UiPath / uipathcli

91%

main: 91%

LAST BUILD ON BRANCH feature/refresh-token-support

branch: feature/refresh-token-support

CHANGE BRANCH

x

Reset

• feature/refresh-token-support
• feature/add-package-documentation
• feature/analyze-feed-auth
• feature/api-package
• feature/avoid-escape-equal-sign
• feature/clear-command
• feature/code-coverage
• feature/collect-coverage-all-os
• feature/command-builder
• feature/command-builder-refactor
• feature/command-errors
• feature/config-command-tenant-list
• feature/configurable-attempts-and-timeout
• feature/configure-tenant-list
• feature/content-length-input
• feature/custom-headers-plugins
• feature/custom-operation-name
• feature/custom-operation-names
• feature/dataservice
• feature/digitize-command-default-project
• feature/download-dotnet-core-runtime
• feature/extend-plugin-parameters
• feature/folder-name
• feature/github-actions-upgrade
• feature/go-1.24
• feature/go1.22.2
• feature/go122
• feature/governance-file
• feature/http-proxy-support
• feature/identity-client
• feature/identity-uri
• feature/improve-command-documentation
• feature/improve-config-set-command
• feature/improve-studio-project-compatibility-error-message
• feature/library-feed-auth
• feature/login-confidential-app
• feature/network-package
• feature/orchestrator-v17
• feature/pack-output-type-validation
• feature/pat-documentation
• feature/plugins-offline
• feature/project-builder
• feature/project-pack
• feature/publish-create-release
• feature/readme-example-generative-extractor
• feature/readme-examples
• feature/readme-pat
• feature/rename-service-version
• feature/restore-command
• feature/security-policy
• feature/split-plugin-tests
• feature/split-tests
• feature/split-tests-and-commands
• feature/static-linking
• feature/studio
• feature/studio-folder-name
• feature/studio-optional-parameters
• feature/studio-package-publish
• feature/studio-publish
• feature/studio-publish-command
• feature/test-on-windows-macos
• feature/test-parallel
• feature/test-run-command
• feature/test-run-folder-id
• feature/test-run-junit-robotlogs
• feature/test-run-parallel
• feature/test-run-readme
• feature/test-sequence
• feature/update-codeowners
• feature/update-dependencies
• feature/update-dependencies-12-2024
• feature/update-deps-latest-minor
• feature/update-examples
• feature/update-latest-definitions-01-2024
• feature/update-latest-definitions-08-2024
• feature/update-latest-definitions-12-2024
• feature/upgrade-dependencies-v2
• feature/upgrade-deps
• feature/upgrade-go-1.23
• feature/upgrade-golangci-v2
• feature/upgrade-openapi-specifications
• feature/upgrade-openapi-specs
• feature/uri-builder
• feature/user-agent
• feature/utils-split-up
• feature/version-command
• feature/version-flag
• fix/library-auth-identity-url
• fix/short-help-option
• fix/show-example-usage-nested-object
• fix/studio-package-progressbar
• fix/uri-builder
• fix/use-testdata-templates
• main
• refs/tags/plugins-v2.0.0
• refs/tags/plugins.v2.0.0
• refs/tags/plugins/v2.0.0
• refs/tags/plugins_v2.0.0
• refs/tags/v2.0.0-plugin
• refs/tags/v2.0.0-uipcli

Build # 15020314100

Build Type

Pull #195

github

Committed by thschmitt

Commit Message

Add support for refresh tokens

The CLI makes the user go through the oauth login authorization flow every
time the access token expired. The access tokens are short-lived and
expiration is currently set to 1 hour which requires the user to
re-login almost every time they are using the CLI.

Taking advantage of the refresh token support in the Identity Server to
automatically renew access tokens for the user. If there is a valid
refresh token, there is no action required by the user.

In case the refresh token expired or the renewal of the access token
fails for any other reason, the user is required to login again.

Implementation:

- Automatically adding the offline_access scope during the oauth flow so
  that the Identity Server returns a refresh token.

- Caching the refresh token using the cache package similar to access
  tokens.

- Added new configuration parameter `offlineAccess` to disable refresh
  token support, e.g.

```
- name: default
  organization: <your-org>
  tenant: defaulttenant
  auth:
    offlineAccess: false
```

- Extended debug logging to log identity server requests and responses
  as well as detailed log messages for refresh token and access token
  handling. Redacting the client secret and refresh tokens to avoid them
  being accidentally leaked

Implements https://github.com/UiPath/uipathcli/issues/193

Pull Request Pull Request #195: Add support for refresh tokens

Run Details

292 of 299 new or added lines in 12 files covered. (97.66%)

6698 of 7376 relevant lines covered (90.81%)

1.02 hits per line