fix: allow timeouts in the client methods that make API call

cmd/cli/version/version.go

@@ -18,6 +18,7 @@ package version
 import (
 	"context"
 	"fmt"
+	"time"
 
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/rs/zerolog/log"
@@ -100,8 +101,12 @@ func (oV *VersionOptions) Run(ctx context.Context, cmd *cobra.Command) error {
 	if oV.ClientOnly {
 		versions.ClientVersion = version.Get()
 	} else {
+		// NB(forrest): since `GetAllVersions` is an API call - in the event the server is un-reachable
+		// we timeout after 3 seconds to avoid waiting on an unavailable server to return its version information.
+		vctx, cancel := context.WithTimeout(ctx, time.Second*3)
+		defer cancel()
 		var err error
-		versions, err = util.GetAllVersions(ctx)
+		versions, err = util.GetAllVersions(vctx)
 		if err != nil {
 			// No error on fail of version check. Just print as much as we can.
 			log.Ctx(ctx).Warn().Err(err).Msg("failed to get updated versions")

cmd/util/api.go

@@ -59,8 +59,8 @@ func GetAPIClientV2(cmd *cobra.Command) clientv2.API {
 			PersistCredential: func(cred *apimodels.HTTPCredential) error {
 				return WriteToken(base, cred)
 			},
-			Authenticate: func(a *clientv2.Auth) (*apimodels.HTTPCredential, error) {
-				return auth.RunAuthenticationFlow(cmd, a)
+			Authenticate: func(ctx context.Context, a *clientv2.Auth) (*apimodels.HTTPCredential, error) {
+				return auth.RunAuthenticationFlow(ctx, cmd, a)
 			},
 		},
 	)

cmd/util/auth/auth.go

@@ -1,6 +1,7 @@
 package auth
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -19,13 +20,13 @@ import (
 
 type responder = func(request *json.RawMessage) (response []byte, err error)
 
-func RunAuthenticationFlow(cmd *cobra.Command, auth *client.Auth) (*apimodels.HTTPCredential, error) {
+func RunAuthenticationFlow(ctx context.Context, cmd *cobra.Command, auth *client.Auth) (*apimodels.HTTPCredential, error) {
 	supportedMethods := map[authn.MethodType]responder{
 		authn.MethodTypeChallenge: challenge.Respond,
 		authn.MethodTypeAsk:       askResponder(cmd),
 	}
 
-	methods, err := auth.Methods(cmd.Context(), &apimodels.ListAuthnMethodsRequest{})
+	methods, err := auth.Methods(ctx, &apimodels.ListAuthnMethodsRequest{})
 	if err != nil {
 		return nil, err
 	}
@@ -60,7 +61,7 @@ func RunAuthenticationFlow(cmd *cobra.Command, auth *client.Auth) (*apimodels.HT
 			return nil, err
 		}
 
-		authnResponse, err := auth.Authenticate(cmd.Context(), &apimodels.AuthnRequest{
+		authnResponse, err := auth.Authenticate(ctx, &apimodels.AuthnRequest{
 			Name:       chosenMethodName,
 			MethodData: response,
 		})

pkg/publicapi/client/v2/client.go

@@ -310,35 +310,35 @@ type AuthenticatingClient struct {
 
 	// Authenticate will be called when the system should run an authentication
 	// flow using the passed Auth API.
-	Authenticate func(*Auth) (*apimodels.HTTPCredential, error)
+	Authenticate func(context.Context, *Auth) (*apimodels.HTTPCredential, error)
 }
 
 func (t *AuthenticatingClient) Get(ctx context.Context, path string, in apimodels.GetRequest, out apimodels.GetResponse) error {
-	return doRequest(t, in, func(req apimodels.GetRequest) error {
+	return doRequest(ctx, t, in, func(req apimodels.GetRequest) error {
 		return t.Client.Get(ctx, path, req, out)
 	})
 }
 
 func (t *AuthenticatingClient) List(ctx context.Context, path string, in apimodels.ListRequest, out apimodels.ListResponse) error {
-	return doRequest(t, in, func(req apimodels.ListRequest) error {
+	return doRequest(ctx, t, in, func(req apimodels.ListRequest) error {
 		return t.Client.List(ctx, path, req, out)
 	})
 }
 
 func (t *AuthenticatingClient) Post(ctx context.Context, path string, in apimodels.PutRequest, out apimodels.PutResponse) error {
-	return doRequest(t, in, func(req apimodels.PutRequest) error {
+	return doRequest(ctx, t, in, func(req apimodels.PutRequest) error {
 		return t.Client.Post(ctx, path, req, out)
 	})
 }
 
 func (t *AuthenticatingClient) Put(ctx context.Context, path string, in apimodels.PutRequest, out apimodels.PutResponse) error {
-	return doRequest(t, in, func(req apimodels.PutRequest) error {
+	return doRequest(ctx, t, in, func(req apimodels.PutRequest) error {
 		return t.Client.Put(ctx, path, req, out)
 	})
 }
 
 func (t *AuthenticatingClient) Delete(ctx context.Context, path string, in apimodels.PutRequest, out apimodels.Response) error {
-	return doRequest(t, in, func(req apimodels.PutRequest) error {
+	return doRequest(ctx, t, in, func(req apimodels.PutRequest) error {
 		return t.Client.Delete(ctx, path, req, out)
 	})
 }
@@ -349,14 +349,14 @@ func (t *AuthenticatingClient) Dial(
 	in apimodels.Request,
 ) (<-chan *concurrency.AsyncResult[[]byte], error) {
 	var output <-chan *concurrency.AsyncResult[[]byte]
-	err := doRequest(t, in, func(req apimodels.Request) (err error) {
+	err := doRequest(ctx, t, in, func(req apimodels.Request) (err error) {
 		output, err = t.Client.Dial(ctx, path, req)
 		return
 	})
 	return output, err
 }
 
-func doRequest[R apimodels.Request](t *AuthenticatingClient, request R, runRequest func(R) error) (err error) {
+func doRequest[R apimodels.Request](ctx context.Context, t *AuthenticatingClient, request R, runRequest func(R) error) (err error) {
 	if t.Credential != nil {
 		request.SetCredential(t.Credential)
 		if err = runRequest(request); err == nil {
@@ -374,7 +374,7 @@ func doRequest[R apimodels.Request](t *AuthenticatingClient, request R, runReque
 	if t.Credential == nil || pkgerrors.Is(err, apimodels.ErrInvalidToken) {
 		var authErr error
 		auth := NewAPI(t.Client).Auth()
-		if t.Credential, err = t.Authenticate(auth); err != nil {
+		if t.Credential, err = t.Authenticate(ctx, auth); err != nil {
 			authErr = errors.Join(authErr, pkgerrors.Wrap(err, "failed to authorize user"))
 			t.Credential = nil // Don't assume Authenticate returned nil
 		}