diff --git a/.github/workflows/codebase.yml b/.github/workflows/codebase.yml new file mode 100644 index 0000000..e3869a9 --- /dev/null +++ b/.github/workflows/codebase.yml @@ -0,0 +1,22 @@ +name: codebase-sync + +on: + - push + - delete + +jobs: + sync: + runs-on: ubuntu-latest + name: Git Repo Sync + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - uses: wangchucheng/git-repo-sync@v0.1.0 + with: + # Such as https://github.com/wangchucheng/git-repo-sync.git + target-url: https://codebase.helmholtz.cloud/m-team/oidc/mytoken/client.git + # Such as wangchucheng + target-username: gabriel.zachmann + # You can store token in your project's 'Setting > Secrets' and reference the name here. Such as ${{ secrets.ACCESS_TOKEN }} + target-token: ${{ secrets.CODEBASE_TOKEN }} \ No newline at end of file diff --git a/.gitlab-ci-scripts/goreleaser.sh b/.gitlab-ci-scripts/goreleaser.sh index d0fbda4..50e7d2a 100755 --- a/.gitlab-ci-scripts/goreleaser.sh +++ b/.gitlab-ci-scripts/goreleaser.sh @@ -7,13 +7,5 @@ if [ -n "$CI_COMMIT_TAG" ] && echo "$CI_COMMIT_TAG" | grep -qv '~'; then GORELEASER_CONFIG=".goreleaser-release.yml" fi BASEDIR=/go/src/github.com/oidc-mytoken/client -docker run --rm --privileged \ - -v "$PWD":"$BASEDIR" \ - -w "$BASEDIR" \ - -v "${PWD}/../shared":/tmp/shared \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -e DOCKER_USERNAME -e DOCKER_PASSWORD \ - -e GITHUB_TOKEN \ - -e GORELEASER_CONFIG \ - goreleaser/goreleaser release -f $GORELEASER_CONFIG --release-notes /tmp/shared/release.md +goreleaser release -f $GORELEASER_CONFIG --release-notes ../shared/release.md ls -l results \ No newline at end of file diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 41ef2d1..a7dd051 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,10 @@ -image: golang:1.16 +include: + - 'https://codebase.helmholtz.cloud/m-team/tools/ci-voodoo/-/raw/master/ci-include/github-status-sync.yml' + +variables: + UPSTREAM_PROJECT: oidc-mytoken/client + +image: golang:1.22 stages: - build - test @@ -28,7 +34,7 @@ test_race: - go test -race -v ./... staticcheck: - image: golang:1.19 + image: golang:1.22 stage: lint before_script: - go install honnef.co/go/tools/cmd/staticcheck@latest @@ -48,7 +54,8 @@ build: prerelease: stage: release image: - name: docker:stable + name: goreleaser/goreleaser + entrypoint: [""] services: - docker:dind only: @@ -62,9 +69,12 @@ prerelease: GIT_DEPTH: 0 REPO_HOST: repo.data.kit.edu REPO_USER: cicd + DOCKER_REGISTRY: https://index.docker.io/v1/ + before_script: + - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin "$DOCKER_REGISTRY" script: - - if [ -z "$CI_COMMIT_TAG" ]; then docker run --rm -v $PWD:/tmp/mytoken -w /tmp/mytoken bitnami/git .gitlab-ci-scripts/set-prerel-version.sh; fi; + - if [ -z "$CI_COMMIT_TAG" ]; then .gitlab-ci-scripts/set-prerel-version.sh; fi; - .gitlab-ci-scripts/goreleaser.sh - .gitlab-ci-scripts/upload.sh after_script: - - docker run --rm curlimages/curl -d "repo=github.com/oidc-mytoken/client" https://goreportcard.com/checks + - curl -d "repo=github.com/oidc-mytoken/client" https://goreportcard.com/checks diff --git a/.goreleaser-release.yml b/.goreleaser-release.yml index e38eb3f..1fef9f5 100644 --- a/.goreleaser-release.yml +++ b/.goreleaser-release.yml @@ -20,19 +20,19 @@ builds: - -trimpath mod_timestamp: '{{ .CommitTimestamp }}' archives: - - replacements: - darwin: macOS - 386: 32-bit - amd64: 64-bit + - name_template: >- + {{ .ProjectName }}_{{ .Version }}_ + {{ if eq .Os "darwin" }}macOS{{- else }}{{ .Os }}{{ end }}_ + {{- if eq .Arch "386" }}32-bit{{- else if eq .Arch "amd64" }}64-bit{{- else }}{{ .Arch }}{{ end }} format_overrides: - goos: windows format: zip nfpms: - id: client-pkg package_name: mytoken - replacements: - 386: i386 - file_name_template: "{{ .PackageName }}_{{ .Version }}_{{ .Arch }}" + file_name_template: >- + {{ .PackageName }}_{{ .Version }}_ + {{- if eq .Arch "386" }}i386{{- else }}{{ .Arch }}{{ end }} builds: - client homepage: https://mytoken-docs.data.kit.edu/ @@ -42,18 +42,18 @@ nfpms: formats: - deb - rpm - release: 1 + release: "1" section: misc bindir: /usr/bin contents: - src: config/example-config.yaml - dst: /etc/mytoken/example-config.yaml + dst: /usr/share/doc/mytoken/example-config.yaml type: config overrides: rpm: - replacements: - amd64: x86_64 - file_name_template: "{{ .PackageName }}-{{ .Version }}.{{ .Arch }}" + file_name_template: >- + {{ .PackageName }}-{{ .Version }}. + {{- if eq .Arch "386" }}i386{{- else if eq .Arch "amd64" }}x86_64{{- else }}{{ .Arch }}{{ end }} dockers: - goos: linux goarch: amd64 @@ -77,7 +77,6 @@ checksum: snapshot: name_template: "{{ .Tag }}-next" release: - disable: true prerelease: auto draft: true github: diff --git a/.goreleaser.yml b/.goreleaser.yml index 86ba49a..a57bca5 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -20,19 +20,19 @@ builds: - -trimpath mod_timestamp: '{{ .CommitTimestamp }}' archives: - - replacements: - darwin: macOS - 386: 32-bit - amd64: 64-bit + - name_template: >- + {{ .ProjectName }}_{{ .Version }}_ + {{ if eq .Os "darwin" }}macOS{{- else }}{{ .Os }}{{ end }}_ + {{- if eq .Arch "386" }}32-bit{{- else if eq .Arch "amd64" }}64-bit{{- else }}{{ .Arch }}{{ end }} format_overrides: - goos: windows format: zip nfpms: - id: client-pkg package_name: mytoken - replacements: - 386: i386 - file_name_template: "{{ .PackageName }}_{{ .Version }}_{{ .Arch }}" + file_name_template: >- + {{ .PackageName }}_{{ .Version }}_ + {{- if eq .Arch "386" }}i386{{- else }}{{ .Arch }}{{ end }} builds: - client homepage: https://mytoken-docs.data.kit.edu/ @@ -42,18 +42,18 @@ nfpms: formats: - deb - rpm - release: 1 + release: "1" section: misc bindir: /usr/bin contents: - src: config/example-config.yaml - dst: /etc/mytoken/example-config.yaml + dst: /usr/share/doc/mytoken/example-config.yaml type: config overrides: rpm: - replacements: - amd64: x86_64 - file_name_template: "{{ .PackageName }}-{{ .Version }}.{{ .Arch }}" + file_name_template: >- + {{ .PackageName }}-{{ .Version }}. + {{- if eq .Arch "386" }}i386{{- else if eq .Arch "amd64" }}x86_64{{- else }}{{ .Arch }}{{ end }} dockers: - goos: linux goarch: amd64 diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b2d26c..9546a7e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ -## mytoken 0.6.0 PREREL +## mytoken 0.6.1 +- Fail on restrictions error +- Added possibility to revoke tokens by `mom_id` +- Updated lib / api +- Updated dependecies +- Don't fail if defult mytoken server is down but another JWT is used. + +## mytoken 0.6.0 ### Breaking Changes - Support for local profiles / templates is dropped. Instead, support for server profiles is added. diff --git a/LICENSE b/LICENSE index 5663c58..4966821 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020-2023 Gabriel Zachmann +Copyright (c) 2020-2024 Gabriel Zachmann Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/go.mod b/go.mod index 5d0c13c..028463d 100644 --- a/go.mod +++ b/go.mod @@ -1,21 +1,46 @@ module github.com/oidc-mytoken/client -go 1.16 +go 1.22 require ( github.com/Songmu/prompter v0.5.1 - github.com/gliderlabs/ssh v0.3.5 - github.com/mdp/qrterminal/v3 v3.0.0 - github.com/oidc-mytoken/api v0.10.0 - github.com/oidc-mytoken/lib v0.7.0 + github.com/gliderlabs/ssh v0.3.7 + github.com/mdp/qrterminal/v3 v3.2.0 + github.com/oidc-mytoken/api v0.11.1 + github.com/oidc-mytoken/lib v0.7.1 github.com/oidc-mytoken/utils v0.1.2 github.com/olekukonko/tablewriter v0.0.5 github.com/pkg/errors v0.9.1 - github.com/sirupsen/logrus v1.9.0 + github.com/sirupsen/logrus v1.9.3 github.com/urfave/cli/v2 v2.3.1-0.20211205195634-e8d81738896c - golang.org/x/net v0.0.0-20220906165146-f3363e06e74c - golang.org/x/term v0.0.0-20220722155259-a9ba230a4035 + golang.org/x/net v0.27.0 + golang.org/x/term v0.22.0 gopkg.in/yaml.v3 v3.0.1 ) +require ( + github.com/andybalholm/brotli v1.0.4 // indirect + github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // indirect + github.com/coreos/go-oidc/v3 v3.4.0 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect + github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/go-resty/resty/v2 v2.7.0 // indirect + github.com/golang-jwt/jwt v3.2.2+incompatible // indirect + github.com/golang/protobuf v1.5.2 // indirect + github.com/klauspost/compress v1.15.9 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.9 // indirect + github.com/russross/blackfriday/v2 v2.0.1 // indirect + github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect + github.com/valyala/bytebufferpool v1.0.0 // indirect + github.com/valyala/fasthttp v1.41.0 // indirect + golang.org/x/crypto v0.25.0 // indirect + golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094 // indirect + golang.org/x/sys v0.22.0 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/protobuf v1.33.0 // indirect + gopkg.in/square/go-jose.v2 v2.6.0 // indirect + rsc.io/qr v0.2.0 // indirect +) + replace github.com/urfave/cli/v2 => github.com/zachmann/cli/v2 v2.3.1-0.20211220102037-d619fd40a704 diff --git a/go.sum b/go.sum index 2caad21..5196f08 100644 --- a/go.sum +++ b/go.sum @@ -100,8 +100,8 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= -github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= +github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE= +github.com/gliderlabs/ssh v0.3.7/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -205,21 +205,21 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/mdp/qrterminal v1.0.1 h1:07+fzVDlPuBlXS8tB0ktTAyf+Lp1j2+2zK3fBOL5b7c= -github.com/mdp/qrterminal v1.0.1/go.mod h1:Z33WhxQe9B6CdW37HaVqcRKzP+kByF3q/qLxOGe12xQ= -github.com/mdp/qrterminal/v3 v3.0.0 h1:ywQqLRBXWTktytQNDKFjhAvoGkLVN3J2tAFZ0kMd9xQ= -github.com/mdp/qrterminal/v3 v3.0.0/go.mod h1:NJpfAs7OAm77Dy8EkWrtE4aq+cE6McoLXlBqXQEwvE0= +github.com/mdp/qrterminal/v3 v3.2.0 h1:qteQMXO3oyTK4IHwj2mWsKYYRBOp1Pj2WRYFYYNTCdk= +github.com/mdp/qrterminal/v3 v3.2.0/go.mod h1:XGGuua4Lefrl7TLEsSONiD+UEjQXJZ4mPzF+gWYIJkk= github.com/oidc-mytoken/api v0.9.1/go.mod h1:DBIlUbaIgGlf607VZx8zFC97VR3WNN0kaMVO1AqyTdE= github.com/oidc-mytoken/api v0.10.0 h1:+LCMb7et/roU+Baifho9bcOOAoqDzMSOJt4T1EgI5nk= github.com/oidc-mytoken/api v0.10.0/go.mod h1:DS2/0gUjt84jVq/4jqs7mSoUtv1DDEp3xexF7HW1qe4= +github.com/oidc-mytoken/api v0.11.1 h1:znpLzfXruM627lH0bjxoJEMRv2fCWptXmlqFRUjgwQ0= +github.com/oidc-mytoken/api v0.11.1/go.mod h1:bd7obYvztiIQW1PoRVBTOg8/clWlauNGwcZEu5mRbwg= github.com/oidc-mytoken/lib v0.7.0 h1:/uPQ10ColbCZ79wotV6aa3yfU6Lbaucis2+TrfVIXdQ= github.com/oidc-mytoken/lib v0.7.0/go.mod h1:D0vrMn1szss52mJKwI+sTsSakVCP6qCk0l0kAjd4YtA= +github.com/oidc-mytoken/lib v0.7.1 h1:inqnng/iVU42TU8Cuac7wP8I+JraTYmWMKSXdZvShfU= +github.com/oidc-mytoken/lib v0.7.1/go.mod