mindersec · JAORMX · Jul 15, 2024 · Jul 12, 2024 · Jul 13, 2024 · Jul 13, 2024
@@ -17,11 +17,13 @@
 package offline_token
 
 import (
+	"context"
 	"fmt"
 	"os"
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"google.golang.org/grpc"
 
 	"github.com/stacklok/minder/cmd/cli/app/auth"
 	"github.com/stacklok/minder/internal/config"
@@ -40,37 +42,37 @@ Offline tokens are used to authenticate to the minder control plane without
 requiring the user's presence. This is useful for long-running processes
 that need to authenticate to the control plane.`,
 
-	RunE: func(cmd *cobra.Command, _ []string) error {
-		ctx, cancel := cli.GetAppContext(cmd.Context(), viper.GetViper())
-		defer cancel()
+	RunE: cli.GRPCClientWrapRunE(offlineGetCommand),
+}
 
-		clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
-		if err != nil {
-			return fmt.Errorf("error reading config: %w", err)
-		}
+// offlineGetCommand is the offline-token get subcommand
+func offlineGetCommand(ctx context.Context, cmd *cobra.Command, _ []string, _ *grpc.ClientConn) error {
+	clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
+	if err != nil {
+		return fmt.Errorf("error reading config: %w", err)
+	}
 
-		f := viper.GetString("file")
-		skipBrowser := viper.GetBool("offline.get.skip-browser")
+	f := viper.GetString("file")
+	skipBrowser := viper.GetBool("offline.get.skip-browser")
 
-		// No longer print usage on returned error, since we've parsed our inputs
-		// See https://github.com/spf13/cobra/issues/340#issuecomment-374617413
-		cmd.SilenceUsage = true
+	// No longer print usage on returned error, since we've parsed our inputs
+	// See https://github.com/spf13/cobra/issues/340#issuecomment-374617413
+	cmd.SilenceUsage = true
 
-		// wait for the token to be received
-		token, err := auth.Login(ctx, cmd, clientConfig, []string{"offline_access"}, skipBrowser)
-		if err != nil {
-			return err
-		}
+	// wait for the token to be received
+	token, err := auth.Login(ctx, cmd, clientConfig, []string{"offline_access"}, skipBrowser)
+	if err != nil {
+		return err
+	}
 
-		// write the token to the file
-		if err := os.WriteFile(f, []byte(token.RefreshToken), 0600); err != nil {
-			return fmt.Errorf("error writing offline token to file: %w", err)
-		}
+	// write the token to the file
+	if err := os.WriteFile(f, []byte(token.RefreshToken), 0600); err != nil {
+		return fmt.Errorf("error writing offline token to file: %w", err)
+	}
 
-		cmd.Printf("Offline token written to %s\n", f)
+	cmd.Printf("Offline token written to %s\n", f)
 
-		return nil
-	},
+	return nil
 }
 
 func init() {

@@ -17,16 +17,19 @@
 package offline_token
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"path/filepath"
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"google.golang.org/grpc"
 
 	"github.com/stacklok/minder/internal/config"
 	clientconfig "github.com/stacklok/minder/internal/config/client"
 	"github.com/stacklok/minder/internal/util"
+	"github.com/stacklok/minder/internal/util/cli"
 )
 
 // offlineTokenRevokeCmd represents the offline-token use command
@@ -40,48 +43,50 @@ Offline tokens are used to authenticate to the minder control plane without
 requiring the user's presence. This is useful for long-running processes
 that need to authenticate to the control plane.`,
 
-	RunE: func(cmd *cobra.Command, _ []string) error {
-		clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
-		if err != nil {
-			return fmt.Errorf("error reading config: %w", err)
-		}
+	RunE: cli.GRPCClientWrapRunE(offlineRevokeCommand),
+}
 
-		f := viper.GetString("file")
-		tok := viper.GetString("token")
-		if tok == "" {
-			fpath := filepath.Clean(f)
-			tokbytes, err := os.ReadFile(fpath)
-			if err != nil {
-				return fmt.Errorf("error reading file: %w", err)
-			}
+// offlineRevokeCommand is the offline-token revoke subcommand
+func offlineRevokeCommand(_ context.Context, cmd *cobra.Command, _ []string, _ *grpc.ClientConn) error {
+	clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
+	if err != nil {
+		return fmt.Errorf("error reading config: %w", err)
+	}
 
-			tok = string(tokbytes)
+	f := viper.GetString("file")
+	tok := viper.GetString("token")
+	if tok == "" {
+		fpath := filepath.Clean(f)
+		tokbytes, err := os.ReadFile(fpath)
+		if err != nil {
+			return fmt.Errorf("error reading file: %w", err)
 		}
 
-		// No longer print usage on returned error, since we've parsed our inputs
-		// See https://github.com/spf13/cobra/issues/340#issuecomment-374617413
-		cmd.SilenceUsage = true
+		tok = string(tokbytes)
+	}
 
-		issuerUrlStr := clientConfig.Identity.CLI.IssuerUrl
-		clientID := clientConfig.Identity.CLI.ClientId
+	// No longer print usage on returned error, since we've parsed our inputs
+	// See https://github.com/spf13/cobra/issues/340#issuecomment-374617413
+	cmd.SilenceUsage = true
 
-		if err := util.RevokeOfflineToken(tok, issuerUrlStr, clientID); err != nil {
-			return fmt.Errorf("couldn't revoke token: %v", err)
-		}
+	issuerUrlStr := clientConfig.Identity.CLI.IssuerUrl
+	clientID := clientConfig.Identity.CLI.ClientId
+
+	if err := util.RevokeOfflineToken(tok, issuerUrlStr, clientID); err != nil {
+		return fmt.Errorf("couldn't revoke token: %v", err)
+	}
 
