func (c *Config) OAuth2Client(cmd *cobra.Command) *http.Client { c.Lock() defer c.Unlock() if c.oauth2Client != nil { return c.oauth2Client } oauthConfig := clientcredentials.Config{ ClientID: c.ClientID, ClientSecret: c.ClientSecret, TokenURL: pkg.JoinURLStrings(c.ClusterURL, "/oauth2/token"), Scopes: []string{ "core", "hydra", }, } ctx := context.Background() if ok, _ := cmd.Flags().GetBool("skip-tls-verify"); ok { fmt.Println("Warning: Skipping TLS Certificate Verification.") ctx = context.WithValue(context.Background(), oauth2.HTTPClient, &http.Client{Transport: &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, }}) } _, err := oauthConfig.Token(ctx) if err != nil { fmt.Printf("Could not authenticate, because: %s\n", err) fmt.Println("Did you forget to log on? Run `hydra connect`.") fmt.Println("Did you run Hydra without a valid TLS certificate? Make sure to use the `--skip-tls-verify` flag.") fmt.Println("Did you know you can skip `hydra connect` when running `hydra host --dangerous-auto-logon`? DO NOT use this flag in production!") os.Exit(1) } c.oauth2Client = oauthConfig.Client(ctx) return c.oauth2Client }
Use: "client", Short: "Generate an OAuth2 token the client grant type", Long: "This command uses the CLI's credentials to create an access token.", Run: func(cmd *cobra.Command, args []string) { ctx := context.Background() if ok, _ := cmd.Flags().GetBool("skip-tls-verify"); ok { fmt.Println("Warning: Skipping TLS Certificate Verification.") ctx = context.WithValue(context.Background(), oauth2.HTTPClient, &http.Client{Transport: &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, }}) } oauthConfig := clientcredentials.Config{ ClientID: c.ClientID, ClientSecret: c.ClientSecret, TokenURL: pkg.JoinURLStrings(c.ClusterURL, "/oauth2/token"), Scopes: []string{ "core", "hydra", }, } t, err := oauthConfig.Token(ctx) pkg.Must(err, "Could not authenticate, because: %s\n", err) fmt.Printf("%s", t.AccessToken) }, } func init() { tokenCmd.AddCommand(tokenSelfCmd) }