Skip to content

Use Device Authorization flow #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 15, 2024
Merged

Use Device Authorization flow #178

merged 2 commits into from
Feb 15, 2024

Conversation

@DavidS-ovm
Copy link
Contributor

@DavidS-ovm DavidS-ovm commented Feb 15, 2024
edited
Loading

This replaces a bunch of cumbersome code with OAuth2 built-in functionality also ensuring that the actual device is authorized with no MitM attack.

This reverts the auth0 config flag removal to be able to test against non-prod environments.

Fixes #174

Example session:

vscode ➜ /workspace/cli (main) $ rm /home/vscode/.overmind/token.json
vscode ➜ /workspace/cli (main) $ go run main.go request --query-type ec2-instance --query-method list --log debug
DEBU Error reading local token, ignoring: stat /home/vscode/.overmind/token.json: no such file or directory 
Go to https://om-dogfood.eu.auth0.com/activate?user_code=MJRB-ZNPH and verify this code: MJRB-ZNPH
INFO Authenticated successfully ✅                 
DEBU Saved token to /home/vscode/.overmind/token.json 
INFO received items                                error="<nil>"
INFO Query:
{
  "type": "ec2-instance",
  "method": 1,
  "recursionBehaviour": {},
  "scope": "*",
  "UUID": "1W9uBVpRR+O4JWLwnx4Pbw==",
  "deadline": {
    "seconds": 1708033535,
    "nanos": 454381490
  }
}  uuid=d56f6e05-5a51-47e3-b825-62f09f1e0f6f
DEBU query status update                           query=d56f6e05-5a51-47e3-b825-62f09f1e0f6f status=STARTED
INFO new item                                      item=944651592624.eu-west-2.ec2-instance.i-0967d3ae34899b1e8
INFO new item                                      item=944651592624.eu-west-2.ec2-instance.i-08b0f2a06b23905d5
INFO new item                                      item=944651592624.eu-west-2.ec2-instance.i-0da03dca5c6d870d9
DEBU query status update                           query=d56f6e05-5a51-47e3-b825-62f09f1e0f6f status=FINISHED
INFO all queries done                              edgesReceived=0 itemsReceived=3 queriesStarted=1
vscode ➜ /workspace/cli (main) $ go run main.go request --query-type ec2-instance --query-method list --log debug
DEBU Using local token from /home/vscode/.overmind/token.json 
INFO received items                                error="<nil>"
INFO Query:
{
  "type": "ec2-instance",
  "method": 1,
  "recursionBehaviour": {},
  "scope": "*",
  "UUID": "b0UwRriQRFuYieTNaKmocg==",
  "deadline": {
    "seconds": 1708033540,
    "nanos": 671043720
  }
}  uuid=6f453046-b890-445b-9889-e4cd68a9a872
DEBU query status update                           query=6f453046-b890-445b-9889-e4cd68a9a872 status=STARTED
INFO new item                                      item=944651592624.eu-west-2.ec2-instance.i-0967d3ae34899b1e8
INFO new item                                      item=944651592624.eu-west-2.ec2-instance.i-0da03dca5c6d870d9
INFO new item                                      item=944651592624.eu-west-2.ec2-instance.i-08b0f2a06b23905d5
DEBU query status update                           query=6f453046-b890-445b-9889-e4cd68a9a872 status=FINISHED
INFO all queries done                              edgesReceived=0 itemsReceived=3 queriesStarted=1
vscode ➜ /workspace/cli (main) $

@DavidS-ovm
Use Device Authorization flow
edc7785 
This replaces a bunch of cumbersome code with OAuth2 built-in functionality
also ensuring that the actual device is authorized with no MitM attack.

This reverts the auth0 config flag removal to be able to test against
non-prod environments.
@DavidS-ovm DavidS-ovm self-assigned this Feb 15, 2024
@DavidS-ovm DavidS-ovm added this to the Overmind Plan Command milestone Feb 15, 2024
@DavidS-ovm DavidS-ovm merged commit d1d71bf into main Feb 15, 2024
@DavidS-ovm DavidS-ovm deleted the device-authz branch February 15, 2024 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@DavidS-ovm DavidS-ovm

Labels

None yet

Projects

None yet

Milestone

Overmind Plan Command

Development

Successfully merging this pull request may close these issues.

Implement device oauth flow for CLI

2 participants

@DavidS-ovm