From 24bc7d2669e0d68ba3f0ca05b298c94fb9f86fe4 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Thu, 16 May 2024 07:13:36 -0400 Subject: [PATCH] refactor: change name of --insecure flag to --tls-no-verify --- cmd/dev.go | 6 +++--- cmd/root.go | 6 +++--- docs/man/_index.md | 4 ++-- pkg/handlers/sdk.go | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/cmd/dev.go b/cmd/dev.go index 4431aac9..f659a142 100644 --- a/cmd/dev.go +++ b/cmd/dev.go @@ -158,16 +158,16 @@ func readBytesFromFile(filePath string) []byte { // instantiates a new handler with authentication via client credentials func NewHandler(cmd *cobra.Command) handlers.Handler { platformEndpoint := cmd.Flag("host").Value.String() - insecure, err := cmd.Flags().GetBool("insecure") + tlsNoVerify, err := cmd.Flags().GetBool("tls-no-verify") if err != nil { - cli.ExitWithError("Failed to get insecure flag", err) + cli.ExitWithError("Failed to get tls-no-verify flag", err) } // load client credentials from file, JSON, or OS keyring creds, err := handlers.GetClientCreds(clientCredsFile, []byte(clientCredsJSON)) if err != nil { cli.ExitWithError("Failed to get client credentials", err) } - h, err := handlers.New(platformEndpoint, creds.ClientID, creds.ClientSecret, insecure) + h, err := handlers.New(platformEndpoint, creds.ClientID, creds.ClientSecret, tlsNoVerify) if err != nil { if errors.Is(err, handlers.ErrUnauthenticated) { cli.ExitWithError(fmt.Sprintf("Not logged in. Please authenticate via CLI auth flow(s) before using command (%s %s)", cmd.Parent().Use, cmd.Use), err) diff --git a/cmd/root.go b/cmd/root.go index 8446a958..a40b8da5 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -35,9 +35,9 @@ func init() { doc.GetDocFlag("host").Description, ) RootCmd.PersistentFlags().Bool( - doc.GetDocFlag("insecure").Name, - doc.GetDocFlag("insecure").DefaultAsBool(), - doc.GetDocFlag("insecure").Description, + doc.GetDocFlag("tls-no-verify").Name, + doc.GetDocFlag("tls-no-verify").DefaultAsBool(), + doc.GetDocFlag("tls-no-verify").Description, ) RootCmd.PersistentFlags().String( doc.GetDocFlag("log-level").Name, diff --git a/docs/man/_index.md b/docs/man/_index.md index 8d0c972a..30f3e71d 100644 --- a/docs/man/_index.md +++ b/docs/man/_index.md @@ -8,8 +8,8 @@ command: - name: host description: host:port of the OpenTDF Platform gRPC server default: localhost:8080 - - name: insecure - description: use insecure connection + - name: tls-no-verify + description: disable verification of the server's TLS certificate default: false - name: log-level description: log level diff --git a/pkg/handlers/sdk.go b/pkg/handlers/sdk.go index 16f2caff..1be48425 100644 --- a/pkg/handlers/sdk.go +++ b/pkg/handlers/sdk.go @@ -23,7 +23,7 @@ type Handler struct { } // Creates a new handler wrapping the SDK, which is authenticated through the cached client-credentials flow tokens -func New(platformEndpoint, clientID, clientSecret string, insecure bool) (Handler, error) { +func New(platformEndpoint, clientID, clientSecret string, tlsNoVerify bool) (Handler, error) { scopes := []string{"email"} opts := []sdk.Option{ @@ -49,12 +49,12 @@ func New(platformEndpoint, clientID, clientSecret string, insecure bool) (Handle if platformURL.Port() == "" { platformURL.Host += ":443" } + if tlsNoVerify { + opts = append(opts, sdk.WithInsecureSkipVerifyConn()) + } default: return Handler{}, errors.New("invalid scheme") } - if insecure { - opts = append(opts, sdk.WithInsecureSkipVerifyConn()) - } sdk, err := sdk.New(platformURL.Host, opts...) if err != nil {