AUTH-3394: Creates a token per app instead of per path - with fix for

free tunnels
2025-07-27 15:49:58 +00:00 · 2021-03-10 15:52:35 -06:00
parent 25cfbec072
commit 841344f1e7
8 changed files with 130 additions and 83 deletions
--- a/sshgen/sshgen.go
+++ b/sshgen/sshgen.go
@@ -12,7 +12,6 @@ import (
 	"io"
 	"io/ioutil"
 	"net/http"
-	"net/url"
 	"time"

 	"github.com/coreos/go-oidc/jose"
@@ -52,8 +51,8 @@ type errorResponse struct {
 var mockRequest func(url, contentType string, body io.Reader) (*http.Response, error) = nil

 // GenerateShortLivedCertificate generates and stores a keypair for short lived certs
-func GenerateShortLivedCertificate(appURL *url.URL, token string) error {
-	fullName, err := cfpath.GenerateAppTokenFilePathFromURL(appURL, keyName)
+func GenerateShortLivedCertificate(appInfo *cfpath.AppInfo, token string) error {
+	fullName, err := cfpath.GenerateAppTokenFilePathFromURL(appInfo.AppDomain, appInfo.AppAUD, keyName)
 	if err != nil {
 		return err
 	}
--- a/sshgen/sshgen_test.go
+++ b/sshgen/sshgen_test.go
@@ -9,7 +9,6 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
-	"net/url"
 	"os"
 	"testing"
 	"time"
@@ -33,10 +32,10 @@ type signingArguments struct {
 }

 func TestCertGenSuccess(t *testing.T) {
-	url, _ := url.Parse("https://cf-test-access.com/testpath")
+	appInfo := &cfpath.AppInfo{AppAUD: "abcd1234", AppDomain: "mySite.com"}
 	token := tokenGenerator()

-	fullName, err := cfpath.GenerateAppTokenFilePathFromURL(url, keyName)
+	fullName, err := cfpath.GenerateAppTokenFilePathFromURL(appInfo.AppDomain, appInfo.AppAUD, keyName)
 	assert.NoError(t, err)

 	pubKeyName := fullName + ".pub"
@@ -66,7 +65,7 @@ func TestCertGenSuccess(t *testing.T) {
 		return w.Result(), nil
 	}

-	err = GenerateShortLivedCertificate(url, token)
+	err = GenerateShortLivedCertificate(appInfo, token)
 	assert.NoError(t, err)

 	exist, err := config.FileExists(fullName)