From 7f70f969368d40539faabffae901246f54ea18af Mon Sep 17 00:00:00 2001 From: Daniel Hougaard Date: Wed, 20 Nov 2024 01:06:18 +0400 Subject: [PATCH] fix: allow preset domains for `infisical login` --- cli/packages/cmd/export.go | 2 +- cli/packages/cmd/init.go | 2 +- cli/packages/cmd/login.go | 57 +++++++++++++++++++++++++++++--- cli/packages/cmd/root.go | 2 +- cli/packages/cmd/secrets.go | 4 +-- cli/packages/cmd/tokens.go | 2 +- cli/packages/util/credentials.go | 18 +++++----- cli/packages/util/folders.go | 6 ++-- cli/packages/util/secrets.go | 2 +- 9 files changed, 73 insertions(+), 22 deletions(-) diff --git a/cli/packages/cmd/export.go b/cli/packages/cmd/export.go index 6f02408fdf..b872b0e61e 100644 --- a/cli/packages/cmd/export.go +++ b/cli/packages/cmd/export.go @@ -111,7 +111,7 @@ var exportCmd = &cobra.Command{ accessToken = token.Token } else { log.Debug().Msg("GetAllEnvironmentVariables: Trying to fetch secrets using logged in details") - loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails(true) if err != nil { util.HandleError(err) } diff --git a/cli/packages/cmd/init.go b/cli/packages/cmd/init.go index 05655e97cd..df6bfcc600 100644 --- a/cli/packages/cmd/init.go +++ b/cli/packages/cmd/init.go @@ -41,7 +41,7 @@ var initCmd = &cobra.Command{ } } - userCreds, err := util.GetCurrentLoggedInUserDetails() + userCreds, err := util.GetCurrentLoggedInUserDetails(true) if err != nil { util.HandleError(err, "Unable to get your login details") } diff --git a/cli/packages/cmd/login.go b/cli/packages/cmd/login.go index fff2ccf311..8f29c907a1 100644 --- a/cli/packages/cmd/login.go +++ b/cli/packages/cmd/login.go @@ -154,6 +154,8 @@ var loginCmd = &cobra.Command{ DisableFlagsInUseLine: true, Run: func(cmd *cobra.Command, args []string) { + presetDomain := config.INFISICAL_URL + clearSelfHostedDomains, err := cmd.Flags().GetBool("clear-domains") if err != nil { util.HandleError(err) @@ -198,7 +200,7 @@ var loginCmd = &cobra.Command{ // standalone user auth if loginMethod == "user" { - currentLoggedInUserDetails, err := util.GetCurrentLoggedInUserDetails() + currentLoggedInUserDetails, err := util.GetCurrentLoggedInUserDetails(true) // if the key can't be found or there is an error getting current credentials from key ring, allow them to override if err != nil && (strings.Contains(err.Error(), "we couldn't find your logged in details")) { log.Debug().Err(err) @@ -216,11 +218,19 @@ var loginCmd = &cobra.Command{ return } } + + usePresetDomain, err := usePresetDomain(presetDomain) + + if err != nil { + util.HandleError(err) + } + //override domain domainQuery := true if config.INFISICAL_URL_MANUAL_OVERRIDE != "" && config.INFISICAL_URL_MANUAL_OVERRIDE != fmt.Sprintf("%s/api", util.INFISICAL_DEFAULT_EU_URL) && - config.INFISICAL_URL_MANUAL_OVERRIDE != fmt.Sprintf("%s/api", util.INFISICAL_DEFAULT_US_URL) { + config.INFISICAL_URL_MANUAL_OVERRIDE != fmt.Sprintf("%s/api", util.INFISICAL_DEFAULT_US_URL) && + !usePresetDomain { overrideDomain, err := DomainOverridePrompt() if err != nil { util.HandleError(err) @@ -228,7 +238,7 @@ var loginCmd = &cobra.Command{ //if not override set INFISICAL_URL to exported var //set domainQuery to false - if !overrideDomain { + if !overrideDomain && !usePresetDomain { domainQuery = false config.INFISICAL_URL = util.AppendAPIEndpoint(config.INFISICAL_URL_MANUAL_OVERRIDE) config.INFISICAL_LOGIN_URL = fmt.Sprintf("%s/login", strings.TrimSuffix(config.INFISICAL_URL, "/api")) @@ -237,7 +247,7 @@ var loginCmd = &cobra.Command{ } //prompt user to select domain between Infisical cloud and self-hosting - if domainQuery { + if domainQuery && !usePresetDomain { err = askForDomain() if err != nil { util.HandleError(err, "Unable to parse domain url") @@ -526,6 +536,45 @@ func DomainOverridePrompt() (bool, error) { return selectedOption == OVERRIDE, err } +func usePresetDomain(presetDomain string) (bool, error) { + infisicalConfig, err := util.GetConfigFile() + if err != nil { + return false, fmt.Errorf("askForDomain: unable to get config file because [err=%s]", err) + } + + preconfiguredUrl := strings.TrimSuffix(presetDomain, "/api") + + if preconfiguredUrl != "" && preconfiguredUrl != util.INFISICAL_DEFAULT_US_URL && preconfiguredUrl != util.INFISICAL_DEFAULT_EU_URL { + parsedDomain := strings.TrimSuffix(strings.Trim(preconfiguredUrl, "/"), "/api") + + _, err := url.ParseRequestURI(parsedDomain) + if err != nil { + return false, errors.New(fmt.Sprintf("Invalid domain URL: '%s'", parsedDomain)) + } + + config.INFISICAL_URL = fmt.Sprintf("%s/api", parsedDomain) + config.INFISICAL_LOGIN_URL = fmt.Sprintf("%s/login", parsedDomain) + + if !slices.Contains(infisicalConfig.Domains, parsedDomain) { + infisicalConfig.Domains = append(infisicalConfig.Domains, parsedDomain) + err = util.WriteConfigFile(&infisicalConfig) + + if err != nil { + return false, fmt.Errorf("askForDomain: unable to write domains to config file because [err=%s]", err) + } + } + + whilte := color.New(color.FgGreen) + boldWhite := whilte.Add(color.Bold) + time.Sleep(time.Second * 1) + boldWhite.Printf("[INFO] Using domain '%s' from domain flag or INFISICAL_API_URL environment variable\n", parsedDomain) + + return true, nil + } + + return false, nil +} + func askForDomain() error { // query user to choose between Infisical cloud or self-hosting diff --git a/cli/packages/cmd/root.go b/cli/packages/cmd/root.go index c533f34159..04af9cce80 100644 --- a/cli/packages/cmd/root.go +++ b/cli/packages/cmd/root.go @@ -54,7 +54,7 @@ func init() { util.CheckForUpdate() } - loggedInDetails, err := util.GetCurrentLoggedInUserDetails() + loggedInDetails, err := util.GetCurrentLoggedInUserDetails(false) if !silent && err == nil && loggedInDetails.IsUserLoggedIn && !loggedInDetails.LoginExpired { token, err := util.GetInfisicalToken(cmd) diff --git a/cli/packages/cmd/secrets.go b/cli/packages/cmd/secrets.go index eff011c5eb..e93d588856 100644 --- a/cli/packages/cmd/secrets.go +++ b/cli/packages/cmd/secrets.go @@ -194,7 +194,7 @@ var secretsSetCmd = &cobra.Command{ projectId = workspaceFile.WorkspaceId } - loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails(true) if err != nil { util.HandleError(err, "unable to authenticate [err=%v]") } @@ -278,7 +278,7 @@ var secretsDeleteCmd = &cobra.Command{ util.RequireLogin() util.RequireLocalWorkspaceFile() - loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails(true) if err != nil { util.HandleError(err, "Unable to authenticate") } diff --git a/cli/packages/cmd/tokens.go b/cli/packages/cmd/tokens.go index e2851f88f4..531e622e9e 100644 --- a/cli/packages/cmd/tokens.go +++ b/cli/packages/cmd/tokens.go @@ -41,7 +41,7 @@ var tokensCreateCmd = &cobra.Command{ }, Run: func(cmd *cobra.Command, args []string) { // get plain text