feat: expose --format json for token creation cmd#26286
Conversation
|
Is it important to include the I think we used to do that because the server needed to be started with it as a CLI argument, but that is no longer the case. |
It isn't really, just something you could potentially use to check if the hash is present in the result from |
hiltontj
left a comment
There was a problem hiding this comment.
I had one request in a comment below.
Otherwise, I don't know if exposing the hashed_token is a great idea. I don't think it necessarily constitutes a vulnerability but it is an implementation detail that (I think) needn't be exposed to the user.
influxdb3/tests/cli/mod.rs
Outdated
| let value: Value = | ||
| serde_json::from_str(&result).expect("token creation response should be in json format"); | ||
| assert!(value.get("token").is_some()); |
There was a problem hiding this comment.
Would be good to have the test check that the token from the response can be used to authenticate a request.
I've taken it out now. |
* feat: expose `--format json` for token creation cmd closes: #25913 * refactor: address feedback
This is mainly a port of the same functionality from core. Because the code has moved in this area in enterprise, this is manually copied over with few adjustments to match the change in API. core PR: #26286
closes: #25913
Test
I've also included
help_msg, although I suspect if someone is choosing to use--format jsonthey're already aware of how to set HTTP authorization but I still added it just to make sure it clearly indicates how to set it up. It can be removed if we decide that it is not required as part of this payload.