-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
APP-7002: Implement “DeleteOAuthApplication” CLI command #4648
Conversation
cli/app.go
Outdated
&cli.StringFlag{ | ||
Name: authApplicationFlagClientID, | ||
Required: true, | ||
Usage: "ID of the application to delete", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Usage: "ID of the application to delete", | |
Usage: "client ID of the OAuth application to delete", |
cli/client.go
Outdated
ClientID string | ||
} | ||
|
||
// DeleteOAuthAppAction is the corresponding action for 'auth-service update'. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// DeleteOAuthAppAction is the corresponding action for 'auth-service update'. | |
// DeleteOAuthAppAction is the corresponding action for 'auth-service delete'. |
cli/client.go
Outdated
return err | ||
} | ||
|
||
printf(cCtx.App.Writer, "Successfully deleted oauth application") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
printf(cCtx.App.Writer, "Successfully deleted oauth application") | |
printf(cCtx.App.Writer, "Successfully deleted OAuth application") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey, sorry that this wasn't documented on the ticket, but I was hoping for a CLI user to need to "confirm" their decision to delete an OAuth app. The reason is that once an OAuth application is deleted, any web apps / mobile apps with the client ID and client secret hardcoded in their middleware will no longer be able to authenticate users.
@stuqdog is there an easy way for us to provide a NOTE: Deleting an OAuth application that is in use will ... _(explaining what the possible repercussions could be)_
to the user as an extra safety layer? I think this is essential to the PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything looks good, just want to confirm what the users will see
{ | ||
Name: "delete", | ||
Usage: "delete an OAuth application", | ||
UsageText: createUsageText("delete", []string{generalFlagOrgID, authApplicationFlagClientID}, true), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please provide an image in the description of what this looks like so that it's easy for us to check what this looks like in the end
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, never mind! I didn't know what UsageText
was and thought this was Usage
. Looks good!
Hey sorry, missed this somehow! But I think the solution y'all landed on looks good. |
max is OOO so dismissing the rereq to keep this ticket moving
cli/client.go
Outdated
printf(c.App.Writer, yellow, fmt.Sprintf("You are trying to delete an OAuth application with client ID %s. "+ | ||
"Once deleted, any existing apps that rely on this OAuth application will no longer be able to authenticate users.\n", args.ClientID)) | ||
printf(c.App.Writer, yellow, "Do you want to continue?") | ||
printf(c.App.Writer, "Continue: y/n") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
instead of y/n can we make the user type out delete
or confirm the client id? sorry to be pedantic but i worry a one key deletion is too easy and i want to be super sure the user doesnt do this by accident
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🎉
Ticket
CLI run with deletion confirmation message: