package zitadel import ( "context" "fmt" zitadelv1alpha1 "gitea.corredorconect.com/software-engineering/zitadel-resources-operator/api/v1alpha1" clientv2 "github.com/zitadel/zitadel-go/v3/pkg/client" z "github.com/zitadel/zitadel-go/v3/pkg/zitadel" ) func NewV2Client(ctx context.Context, connection *zitadelv1alpha1.Connection, refresolver zitadelv1alpha1.RefResolver) (*clientv2.Client, error) { zOpts := []z.Option{} if connection.Spec.Port != nil { zOpts = append(zOpts, z.WithPort(*connection.Spec.Port)) } if connection.Spec.InsecureSkipVerifyTLS { zOpts = append(zOpts, z.WithInsecureSkipVerifyTLS()) } if !connection.Spec.Secure { port := uint16(443) if connection.Spec.Port != nil { port = *connection.Spec.Port } zOpts = append(zOpts, z.WithInsecure(fmt.Sprintf("%d", port))) } var auth clientv2.TokenSourceInitializer if connection.Spec.Authentication.PAT != nil { pat, err := refresolver.SecretKeyRef(ctx, connection.Spec.Authentication.PAT.TokenSecretKey, connection.Namespace) if err != nil { return nil, err } auth = clientv2.PAT(pat) } if connection.Spec.Authentication.JWT != nil { jwt, err := refresolver.SecretKeyRef(ctx, connection.Spec.Authentication.JWT.JWTSecretKey, connection.Namespace) if err != nil { return nil, err } keyfile, err := clientv2.ConfigFromKeyFileData([]byte(jwt)) if err != nil { return nil, err } auth = clientv2.AuthenticationJWTProfile(keyfile, connection.Spec.Authentication.JWT.Scopes...) } if connection.Spec.Authentication.Password != nil { password, err := refresolver.SecretKeyRef(ctx, connection.Spec.Authentication.Password.PasswordSecretKey, connection.Namespace) if err != nil { return nil, err } auth = clientv2.PasswordAuthentication(connection.Spec.Authentication.Password.Username, password, connection.Spec.Authentication.Password.Scopes...) } client, err := clientv2.New(ctx, z.New(connection.Spec.Host, zOpts...), clientv2.WithAuth(auth)) if err != nil { return nil, fmt.Errorf("Error creating V2Client: %v", err) } return client, nil }