self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-20 17:23:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/lib/auth/httpfallback.go
Brian Joerger b5472d41ec
Convert GenerateToken to gRPC. (#9024)
2022-06-14 17:43:39 +00:00

172 lines
5 KiB
Go
Raw Blame History

/*
Copyright 2021 Gravitational, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package auth
import (
"context"
"encoding/json"
"net/url"
"github.com/gravitational/teleport/api/client/proto"
"github.com/gravitational/teleport/api/types"
"github.com/gravitational/trace"
)
// httpfallback.go holds endpoints that have been converted to gRPC
// but still need http fallback logic in the old client.
// GetDomainName returns local auth domain of the current auth server
// DELETE IN 11.0.0
func (c *Client) GetDomainName(ctx context.Context) (string, error) {
if resp, err := c.APIClient.GetDomainName(ctx); err != nil {
if !trace.IsNotImplemented(err) {
return "", trace.Wrap(err)
}
} else {
return resp, nil
}
out, err := c.Get(ctx, c.Endpoint("domain"), url.Values{})
if err != nil {
return "", trace.Wrap(err)
}
var domain string
if err := json.Unmarshal(out.Bytes(), &domain); err != nil {
return "", trace.Wrap(err)
}
return domain, nil
}
// GetClusterCACert returns the PEM-encoded TLS certs for the local cluster. If
// the cluster has multiple TLS certs, they will all be concatenated.
// DELETE IN 11.0.0
func (c *Client) GetClusterCACert(ctx context.Context) (*proto.GetClusterCACertResponse, error) {
if resp, err := c.APIClient.GetClusterCACert(ctx); err != nil {
if !trace.IsNotImplemented(err) {
return nil, trace.Wrap(err)
}
} else {
return resp, nil
}
out, err := c.Get(context.TODO(), c.Endpoint("cacert"), url.Values{})
if err != nil {
return nil, trace.Wrap(err)
}
var localCA deprecatedLocalCAResponse
if err := json.Unmarshal(out.Bytes(), &localCA); err != nil {
return nil, trace.Wrap(err)
}
return &proto.GetClusterCACertResponse{
TLSCA: localCA.TLSCA,
}, nil
}
// DELETE IN 11.0.0, to remove fallback and grpc call is already defined in api/client/client.go
//
// GenerateToken generates a new auth token for the given service roles.
// This token can be used by corresponding services to authenticate with
// the Auth server and get a signed certificate and private key.
func (c *Client) GenerateToken(ctx context.Context, req *proto.GenerateTokenRequest) (string, error) {
switch resp, err := c.APIClient.GenerateToken(ctx, req); {
case err == nil:
return resp, nil
case !trace.IsNotImplemented(err):
return "", trace.Wrap(err)
}
out, err := c.PostJSON(ctx, c.Endpoint("tokens"), req)
if err != nil {
return "", trace.Wrap(err)
}
var token string
if err := json.Unmarshal(out.Bytes(), &token); err != nil {
return "", trace.Wrap(err)
}
return token, nil
}
// CreateOIDCAuthRequest creates OIDCAuthRequest.
// DELETE IN 11.0.0
func (c *Client) CreateOIDCAuthRequest(ctx context.Context, req types.OIDCAuthRequest) (*types.OIDCAuthRequest, error) {
if resp, err := c.APIClient.CreateOIDCAuthRequest(ctx, req); err != nil {
if !trace.IsNotImplemented(err) {
return nil, trace.Wrap(err)
}
} else {
return resp, nil
}
out, err := c.PostJSON(ctx, c.Endpoint("oidc", "requests", "create"), createOIDCAuthRequestReq{
Req: req,
})
if err != nil {
return nil, trace.Wrap(err)
}
var response *types.OIDCAuthRequest
if err := json.Unmarshal(out.Bytes(), &response); err != nil {
return nil, trace.Wrap(err)
}
return response, nil
}
// CreateSAMLAuthRequest creates SAMLAuthRequest.
// DELETE IN 11.0.0
func (c *Client) CreateSAMLAuthRequest(ctx context.Context, req types.SAMLAuthRequest) (*types.SAMLAuthRequest, error) {
if resp, err := c.APIClient.CreateSAMLAuthRequest(ctx, req); err != nil {
if !trace.IsNotImplemented(err) {
return nil, trace.Wrap(err)
}
} else {
return resp, nil
}
out, err := c.PostJSON(ctx, c.Endpoint("saml", "requests", "create"), createSAMLAuthRequestReq{
Req: req,
})
if err != nil {
return nil, trace.Wrap(err)
}
var response *types.SAMLAuthRequest
if err := json.Unmarshal(out.Bytes(), &response); err != nil {
return nil, trace.Wrap(err)
}
return response, nil
}
// CreateGithubAuthRequest creates GithubAuthRequest.
// DELETE IN 11.0.0
func (c *Client) CreateGithubAuthRequest(ctx context.Context, req types.GithubAuthRequest) (*types.GithubAuthRequest, error) {
if resp, err := c.APIClient.CreateGithubAuthRequest(ctx, req); err != nil {
if !trace.IsNotImplemented(err) {
return nil, trace.Wrap(err)
}
} else {
return resp, nil
}
out, err := c.PostJSON(ctx, c.Endpoint("github", "requests", "create"),
createGithubAuthRequestReq{Req: req})
if err != nil {
return nil, trace.Wrap(err)
}
var response types.GithubAuthRequest
if err := json.Unmarshal(out.Bytes(), &response); err != nil {
return nil, trace.Wrap(err)
}
return &response, nil
}
Reference in a new issue View git blame Copy permalink