MCPcopy
hub / github.com/lxc/incus / authenticate

Method authenticate

client/incus_oidc.go:287–338  ·  view source on GitHub ↗

authenticate initiates the OpenID Connect device flow authentication process for the client. It presents a user code for the end user to input in the device that has web access and waits for them to complete the authentication, subsequently updating the client's tokens upon successful authentication

(issuer string, clientID string, audience string, scopes string)

Source from the content-addressed store, hash-verified

285// It presents a user code for the end user to input in the device that has web access and waits for them to complete the authentication,
286// subsequently updating the client's tokens upon successful authentication.
287func (o *oidcClient) authenticate(issuer string, clientID string, audience string, scopes string) error {
288 // Store the old transport and restore it in the end.
289 oldTransport := o.httpClient.Transport
290 o.oidcTransport.audience = audience
291 o.httpClient.Transport = o.oidcTransport
292
293 defer func() {
294 o.httpClient.Transport = oldTransport
295 }()
296
297 provider, err := o.getProvider(issuer, clientID, scopes)
298 if err != nil {
299 return err
300 }
301
302 o.oidcTransport.deviceAuthorizationEndpoint = provider.GetDeviceAuthorizationEndpoint()
303
304 resp, err := rp.DeviceAuthorization(context.TODO(), strings.Split(scopes, ","), provider, nil)
305 if err != nil {
306 return err
307 }
308
309 u, _ := url.Parse(resp.VerificationURIComplete)
310
311 fmt.Printf("URL: %s\n", u.String())
312 fmt.Printf("Code: %s\n\n", resp.UserCode)
313
314 _ = util.OpenBrowser(u.String())
315
316 ctx, stop := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGINT)
317 defer stop()
318
319 token, err := rp.DeviceAccessToken(ctx, resp.DeviceCode, time.Duration(resp.Interval)*time.Second, provider)
320 if err != nil {
321 return err
322 }
323
324 if o.tokens.Token == nil {
325 o.tokens.Token = &oauth2.Token{}
326 }
327
328 o.tokens.Expiry = time.Now().Add(time.Duration(token.ExpiresIn))
329 o.tokens.IDToken = token.IDToken
330 o.tokens.AccessToken = token.AccessToken
331 o.tokens.TokenType = token.TokenType
332
333 if token.RefreshToken != "" {
334 o.tokens.RefreshToken = token.RefreshToken
335 }
336
337 return nil
338}

Callers 2

doMethod · 0.95
dialMethod · 0.95

Calls 6

getProviderMethod · 0.95
OpenBrowserFunction · 0.92
SplitMethod · 0.80
ParseMethod · 0.65
StringMethod · 0.65
AddMethod · 0.65

Tested by

no test coverage detected