Support Platform Access Token

general/envsetup/envsetup.go

@@ -27,10 +27,9 @@ import (
 type OutputFormat string
 
 const (
-	myJfrogEndPoint      = "https://myjfrog-api.jfrog.com/api/v1/activation/cloud/cli/getStatus/"
-	syncSleepInterval    = 5 * time.Second  // 5 seconds
-	maxWaitMinutes       = 30 * time.Minute // 30 minutes
-	nonExpiredTokenValue = 0                // Access Tokens with 0 expiration value are actually generated by Access with 1 year expiration.
+	myJfrogEndPoint   = "https://myjfrog-api.jfrog.com/api/v1/activation/cloud/cli/getStatus/"
+	syncSleepInterval = 5 * time.Second  // 5 seconds
+	maxWaitMinutes    = 30 * time.Minute // 30 minutes
 
 	// OutputFormat values
 	Human   OutputFormat = "human"
@@ -267,7 +266,8 @@ func GenerateNewLongTermRefreshableAccessToken(server *config.ServerDetails) (er
 
 func createLongExpirationRefreshableTokenParams() *services.CreateTokenParams {
 	params := services.CreateTokenParams{}
-	params.ExpiresIn = nonExpiredTokenValue
+	// Using the platform's default expiration (1 year by default).
+	params.ExpiresIn = nil
 	params.Refreshable = &trueValue
 	params.Audience = "*@*"
 	return &params

general/token/accesstokencreate.go

@@ -0,0 +1,150 @@
+package generic
+
+import (
+	"encoding/json"
+	rtUtils "github.com/jfrog/jfrog-cli-core/v2/artifactory/utils"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/config"
+	"github.com/jfrog/jfrog-client-go/access/services"
+	"github.com/jfrog/jfrog-client-go/auth"
+	"github.com/jfrog/jfrog-client-go/utils/errorutils"
+	"strings"
+)
+
+const (
+	AdminScope        = "applied-permissions/admin"
+	GroupsScopePrefix = "applied-permissions/groups:"
+)
+
+type AccessTokenCreateCommand struct {
+	serverDetails *config.ServerDetails
+	username      string
+	projectKey    string
+
+	scope      string
+	groups     string
+	grantAdmin bool
+
+	expiry      *uint
+	refreshable bool
+	description string
+
+	audience              string
+	includeReferenceToken bool
+
+	response *auth.CreateTokenResponseData
+}
+
+func NewAccessTokenCreateCommand() *AccessTokenCreateCommand {
+	return &AccessTokenCreateCommand{response: new(auth.CreateTokenResponseData)}
+}
+
+func (atc *AccessTokenCreateCommand) SetServerDetails(serverDetails *config.ServerDetails) *AccessTokenCreateCommand {
+	atc.serverDetails = serverDetails
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetUsername(username string) *AccessTokenCreateCommand {
+	atc.username = username
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetProjectKey(projectKey string) *AccessTokenCreateCommand {
+	atc.projectKey = projectKey
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetGroups(groups string) *AccessTokenCreateCommand {
+	atc.groups = groups
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetScope(scope string) *AccessTokenCreateCommand {
+	atc.scope = scope
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetGrantAdmin(grantAdmin bool) *AccessTokenCreateCommand {
+	atc.grantAdmin = grantAdmin
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetExpiry(expiry *uint) *AccessTokenCreateCommand {
+	atc.expiry = expiry
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetRefreshable(refreshable bool) *AccessTokenCreateCommand {
+	atc.refreshable = refreshable
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetDescription(description string) *AccessTokenCreateCommand {
+	atc.description = description
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetAudience(audience string) *AccessTokenCreateCommand {
+	atc.audience = audience
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) SetIncludeReferenceToken(includeReferenceToken bool) *AccessTokenCreateCommand {
+	atc.includeReferenceToken = includeReferenceToken
+	return atc
+}
+
+func (atc *AccessTokenCreateCommand) Response() ([]byte, error) {
+	content, err := json.Marshal(*atc.response)
+	return content, errorutils.CheckError(err)
+}
+
+func (atc *AccessTokenCreateCommand) ServerDetails() (*config.ServerDetails, error) {
+	return atc.serverDetails, nil
+}
+
+func (atc *AccessTokenCreateCommand) CommandName() string {
+	return "access_token_create"
+}
+
+func (atc *AccessTokenCreateCommand) Run() error {
+	servicesManager, err := rtUtils.CreateAccessServiceManager(atc.serverDetails, false)
+	if err != nil {
+		return err
+	}
+
+	*atc.response, err = servicesManager.CreateAccessToken(atc.getTokenParams())
+	return err
+}
+
+func (atc *AccessTokenCreateCommand) getTokenParams() services.CreateTokenParams {
+	tokenParams := services.CreateTokenParams{}
+
+	tokenParams.Username = strings.ToLower(atc.username)
+	tokenParams.ProjectKey = atc.projectKey
+	tokenParams.Scope = atc.getScope()
+	tokenParams.ExpiresIn = atc.expiry
+	tokenParams.Refreshable = &atc.refreshable
+	tokenParams.Description = atc.description
+	tokenParams.Audience = atc.audience
+	tokenParams.IncludeReferenceToken = &atc.includeReferenceToken
+	return tokenParams
+}
+
+// If an explicit scope was provided, apply it.
+// Otherwise, if admin or groups scopes were requested, construct scope from them (space separated).
+// If no scopes were requested, leave scope empty to provide the default user scope.
+func (atc *AccessTokenCreateCommand) getScope() string {
+	if atc.scope != "" {
+		return atc.scope
+	}
+
+	var scopes []string
+	if atc.groups != "" {
+		scopes = append(scopes, GroupsScopePrefix+atc.groups)
+	}
+
+	if atc.grantAdmin {
+		scopes = append(scopes, AdminScope)
+	}
+	return strings.Join(scopes, " ")
+}

