MCPcopy
hub / github.com/cloudflare/cloudflared / getTokensFromEdge

Function getTokensFromEdge

token/token.go:330–357  ·  view source on GitHub ↗

getTokensFromEdge will attempt to use the transfer service to retrieve an app and org token, save them to disk, and return the app token.

(appURL *url.URL, appAUD, appTokenPath, orgTokenPath string, useHostOnly bool, autoClose bool, isFedramp bool, log *zerolog.Logger)

Source from the content-addressed store, hash-verified

328// getTokensFromEdge will attempt to use the transfer service to retrieve an app and org token, save them to disk,
329// and return the app token.
330func getTokensFromEdge(appURL *url.URL, appAUD, appTokenPath, orgTokenPath string, useHostOnly bool, autoClose bool, isFedramp bool, log *zerolog.Logger) (string, error) {
331 // If no org token exists or if it couldn't be exchanged for an app token, then run the transfer service flow.
332
333 // this weird parameter is the resource name (token) and the key/value
334 // we want to send to the transfer service. the key is token and the value
335 // is blank (basically just the id generated in the transfer service)
336 resourceData, err := RunTransfer(appURL, appAUD, keyName, keyName, "", true, useHostOnly, autoClose, isFedramp, log, appTokenPath+".url")
337 if err != nil {
338 return "", errors.Wrap(err, "failed to run transfer service")
339 }
340 var resp transferServiceResponse
341 if err = json.Unmarshal(resourceData, &resp); err != nil {
342 return "", errors.Wrap(err, "failed to marshal transfer service response")
343 }
344
345 // If we were able to get the auth domain and generate an org token path, lets write it to disk.
346 if orgTokenPath != "" {
347 if err := os.WriteFile(orgTokenPath, []byte(resp.OrgToken), 0600); err != nil {
348 return "", errors.Wrap(err, "failed to write org token to disk")
349 }
350 }
351
352 if err := os.WriteFile(appTokenPath, []byte(resp.AppToken), 0600); err != nil {
353 return "", errors.Wrap(err, "failed to write app token to disk")
354 }
355
356 return resp.AppToken, nil
357}
358
359// GetAppInfo makes a request to the appURL and stops at the first redirect. The 302 location header will contain the
360// auth domain

Callers 1

getTokenFunction · 0.85

Calls 2

RunTransferFunction · 0.85
UnmarshalMethod · 0.45

Tested by

no test coverage detected