Print auth URL

[rothgar]

Describe the question

I access kubectl on a remote machine from an iPad using Blink (other terminals have the same problem). When I try to authenticate it cannot open my iPad browser. I tried adding --skip-open-browser but then it tries to serve a localhost:8000 webserver and doesn't show me the URL I need to access to authenticate.

I read other issues and saw some people had success getting the URL to print, but it hasn't been working for me. Is there something missing in my config or environment to make it print the URL without trying to open it?

The oidc issuer is using auth0

args:
          - oidc-login
          - get-token
          - --oidc-issuer-url=https://jg.omni.siderolabs.io/oidc
          - --oidc-client-id=native
          - --oidc-extra-scope=cluster:kcd
          - --skip-open-browser

oidc-login works fine when I'm physically at my computer and can open the browser to follow login flows.

related to #717

To reproduce

Using a remote session with the above config the URL does not print.

Your environment

• OS: ipadOS 17.4
• kubelogin version: v1.28.0
• kubectl version: v1.29.2
• OpenID Connect provider: auth0

[rothgar]

I was able to partially solve this because I can print the URL I need to open with --grant-type=authcode-keyboard but when I do that the localhost web server is not running to accept the redirect.

I also tried adding --oidc-redirect-url-authcode-keyboard=http://localhost:8000 and --listen-address=http://localhost:8000 but the localhost server doesn't run with authcode-keyboard.

I also tried various combinations of --skip-open-browser and --browser-command=/bin/echo to see if I could get it to print the URL and haven't got it to work yet.

[rothgar]

I found a workaround to my problem.

I was able to SSH port forward my connection to the host to forward authentication traffic to where oidc-login was running.

ssh -L 8000:localhost:8000 $HOST