mirrors/tailscale
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity

cmd/tailscale: add id-token subcommand

Browse Source 
RELNOTE=Initial support for getting OIDC ID Tokens

Updates tailscale/corp#4347

Signed-off-by: Maisem Ali <maisem@tailscale.com>
This commit is contained in:
Maisem Ali
2022-04-12 11:57:46 -07:00
committed by Maisem Ali
parent 3ae701f0eb
commit c87ed52ad4
4 changed files with 54 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
client/tailscale/tailscale.go
View File

@ -275,6 +275,21 @@ func status(ctx context.Context, queryString string) (*ipnstate.Status, error) {
return st, nil
}
// IDToken is a request to get an OIDC ID token for an audience.
// The token can be presented to any resource provider which offers OIDC
// Federation.
func IDToken(ctx context.Context, aud string) (*tailcfg.TokenResponse, error) {
body, err := get200(ctx, "/localapi/v0/id-token?aud="+url.QueryEscape(aud))
if err != nil {
return nil, err
}
tr := new(tailcfg.TokenResponse)
if err := json.Unmarshal(body, tr); err != nil {
return nil, err
}
return tr, nil
}
func WaitingFiles(ctx context.Context) ([]apitype.WaitingFile, error) {
body, err := get200(ctx, "/localapi/v0/files/")
if err != nil {