command lines options for oidc-token for getting issuer, expiration t…

…ime #72
indigo-dc · Oct 31, 2018 · 069d0c4 · 069d0c4
1 parent 3e67ead
commit 069d0c4
Show file tree

Hide file tree

Showing 4 changed files with 137 additions and 11 deletions.
diff --git a/src/api.c b/src/api.c
@@ -11,7 +11,7 @@
 #include <syslog.h>
 
 #ifndef API_LOGLEVEL
-#define API_LOGLEVEL LOG_DEBUG
+#define API_LOGLEVEL LOG_NOTICE
 #endif  // API_LOGLEVEL
 
 #ifndef START_APILOGLEVEL

diff --git a/src/oidc-token.c b/src/oidc-token.c
@@ -17,12 +17,46 @@ int main(int argc, char** argv) {
         arguments.args[0], arguments.min_valid_period, scope_str,
         "oidc-token");  // for getting a valid access token just call the api
     secFree(scope_str);
+
     if (response.token == NULL) {
       // fprintf(stderr, "Error: %s\n", oidcagent_serror());
       oidcagent_perror();
     } else {
-      printf("%s\n", response.token);
-      // Use response.issuer to access the issuer_url
+      if (arguments.printAll) {
+        printf("%s\n", response.token);
+        printf("%s\n", response.issuer);
+        printf("%lu\n", response.expires_at);
+      } else if ((arguments.expiration_env.useIt + arguments.token_env.useIt +
+                  arguments.issuer_env.useIt) >
+                 1) {  // more than one option specified
+        printEnvCommands(arguments, response);
+      } else if ((arguments.expiration_env.useIt + arguments.token_env.useIt +
+                  arguments.issuer_env.useIt) ==
+                 0) {  // non of these options sepcified
+        printf("%s\n", response.token);
+      } else {  // only one option specified
+        if (arguments.issuer_env.useIt) {
+          if (arguments.issuer_env.str == NULL) {
+            printf("%s\n", response.issuer);
+          } else {
+            printEnvCommands(arguments, response);
+          }
+        }
+        if (arguments.token_env.useIt) {
+          if (arguments.token_env.str == NULL) {
+            printf("%s\n", response.token);
+          } else {
+            printEnvCommands(arguments, response);
+          }
+        }
+        if (arguments.expiration_env.useIt) {
+          if (arguments.expiration_env.str == NULL) {
+            printf("%lu\n", response.expires_at);
+          } else {
+            printEnvCommands(arguments, response);
+          }
+        }
+      }
     }
     secFreeTokenResponse(response);
   }
@@ -31,3 +65,20 @@ int main(int argc, char** argv) {
   }
   return 0;
 }
+
+void printEnvCommands(struct arguments      arguments,
+                      struct token_response response) {
+  if (arguments.token_env.useIt) {
+    char* env_name = arguments.token_env.str ?: ENV_TOKEN;
+    fprintf(stdout, "%s=%s; export %s;\n", env_name, response.token, env_name);
+  }
+  if (arguments.issuer_env.useIt) {
+    char* env_name = arguments.issuer_env.str ?: ENV_ISS;
+    fprintf(stdout, "%s=%s; export %s;\n", env_name, response.issuer, env_name);
+  }
+  if (arguments.expiration_env.useIt) {
+    char* env_name = arguments.expiration_env.str ?: ENV_EXP;
+    fprintf(stdout, "%s=%ld; export %s;\n", env_name, response.expires_at,
+            env_name);
+  }
+}
diff --git a/src/oidc-token.h b/src/oidc-token.h
@@ -1,10 +1,14 @@
 #ifndef OIDC_TOKEN_H
 #define OIDC_TOKEN_H
 
+#include "../lib/api/oidc-agent-api.h"
+#include "oidc-token_options.h"
 #include "version.h"
 
 const char* argp_program_version = TOKEN_VERSION;
 
 const char* argp_program_bug_address = BUG_ADDRESS;
 
+void printEnvCommands(struct arguments      arguments,
+                      struct token_response response);
 #endif  // OIDC_TOKEN_H
diff --git a/src/oidc-token_options.h b/src/oidc-token_options.h
@@ -7,11 +7,24 @@
 #include <argp.h>
 #include <stdlib.h>
 
