From 7dc0ac0c4ee9a950e57c9b7b40ae710becc922bc Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Tue, 6 Dec 2022 15:29:35 -0500 Subject: [PATCH 1/6] DXCDT-284: Remove dead env vars (#545) * Removing usage of env vars * Moving docsPath to closer to where its used Co-authored-by: Will Vedder --- .github/workflows/go.yml | 2 -- cmd/build_doc/main.go | 11 +---------- docs/ci.md | 25 ------------------------- internal/cli/build_doc.go | 6 ++++-- 4 files changed, 5 insertions(+), 39 deletions(-) delete mode 100644 docs/ci.md diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 1e7ef711b..0b6b9cfeb 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -58,8 +58,6 @@ jobs: AUTH0_CLI_CLIENT_DOMAIN: ${{ secrets.AUTH0_CLI_CLIENT_DOMAIN }} AUTH0_CLI_CLIENT_ID: ${{ secrets.AUTH0_CLI_CLIENT_ID }} AUTH0_CLI_CLIENT_SECRET: ${{ secrets.AUTH0_CLI_CLIENT_SECRET }} - AUTH0_CLI_REUSE_CONFIG: ${{ secrets.AUTH0_CLI_REUSE_CONFIG }} - AUTH0_CLI_OVERWRITE: ${{ secrets.AUTH0_CLI_OVERWRITE }} build: name: Build diff --git a/cmd/build_doc/main.go b/cmd/build_doc/main.go index 70078d453..564ecb716 100644 --- a/cmd/build_doc/main.go +++ b/cmd/build_doc/main.go @@ -1,20 +1,11 @@ package main import ( - "github.com/joeshaw/envdecode" - "github.com/auth0/auth0-cli/internal/cli" ) func main() { - var cfg struct { - Path string `env:"AUTH0_CLI_DOCS_PATH,default=./docs/"` - } - if err := envdecode.StrictDecode(&cfg); err != nil { - panic(err) - } - - err := cli.BuildDoc(cfg.Path) + err := cli.BuildDoc() if err != nil { panic(err) } diff --git a/docs/ci.md b/docs/ci.md deleted file mode 100644 index d54589427..000000000 --- a/docs/ci.md +++ /dev/null @@ -1,25 +0,0 @@ -# Continuous Integration - -## Integration Tests - -Integration tests can be run with: -```bash -make integration -``` - -`make integration` will build and run the `auth0-cli-config-generator` command which is responsible for ensuring that a valid auth0-cli config file exists before the integration tests run. If a valid auth0-cli config file doesn't exist, `auth0-cli-config-generator` will attempt to generate one based off command line flags or/and environment variables. - -`make integration` will then use [commander](https://github.com/commander-cli/commander) to run tests defined in [commander.yaml](./commander.yaml) - -The entities created during integration tests will be cleaned afterwards by the script `integration/test-cleanup.sh`. All the entities prefixed `integration-test-` will be deleted. - -To run integration tests as part of a CI pipeline, several environment variables need to be exported first. When these variables are set, `auth0-cli-config-generator` will generate a valid auth0-cli config file being retrieving a token for the client, removing the need to run `auth0 login`: -```bash -export AUTH0_CLI_CLIENT_NAME="integration" \ - AUTH0_CLI_CLIENT_DOMAIN="example-test-domain.au.auth0.com" \ - AUTH0_CLI_CLIENT_ID="example-client-id" \ - AUTH0_CLI_CLIENT_SECRET="example-client-secret" \ - AUTH0_CLI_REUSE_CONFIG="false" \ - AUTH0_CLI_OVERWRITE="true" -make integration -``` diff --git a/internal/cli/build_doc.go b/internal/cli/build_doc.go index b3f44d10e..e27e0674b 100644 --- a/internal/cli/build_doc.go +++ b/internal/cli/build_doc.go @@ -7,7 +7,7 @@ import ( "github.com/spf13/cobra/doc" ) -func BuildDoc(path string) error { +func BuildDoc() error { cli := &cli{} rootCmd := &cobra.Command{ @@ -20,8 +20,10 @@ func BuildDoc(path string) error { addPersistentFlags(rootCmd, cli) addSubcommands(rootCmd, cli) + docsPath := "./docs/" + err := doc.GenMarkdownTreeCustom(rootCmd, - path, + docsPath, func(fileName string) string { // prepend to the generated markdown if strings.HasSuffix(fileName, "auth0.md") { From 322499df5c4f49f49300f4341f70a72adfbbeb5e Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Thu, 8 Dec 2022 16:22:07 -0500 Subject: [PATCH 2/6] Updating go to 1.19.4 in Github Action (#552) * Updating go version in GH actions to 1.19.4 * Seeing if bracket syntax works Co-authored-by: Will Vedder --- .github/workflows/go.yml | 9 ++++++--- .github/workflows/release.yml | 5 ++++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 0b6b9cfeb..4674cfb65 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -2,6 +2,9 @@ name: Go on: [push, pull_request] +env: + GO_VERSION: 1.19.4 + concurrency: group: one-at-time cancel-in-progress: false @@ -18,7 +21,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.19.3 + go-version: ${{env.GO_VERSION}} - name: Check out the code uses: actions/checkout@v3 @@ -45,7 +48,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.19.3 + go-version: ${{env.GO_VERSION}} - name: Check out the code uses: actions/checkout@v3 @@ -70,7 +73,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.19.3 + go-version: ${{env.GO_VERSION}} - name: Check out the code uses: actions/checkout@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 69b85de47..ad906263c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,6 +4,9 @@ on: pull_request: push: +env: + GO_VERSION: 1.19.4 + jobs: goreleaser: runs-on: ubuntu-latest @@ -20,7 +23,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.19.3 + go-version: ${{env.GO_VERSION}} - name: Run GoReleaser uses: goreleaser/goreleaser-action@v3 From 48c1d2a8ca752333e21c0279f65cda90203415d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Dec 2022 16:32:09 -0500 Subject: [PATCH 3/6] Bump nokogiri from 1.13.9 to 1.13.10 in /docs (#549) Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.9 to 1.13.10. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.9...v1.13.10) --- updated-dependencies: - dependency-name: nokogiri dependency-type: indirect ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Will Vedder --- docs/Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/Gemfile.lock b/docs/Gemfile.lock index 7358f2c72..673c15ee5 100644 --- a/docs/Gemfile.lock +++ b/docs/Gemfile.lock @@ -212,12 +212,12 @@ GEM jekyll-feed (~> 0.9) jekyll-seo-tag (~> 2.1) minitest (5.16.3) - nokogiri (1.13.9) + nokogiri (1.13.10) mini_portile2 (~> 2.8.0) racc (~> 1.4) - nokogiri (1.13.9-x86_64-darwin) + nokogiri (1.13.10-x86_64-darwin) racc (~> 1.4) - nokogiri (1.13.9-x86_64-linux) + nokogiri (1.13.10-x86_64-linux) racc (~> 1.4) octokit (4.25.1) faraday (>= 1, < 3) @@ -225,7 +225,7 @@ GEM pathutil (0.16.2) forwardable-extended (~> 2.6) public_suffix (4.0.7) - racc (1.6.0) + racc (1.6.1) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) From ad6874205c4af0afe384a331e9a2d178f88ef7b6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Dec 2022 16:39:29 -0500 Subject: [PATCH 4/6] Bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 (#550) Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.15.0 to 0.16.0. - [Release notes](https://github.com/getsentry/sentry-go/releases) - [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: github.com/getsentry/sentry-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Will Vedder --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 14c53cda2..502c6f286 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/briandowns/spinner v1.19.0 github.com/charmbracelet/glamour v0.6.0 github.com/fsnotify/fsnotify v1.6.0 - github.com/getsentry/sentry-go v0.15.0 + github.com/getsentry/sentry-go v0.16.0 github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.5.9 github.com/google/uuid v1.3.0 diff --git a/go.sum b/go.sum index bc7e16643..7301328b7 100644 --- a/go.sum +++ b/go.sum @@ -104,8 +104,8 @@ github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYF github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/getsentry/sentry-go v0.15.0 h1:CP9bmA7pralrVUedYZsmIHWpq/pBtXTSew7xvVpfLaA= -github.com/getsentry/sentry-go v0.15.0/go.mod