feat(connect): support explicit org selection in auth login#151
Draft
lee-reinhardt wants to merge 1 commit into
Draft
feat(connect): support explicit org selection in auth login#151lee-reinhardt wants to merge 1 commit into
lee-reinhardt wants to merge 1 commit into
Conversation
lee-reinhardt
force-pushed
the
lee-eng-1937-cli
branch
from
cf10e23 to
9398315
Compare
- `--org <id>` to scope the new token non-interactively - Interactive picker for multi-org users when no flag is passed - Single-org users skip the picker
lee-reinhardt
force-pushed
the
lee-eng-1937-cli
branch
from
9398315 to
aaa907d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds multi-org support to
avocado connect auth login. Users who belong to more than one org can now choose which org their new CLI token will be scoped to, either via a--orgflag for scripting or via an interactive picker.What's new
--org <id>flag scopes the new token to a specific org non-interactively. UUID-only, matching the convention inconnect initand other org-scoped commands.connect initso the UX feels consistent across the auth and project-setup flows.--output json) with multiple orgs and no--orgreturns a clear error rather than hanging on a prompt the caller can't answer.Mechanics
POST /auth/cli/list-orgs {code}returns the user's orgs and roles without consuming the one-time code (codes are stateless, so the same code is reused for the subsequent exchange call).POST /auth/cli/exchangenow sendsorganization_idin the request body, letting the server scope the token at mint time.Server dependency
Requires a server that supports the new
list-orgsendpoint and the optionalorganization_idparam onexchange. The corresponding server change is shipping ahead of any CLI release.Tests
8 new unit tests cover the org-pick decision logic across every branch (zero/single/multi orgs, hint match/mismatch, JSON vs human output). The pure decision logic (
pick_org) is split from the IO/UI (HTTP, stdin, stdout) so the tests target pure functions and run without a network or terminal.Backwards compatibility
Older
avocadobinaries that don't sendorganization_idcontinue to work against the new server unchanged — the server preserves the existing scoping behavior for that case. Users opt into the picker by upgrading the CLI.Draft status
Marked as draft pending the server-side change rolling out first, so CLIs that upgrade hit a server that already knows about the new endpoint.