GenerateToken generates a token for immediate use (therefore only default validity values will be used). The token is generated either with the offline token flow or the online mode.
(ctx *cli.Context, subject string, sans []string)
| 174 | // validity values will be used). The token is generated either with the offline |
| 175 | // token flow or the online mode. |
| 176 | func (f *CertificateFlow) GenerateToken(ctx *cli.Context, subject string, sans []string) (string, error) { |
| 177 | if f.offline { |
| 178 | return f.offlineCA.GenerateToken(ctx, SignType, subject, sans, time.Time{}, time.Time{}, provisioner.TimeDuration{}, provisioner.TimeDuration{}) |
| 179 | } |
| 180 | |
| 181 | // Use online CA to get the provisioners and generate the token |
| 182 | caURL, err := flags.ParseCaURLIfExists(ctx) |
| 183 | if err != nil { |
| 184 | return "", err |
| 185 | } else if caURL == "" { |
| 186 | return "", errs.RequiredUnlessFlag(ctx, "ca-url", "token") |
| 187 | } |
| 188 | |
| 189 | root := ctx.String("root") |
| 190 | if root == "" { |
| 191 | root = pki.GetRootCAPath() |
| 192 | if _, err := os.Stat(root); err != nil { |
| 193 | return "", errs.RequiredUnlessFlag(ctx, "root", "token") |
| 194 | } |
| 195 | } |
| 196 | |
| 197 | if subject == "" { |
| 198 | subject, err = ui.Prompt("What DNS names or IP addresses would you like to use? (e.g. internal.smallstep.com)", ui.WithValidateNotEmpty()) |
| 199 | if err != nil { |
| 200 | return "", err |
| 201 | } |
| 202 | } |
| 203 | |
| 204 | return NewTokenFlow(ctx, SignType, subject, sans, caURL, root, time.Time{}, time.Time{}, provisioner.TimeDuration{}, provisioner.TimeDuration{}) |
| 205 | } |
| 206 | |
| 207 | // GenerateSSHToken generates a token used to authorize the sign of an SSH |
| 208 | // certificate. |
no test coverage detected