From 244dda54d5a749499fab976a72d69ecbb739de30 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Tue, 10 Jan 2023 03:47:14 -0500 Subject: [PATCH] DXCDT-316: More self-documenting reveal secret flag (#591) Co-authored-by: Will Vedder Co-authored-by: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Co-authored-by: Sergiu Ghitea --- docs/auth0_apps_create.md | 4 ++-- docs/auth0_apps_list.md | 10 ++++----- docs/auth0_apps_show.md | 8 +++---- docs/auth0_apps_update.md | 4 ++-- internal/cli/apps.go | 46 +++++++++++++++++++-------------------- internal/cli/apps_test.go | 2 +- 6 files changed, 37 insertions(+), 37 deletions(-) diff --git a/docs/auth0_apps_create.md b/docs/auth0_apps_create.md index 18ff59d47..93a2e95b6 100644 --- a/docs/auth0_apps_create.md +++ b/docs/auth0_apps_create.md @@ -21,7 +21,7 @@ auth0 apps create [flags] auth0 apps create --name myapp auth0 apps create --name myapp --description auth0 apps create --name myapp --description --type [native|spa|regular|m2m] - auth0 apps create --name myapp --description --type [native|spa|regular|m2m] --reveal + auth0 apps create --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json ``` @@ -37,7 +37,7 @@ auth0 apps create [flags] -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. -n, --name string Name of the application. -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. - -r, --reveal Display the Client Secret as part of the command output. + -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. -t, --type string Type of application: - native: mobile, desktop, CLI and smart device apps running natively. - spa (single page application): a JavaScript front-end app that uses an API. diff --git a/docs/auth0_apps_list.md b/docs/auth0_apps_list.md index c1bf9ca62..a5789b903 100644 --- a/docs/auth0_apps_list.md +++ b/docs/auth0_apps_list.md @@ -15,8 +15,8 @@ auth0 apps list [flags] ``` auth0 apps list auth0 apps ls - auth0 apps list --reveal - auth0 apps list --reveal --number 100 + auth0 apps list --reveal-secrets + auth0 apps list --reveal-secrets --number 100 auth0 apps ls -r -n 100 --json ``` @@ -24,9 +24,9 @@ auth0 apps list [flags] ## Flags ``` - --json Output in json format. - -n, --number int Number of apps to retrieve (default 50) - -r, --reveal Display the Client Secret as part of the command output. + --json Output in json format. + -n, --number int Number of apps to retrieve (default 50) + -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. ``` diff --git a/docs/auth0_apps_show.md b/docs/auth0_apps_show.md index a31ad9eb8..cf687314f 100644 --- a/docs/auth0_apps_show.md +++ b/docs/auth0_apps_show.md @@ -15,16 +15,16 @@ auth0 apps show [flags] ``` auth0 apps show auth0 apps show - auth0 apps show --reveal - auth0 apps show --reveal --json + auth0 apps show --reveal-secrets + auth0 apps show -r --json ``` ## Flags ``` - --json Output in json format. - -r, --reveal Display the Client Secret as part of the command output. + --json Output in json format. + -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. ``` diff --git a/docs/auth0_apps_update.md b/docs/auth0_apps_update.md index 7cd1b396b..c340c2b98 100644 --- a/docs/auth0_apps_update.md +++ b/docs/auth0_apps_update.md @@ -21,7 +21,7 @@ auth0 apps update [flags] auth0 apps update --name myapp auth0 apps update --name myapp --description auth0 apps update --name myapp --description --type [native|spa|regular|m2m] - auth0 apps update --name myapp --description --type [native|spa|regular|m2m] --reveal + auth0 apps update --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json ``` @@ -37,7 +37,7 @@ auth0 apps update [flags] -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. -n, --name string Name of the application. -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. - -r, --reveal Display the Client Secret as part of the command output. + -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. -t, --type string Type of application: - native: mobile, desktop, CLI and smart device apps running natively. - spa (single page application): a JavaScript front-end app that uses an API. diff --git a/internal/cli/apps.go b/internal/cli/apps.go index ce21333b9..90b2a6014 100644 --- a/internal/cli/apps.go +++ b/internal/cli/apps.go @@ -113,11 +113,11 @@ var ( Help: "List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code.", IsRequired: false, } - reveal = Flag{ + revealSecrets = Flag{ Name: "Reveal", - LongForm: "reveal", + LongForm: "reveal-secrets", ShortForm: "r", - Help: "Display the Client Secret as part of the command output.", + Help: "Display the application secrets ('signing_keys', 'client_secret') as part of the command output.", } number = Flag{ Name: "Number", @@ -200,8 +200,8 @@ func useAppCmd(cli *cli) *cobra.Command { func listAppsCmd(cli *cli) *cobra.Command { var inputs struct { - Reveal bool - Number int + RevealSecrets bool + Number int } cmd := &cobra.Command{ @@ -212,8 +212,8 @@ func listAppsCmd(cli *cli) *cobra.Command { Long: "List your existing applications. To create one, run: `auth0 apps create`.", Example: ` auth0 apps list auth0 apps ls - auth0 apps list --reveal - auth0 apps list --reveal --number 100 + auth0 apps list --reveal-secrets + auth0 apps list --reveal-secrets --number 100 auth0 apps ls -r -n 100 --json`, RunE: func(cmd *cobra.Command, args []string) error { list, err := getWithPagination( @@ -237,13 +237,13 @@ func listAppsCmd(cli *cli) *cobra.Command { for _, item := range list { typedList = append(typedList, item.