| 51 | ) |
| 52 | |
| 53 | func NewCreateClientsCommand() *cobra.Command { |
| 54 | cmd := &cobra.Command{ |
| 55 | Use: "oauth2-client", |
| 56 | Short: "Create an OAuth 2.0 Client", |
| 57 | Aliases: []string{"client"}, |
| 58 | Args: cobra.NoArgs, |
| 59 | Example: `{{ .CommandPath }} --name "my app" --redirect-uri http://localhost/cb --grant-type authorization_code --response-type code --scope core,foobar |
| 60 | |
| 61 | Use the tool jq (or any other JSON tool) to get the OAuth2 Client ID and Secret: |
| 62 | |
| 63 | client=$({{ .CommandPath }} \ |
| 64 | --format json \ |
| 65 | ...) |
| 66 | echo $client |
| 67 | |
| 68 | # Parse the JSON response using jq to get the client ID and client secret: |
| 69 | client_id=$(echo $client | jq -r '.client_id') |
| 70 | client_secret=$(echo $client | jq -r '.client_secret')`, |
| 71 | Long: `This command creates an OAuth 2.0 Client which can be used to perform various OAuth 2.0 Flows like |
| 72 | the Authorize Code, Implicit, Refresh flow. This command allows settings all fields defined in the OpenID Connect Dynamic Client Registration standard. |
| 73 | |
| 74 | To encrypt an auto-generated OAuth2 Client Secret, use flags ` + "`--pgp-key`" + `, ` + "`--pgp-key-url`" + ` or ` + "`--keybase`" + ` flag, for example: |
| 75 | |
| 76 | {{ .CommandPath }} --name "my app" --grant-type client_credentials --response-type token --scope core,foobar --keybase keybase_username |
| 77 | `, |
| 78 | RunE: func(cmd *cobra.Command, args []string) error { |
| 79 | m, _, err := cliclient.NewClient(cmd) |
| 80 | if err != nil { |
| 81 | return err |
| 82 | } |
| 83 | |
| 84 | ek, encryptSecret, err := cli.NewEncryptionKey(cmd, nil) |
| 85 | if err != nil { |
| 86 | _, _ = fmt.Fprintf(cmd.ErrOrStderr(), "Failed to load encryption key: %s", err) |
| 87 | return err |
| 88 | } |
| 89 | |
| 90 | secret := flagx.MustGetString(cmd, flagClientSecret) |
| 91 | cl, err := clientFromFlags(cmd) |
| 92 | if err != nil { |
| 93 | return err |
| 94 | } |
| 95 | cl.ClientId = new(flagx.MustGetString(cmd, flagClientId)) |
| 96 | |
| 97 | //nolint:bodyclose |
| 98 | client, _, err := m.OAuth2API.CreateOAuth2Client(cmd.Context()).OAuth2Client(cl).Execute() |
| 99 | if err != nil { |
| 100 | return cmdx.PrintOpenAPIError(cmd, err) |
| 101 | } |
| 102 | |
| 103 | if client.ClientSecret == nil && len(secret) > 0 { |
| 104 | client.ClientSecret = new(secret) |
| 105 | } |
| 106 | |
| 107 | if encryptSecret && client.ClientSecret != nil { |
| 108 | enc, err := ek.Encrypt([]byte(*client.ClientSecret)) |
| 109 | if err != nil { |
| 110 | _, _ = fmt.Fprintf(cmd.ErrOrStderr(), "Failed to encrypt client secret: %s", err) |