emissary/internal/command/server/auth/create_token.go

package auth

import (
	"fmt"

	"forge.cadoles.com/Cadoles/emissary/internal/auth/thirdparty"
	"forge.cadoles.com/Cadoles/emissary/internal/command/common"
	"forge.cadoles.com/Cadoles/emissary/internal/jwk"
	"github.com/lithammer/shortuuid/v4"
	"github.com/pkg/errors"
	"github.com/urfave/cli/v2"
)

func CreateTokenCommand() *cli.Command {
	return &cli.Command{
		Name:  "create-token",
		Usage: "Create a new authentication token",
		Flags: []cli.Flag{
			&cli.StringFlag{
				Name:  "role",
				Usage: fmt.Sprintf("associate `ROLE` to the token (available: %v)", []thirdparty.Role{thirdparty.RoleReader, thirdparty.RoleWriter}),
				Value: string(thirdparty.RoleReader),
			},
			&cli.StringFlag{
				Name:  "subject",
				Usage: "associate `SUBJECT` to the token",
				Value: fmt.Sprintf("user-%s", shortuuid.New()),
			},
		},
		Action: func(ctx *cli.Context) error {
			conf, err := common.LoadConfig(ctx)
			if err != nil {
				return errors.Wrap(err, "Could not load configuration")
			}

			subject := ctx.String("subject")
			role := ctx.String("role")

			localAuth := conf.Server.Auth.Local
			if localAuth == nil {
				return errors.New("local auth is disabled")
			}

			key, err := jwk.LoadOrGenerate(string(localAuth.PrivateKeyPath), jwk.DefaultKeySize)
			if err != nil {
				return errors.WithStack(err)
			}

			token, err := thirdparty.GenerateToken(ctx.Context, key, subject, thirdparty.Role(role))
			if err != nil {
				return errors.WithStack(err)
			}

			fmt.Println(token)

			return nil
		},
	}
}
feat: authenticate users and agents requests 2023-03-07 23:10:42 +01:00			`package auth`

			`import (`
			`"fmt"`

feat: basic authorization model 2023-03-13 10:44:58 +01:00			`"forge.cadoles.com/Cadoles/emissary/internal/auth/thirdparty"`
feat: authenticate users and agents requests 2023-03-07 23:10:42 +01:00			`"forge.cadoles.com/Cadoles/emissary/internal/command/common"`
			`"forge.cadoles.com/Cadoles/emissary/internal/jwk"`
			`"github.com/lithammer/shortuuid/v4"`
			`"github.com/pkg/errors"`
			`"github.com/urfave/cli/v2"`
			`)`

			`func CreateTokenCommand() *cli.Command {`
			`return &cli.Command{`
			`Name: "create-token",`
feat: basic authorization model 2023-03-13 10:44:58 +01:00			`Usage: "Create a new authentication token",`
feat: authenticate users and agents requests 2023-03-07 23:10:42 +01:00			`Flags: []cli.Flag{`
			`&cli.StringFlag{`
			`Name: "role",`
feat: basic authorization model 2023-03-13 10:44:58 +01:00			Usage: fmt.Sprintf("associate `ROLE` to the token (available: %v)", []thirdparty.Role{thirdparty.RoleReader, thirdparty.RoleWriter}),
			`Value: string(thirdparty.RoleReader),`
feat: authenticate users and agents requests 2023-03-07 23:10:42 +01:00			`},`
			`&cli.StringFlag{`
			`Name: "subject",`
			Usage: "associate `SUBJECT` to the token",
			`Value: fmt.Sprintf("user-%s", shortuuid.New()),`
			`},`
			`},`
			`Action: func(ctx *cli.Context) error {`
			`conf, err := common.LoadConfig(ctx)`
			`if err != nil {`
			`return errors.Wrap(err, "Could not load configuration")`
			`}`

			`subject := ctx.String("subject")`
			`role := ctx.String("role")`

feat(auth): remote and local third-party authentication 2023-07-26 15:14:49 +02:00			`localAuth := conf.Server.Auth.Local`
			`if localAuth == nil {`
			`return errors.New("local auth is disabled")`
			`}`

			`key, err := jwk.LoadOrGenerate(string(localAuth.PrivateKeyPath), jwk.DefaultKeySize)`
feat: authenticate users and agents requests 2023-03-07 23:10:42 +01:00			`if err != nil {`
			`return errors.WithStack(err)`
			`}`

feat(auth): remote and local third-party authentication 2023-07-26 15:14:49 +02:00			`token, err := thirdparty.GenerateToken(ctx.Context, key, subject, thirdparty.Role(role))`
feat: authenticate users and agents requests 2023-03-07 23:10:42 +01:00			`if err != nil {`
			`return errors.WithStack(err)`
			`}`

			`fmt.Println(token)`

			`return nil`
			`},`
			`}`
			`}`