Skip to content

Commit

Permalink
[flex-oidc] Simplify ID token retrieval using gitpod CLI (#20651)
Browse files Browse the repository at this point in the history
  • Loading branch information
@iQQBot
iQQBot authored Mar 7, 2025
1 parent 67b26eb commit dc6a1e1
Showing 1 changed file with 7 additions and 46 deletions.
53 changes: 7 additions & 46 deletions dev/flex-oidc/oidc.js
View file
Original file line number Diff line number Diff line change
@@ -1,53 +1,14 @@
const fs = require("fs");
const http2 = require("http2");
const { execSync } = require("child_process");

const getIDToken = async () => {
return new Promise((resolve, reject) => {
try {
const configPath = "/usr/local/gitpod/config/initial-spec.json";
const config = JSON.parse(fs.readFileSync(configPath, "utf8"));

const controlPlaneApiEndpoint = config.controlPlaneApiEndpoint;
const environmentToken = config.environmentToken;

const url = new URL(controlPlaneApiEndpoint);
const client = http2.connect(url.origin);

const req = client.request({
":method": "POST",
"content-type": "application/json",
authorization: `Bearer ${environmentToken}`,
":path": `${url.pathname}/gitpod.v1.IdentityService/GetIDToken`,
});

let responseData = "";

req.on("data", (chunk) => {
responseData += chunk;
});

req.on("end", () => {
try {
const result = JSON.parse(responseData);
const token = result.token;
resolve(token);
} catch (error) {
reject(new Error("Error parsing response: " + error.message));
} finally {
client.close();
}
});

req.on("error", (error) => {
reject(new Error(error.message));
client.close();
});

req.end(
JSON.stringify({
audience: ["accounts.google.com"],
}),
);
try {
const token = execSync("gitpod idp token --audience accounts.google.com", { encoding: "utf8" }).trim();
resolve(token);
} catch (error) {
reject(new Error("Error getting token: " + error.message));
}
} catch (e) {
reject(new Error(e.message));
}
Expand Down

0 comments on commit dc6a1e1

Please sign in to comment.