Implement User-based API Keys (#197)

* Added support for authenticating with an API key * added api service methods for user api keys * fixed a copy/pasted api endpoint url * Let toIdentityToken() use a a prestored client_id in place of the application client_id if one exists * Allowed for api key auth in the cli * Removed some commented out code commited for apiKey auth * Cleanup for ApiKey auth in the CLI * Removed cli prefix from client_crendential auth types * Removed ClientPrefix conditional from decoded token getters * Update src/services/api.service.ts Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> * formatting * changed command from login --apiKey to login --apikey Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2025-12-17 16:53:34 +00:00 · 2020-11-10 15:15:40 -05:00
parent 9aa3cbf73d
commit 79b856cb6e
7 changed files with 124 additions and 24 deletions
--- a/src/cli/commands/login.command.ts
+++ b/src/cli/commands/login.command.ts
@@ -46,7 +46,38 @@ export class LoginCommand {

        let ssoCodeVerifier: string = null;
        let ssoCode: string = null;
-        if (cmd.sso != null && this.canInteract) {
+
+        let clientId: string = null;
+        let clientSecret: string = null;
+
+        if (cmd.apikey != null) {
+            const storedClientId: string = process.env.BW_CLIENTID;
+            const storedClientSecret: string = process.env.BW_CLIENTSECRET;
+            if (storedClientId == null) {
+                if (this.canInteract) {
+                    const answer: inquirer.Answers = await inquirer.createPromptModule({ output: process.stderr })({
+                        type: 'input',
+                        name: 'clientId',
+                        message: 'client_id:',
+                    });
+                    clientId = answer.clientId;
+                } else {
+                    clientId = null;
+                }
+            } else {
+                clientId = storedClientId;
+            }
+            if (this.canInteract && storedClientSecret == null) {
+                const answer: inquirer.Answers = await inquirer.createPromptModule({ output: process.stderr })({
+                    type: 'input',
+                    name: 'clientSecret',
+                    message: 'client_secret:',
+                });
+                clientSecret = answer.clientSecret;
+            } else {
+                clientSecret = storedClientSecret;
+            }
+        } else if (cmd.sso != null && this.canInteract) {
            const passwordOptions: any = {
                type: 'password',
                length: 64,
@@ -117,7 +148,10 @@ export class LoginCommand {

            let response: AuthResult = null;
            if (twoFactorToken != null && twoFactorMethod != null) {
-                if (ssoCode != null && ssoCodeVerifier != null) {
+                if (clientId != null && clientSecret != null) {
+                    response = await this.authService.logInApiKeyComplete(clientId, clientSecret, twoFactorMethod,
+                        twoFactorToken, false);
+                } else if (ssoCode != null && ssoCodeVerifier != null) {
                    response = await this.authService.logInSsoComplete(ssoCode, ssoCodeVerifier, this.ssoRedirectUri,
                        twoFactorMethod, twoFactorToken, false);
                } else {
@@ -125,9 +159,10 @@ export class LoginCommand {
                        twoFactorToken, false);
                }
            } else {
-                if (ssoCode != null && ssoCodeVerifier != null) {
+                if (clientId != null && clientSecret != null) {
+                    response = await this.authService.logInApiKey(clientId, clientSecret);
+                } else if (ssoCode != null && ssoCodeVerifier != null) {
                    response = await this.authService.logInSso(ssoCode, ssoCodeVerifier, this.ssoRedirectUri);
-
                } else {
                    response = await this.authService.logIn(email, password);
                }