From 44613508af7487779af8f0a797390ffdf6281609 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Nov 2023 10:44:33 +0000 Subject: [PATCH 01/12] Bump github.com/auth0/go-auth0 from 1.2.0 to 1.3.0 (#908) Bumps [github.com/auth0/go-auth0](https://github.com/auth0/go-auth0) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/auth0/go-auth0/releases) - [Changelog](https://github.com/auth0/go-auth0/blob/main/CHANGELOG.md) - [Commits](https://github.com/auth0/go-auth0/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: github.com/auth0/go-auth0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c8e27160a..3070443bd 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( github.com/AlecAivazis/survey/v2 v2.3.7 github.com/PuerkitoBio/rehttp v1.3.0 - github.com/auth0/go-auth0 v1.2.0 + github.com/auth0/go-auth0 v1.3.0 github.com/briandowns/spinner v1.23.0 github.com/charmbracelet/glamour v0.6.0 github.com/fsnotify/fsnotify v1.7.0 diff --git a/go.sum b/go.sum index 0a663f00d..a6e48e491 100644 --- a/go.sum +++ b/go.sum @@ -18,8 +18,8 @@ github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/ github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= -github.com/auth0/go-auth0 v1.2.0 h1:pZWzWCWk038jDsItwfqrbuoN37xcNHUClfPzW+rk1ok= -github.com/auth0/go-auth0 v1.2.0/go.mod h1:tLH1Qv816g3dpqituiPNN4ET+YoNtk5++68aRg+MxaA= +github.com/auth0/go-auth0 v1.3.0 h1:46bo0C6HYtsdSj4BEF4j6IaQrSAiUqehwuv+IO3qDJ0= +github.com/auth0/go-auth0 v1.3.0/go.mod h1:gm0NUM340x77a9YVZB50HUrJJkSchD9DkiqqbAl+s34= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA= github.com/aymanbagabas/go-osc52 v1.0.3 h1:DTwqENW7X9arYimJrPeGZcV0ln14sGMt3pHZspWD+Mg= From 205439459fbb500b6518083d5a2a9d181ca905a5 Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Mon, 13 Nov 2023 12:10:00 -0500 Subject: [PATCH 02/12] dxcdt-615-goreleaser-upgrade (#909) * Fix: Remove or replace deprecations for GoReleaser config Remove deprecated replacements Replace deprecated brews tap Replace deprecated scoop entries Fix name_template to reflect exact current naming conventions * DXCDT-582: Convert audience into a drop down in interactive mode in test token cmd (#906) Convert audience into a drop down in interactive mode in test token cmd * Bump github.com/auth0/go-auth0 from 1.2.0 to 1.3.0 (#908) Bumps [github.com/auth0/go-auth0](https://github.com/auth0/go-auth0) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/auth0/go-auth0/releases) - [Changelog](https://github.com/auth0/go-auth0/blob/main/CHANGELOG.md) - [Commits](https://github.com/auth0/go-auth0/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: github.com/auth0/go-auth0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] Co-authored-by: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .gitignore | 1 + .goreleaser.yml | 37 ++++++++++++++++--------------------- 2 files changed, 17 insertions(+), 21 deletions(-) diff --git a/.gitignore b/.gitignore index a1560ab06..2d6eec10e 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ /auth0 /test/integration/identifiers coverage* +/dist # Swap [._]*.s[a-v][a-z] diff --git a/.goreleaser.yml b/.goreleaser.yml index 2fdc5222f..e044543cc 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -18,12 +18,7 @@ builds: - -X 'github.com/auth0/auth0-cli/internal/buildinfo.BuildDate={{.Date}}' - -X 'github.com/auth0/auth0-cli/internal/instrumentation.SentryDSN={{.Env.SENTRY_DSN}}' archives: - - replacements: - darwin: Darwin - linux: Linux - windows: Windows - 386: i386 - amd64: x86_64 + - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ if eq .Arch "arm64" }}arm64{{ else }}x86_64{{ end }}' files: - none* format_overrides: @@ -37,7 +32,7 @@ changelog: skip: true brews: - name: auth0 - tap: + repository: owner: auth0 name: homebrew-auth0-cli commit_author: @@ -54,17 +49,17 @@ brews: (fish_completion/"auth0.fish").write `#{bin}/auth0 completion fish` (zsh_completion/"_auth0").write `#{bin}/auth0 completion zsh` caveats: "Thanks for installing the Auth0 CLI" -scoop: - name: auth0 - bucket: - owner: auth0 - name: scoop-auth0-cli - commit_author: - name: auth0 - email: support@auth0.com - commit_msg_template: "Scoop manifest update for {{ .ProjectName }} version {{ .Tag }}" - homepage: https://auth0.github.io/auth0-cli - description: Build, manage and test your Auth0 integrations from the command line - license: MIT - skip_upload: auto - post_install: ["Write-Host 'Thanks for installing the Auth0 CLI'"] +scoops: + - name: auth0 + repository: + owner: auth0 + name: scoop-auth0-cli + commit_author: + name: auth0 + email: support@auth0.com + commit_msg_template: "Scoop manifest update for {{ .ProjectName }} version {{ .Tag }}" + homepage: https://auth0.github.io/auth0-cli + description: Build, manage and test your Auth0 integrations from the command line + license: MIT + skip_upload: auto + post_install: ["Write-Host 'Thanks for installing the Auth0 CLI'"] From 1da363159ffebcde4680b5fc9c4c54d19ad83c1b Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Sat, 11 Nov 2023 09:05:49 +0100 Subject: [PATCH 03/12] DXCDT-582: Convert audience into a drop down in interactive mode in test token cmd (#906) Convert audience into a drop down in interactive mode in test token cmd Title Os for final release name fit --- .goreleaser.yml | 2 +- docs/auth0_test_login.md | 2 +- docs/auth0_test_token.md | 2 +- internal/cli/test.go | 78 ++++++++++++++++++++++++++++++++++++---- 4 files changed, 75 insertions(+), 9 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index e044543cc..8b2e336e9 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -18,7 +18,7 @@ builds: - -X 'github.com/auth0/auth0-cli/internal/buildinfo.BuildDate={{.Date}}' - -X 'github.com/auth0/auth0-cli/internal/instrumentation.SentryDSN={{.Env.SENTRY_DSN}}' archives: - - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ if eq .Arch "arm64" }}arm64{{ else }}x86_64{{ end }}' + - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ title .Os }}_{{ if eq .Arch "arm64" }}arm64{{ else }}x86_64{{ end }}' files: - none* format_overrides: diff --git a/docs/auth0_test_login.md b/docs/auth0_test_login.md index 6dd41ee08..27a031a53 100644 --- a/docs/auth0_test_login.md +++ b/docs/auth0_test_login.md @@ -30,7 +30,7 @@ auth0 test login [flags] ## Flags ``` - -a, --audience string The unique identifier of the target API you want to access. + -a, --audience string The unique identifier of the target API you want to access. For Machine to Machine and Regular Web Applications, only the enabled APIs will be shown within the interactive prompt. -c, --connection-name string The connection name to test during login. -d, --domain string One of your custom domains. --force Skip confirmation. diff --git a/docs/auth0_test_token.md b/docs/auth0_test_token.md index 5ad8e2850..cdc62f310 100644 --- a/docs/auth0_test_token.md +++ b/docs/auth0_test_token.md @@ -27,7 +27,7 @@ auth0 test token [flags] ## Flags ``` - -a, --audience string The unique identifier of the target API you want to access. + -a, --audience string The unique identifier of the target API you want to access. For Machine to Machine and Regular Web Applications, only the enabled APIs will be shown within the interactive prompt. --force Skip confirmation. --json Output in json format. -s, --scopes strings The list of scopes you want to use. diff --git a/internal/cli/test.go b/internal/cli/test.go index e8f59f29f..b17f9d40a 100644 --- a/internal/cli/test.go +++ b/internal/cli/test.go @@ -36,7 +36,7 @@ var ( Name: "Audience", LongForm: "audience", ShortForm: "a", - Help: "The unique identifier of the target API you want to access.", + Help: "The unique identifier of the target API you want to access. For Machine to Machine and Regular Web Applications, only the enabled APIs will be shown within the interactive prompt.", } testAudienceRequired = Flag{ @@ -193,18 +193,20 @@ func testTokenCmd(cli *cli) *cobra.Command { return err } - if err := testAudience.Ask(cmd, &inputs.Audience, nil); err != nil { + if err := testAudienceRequired.Pick( + cmd, + &inputs.Audience, + cli.audiencePickerOptions(client), + ); err != nil { return err } - appType := client.GetAppType() - cli.renderer.Infof("Domain : " + ansi.Blue(cli.tenant)) cli.renderer.Infof("Client ID : " + ansi.Bold(client.GetClientID())) - cli.renderer.Infof("Type : " + display.ApplyColorToFriendlyAppType(display.FriendlyAppType(appType))) + cli.renderer.Infof("Type : " + display.ApplyColorToFriendlyAppType(display.FriendlyAppType(client.GetAppType()))) cli.renderer.Newline() - if appType == appTypeNonInteractive { + if client.GetAppType() == appTypeNonInteractive { tokenResponse, err := runClientCredentialsFlow(cmd.Context(), cli, client, inputs.Audience, cli.tenant) if err != nil { return fmt.Errorf( @@ -342,6 +344,70 @@ func (c *cli) appPickerWithCreateOption(ctx context.Context) (pickerOptions, err return enhancedOptions, nil } +func (c *cli) audiencePickerOptions(client *management.Client) func(ctx context.Context) (pickerOptions, error) { + return func(ctx context.Context) (pickerOptions, error) { + var opts pickerOptions + + switch client.GetAppType() { + case "regular_web", "non_interactive": + clientGrants, err := c.api.ClientGrant.List( + ctx, + management.PerPage(100), + management.Parameter("client_id", client.GetClientID()), + ) + if err != nil { + return nil, err + } + + if len(clientGrants.ClientGrants) == 0 { + return nil, fmt.Errorf( + "the %s application is not authorized to request access tokens for any APIs.