- 
+
+
+
+
diff --git a/pkg/core/config/type.go b/pkg/core/config/type.go
index ce143b628..39b15bb71 100644
--- a/pkg/core/config/type.go
+++ b/pkg/core/config/type.go
@@ -12,19 +12,16 @@ type IConfig interface {
// Config is a type which describes the properties which can be in the config
type Config struct {
- AccessToken string `json:"access_token,omitempty" doc:"Bearer access token."`
- RefreshToken string `json:"refresh_token,omitempty" doc:"Offline or refresh token."`
- MasAuthURL string `json:"mas_auth_url,omitempty"`
- MasAccessToken string `json:"mas_access_token,omitempty"`
- MasRefreshToken string `json:"mas_refresh_token,omitempty"`
- Services ServiceConfigMap `json:"services,omitempty"`
- APIUrl string `json:"api_url,omitempty" doc:"URL of the API gateway. The value can be the complete URL or an alias. The valid aliases are 'production', 'staging' and 'integration'."`
- AuthURL string `json:"auth_url,omitempty" doc:"URL of the authentication server"`
- ClientID string `json:"client_id,omitempty" doc:"OpenID client identifier."`
- Insecure bool `json:"insecure,omitempty" doc:"Enables insecure communication with the server. This disables verification of TLS certificates and host names."`
- Scopes []string `json:"scopes,omitempty" doc:"OpenID scope. If this option is used it will replace completely the default scopes. Can be repeated multiple times to specify multiple scopes."`
- Telemetry string `json:"telemetry,omitempty" doc:"Flag used to enable telemetry for user."`
- LastUpdated int64 `json:"last_updated,omitempty" doc:"Timestamp of the last update cli"`
+ AccessToken string `json:"access_token,omitempty" doc:"Bearer access token."`
+ RefreshToken string `json:"refresh_token,omitempty" doc:"Offline or refresh token."`
+ Services ServiceConfigMap `json:"services,omitempty"`
+ APIUrl string `json:"api_url,omitempty" doc:"URL of the API gateway. The value can be the complete URL or an alias. The valid aliases are 'production', 'staging' and 'integration'."`
+ AuthURL string `json:"auth_url,omitempty" doc:"URL of the authentication server"`
+ ClientID string `json:"client_id,omitempty" doc:"OpenID client identifier."`
+ Insecure bool `json:"insecure,omitempty" doc:"Enables insecure communication with the server. This disables verification of TLS certificates and host names."`
+ Scopes []string `json:"scopes,omitempty" doc:"OpenID scope. If this option is used it will replace completely the default scopes. Can be repeated multiple times to specify multiple scopes."`
+ Telemetry string `json:"telemetry,omitempty" doc:"Flag used to enable telemetry for user."`
+ LastUpdated int64 `json:"last_updated,omitempty" doc:"Timestamp of the last update cli"`
}
// ServiceConfigMap is a map of configs for the application services
diff --git a/pkg/core/localize/locales/en/cmd/login.en.toml b/pkg/core/localize/locales/en/cmd/login.en.toml
index 30152bf38..1c1ec3f9d 100644
--- a/pkg/core/localize/locales/en/cmd/login.en.toml
+++ b/pkg/core/localize/locales/en/cmd/login.en.toml
@@ -44,8 +44,7 @@ description = 'Description for the --auth-url flag'
one = "The URL of the SSO Authentication server"
[login.flag.masAuthUrl]
-description = 'Description for the --auth-url flag'
-one = "The URL of the identity.api.openshift.com Authentication server"
+one = "This flag is no longer valid and will be removed in a future release."
[login.flag.token]
one = "Log in using an offline token, which can be obtained at {{.OfflineTokenURL}}"
@@ -104,12 +103,6 @@ one = 'Logging in...'
[login.log.info.loggedIn]
one = 'Logged in successfully'
-[login.log.info.loggingInMAS]
-one = 'Logging in to {{.Host}}...'