(*management.Client)) } - cli.renderer.ApplicationList(typedList, inputs.Reveal) + cli.renderer.ApplicationList(typedList, inputs.RevealSecrets) return nil }, } cmd.Flags().BoolVar(&cli.json, "json", false, "Output in json format.") - reveal.RegisterBool(cmd, &inputs.Reveal, false) + revealSecrets.RegisterBool(cmd, &inputs.RevealSecrets, false) number.RegisterInt(cmd, &inputs.Number, defaultPageSize) return cmd @@ -251,8 +251,8 @@ func listAppsCmd(cli *cli) *cobra.Command { func showAppCmd(cli *cli) *cobra.Command { var inputs struct { - ID string - Reveal bool + ID string + RevealSecrets bool } cmd := &cobra.Command{ @@ -262,8 +262,8 @@ func showAppCmd(cli *cli) *cobra.Command { Long: "Display the name, description, app type, and other information about an application.", Example: ` auth0 apps show auth0 apps show - auth0 apps show --reveal - auth0 apps show --reveal --json`, + auth0 apps show --reveal-secrets + auth0 apps show -r --json`, RunE: func(cmd *cobra.Command, args []string) error { if len(args) == 0 { err := appID.Pick(cmd, &inputs.ID, cli.appPickerOptions) @@ -284,13 +284,13 @@ func showAppCmd(cli *cli) *cobra.Command { return fmt.Errorf("Unable to load application: %w", err) } - cli.renderer.ApplicationShow(a, inputs.Reveal) + cli.renderer.ApplicationShow(a, inputs.RevealSecrets) return nil }, } cmd.Flags().BoolVar(&cli.json, "json", false, "Output in json format.") - reveal.RegisterBool(cmd, &inputs.Reveal, false) + revealSecrets.RegisterBool(cmd, &inputs.RevealSecrets, false) return cmd } @@ -357,7 +357,7 @@ func createAppCmd(cli *cli) *cobra.Command { AllowedLogoutURLs []string AuthMethod string Grants []string - Reveal bool + RevealSecrets bool } var oidcConformant = true var algorithm = "RS256" @@ -373,7 +373,7 @@ func createAppCmd(cli *cli) *cobra.Command { auth0 apps create --name myapp auth0 apps create --name myapp --description auth0 apps create --name myapp --description --type [native|spa|regular|m2m] - auth0 apps create --name myapp --description --type [native|spa|regular|m2m] --reveal + auth0 apps create --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json`, RunE: func(cmd *cobra.Command, args []string) error { // Prompt for app name @@ -478,7 +478,7 @@ func createAppCmd(cli *cli) *cobra.Command { } // Render result - cli.renderer.ApplicationCreate(a, inputs.Reveal) + cli.renderer.ApplicationCreate(a, inputs.RevealSecrets) return nil }, @@ -494,7 +494,7 @@ func createAppCmd(cli *cli) *cobra.Command { appLogoutURLs.RegisterStringSlice(cmd, &inputs.AllowedLogoutURLs, nil) appAuthMethod.RegisterString(cmd, &inputs.AuthMethod, "") appGrants.RegisterStringSlice(cmd, &inputs.Grants, nil) - reveal.RegisterBool(cmd, &inputs.Reveal, false) + revealSecrets.RegisterBool(cmd, &inputs.RevealSecrets, false) return cmd } @@ -511,7 +511,7 @@ func updateAppCmd(cli *cli) *cobra.Command { AllowedLogoutURLs []string AuthMethod string Grants []string - Reveal bool + RevealSecrets bool } cmd := &cobra.Command{ @@ -526,7 +526,7 @@ func updateAppCmd(cli *cli) *cobra.Command { auth0 apps update --name myapp auth0 apps update --name myapp --description auth0 apps update --name myapp --description --type [native|spa|regular|m2m] - auth0 apps update --name myapp --description --type [native|spa|regular|m2m] --reveal + auth0 apps update --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json`, RunE: func(cmd *cobra.Command, args []string) error { var current *management.Client @@ -688,7 +688,7 @@ func updateAppCmd(cli *cli) *cobra.Command { } // Render result - cli.renderer.ApplicationUpdate(a, inputs.Reveal) + cli.renderer.ApplicationUpdate(a, inputs.RevealSecrets) return nil }, @@ -704,7 +704,7 @@ func updateAppCmd(cli *cli) *cobra.Command { appLogoutURLs.RegisterStringSliceU(cmd, &inputs.AllowedLogoutURLs, nil) appAuthMethod.RegisterStringU(cmd, &inputs.AuthMethod, "") appGrants.RegisterStringSliceU(cmd, &inputs.Grants, nil) - reveal.RegisterBool(cmd, &inputs.Reveal, false) + revealSecrets.RegisterBool(cmd, &inputs.RevealSecrets, false) return cmd } diff --git a/internal/cli/apps_test.go b/internal/cli/apps_test.go index b15e8dc01..2fd059f30 100644 --- a/internal/cli/apps_test.go +++ b/internal/cli/apps_test.go @@ -31,7 +31,7 @@ func TestAppsListCmd(t *testing.T) { }, { name: "reveal secrets", - args: []string{"--reveal"}, + args: []string{"--reveal-secrets"}, assertOutput: func(t testing.TB, out string) { expectTable(t, out, []string{"CLIENT ID", "NAME", "TYPE", "CLIENT SECRET"},