github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/docs/site-replication/gen-oidc-sts-cred.go

github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/docs/site-replication/gen-oidc-sts-cred.go (about)

     1  //go:build ignore
     2  // +build ignore
     3  
     4  // Copyright (c) 2015-2022 MinIO, Inc.
     5  //
     6  // This file is part of MinIO Object Storage stack
     7  //
     8  // This program is free software: you can redistribute it and/or modify
     9  // it under the terms of the GNU Affero General Public License as published by
    10  // the Free Software Foundation, either version 3 of the License, or
    11  // (at your option) any later version.
    12  //
    13  // This program is distributed in the hope that it will be useful
    14  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    15  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    16  // GNU Affero General Public License for more details.
    17  //
    18  // You should have received a copy of the GNU Affero General Public License
    19  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    20  
    21  package main
    22  
    23  // This programs mocks user interaction against Dex IDP and generates STS
    24  // credentials. It is for MinIO testing purposes only.
    25  //
    26  // Run like:
    27  //
    28  // $ MINIO_ENDPOINT=http://localhost:9000 go run gen-oidc-sts-cred.go
    29  
    30  import (
    31  	"context"
    32  	"fmt"
    33  	"log"
    34  	"net/http"
    35  	"os"
    36  
    37  	cr "github.com/minio/minio-go/v7/pkg/credentials"
    38  	cmd "github.com/minio/minio/cmd"
    39  )
    40  
    41  func main() {
    42  	ctx := context.Background()
    43  
    44  	endpoint := os.Getenv("MINIO_ENDPOINT")
    45  	if endpoint == "" {
    46  		log.Fatalf("Please specify a MinIO server endpoint environment variable like:\n\n\texport MINIO_ENDPOINT=http://localhost:9000")
    47  	}
    48  
    49  	appParams := cmd.OpenIDClientAppParams{
    50  		ClientID:     "minio-client-app",
    51  		ClientSecret: "minio-client-app-secret",
    52  		ProviderURL:  "http://127.0.0.1:5556/dex",
    53  		RedirectURL:  "http://127.0.0.1:10000/oauth_callback",
    54  	}
    55  
    56  	oidcToken, err := cmd.MockOpenIDTestUserInteraction(ctx, appParams, "dillon@example.io", "dillon")
    57  	if err != nil {
    58  		log.Fatalf("Failed to generate OIDC token: %v", err)
    59  	}
    60  
    61  	roleARN := os.Getenv("ROLE_ARN")
    62  	webID := cr.STSWebIdentity{
    63  		Client:      &http.Client{},
    64  		STSEndpoint: endpoint,
    65  		GetWebIDTokenExpiry: func() (*cr.WebIdentityToken, error) {
    66  			return &cr.WebIdentityToken{
    67  				Token: oidcToken,
    68  			}, nil
    69  		},
    70  		RoleARN: roleARN,
    71  	}
    72  
    73  	value, err := webID.Retrieve()
    74  	if err != nil {
    75  		log.Fatalf("Expected to generate credentials: %v", err)
    76  	}
    77  
    78  	// Print credentials separated by colons:
    79  	fmt.Printf("%s:%s:%s\n", value.AccessKeyID, value.SecretAccessKey, value.SessionToken)
    80  }