h1:RZPJKSw+adu8PBNygiri/A98FqVr2HtRckJk9XVxJ9I= +github.com/getsentry/sentry-go v0.16.0 h1:owk+S+5XcgJLlGR/3+3s6N4d+uKwqYvh/eS0AIMjPWo= +github.com/getsentry/sentry-go v0.16.0/go.mod h1:ZXCloQLj0pG7mja5NK6NPf2V4A88YJ4pNlc2mOHwh6Y= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= From 64f9db877ef968321cfe1c054f744f6be0c50386 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Fri, 9 Dec 2022 10:18:45 -0500 Subject: [PATCH 5/6] DXCDT-267: Consolidate `auth0 add tenants` into `auth0 login` (1/x) (#546) Co-authored-by: Will Vedder Co-authored-by: Sergiu Ghitea --- Makefile | 2 +- docs/auth0_login.md | 14 +++- docs/auth0_tenants.md | 1 - docs/auth0_tenants_add.md | 41 ------------ internal/cli/cli.go | 4 +- internal/cli/login.go | 109 +++++++++++++++++++++++++++++-- internal/cli/tenants.go | 100 ++-------------------------- test/integration/test-cases.yaml | 28 ++++---- 8 files changed, 138 insertions(+), 161 deletions(-) delete mode 100644 docs/auth0_tenants_add.md diff --git a/Makefile b/Makefile index e1f267425..8c703574f 100644 --- a/Makefile +++ b/Makefile @@ -129,7 +129,7 @@ test-unit: ## Run unit tests test-integration: $(GO_BIN)/commander ## Run integration tests. To run a specific test pass the FILTER var. Usage: `make test-integration FILTER="attack protection"` ${call print, "Running integration tests"} @$(MAKE) install # ensure fresh install prior to running test - auth0 tenants add ${AUTH0_CLI_CLIENT_DOMAIN} --client-id ${AUTH0_CLI_CLIENT_ID} --client-secret ${AUTH0_CLI_CLIENT_SECRET} && commander test ./test/integration/test-cases.yaml --filter "$(FILTER)"; \ + auth0 login --domain ${AUTH0_CLI_CLIENT_DOMAIN} --client-id ${AUTH0_CLI_CLIENT_ID} --client-secret ${AUTH0_CLI_CLIENT_SECRET} && commander test ./test/integration/test-cases.yaml --filter "$(FILTER)"; \ exit_code=$$?; \ bash ./test/integration/scripts/test-cleanup.sh; \ exit $$exit_code diff --git a/docs/auth0_login.md b/docs/auth0_login.md index 384b018bf..e22cb0f2e 100644 --- a/docs/auth0_login.md +++ b/docs/auth0_login.md @@ -7,16 +7,26 @@ Authenticate the Auth0 CLI ### Synopsis -Sign in to your Auth0 account and authorize the CLI to access the Management API. +Authenticates the Auth0 CLI either as a user using personal credentials or as a machine using client credentials. ``` auth0 login [flags] ``` +### Examples + +``` +auth0 login +auth0 login --domain --client-id --client-secret +``` + ### Options ``` - -h, --help help for login + --client-id string Client ID of the application when authenticating via client credentials. + --client-secret string Client secret of the application when authenticating via client credentials. + --domain string Tenant domain of the application when authenticating via client credentials. + -h, --help help for login ``` ### Options inherited from parent commands diff --git a/docs/auth0_tenants.md b/docs/auth0_tenants.md index 56be1080a..34b51b17b 100644 --- a/docs/auth0_tenants.md +++ b/docs/auth0_tenants.md @@ -28,7 +28,6 @@ Manage configured tenants. ### SEE ALSO * [auth0](/auth0-cli/) - Supercharge your development workflow. -* [auth0 tenants add](auth0_tenants_add.md) - Add a tenant with client credentials * [auth0 tenants list](auth0_tenants_list.md) - List your tenants * [auth0 tenants open](auth0_tenants_open.md) - Open tenant settings page in the Auth0 Dashboard * [auth0 tenants use](auth0_tenants_use.md) - Set the active tenant diff --git a/docs/auth0_tenants_add.md b/docs/auth0_tenants_add.md deleted file mode 100644 index a8d7ffe68..000000000 --- a/docs/auth0_tenants_add.md +++ /dev/null @@ -1,41 +0,0 @@ ---- -layout: default ---- -## auth0 tenants add - -Add a tenant with client credentials - -### Synopsis - -Add a tenant with client credentials. - -``` -auth0 tenants add [flags] -``` - -### Examples - -``` -auth0 tenants add --client-id --client-secret -``` - -### Options - -``` - -h, --help help for add -``` - -### Options inherited from parent commands - -``` - --debug Enable debug mode. - --json Output in json format. - --no-color Disable colors. - --no-input Disable interactivity. - --tenant string Specific tenant to use. -``` - -### SEE ALSO - -* [auth0 tenants](auth0_tenants.md) - Manage configured tenants - diff --git a/internal/cli/cli.go b/internal/cli/cli.go index 116688ecb..927d7223c 100644 --- a/internal/cli/cli.go +++ b/internal/cli/cli.go @@ -208,7 +208,7 @@ func (c *cli) prepareTenant(ctx context.Context) (Tenant, error) { } if t.AccessToken == "" || (scopesChanged(t) && t.authenticatedWithDeviceCodeFlow()) { - return RunLogin(ctx, c, true) + return RunLoginAsUser(ctx, c, true) } if !t.hasExpiredToken() { @@ -218,7 +218,7 @@ func (c *cli) prepareTenant(ctx context.Context) (Tenant, error) { if err := t.regenerateAccessToken(ctx, c); err != nil { // Ask and guide the user through the login process. c.renderer.Errorf("failed to renew access token, %s", err) - return RunLogin(ctx, c, true) + return RunLoginAsUser(ctx, c, true) } if err := c.addTenant(t); err != nil { diff --git a/internal/cli/login.go b/internal/cli/login.go index 4ddd967f6..23c5693bf 100644 --- a/internal/cli/login.go +++ b/internal/cli/login.go @@ -12,16 +12,63 @@ import ( "github.com/auth0/auth0-cli/internal/prompt" ) +var ( + loginTenantDomain = Flag{ + Name: "Tenant Domain", + LongForm: "domain", + Help: "Tenant domain of the application when authenticating via client credentials.", + IsRequired: false, + AlwaysPrompt: false, + } + + loginClientID = Flag{ + Name: "Client ID", + LongForm: "client-id", + Help: "Client ID of the application when authenticating via client credentials.", + IsRequired: false, + AlwaysPrompt: false, + } + + loginClientSecret = Flag{ + Name: "Client Secret", + LongForm: "client-secret", + Help: "Client secret of the application when authenticating via client credentials.", + IsRequired: false, + AlwaysPrompt: false, + } +) + +type LoginInputs struct { + Domain string + ClientID string + ClientSecret string +} + +func (i *LoginInputs) shouldLoginAsMachine() bool { + return i.ClientID != "" || i.ClientSecret != "" || i.Domain != "" +} + func loginCmd(cli *cli) *cobra.Command { + var inputs LoginInputs + cmd := &cobra.Command{ Use: "login", Args: cobra.NoArgs, Short: "Authenticate the Auth0 CLI", - Long: "Sign in to your Auth0 account and authorize the CLI to access the Management API.", + Long: "Authenticates the Auth0 CLI either as a user using personal credentials or as a machine using client credentials.", + Example: `auth0 login +auth0 login --domain --client-id --client-secret `, RunE: func(cmd *cobra.Command, args []string) error { ctx := cmd.Context() - if _, err := RunLogin(ctx, cli, false); err != nil { - return err + + if inputs.shouldLoginAsMachine() { + if err := RunLoginAsMachine(ctx, inputs, cli, cmd); err != nil { + return err + } + } else { + if _, err := RunLoginAsUser(ctx, cli, false); err != nil { + return err + } } cli.tracker.TrackCommandRun(cmd, cli.config.InstallID) @@ -30,20 +77,26 @@ func loginCmd(cli *cli) *cobra.Command { }, } + loginTenantDomain.RegisterString(cmd, &inputs.Domain, "") + loginClientID.RegisterString(cmd, &inputs.ClientID, "") + loginClientSecret.RegisterString(cmd, &inputs.ClientSecret, "") + cmd.MarkFlagsRequiredTogether("client-id", "client-secret", "domain") + cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { _ = cmd.Flags().MarkHidden("tenant") _ = cmd.Flags().MarkHidden("json") + _ = cmd.Flags().MarkHidden("no-input") cmd.Parent().HelpFunc()(cmd, args) }) return cmd } -// RunLogin runs the login flow guiding the user through the process +// RunLoginAsUser runs the login flow guiding the user through the process // by showing the login instructions, opening the browser. // Use `expired` to run the login from other commands setup: // this will only affect the messages. -func RunLogin(ctx context.Context, cli *cli, expired bool) (Tenant, error) { +func RunLoginAsUser(ctx context.Context, cli *cli, expired bool) (Tenant, error) { message := fmt.Sprintf( "%s\n\n%s\n\n", "✪ Welcome to the Auth0 CLI 🎊", @@ -141,3 +194,49 @@ func RunLogin(ctx context.Context, cli *cli, expired bool) (Tenant, error) { return tenant, nil } + +// RunLoginAsMachine facilitates the authentication process using client credentials (client ID, client secret) +func RunLoginAsMachine(ctx context.Context, inputs LoginInputs, cli *cli, cmd *cobra.Command) error { + if err := loginTenantDomain.Ask(cmd, &inputs.Domain, nil); err != nil { + return err + } + + if err := loginClientID.Ask(cmd, &inputs.ClientID, nil); err != nil { + return err + } + + if err := loginClientSecret.AskPassword(cmd, &inputs.ClientSecret, nil); err != nil { + return err + } + + token, err := auth.GetAccessTokenFromClientCreds(auth.ClientCredentials{ + ClientID: inputs.ClientID, + ClientSecret: inputs.ClientSecret, + Domain: inputs.Domain, + }) + if err != nil { + return err + } + + t := Tenant{ + Domain: inputs.Domain, + AccessToken: token.AccessToken, + ExpiresAt: token.ExpiresAt, + ClientID: inputs.ClientID, + ClientSecret: inputs.ClientSecret, + } + + if err := cli.addTenant(t); err != nil { + return fmt.Errorf("unexpected error when attempting to save tenant data: %w", err) + } + + cli.renderer.Newline() + cli.renderer.Infof("Successfully logged in.") + cli.renderer.Infof("Tenant: %s", inputs.Domain) + + if err := checkInstallID(cli); err != nil { + return fmt.Errorf("failed to update the config: %w", err) + } + + return nil +} diff --git a/internal/cli/tenants.go b/internal/cli/tenants.go index 7d178905c..c11859adc 100644 --- a/internal/cli/tenants.go +++ b/internal/cli/tenants.go @@ -1,38 +1,13 @@ package cli import ( - "errors" "fmt" "github.com/spf13/cobra" - "github.com/auth0/auth0-cli/internal/auth" "github.com/auth0/auth0-cli/internal/prompt" ) -var ( - tenantDomain = Argument{ - Name: "Tenant", - Help: "Tenant to select", - } - - tenantClientID = Flag{ - Name: "Client ID", - LongForm: "client-id", - ShortForm: "i", - Help: "Client ID of the application.", - IsRequired: true, - } - - tenantClientSecret = Flag{ - Name: "Client Secret", - LongForm: "client-secret", - ShortForm: "s", - Help: "Client Secret of the application.", - IsRequired: true, - } -) - func tenantsCmd(cli *cli) *cobra.Command { cmd := &cobra.Command{ Use: "tenants", @@ -44,7 +19,6 @@ func tenantsCmd(cli *cli) *cobra.Command { cmd.AddCommand(useTenantCmd(cli)) cmd.AddCommand(listTenantCmd(cli)) cmd.AddCommand(openTenantCmd(cli)) - cmd.AddCommand(addTenantCmd(cli)) return cmd } @@ -129,6 +103,11 @@ func openTenantCmd(cli *cli) *cobra.Command { Domain string } + var tenantDomain = Argument{ + Name: "Tenant", + Help: "Tenant to select", + } + cmd := &cobra.Command{ Use: "open", Args: cobra.MaximumNArgs(1), @@ -162,75 +141,6 @@ func openTenantCmd(cli *cli) *cobra.Command { return cmd } -func addTenantCmd(cli *cli) *cobra.Command { - var inputs struct { - Domain string - ClientID string - ClientSecret string - } - - cmd := &cobra.Command{ - Use: "add", - Args: cobra.MaximumNArgs(1), - Short: "Add a tenant with client credentials", - Long: "Add a tenant with client credentials.", - Example: "auth0 tenants add --client-id --client-secret ", - RunE: func(cmd *cobra.Command, args []string) error { - if len(args) == 0 { - err := tenantDomain.Pick(cmd, &inputs.Domain, cli.tenantPickerOptions) - if err != nil { - if !errors.Is(err, errUnauthenticated) { - return err - } - - if err := tenantDomain.Ask(cmd, &inputs.Domain); err != nil { - return err - } - } - } else { - inputs.Domain = args[0] - } - - if err := tenantClientID.Ask(cmd, &inputs.ClientID, nil); err != nil { - return err - } - - if err := tenantClientSecret.Ask(cmd, &inputs.ClientSecret, nil); err != nil { - return err - } - - token, err := auth.GetAccessTokenFromClientCreds(auth.ClientCredentials{ - ClientID: inputs.ClientID, - ClientSecret: inputs.ClientSecret, - Domain: inputs.Domain, - }) - if err != nil { - return err - } - - t := Tenant{ - Domain: inputs.Domain, - AccessToken: token.AccessToken, - ExpiresAt: token.ExpiresAt, - ClientID: inputs.ClientID, - ClientSecret: inputs.ClientSecret, - } - - if err := cli.addTenant(t); err != nil { - return fmt.Errorf("unexpected error when attempting to save tenant data: %w", err) - } - - cli.renderer.Infof("Tenant added successfully: %s", t.Domain) - return nil - }, - } - - tenantClientID.RegisterString(cmd, &inputs.ClientID, "") - tenantClientSecret.RegisterString(cmd, &inputs.ClientSecret, "") - - return cmd -} - func (c *cli) tenantPickerOptions() (pickerOptions, error) { tens, err := c.listTenants() if err != nil { diff --git a/test/integration/test-cases.yaml b/test/integration/test-cases.yaml index c3b071bdc..8457936a6 100644 --- a/test/integration/test-cases.yaml +++ b/test/integration/test-cases.yaml @@ -37,7 +37,7 @@ tests: auth0 completion bash: exit-code: 0 - + # Test 'apps create' --type flag apps create type native and check data: command: auth0 apps create --name integration-test-app-nativeapp1 --type native --description NativeApp1 --json @@ -109,7 +109,7 @@ tests: json: token_endpoint_auth_method: client_secret_basic exit-code: 0 - + # Test 'apps create' --callbacks flag apps create type m2m callbacks: command: auth0 apps create --name integration-test-app-m2mapp3 --type m2m --description M2mApp3 --callbacks https://example.com @@ -124,7 +124,7 @@ tests: json: callbacks: "[https://example.com https://google.com]" exit-code: 0 - + # Test 'apps create' --grants flag apps create type regular grants: command: auth0 apps create --name integration-test-app-regapp5 --type regular --description RegApp4 --grants credentials,password @@ -212,7 +212,7 @@ tests: json: callbacks: "[https://example.com]" exit-code: 0 - + apps update description: command: auth0 apps update $(cat ./test/integration/identifiers/app-id) --description "A better description" --json stdout: @@ -350,10 +350,10 @@ tests: command: auth0 apis show $(cat ./test/integration/identifiers/api-id) # depends on "apis create test app" test stdout: contains: - - NAME integration-test-api-newapi - - IDENTIFIER http://integration-test-api-newapi - - SCOPES read:todos - - TOKEN LIFETIME 86400 + - NAME integration-test-api-newapi + - IDENTIFIER http://integration-test-api-newapi + - SCOPES read:todos + - TOKEN LIFETIME 86400 - ALLOW OFFLINE ACCESS ✗ exit-code: 0 @@ -403,7 +403,7 @@ tests: exit-code: 0 stdout: json: - email: "testuser@example.com" + email: "testuser@example.com" connection: "Username-Password-Authentication" users create and check output: @@ -423,7 +423,7 @@ tests: command: auth0 users show $(cat ./test/integration/identifiers/user-id) --json stdout: json: - email: "newuser@example.com" + email: "newuser@example.com" connection: "Username-Password-Authentication" exit-code: 0 @@ -456,8 +456,8 @@ tests: exit-code: 0 stdout: json: - name: integration-test-role-new1 - description: testRole + name: integration-test-role-new1 + description: testRole roles create and check output: command: auth0 roles create --name integration-test-role-new2 --description testRole2 --no-input @@ -476,7 +476,7 @@ tests: command: auth0 roles show $(cat ./test/integration/identifiers/role-id) --json stdout: json: - name: integration-test-role-newRole + name: integration-test-role-newRole description: integration-test-role exit-code: 0 @@ -521,7 +521,7 @@ tests: - NAME integration-test-rule-new2 - ENABLED ✗ - ORDER 2 - - SCRIPT function(user, context, cb) { + - SCRIPT