Skip to content

Support for managing User API Tokens via SAML authentication#192

Merged
mhutchings-182 merged 19 commits into
cloudsmith-io:masterfrom
LowzG:saml-api-token-management
May 2, 2025
Merged

Support for managing User API Tokens via SAML authentication#192
mhutchings-182 merged 19 commits into
cloudsmith-io:masterfrom
LowzG:saml-api-token-management

Conversation

@LowzG
Copy link
Copy Markdown
Contributor

@LowzG LowzG commented Apr 8, 2025

For environments that only use SAML for authentication, there currently is no way to programmatically retrieve an existing User API Token. Currently the Cloudsmith CLI allows creating/retrieving User API Tokens only via the login/token command which uses basic auth.

This is my hacky way of getting around these limitations. The auth --token command brings consistency between the login and auth commands, with one caveat: users with an existing token will be asked if they would like to refresh their token.

This also includes the tokens command that allows users to list and refresh their token.

To remove the hacky parts of this implementations we need:

  1. An API endpoint that allows for the retrieval of an existing token that supports the Authorization header without basic auth.
  2. A class here that covers the endpoint(s) described in 1

Copilot AI reviewed Apr 14, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Comment thread cloudsmith_cli/cli/commands/auth.py Outdated
cloudsmith-iduffy
cloudsmith-iduffy reviewed Apr 14, 2025
View reviewed changes
Comment thread cloudsmith_cli/core/api/user.py Outdated
@nickxn
Copy link
Copy Markdown

nickxn commented Apr 14, 2025

Thanks @LowzG - we're reviewing at the moment!

@mhutchings-182 mhutchings-182 force-pushed the saml-api-token-management branch from 9adbcca to da75881 Compare April 30, 2025 14:33
LowzG
LowzG commented Apr 30, 2025
View reviewed changes
Comment thread cloudsmith_cli/core/api/init.py Outdated
jmccayCS
jmccayCS reviewed May 1, 2025
View reviewed changes
Comment thread cloudsmith_cli/cli/commands/tokens.py Outdated
jmccayCS
jmccayCS approved these changes May 1, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@jmccayCS jmccayCS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM just one small comment there but not a blocker

@mhutchings-182 mhutchings-182 merged commit 0dd9bf6 into cloudsmith-io:master May 2, 2025
10 checks passed
@LowzG LowzG deleted the saml-api-token-management branch May 2, 2025 17:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cloudsmith-iduffy cloudsmith-iduffy cloudsmith-iduffy left review comments

@mhutchings-182 mhutchings-182 mhutchings-182 left review comments

@jmccayCS jmccayCS jmccayCS approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@LowzG @nickxn @jmccayCS @cloudsmith-iduffy @mhutchings-182