generated from brevdev/seed
-
Notifications
You must be signed in to change notification settings - Fork 14
/
authtoken.go
115 lines (97 loc) · 2.64 KB
/
authtoken.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package store
import (
"fmt"
"io/ioutil"
"path"
"github.com/brevdev/brev-cli/pkg/entity"
breverrors "github.com/brevdev/brev-cli/pkg/errors"
"github.com/brevdev/brev-cli/pkg/files"
"github.com/spf13/afero"
)
// TODO 1 test cov
const (
brevCredentialsFile = "credentials.json"
brevDirectory = ".brev"
)
func GetBrevDirectory() string {
return brevDirectory
}
func (f FileStore) SaveAuthTokens(token entity.AuthTokens) error {
if token.AccessToken == "" {
return fmt.Errorf("access token is empty")
}
brevCredentialsFile, err := f.getBrevCredentialsFile()
if err != nil {
return breverrors.WrapAndTrace(err)
}
err = files.OverwriteJSON(f.fs, *brevCredentialsFile, token)
if err != nil {
return breverrors.WrapAndTrace(err)
}
return nil
}
func (f FileStore) GetAuthTokens() (*entity.AuthTokens, error) {
serviceToken, err := f.GetCurrentWorkspaceServiceToken()
if err == nil && serviceToken != "" {
return &entity.AuthTokens{
AccessToken: serviceToken,
}, nil
}
brevCredentialsFile, err := f.getBrevCredentialsFile()
if err != nil {
return nil, breverrors.WrapAndTrace(err)
}
exists, err := afero.Exists(f.fs, *brevCredentialsFile)
if err != nil {
return nil, breverrors.WrapAndTrace(err)
}
if !exists {
return nil, &breverrors.CredentialsFileNotFound{}
}
var token entity.AuthTokens
err = files.ReadJSON(f.fs, *brevCredentialsFile, &token)
if err != nil {
return nil, breverrors.WrapAndTrace(err)
}
return &token, nil
}
func (f FileStore) GetCurrentWorkspaceServiceToken() (string, error) {
saTokenFilePath := getServiceTokenFilePath()
// safely check if file exists
exists, err := f.FileExists(saTokenFilePath)
if !exists || err != nil {
return "", err
}
saTokenFile, err := f.fs.Open(saTokenFilePath)
defer saTokenFile.Close() //nolint: errcheck // defer is fine
if err != nil {
return "", breverrors.WrapAndTrace(err)
}
token, err := ioutil.ReadAll(saTokenFile)
if err != nil {
return "", breverrors.WrapAndTrace(err)
}
return string(token), nil
}
func getServiceTokenFilePath() string {
return "/var/run/secrets/kubernetes.io/serviceaccount/token"
}
func (f FileStore) DeleteAuthTokens() error {
brevCredentialsFile, err := f.getBrevCredentialsFile()
if err != nil {
return breverrors.WrapAndTrace(err)
}
err = files.DeleteFile(f.fs, *brevCredentialsFile)
if err != nil {
return breverrors.WrapAndTrace(err)
}
return nil
}
func (f FileStore) getBrevCredentialsFile() (*string, error) {
home, err := f.UserHomeDir()
if err != nil {
return nil, breverrors.WrapAndTrace(err)
}
brevCredentialsFile := path.Join(home, brevDirectory, brevCredentialsFile)
return &brevCredentialsFile, nil
}