-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TCE-807: Browser login #112
Conversation
{ | ||
name: "missing credentials", | ||
options: []HCPConfigOption{}, | ||
expectedError: "the configuration is not valid: client credentials need to be provided", | ||
}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: I understand why this was taken out but what if the client only provides one of the two credentials? Will the browser login workflow just kick in anyways or do we assume the user wanted to try logging in with creds?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's a good point. I'll see about adding a check for when partial credentials are provided. But anytime both client credentials are missing, then we trigger browser login.
when no client credentials are configured
Update: this is blocked while we take care of some configuration changes to support the new identity provider introduced by #114. |
9c09d00
to
d414160
Compare
d414160
to
d2eb883
Compare
7f5faa1
to
20968ce
Compare
Configuration complete! |
20968ce
to
efa80b7
Compare
🛠️ Description
This PR introduces the ability to log in via the browser when no client credentials are configured on the HCP Go SDK. 🎉
It uses the OAuth2 implicit flow, implemented by golang's standard oauth2 library, to direct users to a browser to login with their username and password. On successful authentication, the Go SDK is configured with an HCP access token that can be used for up to an hour.
Follow-up work includes the creation of an auth cache library to enable background token refreshing.
🧪 Test Locally
🚢 Release Note
Release note for CHANGELOG:
👍 Definition of Done