mirror of https://github.com/dexidp/dex.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
96 lines
2.1 KiB
96 lines
2.1 KiB
package main |
|
|
|
import ( |
|
"flag" |
|
"fmt" |
|
"net/http" |
|
"os" |
|
"time" |
|
|
|
pflag "github.com/coreos/dex/pkg/flag" |
|
"github.com/coreos/dex/pkg/log" |
|
"github.com/coreos/go-oidc/oidc" |
|
) |
|
|
|
func main() { |
|
fs := flag.NewFlagSet("example-cli", flag.ExitOnError) |
|
clientID := fs.String("client-id", "", "") |
|
clientSecret := fs.String("client-secret", "", "") |
|
discovery := fs.String("discovery", "http://localhost:5556", "") |
|
logDebug := fs.Bool("log-debug", false, "log debug-level information") |
|
logTimestamps := fs.Bool("log-timestamps", false, "prefix log lines with timestamps") |
|
|
|
if err := fs.Parse(os.Args[1:]); err != nil { |
|
fmt.Fprintln(os.Stderr, err.Error()) |
|
os.Exit(1) |
|
} |
|
|
|
if err := pflag.SetFlagsFromEnv(fs, "EXAMPLE_CLI"); err != nil { |
|
fmt.Fprintln(os.Stderr, err.Error()) |
|
os.Exit(1) |
|
} |
|
|
|
if *logDebug { |
|
log.EnableDebug() |
|
} |
|
if *logTimestamps { |
|
log.EnableTimestamps() |
|
} |
|
|
|
if *clientID == "" { |
|
fmt.Println("--client-id must be set") |
|
os.Exit(2) |
|
} |
|
|
|
if *clientSecret == "" { |
|
fmt.Println("--client-secret must be set") |
|
os.Exit(2) |
|
} |
|
|
|
cc := oidc.ClientCredentials{ |
|
ID: *clientID, |
|
Secret: *clientSecret, |
|
} |
|
|
|
// NOTE: A real CLI would cache this config, or provide it via flags/config file. |
|
var cfg oidc.ProviderConfig |
|
var err error |
|
for { |
|
cfg, err = oidc.FetchProviderConfig(http.DefaultClient, *discovery) |
|
if err == nil { |
|
break |
|
} |
|
|
|
sleep := 1 * time.Second |
|
fmt.Printf("Failed fetching provider config, trying again in %v: %v\n", sleep, err) |
|
time.Sleep(sleep) |
|
} |
|
|
|
fmt.Printf("Fetched provider config from %s: %#v\n\n", *discovery, cfg) |
|
|
|
ccfg := oidc.ClientConfig{ |
|
ProviderConfig: cfg, |
|
Credentials: cc, |
|
} |
|
|
|
client, err := oidc.NewClient(ccfg) |
|
if err != nil { |
|
log.Fatalf("Unable to create Client: %v", err) |
|
} |
|
|
|
tok, err := client.ClientCredsToken([]string{"openid"}) |
|
if err != nil { |
|
fmt.Printf("unable to verify auth code with issuer: %v\n", err) |
|
os.Exit(1) |
|
} |
|
|
|
fmt.Printf("got jwt: %v\n\n", tok.Encode()) |
|
|
|
claims, err := tok.Claims() |
|
if err != nil { |
|
fmt.Printf("unable to construct claims: %v\n", err) |
|
os.Exit(1) |
|
} |
|
|
|
fmt.Printf("got claims %#v...\n", claims) |
|
}
|
|
|