forked from rancher/machine
-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth_util.go
121 lines (106 loc) · 2.72 KB
/
auth_util.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
package google
import (
"encoding/gob"
"fmt"
"net/http"
"os"
"os/exec"
"path"
"strings"
"time"
"code.google.com/p/goauth2/oauth"
log "github.com/Sirupsen/logrus"
raw "google.golang.org/api/compute/v1"
)
const (
AuthURL = "https://accounts.google.com/o/oauth2/auth"
TokenURL = "https://accounts.google.com/o/oauth2/token"
ClientId = "22738965389-8arp8bah3uln9eoenproamovfjj1ac33.apps.googleusercontent.com"
ClientSecret = "qApc3amTyr5wI74vVrRWAfC_"
RedirectURI = "urn:ietf:wg:oauth:2.0:oob"
)
func newGCEService(storePath string) (*raw.Service, error) {
client := newOauthClient(storePath)
service, err := raw.New(client)
return service, err
}
func newOauthClient(storePath string) *http.Client {
config := &oauth.Config{
ClientId: ClientId,
ClientSecret: ClientSecret,
Scope: raw.ComputeScope,
AuthURL: AuthURL,
TokenURL: TokenURL,
}
token := token(storePath, config)
t := oauth.Transport{
Token: token,
Config: config,
Transport: http.DefaultTransport,
}
return t.Client()
}
func token(storePath string, config *oauth.Config) *oauth.Token {
token, err := tokenFromCache(storePath)
if err != nil {
token = tokenFromWeb(config)
saveToken(storePath, token)
}
return token
}
func tokenFromCache(storePath string) (*oauth.Token, error) {
tokenPath := path.Join(storePath, "gce_token")
f, err := os.Open(tokenPath)
if err != nil {
return nil, err
}
token := new(oauth.Token)
err = gob.NewDecoder(f).Decode(token)
return token, err
}
func tokenFromWeb(config *oauth.Config) *oauth.Token {
randState := fmt.Sprintf("st%d", time.Now().UnixNano())
config.RedirectURL = RedirectURI
authURL := config.AuthCodeURL(randState)
log.Info("Opening auth URL in browser.")
log.Info(authURL)
log.Info("If the URL doesn't open please open it manually and copy the code here.")
openURL(authURL)
code := getCodeFromStdin()
log.Infof("Got code: %s", code)
t := &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
_, err := t.Exchange(code)
if err != nil {
log.Fatalf("Token exchange error: %v", err)
}
return t.Token
}
func getCodeFromStdin() string {
fmt.Print("Enter code: ")
var code string
fmt.Scanln(&code)
return strings.Trim(code, "\n")
}
func openURL(url string) {
try := []string{"xdg-open", "google-chrome", "open"}
for _, bin := range try {
err := exec.Command(bin, url).Run()
if err == nil {
return
}
}
}
func saveToken(storePath string, token *oauth.Token) {
tokenPath := path.Join(storePath, "gce_token")
log.Infof("Saving token in %v", tokenPath)
f, err := os.Create(tokenPath)
if err != nil {
log.Infof("Warning: failed to cache oauth token: %v", err)
return
}
defer f.Close()
gob.NewEncoder(f).Encode(token)
}