function(user, context, cb) { exit-code: 0 # Test 'rules show' From 3e367a5bcd52fcac7d45c6d7a3fddd62009b1ec2 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Fri, 9 Dec 2022 11:19:35 -0500 Subject: [PATCH 6/6] DXCDT-267: Graceful handling of access token regeneration (2/x) (#547) Co-authored-by: Rita Zerrizuela Co-authored-by: Will Vedder Co-authored-by: Sergiu Ghitea --- internal/auth/auth.go | 4 ++-- internal/cli/cli.go | 36 +++++++++++++++++++++++----------- internal/cli/login.go | 45 +++++++++++++++++++------------------------ 3 files changed, 47 insertions(+), 38 deletions(-) diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 2a61fdc1b..9955fe8e3 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -288,7 +288,7 @@ type ClientCredentials struct { } // GetAccessTokenFromClientCreds generates an access token from client credentials -func GetAccessTokenFromClientCreds(args ClientCredentials) (Result, error) { +func GetAccessTokenFromClientCreds(ctx context.Context, args ClientCredentials) (Result, error) { u, err := url.Parse("https://" + args.Domain) if err != nil { return Result{}, err @@ -305,7 +305,7 @@ func GetAccessTokenFromClientCreds(args ClientCredentials) (Result, error) { }, } - resp, err := credsConfig.Token(context.Background()) + resp, err := credsConfig.Token(ctx) if err != nil { return Result{}, err } diff --git a/internal/cli/cli.go b/internal/cli/cli.go index 927d7223c..c98224b15 100644 --- a/internal/cli/cli.go +++ b/internal/cli/cli.go @@ -21,6 +21,7 @@ import ( "github.com/spf13/pflag" "github.com/auth0/auth0-cli/internal/analytics" + "github.com/auth0/auth0-cli/internal/ansi" "github.com/auth0/auth0-cli/internal/auth" "github.com/auth0/auth0-cli/internal/auth0" "github.com/auth0/auth0-cli/internal/buildinfo" @@ -109,11 +110,14 @@ func (t *Tenant) hasExpiredToken() bool { func (t *Tenant) regenerateAccessToken(ctx context.Context, c *cli) error { if t.authenticatedWithClientCredentials() { - token, err := auth.GetAccessTokenFromClientCreds(auth.ClientCredentials{ - ClientID: t.ClientID, - ClientSecret: t.ClientSecret, - Domain: t.Domain, - }) + token, err := auth.GetAccessTokenFromClientCreds( + ctx, + auth.ClientCredentials{ + ClientID: t.ClientID, + ClientSecret: t.ClientSecret, + Domain: t.Domain, + }, + ) if err != nil { return err } @@ -207,18 +211,28 @@ func (c *cli) prepareTenant(ctx context.Context) (Tenant, error) { return Tenant{}, err } - if t.AccessToken == "" || (scopesChanged(t) && t.authenticatedWithDeviceCodeFlow()) { - return RunLoginAsUser(ctx, c, true) + if scopesChanged(t) && t.authenticatedWithDeviceCodeFlow() { + c.renderer.Warnf("Required scopes have changed. Please log in to re-authorize the CLI.\n") + return RunLoginAsUser(ctx, c) } - if !t.hasExpiredToken() { + if t.AccessToken != "" && !t.hasExpiredToken() { return t, nil } if err := t.regenerateAccessToken(ctx, c); err != nil { - // Ask and guide the user through the login process. - c.renderer.Errorf("failed to renew access token, %s", err) - return RunLoginAsUser(ctx, c, true) + if t.authenticatedWithClientCredentials() { + return t, fmt.Errorf( + "failed to fetch access token using client credentials.\n\n"+ + "This may occur if the designated application has been deleted or the client secret has been rotated.\n\n"+ + "Please re-authenticate by running: %s", + ansi.Bold("auth0 login --domain --client-secret "), + ) + } + + c.renderer.Warnf("Failed to renew access token. Please log in to re-authorize the CLI.\n") + + return RunLoginAsUser(ctx, c) } if err := c.addTenant(t); err != nil { diff --git a/internal/cli/login.go b/internal/cli/login.go index 23c5693bf..60a013a4b 100644 --- a/internal/cli/login.go +++ b/internal/cli/login.go @@ -66,7 +66,13 @@ auth0 login --domain --client-id --client-secret --client-id --client-secret --client-id --client-secret