cmd: Add https option to token user command (#1150)

Closes #1147
ory · Nov 2, 2018 · 2ff6561 · 2ff6561
1 parent 8cc62a1
commit 2ff6561
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 4 deletions.
diff --git a/cmd/token_user.go b/cmd/token_user.go
@@ -22,6 +22,8 @@ package cmd
 
 import (
 	"context"
+	"crypto/rand"
+	"crypto/rsa"
 	"crypto/tls"
 	"fmt"
 	"net/http"
@@ -40,6 +42,7 @@ import (
 	"github.com/ory/x/cmdx"
 	"github.com/ory/x/flagx"
 	"github.com/ory/x/randx"
+	"github.com/ory/x/tlsx"
 )
 
 // tokenUserCmd represents the token command
@@ -56,6 +59,7 @@ var tokenUserCmd = &cobra.Command{
 			}})
 		}
 
+		isSSL := flagx.MustGetBool(cmd, "https")
 		port := flagx.MustGetInt(cmd, "port")
 		scopes := flagx.MustGetStringSlice(cmd, "scope")
 		prompt := flagx.MustGetStringSlice(cmd, "prompt")
@@ -73,7 +77,12 @@ var tokenUserCmd = &cobra.Command{
 			return
 		}
 
-		serverLocation := fmt.Sprintf("http://127.0.0.1:%d/", port)
+		proto := "http"
+		if isSSL {
+			proto = "https"
+		}
+
+		serverLocation := fmt.Sprintf("%s://127.0.0.1:%d/", proto, port)
 		if redirectUrl == "" {
 			redirectUrl = serverLocation + "callback"
 		}
@@ -124,7 +133,16 @@ var tokenUserCmd = &cobra.Command{
 		fmt.Printf("If your browser does not open automatically, navigate to:\n\n\t%s\n\n", serverLocation)
 
 		r := httprouter.New()
-		server := &http.Server{Addr: fmt.Sprintf(":%d", port), Handler: r}
+		var tlsc *tls.Config
+		if isSSL {
+			key, err := rsa.GenerateKey(rand.Reader, 2048)
+			cmdx.Must(err, "Unable to generate RSA key pair: %s", err)
+			cert, err := tlsx.CreateSelfSignedTLSCertificate(key)
+			cmdx.Must(err, "Unable to generate self-signed TLS Certificate: %s", err)
+			tlsc = &tls.Config{Certificates: []tls.Certificate{*cert}}
+		}
+
+		server := &http.Server{Addr: fmt.Sprintf(":%d", port), Handler: r, TLSConfig: tlsc}
 		var shutdown = func() {
 			time.Sleep(time.Second * 1)
 			ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
@@ -196,7 +214,13 @@ To initiate the flow, click the "Authorize Application" button.</p>
 
 			go shutdown()
 		})
-		server.ListenAndServe()
+
+		if isSSL {
+			server.ListenAndServeTLS("", "")
+		} else {
+			server.ListenAndServe()
+		}
+
 	},
 }
 
@@ -216,4 +240,5 @@ func init() {
 	tokenUserCmd.Flags().String("auth-url", "", "Usually it is enough to specify the `endpoint` flag, but if you want to force the authorization url, use this flag")
 	tokenUserCmd.Flags().String("token-url", "", "Usually it is enough to specify the `endpoint` flag, but if you want to force the token url, use this flag")
 	tokenUserCmd.Flags().String("endpoint", os.Getenv("HYDRA_URL"), "Set the URL where ORY Hydra is hosted, defaults to environment variable HYDRA_URL")
+	tokenUserCmd.Flags().Bool("https", false, "Sets up HTTPS for the endpoint using a self-signed certificate which is re-generated every time you start this command")
 }
diff --git a/go.mod b/go.mod
@@ -24,7 +24,7 @@ require (
 	github.com/ory/graceful v0.1.0
 	github.com/ory/herodot v0.4.1
 	github.com/ory/sqlcon v0.0.7
-	github.com/ory/x v0.0.27
+	github.com/ory/x v0.0.28
 	github.com/pborman/uuid v1.2.0
 	github.com/phayes/freeport v0.0.0-20171002181615-b8543db493a5
 	github.com/pkg/errors v0.8.0

diff --git a/go.sum b/go.sum
@@ -142,6 +142,7 @@ github.com/ory/fosite v0.26.2-0.20181031085642-2da976477fcd41493103ea478541d68ca
 github.com/ory/fosite v0.26.2-0.20181031085642-2da976477fcd41493103ea478541d68ca04083ae/go.mod h1:uttCRNB0lM7+BJFX7CC8Bqo9gAPrcpmA9Ezc80Trwuw=
 github.com/ory/fosite v0.26.2-0.20181031085642-e2441d231a19 h1:8jQrkb3nO4nG5Dzpb2fj1ksaSDE2DGhFIhPt1jFgK74=
 github.com/ory/fosite v0.26.2-0.20181031085642-e2441d231a19/go.mod h1:uttCRNB0lM7+BJFX7CC8Bqo9gAPrcpmA9Ezc80Trwuw=
+github.com/ory/fosite v0.27.0 h1:QYHW+asgRRIw5uk8a42/VpiwMQqQMPwZ4TP4xKNIMEA=
 github.com/ory/fosite v0.27.0/go.mod h1:uttCRNB0lM7+BJFX7CC8Bqo9gAPrcpmA9Ezc80Trwuw=
 github.com/ory/go-convenience v0.1.0 h1:zouLKfF2GoSGnJwGq+PE/nJAE6dj2Zj5QlTgmMTsTS8=
 github.com/ory/go-convenience v0.1.0/go.mod h1:uEY/a60PL5c12nYz4V5cHY03IBmwIAEm8TWB0yn9KNs=
@@ -160,6 +161,8 @@ github.com/ory/x v0.0.25/go.mod h1:ARp3iXjJhOEErlXHwUtfgVtEN1VnmW1ZxBZ0bw8eARk=
 github.com/ory/x v0.0.26/go.mod h1:ARp3iXjJhOEErlXHwUtfgVtEN1VnmW1ZxBZ0bw8eARk=
 github.com/ory/x v0.0.27 h1:Dk/vlehXkf7LJbg9Y9tw2tRp/dBmywWAIcJJtTQbchU=
 github.com/ory/x v0.0.27/go.mod h1:ARp3iXjJhOEErlXHwUtfgVtEN1VnmW1ZxBZ0bw8eARk=
+github.com/ory/x v0.0.28 h1:clBcMxMu/c7pLQhoioliRlJ7y8te73BCQmdMHdG2DAE=
+github.com/ory/x v0.0.28/go.mod h1:ARp3iXjJhOEErlXHwUtfgVtEN1VnmW1ZxBZ0bw8eARk=
 github.com/parnurzeal/gorequest v0.2.15/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE=
 github.com/pborman/uuid v1.2.0 h1:J7Q5mO4ysT1dv8hyrUGHb9+ooztCXu1D8MY8DZYsu3g=
 github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=