\n\n"+ + "Run: 'auth0 apps open %s' to open the dashboard and authorize the application.", + ansi.Bold(client.GetName()), + client.GetClientID(), + ) + } + + for _, grant := range clientGrants.ClientGrants { + resourceServer, err := c.api.ResourceServer.Read(ctx, grant.GetAudience()) + if err != nil { + return nil, err + } + + label := fmt.Sprintf( + "%s %s", + resourceServer.GetName(), + ansi.Faint(fmt.Sprintf("(%s)", resourceServer.GetIdentifier())), + ) + + opts = append(opts, pickerOption{ + label: label, + value: resourceServer.GetIdentifier(), + }) + } + default: + resourceServerList, err := c.api.ResourceServer.List(ctx, management.PerPage(100)) + if err != nil { + return nil, err + } + + for _, resourceServer := range resourceServerList.ResourceServers { + label := fmt.Sprintf( + "%s %s", + resourceServer.GetName(), + ansi.Faint(fmt.Sprintf("(%s)", resourceServer.GetIdentifier())), + ) + opts = append(opts, pickerOption{ + label: label, + value: resourceServer.GetIdentifier(), + }) + } + } + + return opts, nil + } +} + func checkClientIsAuthorizedForAPI(ctx context.Context, cli *cli, client *management.Client, audience string) error { var list *management.ClientGrantList if err := ansi.Waiting(func() (err error) { From 3068c0718b8515893372125f79d3b45fdaa56be7 Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Fri, 1 Dec 2023 11:36:59 -0500 Subject: [PATCH 04/12] Bump goreleaser version --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4a72051b8..ec3bc0c9d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,7 +27,7 @@ jobs: - name: Run GoReleaser uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # pin@4.3.0 with: - version: v1.18.2 + version: v1.22.1 args: release --rm-dist env: GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }} From 2383a8e6ac7ffb54044f924516e1cd7b73b603b3 Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 08:31:25 -0500 Subject: [PATCH 05/12] Add metadata flag to apps create/update Update metadata flag docs for apps create/update --- docs/auth0_apps_create.md | 34 +++++++++++++++++++--------------- docs/auth0_apps_update.md | 34 +++++++++++++++++++--------------- internal/cli/apps.go | 33 ++++++++++++++++++++++++++++++--- 3 files changed, 68 insertions(+), 33 deletions(-) diff --git a/docs/auth0_apps_create.md b/docs/auth0_apps_create.md index 622c6594b..2fbd69c99 100644 --- a/docs/auth0_apps_create.md +++ b/docs/auth0_apps_create.md @@ -25,27 +25,31 @@ auth0 apps create [flags] auth0 apps create --name myapp --description --type [native|spa|regular|m2m] auth0 apps create --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" --metadata "bazz=buzz" + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar,bazz=buzz" ``` ## Flags ``` - -a, --auth-method string Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic). - -c, --callbacks strings After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://. - -d, --description string Description of the application. Max character count is 140. - -g, --grants strings List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code. - --json Output in json format. - -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. - -n, --name string Name of the application. - -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. - -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. - -t, --type string Type of application: - - native: mobile, desktop, CLI and smart device apps running natively. - - spa (single page application): a JavaScript front-end app that uses an API. - - regular: Traditional web app using redirects. - - m2m (machine to machine): CLIs, daemons or services running on your backend. - -w, --web-origins strings Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode. + -a, --auth-method string Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic). + -c, --callbacks strings After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://. + -d, --description string Description of the application. Max character count is 140. + -g, --grants strings List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code. + --json Output in json format. + -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. + --metadata stringToString Will add Metadata to an application (default []) + -n, --name string Name of the application. + -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. + -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. + -t, --type