Deployment auth SIP #795
Deployment auth SIP #795
Conversation
itowlson
force-pushed
the
sip-device-flow-auth
branch
from
a9fd9f5
to
2f28448
Compare
itowlson
force-pushed
the
sip-device-flow-auth
branch
from
2f28448
to
1009676
Compare
|
|
||
| A user may log into multiple Hippo servers. The (URL, token) pairs for each will be stored. That is, logging into one server does not log you out of others. | ||
|
|
||
| > QUESTION: Or should you only be logged into one at a time? |
There was a problem hiding this comment.
To simplify the spin deploy experience, being logged into one system at a time may be best for now. Especially because this proposed idea raises a bunch of follow-up questions listed further below.
Once we design a system where we can support multiple "login profiles" (spin configure has been thrown around as an idea), then we should revisit this idea.
| > * Con: the user may already have stuff on their clipboard | ||
| > * Con: again, documentation needs to consider differences across OSes | ||
|
|
||
| (For both of these questions, is there prior art to which we can refer?) |
There was a problem hiding this comment.
Commands like az login and gh auth login would be good places to reference.
https://cli.github.com/manual/gh_auth_login
https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli
|
|
||
| We propose to poll for two minutes. If the user has not entered the code by then, `spin login` fails and exits. | ||
|
|
||
| Errors do _not_ cause polling to terminate. We do not want a transient network error or server hiccup to block login. That said, if we can identify server responses that are necessarily fatal, we can in future terminate early on those. |
There was a problem hiding this comment.
They should at least print warning(s) or the user may be left wondering.
|
Thanks folks for all the feedback. It sounds like the model we want to espouse is:
Is that correct? |
Yes. Your assessment matches my own mental model. The last step seems like it is the most impactful to the UX.
In order to minimize impact to the spin CLI, this makes sense for now. But we should circle back on this one ASAP to see if we can add multiple login profile support as this will be a big QoL improvement to the UX. |
|
|
|
@bacongobbler Hope this now accurately reflects our discussions! |
|
@bacongobbler one thing not covered here... there probably needs to be a way to tell what you're logged into... I'm reluctant to have a top level command for that though... would something like |
|
Yeah that makes sense to me! |
|
@itowlson see #794 (comment) - |
| At the moment, Spin doesn't know whether a URL uses device flow or username-password, so `spin login` will prompt. If we can identify particular URLs or families of URLs whose auth mode is known, those can skip this step. | ||
|
|
||
| ``` | ||
| How would you like to authenticate Spin? [Username and password|Log in with a web browser] |
There was a problem hiding this comment.
This is a good way to handle this issue for the time being.
There was a problem hiding this comment.
This is how it looks as written in #794:
| How would you like to authenticate Spin? [Username and password|Log in with a web browser] | |
| What authentication method does this server support? | |
| 1. Sign in with GitHub | |
| 2. Sign in with a username and password | |
| Enter a number: |
| At the moment, Spin doesn't know whether a URL uses device flow or username-password, so `spin login` will prompt. If we can identify particular URLs or families of URLs whose auth mode is known, those can skip this step. | ||
|
|
||
| ``` | ||
| How would you like to authenticate Spin? [Username and password|Log in with a web browser] |
There was a problem hiding this comment.
This is how it looks as written in #794:
| How would you like to authenticate Spin? [Username and password|Log in with a web browser] | |
| What authentication method does this server support? | |
| 1. Sign in with GitHub | |
| 2. Sign in with a username and password | |
| Enter a number: |
|
@bacongobbler thanks! Updated the sign-in method prompt; I also added a note about needing a flag to suppress it (which can be hidden). |
itowlson
force-pushed
the
sip-device-flow-auth
branch
from
e735a4e
to
74ba572
Compare
| Enter a number: | ||
| ``` | ||
|
|
||
| Programmatic consumers need a way to override this prompt, e.g. `--method=[username|github]`. |
There was a problem hiding this comment.
I think this would be a good option. We can also check for the presence of --check-device-code to determine the auth mode, since the presence of that flag automatically short-circuits it to be Github auth.
There was a problem hiding this comment.
Yep, and --get-device-code too of course. I'll add this note and merge. Thanks!
itowlson
force-pushed
the
sip-device-flow-auth
branch
from
74ba572
to
fe4c708
Compare
Signed-off-by: itowlson <ivan.towlson@fermyon.com>
itowlson
force-pushed
the
sip-device-flow-auth
branch
from
fe4c708
to
1b096de
Compare
WIP but getting discussion under way!
Rendered