workspace key - loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails(true) if err != nil { util.HandleError(err, "Unable to retrieve your logged in your details. Please login in then try again") diff --git a/cli/packages/util/credentials.go b/cli/packages/util/credentials.go index cb5b94080c..03722dc414 100644 --- a/cli/packages/util/credentials.go +++ b/cli/packages/util/credentials.go @@ -55,7 +55,7 @@ func GetUserCredsFromKeyRing(userEmail string) (credentials models.UserCredentia return userCredentials, err } -func GetCurrentLoggedInUserDetails() (LoggedInUserDetails, error) { +func GetCurrentLoggedInUserDetails(setConfigVariables bool) (LoggedInUserDetails, error) { if ConfigFileExists() { configFile, err := GetConfigFile() if err != nil { @@ -75,18 +75,20 @@ func GetCurrentLoggedInUserDetails() (LoggedInUserDetails, error) { } } + if setConfigVariables { + config.INFISICAL_URL_MANUAL_OVERRIDE = config.INFISICAL_URL + //configFile.LoggedInUserDomain + //if not empty set as infisical url + if configFile.LoggedInUserDomain != "" { + config.INFISICAL_URL = AppendAPIEndpoint(configFile.LoggedInUserDomain) + } + } + // check to to see if the JWT is still valid httpClient := resty.New(). SetAuthToken(userCreds.JTWToken). SetHeader("Accept", "application/json") - config.INFISICAL_URL_MANUAL_OVERRIDE = config.INFISICAL_URL - //configFile.LoggedInUserDomain - //if not empty set as infisical url - if configFile.LoggedInUserDomain != "" { - config.INFISICAL_URL = AppendAPIEndpoint(configFile.LoggedInUserDomain) - } - isAuthenticated := api.CallIsAuthenticated(httpClient) // TODO: add refresh token // if !isAuthenticated { diff --git a/cli/packages/util/folders.go b/cli/packages/util/folders.go index c7f6de6309..4715c71c35 100644 --- a/cli/packages/util/folders.go +++ b/cli/packages/util/folders.go @@ -20,7 +20,7 @@ func GetAllFolders(params models.GetAllFoldersParameters) ([]models.SingleFolder log.Debug().Msg("GetAllFolders: Trying to fetch folders using logged in details") - loggedInUserDetails, err := GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := GetCurrentLoggedInUserDetails(true) if err != nil { return nil, err } @@ -177,7 +177,7 @@ func CreateFolder(params models.CreateFolderParameters) (models.SingleFolder, er if params.InfisicalToken == "" { RequireLogin() RequireLocalWorkspaceFile() - loggedInUserDetails, err := GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := GetCurrentLoggedInUserDetails(true) if err != nil { return models.SingleFolder{}, err @@ -224,7 +224,7 @@ func DeleteFolder(params models.DeleteFolderParameters) ([]models.SingleFolder, RequireLogin() RequireLocalWorkspaceFile() - loggedInUserDetails, err := GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := GetCurrentLoggedInUserDetails(true) if err != nil { return nil, err diff --git a/cli/packages/util/secrets.go b/cli/packages/util/secrets.go index 5e19ea6648..5a2a0ec24c 100644 --- a/cli/packages/util/secrets.go +++ b/cli/packages/util/secrets.go @@ -246,7 +246,7 @@ func GetAllEnvironmentVariables(params models.GetAllSecretsParameters, projectCo log.Debug().Msg("GetAllEnvironmentVariables: Trying to fetch secrets using logged in details") - loggedInUserDetails, err := GetCurrentLoggedInUserDetails() + loggedInUserDetails, err := GetCurrentLoggedInUserDetails(true) isConnected := ValidateInfisicalAPIConnection() if isConnected {