-
-[login.log.info.loggedInMAS]
-one = 'Logged in successfully to {{.Host}}'
-
[login.error.noRealmInURL]
one = 'the authentication URL is missing a realm'
diff --git a/pkg/core/localize/locales/en/connection.en.toml b/pkg/core/localize/locales/en/connection.en.toml
index 4268f41e1..f76e45bda 100644
--- a/pkg/core/localize/locales/en/connection.en.toml
+++ b/pkg/core/localize/locales/en/connection.en.toml
@@ -1,8 +1,5 @@
[connection.error.notLoggedInError]
one = 'not logged in. Run "rhoas login" to authenticate'
-[connection.error.notLoggedInMASError]
-one = 'not logged in to identity.api.openshift.com. Run "rhoas login" to authenticate. Note: token-based login is not supported by the Kafka "topic" and "consumer-group" subcommands.'
-
[connection.error.sessionExpiredError]
one = 'session expired. Run "rhoas login" to authenticate'
\ No newline at end of file
diff --git a/pkg/shared/connection/api/api.go b/pkg/shared/connection/api/api.go
index 66a45efd9..7d2568f5b 100644
--- a/pkg/shared/connection/api/api.go
+++ b/pkg/shared/connection/api/api.go
@@ -30,11 +30,10 @@ type API interface {
}
type Config struct {
- AccessToken string
- MasAccessToken string
- ApiURL *url.URL
- ConsoleURL *url.URL
- UserAgent string
- HTTPClient *http.Client
- Logger logging.Logger
+ AccessToken string
+ ApiURL *url.URL
+ ConsoleURL *url.URL
+ UserAgent string
+ HTTPClient *http.Client
+ Logger logging.Logger
}
diff --git a/pkg/shared/connection/api/defaultapi/default_client.go b/pkg/shared/connection/api/defaultapi/default_client.go
index 42a0aadf2..ff38ba3cb 100644
--- a/pkg/shared/connection/api/defaultapi/default_client.go
+++ b/pkg/shared/connection/api/defaultapi/default_client.go
@@ -11,7 +11,6 @@ import (
connectormgmtclient "github.com/redhat-developer/app-services-sdk-go/connectormgmt/apiv1/client"
kafkamgmt "github.com/redhat-developer/app-services-sdk-go/kafkamgmt/apiv1"
- "github.com/redhat-developer/app-services-cli/pkg/shared/hacks"
"github.com/redhat-developer/app-services-cli/pkg/shared/kafkautil"
"github.com/redhat-developer/app-services-cli/internal/build"
@@ -127,10 +126,7 @@ func (a *defaultAPI) KafkaAdmin(instanceID string) (*kafkainstanceclient.APIClie
apiURL := kafkaInstance.GetAdminApiServerUrl()
a.Logger.Debugf("Making request to %v", apiURL)
- token := a.MasAccessToken
- if !hacks.ShouldUseMasSSO(a.Logger, a.ApiURL.String()) {
- token = a.AccessToken
- }
+ token := a.AccessToken
client := kafkainstance.NewAPIClient(&kafkainstance.Config{
BaseURL: apiURL,
@@ -192,10 +188,8 @@ func (a *defaultAPI) ServiceRegistryInstance(instanceID string) (*registryinstan
}
a.Logger.Debugf("Making request to %v", baseURL)
- token := a.MasAccessToken
- if !hacks.ShouldUseMasSSO(a.Logger, a.ApiURL.String()) {
- token = a.AccessToken
- }
+
+ token := a.AccessToken
client := registryinstance.NewAPIClient(®istryinstance.Config{
BaseURL: baseURL,
diff --git a/pkg/shared/connection/connection.go b/pkg/shared/connection/connection.go
index d96f5a496..23fab41ab 100644
--- a/pkg/shared/connection/connection.go
+++ b/pkg/shared/connection/connection.go
@@ -6,21 +6,19 @@ import (
"github.com/redhat-developer/app-services-cli/pkg/shared/connection/api"
)
+// FIXLATER This entire class can be removed however it should be done
+// after connectors commands are finished thus we do not have many conflicts.
type Config struct {
- RequireAuth bool
- RequireMASAuth bool
+ RequireAuth bool
}
-// DefaultConfigSkipMasAuth is used when running commands which do not require authenticatation with MAS-SSO
+// DefaultConfigSkipMasAuth is used when running all commads
var DefaultConfigSkipMasAuth = &Config{
- RequireAuth: true,
- RequireMASAuth: false,
+ RequireAuth: true,
}
-// DefaultConfigRequireMasAuth is used when running commands which must authenticate with MAS-SSO
var DefaultConfigRequireMasAuth = &Config{
- RequireAuth: true,
- RequireMASAuth: true,
+ RequireAuth: true,
}
// Connection is an interface which defines methods for interacting
diff --git a/pkg/shared/connection/kcconnection/builder.go b/pkg/shared/connection/kcconnection/builder.go
index c034036c7..8254695be 100644
--- a/pkg/shared/connection/kcconnection/builder.go
+++ b/pkg/shared/connection/kcconnection/builder.go
@@ -28,13 +28,10 @@ type ConnectionBuilder struct {
disableKeepAlives bool
accessToken string
refreshToken string
- masAccessToken string
- masRefreshToken string
clientID string
scopes []string
apiURL string
authURL string
- masAuthURL string
consoleURL string
config config.IConfig
logger logging.Logger
@@ -53,6 +50,11 @@ func NewConnectionBuilder() *ConnectionBuilder {
return &ConnectionBuilder{}
}
+func (b *ConnectionBuilder) WithURL(url string) *ConnectionBuilder {
+ b.apiURL = url
+ return b
+}
+
func (b *ConnectionBuilder) WithAccessToken(accessToken string) *ConnectionBuilder {
b.accessToken = accessToken
return b
@@ -63,16 +65,6 @@ func (b *ConnectionBuilder) WithRefreshToken(refreshToken string) *ConnectionBui
return b
}
-func (b *ConnectionBuilder) WithMASAccessToken(accessToken string) *ConnectionBuilder {
- b.masAccessToken = accessToken
- return b
-}
-
-func (b *ConnectionBuilder) WithMASRefreshToken(refreshToken string) *ConnectionBuilder {
- b.masRefreshToken = refreshToken
- return b
-}
-
func (b *ConnectionBuilder) WithTrustedCAs(value *x509.CertPool) *ConnectionBuilder {
b.trustedCAs = value
return b
@@ -93,11 +85,6 @@ func (b *ConnectionBuilder) WithLogger(logger logging.Logger) *ConnectionBuilder
return b
}
-func (b *ConnectionBuilder) WithURL(url string) *ConnectionBuilder {
- b.apiURL = url
- return b
-}
-
func (b *ConnectionBuilder) WithConsoleURL(url string) *ConnectionBuilder {
b.consoleURL = url
return b
@@ -108,11 +95,6 @@ func (b *ConnectionBuilder) WithAuthURL(authURL string) *ConnectionBuilder {
return b
}
-func (b *ConnectionBuilder) WithMASAuthURL(authURL string) *ConnectionBuilder {
- b.masAuthURL = authURL
- return b
-}
-
func (b *ConnectionBuilder) WithClientID(clientID string) *ConnectionBuilder {
b.clientID = clientID
return b
@@ -185,12 +167,6 @@ func (b *ConnectionBuilder) BuildContext(ctx context.Context) (connection *Conne
Logger: b.logger,
}
- masTk := token.Token{
- AccessToken: b.masAccessToken,
- RefreshToken: b.masRefreshToken,
- Logger: b.logger,
- }
-
tokenIsValid, err := tkn.IsValid()
if err != nil {
return nil, err
@@ -226,12 +202,6 @@ func (b *ConnectionBuilder) BuildContext(ctx context.Context) (connection *Conne
return
}
- masAuthURL, err := url.Parse(b.masAuthURL)
- if err != nil {
- err = AuthErrorf("unable to parse Auth URL '%s': %w", b.masAuthURL, err)
- return
- }
-
consoleURL, err := url.Parse(b.consoleURL)
if err != nil {
err = fmt.Errorf("unable to parse Console URL '%s': %w", b.consoleURL, err)
@@ -260,19 +230,6 @@ func (b *ConnectionBuilder) BuildContext(ctx context.Context) (connection *Conne
restyClient.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: b.insecure})
keycloak.SetRestyClient(&restyClient)
- baseMasAuthURL := fmt.Sprintf("%v://%v", masAuthURL.Scheme, masAuthURL.Host)
- masKc := gocloak.NewClient(baseMasAuthURL)
- masRestyClient := *keycloak.RestyClient()
-
- _, masKcRealm, ok := SplitKeycloakRealmURL(masAuthURL)
- if !ok {
- return nil, fmt.Errorf("unable to get realm name from Auth URL: '%s'", b.masAuthURL)
- }
-
- // #nosec 402
- restyClient.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: b.insecure})
- masKc.SetRestyClient(&masRestyClient)
-
connection = &Connection{
insecure: b.insecure,
trustedCAs: b.trustedCAs,
@@ -282,11 +239,8 @@ func (b *ConnectionBuilder) BuildContext(ctx context.Context) (connection *Conne
apiURL: apiURL,
defaultHTTPClient: client,
keycloakClient: keycloak,
- masKeycloakClient: masKc,
Token: &tkn,
- MASToken: &masTk,
defaultRealm: kcRealm,
- masRealm: masKcRealm,
logger: b.logger,
Config: b.config,
connectionConfig: b.connectionConfig,
diff --git a/pkg/shared/connection/kcconnection/keycloak_connection.go b/pkg/shared/connection/kcconnection/keycloak_connection.go
index 2624dea51..ba9ed7fb4 100644
--- a/pkg/shared/connection/kcconnection/keycloak_connection.go
+++ b/pkg/shared/connection/kcconnection/keycloak_connection.go
@@ -31,14 +31,11 @@ type Connection struct {
defaultHTTPClient *http.Client
clientID string
Token *token.Token
- MASToken *token.Token
scopes []string
keycloakClient gocloak.GoCloak
- masKeycloakClient gocloak.GoCloak
apiURL *url.URL
consoleURL *url.URL
defaultRealm string
- masRealm string
logger logging.Logger
Config config.IConfig
connectionConfig *connection.Config
@@ -75,25 +72,6 @@ func (c *Connection) RefreshTokens(ctx context.Context) (err error) {
}
}
- if c.connectionConfig.RequireMASAuth && c.MASToken.RefreshToken != "" {
- c.logger.Debug("Refreshing MAS SSO tokens")
- // nolint:govet
- refreshedMasTk, err := c.masKeycloakClient.RefreshToken(ctx, c.MASToken.RefreshToken, c.clientID, "", c.masRealm)
- if err != nil {
- return &MasAuthError{err}
- }
- if refreshedMasTk.AccessToken != c.MASToken.AccessToken {
- c.MASToken.AccessToken = refreshedMasTk.AccessToken
- cfg.MasAccessToken = refreshedMasTk.AccessToken
- cfgChanged = true
- }
- if refreshedMasTk.RefreshToken != c.MASToken.RefreshToken {
- c.MASToken.RefreshToken = refreshedMasTk.RefreshToken
- cfg.MasRefreshToken = refreshedMasTk.RefreshToken
- cfgChanged = true
- }
- }
-
if !cfgChanged {
return nil
}
@@ -115,17 +93,8 @@ func (c *Connection) Logout(ctx context.Context) (err error) {
return &AuthError{err}
}
- if c.MASToken.RefreshToken != "" {
- err = c.masKeycloakClient.Logout(ctx, c.clientID, "", c.masRealm, c.MASToken.RefreshToken)
- if err != nil {
- return &AuthError{err}
- }
- }
-
c.Token.AccessToken = ""
c.Token.RefreshToken = ""
- c.MASToken.AccessToken = ""
- c.MASToken.RefreshToken = ""
cfg, err := c.Config.Load()
if err != nil {
@@ -134,8 +103,6 @@ func (c *Connection) Logout(ctx context.Context) (err error) {
cfg.AccessToken = ""
cfg.RefreshToken = ""
- cfg.MasAccessToken = ""
- cfg.MasRefreshToken = ""
return c.Config.Save(cfg)
}
@@ -143,13 +110,12 @@ func (c *Connection) Logout(ctx context.Context) (err error) {
// API Creates a new API type which is a single type for multiple APIs
func (c *Connection) API() api.API {
apiClient := defaultapi.New(&api.Config{
- HTTPClient: c.defaultHTTPClient,
- UserAgent: build.DefaultUserAgentPrefix + build.Version,
- MasAccessToken: c.MASToken.AccessToken,
- AccessToken: c.Token.AccessToken,
- ApiURL: c.apiURL,
- ConsoleURL: c.consoleURL,
- Logger: c.logger,
+ HTTPClient: c.defaultHTTPClient,
+ UserAgent: build.DefaultUserAgentPrefix + build.Version,
+ AccessToken: c.Token.AccessToken,
+ ApiURL: c.apiURL,
+ ConsoleURL: c.consoleURL,
+ Logger: c.logger,
})
return apiClient
diff --git a/pkg/shared/factory/defaultfactory/default.go b/pkg/shared/factory/defaultfactory/default.go
index 54b22b14b..fdde33bcc 100644
--- a/pkg/shared/factory/defaultfactory/default.go
+++ b/pkg/shared/factory/defaultfactory/default.go
@@ -50,12 +50,6 @@ func New(localizer localize.Localizer) *factory.Factory {
if cfg.RefreshToken != "" {
builder.WithRefreshToken(cfg.RefreshToken)
}
- if cfg.MasAccessToken != "" {
- builder.WithMASAccessToken(cfg.MasAccessToken)
- }
- if cfg.MasRefreshToken != "" {
- builder.WithMASRefreshToken(cfg.MasRefreshToken)
- }
if cfg.ClientID != "" {
builder.WithClientID(cfg.ClientID)
}
@@ -70,11 +64,6 @@ func New(localizer localize.Localizer) *factory.Factory {
}
builder.WithAuthURL(cfg.AuthURL)
- if cfg.MasAuthURL == "" {
- cfg.MasAuthURL = build.ProductionMasAuthURL
- }
- builder.WithMASAuthURL(cfg.MasAuthURL)
-
builder.WithConsoleURL(build.ConsoleURL)
builder.WithInsecure(cfg.Insecure)
diff --git a/pkg/shared/hacks/temp.go b/pkg/shared/hacks/temp.go
deleted file mode 100644
index d49992343..000000000
--- a/pkg/shared/hacks/temp.go
+++ /dev/null
@@ -1,69 +0,0 @@
-package hacks
-
-// Temporary hack package
-// Nothing to see here
-
-import (
- "context"
- "encoding/json"
- "fmt"
- "io"
- "net/http"
- "os"
-
- "github.com/redhat-developer/app-services-cli/pkg/core/logging"
- kafkamgmtclient "github.com/redhat-developer/app-services-sdk-go/kafkamgmt/apiv1/client"
-)
-
-// Temporary hack that we use to determine if
-// Our CLI needs to use mas-sso token
-func ShouldUseMasSSO(logger logging.Logger, apiUrl string) bool {
- finalUrl := apiUrl + "/api/kafkas_mgmt/v1/sso_providers"
- externalUrl := os.Getenv("RHOAS_CUSTOM_SSO_PROVIDER_URL")
- if externalUrl != "" {
- finalUrl = externalUrl
- }
-
- req, err := http.NewRequest("GET", finalUrl, nil)
- if err != nil {
- logger.Debug("Error when fetching auth config", err)
- return true
- }
-
- req = req.WithContext(context.Background())
-
- req.Header.Set("Accept", "application/json")
-
- resp, err := http.DefaultClient.Do(req)
- if err != nil {
- logger.Debug("Error when fetching auth config", err)
- return true
- }
-
- defer resp.Body.Close()
-
- b, err := io.ReadAll(resp.Body)
- if err != nil {
- logger.Debug("Error when fetching auth config", err)
- return true
- }
-
- response := string(b)
-
- // defining a struct instance
- var provider *kafkamgmtclient.SsoProvider
-
- responseBytes := []byte(fmt.Sprintf("%v", response))
- err = json.Unmarshal(responseBytes, &provider)
- if err != nil {
- logger.Debug("Error when fetching auth config", err)
- return true
- }
-
- if provider.GetBaseUrl() == "" {
- logger.Debug("Error when fetching auth config", err)
- return true
- }
-
- return provider.GetName() == "mas_sso"
-}
diff --git a/static/img/favicon.ico b/static/img/favicon.ico
deleted file mode 100644
index c1f6359ea..000000000
Binary files a/static/img/favicon.ico and /dev/null differ
diff --git a/static/img/logo.svg b/static/img/logo.svg
deleted file mode 100644
index d2b56aade..000000000
--- a/static/img/logo.svg
+++ /dev/null
@@ -1,26 +0,0 @@
-
-
-
diff --git a/static/static.go b/static/static.go
deleted file mode 100644
index 98ebfad10..000000000
--- a/static/static.go
+++ /dev/null
@@ -1,14 +0,0 @@
-package static
-
-import (
- "embed"
- "io/fs"
-)
-
-//go:embed img/*
-var images embed.FS
-
-// ImagesFS returns the embedded images assets
-func ImagesFS() fs.FS {
- return images
-}
+
+
+
+
%v
%v