h1:LLDCpHCFzyodYLWSf69FDI4cvql/8B2sdKhVjmOBPgI= github.com/oidc-mytoken/utils v0.1.2 h1:nmKIw/k4OkQ/9ww06W7krJ4yTwvDbuCRCjjRCmI9gSE= github.com/oidc-mytoken/utils v0.1.2/go.mod h1:pAUlvF/mYz8CjinCx4iwoWzG514B9EhuCpu7O+afaD8= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= @@ -236,8 +236,9 @@ github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= @@ -250,6 +251,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasthttp v1.41.0 h1:zeR0Z1my1wDHTRiamBCXVglQdbUwgb9uWG3k1HQz6jY= @@ -276,8 +279,8 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d h1:3qF+Z8Hkrw9sOhrFHti9TlB1Hkac1x+DNRkv0XQiFjo= -golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -358,8 +361,9 @@ golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= -golang.org/x/net v0.0.0-20220906165146-f3363e06e74c h1:yKufUcDwucU5urd+50/Opbt4AYpqthk7wHpHok8f1lo= golang.org/x/net v0.0.0-20220906165146-f3363e06e74c/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -396,7 +400,6 @@ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -455,13 +458,13 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64 h1:UiNENfZ8gDvpiWw7IpOMQ27spWmThO1RwwdQVbJahJM= -golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.0.0-20220722155259-a9ba230a4035 h1:Q5284mrmYTpACcm+eAKjKJH48BBwSyfJqmmGDTtT8Vc= -golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -702,8 +705,9 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/internal/commands/at.go b/internal/commands/at.go index 56ceb99..d9f052c 100644 --- a/internal/commands/at.go +++ b/internal/commands/at.go @@ -67,8 +67,8 @@ func getAT(context *cli.Context) error { req := mytokenlib.NewAccessTokenRequest("", "", atc.Scopes.Value(), atc.Audiences.Value(), comment) return doSSH(ssh, api.SSHRequestAccessToken, req) } - mytoken := config.Get().Mytoken mToken := atc.MustGetToken() + mytoken := config.Get().Mytoken() atRes, err := mytoken.AccessToken.APIGet( mToken, "", atc.Scopes.Value(), atc.Audiences.Value(), comment, ) diff --git a/internal/commands/general.go b/internal/commands/general.go index 81fc8ed..10e5519 100644 --- a/internal/commands/general.go +++ b/internal/commands/general.go @@ -159,7 +159,7 @@ func updateMytokenServerFromJWT(token string) { if err != nil { log.Fatal(err) } - *(config.Get().Mytoken) = *mytoken + config.Get().SetMytokenServer(mytoken) } func (mt MTOptions) GetToken() string { token := mt._getToken() diff --git a/internal/commands/grants.go b/internal/commands/grants.go index 9c85373..d48edcb 100644 --- a/internal/commands/grants.go +++ b/internal/commands/grants.go @@ -48,7 +48,7 @@ func initGrants(parent *cli.Command) { func listGrants(_ *cli.Context) error { mytoken := settingsOptions.MustGetToken() - res, err := config.Get().Mytoken.UserSettings.Grants.APIGet(mytoken) + res, err := config.Get().Mytoken().UserSettings.Grants.APIGet(mytoken) if err != nil { return err } @@ -91,7 +91,7 @@ func enableGrant(ctx *cli.Context) error { } grant := ctx.Args().Get(0) mytoken := settingsOptions.MustGetToken() - res, err := config.Get().Mytoken.UserSettings.Grants.APIEnableGrant(mytoken, grant) + res, err := config.Get().Mytoken().UserSettings.Grants.APIEnableGrant(mytoken, grant) if err != nil { return err } @@ -108,7 +108,7 @@ func disableGrant(ctx *cli.Context) error { } grant := ctx.Args().Get(0) mytoken := settingsOptions.MustGetToken() - res, err := config.Get().Mytoken.UserSettings.Grants.APIDisableGrant(mytoken, grant) + res, err := config.Get().Mytoken().UserSettings.Grants.APIDisableGrant(mytoken, grant) if err != nil { return err } diff --git