MCPcopy
hub / github.com/smallstep/cli / BootstrapTeamAuthority

Function BootstrapTeamAuthority

utils/cautils/bootstrap.go:226–294  ·  view source on GitHub ↗

BootstrapTeamAuthority does a request to api.smallstep.com to bootstrap the configuration of a given team/authority.

(ctx *cli.Context, team, teamAuthority string)

Source from the content-addressed store, hash-verified

224// BootstrapTeamAuthority does a request to api.smallstep.com to bootstrap the
225// configuration of a given team/authority.
226func BootstrapTeamAuthority(ctx *cli.Context, team, teamAuthority string) error {
227 apiEndpoint := ctx.String("team-url")
228 if apiEndpoint == "" {
229 // Use the default endpoint..
230 u := url.URL{
231 Scheme: "https",
232 Host: "api.smallstep.com",
233 Path: "/v1/teams/" + team + "/authorities/" + teamAuthority,
234 }
235 apiEndpoint = u.String()
236 } else {
237 // The user specified a custom endpoint..
238 // TODO implement support for replacing the authority section of the
239 // URL with placeholders as well.
240 apiEndpoint = strings.ReplaceAll(apiEndpoint, "<>", team)
241 u, err := url.Parse(apiEndpoint)
242 if err != nil {
243 return errors.Wrapf(err, "error parsing %s", apiEndpoint)
244 }
245 apiEndpoint = u.String()
246 }
247
248 // Get the --redirect-url flag, If passed, we will use this one even if the
249 // API provides one.
250 redirectURL := ctx.String("redirect-url")
251 if redirectURL != "" {
252 if _, err := url.Parse(redirectURL); err != nil {
253 return err
254 }
255 }
256
257 // Using public PKI
258 //nolint:gosec // Variadic URL is considered safe here for the following reasons:
259 // 1) The input is from the command line, rather than a web form or publicly available API.
260 // 2) The command is expected to be used on a client, rather than a privileged backend host.
261 resp, err := http.Get(apiEndpoint)
262 if err != nil {
263 return errors.Wrap(err, "error getting authority data")
264 }
265 defer resp.Body.Close()
266 if resp.StatusCode >= 400 {
267 if resp.StatusCode == http.StatusNotFound {
268 return errors.New("error getting authority data: authority not found")
269 }
270 return errors.Wrap(readError(resp.Body), "error getting authority data")
271 }
272
273 var r bootstrapAPIResponse
274 if err := readJSON(resp.Body, &r); err != nil {
275 return errors.Wrap(err, "error getting authority data")
276 }
277 if redirectURL != "" {
278 r.RedirectURL = redirectURL
279 } else if r.RedirectURL == "" {
280 r.RedirectURL = "https://smallstep.com/app/teams/sso/success"
281 }
282
283 bootOpts := []bootstrapOption{

Callers 2

configActionFunction · 0.92
bootstrapActionFunction · 0.92

Calls 9

readErrorFunction · 0.85
readJSONFunction · 0.85
withDefaultContextValuesFunction · 0.85
withRedirectURLFunction · 0.85
withProvisionerFunction · 0.85
withMinPasswordLengthFunction · 0.85
bootstrapFunction · 0.85
StringMethod · 0.65
CloseMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…