cmd/tailscale: add id-token subcommand

RELNOTE=Initial support for getting OIDC ID Tokens Updates tailscale/corp#4347 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-12 11:57:46 -07:00
parent 3ae701f0eb
commit c87ed52ad4
4 changed files with 54 additions and 5 deletions
--- a/ipn/localapi/localapi.go
+++ b/ipn/localapi/localapi.go
@ -25,7 +25,6 @@ import (

 	"inet.af/netaddr"
 	"tailscale.com/client/tailscale/apitype"
-	"tailscale.com/envknob"
 	"tailscale.com/ipn"
 	"tailscale.com/ipn/ipnlocal"
 	"tailscale.com/ipn/ipnstate"
@ -145,10 +144,6 @@ func (h *Handler) serveIDToken(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "id-token access denied", http.StatusForbidden)
 		return
 	}
-	if !envknob.UseWIPCode() {
-		http.Error(w, "id-token access denied", http.StatusServiceUnavailable)
-		return
-	}
 	nm := h.b.NetMap()
 	if nm == nil {
 		http.Error(w, "no netmap", http.StatusServiceUnavailable)