resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
terraform/internal/command/testdata/login-oauth-server/main.go

73 lines
1.7 KiB
Go
Raw Normal View History

Upgrade to Go 1.17 This includes the addition of the new "//go:build" comment form in addition to the legacy "// +build" notation, as produced by gofmt to ensure consistent behavior between Go versions. The new directives are all equivalent to what was present before, so there's no change in behavior. Go 1.17 continues to use the Unicode 13 tables as in Go 1.16, so this upgrade does not require also upgrading our Unicode-related dependencies. This upgrade includes the following breaking changes which will also appear as breaking changes for Terraform users, but that are consistent with the Terraform v1.0 compatibility promises. - On MacOS, Terraform now requires macOS 10.13 High Sierra or later. This upgrade also includes the following breaking changes which will appear as breaking changes for Terraform users that are inconsistent with our compatibility promises, but have justified exceptions as follows: - cidrsubnet, cidrhost, and cidrnetmask will now reject IPv4 CIDR addresses whose decimal components have leading zeros, where previously they would just silently ignore those leading zeros. This is a security-motivated exception to our compatibility promises, because some external systems interpret zero-prefixed octets as octal numbers rather than decimal, and thus the previous lenient parsing could lead to a different interpretation of the address between systems, and thus potentially allow bypassing policy when configuring firewall rules etc. This upgrade also includes the following breaking changes which could _potentially_ appear as breaking changes for Terraform users, but that do not in practice for the reasons given: - The Go net/url package no longer allows query strings with pairs separated by semicolons instead of ampersands. This primarily affects HTTP servers written in Go, and Terraform includes a special temporary HTTP server as part of its implementation of OAuth for "terraform login", but that server only needs to accept URLs created by Terraform itself and Terraform does not generate any URLs that would be rejected.
2021-08-17 02:19:17 +02:00
//go:build ignore
command: A stub OAuth server implementation for login testing
2019-08-22 00:05:13 +02:00
// +build ignore
// This file is a helper for those doing _manual_ testing of "terraform login"
// and/or "terraform logout" and want to start up a test OAuth server in a
// separate process for convenience:
//
// go run ./command/testdata/login-oauth-server/main.go :8080
//
// This is _not_ the main way to use this oauthserver package. For automated
// test code, import it as a normal Go package instead:
//
Move command/ to internal/command/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 21:07:38 +02:00
// import oauthserver "github.com/hashicorp/terraform/internal/command/testdata/login-oauth-server"
command: A stub OAuth server implementation for login testing
2019-08-22 00:05:13 +02:00
package main
import (
"fmt"
"net"
"net/http"
"os"
Move command/ to internal/command/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 21:07:38 +02:00
oauthserver "github.com/hashicorp/terraform/internal/command/testdata/login-oauth-server"
command: A stub OAuth server implementation for login testing
2019-08-22 00:05:13 +02:00
)
func main() {
if len(os.Args) < 2 {
fmt.Fprintln(os.Stderr, "Usage: go run ./command/testdata/login-oauth-server/main.go <listen-address>")
os.Exit(1)
}
host, port, err := net.SplitHostPort(os.Args[1])
if err != nil {
fmt.Fprintln(os.Stderr, "Invalid address: %s", err)
os.Exit(1)
}
if host == "" {
host = "127.0.0.1"
}
addr := fmt.Sprintf("%s:%s", host, port)
fmt.Printf("Will listen on %s...\n", addr)
fmt.Printf(
configExampleFmt,
fmt.Sprintf("http://%s:%s/authz", host, port),
fmt.Sprintf("http://%s:%s/token", host, port),
fmt.Sprintf("http://%s:%s/revoke", host, port),
)
server := &http.Server{
Addr: addr,
Handler: oauthserver.Handler,
}
err = server.ListenAndServe()
fmt.Fprintln(os.Stderr, err.Error())
}
const configExampleFmt = `
host "login-test.example.com" {
services = {
"login.v1" = {
authz = %q
token = %q
client = "placeholder"
grant_types = ["code", "password"]
}
"logout.v1" = %q
}
}
`