Background:
The ncm-cli tool supports two types of login.
- via email and password
- via SSO (Google, GitHub)
When logging in, the response from /accounts/auth/login comes in the form of:
{ userId: '...',
session: '...',
refreshToken: '...' }
Similarly, the SSO login request also receives a session and refreshToken.
Issue:
When verifying a package or dependency tree using v1 of the ncm2-api, an authorization token must be passed in the request.
- If the user has logged in via SSO, the
session token received is valid and allows for successful ncm2-api calls to be made. (no issue)
- If the user has logged in via email/password, the
session token received seems to be unsupported by the ncm2-api
The error output is as follows:
Error: GraphQL Error (Code: 401): {"response":{"message":"You do not have permission","code":"Auth::PermissionDenied","status":401},"request":{"{ ... }"}}
Background:
The
ncm-clitool supports two types of login.When logging in, the response from
/accounts/auth/logincomes in the form of:Similarly, the SSO login request also receives a
sessionandrefreshToken.Issue:
When verifying a package or dependency tree using
v1of thencm2-api, an authorization token must be passed in the request.sessiontoken received is valid and allows for successfulncm2-apicalls to be made. (no issue)sessiontoken received seems to be unsupported by thencm2-apiThe error output is as follows: