Skip to content

fix(auth): update code/token generation from CLI and redirect to successful page#518

Open
eduardoRoth wants to merge 7 commits intomainfrom
fix/eroth/auth-update
Open

fix(auth): update code/token generation from CLI and redirect to successful page#518
eduardoRoth wants to merge 7 commits intomainfrom
fix/eroth/auth-update

Conversation

@eduardoRoth
Copy link
Member

@eduardoRoth eduardoRoth commented Mar 18, 2026

Changes required by https://github.com/neverendingsupport/eol-report-card/pull/350 to allow users to keep their authenticated session on the web app after a successful authentication from the CLI.

This PR changes the flow for the code and token generation. Before the local server was stopped after the code from keycloak was received, sending a text/pain response, and generating the tokens after that.

The new flow generates the code, then the tokens and, after getting them, it redirects to a page on the eol-report-card web app that handles the creation of the session cookie.

@eduardoRoth eduardoRoth requested a review from a team as a code owner March 18, 2026 08:28
@eduardoRoth eduardoRoth force-pushed the fix/eroth/auth-update branch from c4afd3c to db76111 Compare March 18, 2026 08:32
jeremymwells
jeremymwells approved these changes Mar 18, 2026
View reviewed changes
Copy link
Contributor

@jeremymwells jeremymwells left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Is there no way to test this?

@eduardoRoth
Copy link
Member Author

eduardoRoth commented Mar 18, 2026

@jeremymwells , you can pull this branch and the branch of #350 from eol-report-card project and run the following commands:

  1. eol-report-card npm run dev
  2. cli
    1. npm run dev auth login
    2. npm run dev scan eol

You need to add to your cli .envrc file the property EOL_LOG_IN_URL

@jeremymwells
Copy link
Contributor

jeremymwells commented Mar 18, 2026

@eduardoRoth - fair point. I meant automated tests. Also, macos, ubuntu, and windows node version tests should pass, right?

@eduardoRoth
Copy link
Member Author

eduardoRoth commented Mar 18, 2026

@jeremymwells whoops, sorry, i thought you wanted to test it.
Yeah, I'm fixing the failing tests right now

marco-ippolito
marco-ippolito reviewed Mar 19, 2026
View reviewed changes
KLongmuirHD
KLongmuirHD reviewed Mar 19, 2026
View reviewed changes
v3nant
v3nant reviewed Mar 20, 2026
View reviewed changes
src/config/constants.ts
export const GRAPHQL_HOST = 'https://gateway.prod.apps.herodevs.io';
export const GRAPHQL_PATH = '/graphql';
export const ANALYTICS_URL = 'https://apps.herodevs.com/api/eol/track';
export const EOL_REPORT_URL = process.env.EOL_REPORT_URL || 'https://apps.herodevs.com/eol/reports';
Copy link
Contributor

@v3nant v3nant Mar 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: as we already have these values in the config object below, I think we can either remove this block or the config, so we have a single source of truth, as these constants are being exported and may confuse consumers.

test/commands/auth/login.test.ts
import AuthLogin from '../../../src/commands/auth/login.ts';
import { refreshIdentityFromStoredToken } from '../../../src/service/analytics.svc.ts';
import { persistTokenResponse } from '../../../src/service/auth.svc.ts';
import type { TokenResponse } from '../../../src/types/auth.js';
Copy link
Contributor

@v3nant v3nant Mar 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

issue: possible typo on auth.js.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marco-ippolito marco-ippolito marco-ippolito left review comments

@KLongmuirHD KLongmuirHD KLongmuirHD left review comments

@v3nant v3nant v3nant approved these changes

@jeremymwells jeremymwells jeremymwells approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@eduardoRoth @jeremymwells @v3nant @marco-ippolito @KLongmuirHD