curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

AUTH-2564: error handling and minor fixes

This commit is contained in:
Michael Borkenstein 2020-05-07 14:58:33 -05:00
parent 8cc69f2a95
commit 2c878c47ed
1 changed files with 39 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
cmd/cloudflared/access/cmd.go
View File

@ -18,8 +18,8 @@ import (
"golang.org/x/net/idna" "golang.org/x/net/idna"
"github.com/cloudflare/cloudflared/log" "github.com/cloudflare/cloudflared/log"
raven "github.com/getsentry/raven-go" "github.com/getsentry/raven-go"
cli "gopkg.in/urfave/cli.v2" "gopkg.in/urfave/cli.v2"
) )
const ( const (
@ -66,6 +66,20 @@ func Flags() []cli.Flag {
return []cli.Flag{} // no flags yet. return []cli.Flag{} // no flags yet.
} }
// Ensures exit with error code if actionFunc returns an error
func errorHandler(actionFunc cli.ActionFunc) cli.ActionFunc {
return func(ctx *cli.Context) error {
err := actionFunc(ctx)
if err != nil {
// os.Exits with error code if err is cli.ExitCoder or cli.MultiError
cli.HandleExitCoder(err)
err = cli.Exit(err.Error(), 1)
}
return err
}
}
// Commands returns all the Access related subcommands // Commands returns all the Access related subcommands
func Commands() []*cli.Command { func Commands() []*cli.Command {
return []*cli.Command{ return []*cli.Command{
@ -81,7 +95,7 @@ func Commands() []*cli.Command {
Subcommands: []*cli.Command{ Subcommands: []*cli.Command{
{ {
Name: "login", Name: "login",
Action: login, Action: errorHandler(login),
Usage: "login <url of access application>", Usage: "login <url of access application>",
Description: `The login subcommand initiates an authentication flow with your identity provider. Description: `The login subcommand initiates an authentication flow with your identity provider.
The subcommand will launch a browser. For headless systems, a url is provided. The subcommand will launch a browser. For headless systems, a url is provided.
@ -97,7 +111,7 @@ func Commands() []*cli.Command {
}, },
{ {
Name: "curl", Name: "curl",
Action: curl, Action: errorHandler(curl),
Usage: "curl [--allow-request, -ar] <url> [<curl args>...]", Usage: "curl [--allow-request, -ar] <url> [<curl args>...]",
Description: `The curl subcommand wraps curl and automatically injects the JWT into a cf-access-token Description: `The curl subcommand wraps curl and automatically injects the JWT into a cf-access-token
header when using curl to reach an application behind Access.`, header when using curl to reach an application behind Access.`,
@ -106,7 +120,7 @@ func Commands() []*cli.Command {
}, },
{ {
Name: "token", Name: "token",
Action: generateToken, Action: errorHandler(generateToken),
Usage: "token -app=<url of access application>", Usage: "token -app=<url of access application>",
ArgsUsage: "url of Access application", ArgsUsage: "url of Access application",
Description: `The token subcommand produces a JWT which can be used to authenticate requests.`, Description: `The token subcommand produces a JWT which can be used to authenticate requests.`,
@ -118,7 +132,7 @@ func Commands() []*cli.Command {
}, },
{ {
Name: "ssh", Name: "ssh",
Action: ssh, Action: errorHandler(ssh),
Aliases: []string{"rdp", "tcp"}, Aliases: []string{"rdp", "tcp"},
Usage: "", Usage: "",
ArgsUsage: "", ArgsUsage: "",
@ -155,7 +169,7 @@ func Commands() []*cli.Command {
}, },
{ {
Name: "ssh-config", Name: "ssh-config",
Action: sshConfig, Action: errorHandler(sshConfig),
Usage: "", Usage: "",
Description: `Prints an example configuration ~/.ssh/config`, Description: `Prints an example configuration ~/.ssh/config`,
Flags: []cli.Flag{ Flags: []cli.Flag{
@ -171,7 +185,7 @@ func Commands() []*cli.Command {
}, },
{ {
Name: "ssh-gen", Name: "ssh-gen",
Action: sshGen, Action: errorHandler(sshGen),
Usage: "", Usage: "",
Description: `Generates a short lived certificate for given hostname`, Description: `Generates a short lived certificate for given hostname`,
Flags: []cli.Flag{ Flags: []cli.Flag{
@ -188,7 +202,9 @@ func Commands() []*cli.Command {
// login pops up the browser window to do the actual login and JWT generation // login pops up the browser window to do the actual login and JWT generation
func login(c *cli.Context) error { func login(c *cli.Context) error {
raven.SetDSN(sentryDSN) if err := raven.SetDSN(sentryDSN); err != nil {
return err
}
logger := log.CreateLogger() logger := log.CreateLogger()
args := c.Args() args := c.Args()
rawURL := ensureURLScheme(args.First()) rawURL := ensureURLScheme(args.First())
@ -202,12 +218,15 @@ func login(c *cli.Context) error {
return err return err
} }
token, err := token.GetTokenIfExists(appURL) cfdToken, err := token.GetTokenIfExists(appURL)
if err != nil || token == "" { if err != nil {
fmt.Fprintln(os.Stderr, "Unable to find token for provided application.") fmt.Fprintln(os.Stderr, "Unable to find token for provided application.")
return err return err
} else if cfdToken == "" {
fmt.Fprintln(os.Stderr, "token for provided application was empty.")
return errors.New("empty application token")
} }
fmt.Fprintf(os.Stdout, "Successfully fetched your token:\n\n%s\n\n", string(token)) fmt.Fprintf(os.Stdout, "Successfully fetched your token:\n\n%s\n\n", cfdToken)
return nil return nil
} }
@ -224,7 +243,9 @@ func ensureURLScheme(url string) string {
// curl provides a wrapper around curl, passing Access JWT along in request // curl provides a wrapper around curl, passing Access JWT along in request
func curl(c *cli.Context) error { func curl(c *cli.Context) error {
raven.SetDSN(sentryDSN) if err := raven.SetDSN(sentryDSN); err != nil {
return err
}
logger := log.CreateLogger() logger := log.CreateLogger()
args := c.Args() args := c.Args()
if args.Len() < 1 { if args.Len() < 1 {
@ -258,7 +279,9 @@ func curl(c *cli.Context) error {
// token dumps provided token to stdout // token dumps provided token to stdout
func generateToken(c *cli.Context) error { func generateToken(c *cli.Context) error {
raven.SetDSN(sentryDSN) if err := raven.SetDSN(sentryDSN); err != nil {
return err
}
appURL, err := url.Parse(c.String("app")) appURL, err := url.Parse(c.String("app"))
if err != nil || c.NumFlags() < 1 { if err != nil || c.NumFlags() < 1 {
fmt.Fprintln(os.Stderr, "Please provide a url.") fmt.Fprintln(os.Stderr, "Please provide a url.")
@ -313,12 +336,12 @@ func sshGen(c *cli.Context) error {
// this fetchToken function mutates the appURL param. We should refactor that // this fetchToken function mutates the appURL param. We should refactor that
fetchTokenURL := &url.URL{} fetchTokenURL := &url.URL{}
*fetchTokenURL = *originURL *fetchTokenURL = *originURL
token, err := token.FetchToken(fetchTokenURL) cfdToken, err := token.FetchToken(fetchTokenURL)
if err != nil { if err != nil {
return err return err
} }
if err := sshgen.GenerateShortLivedCertificate(originURL, token); err != nil { if err := sshgen.GenerateShortLivedCertificate(originURL, cfdToken); err != nil {
return err return err
} }