go-cfclient/examples/auth/main.go at main · datev/go-cfclient · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
package main

import (
	"context"
	"fmt"
	"net/http"
	"os"
	"time"

	"github.com/cloudfoundry/go-cfclient/v3/client"
	"github.com/cloudfoundry/go-cfclient/v3/config"
)

const apiURL = "https://api.sys.example.com"
const loginURL = "https://login.sys.example.com"
const tokenURL = "https://uaa.sys.example.com"
const username = "admin"
const password = "password"
const clientID = "cf"
const clientSecret = "secret"
const accessToken = "<access-token>"
const refreshToken = "<refresh-token>"
const jwtAssertion = "<jwt-assertion>"
const clientAssertion = "<client-assertion>"
const origin = "<origin>"

func main() {
	err := execute()
	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}
	fmt.Println("Done!")
}

func execute() error {
	// use the CF CLI config and the stored access/refresh token
	cfg, err := config.NewFromCFHome()
	if err != nil {
		return err
	}
	err = listOrganizationsWithConfig(cfg)
	if err != nil {
		return err
	}

	// use the hardcoded CF API endpoint and user/pass and skip TLS validation
	cfg, err = config.New(apiURL,
		config.UserPassword(username, password),
		config.SkipTLSValidation())
	if err != nil {
		return err
	}
	err = listOrganizationsWithConfig(cfg)
	if err != nil {
		return err
	}

	// use the hardcoded CF API endpoint and client/secret and skip TLS validation
	cfg, err = config.New(apiURL,
		config.ClientCredentials(clientID, clientSecret),
		config.SkipTLSValidation())
	if err != nil {
		return err
	}
	err = listOrganizationsWithConfig(cfg)
	if err != nil {
		return err
	}

	// use the hardcoded CF API endpoint and OAuth token
	cfg, err = config.New(apiURL,
		config.Token(accessToken, refreshToken),
		config.SkipTLSValidation())
	if err != nil {
		return err
	}
	err = listOrganizationsWithConfig(cfg)
	if err != nil {
		return err
	}

	// use the hardcoded CF API endpoint and JWT Bearer Assertion token and optional origin
	// minimally requires the assertion
	cfg, err = config.New(apiURL,
		config.JWTBearerAssertion(jwtAssertion),
		config.Origin(origin))
	if err != nil {
		return err
	}
	err = listOrganizationsWithConfig(cfg)
	if err != nil {
		return err
	}

	// use the hardcoded CF API endpoint and JWT Bearer Assertion token and optional origin
	// minimally requires the assertion
	cfg, err = config.New(apiURL,
		config.ClientCredentials(clientID, ""),
		config.ClientAssertion(clientAssertion))
	if err != nil {
		return err
	}
	err = listOrganizationsWithConfig(cfg)
	if err != nil {
		return err
	}

	// Unnecessarily use all config options
	cfg, err = config.New(apiURL,
		config.UserPassword(username, password),
		config.SkipTLSValidation(),
		config.AuthTokenURL(loginURL, tokenURL),
		config.UserAgent("MyApp-Client/1.0"),
		config.HttpClient(&http.Client{}),
		config.RequestTimeout(10*time.Second),
		config.Origin("uaa"),
		config.Scopes("cloud_controller.read", "cloud_controller_service_permissions.read"),
		config.SSHOAuthClient("ssh-proxy"))
	if err != nil {
		return err
	}
	return listOrganizationsWithConfig(cfg)
}

func listOrganizationsWithConfig(cfg *config.Config) error {
	ctx := context.Background()
	cf, err := client.New(cfg)
	if err != nil {
		return err
	}

	err = listOrganizations(ctx, cf)
	if err != nil {
		return err
	}

	return nil
}

func listOrganizations(ctx context.Context, cf *client.Client) error {
	// grab the first space
	orgs, err := cf.Organizations.ListAll(ctx, nil)
	if err != nil {
		return err
	}

	for _, o := range orgs {
		fmt.Printf("%s\n", o.Name)
	}
	return nil
}