diff --git a/pkg/auth/common/login_handler.go b/pkg/auth/common/login_handler.go index 96958b342..e6d55e24d 100644 --- a/pkg/auth/common/login_handler.go +++ b/pkg/auth/common/login_handler.go @@ -113,14 +113,6 @@ func WithOrgID(orgID string) LoginOption { } } -// WithClientID causes the login with given ClientID. -func WithClientID(clientID string) LoginOption { - return func(h *TanzuLoginHandler) error { - h.clientID = clientID - return nil - } -} - // WithCertInfo customizes cert verification information func WithCertInfo(tlsSkipVerify bool, caCertData string) LoginOption { return func(h *TanzuLoginHandler) error { diff --git a/pkg/auth/common/token.go b/pkg/auth/common/token.go index b3960f97e..1c642a602 100644 --- a/pkg/auth/common/token.go +++ b/pkg/auth/common/token.go @@ -14,14 +14,14 @@ import ( "github.com/vmware-tanzu/tanzu-plugin-runtime/config" "github.com/vmware-tanzu/tanzu-plugin-runtime/config/types" "github.com/vmware-tanzu/tanzu-plugin-runtime/log" + + timeutils "github.com/vmware-tanzu/tanzu-cli/pkg/utils/time" ) const ( extraIDToken = "id_token" ) -var currentTime = time.Now - const ( APITokenType = "api-token" IDTokenType = "id-token" @@ -99,7 +99,7 @@ func GetToken(g *types.GlobalServerAuth, tokenGetter func(refreshOrAPIToken, acc g.RefreshToken = token.RefreshToken g.AccessToken = token.AccessToken g.IDToken = token.IDToken - expiration := currentTime().Local().Add(time.Duration(token.ExpiresIn) * time.Second) + expiration := timeutils.Now().Local().Add(time.Duration(token.ExpiresIn) * time.Second) g.Expiration = expiration g.Permissions = claims.Permissions @@ -173,7 +173,7 @@ func ParseToken(tkn *oauth2.Token, idpType config.IdpType) (*Claims, error) { func IsExpired(tokenExpiry time.Time) bool { // refresh at half token life two := 2 - now := currentTime().Unix() + now := timeutils.Now().Unix() halfDur := -time.Duration((tokenExpiry.Unix()-now)/int64(two)) * time.Second return tokenExpiry.Add(halfDur).Unix() < now } diff --git a/pkg/auth/common/token_test.go b/pkg/auth/common/token_test.go index ee4674e22..f2b51fb87 100644 --- a/pkg/auth/common/token_test.go +++ b/pkg/auth/common/token_test.go @@ -15,6 +15,7 @@ import ( "github.com/stretchr/testify/assert" "golang.org/x/oauth2" + timeutils "github.com/vmware-tanzu/tanzu-cli/pkg/utils/time" "github.com/vmware-tanzu/tanzu-plugin-runtime/config" configtypes "github.com/vmware-tanzu/tanzu-plugin-runtime/config/types" ) @@ -190,7 +191,7 @@ func TestGetToken_Valid_NotExpired(t *testing.T) { func TestGetToken_Expired(t *testing.T) { var theOneNow = time.Now() // override currentTime to always returns same value - currentTime = func() time.Time { + timeutils.Now = func() time.Time { return theOneNow } @@ -200,7 +201,7 @@ func TestGetToken_Expired(t *testing.T) { `{"sub":"1234567890","username":"joe","context_name":"1516239022"}`, ) - expireTime := currentTime().Add(-time.Minute * 30) + expireTime := timeutils.Now().Add(-time.Minute * 30) serverAuth := configtypes.GlobalServerAuth{ Issuer: "https://oidc.example.com", @@ -213,7 +214,7 @@ func TestGetToken_Expired(t *testing.T) { } newRefreshToken := "LetMeInAgain" - newExpiryTime := currentTime().Local().Add(time.Minute * 30) + newExpiryTime := timeutils.Now().Local().Add(time.Minute * 30) newExpiry := int64(30 * 60) tokenGetter := createMockTokenGetter(newRefreshToken, newExpiry) diff --git a/pkg/command/apitoken.go b/pkg/command/apitoken.go index 26ea4d211..48e5b0e6d 100644 --- a/pkg/command/apitoken.go +++ b/pkg/command/apitoken.go @@ -76,7 +76,7 @@ func createAPIToken(cmd *cobra.Command, _ []string) (err error) { // Also specify the client ID to use for token generation loginOptions := []commonauth.LoginOption{ commonauth.WithListenerPortFromEnv(constants.TanzuCLIOAuthLocalListenerPort), - commonauth.WithClientID(uaa.TanzuCLIClientIDExtended), + commonauth.WithClientID(uaa.GetAlternateClientID()), } token, err = uaa.TanzuLogin(c.GlobalOpts.Auth.Issuer, loginOptions...)