Skip to content

Commit 7a523cb

Browse files
authored
feat(auth): Add token to auth get command (#257)
* adds token to command * make token in response dependent upon a flag
1 parent ae6d5f6 commit 7a523cb

2 files changed

Lines changed: 48 additions & 4 deletions

File tree

pkg/cmd/auth/get/get.go

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,15 @@ type GetOptions struct {
1717
PrintFlags *cmdutil.PrintFlags
1818
NewDashboardClient func(clientID string) *dashboard.Client
1919
EnsureAuthenticated func(io *iostreams.IOStreams, client *dashboard.Client) (string, error)
20+
21+
WithAccessToken bool
2022
}
2123

2224
type Identity struct {
2325
UserID string `json:"user_id,omitempty"`
2426
Email string `json:"email,omitempty"`
2527
Name string `json:"name,omitempty"`
28+
Token string `json:"token,omitempty"`
2629
}
2730

2831
func NewGetCmd(f *cmdutil.Factory) *cobra.Command {
@@ -46,13 +49,18 @@ func NewGetCmd(f *cmdutil.Factory) *cobra.Command {
4649
Example: heredoc.Doc(`
4750
# Get the authenticated user
4851
$ algolia auth get
52+
53+
# Include the access token in the output
54+
$ algolia auth get --with-access-token
4955
`),
5056
Args: validators.NoArgs(),
5157
RunE: func(cmd *cobra.Command, args []string) error {
5258
return runGetCmd(opts)
5359
},
5460
}
5561

62+
cmd.Flags().
63+
BoolVar(&opts.WithAccessToken, "with-access-token", false, "Include the OAuth access token in the output")
5664
opts.PrintFlags.AddFlags(cmd)
5765

5866
return cmd
@@ -71,6 +79,9 @@ func runGetCmd(opts *GetOptions) error {
7179
Email: stored.Email,
7280
Name: stored.Name,
7381
}
82+
if opts.WithAccessToken {
83+
identity.Token = stored.AccessToken
84+
}
7485

7586
p, err := opts.PrintFlags.ToPrinter()
7687
if err != nil {

pkg/cmd/auth/get/get_test.go

Lines changed: 37 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -131,6 +131,7 @@ func TestGet_RefreshesExpiredToken(t *testing.T) {
131131
// Real auth seam: GetValidToken refreshes via the stubbed client and
132132
// succeeds, so the browser flow is never reached.
133133
EnsureAuthenticated: auth.EnsureAuthenticated,
134+
WithAccessToken: true,
134135
}
135136

136137
out, err := test.Execute(cmdWithOpts(opts), "--output ndjson", out)
@@ -139,13 +140,45 @@ func TestGet_RefreshesExpiredToken(t *testing.T) {
139140
// Identity preserved from the pre-refresh token (refresh response has no user).
140141
assert.Contains(t, out.String(), `"user_id":"42"`)
141142
assert.Contains(t, out.String(), `"email":"user@example.com"`)
142-
assert.NotContains(t, out.String(), "new-access")
143+
// Refreshed access token is surfaced in the identity output.
144+
assert.Contains(t, out.String(), `"token":"new-access"`)
143145

144146
// Refreshed token was persisted.
145147
assert.Equal(t, "new-access", auth.LoadToken().AccessToken)
146148
}
147149

148-
func TestGet_PrintsIdentityWithoutTokens(t *testing.T) {
150+
func TestGet_PrintsIdentityWithAccessToken(t *testing.T) {
151+
keyring.MockInit()
152+
t.Cleanup(auth.ClearToken)
153+
require.NoError(t, auth.SaveToken(&dashboard.OAuthTokenResponse{
154+
AccessToken: "secret-access",
155+
RefreshToken: "secret-refresh",
156+
CreatedAt: time.Now().Unix(),
157+
ExpiresIn: 3600,
158+
User: &dashboard.User{
159+
ID: 42,
160+
Email: "user@example.com",
161+
Name: "Test User",
162+
},
163+
}))
164+
165+
f, out := test.NewFactory(false, nil, nil, "")
166+
cmd := NewGetCmd(f)
167+
out, err := test.Execute(cmd, "--with-access-token --output ndjson", out)
168+
require.NoError(t, err)
169+
170+
assert.Contains(t, out.String(), `"user_id":"42"`)
171+
assert.Contains(t, out.String(), `"email":"user@example.com"`)
172+
assert.Contains(t, out.String(), `"name":"Test User"`)
173+
// Access token is surfaced under the "token" field.
174+
assert.Contains(t, out.String(), `"token":"secret-access"`)
175+
// Refresh token is never exposed.
176+
assert.NotContains(t, out.String(), "secret-refresh")
177+
assert.NotContains(t, out.String(), "refresh_token")
178+
}
179+
180+
// Without --with-access-token, no token of any kind appears in the output.
181+
func TestGet_OmitsAccessTokenByDefault(t *testing.T) {
149182
keyring.MockInit()
150183
t.Cleanup(auth.ClearToken)
151184
require.NoError(t, auth.SaveToken(&dashboard.OAuthTokenResponse{
@@ -168,8 +201,8 @@ func TestGet_PrintsIdentityWithoutTokens(t *testing.T) {
168201
assert.Contains(t, out.String(), `"user_id":"42"`)
169202
assert.Contains(t, out.String(), `"email":"user@example.com"`)
170203
assert.Contains(t, out.String(), `"name":"Test User"`)
204+
// No token surfaced by default.
171205
assert.NotContains(t, out.String(), "secret-access")
172206
assert.NotContains(t, out.String(), "secret-refresh")
173-
assert.NotContains(t, out.String(), "access_token")
174-
assert.NotContains(t, out.String(), "refresh_token")
207+
assert.NotContains(t, out.String(), `"token"`)
175208
}

0 commit comments

Comments
 (0)