feat(authentication): Parse auth token on root command #782
Conversation
Signed-off-by: Javier Rodriguez <javier@chainloop.dev>
javirln
force-pushed
the
feat/780-feed-context
branch
from
b4e6f9c
to
e55dc82
Compare
Signed-off-by: Javier Rodriguez <javier@chainloop.dev>
Signed-off-by: Javier Rodriguez <javier@chainloop.dev>
Signed-off-by: Javier Rodriguez <javier@chainloop.dev>
Signed-off-by: Javier Rodriguez <javier@chainloop.dev>
|
|
||
| switch aud[0].(string) { | ||
| case apiTokenAudience: | ||
| return &ParsedToken{Type: "api-token"}, nil |
There was a problem hiding this comment.
my bad, shouldn't we add the identifier of the token? That way we can know how much for example a single token is being used in an org?
There was a problem hiding this comment.
and I mean the identifier of both the API_TOKEN and the RobotAccount
There was a problem hiding this comment.
Do you see it as the ID on the ParsedToken or a new field TokenID?
There was a problem hiding this comment.
mm, I was thinking that maybe using the current ID in the ParsedToken? Why do you think we should do it as TokenID?
There was a problem hiding this comment.
No no, to have different fields to filter by on the UI but we can merge them into ID since we have the type of token to know if it's a user.
There was a problem hiding this comment.
ahh, I see, no idea tbh. You probably know more.
Parse the stored authentication token to know what kind of user is using the CLI.
This is a best effort approach.
Refs: #780