forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
validate.go
97 lines (82 loc) · 2.6 KB
/
validate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
package tokens
import (
"encoding/json"
"fmt"
kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client"
"github.com/golang/glog"
"github.com/spf13/cobra"
osclient "github.com/openshift/origin/pkg/client"
"github.com/openshift/origin/pkg/cmd/cli/cmd"
"github.com/openshift/origin/pkg/oauth/osintypes"
)
func NewCmdValidateToken(f *cmd.Factory) *cobra.Command {
cmd := &cobra.Command{
Use: "validate-token",
Short: "validate an access token",
Long: `validate an access token`,
Run: func(cmd *cobra.Command, args []string) {
tokenValue := getFlagString(cmd, "token")
clientCfg, err := f.OpenShiftClientConfig.ClientConfig()
if err != nil {
fmt.Errorf("%v\n", err)
}
validateToken(tokenValue, clientCfg)
},
}
cmd.Flags().String("token", "", "Token value")
return cmd
}
func validateToken(token string, clientConfig *kclient.Config) {
if len(token) == 0 {
fmt.Println("You must provide a token to validate")
return
}
fmt.Printf("Using token: %v\n", token)
clientConfig.BearerToken = token
osClient, err := osclient.New(clientConfig)
if err != nil {
fmt.Printf("Error building osClient: %v\n", err)
return
}
jsonResponse, _, err := getTokenInfo(token, osClient)
if err != nil {
fmt.Printf("%v\n", err)
fmt.Println("Try visiting " + getRequestTokenURL(clientConfig) + " for a new token.")
return
}
fmt.Printf("%v\n", string(jsonResponse))
whoami, err := osClient.Users().Get("~")
if err != nil {
fmt.Printf("Error making whoami request: %v\n", err)
return
}
whoamiJSON, err := json.Marshal(whoami)
if err != nil {
fmt.Printf("Error interpretting whoami response: %v\n", err)
return
}
fmt.Printf("%v\n", string(whoamiJSON))
}
func getTokenInfo(token string, osClient *osclient.Client) (string, *osintypes.InfoResponseData, error) {
osResult := osClient.Get().AbsPath("oauth", "info").Param("code", token).Do()
if osResult.Error() != nil {
return "", nil, fmt.Errorf("Error making info request: %v", osResult.Error())
}
body, err := osResult.Raw()
if err != nil {
return "", nil, fmt.Errorf("Error reading info response: %v\n", err)
}
glog.V(1).Infof("Raw JSON: %v\n", string(body))
var accessData osintypes.InfoResponseData
err = json.Unmarshal(body, &accessData)
if err != nil {
return "", nil, fmt.Errorf("Error while unmarshalling info response: %v %v", err, string(body))
}
if accessData.Error == "invalid_request" {
return "", nil, fmt.Errorf("\"%v\" is not a valid token.\n", token)
}
if len(accessData.ErrorDescription) != 0 {
return "", nil, fmt.Errorf("%v\n", accessData.ErrorDescription)
}
return string(body), &accessData, nil
}