feat(api): Validate Auth Tokens client-side #1885
Merged
+623
−81
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Description: This commit refactors the authentication code in `login.rs` and `mod.rs` files. It replaces the deprecated `Auth::Token` variant with the new `Auth::AuthToken` variant. The changes include updating the `update_config` and `execute` functions in `login.rs`, as well as the `configure_args` function in `mod.rs`. This ensures that the authentication logic is up to date and avoids using deprecated code
Also, added documentation comments, and cleaned up the tests by using parameterization
Swatinem
reviewed
Jan 4, 2024
Swatinem
approved these changes
Jan 4, 2024
szokeasaurusrex
added a commit
that referenced
this pull request
Jan 5, 2024
This reverts commit 627559b.
szokeasaurusrex
added a commit
that referenced
this pull request
Jan 5, 2024
This was referenced Jan 5, 2024
szokeasaurusrex
added a commit
that referenced
this pull request
Jan 8, 2024
Perform client-side validation of all Auth Tokens input to the Sentry CLI. To ensure future-compatibility, we only provide soft validation, meaning that we only print a warning message if we detect that the Auth Token is invalid – the CLI will still proceed with normal execution if the Auth Token is invalid. Fixes GH-1859
szokeasaurusrex
added a commit
that referenced
this pull request
Jan 8, 2024
… `--auth-token` (#1893) This PR fixes the bug in #1885 that led us to revert that commit. The bug, reported in #1888, caused the CLI to panic when the sentry-cli login command was called with the --auth-token argument. We determined that the CLI panicked because the auth_token was being downcast to a String instead of to an AuthToken type when being read from the matches within the login command. This PR corrects the login command, so that the auth_token is correctly obtained from the matches as an AuthToken. We also checked whether the auth_token argument was being read as a String anywhere else in the code, and found that the login command was the only place the argument was being read as a String. Therefore, we would expect this PR to fix this class of bug completely. Fixes GH-1859 Fixes GH-1888
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Perform client-side validation of all Auth Tokens input to the Sentry CLI. To ensure future-compatibility, we only provide soft validation, meaning that we only print a warning message if we detect that the Auth Token is invalid – the CLI will still proceed with normal execution if the Auth Token is invalid.
An example warning message generated by the CLI is copied below:
Fixes GH-1859