9

I want to use the go-cfclient library to connect to Cloud Foundry and check for application services etc.

I was able to connect with Java/Node/Go while using my user password explicit in the code.

Now I want to simulate a scenario using a token, i.e. instead of using my password, use my user token to simulate the connection.

How can I achieve this kind of simulation?

Preferred in go-cfclient or Node.

Update

I need an E2E real-life example with a CF token where the user uses some sample UI and maybe provides some credentials the first time, but all subsequent requests should work with the CF token only.

I need this example in Golang.

jlucktay
  • 390
  • 1
  • 7
  • 23
  • What sort of "token scenario"? For cli based apps, you're typically going to do what you've done already and require the user to enter their credentials or you're going to use client credentials (which is like a service account). The only other option would be to require someone to enter an existing bearer token, but that's not a good user experience. For web based apps, you're going to want to use standard oauth2 authorization flow. Your client of choice might help you implement these scenarios, but ultimately it's pick a oauth2 flow: https://auth0.com/docs/api-auth/which-oauth-flow-to-use – Daniel Mikusa Aug 22 '18 at 15:29
  • 1
    @DanielMikusa - Thanks! , not really sure how can I test it E2E with CF golnag client and with client that path the oauth2 token, it will be great if you can provide example –  Aug 23 '18 at 10:35
  • @DanielMikusa - I put a bounty please have a look and see if you can assist, thanks in advance! –  Sep 08 '18 at 12:53

2 Answers2

2

You can find a typical OAuth2 token handling sequence for CF from the link below. For using this token for the other API call, you can also refer to other test cases.

https://github.com/cloudfoundry-community/go-cfclient/blob/a0a191bdc19a7a7189c050444aeaf20d2a125875/client_test.go#L117

Anyway, it is an OAuth2 token which is expired after its expiration period. You cannot avoid login with user/pass if you do not refresh it within the expiration period.

UPDATED

You already said you can log in with username and password, so what you need to do is simply get token with API call for it. something like:

c := &Config{
    ApiAddress: myApiAddress,
    Username:   "foo",
    Password:   "bar",
}

client, err1 := NewClient(c)
if err1 != nil {
    // error handling for connection failure
}
// you already reach here. right?

token, err2 := client.GetToken()
if err2 != nil {
    // error handling for token retreive failure
}

// just do what you want with token

you can find what is happening under the hood by checking the source: https://github.com/cloudfoundry-community/go-cfclient/blob/a0a191bdc19a7a7189c050444aeaf20d2a125875/client.go#L375

for more information, jsut try to print out the client structure:

fmt.Printf("client: %v\n", client)

then I guess you can found more information.

sio4
  • 413
  • 1
  • 5
  • 15
  • Thanks! ,Can you please provide the full solution (the code) how can I receive it and pass it to the `cf client` ? –  Sep 12 '18 at 09:47
  • please Dont worry about the refresh , even for the first time connection with token this is suffienct for me –  Sep 12 '18 at 09:51
  • it will be great if you can provide all your code, I want to test it on my end –  Sep 13 '18 at 11:19
0

I would always prefer writing a Wrapper-Script using Powershell or in Bash scripting Language

Your CF-CLI leaves all the login information under ~\.cf\config.json and reading this using script language is very easy and not demands high programming effort.

In my case, I used this to switch between different foundations. My Powershell script would execute with this command ./cfwrapper switch

Function SwitchFoundation () {

    Write-Host 'Which Foundation You would like to Switch ??'`n
    $foundationNumber = FoundationPrompt
    $foundationIndex = $foundationNumber-1
    $foundations = $foundationsJsonSettings
    $foundation = $foundations[$foundationIndex]


    if ($foundation -ne $null) {
        if (Test-Path $configPath$foundationNumber) {
            Write-Host 'You are now getting Switched to another Foundation. Please wait for a moment'`n
            CopyConfig ($foundationNumber) ('reverse')
            cf target
        }else {
            Write-Host 'Your login to this Foundation is not found. Kindly do a Fresh login below'`n
            CFLoginSSOCommand ($foundationNumber) ($foundation.api_url)
        }

    } else {
        Write-Host 'Foundation Number is wrong. Please retry..'
    }


}

Function CFLoginSSOCommand ($foundationNumber,$apiUrl) {
    Write-Host 'Logout command will be executed blankly to flush out all your current Logins'
    cf logout
    cf login --sso -a $apiUrl
    CopyConfig($foundationNumber)


}

Function CopyConfig($foundationNumber, $flag) {
    Write-Host 'Copying Config Path'
    if ($flag -eq 'reverse') {
        Copy-Item -Path $configPath$foundationNumber -Destination $configPath
    }else {
        Copy-Item -Path $configPath -Destination $configPath$foundationNumber
    }

}

In short, CF-CLI has got all the necessary commands.. All that we require is to write a simple wrapper around it .

Arun
  • 3,440
  • 11
  • 60
  • 108