a/internal/commands/info.go b/internal/commands/info.go index 87fddfe..a9cfe8f 100644 --- a/internal/commands/info.go +++ b/internal/commands/info.go @@ -111,8 +111,8 @@ func introspect(_ *cli.Context) error { } return prettyPrintJSONString(res) } - mytoken := config.Get().Mytoken mToken := infoOptions.MustGetToken() + mytoken := config.Get().Mytoken() res, err := mytoken.Tokeninfo.Introspect(mToken) if err != nil { return err @@ -133,8 +133,8 @@ func history(_ *cli.Context) (err error) { return } } else { // no ssh - mytoken := config.Get().Mytoken mToken := infoOptions.MustGetToken() + mytoken := config.Get().Mytoken() res, err = mytoken.Tokeninfo.APIHistory(mToken) if err != nil { return @@ -186,8 +186,8 @@ func subTree(_ *cli.Context) (err error) { return } } else { - mytoken := config.Get().Mytoken mToken := infoOptions.MustGetToken() + mytoken := config.Get().Mytoken() res, err = mytoken.Tokeninfo.APISubtokens(mToken) if err != nil { return err @@ -212,8 +212,8 @@ func listMytokens(_ *cli.Context) (err error) { return } } else { - mytoken := config.Get().Mytoken mToken := infoOptions.MustGetToken() + mytoken := config.Get().Mytoken() res, err = mytoken.Tokeninfo.APIListMytokens(mToken) if err != nil { return err diff --git a/internal/commands/list.go b/internal/commands/list.go index daf86af..2c0132d 100644 --- a/internal/commands/list.go +++ b/internal/commands/list.go @@ -28,7 +28,7 @@ func init() { func listProviders(_ *cli.Context) error { defaultProvider := config.Get().DefaultProvider - instanceProviders := config.Get().Mytoken.ServerMetadata.ProvidersSupported + instanceProviders := config.Get().Mytoken().ServerMetadata.ProvidersSupported urlMaxLen := 0 for _, ip := range instanceProviders { length := len(ip.Issuer) diff --git a/internal/commands/mt.go b/internal/commands/mt.go index de82beb..a49c7e9 100644 --- a/internal/commands/mt.go +++ b/internal/commands/mt.go @@ -470,7 +470,6 @@ func init() { } func obtainMTCmd(context *cli.Context) error { - mt, err := obtainMT(context) if err != nil { return err @@ -479,7 +478,7 @@ func obtainMTCmd(context *cli.Context) error { } func obtainMT(context *cli.Context) (string, error) { - mytoken := config.Get().Mytoken + mytoken := config.Get().Mytoken() if mtCommand.TransferCode != "" { return mytoken.Mytoken.FromTransferCode(mtCommand.TransferCode) } @@ -505,8 +504,9 @@ func obtainMT(context *cli.Context) (string, error) { req.GrantType = api.GrantTypeMytoken mtRes, err := mytoken.Mytoken.APIFromRequest( api.MytokenFromMytokenRequest{ - GeneralMytokenRequest: *req, - Mytoken: mtGrant, + GeneralMytokenRequest: *req, + Mytoken: mtGrant, + FailOnRestrictionsNotTighter: true, }, ) if err != nil { diff --git a/internal/commands/revoke.go b/internal/commands/revoke.go index 9a89f36..da1b2f8 100644 --- a/internal/commands/revoke.go +++ b/internal/commands/revoke.go @@ -3,6 +3,7 @@ package commands import ( "fmt" + "github.com/oidc-mytoken/api/v0" "github.com/urfave/cli/v2" "github.com/oidc-mytoken/client/internal/config" @@ -11,6 +12,7 @@ import ( var revokeCommand = struct { MTOptions Recursive bool + MOMID string }{} func init() { @@ -27,15 +29,37 @@ func init() { Destination: &revokeCommand.Recursive, HideDefaultValue: true, }, + &cli.StringFlag{ + Name: "mom-id", + Aliases: []string{ + "MOM-ID", + "mom", + "MOM", + }, + Usage: fmt.Sprintf( + "If set, "+ + "the mytoken with the passed mom id is revoked instead of the actual token. "+ + "This requires that the token linked to the mom id is either a child of the actual mytoken or"+ + " the actual mytoken has the %s capability.", api.CapabilityRevokeAnyToken, + ), + EnvVars: []string{"MOM_ID"}, + Destination: &revokeCommand.MOMID, + Placeholder: "MOM_ID", + }, ), }, ) } func revoke(_ *cli.Context) error { - mytoken := config.Get().Mytoken mToken := revokeCommand.MustGetToken() - err := mytoken.Revocation.Revoke(mToken, "", revokeCommand.Recursive) + mytoken := config.Get().Mytoken() + var err error + if revokeCommand.MOMID != "" { + err = mytoken.Revocation.RevokeID(revokeCommand.MOMID, mToken, "", revokeCommand.Recursive) + } else { + err = mytoken.Revocation.Revoke(mToken, "", revokeCommand.Recursive) + } if err == nil { fmt.Println("Token revoked") } diff --git a/internal/commands/sshGrant.go b/internal/commands/sshGrant.go index 6ade7c2..6135891 100644 --- a/internal/commands/sshGrant.go +++ b/internal/commands/sshGrant.go @@ -82,7 +82,7 @@ func initSSHGrant(parent *cli.Command) { func listSSH(_ *cli.Context) error { mytoken := settingsOptions.MustGetToken() - res, err := config.Get().Mytoken.UserSettings.Grants.SSH.APIGet(mytoken) + res, err := config.Get().Mytoken().UserSettings.Grants.SSH.APIGet(mytoken) if err != nil { return err } @@ -170,7 +170,7 @@ func addSSHKey(ctx *cli.Context) error { if err != nil { return err } - res, tokenUpdate, err := config.Get().Mytoken.UserSettings.Grants.SSH.APIAdd( + res, tokenUpdate, err := config.Get().Mytoken().UserSettings.Grants.SSH.APIAdd( mytoken, key, optName, restrictions, caps, callbacks, ) @@ -221,7 +221,7 @@ func deleteSSHKey(ctx *cli.Context) error { return err } } - res, err := config.Get().Mytoken.UserSettings.Grants.SSH.APIRemove(mytoken, keyFP, key) + res, err := config.Get().Mytoken().UserSettings.Grants.SSH.APIRemove(mytoken, keyFP, key) if err != nil { return err } diff --git a/internal/config/config.go b/internal/config/config.go index 08f9207..70b6fe4 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -9,13 +9,14 @@ import ( mytokenlib "github.com/oidc-mytoken/lib" "github.com/oidc-mytoken/utils/httpclient" "github.com/oidc-mytoken/utils/utils/fileutil" + "github.com/pkg/errors" log "github.com/sirupsen/logrus" "gopkg.in/yaml.v3" ) type Config struct { URL string `yaml:"instance"` - Mytoken *mytokenlib.MytokenServer `yaml:"-"` + mytoken *mytokenlib.MytokenServer `yaml:"-"` DefaultProvider string `yaml:"default_provider"` DefaultTokenCapabilities []string `yaml:"default_token_capabilities"` @@ -44,6 +45,22 @@ func Get() *Config { return conf } +func (c *Config) Mytoken() *mytokenlib.MytokenServer { + if c.mytoken != nil { + return c.mytoken + } + mytoken, err := mytokenlib.NewMytokenServer(conf.URL) + if err != nil { + log.Fatal(errors.Wrap(err, "could not initialize mytoken server")) + } + conf.mytoken = mytoken + return mytoken +} + +func (c *Config) SetMytokenServer(mytoken *mytokenlib.MytokenServer) { + c.mytoken = mytoken +} + func load(name string, locations []string) { data, usedLocation, err := fileutil.ReadConfigFile(name, locations) if err != nil { @@ -55,11 +72,6 @@ func load(name string, locations []string) { } conf.usedConfigDir = usedLocation mytokenlib.SetClient(httpclient.Do().GetClient()) - mytoken, err := mytokenlib.NewMytokenServer(conf.URL) - if err != nil { - log.Fatal(err) - } - conf.Mytoken = mytoken hostname, _ := os.Hostname() conf.Hostname = hostname diff --git a/internal/model/version/VERSION b/internal/model/version/VERSION index 09a3acf..7ceb040 100644 --- a/internal/model/version/VERSION +++ b/internal/model/version/VERSION @@ -1 +1 @@ -0.6.0 \ No newline at end of file +0.6.1 \ No newline at end of file