feat: new Token.current_token class method [SC-35706] #86
Conversation
This makes it simple to get the current user from the current token: ```ruby whoami = Aptible::Auth::Token.current_token.user ``` This will help with: aptible/aptible-cli#403
|
|
||
| def self.current_token(token:) | ||
| url = "#{Aptible::Auth.configuration.root_url}/current_token" | ||
| find_by_url(url, token: token) |
There was a problem hiding this comment.
the current token should reply with a :show:
:id, :token_type, :expires_in, :scope, :_type, :created_at, :expires_at
we already have all this information in the token you are requesting (line 43) as a parameter. you can extract this entirely client side afaik:
cat ~/.aptible/tokens.json | jq ".\"https://auth.aptible.com\" | split(\".\").[0]" -r | base64 -d
# presents alg
cat ~/.aptible/tokens.json | jq ".\"https://auth.aptible.com\" | split(\".\").[1]" -r | base64 -d
# presents the b64 decoded payload
what does this PR actually achieve or is trying to achieve? i get it's what you see as the stepping stone for .user but that's in another PR and this one isn't quite the same thing.
i think the only thing this COULD tell you is if the token is invalidated and determine re-auth (but we should let users of that handle it, not in the library level - ex i think it happens here?)
There was a problem hiding this comment.
it hit me (i didn't see the exact context in this PR, but it's part of this thread - aptible/aptible-cli#403 (comment)
User.find_by_url would do it (if .find didn't work, though i'm guessing there's another method that will work). If this works, why does this PR need to exist?
user = Aptible::Auth::User.find_by_url("#{Aptible::Auth.configuration.root_url}/users/#{id}", token: token)
user.name
> "Madhu Ravi" # SUCCESS
|
#87 pulled this in |
This makes it simple to get the current user from the current token:
This will help with: aptible/aptible-cli#403