configure git to access to http(s) based repos behind CloudFlare Access

2019-04-11 10:09:52 +04:00 · 2019-04-11 10:09:52 +04:00 · a115f3830a
parent 980bee22a5
commit a115f3830a
1 changed files with 43 additions and 0 deletions
--- a/cmd/cloudflared/access/cmd.go
+++ b/cmd/cloudflared/access/cmd.go
@ -72,6 +72,14 @@ func Commands() []*cli.Command {
 					ArgsUsage:       "allow-request will allow the curl request to continue even if the jwt is not present.",
 					SkipFlagParsing: true,
 				},
+				{
+					Name:   "gitConfig",
+					Action: gitConfig,
+					Usage:  "gitConfig <repo_url>",
+					Description: `The gitConfig subcommand configures your git to injects the JWT into a cf-access-token
+					header when using git to reach an application behind Access.`,
+					SkipFlagParsing: true,
+				},
 				{
 					Name:        "token",
 					Action:      generateToken,
@ -182,6 +190,41 @@ func curl(c *cli.Context) error {
 	return shell.Run("curl", cmdArgs...)
 }

+/* gitConfig modifies your ~/.gitconfig file to
+pass Access JWT along in request
+*/
+func gitConfig(c *cli.Context) error {
+	raven.SetDSN(sentryDSN)
+	logger := log.CreateLogger()
+	args := c.Args()
+	if args.Len() < 1 {
+		logger.Error("Please provide the access app and command you wish to run.")
+		return errors.New("incorrect args")
+	}
+
+	cmdArgs := args.Slice()
+	appURL, err := getAppURL(cmdArgs)
+	if err != nil {
+		return err
+	}
+	tok, err := token.GetTokenIfExists(appURL)
+	if err != nil || tok == "" {
+		tok, err = token.FetchToken(appURL)
+		if err != nil {
+			logger.Error("Failed to refresh token: ", err)
+			return err
+		}
+	}
+
+	gitArgs := []string{
+		"config",
+		"--global",
+		fmt.Sprintf("http.https://%s.extraheader", appURL.Hostname()),
+		fmt.Sprintf("cf-access-token:%s", tok),
+	}
+	return shell.Run("git", gitArgs...)
+}
+
 // token dumps provided token to stdout
 func generateToken(c *cli.Context) error {
 	raven.SetDSN(sentryDSN)