Client Login via device authorization flow (#309)

UI and CLI Clients are now able to use SSO login by default we will check if the management has configured or supports SSO providers daemon will handle fetching and waiting for an access token Oauth package was moved to internal to avoid one extra package at this stage Secrets were removed from OAuth CLI clients have less and better output 2 new status were introduced, NeedsLogin and FailedLogin for better messaging With NeedsLogin we no longer have endless login attempts
2026-04-18 08:16:39 +00:00 · 2022-05-12 11:17:24 +02:00
parent 49cca57565
commit e5c52efb4c
26 changed files with 925 additions and 427 deletions
--- a/management/server/config.go
+++ b/management/server/config.go
@@ -89,8 +89,6 @@ type ProviderConfig struct {
 // validateURL validates input http url
 func validateURL(httpURL string) bool {
 	_, err := url.ParseRequestURI(httpURL)
-	if err != nil {
-		return false
-	}
-	return true
+
+	return err == nil
 }
--- a/management/server/grpcserver.go
+++ b/management/server/grpcserver.go
@@ -203,6 +203,9 @@ func (s *Server) registerPeer(peerKey wgtypes.Key, req *proto.LoginRequest) (*Pe
 		},
 	})
 	if err != nil {
+		if s, ok := status.FromError(err); ok && s.Code() == codes.FailedPrecondition {
+			return nil, err
+		}
 		return nil, status.Errorf(codes.NotFound, "provided setup key doesn't exists")
 	}

--- a/management/server/peer.go
+++ b/management/server/peer.go
@@ -262,7 +262,7 @@ func (am *DefaultAccountManager) AddPeer(setupKey string, userID string, peer *P
 		}

 		if !sk.IsValid() {
-			return nil, status.Errorf(codes.FailedPrecondition, "unable to register peer, setup key was expired or overused %s", upperKey)
+			return nil, status.Errorf(codes.FailedPrecondition, "unable to register peer, its setup key is invalid (expired, overused or revoked)")
 		}

 	} else if len(userID) != 0 {