crypt/step-ca-cli
1
0
Fork 0
mirror of https://github.com/smallstep/cli.git synced 2025-08-09 03:22:43 +03:00
Code Activity

Hide implicit flow and remove implicit client.

Browse Source
This commit is contained in:
Mariano Cano
2019-03-15 11:41:56 -07:00
parent 46c049f353
commit 869f5aedaf
1 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
command/oauth/cmd.go
View File

@@ -40,7 +40,6 @@ import (
const ( const (
defaultClientID = "1087160488420-8qt7bavg3qesdhs6it824mhnfgcfe8il.apps.googleusercontent.com" defaultClientID = "1087160488420-8qt7bavg3qesdhs6it824mhnfgcfe8il.apps.googleusercontent.com"
defaultClientNotSoSecret = "udTrOT3gzrO7W9fDPgZQLfYJ" defaultClientNotSoSecret = "udTrOT3gzrO7W9fDPgZQLfYJ"
implicitClientID = "1087160488420-iu4at42pp2ejebiaekg05fp0cato2l4s.apps.googleusercontent.com"
// The URN for getting verification token offline // The URN for getting verification token offline
oobCallbackUrn = "urn:ietf:wg:oauth:2.0:oob" oobCallbackUrn = "urn:ietf:wg:oauth:2.0:oob"
@@ -130,11 +129,13 @@ func init() {
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "implicit", Name: "implicit",
Usage: "Uses the implicit flow to authenticate the user. Requires **--insecure** flag.", Usage: "Uses the implicit flow to authenticate the user. Requires **--insecure** and **--client-id** flags.",
Hidden: true,
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "insecure", Name: "insecure",
Usage: "Allows the use of insecure flows.", Usage: "Allows the use of insecure flows.",
Hidden: true,
}, },
}, },
Action: oauthCmd, Action: oauthCmd,
@@ -156,14 +157,15 @@ func oauthCmd(c *cli.Context) error {
if (opts.Provider != "google" || c.IsSet("authorization-endpoint")) && !c.IsSet("client-id") { if (opts.Provider != "google" || c.IsSet("authorization-endpoint")) && !c.IsSet("client-id") {
return errors.New("flag '--client-id' required with '--provider'") return errors.New("flag '--client-id' required with '--provider'")
} }
if opts.Implicit && !c.Bool("insecure") {
return errs.RequiredInsecureFlag(c, "implicit")
}
var clientID, clientSecret string var clientID, clientSecret string
if opts.Implicit { if opts.Implicit {
clientID = implicitClientID if !c.Bool("insecure") {
clientSecret = "" return errs.RequiredInsecureFlag(c, "implicit")
}
if !c.IsSet("client-id") {
return errs.RequiredWithFlag(c, "implicit", "client-id")
}
} else { } else {
clientID = defaultClientID clientID = defaultClientID
clientSecret = defaultClientNotSoSecret clientSecret = defaultClientNotSoSecret