feat(auth): initial implementation of auth subcommand #217
Conversation
zeroshade
force-pushed
the
auth-command-stuff
branch
from
b3ca311 to
53ebbd1
Compare
|
I played around with it a bit.
|
|
Thanks for taking a look @eitsupi i'll poke at those |
zeroshade
force-pushed
the
auth-command-stuff
branch
from
f183244 to
dcc7909
Compare
amoeba
left a comment
amoeba
left a comment
There was a problem hiding this comment.
This works really well, thanks for this @zeroshade. I left some comments and suggestions and have some other notes.
- The user agent on the auth requests is a generic UA. Do we want to use a dbc specific UA string?
- When I run
dbc auth loginwhen already logged in, I get a non-zero exit status code. I get a 0 when I log in the first time.
These are some Auth0 setup notes:
-
The Auth0 screen says "Log in to columnar". Can it be Columnar?
-
When I break the oauth flow on purpose, I get an error screen with two issues: Broken logo and lowercase Columnar
-
My password manager picks up the wrong name for the login, regardless of whether I log in through a Columnar account or a Google account. "Us" which I assume comes from the auth0 subdomain
.us.auth0. I'm happy to track down why this is for you.
-
When I finish logging in, I see a page with an incomplete title:
| # macos-13 is intel macos while macos-latest is arm64 | ||
| os: [ 'ubuntu-latest', 'windows-latest', 'macos-latest', 'macos-13' ] | ||
| # macos-15 is intel macos while macos-latest is arm64 | ||
| os: [ 'ubuntu-latest', 'windows-latest', 'macos-latest', 'macos-15' ] |
There was a problem hiding this comment.
How would you feel if I asked you to kick this change out of this PR so we can put it in the releasenotes as a standalone item?
|
@amoeba I've addressed your comments and updated the PR.
I've updated the user-agent for all the requests to use the dbc user-agent.
Fixed this!
I think I've fixed this, at worst we might need to create a new tenant instead since Auth0 doesn't allow changing the tenant name.
How did you break it? This seems like it might be an auth0 error we should file since I've updated the configs to use the logo properly etc.
I've updated our config to use a custom domain via Please take another look and review! thanks! |
|
Re-tested my above things and the main things are fixed. Thanks @zeroshade. I notice that the device confirmation screen now says, "Please confirm this is the code displayed on your dbc Private Registry:". Could that just be "Please confirm this is the code displayed by dbc:"? And, I think we could tweak the output just a bit. The way we have this set up, the user never needs to know the copy code because we don't do the same kind of thing, say, GitHub or Apple do where they make you enter the copy yourself. Right now we show: $ dbc auth login
Copy code: XXXX-XXXX
To authenticate, visit: https://auth.columnar.tech/activate?user_code=XXXX-XXXX
⠋but it could be even simpler unless you think it's unwise: $ dbc auth login
Opening https://auth.columnar.tech/activate?user_code=XXXX-XXXX in your default web browser...
⠋ Waiting for confirmation... |
|
@amoeba made both changes and updated! |
Co-authored-by: Bryce Mecum <[email protected]>
zeroshade
force-pushed
the
auth-command-stuff
branch
from
84625c5 to
0a8ba3d
Compare
|
Thanks @zeroshade. I think that we may tweak some parts of this as we continue to discuss but I think we could merge this since it works well. |
Implements
dbc auth loginanddbc auth logoutand enables themakereqfunction to utilize any available credentials if the index matches a credential.Does not yet implement any utilization of encryption or using OS credential stores.
Currently only implements Oauth2 Device Flow and api-key implementation (expecting a
/loginendpoint for api-key to get a token)