From dadc6c2cbdbada08c43ca3c5d5557a04b9e776c2 Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Fri, 10 Nov 2023 11:19:39 +0100 Subject: [PATCH 1/3] Convert audience into a drop down in interactive mode in test token cmd --- docs/auth0_test_login.md | 2 +- docs/auth0_test_token.md | 2 +- internal/cli/test.go | 78 ++++++++++++++++++++++++++++++++++++---- 3 files changed, 74 insertions(+), 8 deletions(-) diff --git a/docs/auth0_test_login.md b/docs/auth0_test_login.md index 6dd41ee08..27a031a53 100644 --- a/docs/auth0_test_login.md +++ b/docs/auth0_test_login.md @@ -30,7 +30,7 @@ auth0 test login [flags] ## Flags ``` - -a, --audience string The unique identifier of the target API you want to access. + -a, --audience string The unique identifier of the target API you want to access. For Machine to Machine and Regular Web Applications, only the enabled APIs will be shown within the interactive prompt. -c, --connection-name string The connection name to test during login. -d, --domain string One of your custom domains. --force Skip confirmation. diff --git a/docs/auth0_test_token.md b/docs/auth0_test_token.md index 5ad8e2850..cdc62f310 100644 --- a/docs/auth0_test_token.md +++ b/docs/auth0_test_token.md @@ -27,7 +27,7 @@ auth0 test token [flags] ## Flags ``` - -a, --audience string The unique identifier of the target API you want to access. + -a, --audience string The unique identifier of the target API you want to access. For Machine to Machine and Regular Web Applications, only the enabled APIs will be shown within the interactive prompt. --force Skip confirmation. --json Output in json format. -s, --scopes strings The list of scopes you want to use. diff --git a/internal/cli/test.go b/internal/cli/test.go index e8f59f29f..b17f9d40a 100644 --- a/internal/cli/test.go +++ b/internal/cli/test.go @@ -36,7 +36,7 @@ var ( Name: "Audience", LongForm: "audience", ShortForm: "a", - Help: "The unique identifier of the target API you want to access.", + Help: "The unique identifier of the target API you want to access. For Machine to Machine and Regular Web Applications, only the enabled APIs will be shown within the interactive prompt.", } testAudienceRequired = Flag{ @@ -193,18 +193,20 @@ func testTokenCmd(cli *cli) *cobra.Command { return err } - if err := testAudience.Ask(cmd, &inputs.Audience, nil); err != nil { + if err := testAudienceRequired.Pick( + cmd, + &inputs.Audience, + cli.audiencePickerOptions(client), + ); err != nil { return err } - appType := client.GetAppType() - cli.renderer.Infof("Domain : " + ansi.Blue(cli.tenant)) cli.renderer.Infof("Client ID : " + ansi.Bold(client.GetClientID())) - cli.renderer.Infof("Type : " + display.ApplyColorToFriendlyAppType(display.FriendlyAppType(appType))) + cli.renderer.Infof("Type : " + display.ApplyColorToFriendlyAppType(display.FriendlyAppType(client.GetAppType()))) cli.renderer.Newline() - if appType == appTypeNonInteractive { + if client.GetAppType() == appTypeNonInteractive { tokenResponse, err := runClientCredentialsFlow(cmd.Context(), cli, client, inputs.Audience, cli.tenant) if err != nil { return fmt.Errorf( @@ -342,6 +344,70 @@ func (c *cli) appPickerWithCreateOption(ctx context.Context) (pickerOptions, err return enhancedOptions, nil } +func (c *cli) audiencePickerOptions(client *management.Client) func(ctx context.Context) (pickerOptions, error) { + return func(ctx context.Context) (pickerOptions, error) { + var opts pickerOptions + + switch client.GetAppType() { + case "regular_web", "non_interactive": + clientGrants, err := c.api.ClientGrant.List( + ctx, + management.PerPage(100), + management.Parameter("client_id", client.GetClientID()), + ) + if err != nil { + return nil, err + } + + if len(clientGrants.ClientGrants) == 0 { + return nil, fmt.Errorf( + "the %s application is not authorized to request access tokens for any APIs.\n\n"+ + "Run: 'auth0 apps open %s' to open the dashboard and authorize the application.", + ansi.Bold(client.GetName()), + client.GetClientID(), + ) + } + + for _, grant := range clientGrants.ClientGrants { + resourceServer, err := c.api.ResourceServer.Read(ctx, grant.GetAudience()) + if err != nil { + return nil, err + } + + label := fmt.Sprintf( + "%s %s", + resourceServer.GetName(), + ansi.Faint(fmt.Sprintf("(%s)", resourceServer.GetIdentifier())), + ) + + opts = append(opts, pickerOption{ + label: label, + value: resourceServer.GetIdentifier(), + }) + } + default: + resourceServerList, err := c.api.ResourceServer.List(ctx, management.PerPage(100)) + if err != nil { + return nil, err + } + + for _, resourceServer := range resourceServerList.ResourceServers { + label := fmt.Sprintf( + "%s %s", + resourceServer.GetName(), + ansi.Faint(fmt.Sprintf("(%s)", resourceServer.GetIdentifier())), + ) + opts = append(opts, pickerOption{ + label: label, + value: resourceServer.GetIdentifier(), + }) + } + } + + return opts, nil + } +} + func checkClientIsAuthorizedForAPI(ctx context.Context, cli *cli, client *management.Client, audience string) error { var list *management.ClientGrantList if err := ansi.Waiting(func() (err error) { From e1c084334378defcf4aa22f99d7e6dd4445ec640 Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Fri, 10 Nov 2023 17:54:10 +0100 Subject: [PATCH 2/3] Conver scopes into a drop down in interactive mode in test token cmd --- internal/cli/test.go | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/internal/cli/test.go b/internal/cli/test.go index b17f9d40a..04d60bd35 100644 --- a/internal/cli/test.go +++ b/internal/cli/test.go @@ -5,6 +5,7 @@ import ( "fmt" "net/http" + "github.com/AlecAivazis/survey/v2" "github.com/auth0/go-auth0/management" "github.com/spf13/cobra" "golang.org/x/net/context" @@ -221,6 +222,12 @@ func testTokenCmd(cli *cli) *cobra.Command { return nil } + if len(inputs.Scopes) == 0 { + if err := cli.pickTokenScopes(cmd.Context(), &inputs); err != nil { + return err + } + } + if proceed := runLoginFlowPreflightChecks(cli, client); !proceed { return nil } @@ -408,6 +415,25 @@ func (c *cli) audiencePickerOptions(client *management.Client) func(ctx context. } } +func (c *cli) pickTokenScopes(ctx context.Context, inputs *testCmdInputs) error { + resourceServer, err := c.api.ResourceServer.Read(ctx, inputs.Audience) + if err != nil { + return err + } + + var scopes []string + for _, scope := range resourceServer.GetScopes() { + scopes = append(scopes, scope.GetValue()) + } + + scopesPrompt := &survey.MultiSelect{ + Message: "Scopes", + Options: scopes, + } + + return survey.AskOne(scopesPrompt, &inputs.Scopes) +} + func checkClientIsAuthorizedForAPI(ctx context.Context, cli *cli, client *management.Client, audience string) error { var list *management.ClientGrantList if err := ansi.Waiting(func() (err error) { From 51687a91f5220b57e5d2ddcd90e8b952f456826d Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Tue, 14 Nov 2023 16:16:23 +0100 Subject: [PATCH 3/3] Add warning for test token when scopes are given to the cmd --- internal/cli/test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/cli/test.go b/internal/cli/test.go index 04d60bd35..1c0b42976 100644 --- a/internal/cli/test.go +++ b/internal/cli/test.go @@ -208,6 +208,10 @@ func testTokenCmd(cli *cli) *cobra.Command { cli.renderer.Newline() if client.GetAppType() == appTypeNonInteractive { + if len(inputs.Scopes) != 0 { + cli.renderer.Warnf("Passed in scopes do not apply to Machine to Machine applications.\n") + } + tokenResponse, err := runClientCredentialsFlow(cmd.Context(), cli, client, inputs.Audience, cli.tenant) if err != nil { return fmt.Errorf(