From 2bb2ccc19e3be57a61be3fdd17cb4d2993d52160 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Thu, 28 Sep 2023 19:27:38 -0700 Subject: [PATCH] patch crypto in create service token in cli --- cli/packages/cmd/tokens.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/cli/packages/cmd/tokens.go b/cli/packages/cmd/tokens.go index fecd0b0553..e2851f88f4 100644 --- a/cli/packages/cmd/tokens.go +++ b/cli/packages/cmd/tokens.go @@ -74,6 +74,11 @@ var tokensCreateCmd = &cobra.Command{ util.HandleError(err, "Unable to parse flag") } + expireSeconds, err := cmd.Flags().GetInt("expiry-seconds") + if err != nil { + util.HandleError(err, "Unable to parse flag") + } + scopes, err := cmd.Flags().GetStringSlice("scope") if err != nil { util.HandleError(err, "Unable to parse flag") @@ -125,7 +130,7 @@ var tokensCreateCmd = &cobra.Command{ newWorkspaceEncryptionKeyHexFormat := hex.EncodeToString(newWorkspaceEncryptionKey) // encrypt the workspace key symmetrically - encryptedDetails, err := crypto.EncryptSymmetric(workspaceKey, newWorkspaceEncryptionKey) + encryptedDetails, err := crypto.EncryptSymmetric(workspaceKey, []byte(newWorkspaceEncryptionKeyHexFormat)) if err != nil { util.HandleError(err) } @@ -139,8 +144,8 @@ var tokensCreateCmd = &cobra.Command{ Name: serviceTokenName, WorkspaceId: workspaceId, Scopes: permissions, - ExpiresIn: 0, - EncryptedKey: string(workspaceKey), + ExpiresIn: expireSeconds, + EncryptedKey: base64.StdEncoding.EncodeToString(encryptedDetails.CipherText), Iv: base64.StdEncoding.EncodeToString(encryptedDetails.Nonce), Tag: base64.StdEncoding.EncodeToString(encryptedDetails.AuthTag), RandomBytes: newWorkspaceEncryptionKeyHexFormat, @@ -177,6 +182,7 @@ func init() { tokensCreateCmd.Flags().StringP("name", "n", "Service token generated via CLI", "Service token name") tokensCreateCmd.Flags().StringSliceP("access-level", "a", []string{}, "The type of access the service token should have. Can be 'read' and or 'write'") tokensCreateCmd.Flags().Bool("token-only", false, "When true, only the service token will be printed") + tokensCreateCmd.Flags().IntP("expiry-seconds", "e", 86400, "Set the service token's expiration time in seconds from now. To never expire set to zero. Default: 1 day ") tokensCmd.AddCommand(tokensCreateCmd)