-		cmd.Printf("Token revoked\n")
+	cmd.Printf("Token revoked\n")
 
-		return nil
-	},
+	return nil
 }
 
 func init() {
 	offlineTokenCmd.AddCommand(offlineTokenRevokeCmd)
 
 	offlineTokenRevokeCmd.Flags().StringP("file", "f", "offline.token", "The file that contains the offline token")
 	offlineTokenRevokeCmd.Flags().StringP("token", "t", "",
-		"The environment variable to use for the offline token. "+
-			"Also settable through the MINDER_OFFLINE_TOKEN environment variable.")
+		"The offline token to revoke. Also settable through the MINDER_OFFLINE_TOKEN environment variable.")
 
 	offlineTokenRevokeCmd.MarkFlagsMutuallyExclusive("file", "token")
 

@@ -17,16 +17,19 @@
 package offline_token
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"path/filepath"
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"google.golang.org/grpc"
 
 	"github.com/stacklok/minder/internal/config"
 	clientconfig "github.com/stacklok/minder/internal/config/client"
 	"github.com/stacklok/minder/internal/util"
+	"github.com/stacklok/minder/internal/util/cli"
 )
 
 // offlineTokenUseCmd represents the offline-token use command
@@ -39,60 +42,61 @@ for the minder control plane.
 Offline tokens are used to authenticate to the minder control plane without
 requiring the user's presence. This is useful for long-running processes
 that need to authenticate to the control plane.`,
+	RunE: cli.GRPCClientWrapRunE(offlineUseCommand),
+}
+
+// offlineUseCommand is the offline-token use subcommand
+func offlineUseCommand(_ context.Context, cmd *cobra.Command, _ []string, _ *grpc.ClientConn) error {
+	clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
+	if err != nil {
+		return fmt.Errorf("error reading config: %w", err)
+	}
 
-	RunE: func(cmd *cobra.Command, _ []string) error {
-		clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
+	f := viper.GetString("file")
+	tok := viper.GetString("token")
+	if tok == "" {
+		fpath := filepath.Clean(f)
+		tokbytes, err := os.ReadFile(fpath)
 		if err != nil {
-			return fmt.Errorf("error reading config: %w", err)
+			return fmt.Errorf("error reading file: %w", err)
 		}
 
-		f := viper.GetString("file")
-		tok := viper.GetString("token")
-		if tok == "" {
-			fpath := filepath.Clean(f)
-			tokbytes, err := os.ReadFile(fpath)
-			if err != nil {
-				return fmt.Errorf("error reading file: %w", err)
-			}
-
-			tok = string(tokbytes)
-		}
+		tok = string(tokbytes)
+	}
 
-		// No longer print usage on returned error, since we've parsed our inputs
-		// See https://github.com/spf13/cobra/issues/340#issuecomment-374617413
-		cmd.SilenceUsage = true
+	// No longer print usage on returned error, since we've parsed our inputs
+	// See https://github.com/spf13/cobra/issues/340#issuecomment-374617413
+	cmd.SilenceUsage = true
 
-		issuerUrlStr := clientConfig.Identity.CLI.IssuerUrl
-		clientID := clientConfig.Identity.CLI.ClientId
+	issuerUrlStr := clientConfig.Identity.CLI.IssuerUrl
+	clientID := clientConfig.Identity.CLI.ClientId
 
-		creds, err := util.RefreshCredentials(tok, issuerUrlStr, clientID)
-		if err != nil {
-			return fmt.Errorf("couldn't fetch credentials: %v", err)
-		}
+	creds, err := util.RefreshCredentials(tok, issuerUrlStr, clientID)
+	if err != nil {
+		return fmt.Errorf("couldn't fetch credentials: %v", err)
+	}
 
-		// save credentials
-		filePath, err := util.SaveCredentials(util.OpenIdCredentials{
-			AccessToken:          creds.AccessToken,
-			RefreshToken:         creds.RefreshToken,
-			AccessTokenExpiresAt: creds.AccessTokenExpiresAt,
-		})
-		if err != nil {
-			cmd.PrintErrf("couldn't save credentials: %s\n", err)
-		}
+	// save credentials
+	filePath, err := util.SaveCredentials(util.OpenIdCredentials{
+		AccessToken:          creds.AccessToken,
+		RefreshToken:         creds.RefreshToken,
+		AccessTokenExpiresAt: creds.AccessTokenExpiresAt,
+	})
+	if err != nil {
+		cmd.PrintErrf("couldn't save credentials: %s\n", err)
+	}
 
-		cmd.Printf("Your access credentials have been saved to %s\n", filePath)
+	cmd.Printf("Your access credentials have been saved to %s\n", filePath)
 
-		return nil
-	},
+	return nil
 }
 
 func init() {
 	offlineTokenCmd.AddCommand(offlineTokenUseCmd)
 
 	offlineTokenUseCmd.Flags().StringP("file", "f", "offline.token", "The file that contains the offline token")
 	offlineTokenUseCmd.Flags().StringP("token", "t", "",
-		"The environment variable to use for the offline token. "+
-			"Also settable through the MINDER_OFFLINE_TOKEN environment variable.")
+		"The offline token to use. Also settable through the MINDER_OFFLINE_TOKEN environment variable.")
 
 	offlineTokenUseCmd.MarkFlagsMutuallyExclusive("file", "token")