string Type of application: + - native: mobile, desktop, CLI and smart device apps running natively. + - spa (single page application): a JavaScript front-end app that uses an API. + - regular: Traditional web app using redirects. + - m2m (machine to machine): CLIs, daemons or services running on your backend. + -w, --web-origins strings Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode. ``` diff --git a/docs/auth0_apps_update.md b/docs/auth0_apps_update.md index e46910833..443a5f346 100644 --- a/docs/auth0_apps_update.md +++ b/docs/auth0_apps_update.md @@ -25,27 +25,31 @@ auth0 apps update [flags] auth0 apps update --name myapp --description --type [native|spa|regular|m2m] auth0 apps update --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" --metadata "bazz=buzz" + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar,bazz=buzz" ``` ## Flags ``` - -a, --auth-method string Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic). - -c, --callbacks strings After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://. - -d, --description string Description of the application. Max character count is 140. - -g, --grants strings List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code. - --json Output in json format. - -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. - -n, --name string Name of the application. - -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. - -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. - -t, --type string Type of application: - - native: mobile, desktop, CLI and smart device apps running natively. - - spa (single page application): a JavaScript front-end app that uses an API. - - regular: Traditional web app using redirects. - - m2m (machine to machine): CLIs, daemons or services running on your backend. - -w, --web-origins strings Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode. + -a, --auth-method string Defines the requested authentication method for the token endpoint. Possible values are 'None' (public application without a client secret), 'Post' (application uses HTTP POST parameters) or 'Basic' (application uses HTTP Basic). + -c, --callbacks strings After the user authenticates we will only call back to any of these URLs. You can specify multiple valid URLs by comma-separating them (typically to handle different environments like QA or testing). Make sure to specify the protocol (https://) otherwise the callback may fail in some cases. With the exception of custom URI schemes for native apps, all callbacks should use protocol https://. + -d, --description string Description of the application. Max character count is 140. + -g, --grants strings List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code. + --json Output in json format. + -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. + --metadata stringToString Will add Metadata to an application (default []) + -n, --name string Name of the application. + -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. + -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. + -t, --type string Type of application: + - native: mobile, desktop, CLI and smart device apps running natively. + - spa (single page application): a JavaScript front-end app that uses an API. + - regular: Traditional web app using redirects. + - m2m (machine to machine): CLIs, daemons or services running on your backend. + -w, --web-origins strings Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode. ``` diff --git a/internal/cli/apps.go b/internal/cli/apps.go index d142affe2..fa946129f 100644 --- a/internal/cli/apps.go +++ b/internal/cli/apps.go @@ -78,6 +78,12 @@ var ( IsRequired: false, AlwaysPrompt: true, } + appMetadata = Flag{ + Name: "Metadata", + LongForm: "metadata", + Help: "Will add Metadata to an application", + IsRequired: false, + } appOrigins = Flag{ Name: "Allowed Origin URLs", LongForm: "origins", @@ -373,6 +379,7 @@ func createAppCmd(cli *cli) *cobra.Command { AuthMethod string Grants []string RevealSecrets bool + Metadata map[string]string } var oidcConformant = true var algorithm = "RS256" @@ -389,7 +396,10 @@ func createAppCmd(cli *cli) *cobra.Command { auth0 apps create --name myapp --description auth0 apps create --name myapp --description --type [native|spa|regular|m2m] auth0 apps create --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets - auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json`, + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" --metadata "bazz=buzz" + auth0 apps create -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar,bazz=buzz"`, RunE: