feat: implement Auth0 identity provider with device flow support and add tests#11
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a real Auth0 identity provider implementation (including device flow) and significantly expands CLI authentication test coverage, while also aligning Auth0 configuration options with Okta via an access_token_file setting.
Changes:
- Implement Auth0 identity provider with env/file token resolution, JWT claim normalization, and device flow token acquisition.
- Improve Okta JWT parsing error handling (invalid base64 → clearer exception).
- Add new xUnit suites for Okta/Auth0 identity resolution behavior and update CLI docs to describe provider configuration/behavior.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| src/aria-cli/Services/OktaIdentityProvider.cs | Wraps base64 decode failures with a clearer InvalidOperationException for invalid JWT payloads. |
| src/aria-cli/Services/Auth0IdentityProvider.cs | Implements Auth0 provider: token source resolution, device flow HTTP interactions, and JWT claim normalization. |
| src/aria-cli/README.md | Documents available auth providers, configuration examples, and claim normalization behavior. |
| src/aria-cli/Aria.Cli.Tests/OktaIdentityProviderTests.cs | Adds unit tests for Okta token source selection and claim parsing behavior. |
| src/aria-cli/Aria.Cli.Tests/Auth0IdentityProviderTests.cs | Adds unit tests for Auth0 token source selection and claim parsing behavior. |
| src/aria-auth-core/Models/AriaConfig.cs | Extends Auth0Config with optional access_token_file. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Josh Garverick <jgarverick@github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Josh Garverick <jgarverick@github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Josh Garverick <jgarverick@github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Josh Garverick <jgarverick@github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Josh Garverick <jgarverick@github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Josh Garverick <jgarverick@github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/2f914580-7429-42c6-a3e0-215fd9d71da9 Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/2f914580-7429-42c6-a3e0-215fd9d71da9 Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/2f914580-7429-42c6-a3e0-215fd9d71da9 Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/2f914580-7429-42c6-a3e0-215fd9d71da9 Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/4f98ac54-6f2e-4a97-a579-81529c64051d Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/4f98ac54-6f2e-4a97-a579-81529c64051d Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/4f98ac54-6f2e-4a97-a579-81529c64051d Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
Agent-Logs-Url: https://github.com/aria-fx/aria/sessions/4f98ac54-6f2e-4a97-a579-81529c64051d Co-authored-by: jgarverick <2940856+jgarverick@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request adds comprehensive unit tests for both the Auth0 and Okta identity providers, significantly improving test coverage for authentication scenarios in the CLI. Additionally, it extends the
Auth0Configmodel to support specifying an access token file, aligning its configuration options with Okta.Improvements to authentication provider test coverage:
Auth0IdentityProviderTestscovering various scenarios for Auth0 authentication, including token source selection, claim parsing, error handling, and support for groups, roles, and scopes. (src/aria-cli/Aria.Cli.Tests/Auth0IdentityProviderTests.cs)OktaIdentityProviderTestscovering Okta authentication scenarios, including token retrieval from environment/file, claim precedence, scope and group parsing, and error conditions. (src/aria-cli/Aria.Cli.Tests/OktaIdentityProviderTests.cs)Configuration enhancements:
Auth0Configmodel to support an optionalAccessTokenFileproperty, allowing tokens to be loaded from a file in addition to environment variables. (src/aria-auth-core/Models/AriaConfig.cs)