Conversation
| if err := listener.Close(); err != nil { | ||
| log.Printf("failed to close listener: %v", err) | ||
| } | ||
| }() |
There was a problem hiding this comment.
server.Shutdown() closes the listener, so no explicit close needed
carole-lavillonniere
force-pushed
the
carole/drg-450
branch
from
780adc5 to
e39bd29
Compare
| func getWebAppURL() string { | ||
| // allows overriding the URL for testing | ||
| if url := os.Getenv("LOCALSTACK_WEB_APP_URL"); url != "" { | ||
| return url |
There was a problem hiding this comment.
Not sure why I added this in the first place, but we never overwrite it at the moment, so I removed it.
There was a problem hiding this comment.
Theoretically we could use it to test against staging or locally started webapp.
I wonder though if we should maybe look into handling these envvars with the config package? I'll refactor it slightly later maybe
There was a problem hiding this comment.
👍 Makes sense. Put it back in.
I agree it would be good to have a central place to read env vars and not do it all over the codebase.
I used this in the past https://github.com/caarlos0/env
| assert.True(t, inspect.State.Running, "container should be running") | ||
| } | ||
|
|
||
| func TestStartCommandTriggersLoginWithoutToken(t *testing.T) { |
There was a problem hiding this comment.
This test was just moved to test/integration/login_browser_flow_test.go
carole-lavillonniere
force-pushed
the
carole/drg-450
branch
from
e39bd29 to
6be9ca5
Compare
silv-io
left a comment
silv-io
left a comment
There was a problem hiding this comment.
Just some minor nits and questions :) But looks nice ✅
internal/api/client.go
Outdated
| } | ||
|
|
||
| func NewPlatformClient() *PlatformClient { | ||
| baseURL := os.Getenv("LOCALSTACK_PLATFORM_URL") |
There was a problem hiding this comment.
nit: We already have this in the original CLI as API_ENDPOINT (which is set to https://api.localstack.cloud/v1). Maybe we can keep this with that name here for consistency?
There was a problem hiding this comment.
Makes sense! Renamed to LOCALSTACK_API_ENDPOINT
internal/auth/login.go
Outdated
|
|
||
| func (browserLogin) Login(ctx context.Context) (string, error) { | ||
| func startCallbackServer() (*http.Server, chan string, chan error, error) { | ||
| listener, err := net.Listen("tcp", "127.0.0.1:45678") |
There was a problem hiding this comment.
nit: I know it was in already before, but maybe we can have this address defined as a constant somewhere?
There was a problem hiding this comment.
👍 Added a constant
| // Listen for ENTER key in background | ||
| go func() { | ||
| reader := bufio.NewReader(os.Stdin) | ||
| _, _ = reader.ReadString('\n') | ||
| enterCh <- struct{}{} | ||
| }() |
There was a problem hiding this comment.
note: here we'll have to check as well how to integrate it well with UI components
| func getWebAppURL() string { | ||
| // allows overriding the URL for testing | ||
| if url := os.Getenv("LOCALSTACK_WEB_APP_URL"); url != "" { | ||
| return url |
There was a problem hiding this comment.
Theoretically we could use it to test against staging or locally started webapp.
I wonder though if we should maybe look into handling these envvars with the config package? I'll refactor it slightly later maybe
| time.Sleep(1 * time.Second) | ||
|
|
||
| // Simulate browser callback with mock token | ||
| resp, err := http.Get("http://127.0.0.1:45678/auth/success?token=mock-token") |
There was a problem hiding this comment.
q: what happens if we use https://localhost.localstack.cloud instead of http://127.0.0.1:45678? could we still handle it then? I imagine in the browser we'd prefer to send to https
There was a problem hiding this comment.
The callback is local (browser → 127.0.0.1) and never goes on the public internet so no TLS should be fine. Also the localhost.localstack.cloud DNS is not yet set up during login, only when the container starts and it would route to the container, not the CLI.
There was a problem hiding this comment.
localhost.localstack.cloud is always set up to redirect to 127.0.0.1, that's how we've registered that domain. We only need the container for the subdomains afaik
I was just wondering if the browser would give any warnings if we didn't use https, but since it's local it should be fine, yes :)
There was a problem hiding this comment.
Oh nice, I did not know it was a public DNS. So it should work as well 🤷
2 participants
This PR adds a device code flow as a fallback option when the browser-based authentication doesn't work.
When running
lstk start, the CLI now supports two authentication paths:User Experience
When running
lstk:If user presses ENTER after confirming in browser:
Mock Server Approach
This PR introduces a platform API client.
The device flow tests use
httptest.NewServerto create a real HTTP server that mimics the platform API.The production code remains unchanged, we just point it to a different URL via
LOCALSTACK_PLATFORM_URL.This allows
TestDeviceFlowSuccessto verify the complete end-to-end flow including container startup with a valid token.