func(cmd *cobra.Command, args []string) error { // Prompt for app name if err := appName.Ask(cmd, &inputs.Name, nil); err != nil { @@ -454,6 +464,11 @@ func createAppCmd(cli *cli) *cobra.Command { } } + clientMetadata := make(map[string]interface{}, len(inputs.Metadata)) + for k, v := range inputs.Metadata { + clientMetadata[k] = v + } + // Load values into a fresh app instance a := &management.Client{ Name: &inputs.Name, @@ -465,6 +480,7 @@ func createAppCmd(cli *cli) *cobra.Command { AllowedLogoutURLs: stringSliceToPtr(inputs.AllowedLogoutURLs), OIDCConformant: &oidcConformant, JWTConfiguration: &management.ClientJWTConfiguration{Algorithm: &algorithm}, + ClientMetadata: &clientMetadata, } // Set token endpoint auth method @@ -505,6 +521,7 @@ func createAppCmd(cli *cli) *cobra.Command { appDescription.RegisterString(cmd, &inputs.Description, "") appCallbacks.RegisterStringSlice(cmd, &inputs.Callbacks, nil) appOrigins.RegisterStringSlice(cmd, &inputs.AllowedOrigins, nil) + appMetadata.RegisterStringMap(cmd, &inputs.Metadata, nil) appWebOrigins.RegisterStringSlice(cmd, &inputs.AllowedWebOrigins, nil) appLogoutURLs.RegisterStringSlice(cmd, &inputs.AllowedLogoutURLs, nil) appAuthMethod.RegisterString(cmd, &inputs.AuthMethod, "") @@ -527,6 +544,7 @@ func updateAppCmd(cli *cli) *cobra.Command { AuthMethod string Grants []string RevealSecrets bool + Metadata map[string]string } cmd := &cobra.Command{ @@ -542,7 +560,10 @@ func updateAppCmd(cli *cli) *cobra.Command { auth0 apps update --name myapp --description auth0 apps update --name myapp --description --type [native|spa|regular|m2m] auth0 apps update --name myapp --description --type [native|spa|regular|m2m] --reveal-secrets - auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json`, + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar" --metadata "bazz=buzz" + auth0 apps update -n myapp -d -t [native|spa|regular|m2m] -r --json --metadata "foo=bar,bazz=buzz"`, RunE: func(cmd *cobra.Command, args []string) error { var current *management.Client @@ -638,8 +659,13 @@ func updateAppCmd(cli *cli) *cobra.Command { } } + clientMetadata := make(map[string]interface{}, len(inputs.Metadata)) + for k, v := range inputs.Metadata { + clientMetadata[k] = v + } + // Load updated values into a fresh app instance - a := &management.Client{} + a := &management.Client{ClientMetadata: &clientMetadata} if len(inputs.Name) == 0 { a.Name = current.Name @@ -714,6 +740,7 @@ func updateAppCmd(cli *cli) *cobra.Command { appType.RegisterStringU(cmd, &inputs.Type, "") appDescription.RegisterStringU(cmd, &inputs.Description, "") appCallbacks.RegisterStringSliceU(cmd, &inputs.Callbacks, nil) + appMetadata.RegisterStringMap(cmd, &inputs.Metadata, map[string]string{}) appOrigins.RegisterStringSliceU(cmd, &inputs.AllowedOrigins, nil) appWebOrigins.RegisterStringSliceU(cmd, &inputs.AllowedWebOrigins, nil) appLogoutURLs.RegisterStringSliceU(cmd, &inputs.AllowedLogoutURLs, nil) From dd111cd72fcbab95b0c82cd65439efd2b59c684a Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 10:06:57 -0500 Subject: [PATCH 06/12] Improve metadata help Co-authored-by: Will Vedder --- internal/cli/apps.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/cli/apps.go b/internal/cli/apps.go index fa946129f..85b001d31 100644 --- a/internal/cli/apps.go +++ b/internal/cli/apps.go @@ -81,7 +81,7 @@ var ( appMetadata = Flag{ Name: "Metadata", LongForm: "metadata", - Help: "Will add Metadata to an application", + Help: "Arbitrary keys-value pairs (max 255 characters each), that can be assigned to each application. More about application metadata: https://auth0.com/docs/get-started/applications/configure-application-metadata", IsRequired: false, } appOrigins = Flag{ From 7f4a84e4a65225777c63d65904f310f000bbef67 Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 10:54:06 -0500 Subject: [PATCH 07/12] Ensure metadata doesn't get wiped on update with no additional metadata --- internal/cli/apps.go | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/internal/cli/apps.go b/internal/cli/apps.go index fa946129f..29e87e779 100644 --- a/internal/cli/apps.go +++ b/internal/cli/apps.go @@ -659,13 +659,8 @@ func updateAppCmd(cli *cli) *cobra.Command { } } - clientMetadata := make(map[string]interface{}, len(inputs.Metadata)) - for k, v := range inputs.Metadata { - clientMetadata[k] = v - } - // Load updated values into a fresh app instance - a := &management.Client{ClientMetadata: &clientMetadata} + a := &management.Client{} if len(inputs.Name) == 0 { a.Name = current.Name @@ -721,6 +716,16 @@ func updateAppCmd(cli *cli) *cobra.Command { a.GrantTypes = apiGrantsFor(inputs.Grants) } + if len(inputs.Metadata) == 0 { + a.ClientMetadata = current.ClientMetadata + } else { + clientMetadata := make(map[string]interface{}, len(inputs.Metadata)) + for k, v := range inputs.Metadata { + clientMetadata[k] = v + } + a.ClientMetadata = &clientMetadata + } + // Update app if err := ansi.Waiting(func() error { return cli.api.Client.Update(cmd.Context(), inputs.ID, a) From 40961c47035d8b58a59cf76acc165a4ed8e7e5cc Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 11:10:30 -0500 Subject: [PATCH 08/12] Show metadata on app show, create, and update rendered views --- internal/display/apps.