MCPcopy
hub / github.com/smallstep/cli / GenerateSSHToken

Method GenerateSSHToken

utils/cautils/certificate_flow.go:209–231  ·  view source on GitHub ↗

GenerateSSHToken generates a token used to authorize the sign of an SSH certificate.

(ctx *cli.Context, subject string, typ int, principals []string, validAfter, validBefore provisioner.TimeDuration)

Source from the content-addressed store, hash-verified

207// GenerateSSHToken generates a token used to authorize the sign of an SSH
208// certificate.
209func (f *CertificateFlow) GenerateSSHToken(ctx *cli.Context, subject string, typ int, principals []string, validAfter, validBefore provisioner.TimeDuration) (string, error) {
210 if f.offline {
211 return f.offlineCA.GenerateToken(ctx, typ, subject, principals, time.Time{}, time.Time{}, validAfter, validBefore)
212 }
213
214 // Use online CA to get the provisioners and generate the token
215 caURL, err := flags.ParseCaURLIfExists(ctx)
216 if err != nil {
217 return "", err
218 } else if caURL == "" {
219 return "", errs.RequiredUnlessFlag(ctx, "ca-url", "token")
220 }
221
222 root := ctx.String("root")
223 if root == "" {
224 root = pki.GetRootCAPath()
225 if _, err := os.Stat(root); err != nil {
226 return "", errs.RequiredUnlessFlag(ctx, "root", "token")
227 }
228 }
229
230 return NewTokenFlow(ctx, typ, subject, principals, caURL, root, time.Time{}, time.Time{}, validAfter, validBefore)
231}
232
233// GenerateIdentityToken generates a token using only an OIDC provisioner.
234func (f *CertificateFlow) GenerateIdentityToken(ctx *cli.Context) (string, error) {

Callers 6

revokeActionFunction · 0.95
doLoginIfNeededFunction · 0.95
loginActionFunction · 0.95
certificateActionFunction · 0.95
rekeyActionFunction · 0.95
renewActionFunction · 0.95

Calls 4

ParseCaURLIfExistsFunction · 0.92
NewTokenFlowFunction · 0.85
StringMethod · 0.65
GenerateTokenMethod · 0.45

Tested by

no test coverage detected