go.mod

@@ -93,3 +93,9 @@ require (
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 )
+
+replace github.com/jfrog/jfrog-client-go => github.com/RobiNino/jfrog-client-go v0.0.0-20230914111739-e5625524b232
+
+// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38
+
+// replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27

go.sum

@@ -49,6 +49,8 @@ github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migc
 github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
 github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg=
 github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0=
+github.com/RobiNino/jfrog-client-go v0.0.0-20230914111739-e5625524b232 h1:WnSlTYiMi3TLbZgHK82wcbl9QMNGO5PHMDmP1n5jINk=
+github.com/RobiNino/jfrog-client-go v0.0.0-20230914111739-e5625524b232/go.mod h1:UewnwkIf/77HzBgwCPzOHZCK6V/Nw5/JwdzN/tRb4aU=
 github.com/VividCortex/ewma v1.2.0 h1:f58SaIzcDXrSy3kWaHNvuJgJ3Nmz59Zji6XoJR/q1ow=
 github.com/VividCortex/ewma v1.2.0/go.mod h1:nz4BbCtbLyFDeC9SUHbtcT5644juEuWfUAUnGx7j5l4=
 github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpHMqeKTCYkitsPqHNxTmd4SNR5r94FGM8=
@@ -199,8 +201,6 @@ github.com/jfrog/build-info-go v1.9.10 h1:uXnDLVxpqxoAMpXcki00QaBB+M2BoGMMpHODPk
 github.com/jfrog/build-info-go v1.9.10/go.mod h1:ujJ8XQZMdT2tMkLSMJNyDd1pCY+duwHdjV+9or9FLIg=
 github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk=
 github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0=
-github.com/jfrog/jfrog-client-go v1.32.2 h1:t0ceWCtFri+xsa0D2ESqD/itcovlxBXCky1A1MJ4P2I=
-github.com/jfrog/jfrog-client-go v1.32.2/go.mod h1:UewnwkIf/77HzBgwCPzOHZCK6V/Nw5/JwdzN/tRb4aU=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=