diff options
| author | Stefan Boberg <[email protected]> | 2025-11-11 20:22:09 +0100 |
|---|---|---|
| committer | GitHub Enterprise <[email protected]> | 2025-11-11 20:22:09 +0100 |
| commit | ac363e8c3365f00889d98f2eeab2d8c6b7d548e7 (patch) | |
| tree | 63a22aca8322971114e1fabf83cb14eaa435f11b /src/zen/authutils.cpp | |
| parent | fix missing auth (#644) (diff) | |
| download | archived-zen-ac363e8c3365f00889d98f2eeab2d8c6b7d548e7.tar.xz archived-zen-ac363e8c3365f00889d98f2eeab2d8c6b7d548e7.zip | |
Change curl defaults on MacOS (#645)
* changed curl config to match the default from vcpkg (i.e `CURL_CA_FALLBACK=ON`)
* disables use of Secure Transport for Mac since it's deprecated
* Also worked around an issue (with `CURL_CA_BUNDLE`) where cross compiling curl on Mac would not configure curl in the same way as when compiling natively. This meant builds would not download on ARM macs when the CI build machine architecture was x86. The workaround should be redundant if we upgrade to 8.17 and use Apple SecTrust for cert validation. This should happen soon.
* Also added various verbose logging to facilitate trouble shooting
Diffstat (limited to 'src/zen/authutils.cpp')
| -rw-r--r-- | src/zen/authutils.cpp | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/src/zen/authutils.cpp b/src/zen/authutils.cpp index bc185535b..fdcb8e15d 100644 --- a/src/zen/authutils.cpp +++ b/src/zen/authutils.cpp @@ -147,7 +147,8 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options& Ops, std::string_view HostUrl, std::unique_ptr<AuthMgr>& Auth, bool Quiet, - bool Hidden) + bool Hidden, + bool Verbose) { auto CreateAuthMgr = [&]() { ZEN_ASSERT(!SystemRootDir.empty()); @@ -182,6 +183,14 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options& Ops, { throw OptionParseException(fmt::format("'--encryption-aes-iv' ('{}') is malformed", m_EncryptionIV), Ops.help()); } + if (Verbose) + { + ExtendableStringBuilder<128> SB; + SB << "\n RootDirectory: " << AuthMgrConfig.RootDirectory.string(); + SB << "\n EncryptionKey: " << m_EncryptionKey; + SB << "\n EncryptionIV: " << m_EncryptionIV; + ZEN_CONSOLE("Creating auth manager with:{}", SB.ToString()); + } Auth = AuthMgr::Create(AuthMgrConfig); } }; @@ -190,9 +199,18 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options& Ops, { CreateAuthMgr(); std::string ProviderName = m_OpenIdProviderName.empty() ? "Default" : m_OpenIdProviderName; + if (Verbose) + { + ExtendableStringBuilder<128> SB; + SB << "\n Name: " << ProviderName; + SB << "\n Url: " << m_OpenIdProviderUrl; + SB << "\n ClientId: " << m_OpenIdClientId; + ZEN_CONSOLE("Adding openid auth provider:{}", SB.ToString()); + } Auth->AddOpenIdProvider({.Name = ProviderName, .Url = m_OpenIdProviderUrl, .ClientId = m_OpenIdClientId}); if (!m_OpenIdRefreshToken.empty()) { + ZEN_CONSOLE("Adding open id refresh token {} to provider {}", m_OpenIdRefreshToken, ProviderName); Auth->AddOpenIdToken({.ProviderName = ProviderName, .RefreshToken = m_OpenIdRefreshToken}); } } @@ -207,6 +225,10 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options& Ops, if (!m_AccessToken.empty()) { + if (Verbose) + { + ZEN_CONSOLE("Adding static auth token: {}", m_AccessToken); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(m_AccessToken); } else if (!m_AccessTokenPath.empty()) @@ -215,25 +237,49 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options& Ops, std::string ResolvedAccessToken = ReadAccessTokenFromJsonFile(m_AccessTokenPath); if (!ResolvedAccessToken.empty()) { + if (Verbose) + { + ZEN_CONSOLE("Adding static auth token from {}: {}", m_AccessTokenPath, ResolvedAccessToken); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(ResolvedAccessToken); } } else if (!m_OAuthUrl.empty()) { + if (Verbose) + { + ExtendableStringBuilder<128> SB; + SB << "\n Url: " << m_OAuthUrl; + SB << "\n ClientId: " << m_OAuthClientId; + SB << "\n ClientSecret: " << m_OAuthClientSecret; + ZEN_CONSOLE("Adding oauth provider:{}", SB.ToString()); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromOAuthClientCredentials( {.Url = m_OAuthUrl, .ClientId = m_OAuthClientId, .ClientSecret = m_OAuthClientSecret}); } else if (!m_OpenIdProviderName.empty()) { CreateAuthMgr(); + if (Verbose) + { + ZEN_CONSOLE("Using openid provider: {}", m_OpenIdProviderName); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromOpenIdProvider(*Auth, m_OpenIdProviderName); } else if (std::string ResolvedAccessToken = GetEnvAccessToken(m_AccessTokenEnv); !ResolvedAccessToken.empty()) { + if (Verbose) + { + ZEN_CONSOLE("Using environment variable '{}' as access token '{}'", m_AccessTokenEnv, ResolvedAccessToken); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(ResolvedAccessToken); } else if (std::filesystem::path OidcTokenExePath = FindOidcTokenExePath(m_OidcTokenAuthExecutablePath); !OidcTokenExePath.empty()) { + if (Verbose) + { + ZEN_CONSOLE("Running oidctoken exe from path '{}'", m_OidcTokenAuthExecutablePath); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromOidcTokenExecutable(OidcTokenExePath, HostUrl, Quiet, m_OidcTokenUnattended, Hidden); } @@ -241,6 +287,10 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options& Ops, if (!ClientSettings.AccessTokenProvider) { CreateAuthMgr(); + if (Verbose) + { + ZEN_CONSOLE("Using default openid provider"); + } ClientSettings.AccessTokenProvider = httpclientauth::CreateFromDefaultOpenIdProvider(*Auth); } } |