GetClient returns the client used to send requests to the CA.
(ctx *cli.Context, tok string, options ...ca.ClientOption)
| 132 | |
| 133 | // GetClient returns the client used to send requests to the CA. |
| 134 | func (f *CertificateFlow) GetClient(ctx *cli.Context, tok string, options ...ca.ClientOption) (CaClient, error) { |
| 135 | if f.offline { |
| 136 | return f.offlineCA, nil |
| 137 | } |
| 138 | |
| 139 | // Create online client |
| 140 | root := ctx.String("root") |
| 141 | caURL, err := flags.ParseCaURLIfExists(ctx) |
| 142 | if err != nil { |
| 143 | return nil, err |
| 144 | } |
| 145 | |
| 146 | jwt, err := token.ParseInsecure(tok) |
| 147 | if err != nil { |
| 148 | return nil, errors.Wrap(err, "error parsing flag '--token'") |
| 149 | } |
| 150 | // Prepare client for bootstrap or provisioning tokens |
| 151 | if jwt.Payload.SHA != "" && len(jwt.Payload.Audience) > 0 && strings.HasPrefix(strings.ToLower(jwt.Payload.Audience[0]), "http") { |
| 152 | if caURL == "" { |
| 153 | caURL = jwt.Payload.Audience[0] |
| 154 | } |
| 155 | options = append(options, ca.WithRootSHA256(jwt.Payload.SHA)) |
| 156 | } else { |
| 157 | if caURL == "" { |
| 158 | return nil, errs.RequiredFlag(ctx, "ca-url") |
| 159 | } |
| 160 | if root == "" { |
| 161 | root = pki.GetRootCAPath() |
| 162 | if _, err := os.Stat(root); err != nil { |
| 163 | return nil, errs.RequiredFlag(ctx, "root") |
| 164 | } |
| 165 | } |
| 166 | options = append(options, ca.WithRootFile(root)) |
| 167 | } |
| 168 | |
| 169 | ui.PrintSelected("CA", caURL) |
| 170 | return ca.NewClient(caURL, options...) |
| 171 | } |
| 172 | |
| 173 | // GenerateToken generates a token for immediate use (therefore only default |
| 174 | // validity values will be used). The token is generated either with the offline |
no test coverage detected