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/internal/display/apps.go b/internal/display/apps.go index 30e926253..dddc29d12 100644 --- a/internal/display/apps.go +++ b/internal/display/apps.go @@ -34,6 +34,7 @@ type applicationView struct { AllowedLogoutURLs []string AuthMethod string Grants []string + Metadata []string revealSecret bool raw interface{} @@ -68,6 +69,7 @@ func (v *applicationView) KeyValues() [][]string { allowedWebOrigins := strings.Join(v.AllowedWebOrigins, ", ") allowedLogoutURLs := strings.Join(v.AllowedLogoutURLs, ", ") grants := strings.Join(v.Grants, ", ") + metadata := strings.Join(v.Metadata, ", ") if v.revealSecret { return [][]string{ @@ -82,6 +84,7 @@ func (v *applicationView) KeyValues() [][]string { {"ALLOWED WEB ORIGINS", allowedWebOrigins}, {"TOKEN ENDPOINT AUTH", v.AuthMethod}, {"GRANTS", grants}, + {"METADATA", metadata}, } } @@ -96,6 +99,7 @@ func (v *applicationView) KeyValues() [][]string { {"ALLOWED WEB ORIGINS", allowedWebOrigins}, {"TOKEN ENDPOINT AUTH", v.AuthMethod}, {"GRANTS", grants}, + {"METADATA", metadata}, } } @@ -176,6 +180,7 @@ func makeApplicationView(client *management.Client, revealSecrets bool) *applica AllowedLogoutURLs: client.GetAllowedLogoutURLs(), AuthMethod: client.GetTokenEndpointAuthMethod(), Grants: client.GetGrantTypes(), + Metadata: mapPointerToArray(client.ClientMetadata), raw: client, } } @@ -197,6 +202,16 @@ func FriendlyAppType(appType string) string { } } +func mapPointerToArray(m *map[string]interface{}) []string { + var result []string + if m != nil { + for k, v := range *m { + result = append(result, fmt.Sprintf("%s=%v", k, v)) + } + } + return result +} + func quickstartsURIFor(appType string) string { switch { case appType == "native": From a760838acef7724631668a5c73e335ac660e0e8a Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 11:11:15 -0500 Subject: [PATCH 09/12] Update metadata docs --- docs/auth0_apps_create.md | 2 +- docs/auth0_apps_update.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/auth0_apps_create.md b/docs/auth0_apps_create.md index 2fbd69c99..a3703fae7 100644 --- a/docs/auth0_apps_create.md +++ b/docs/auth0_apps_create.md @@ -40,7 +40,7 @@ auth0 apps create [flags] -g, --grants strings List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code. --json Output in json format. -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. - --metadata stringToString Will add Metadata to an application (default []) + --metadata stringToString Arbitrary keys-value pairs (max 255 characters each), that can be assigned to each application. More about application metadata: https://auth0.com/docs/get-started/applications/configure-application-metadata (default []) -n, --name string Name of the application. -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. diff --git a/docs/auth0_apps_update.md b/docs/auth0_apps_update.md index 443a5f346..46e0350c6 100644 --- a/docs/auth0_apps_update.md +++ b/docs/auth0_apps_update.md @@ -40,7 +40,7 @@ auth0 apps update [flags] -g, --grants strings List of grant types supported for this application. Can include code, implicit, refresh-token, credentials, password, password-realm, mfa-oob, mfa-otp, mfa-recovery-code, and device-code. --json Output in json format. -l, --logout-urls strings Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. - --metadata stringToString Will add Metadata to an application (default []) + --metadata stringToString Arbitrary keys-value pairs (max 255 characters each), that can be assigned to each application. More about application metadata: https://auth0.com/docs/get-started/applications/configure-application-metadata (default []) -n, --name string Name of the application. -o, --origins strings Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. -r, --reveal-secrets Display the application secrets ('signing_keys', 'client_secret') as part of the command output. From 0d59e62f43445bb4a31d64db0b900c9aaab03103 Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 15:32:45 -0500 Subject: [PATCH 10/12] Add metadata integration tests --- test/integration/apps-test-cases.yaml | 58 ++++++++++++++++++++------- 1 file changed, 43 insertions(+), 15 deletions(-) diff --git a/test/integration/apps-test-cases.yaml b/test/integration/apps-test-cases.yaml index c0e591331..d0bf8d9f0 100644 --- a/test/integration/apps-test-cases.yaml +++ b/test/integration/apps-test-cases.yaml @@ -155,7 +155,35 @@ tests: json: web_origins: "[https://example.com]" - 021 - given a test app, it successfully gets the app's details and outputs in json: + 021 - it successfully creates a native app with a single metadata set: + command: auth0 apps create --name integration-test-app-nativeapp21 --type native --description NativeApp21 --metadata "key=value" + exit-code: 0 + stdout: + contains: + - METADATA key=value + + 022 - it successfully creates a native app with a multiple metadata sets, multiple flags: + command: auth0 apps create --name integration-test-app-nativeapp22 --type native --description NativeApp22 --metadata "key=value" --metadata "foo=bar" + exit-code: 0 + stdout: + contains: + - METADATA key=value, foo=bar + + 023 - it successfully creates a native app with a multiple metadata sets, single flag: + command: auth0 apps create --name integration-test-app-nativeapp23 --type native --description NativeApp23 --metadata "key=value,foo=bar" + exit-code: 0 + stdout: + contains: + - METADATA key=value, foo=bar + + 024 - given a test app, it successfully updates the app's details with a metadata set: + command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --metadata "baz=buzz" + exit-code: 0 + stdout: + contains: + - METADATA baz=buzz + + 025 - given a test app, it successfully gets the app's details and outputs in json: command: auth0 apps show $(./test/integration/scripts/get-app-id.sh) --json exit-code: 0 stdout: @@ -164,7 +192,7 @@ tests: description: NewApp app_type: native - 022 - given a test app, it successfully gets the app's details: + 026 - given a test app, it successfully gets the app's details: command: auth0 apps show $(./test/integration/scripts/get-app-id.sh) exit-code: 0 stdout: @@ -173,63 +201,63 @@ tests: - DESCRIPTION NewApp - TYPE Native - 023 - given a test app, it successfully updates the app's auth method and outputs in json: + 027 - given a test app, it successfully updates the app's auth method and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --auth-method Basic --json exit-code: 0 stdout: json: token_endpoint_auth_method: client_secret_basic - 024 - given a test app, it successfully updates the app's callbacks and outputs in json: + 028 - given a test app, it successfully updates the app's callbacks and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --callbacks https://example.com --json stdout: json: callbacks: "[https://example.com]" exit-code: 0 - 025 - given a test app, it successfully updates the app's description and outputs in json: + 029 - given a test app, it successfully updates the app's description and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --description "A better description" --json exit-code: 0 stdout: json: description: A better description - 026 - given a test app, it successfully updates the app's grants and outputs in json: + 030 - given a test app, it successfully updates the app's grants and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --grants code --json exit-code: 0 stdout: json: grant_types: "[authorization_code]" - 027 - given a test app, it successfully updates the app's logout urls and outputs in json: + 031 - given a test app, it successfully updates the app's logout urls and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --logout-urls https://example.com --json exit-code: 0 stdout: json: allowed_logout_urls: "[https://example.com]" - 028 - given a test app, it successfully updates the app's name and outputs in json: + 032 - given a test app, it successfully updates the app's name and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --name integration-test-app-betterAppName --json exit-code: 0 stdout: json: name: integration-test-app-betterAppName - 029 - given a test app, it successfully updates the app's origins and outputs in json: + 033 - given a test app, it successfully updates the app's origins and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --origins https://example.com --json exit-code: 0 stdout: json: allowed_origins: "[https://example.com]" - 030 - given a test app, it successfully updates the app's web origins and outputs in json: + 034 - given