-
Notifications
You must be signed in to change notification settings - Fork 225
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: Allow saving and reusing bearer tokens via the auth command #752
Comments
@viveksyngh what do you think? Could these tokens be saved in the existing config file design? |
To me this looks like, we already have an We can also use We can directly save this to file or can also do some validation of the token by making a call to |
If we are doing oauth flow with |
Does that help with what you need @LucasRoesler ? |
I want to have a way to save a token that does not need to be integrated into the openfaas specific auth provider. We disable auth in openfaas and have a proxy with a standardized auth in front of it. I would really hate to see this coupled to something in the gateway. All I really want is the ability for the CLI to reuse a token from the config so that o don't need to pass I really don't have a strong preference for putting it in login or auth, I figured that because this flow is not specific to oauth, login made the most sense. I would actually like to see it generalized and to allow the person specify the header and an optional prefix, but I figured people wouldnt be interested and I didn't need it for my usecase, so I proposed the smallest change |
Perhaps a config type entry like @viveksyngh and I were talking about this on a call, and we think it would be good to test the token before saving it, i.e. by hitting /system/info and looking for a 200. I prefer the auth command to save arbitrary tokens. |
A separate type is a good idea, but I would call it |
Pinging @viveksyngh |
It will be a small change only. We will might have introduce a new auth type and make it implement Line 46 in b0a70a3
Also, some changes will be required in login command to validate the token and save it to file with new type. |
Expected Behaviour
I would like to authenticate the CLI using a token and persist this to the configuration
And then subsequent CLI commands will reuse this token without needing to specify it via a flag, these two commands would be equivalent after authentication
Current Behaviour
faas-cli login
only supports basic authContext
This is useful when using an authentication proxy in the load balancer layer versus enabling auth directly in openfaas. For example,
nginx
can make a side request to authenticate a request. We often enable this as a centralized auth layer instead of enabling authentication in each application that is deployed.The text was updated successfully, but these errors were encountered: