AUTH-2902 redirect with just the root host on curl commands
This commit is contained in:
Dalton
parent
af0d04d0f3
commit
ca7d6797e1
|
|
@ -128,19 +128,19 @@ func isTokenLocked(lockFilePath string) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
// FetchTokenWithRedirect will either load a stored token or generate a new one
|
// FetchTokenWithRedirect will either load a stored token or generate a new one
|
||||||
// it appends a redirect URL to the access cli request if opening the browser
|
// it appends the full url as the redirect URL to the access cli request if opening the browser
|
||||||
func FetchTokenWithRedirect(appURL *url.URL, logger logger.Service) (string, error) {
|
func FetchTokenWithRedirect(appURL *url.URL, logger logger.Service) (string, error) {
|
||||||
return getToken(appURL, true, logger)
|
|
||||||
}
|
|
||||||
|
|
||||||
// FetchToken will either load a stored token or generate a new one
|
|
||||||
// it doesn't append a redirect URL to the access cli request if opening the browser
|
|
||||||
func FetchToken(appURL *url.URL, logger logger.Service) (string, error) {
|
|
||||||
return getToken(appURL, false, logger)
|
return getToken(appURL, false, logger)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// FetchToken will either load a stored token or generate a new one
|
||||||
|
// it appends the host of the appURL as the redirect URL to the access cli request if opening the browser
|
||||||
|
func FetchToken(appURL *url.URL, logger logger.Service) (string, error) {
|
||||||
|
return getToken(appURL, true, logger)
|
||||||
|
}
|
||||||
|
|
||||||
// getToken will either load a stored token or generate a new one
|
// getToken will either load a stored token or generate a new one
|
||||||
func getToken(appURL *url.URL, shouldRedirect bool, logger logger.Service) (string, error) {
|
func getToken(appURL *url.URL, useHostOnly bool, logger logger.Service) (string, error) {
|
||||||
if token, err := GetTokenIfExists(appURL); token != "" && err == nil {
|
if token, err := GetTokenIfExists(appURL); token != "" && err == nil {
|
||||||
return token, nil
|
return token, nil
|
||||||
}
|
}
|
||||||
|
|
@ -166,7 +166,7 @@ func getToken(appURL *url.URL, shouldRedirect bool, logger logger.Service) (stri
|
||||||
// this weird parameter is the resource name (token) and the key/value
|
// this weird parameter is the resource name (token) and the key/value
|
||||||
// we want to send to the transfer service. the key is token and the value
|
// we want to send to the transfer service. the key is token and the value
|
||||||
// is blank (basically just the id generated in the transfer service)
|
// is blank (basically just the id generated in the transfer service)
|
||||||
token, err := transfer.Run(appURL, keyName, keyName, "", path, true, shouldRedirect, logger)
|
token, err := transfer.Run(appURL, keyName, keyName, "", path, true, useHostOnly, logger)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -28,12 +28,12 @@ const (
|
||||||
// The "dance" we refer to is building a HTTP request, opening that in a browser waiting for
|
// The "dance" we refer to is building a HTTP request, opening that in a browser waiting for
|
||||||
// the user to complete an action, while it long polls in the background waiting for an
|
// the user to complete an action, while it long polls in the background waiting for an
|
||||||
// action to be completed to download the resource.
|
// action to be completed to download the resource.
|
||||||
func Run(transferURL *url.URL, resourceName, key, value, path string, shouldEncrypt bool, shouldRedirect bool, logger logger.Service) ([]byte, error) {
|
func Run(transferURL *url.URL, resourceName, key, value, path string, shouldEncrypt bool, useHostOnly bool, logger logger.Service) ([]byte, error) {
|
||||||
encrypterClient, err := encrypter.New("cloudflared_priv.pem", "cloudflared_pub.pem")
|
encrypterClient, err := encrypter.New("cloudflared_priv.pem", "cloudflared_pub.pem")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
requestURL, err := buildRequestURL(transferURL, key, value+encrypterClient.PublicKey(), shouldEncrypt, shouldRedirect)
|
requestURL, err := buildRequestURL(transferURL, key, value+encrypterClient.PublicKey(), shouldEncrypt, useHostOnly)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -82,18 +82,18 @@ func Run(transferURL *url.URL, resourceName, key, value, path string, shouldEncr
|
||||||
// BuildRequestURL creates a request suitable for a resource transfer.
|
// BuildRequestURL creates a request suitable for a resource transfer.
|
||||||
// it will return a constructed url based off the base url and query key/value provided.
|
// it will return a constructed url based off the base url and query key/value provided.
|
||||||
// cli will build a url for cli transfer request.
|
// cli will build a url for cli transfer request.
|
||||||
func buildRequestURL(baseURL *url.URL, key, value string, cli, shouldRedirect bool) (string, error) {
|
func buildRequestURL(baseURL *url.URL, key, value string, cli, useHostOnly bool) (string, error) {
|
||||||
q := baseURL.Query()
|
q := baseURL.Query()
|
||||||
q.Set(key, value)
|
q.Set(key, value)
|
||||||
baseURL.RawQuery = q.Encode()
|
baseURL.RawQuery = q.Encode()
|
||||||
|
if useHostOnly {
|
||||||
|
baseURL.Path = ""
|
||||||
|
}
|
||||||
if !cli {
|
if !cli {
|
||||||
return baseURL.String(), nil
|
return baseURL.String(), nil
|
||||||
}
|
}
|
||||||
|
q.Set("redirect_url", baseURL.String()) // we add the token as a query param on both the redirect_url and the main url
|
||||||
if shouldRedirect {
|
baseURL.RawQuery = q.Encode() // and this actual baseURL.
|
||||||
q.Set("redirect_url", baseURL.String()) // we add the token as a query param on both the redirect_url and the main url
|
|
||||||
}
|
|
||||||
baseURL.RawQuery = q.Encode() // and this actual baseURL.
|
|
||||||
baseURL.Path = "cdn-cgi/access/cli"
|
baseURL.Path = "cdn-cgi/access/cli"
|
||||||
return baseURL.String(), nil
|
return baseURL.String(), nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -40,7 +40,7 @@ func login(c *cli.Context) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
_, err = transfer.Run(loginURL, "cert", "callback", callbackStoreURL, path, false, true, logger)
|
_, err = transfer.Run(loginURL, "cert", "callback", callbackStoreURL, path, false, false, logger)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "Failed to write the certificate due to the following error:\n%v\n\nYour browser will download the certificate instead. You will have to manually\ncopy it to the following path:\n\n%s\n", err, path)
|
fmt.Fprintf(os.Stderr, "Failed to write the certificate due to the following error:\n%v\n\nYour browser will download the certificate instead. You will have to manually\ncopy it to the following path:\n\n%s\n", err, path)
|
||||||
return err
|
return err
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue