Skip to content

Commit

Permalink
insecureRequest
Browse files Browse the repository at this point in the history
  • Loading branch information
@enrichman
enrichman committed Apr 18, 2024
1 parent 9d63410 commit c7030bc
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 21 deletions.
23 changes: 14 additions & 9 deletions cmd/kubectl_token.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -311,7 +311,7 @@ func loginAndGenerateCred(input *LoginInput) (*config.ExecCredential, error) {
return nil, err
}

authProviders, err := getAuthProviders(client, input.server)
authProviders, err := getAuthProviders(input.server)
if err != nil {
return nil, err
}
Expand All @@ -329,14 +329,14 @@ func loginAndGenerateCred(input *LoginInput) (*config.ExecCredential, error) {
return nil, err
}
} else if oauthProviders[input.authProvider] {
tokenPtr, err := oauthAuth(input, client, selectedProvider)
tokenPtr, err := oauthAuth(input, selectedProvider)
if err != nil {
return nil, err
}
token = *tokenPtr
} else {
customPrint(fmt.Sprintf("Enter credentials for %s \n", input.authProvider))
token, err = basicAuth(input, client)
token, err = basicAuth(input)
if err != nil {
return nil, err
}
Expand All @@ -363,7 +363,7 @@ func loginAndGenerateCred(input *LoginInput) (*config.ExecCredential, error) {

}

func basicAuth(input *LoginInput, client *http.Client) (managementClient.Token, error) {
func basicAuth(input *LoginInput) (managementClient.Token, error) {
token := managementClient.Token{}
username, err := customPrompt("Enter username: ", true)
if err != nil {
Expand All @@ -385,7 +385,7 @@ func basicAuth(input *LoginInput, client *http.Client) (managementClient.Token,
url := fmt.Sprintf("%s/v3-public/%ss/%s?action=login", input.server, input.authProvider,
strings.ToLower(strings.Replace(input.authProvider, "Provider", "", 1)))

response, err := request(client, http.MethodPost, url, bytes.NewBufferString(body))
response, err := insecureRequest(http.MethodPost, url, bytes.NewBufferString(body))
if err != nil {
return token, nil
}
Expand Down Expand Up @@ -523,11 +523,11 @@ type TypedProvider interface {
GetType() string
}

func getAuthProviders(client *http.Client, server string) ([]TypedProvider, error) {
func getAuthProviders(server string) ([]TypedProvider, error) {
authProviders := fmt.Sprintf(authProviderURL, server)
customPrint(authProviders)

response, err := request(client, http.MethodGet, authProviders, nil)
response, err := insecureRequest(http.MethodGet, authProviders, nil)
if err != nil {
return nil, err
}
Expand Down Expand Up @@ -666,12 +666,17 @@ func getTLSConfig(skipVerify bool, caCerts string) (*tls.Config, error) {
return config, nil
}

func request(client *http.Client, method, url string, body io.Reader) ([]byte, error) {
func insecureRequest(method, url string, body io.Reader) ([]byte, error) {
var response []byte

req, err := http.NewRequest(method, url, body)
if err != nil {
return response, err
return nil, err
}

client, err := getClient(true, "")
if err != nil {
return nil, err
}

res, err := client.Do(req)
Expand Down
15 changes: 4 additions & 11 deletions cmd/kubectl_token_oauth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import (
"context"
"encoding/json"
"fmt"
"io"
"net/http"
"strings"

Expand All @@ -16,7 +15,7 @@ import (
"golang.org/x/oauth2"
)

func oauthAuth(input *LoginInput, client *http.Client, provider TypedProvider) (*managementClient.Token, error) {
func oauthAuth(input *LoginInput, provider TypedProvider) (*managementClient.Token, error) {
oauthConfig, err := newOauthConfig(provider)
if err != nil {
return nil, err
Expand All @@ -39,7 +38,7 @@ func oauthAuth(input *LoginInput, client *http.Client, provider TypedProvider) (
return nil, err
}

token, err := rancherLogin(input, client, provider, oauthToken)
token, err := rancherLogin(input, provider, oauthToken)
if err != nil {
return nil, fmt.Errorf("error during rancher login: %w", err)
}
Expand Down Expand Up @@ -67,7 +66,7 @@ func newOauthConfig(provider TypedProvider) (*oauth2.Config, error) {
}, nil
}

func rancherLogin(input *LoginInput, client *http.Client, provider TypedProvider, oauthToken *oauth2.Token) (*managementClient.Token, error) {
func rancherLogin(input *LoginInput, provider TypedProvider, oauthToken *oauth2.Token) (*managementClient.Token, error) {
// login with id_token
providerName := strings.ToLower(strings.TrimSuffix(input.authProvider, "Provider"))
url := fmt.Sprintf("%s/v3-public/%ss/%s?action=login", input.server, provider.GetType(), providerName)
Expand All @@ -85,13 +84,7 @@ func rancherLogin(input *LoginInput, client *http.Client, provider TypedProvider
return nil, err
}

response, err := client.Post(url, "application/json", bytes.NewBuffer(jsonBody))
if err != nil {
return nil, err
}
defer response.Body.Close()

b, err := io.ReadAll(response.Body)
b, err := insecureRequest(http.MethodPost, url, bytes.NewBuffer(jsonBody))
if err != nil {
return nil, err
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/kubectl_token_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func Test_getAuthProviders(t *testing.T) {
for _, tc := range tt {
tc := tc
t.Run(tc.name, func(t *testing.T) {
got, err := getAuthProviders(http.DefaultClient, tc.server.URL)
got, err := getAuthProviders(tc.server.URL)

if tc.expectedErr != "" {
assert.EqualError(t, err, tc.expectedErr)
Expand Down

0 comments on commit c7030bc

Please sign in to comment.