root
/
telebit
mirror of https://github.com/therootcompany/telebit.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

revise options

This commit is contained in:
AJ ONeal 2020-07-06 03:23:12 -06:00
parent 2a40cf7ac0
commit 01177518e0
1 changed files with 67 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
cmd/signjwt/signjwt.go
View File

@ -3,50 +3,100 @@ package main
import ( import (
"encoding/base64" "encoding/base64"
"encoding/hex" "encoding/hex"
"flag"
"fmt" "fmt"
"os" "os"
"git.coolaj86.com/coolaj86/go-telebitd/mgmt/authstore" "git.coolaj86.com/coolaj86/go-telebitd/mgmt/authstore"
telebit "git.coolaj86.com/coolaj86/go-telebitd/mplexer"
"github.com/denisbrodbeck/machineid" "github.com/denisbrodbeck/machineid"
_ "github.com/joho/godotenv/autoload" _ "github.com/joho/godotenv/autoload"
) )
func main() { func main() {
var secret string appID := flag.String("app-id", "", "a unique identifier for a deploy target environment")
authURL := flag.String("auth-url", "", "the base url for authentication, if not the same as the tunnel relay")
clientSecret := flag.String("client-secret", "", "the same secret used by telebit-relay (used for JWT authentication)")
machinePPID := flag.Bool("machine-ppid", false, "just print the machine ppid, not the token")
relaySecret := flag.String("relay-secret", "", "the same secret used by telebit-relay (used for JWT authentication)")
flag.Parse()
if len(os.Args) >= 2 { if 0 == len(*appID) {
secret = os.Args[1] *appID = os.Getenv("APP_ID")
} }
if "" == secret { if 0 == len(*appID) {
secret = os.Getenv("SECRET") *appID = "telebit.io"
} }
if "" == secret { if 0 == len(*clientSecret) {
fmt.Fprintf(os.Stderr, "Usage: signjwt <secret>") *clientSecret = os.Getenv("CLIENT_SECRET")
}
if 0 == len(*relaySecret) {
*relaySecret = os.Getenv("RELAY_SECRET")
if 0 == len(*relaySecret) {
*relaySecret = os.Getenv("SECRET")
}
}
if 0 == len(*authURL) {
*authURL = os.Getenv("AUTH_URL")
}
if len(flag.Args()) >= 2 {
*relaySecret = flag.Args()[1]
}
if "" == *relaySecret && "" == *clientSecret {
fmt.Fprintf(os.Stderr, "Usage: signjwt <secret>\n")
os.Exit(1) os.Exit(1)
return return
} }
if len(os.Args) >= 3 { secret := *clientSecret
muid, err := machineid.ProtectedID("test-id|" + secret) if 0 == len(secret) {
secret = *relaySecret
}
if len(flag.Args()) >= 2 {
secret = flag.Args()[1]
}
if len(flag.Args()) >= 3 || *machinePPID || "" != *clientSecret {
muid, err := machineid.ProtectedID(*appID + "|" + secret)
if nil != err { if nil != err {
panic(err) panic(err)
} }
muidBytes, _ := hex.DecodeString(muid) muidBytes, _ := hex.DecodeString(muid)
muid = base64.RawURLEncoding.EncodeToString(muidBytes) ppid := base64.RawURLEncoding.EncodeToString(muidBytes)
fmt.Println( fmt.Fprintf(os.Stderr, "[debug] appID = %s\n", *appID)
muid, fmt.Fprintf(os.Stderr, "[debug] secret = %s\n", secret)
authstore.ToPublicKeyString(muid), pub := authstore.ToPublicKeyString(ppid)
if len(flag.Args()) >= 3 || *machinePPID {
fmt.Fprintf(os.Stderr, "[debug]: <ppid> <pub>\n")
fmt.Fprintf(
os.Stdout,
"%s %s\n",
ppid,
pub,
) )
return return
} }
fmt.Fprintf(os.Stderr, "[debug] ppid = %s\n", ppid)
fmt.Fprintf(os.Stderr, "[debug] pub = %s\n", pub)
secret = ppid
}
tok, err := authstore.HMACToken(secret) tok, err := authstore.HMACToken(secret)
if nil != err { if nil != err {
fmt.Fprintf(os.Stderr, "signing error: %s", err) fmt.Fprintf(os.Stderr, "signing error: %s\n", err)
os.Exit(1) os.Exit(1)
return return
} }
fmt.Println(tok) fmt.Fprintf(os.Stderr, "[debug] <token>\n")
fmt.Fprintf(os.Stdout, tok)
_, err = telebit.Inspect(*authURL, tok)
if nil != err {
fmt.Fprintf(os.Stderr, "inpsect relay token failed:\n%s\n", err)
os.Exit(1)
}
} }