MCPcopy
hub / github.com/cloudflare/cloudflared / getToken

Function getToken

token/token.go:280–326  ·  view source on GitHub ↗

getToken will either load a stored token or generate a new one

(appURL *url.URL, appInfo *AppInfo, useHostOnly bool, autoClose bool, isFedramp bool, log *zerolog.Logger)

Source from the content-addressed store, hash-verified

278
279// getToken will either load a stored token or generate a new one
280func getToken(appURL *url.URL, appInfo *AppInfo, useHostOnly bool, autoClose bool, isFedramp bool, log *zerolog.Logger) (string, error) {
281 if token, err := GetAppTokenIfExists(appInfo); token != "" && err == nil {
282 return token, nil
283 }
284
285 appTokenPath, err := GenerateAppTokenFilePathFromURL(appInfo.AppDomain, appInfo.AppAUD, keyName)
286 if err != nil {
287 return "", errors.Wrap(err, "failed to generate app token file path")
288 }
289
290 if err = acquireLockFile(appTokenPath, log); err != nil {
291 return "", errors.Wrap(err, "failed to acquire app token lock")
292 }
293
294 // check to see if another process has gotten a token while we waited for the lock
295 if token, err := GetAppTokenIfExists(appInfo); token != "" && err == nil {
296 return token, nil
297 }
298
299 // If an app token couldn't be found on disk, check for an org token and attempt to exchange it for an app token.
300 var orgTokenPath string
301 orgToken, err := GetOrgTokenIfExists(appInfo.AuthDomain)
302 if err != nil {
303 orgTokenPath, err = generateOrgTokenFilePathFromURL(appInfo.AuthDomain)
304 if err != nil {
305 return "", errors.Wrap(err, "failed to generate org token file path")
306 }
307
308 if err = acquireLockFile(orgTokenPath, log); err != nil {
309 return "", errors.Wrap(err, "failed to acquire org token lock")
310 }
311 // check if an org token has been created since the lock was acquired
312 orgToken, err = GetOrgTokenIfExists(appInfo.AuthDomain)
313 }
314 if err == nil {
315 if appToken, err := exchangeOrgToken(appURL, orgToken); err != nil {
316 log.Debug().Msgf("failed to exchange org token for app token: %s", err)
317 } else {
318 // generate app path
319 if err := os.WriteFile(appTokenPath, []byte(appToken), 0600); err != nil { // nolint: gosec
320 return "", errors.Wrap(err, "failed to write app token to disk")
321 }
322 return appToken, nil
323 }
324 }
325 return getTokensFromEdge(appURL, appInfo.AppAUD, appTokenPath, orgTokenPath, useHostOnly, autoClose, isFedramp, log)
326}
327
328// getTokensFromEdge will attempt to use the transfer service to retrieve an app and org token, save them to disk,
329// and return the app token.

Callers 2

FetchTokenWithRedirectFunction · 0.85
FetchTokenFunction · 0.85

Calls 7

GetAppTokenIfExistsFunction · 0.85
acquireLockFileFunction · 0.85
GetOrgTokenIfExistsFunction · 0.85
exchangeOrgTokenFunction · 0.85
getTokensFromEdgeFunction · 0.85

Tested by

no test coverage detected