arcgis-rest-js
arcgis-rest-js copied to clipboard
Add support for local oAuth 2.0 for CLI apps
Recently I installed the gh
command line tool and they have a REALLY interesting concepts for doing oAuth 2.0 for command line apps. I'm assuming it works like server based oAuth 2.0 but the redirect URL is https://127.0.0.1/something...
.
I'm assuming we could build something similar for CLI apps built with ArcGIS REST JS.
- User should register a redirect URL like http://127.0.0.1/something.
- Call something like this
UserSession.startLocalAuthServer({clientId, redirectUrl, portal})
this starts a server that listens on the redirect URL and returns a Promise that resolves with the Authorization URL and another promise that will resolve when auth is finsihed. - Prompt the user in your CLI app to visit the URL and sign in
- User signs in is redirected to http://127.0.0.1/something.
- The promise returned in step 2 resolves with a
UserSession
cc @tomwayson @dbouwman
Alternately we could use something like open
to automatically open the auth window in a browser.
What is the advantage of doing OAuth for command line apps instead of reading in username/password from a prompt or .env file?
The same as regular oAuth. Users don't have to expose their password to a command line tool.