From c636e56d8beeb0b7e26be764bf21f6eeb1d56fb5 Mon Sep 17 00:00:00 2001 From: Mathias Gibbens Date: Wed, 6 Nov 2024 08:51:25 -0700 Subject: [PATCH] client: Add a GetOIDCTokens() method This adds a helper method to fetch the OIDC tokens (if any) from the OIDC client used to authenticate to an Incus server. In the vast majority of cases, the tokens are automatically saved/restored from the remote's configuration. However, when operating without a configuration file, such as a standalone tool, there's no way to save the tokens for later use. This results in an authentication prompt every time a new connection is established rather than being able to re-use a previously acquired token. Signed-off-by: Mathias Gibbens --- client/incus_oidc.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/client/incus_oidc.go b/client/incus_oidc.go index 10330b860e2..c957c9b7c0f 100644 --- a/client/incus_oidc.go +++ b/client/incus_oidc.go @@ -36,6 +36,17 @@ func (r *ProtocolIncus) setupOIDCClient(token *oidc.Tokens[*oidc.IDTokenClaims]) r.oidcClient.httpClient = r.http } +// GetOIDCTokens returns the current OIDC tokens (if any) from the OIDC client. +// +// This should only be used by internal Incus tools when it's not possible to get the tokens from a Config struct. +func (r *ProtocolIncus) GetOIDCTokens() *oidc.Tokens[*oidc.IDTokenClaims] { + if r.oidcClient == nil { + return nil + } + + return r.oidcClient.tokens +} + // Custom transport that modifies requests to inject the audience field. type oidcTransport struct { deviceAuthorizationEndpoint string