Versions Compared

Old Version 172

changes.mady.by.user Sonia Sangari

Saved on

compared with

New Version 173

changes.mady.by.user Kevin Timoney

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languageperl
titlego
package main

import (
        "context"
        "crypto/tls"
        "crypto/x509"
        "fmt"
        "io/ioutil"
        "net"
        "net/http"
        "net/url"
        "os/exec"
        "strings"
        "time"
)

func main() {
        caCert, _ := ioutil.ReadFile("/mnt/c/Users/ktimoney/keycloak-certs/rootCA.crt")
        caCertPool := x509.NewCertPool()
        caCertPool.AppendCertsFromPEM(caCert)

        cert, _ := tls.LoadX509KeyPair("/mnt/c/Users/ktimoney/keycloak-certs/client.crt",
                                       "/mnt/c/Users/ktimoney/keycloak-certs/client.key")

        dialer := &net.Dialer{
                Timeout:   30 * time.Second,
                KeepAlive: 30 * time.Second,
                DualStack: true,
        }

        keycloakAlias := "keycloak.est.tech"
        cmd := exec.Command("minikube", "ip")
        stdout, err := cmd.Output()
        ingressHost := strings.TrimSpace(string(stdout))
        cmd = exec.Command("kubectl", "-n", "default", "get", "service", "istio-ingressgateway", "-n", "istio-system",
                           "-o", "jsonpath={.spec.ports[?(@.name==\"https\")].nodePort}")
        stdout, err = cmd.Output()
        secureIngressPort := strings.TrimSpace(string(stdout))
        fmt.Println("secureIngressPort = " + secureIngressPort)

        client := &http.Client{
                Transport: &http.Transport{
                        DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
                                fmt.Println("address original =", addr)
                                if addr == keycloakAlias+":"+secureIngressPort {
                                        addr = ingressHost + ":" + secureIngressPort
                                        fmt.Println("address modified =", addr)
                                }
                                return dialer.DialContext(ctx, network, addr)
                        },
                        TLSClientConfig: &tls.Config{
                                RootCAs:      caCertPool,
                                Certificates: []tls.Certificate{cert},
                        },
                },
        }

        realmName := "x509provider"
        keycloakUrl := "https://" + keycloakAlias + ":" + secureIngressPort + "/auth/realms/" +
                        realmName + "/protocol/openid-connect/token"

        clientId := "x509provider-cli"
        clientId = "myclient"
        scope := "email openid"
        resp, err := client.PostForm(keycloakUrl,
                url.Values{"grant_type": {"password"}, "client_id": {clientId}, "scope": {scope}})
        if err != nil {
                panic(err)
        }
        defer resp.Body.Close()

        fmt.Println("response Status:", resp.Status)
        fmt.Println("response Headers:", resp.Header)
        body, _ := ioutil.ReadAll(resp.Body)
        fmt.Println("response Body:", string(body))
}

...