+#define ENV_TOKEN "OIDC_AT"
+#define ENV_ISS "OIDC_ISS"
+#define ENV_EXP "OIDC_EXP"
+
+struct optional_arg {
+  char* str;
+  short useIt;
+};
+
 struct arguments {
-  char*         args[1]; /* account shortname */
-  unsigned long min_valid_period;
-  list_t*       scopes;
-  int           noSeccomp;
+  char*               args[1]; /* account shortname */
+  unsigned long       min_valid_period;
+  list_t*             scopes;
+  int                 noSeccomp;
+  struct optional_arg issuer_env;
+  struct optional_arg expiration_env;
+  struct optional_arg token_env;
+  int                 printAll;
 };
 
 #define OPT_NOSECCOMP 1
@@ -20,6 +33,39 @@ static struct argp_option options[] = {
     {0, 0, 0, 0, "General:", 1},
     {"time", 't', "SECONDS", 0,
      "Minimum number of seconds the access token should be valid", 1},
+    {"issuer", 'i', "OIDC_ISS", 1,
+     "Return the issuer associated with the requested access token. If neither "
+     "-e nor -o is set and OIDC_ISS is not passed, the issuer is printed to "
+     "stdout. Otherwise shell commands are printed that will export the value "
+     "into an environment variable. The name of this variable can be set with "
+     "OIDC_ISS.",
+     2},
+    {"expires-at", 'e', "OIDC_EXP", 1,
+     "Return the expiration time for the requested access token. If neither "
+     "-i nor -o is set and OIDC_EXP is not passed, the expiration time is "
+     "printed to stdout. Otherwise shell commands are printed that will export "
+     "the value into an environment variable. The name of this variable can be "
+     "set with OIDC_EXP.",
+     2},
+    {"token", 'o', "OIDC_AT", 1,
+     "Return the requested access token. If neither "
+     "-i nor -e is set and OIDC_AT is not passed, the token is printed to "
+     "stdout (Same behaviour as without this option). Otherwise shell commands "
+     "are printed that will export the value "
+     "into an environment variable. The name of this variable can be set with "
+     "OIDC_AT.",
+     2},
+    {"env", 'c', 0, 0,
+     "This will get all available information (same as -a), but will print "
+     "shell commands that export environment variables (default names).  The "
+     "result for this option is the same as for using 'oidc-token -oie'. With "
+     "the -o -i and -e options the name of each environment variable can be "
+     "changed.",
+     2},
+    {"all", 'a', 0, 0,
+     "Return all available information (token, issuer, expiration time). Each "
+     "value is printed in one line.",
+     2},
 
     {0, 0, 0, 0, "Advanced:", 2},
     {"scope", 's', "SCOPE", 0,
@@ -54,6 +100,24 @@ static error_t parse_opt(int key, char* arg, struct argp_state* state) {
       arguments->min_valid_period = atoi(arg);
       break;
     case OPT_NOSECCOMP: arguments->noSeccomp = 1; break;
+    case 'i':
+      arguments->issuer_env.str   = arg;
+      arguments->issuer_env.useIt = 1;
+      break;
+    case 'o':
+      arguments->token_env.str   = arg;
+      arguments->token_env.useIt = 1;
+      break;
+    case 'e':
+      arguments->expiration_env.str   = arg;
+      arguments->expiration_env.useIt = 1;
+      break;
+    case 'a': arguments->printAll = 1;
+    case 'c':
+      arguments->issuer_env.useIt     = 1;
+      arguments->token_env.useIt      = 1;
+      arguments->expiration_env.useIt = 1;
+      break;
     case 'h':
       argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
       break;
@@ -81,10 +145,17 @@ static char doc[] =
 static struct argp argp = {options, parse_opt, args_doc, doc, 0, 0, 0};
 
 static inline void initArguments(struct arguments* arguments) {
-  arguments->min_valid_period = 0;
-  arguments->args[0]          = NULL;
-  arguments->scopes           = NULL;
-  arguments->noSeccomp        = 1;
+  arguments->min_valid_period     = 0;
+  arguments->args[0]              = NULL;
+  arguments->scopes               = NULL;
+  arguments->noSeccomp            = 1;
+  arguments->expiration_env.str   = NULL;
+  arguments->expiration_env.useIt = 0;
+  arguments->token_env.str        = NULL;
+  arguments->token_env.useIt      = 0;
+  arguments->issuer_env.str       = NULL;
+  arguments->issuer_env.useIt     = 0;
+  arguments->printAll             = 0;
 }
 
 #endif  // OIDC_TOKEN_OPTIONS_H