Revert "Add independent optional uaa-target flag"

This reverts commit 96f40a3.
pivotal-cf · Apr 17, 2024 · 702bca3 · 702bca3
1 parent 792328a
commit 702bca3
Show file tree

Hide file tree

Showing 8 changed files with 154 additions and 224 deletions.
diff --git a/cmd/init_test.go b/cmd/init_test.go
diff --git a/cmd/loadConfigFile_test.go b/cmd/loadConfigFile_test.go
@@ -1,6 +1,8 @@
 package cmd
 
 import (
+	"testing"
+
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 )
@@ -20,3 +22,8 @@ var _ = Describe("parseOptions", func() {
 
 	})
 })
+
+func TestCmds(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "Cmds")
+}
diff --git a/cmd/main.go b/cmd/main.go
@@ -6,7 +6,6 @@ import (
 	"io"
 	"log"
 	"net/http"
-	"net/url"
 	"os"
 	"regexp"
 	"strings"
@@ -30,17 +29,16 @@ type httpClient interface {
 }
 
 type options struct {
-	CACert               string `yaml:"ca-cert"                          long:"ca-cert"               env:"OM_CA_CERT"                             description:"OpsManager CA certificate path or value"`
+	CACert               string `yaml:"ca-cert" long:"ca-cert" env:"OM_CA_CERT" description:"OpsManager CA certificate path or value"`
 	ClientID             string `yaml:"client-id"             short:"c"  long:"client-id"             env:"OM_CLIENT_ID"                           description:"Client ID for the Ops Manager VM (not required for unauthenticated commands)"`
 	ClientSecret         string `yaml:"client-secret"         short:"s"  long:"client-secret"         env:"OM_CLIENT_SECRET"                       description:"Client Secret for the Ops Manager VM (not required for unauthenticated commands)"`
 	ConnectTimeout       int    `yaml:"connect-timeout"       short:"o"  long:"connect-timeout"       env:"OM_CONNECT_TIMEOUT"     default:"10"    description:"timeout in seconds to make TCP connections"`
-	DecryptionPassphrase string `yaml:"decryption-passphrase" short:"d"  long:"decryption-passphrase" env:"OM_DECRYPTION_PASSPHRASE"               description:"Passphrase to decrypt the installation if the Ops Manager VM has been rebooted (optional for most commands)"`
-	Env                  string `                             short:"e"  long:"env"                                                                description:"env file with login credentials"`
+	DecryptionPassphrase string `yaml:"decryption-passphrase" short:"d"  long:"decryption-passphrase" env:"OM_DECRYPTION_PASSPHRASE"             description:"Passphrase to decrypt the installation if the Ops Manager VM has been rebooted (optional for most commands)"`
+	Env                  string `                             short:"e"  long:"env"                                                              description:"env file with login credentials"`
 	Password             string `yaml:"password"              short:"p"  long:"password"              env:"OM_PASSWORD"                            description:"admin password for the Ops Manager VM (not required for unauthenticated commands)"`
 	RequestTimeout       int    `yaml:"request-timeout"       short:"r"  long:"request-timeout"       env:"OM_REQUEST_TIMEOUT"     default:"1800"  description:"timeout in seconds for HTTP requests to Ops Manager"`
 	SkipSSLValidation    bool   `yaml:"skip-ssl-validation"   short:"k"  long:"skip-ssl-validation"   env:"OM_SKIP_SSL_VALIDATION"                 description:"skip ssl certificate validation during http requests"`
 	Target               string `yaml:"target"                short:"t"  long:"target"                env:"OM_TARGET"                              description:"location of the Ops Manager VM"`
-	UAATarget            string `yaml:"uaa-target"                       long:"uaa-target"            env:"OM_UAA_TARGET"                          description:"location of the Ops Manager VM"`
 	Trace                bool   `yaml:"trace"                            long:"trace"                 env:"OM_TRACE"                               description:"prints HTTP requests and response payloads"`
 	Username             string `yaml:"username"              short:"u"  long:"username"              env:"OM_USERNAME"                            description:"admin username for the Ops Manager VM (not required for unauthenticated commands)"`
 	VarsEnv              string `                                        long:"vars-env"              env:"OM_VARS_ENV"                            description:"load vars from environment variables by specifying a prefix (e.g.: 'MY' to load MY_var=value)"`
@@ -75,18 +73,13 @@ func Main(sout io.Writer, serr io.Writer, version string, applySleepDurationStri
 	requestTimeout := time.Duration(global.RequestTimeout) * time.Second
 	connectTimeout := time.Duration(global.ConnectTimeout) * time.Second
 
