DoLoopbackAuthorization performs the log in into the identity provider opening a browser and using a redirect_uri in a loopback IP address (http://127.0.0.1:port or http://[::1]:port).
()
| 766 | // opening a browser and using a redirect_uri in a loopback IP address |
| 767 | // (http://127.0.0.1:port or http://[::1]:port). |
| 768 | func (o *oauth) DoLoopbackAuthorization() (*token, error) { |
| 769 | srv, err := o.NewServer() |
| 770 | if err != nil { |
| 771 | return nil, err |
| 772 | } |
| 773 | // Update server url if --listen-url is set |
| 774 | if o.CallbackListenerURL != "" { |
| 775 | o.redirectURI = o.CallbackListenerURL |
| 776 | } else { |
| 777 | o.redirectURI = srv.URL |
| 778 | } |
| 779 | defer srv.Close() |
| 780 | |
| 781 | // Get auth url and open it in a browser |
| 782 | authURL, err := o.Auth() |
| 783 | if err != nil { |
| 784 | return nil, err |
| 785 | } |
| 786 | |
| 787 | if skipBrowser := os.Getenv("STEP_OPEN_BROWSER") == "0"; skipBrowser { |
| 788 | fmt.Fprintln(os.Stderr, authURL) |
| 789 | } else { |
| 790 | if err := exec.OpenInBrowser(authURL, o.browser); err != nil { |
| 791 | fmt.Fprintln(os.Stderr, "Cannot open a web browser on your platform.") |
| 792 | fmt.Fprintln(os.Stderr) |
| 793 | fmt.Fprintln(os.Stderr, "Open a local web browser and visit:") |
| 794 | fmt.Fprintln(os.Stderr) |
| 795 | fmt.Fprintln(os.Stderr, authURL) |
| 796 | fmt.Fprintln(os.Stderr) |
| 797 | } else { |
| 798 | fmt.Fprintln(os.Stderr, "Your default web browser has been opened to visit:") |
| 799 | fmt.Fprintln(os.Stderr) |
| 800 | fmt.Fprintln(os.Stderr, authURL) |
| 801 | fmt.Fprintln(os.Stderr) |
| 802 | } |
| 803 | } |
| 804 | |
| 805 | // Wait for response and return the token |
| 806 | select { |
| 807 | case tok := <-o.tokCh: |
| 808 | return tok, nil |
| 809 | case err := <-o.errCh: |
| 810 | return nil, err |
| 811 | case <-time.After(2 * time.Minute): |
| 812 | return nil, errors.New("oauth command timed out, please try again") |
| 813 | } |
| 814 | } |
| 815 | |
| 816 | // DoManualAuthorization performs the log in into the identity provider |
| 817 | // allowing the user to open a browser on a different system and then entering |
no test coverage detected