-
-
Notifications
You must be signed in to change notification settings - Fork 105
/
http.go
126 lines (104 loc) · 3.66 KB
/
http.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
// Copyright © 2023 Ory Corp
// SPDX-License-Identifier: Apache-2.0
package cmdx
import (
"crypto/tls"
"fmt"
"net/http"
"net/url"
"os"
"strings"
"time"
"github.com/hashicorp/go-retryablehttp"
"github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
"github.com/ory/x/httpx"
)
const (
envKeyEndpoint = "ORY_SDK_URL"
FlagEndpoint = "endpoint"
FlagSkipTLSVerify = "skip-tls-verify"
FlagHeaders = "http-header"
)
// Remote returns the remote endpoint for the given command.
func Remote(cmd *cobra.Command) (string, error) {
endpoint, err := cmd.Flags().GetString(FlagEndpoint)
if err != nil {
return "", errors.WithStack(err)
}
if endpoint != "" {
return strings.TrimRight(endpoint, "/"), nil
} else if endpoint := os.Getenv("ORY_SDK_URL"); endpoint != "" {
return strings.TrimRight(endpoint, "/"), nil
}
_, _ = fmt.Fprintf(cmd.ErrOrStderr(), "To execute this command, the endpoint URL must point to the URL where Ory is located. To set the endpoint URL, use flag `--endpoint` or environment variable `ORY_SDK_URL`.")
return "", FailSilently(cmd)
}
// RemoteURI returns the remote URI for the given command.
func RemoteURI(cmd *cobra.Command) (*url.URL, error) {
remote, err := Remote(cmd)
if err != nil {
return nil, err
}
endpoint, err := url.ParseRequestURI(remote)
if err != nil {
_, _ = fmt.Fprintf(cmd.ErrOrStderr(), "Could not parse endpoint URL: %s", err)
return nil, err
}
return endpoint, nil
}
// NewClient creates a new HTTP client.
func NewClient(cmd *cobra.Command) (*http.Client, *url.URL, error) {
endpoint, err := cmd.Flags().GetString(FlagEndpoint)
if err != nil {
return nil, nil, errors.WithStack(err)
}
if endpoint == "" {
endpoint = os.Getenv(envKeyEndpoint)
}
if endpoint == "" {
return nil, nil, errors.Errorf("you have to set the remote endpoint, try --help for details")
}
u, err := url.Parse(strings.TrimRight(endpoint, "/"))
if err != nil {
return nil, nil, errors.Wrapf(err, `could not parse the endpoint URL "%s"`, endpoint)
}
hc := retryablehttp.NewClient().StandardClient()
hc.Timeout = time.Second * 10
rawHeaders, err := cmd.Flags().GetStringSlice(FlagHeaders)
if err != nil {
return nil, nil, errors.WithStack(err)
}
header := http.Header{}
for _, h := range rawHeaders {
parts := strings.Split(h, ":")
if len(parts) != 2 {
_, _ = fmt.Fprintf(cmd.OutOrStdout(), "Unable to parse `--http-header` flag. Format of flag value is a `: ` delimited string like `--http-header 'Some-Header: some-values; other values`. Received: %v", rawHeaders)
return nil, nil, FailSilently(cmd)
}
for k := range parts {
parts[k] = strings.TrimSpace(parts[k])
}
header.Add(parts[0], parts[1])
}
skipVerify, err := cmd.Flags().GetBool(FlagSkipTLSVerify)
if err != nil {
return nil, nil, errors.WithStack(err)
}
rt := httpx.NewTransportWithHeader(header)
rt.RoundTripper = &http.Transport{
//#nosec G402 -- This is a false positive
TLSClientConfig: &tls.Config{
InsecureSkipVerify: skipVerify,
},
}
hc.Transport = rt
return hc, u, nil
}
// RegisterHTTPClientFlags registers HTTP client configuration flags.
func RegisterHTTPClientFlags(flags *pflag.FlagSet) {
flags.StringP(FlagEndpoint, FlagEndpoint[:1], "", fmt.Sprintf("The API URL this command should target. Alternatively set using the %s environmental variable.", envKeyEndpoint))
flags.Bool(FlagSkipTLSVerify, false, "Do not verify TLS certificates. Useful when dealing with self-signed certificates. Do not use in production!")
flags.StringSliceP(FlagHeaders, "H", []string{}, "A list of additional HTTP headers to set. HTTP headers is separated by a `: `, for example: `-H 'Authorization: bearer some-token'`.")
}