mirror of
https://github.com/cloudflare/cloudflared.git
synced 2025-06-16 06:06:34 +00:00
b89c092c1b
cloudflared tail will now fetch the management token from by making a request to the Cloudflare API using the cert.pem (acquired from cloudflared login). Refactored some of the credentials code into it's own package as to allow for easier use between subcommands outside of `cloudflared tunnel`.
85 lines
2.1 KiB
Go
85 lines
2.1 KiB
Go
package tunnel
|
|
|
|
import (
|
|
"fmt"
|
|
"path/filepath"
|
|
|
|
"github.com/cloudflare/cloudflared/config"
|
|
"github.com/cloudflare/cloudflared/credentials"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/rs/zerolog"
|
|
"github.com/urfave/cli/v2"
|
|
)
|
|
|
|
// CredFinder can find the tunnel credentials file.
|
|
type CredFinder interface {
|
|
Path() (string, error)
|
|
}
|
|
|
|
// Implements CredFinder and looks for the credentials file at the given
|
|
// filepath.
|
|
type staticPath struct {
|
|
filePath string
|
|
fs fileSystem
|
|
}
|
|
|
|
func newStaticPath(filePath string, fs fileSystem) CredFinder {
|
|
return staticPath{
|
|
filePath: filePath,
|
|
fs: fs,
|
|
}
|
|
}
|
|
|
|
func (a staticPath) Path() (string, error) {
|
|
if a.filePath != "" && a.fs.validFilePath(a.filePath) {
|
|
return a.filePath, nil
|
|
}
|
|
return "", fmt.Errorf("Tunnel credentials file '%s' doesn't exist or is not a file", a.filePath)
|
|
}
|
|
|
|
// Implements CredFinder and looks for the credentials file in several directories
|
|
// searching for a file named <id>.json
|
|
type searchByID struct {
|
|
id uuid.UUID
|
|
c *cli.Context
|
|
log *zerolog.Logger
|
|
fs fileSystem
|
|
}
|
|
|
|
func newSearchByID(id uuid.UUID, c *cli.Context, log *zerolog.Logger, fs fileSystem) CredFinder {
|
|
return searchByID{
|
|
id: id,
|
|
c: c,
|
|
log: log,
|
|
fs: fs,
|
|
}
|
|
}
|
|
|
|
func (s searchByID) Path() (string, error) {
|
|
originCertPath := s.c.String(credentials.OriginCertFlag)
|
|
originCertLog := s.log.With().
|
|
Str("originCertPath", originCertPath).
|
|
Logger()
|
|
|
|
// Fallback to look for tunnel credentials in the origin cert directory
|
|
if originCertPath, err := credentials.FindOriginCert(originCertPath, &originCertLog); err == nil {
|
|
originCertDir := filepath.Dir(originCertPath)
|
|
if filePath, err := tunnelFilePath(s.id, originCertDir); err == nil {
|
|
if s.fs.validFilePath(filePath) {
|
|
return filePath, nil
|
|
}
|
|
}
|
|
}
|
|
|
|
// Last resort look under default config directories
|
|
for _, configDir := range config.DefaultConfigSearchDirectories() {
|
|
if filePath, err := tunnelFilePath(s.id, configDir); err == nil {
|
|
if s.fs.validFilePath(filePath) {
|
|
return filePath, nil
|
|
}
|
|
}
|
|
}
|
|
return "", fmt.Errorf("tunnel credentials file not found")
|
|
}
|