Skip to content

Commit

Permalink
Apply some improvements to the login mechanism
Browse files Browse the repository at this point in the history
  • Loading branch information
sergiught committed Dec 9, 2022
1 parent 8eaccd6 commit 4f2c5df
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 24 deletions.
4 changes: 2 additions & 2 deletions internal/auth/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,7 @@ type ClientCredentials struct {
}

// GetAccessTokenFromClientCreds generates an access token from client credentials
func GetAccessTokenFromClientCreds(args ClientCredentials) (Result, error) {
func GetAccessTokenFromClientCreds(ctx context.Context, args ClientCredentials) (Result, error) {
u, err := url.Parse("https://" + args.Domain)
if err != nil {
return Result{}, err
Expand All @@ -305,7 +305,7 @@ func GetAccessTokenFromClientCreds(args ClientCredentials) (Result, error) {
},
}

resp, err := credsConfig.Token(context.Background())
resp, err := credsConfig.Token(ctx)
if err != nil {
return Result{}, err
}
Expand Down
27 changes: 18 additions & 9 deletions internal/cli/cli.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
"github.com/spf13/pflag"

"github.com/auth0/auth0-cli/internal/analytics"
"github.com/auth0/auth0-cli/internal/ansi"
"github.com/auth0/auth0-cli/internal/auth"
"github.com/auth0/auth0-cli/internal/auth0"
"github.com/auth0/auth0-cli/internal/buildinfo"
Expand Down Expand Up @@ -109,11 +110,14 @@ func (t *Tenant) hasExpiredToken() bool {

func (t *Tenant) regenerateAccessToken(ctx context.Context, c *cli) error {
if t.authenticatedWithClientCredentials() {
token, err := auth.GetAccessTokenFromClientCreds(auth.ClientCredentials{
ClientID: t.ClientID,
ClientSecret: t.ClientSecret,
Domain: t.Domain,
})
token, err := auth.GetAccessTokenFromClientCreds(
ctx,
auth.ClientCredentials{
ClientID: t.ClientID,
ClientSecret: t.ClientSecret,
Domain: t.Domain,
},
)
if err != nil {
return err
}
Expand Down Expand Up @@ -208,7 +212,7 @@ func (c *cli) prepareTenant(ctx context.Context) (Tenant, error) {
}

if scopesChanged(t) && t.authenticatedWithDeviceCodeFlow() {
c.renderer.Warnf("Required scopes have changed. Please log in to re-authorize the CLI.")
c.renderer.Warnf("Required scopes have changed. Please log in to re-authorize the CLI.\n")
return RunLoginAsUser(ctx, c)
}

Expand All @@ -218,12 +222,17 @@ func (c *cli) prepareTenant(ctx context.Context) (Tenant, error) {

if err := t.regenerateAccessToken(ctx, c); err != nil {
if t.authenticatedWithClientCredentials() {
return t, fmt.Errorf("Failed to renew access token. This may occur if the designated application has been deleted or client secret has been rotated. Please re-authenticate by running `auth0 login --as-machine`")
return t, fmt.Errorf(
"failed to fetch access token using client credentials.\n\n"+
"This may occur if the designated application has been deleted or the client secret has been rotated.\n\n"+
"Please re-authenticate by running: %s",
ansi.Bold("auth0 login --domain <tenant-domain --client-id <client-id> --client-secret <client-secret>"),
)
}

c.renderer.Warnf("Failed to renew access token. Please log in to re-authorize the CLI.")
return RunLoginAsUser(ctx, c)
c.renderer.Warnf("Failed to renew access token. Please log in to re-authorize the CLI.\n")

return RunLoginAsUser(ctx, c)
}

if err := c.addTenant(t); err != nil {
Expand Down
19 changes: 11 additions & 8 deletions internal/cli/login.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,6 @@ auth0 login --domain <tenant-domain> --client-id <client-id> --client-secret <cl
}
}

cli.renderer.Infof("Successfully authenticated to %s", inputs.Domain)
cli.tracker.TrackCommandRun(cmd, cli.config.InstallID)

return nil
Expand All @@ -92,7 +91,6 @@ auth0 login --domain <tenant-domain> --client-id <client-id> --client-secret <cl
cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) {
_ = cmd.Flags().MarkHidden("tenant")
_ = cmd.Flags().MarkHidden("json")
_ = cmd.Flags().MarkHidden("no-input")
cmd.Parent().HelpFunc()(cmd, args)
})

Expand Down Expand Up @@ -201,13 +199,18 @@ func RunLoginAsMachine(ctx context.Context, inputs LoginInputs, cli *cli, cmd *c
return err
}

token, err := auth.GetAccessTokenFromClientCreds(auth.ClientCredentials{
ClientID: inputs.ClientID,
ClientSecret: inputs.ClientSecret,
Domain: inputs.Domain,
})
token, err := auth.GetAccessTokenFromClientCreds(
ctx,
auth.ClientCredentials{
ClientID: inputs.ClientID,
ClientSecret: inputs.ClientSecret,
Domain: inputs.Domain,
},
)
if err != nil {
return err
return fmt.Errorf(
"failed to fetch access token using client credentials. \n\n"+
"Ensure that the provided client-id, client-secret and domain are correct. \n\nerror: %w\n", err)
}

t := Tenant{
Expand Down
5 changes: 0 additions & 5 deletions test/integration/test-cases.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,6 @@ config:
inherit-env: true

tests:
login as machine:
command: auth0 logout $AUTH0_CLI_CLIENT_DOMAIN; auth0 login --client-id $AUTH0_CLI_CLIENT_ID --client-secret $AUTH0_CLI_CLIENT_SECRET --domain $AUTH0_CLI_CLIENT_DOMAIN
stderr: "Successfully authenticated to"
exit-code: 0

auth0 apis list:
exit-code: 0

Expand Down

0 comments on commit 4f2c5df

Please sign in to comment.