-	opsmanURL, uaaURL, err := parseTargetURLs(global.Target, global.UAATarget)
-	if err != nil {
-		return err
-	}
-
 	var unauthenticatedClient, authedClient, unauthenticatedProgressClient, authedProgressClient httpClient
-	unauthenticatedClient, err = network.NewUnauthenticatedClient(opsmanURL, global.SkipSSLValidation, global.CACert, connectTimeout, requestTimeout)
+	unauthenticatedClient, err = network.NewUnauthenticatedClient(global.Target, global.SkipSSLValidation, global.CACert, connectTimeout, requestTimeout)
 	if err != nil {
 		return err
 	}
 
-	authedClient, err = network.NewOAuthClient(uaaURL, opsmanURL, global.Username, global.Password, global.ClientID, global.ClientSecret, global.SkipSSLValidation, global.CACert, connectTimeout, requestTimeout)
+	authedClient, err = network.NewOAuthClient(global.Target, global.Username, global.Password, global.ClientID, global.ClientSecret, global.SkipSSLValidation, global.CACert, connectTimeout, requestTimeout)
 
 	if err != nil {
 		return err
@@ -196,7 +189,7 @@ func Main(sout io.Writer, serr io.Writer, version string, applySleepDurationStri
 		"bosh-env",
 		"prints environment variables for BOSH and Credhub",
 		"This prints environment variables to target the BOSH director and Credhub. You can invoke it directly to see its output, or use it directly with an evaluate-type command:\nOn posix system: eval \"$(om bosh-env)\"\nOn powershell: iex $(om bosh-env | Out-String)",
-		commands.NewBoshEnvironment(api, stdout, opsmanURL.String(), envRendererFactory),
+		commands.NewBoshEnvironment(api, stdout, global.Target, envRendererFactory),
 	)
 	if err != nil {
 		return err
@@ -268,7 +261,7 @@ func Main(sout io.Writer, serr io.Writer, version string, applySleepDurationStri
 		"configure-product",
 		"configures a staged product",
 		"This authenticated command configures a staged product",
-		commands.NewConfigureProduct(os.Environ, api, opsmanURL.String(), stdout),
+		commands.NewConfigureProduct(os.Environ, api, global.Target, stdout),
 	)
 	if err != nil {
 		return err
@@ -724,9 +717,6 @@ func setEnvFileProperties(global *options) error {
 	if global.Target == "" {
 		global.Target = opts.Target
 	}
-	if global.UAATarget == "" {
-		global.UAATarget = opts.UAATarget
-	}
 	if !global.Trace {
 		global.Trace = opts.Trace
 	}
@@ -787,47 +777,3 @@ func checkForVars(opts *options) error {
 
 	return nil
 }
-
-func parseTargetURLs(opsmanTarget, uaaTarget string) (*url.URL, *url.URL, error) {
-	parseURL := func(u string) (*url.URL, error) {
-		// default the target protocol to https if none specified
-		if !strings.Contains(u, "://") {
-			u = "https://" + u
-		}
-
-		targetURL, err := url.Parse(u)
-		if err != nil {
-			return nil, err
-		}
-
-		// at a minimum ensure we have a host with http(s) protocol
-		if targetURL.Scheme != "https" && targetURL.Scheme != "http" {
-			return nil, fmt.Errorf("error parsing target, expected http(s) protocol but got: %s", targetURL.Scheme)
-		}
-		if targetURL.Host == "" {
-			return nil, errors.New("target flag is required, run `om help` for more info")
-		}
-
-		return targetURL, nil
-	}
-
-	opsmanURL, err := parseURL(opsmanTarget)
-	if err != nil {
-		return nil, nil, fmt.Errorf("could not parse Opsman target URL: %w", err)
-	}
-
-	var uaaURL *url.URL
-	if uaaTarget != "" {
-		uaaURL, err = parseURL(uaaTarget)
-		if err != nil {
-			return nil, nil, fmt.Errorf("could not parse UAA target URL: %w", err)
-		}
-	} else {
-		// default to opsman URL with /uaa path (shallow copy)
-		t := *opsmanURL
-		t.Path = "/uaa"
-		uaaURL = &t
-	}
-
-	return opsmanURL, uaaURL, nil
-}
diff --git a/cmd/main_test.go b/cmd/main_test.go
diff --git a/network/oauth_client.go b/network/oauth_client.go
@@ -1,10 +1,10 @@
 package network
 
 import (
-	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
+	"strings"
 	"time"
 
 	"github.com/cloudfoundry-community/go-uaa"
@@ -17,59 +17,63 @@ type OAuthClient struct {
 	clientSecret       string
 	insecureSkipVerify bool
 	password           string
-	target             *url.URL
-	uaaTarget          *url.URL
+	target             string
 	token              *oauth2.Token
 	username           string
 	connectTimeout     time.Duration
 	requestTimeout     time.Duration
 }
 
 func NewOAuthClient(
-	uaaTarget, opsmanTarget *url.URL,
-	username, password string,
+	target, username, password string,
 	clientID, clientSecret string,
 	insecureSkipVerify bool,
 	caCert string,
 	connectTimeout time.Duration,
 	requestTimeout time.Duration,
 ) (*OAuthClient, error) {
-	if uaaTarget == nil {
-		return nil, errors.New("expected a non-nil UAA target")
-	}
-	if opsmanTarget == nil {
-		return nil, errors.New("expected a non-nil target")
-	}
-
 	return &OAuthClient{
 		caCert:             caCert,
 		clientID:           clientID,
 		clientSecret:       clientSecret,
 		insecureSkipVerify: insecureSkipVerify,
 		password:           password,
-		uaaTarget:          uaaTarget,
-		target:             opsmanTarget,
+		target:             target,
 		username:           username,
 		connectTimeout:     connectTimeout,
 		requestTimeout:     requestTimeout,
 	}, nil
 }
 
 func (oc *OAuthClient) Do(request *http.Request) (*http.Response, error) {
-	request.URL.Scheme = oc.target.Scheme
-	request.URL.Host = oc.target.Host
+	token := oc.token
+	target := oc.target
+
+	if !strings.HasPrefix(target, "http://") && !strings.HasPrefix(target, "https://") {
+		target = "https://" + target
+	}
+
+	targetURL, err := url.Parse(target)
+	if err != nil {
+		return nil, fmt.Errorf("could not parse target url: %s", err)
+	}
+
+	targetURL.Path = "/uaa"
+
+	request.URL.Scheme = targetURL.Scheme
+	request.URL.Host = targetURL.Host
 
 	client, err := newHTTPClient(
 		oc.insecureSkipVerify,
 		oc.caCert,
 		oc.requestTimeout,
 		oc.connectTimeout,
 	)
+
 	if err != nil {
 		return nil, err
 	}
 
-	token := oc.token
 	if token != nil && token.Valid() {
 		request.Header.Set(
 			"Authorization",
@@ -102,7 +106,7 @@ func (oc *OAuthClient) Do(request *http.Request) (*http.Response, error) {
 	}
 
 	api, err := uaa.New(
-		oc.uaaTarget.String(),
+		targetURL.String(),
 		authOption,
 		options...,
 	)
@@ -118,11 +122,7 @@ func (oc *OAuthClient) Do(request *http.Request) (*http.Response, error) {
 	}
 
 	if err != nil {
-		if oauthErr, ok := err.(uaa.RequestError); ok {
-			return nil, fmt.Errorf("token could not be retrieved from target: %w: %s",
-				err, string(oauthErr.ErrorResponse))
-		}
-		return nil, fmt.Errorf("token could not be retrieved from target : %w", err)
+		return nil, fmt.Errorf("token could not be retrieved from target url: %w", err)
 	}
 
 	request.Header.Set(