Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added an option to NewHCPConfig() to not auto login when no local aut… #182

Merged
merged 19 commits into from
Apr 18, 2023
Merged

added an option to NewHCPConfig() to not auto login when no local aut… #182

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
dbfc7bd
added an option to NewHCPConfig() to not auto login when no local aut…
Apr 6, 2023
9e36fe8
added changelog
Apr 6, 2023
f07c9e2
Update config/with.go
lursu Apr 12, 2023
3e044b7
addressed comments on pr
Apr 12, 2023
c1ea915
Update config/hcp.go
lursu Apr 12, 2023
ab73081
Update auth/user.go
lursu Apr 12, 2023
f0959e1
updated aditional locations of the new var name
Apr 12, 2023
6512bbc
fix lint issue
Apr 12, 2023
a479022
Merge branch 'main' into VAULT-14185/add_option_to_fail_on_no_valid_l…
lursu Apr 13, 2023
6939df0
git revert
Apr 17, 2023
b48cac8
Merge branch 'main' into VAULT-14185/add_option_to_fail_on_no_valid_l…
Apr 17, 2023
877e4a3
revert back
Apr 17, 2023
5863a80
revert approach for stopping browser login
Apr 17, 2023
2f2ade0
added comments to describe added use case
Apr 17, 2023
c9f8519
Update auth/user.go
lursu Apr 18, 2023
106d596
Update config/hcp.go
lursu Apr 18, 2023
39e937a
removed unused error
Apr 18, 2023
6d05a1f
Update README.md
lursu Apr 18, 2023
00e7223
Update auth/user.go
lursu Apr 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/182.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:improvement
Added option to NewHCPConfig to fail rather than auto login with web browser
```
13 changes: 12 additions & 1 deletion auth/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,23 @@ package auth

import (
"context"
"errors"
"fmt"
"log"
"time"

"golang.org/x/oauth2"
)

var (
// ErrorNoValidAuthFound is returned if no local auth methods were found and the invoker created the config with the option WithoutBrowserLogin
ErrorNoValidAuthFound = errors.New("there were no valid auth methods found")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would move this up into the config package.

)

// UserSession implements the auth package's Session interface
type UserSession struct {
browser Browser
browser Browser
NoBrowserLogin bool
}

// GetToken returns an access token obtained from either an existing session or new browser login.
Expand All @@ -33,6 +40,10 @@ func (s *UserSession) GetToken(ctx context.Context, conf *oauth2.Config) (*oauth
// If session expiry has passed, then reauthenticate with browser login and reassign token.
if readErr != nil || cache.SessionExpiry.Before(time.Now()) {

if s.NoBrowserLogin {
return nil, ErrorNoValidAuthFound
}

// Login with browser.
log.Print("No credentials found, proceeding with browser login.")

Expand Down
3 changes: 3 additions & 0 deletions config/hcp.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,9 @@ type hcpConfig struct {

// profile is the user's organization id and project id
profile *profile.UserProfile

// noBrowserLogin is an option to not automatically open browser login in no valid auth method is found.
noBrowserLogin bool
}

func (c *hcpConfig) Profile() *profile.UserProfile {
Expand Down
7 changes: 7 additions & 0 deletions config/new.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,13 @@ func NewHCPConfig(opts ...HCPConfigOption) (HCPConfig, error) {
}
}

// fail out with a typed error if invoker specified WithoutBrowserLogin
if config.noBrowserLogin {
config.session = &auth.UserSession{
NoBrowserLogin: true,
}
}

// Set up a token context with the custom auth TLS config
tokenTransport := cleanhttp.DefaultPooledTransport()
tokenTransport.TLSClientConfig = config.authTLSConfig
Expand Down
9 changes: 9 additions & 0 deletions config/with.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,3 +137,12 @@ func WithProfile(p *profile.UserProfile) HCPConfigOption {
return nil
}
}

// WithoutBrowserLogin disables the automatic opening of the browser login if no valid auth method is found
// instead force the return of a typed error for users to catch
func WithoutBrowserLogin() HCPConfigOption {
return func(config *hcpConfig) error {
config.noBrowserLogin = true
return nil
}
}
11 changes: 11 additions & 0 deletions config/with_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,3 +123,14 @@ func TestWith_Profile(t *testing.T) {
require.Equal("project-id-1234", config.Profile().ProjectID)

}

func TestWithout_BrowserLogin(t *testing.T) {
require := requirepkg.New(t)

// Exercise
config := &hcpConfig{}
require.NoError(apply(config, WithoutBrowserLogin()))

// Ensure flag is set
require.True(config.noBrowserLogin)
}