// Authenticate using an API Client identifier and secret, and get a list of
// servers
func Example() {
apiUrl := "https://api.gb1.brightbox.com"
clientId := "cli-xxxxx"
clientSecret := "somesecret"
// Setup OAuth2 authentication
conf := clientcredentials.Config{
ClientID: clientId,
ClientSecret: clientSecret,
Scopes: []string{},
TokenURL: apiUrl + "/token",
}
oc := conf.Client(oauth2.NoContext)
// Setup connection to API
client, err := brightbox.NewClient(apiUrl, "", oc)
if err != nil {
fmt.Println(err)
return
}
// Get a list of servers
servers, err := client.Servers()
if err != nil {
fmt.Println(err)
return
}
for _, server := range servers {
fmt.Printf("id:%s name:%s\n", server.Id, server.Name)
}
}
func (authd *authdetails) apiClientAuth() (*brightbox.Client, error) {
conf := clientcredentials.Config{
ClientID: authd.APIClient,
ClientSecret: authd.APISecret,
Scopes: infrastructureScope,
TokenURL: authd.tokenURL(),
}
oauthConnection := conf.Client(oauth2.NoContext)
return brightbox.NewClient(authd.APIURL, authd.Account, oauthConnection)
}
func NewClient() *DevStudioApiClient {
// Shout out to https://www.snip2code.com/Snippet/551369/Example-usage-of-https---godoc-org-golan
baseUrl, _ := baseUrl()
clientID, _ := clientID()
clientSecret, _ := clientSecret()
config := clientcredentials.Config{
ClientID: clientID,
ClientSecret: clientSecret,
TokenURL: baseUrl + "/v1/auth/token",
}
// the client will update its token if it's expired
client := config.Client(context.Background())
return &DevStudioApiClient{Client: client, BaseUrl: baseUrl}
}
func (authd *authdetails) apiClientAuth() (*brightbox.Client, error) {
conf := clientcredentials.Config{
ClientID: authd.APIClient,
ClientSecret: authd.APISecret,
Scopes: infrastructureScope,
TokenURL: authd.tokenURL(),
}
log.Printf("[DEBUG] Obtaining API client authorisation for client %s", authd.APIClient)
oauthConnection := conf.Client(oauth2.NoContext)
if authd.currentToken == nil {
log.Printf("[DEBUG] Retrieving auth token for %s", conf.ClientID)
token, err := conf.Token(oauth2.NoContext)
if err != nil {
return nil, err
}
authd.currentToken = token
}
return brightbox.NewClient(authd.APIURL, authd.Account, oauthConnection)
}
func (c *Config) OAuth2Client(cmd *cobra.Command) *http.Client {
c.Lock()
defer c.Unlock()
if c.oauth2Client != nil {
return c.oauth2Client
}
oauthConfig := clientcredentials.Config{
ClientID: c.ClientID,
ClientSecret: c.ClientSecret,
TokenURL: pkg.JoinURLStrings(c.ClusterURL, "/oauth2/token"),
Scopes: []string{
"core",
"hydra",
},
}
ctx := context.Background()
if ok, _ := cmd.Flags().GetBool("skip-tls-verify"); ok {
fmt.Println("Warning: Skipping TLS Certificate Verification.")
ctx = context.WithValue(context.Background(), oauth2.HTTPClient, &http.Client{Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}})
}
_, err := oauthConfig.Token(ctx)
if err != nil {
fmt.Printf("Could not authenticate, because: %s\n", err)
fmt.Println("Did you forget to log on? Run `hydra connect`.")
fmt.Println("Did you run Hydra without a valid TLS certificate? Make sure to use the `--skip-tls-verify` flag.")
fmt.Println("Did you know you can skip `hydra connect` when running `hydra host --dangerous-auto-logon`? DO NOT use this flag in production!")
os.Exit(1)
}
c.oauth2Client = oauthConfig.Client(ctx)
return c.oauth2Client
}
func (w *HTTPWarden) SetClient(c *clientcredentials.Config) {
w.Client = c.Client(oauth2.NoContext)
}
