPair(cconfig.TLSCert, cconfig.TLSKey, hc); err != nil {
-					pterm.Error.PrintOnError(err)
+					LogError(err)
 					os.Exit(1)
 				}
 
@@ -76,7 +75,7 @@ func OAuth2Cmd() *cobra.Command {
 
 			if cconfig.TLSRootCA != "" {
 				if tr.TLSClientConfig.RootCAs, err = oauth2.ReadRootCA(cconfig.TLSRootCA, hc); err != nil {
-					pterm.Error.PrintOnError(err)
+					LogError(err)
 					os.Exit(1)
 				}
 			}
@@ -87,11 +86,11 @@ func OAuth2Cmd() *cobra.Command {
 				if errors.As(err, &oauth2Error) {
 					switch oauth2Error.Hint {
 					case "Clients must include a code_challenge when performing the authorize code flow, but it is missing.":
-						pterm.Warning.Println("Authorization server enforces PKCE. Use --pkce flag.")
+						LogWarning("Authorization server enforces PKCE. Use --pkce flag.")
 					}
 				}
 
-				pterm.Error.PrintOnError(err)
+				LogError(err)
 				os.Exit(1)
 			}
 		},
@@ -115,6 +114,7 @@ func OAuth2Cmd() *cobra.Command {
 	cmd.PersistentFlags().StringVar(&cconfig.TLSKey, "tls-key", "", "path to tls key pem file")
 	cmd.PersistentFlags().StringVar(&cconfig.TLSRootCA, "tls-root-ca", "", "path to tls root ca pem file")
 	cmd.PersistentFlags().BoolVar(&cconfig.Insecure, "insecure", false, "allow insecure connections")
+	cmd.PersistentFlags().BoolVarP(&silent, "silent", "s", false, "silent mode")
 
 	return cmd
 }
@@ -136,36 +136,11 @@ func Authorize(clientConfig oauth2.ClientConfig, hc *http.Client) error {
 		return err
 	}
 
-	clientConfig = PromptForClientConfig(clientConfig, serverConfig)
-
-	data := pterm.TableData{
-		{"Issuer URL", clientConfig.IssuerURL},
-		{"Grant type", clientConfig.GrantType},
-		{"Auth method", clientConfig.AuthMethod},
-		{"Scopes", strings.Join(clientConfig.Scopes, ", ")},
-		{"Response types", strings.Join(clientConfig.ResponseType, ", ")},
-		{"Response mode", clientConfig.ResponseMode},
-		{"PKCE", strconv.FormatBool(clientConfig.PKCE)},
-		{"Client ID", clientConfig.ClientID},
-		{"Client secret", clientConfig.ClientSecret},
-		{"Username", clientConfig.Username},
-		{"Password", clientConfig.Password},
-		{"Refresh token", clientConfig.RefreshToken},
+	if !silent {
+		clientConfig = PromptForClientConfig(clientConfig, serverConfig)
 	}
 
-	nonEmptyData := pterm.TableData{}
-
-	for _, vs := range data {
-		if vs[1] != "" {
-			nonEmptyData = append(nonEmptyData, vs)
-		}
-	}
-
-	if err := pterm.DefaultTable.WithData(nonEmptyData).WithBoxed().Render(); err != nil {
-		return err
-	}
-
-	pterm.Println()
+	LogInputData(clientConfig)
 
 	switch clientConfig.GrantType {
 	case oauth2.AuthorizationCodeGrantType: