only connect to mytoken server after the mytoken server is extracted …

…from a jwt, so that the client does not fail if the default mytoken server is down
oidc-mytoken · Jul 31, 2024 · a4221b7 · a4221b7
1 parent 763dc92
commit a4221b7
Show file tree

Hide file tree

Showing 9 changed files with 33 additions and 22 deletions.
diff --git a/internal/commands/at.go b/internal/commands/at.go
@@ -67,8 +67,8 @@ func getAT(context *cli.Context) error {
 		req := mytokenlib.NewAccessTokenRequest("", "", atc.Scopes.Value(), atc.Audiences.Value(), comment)
 		return doSSH(ssh, api.SSHRequestAccessToken, req)
 	}
-	mytoken := config.Get().Mytoken
 	mToken := atc.MustGetToken()
+	mytoken := config.Get().Mytoken()
 	atRes, err := mytoken.AccessToken.APIGet(
 		mToken, "", atc.Scopes.Value(), atc.Audiences.Value(), comment,
 	)

diff --git a/internal/commands/general.go b/internal/commands/general.go
@@ -159,7 +159,7 @@ func updateMytokenServerFromJWT(token string) {
 	if err != nil {
 		log.Fatal(err)
 	}
-	*(config.Get().Mytoken) = *mytoken
+	config.Get().SetMytokenServer(mytoken)
 }
 func (mt MTOptions) GetToken() string {
 	token := mt._getToken()

diff --git a/internal/commands/grants.go b/internal/commands/grants.go
@@ -48,7 +48,7 @@ func initGrants(parent *cli.Command) {
 
 func listGrants(_ *cli.Context) error {
 	mytoken := settingsOptions.MustGetToken()
-	res, err := config.Get().Mytoken.UserSettings.Grants.APIGet(mytoken)
+	res, err := config.Get().Mytoken().UserSettings.Grants.APIGet(mytoken)
 	if err != nil {
 		return err
 	}
@@ -91,7 +91,7 @@ func enableGrant(ctx *cli.Context) error {
 	}
 	grant := ctx.Args().Get(0)
 	mytoken := settingsOptions.MustGetToken()
-	res, err := config.Get().Mytoken.UserSettings.Grants.APIEnableGrant(mytoken, grant)
+	res, err := config.Get().Mytoken().UserSettings.Grants.APIEnableGrant(mytoken, grant)
 	if err != nil {
 		return err
 	}
@@ -108,7 +108,7 @@ func disableGrant(ctx *cli.Context) error {
 	}
 	grant := ctx.Args().Get(0)
 	mytoken := settingsOptions.MustGetToken()
-	res, err := config.Get().Mytoken.UserSettings.Grants.APIDisableGrant(mytoken, grant)
+	res, err := config.Get().Mytoken().UserSettings.Grants.APIDisableGrant(mytoken, grant)
 	if err != nil {
 		return err
 	}

diff --git a/internal/commands/info.go b/internal/commands/info.go
@@ -111,8 +111,8 @@ func introspect(_ *cli.Context) error {
 		}
 		return prettyPrintJSONString(res)
 	}
-	mytoken := config.Get().Mytoken
 	mToken := infoOptions.MustGetToken()
+	mytoken := config.Get().Mytoken()
 	res, err := mytoken.Tokeninfo.Introspect(mToken)
 	if err != nil {
 		return err
@@ -133,8 +133,8 @@ func history(_ *cli.Context) (err error) {
 			return
 		}
 	} else { // no ssh
-		mytoken := config.Get().Mytoken
 		mToken := infoOptions.MustGetToken()
+		mytoken := config.Get().Mytoken()
 		res, err = mytoken.Tokeninfo.APIHistory(mToken)
 		if err != nil {
 			return
@@ -186,8 +186,8 @@ func subTree(_ *cli.Context) (err error) {
 			return
 		}
 	} else {
-		mytoken := config.Get().Mytoken
 		mToken := infoOptions.MustGetToken()
+		mytoken := config.Get().Mytoken()
 		res, err = mytoken.Tokeninfo.APISubtokens(mToken)
 		if err != nil {
 			return err
@@ -212,8 +212,8 @@ func listMytokens(_ *cli.Context) (err error) {
 			return
 		}
 	} else {
-		mytoken := config.Get().Mytoken
 		mToken := infoOptions.MustGetToken()
+		mytoken := config.Get().Mytoken()
 		res, err = mytoken.Tokeninfo.APIListMytokens(mToken)
 		if err != nil {
 			return err

diff --git a/internal/commands/list.go b/internal/commands/list.go
@@ -28,7 +28,7 @@ func init() {
 
 func listProviders(_ *cli.Context) error {
 	defaultProvider := config.Get().DefaultProvider
-	instanceProviders := config.Get().Mytoken.ServerMetadata.ProvidersSupported
+	instanceProviders := config.Get().Mytoken().ServerMetadata.ProvidersSupported
 	urlMaxLen := 0
 	for _, ip := range instanceProviders {
 		length := len(ip.Issuer)

diff --git a/internal/commands/mt.go b/internal/commands/mt.go
@@ -470,7 +470,6 @@ func init() {
 }
 
 func obtainMTCmd(context *cli.Context) error {
-
 	mt, err := obtainMT(context)
 	if err != nil {
 		return err
@@ -479,7 +478,7 @@ func obtainMTCmd(context *cli.Context) error {
 }
 
 func obtainMT(context *cli.Context) (string, error) {
-	mytoken := config.Get().Mytoken
+	mytoken := config.Get().Mytoken()
 	if mtCommand.TransferCode != "" {
 		return mytoken.Mytoken.FromTransferCode(mtCommand.TransferCode)
 	}

diff --git a/internal/commands/revoke.go b/internal/commands/revoke.go
@@ -52,8 +52,8 @@ func init() {
 }
 
 func revoke(_ *cli.Context) error {
-	mytoken := config.Get().Mytoken
 	mToken := revokeCommand.MustGetToken()
+	mytoken := config.Get().Mytoken()
 	var err error
 	if revokeCommand.MOMID != "" {
 		err = mytoken.Revocation.RevokeID(revokeCommand.MOMID, mToken, "", revokeCommand.Recursive)

diff --git a/internal/commands/sshGrant.go b/internal/commands/sshGrant.go
@@ -82,7 +82,7 @@ func initSSHGrant(parent *cli.Command) {
 
 func listSSH(_ *cli.Context) error {
 	mytoken := settingsOptions.MustGetToken()
-	res, err := config.Get().Mytoken.UserSettings.Grants.SSH.APIGet(mytoken)
+	res, err := config.Get().Mytoken().UserSettings.Grants.SSH.APIGet(mytoken)
 	if err != nil {
 		return err
 	}
@@ -170,7 +170,7 @@ func addSSHKey(ctx *cli.Context) error {
 	if err != nil {
 		return err
 	}
-	res, tokenUpdate, err := config.Get().Mytoken.UserSettings.Grants.SSH.APIAdd(
+	res, tokenUpdate, err := config.Get().Mytoken().UserSettings.Grants.SSH.APIAdd(
 		mytoken, key, optName, restrictions,
 		caps, callbacks,
 	)
@@ -221,7 +221,7 @@ func deleteSSHKey(ctx *cli.Context) error {
 			return err
 		}
 	}
-	res, err := config.Get().Mytoken.UserSettings.Grants.SSH.APIRemove(mytoken, keyFP, key)
+	res, err := config.Get().Mytoken().UserSettings.Grants.SSH.APIRemove(mytoken, keyFP, key)
 	if err != nil {
 		return err
 	}

diff --git a/internal/config/config.go b/internal/config/config.go
@@ -9,13 +9,14 @@ import (
 	mytokenlib "github.com/oidc-mytoken/lib"
 	"github.com/oidc-mytoken/utils/httpclient"
 	"github.com/oidc-mytoken/utils/utils/fileutil"
+	"github.com/pkg/errors"
 	log "github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v3"
 )
 
 type Config struct {
 	URL     string                    `yaml:"instance"`
-	Mytoken *mytokenlib.MytokenServer `yaml:"-"`
+	mytoken *mytokenlib.MytokenServer `yaml:"-"`
 
 	DefaultProvider          string            `yaml:"default_provider"`
 	DefaultTokenCapabilities []string          `yaml:"default_token_capabilities"`
@@ -44,6 +45,22 @@ func Get() *Config {
 	return conf
 }
 
+func (c *Config) Mytoken() *mytokenlib.MytokenServer {
+	if c.mytoken != nil {
+		return c.mytoken
+	}
+	mytoken, err := mytokenlib.NewMytokenServer(conf.URL)
+	if err != nil {
+		log.Fatal(errors.Wrap(err, "could not initialize mytoken server"))
+	}
+	conf.mytoken = mytoken
+	return mytoken
+}
+
+func (c *Config) SetMytokenServer(mytoken *mytokenlib.MytokenServer) {
+	conf.mytoken = mytoken
+}
+
 func load(name string, locations []string) {
 	data, usedLocation, err := fileutil.ReadConfigFile(name, locations)
 	if err != nil {
@@ -55,11 +72,6 @@ func load(name string, locations []string) {
 	}
 	conf.usedConfigDir = usedLocation
 	mytokenlib.SetClient(httpclient.Do().GetClient())
-	mytoken, err := mytokenlib.NewMytokenServer(conf.URL)
-	if err != nil {
-		log.Fatal(err)
-	}
-	conf.Mytoken = mytoken
 
 	hostname, _ := os.Hostname()
 	conf.Hostname = hostname