a test app, it successfully updates the app's web origins and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --web-origins https://example.com --json exit-code: 0 stdout: json: web_origins: "[https://example.com]" - 031 - given a test app, it successfully updates the app's web origins and type and outputs in json: + 035 - given a test app, it successfully updates the app's web origins and type and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --web-origins https://examples.com --type native --json exit-code: 0 stdout: @@ -237,27 +265,27 @@ tests: app_type: native web_origins: "[https://examples.com]" - 032 - given a test app, it successfully updates the app's type and outputs in json: + 036 - given a test app, it successfully updates the app's type and outputs in json: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --type spa --json exit-code: 0 stdout: json: app_type: spa - 033 - given a test app, it successfully opens the settings page: + 037 - given a test app, it successfully opens the settings page: command: auth0 apps open $(./test/integration/scripts/get-app-id.sh) --no-input exit-code: 0 stderr: contains: - "Open the following URL in a browser" - 034 - given a test app, it successfully sets the default application: + 038 - given a test app, it successfully sets the default application: command: auth0 apps use $(./test/integration/scripts/get-app-id.sh) --no-input exit-code: 0 stderr: contains: - "Successfully set the default application to" - 035 - given a test app, it successfully deletes the app: + 039 - given a test app, it successfully deletes the app: command: auth0 apps delete $(./test/integration/scripts/get-app-id.sh) --force exit-code: 0 From 941b955595bc44d2fec2679d192b8c176e62a205 Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 15:59:30 -0500 Subject: [PATCH 11/12] Remove space sensitivity from integration tests around metadata --- test/integration/apps-test-cases.yaml | 14 ++++++++++---- test/integration/fixtures/update-rule.json | 7 ------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/test/integration/apps-test-cases.yaml b/test/integration/apps-test-cases.yaml index d0bf8d9f0..616d9a943 100644 --- a/test/integration/apps-test-cases.yaml +++ b/test/integration/apps-test-cases.yaml @@ -160,28 +160,34 @@ tests: exit-code: 0 stdout: contains: - - METADATA key=value + - METADATA + - key=value 022 - it successfully creates a native app with a multiple metadata sets, multiple flags: command: auth0 apps create --name integration-test-app-nativeapp22 --type native --description NativeApp22 --metadata "key=value" --metadata "foo=bar" exit-code: 0 stdout: contains: - - METADATA key=value, foo=bar + - METADATA + - key=value + - foo=bar 023 - it successfully creates a native app with a multiple metadata sets, single flag: command: auth0 apps create --name integration-test-app-nativeapp23 --type native --description NativeApp23 --metadata "key=value,foo=bar" exit-code: 0 stdout: contains: - - METADATA key=value, foo=bar + - METADATA + - key=value + - foo=bar 024 - given a test app, it successfully updates the app's details with a metadata set: command: auth0 apps update $(./test/integration/scripts/get-app-id.sh) --metadata "baz=buzz" exit-code: 0 stdout: contains: - - METADATA baz=buzz + - METADATA + - baz=buzz 025 - given a test app, it successfully gets the app's details and outputs in json: command: auth0 apps show $(./test/integration/scripts/get-app-id.sh) --json diff --git a/test/integration/fixtures/update-rule.json b/test/integration/fixtures/update-rule.json index 347e717d7..e69de29bb 100644 --- a/test/integration/fixtures/update-rule.json +++ b/test/integration/fixtures/update-rule.json @@ -1,7 +0,0 @@ -{ - "id": "rul_xWavq6OFKbMma9DH", - "name": "integration-test-rule-betterName", - "script": "function(user, context, cb) {\n cb(null, user, context);\n}\n", - "order": 3, - "enabled": false -} From 1b597b1272d6a37792b6eed175236090f127fc5f Mon Sep 17 00:00:00 2001 From: Michael Christenson II Date: Thu, 7 Dec 2023 16:23:14 -0500 Subject: [PATCH 12/12] Revert fixture --- test/integration/fixtures/update-rule.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/test/integration/fixtures/update-rule.json b/test/integration/fixtures/update-rule.json index e69de29bb..347e717d7 100644 --- a/test/integration/fixtures/update-rule.json +++ b/test/integration/fixtures/update-rule.json @@ -0,0 +1,7 @@ +{ + "id": "rul_xWavq6OFKbMma9DH", + "name": "integration-test-rule-betterName", + "script": "function(user, context, cb) {\n cb(null, user, context);\n}\n", + "order": 3, + "enabled": false +}