mirror of
https://github.com/larksuite/cli.git
synced 2026-07-03 14:02:43 +08:00
* feat: add --json flag support to auth subcommands * feat(auth/logout): add json output support for logout command * feat(auth/list): add json output support for auth list command
94 lines
2.4 KiB
Go
94 lines
2.4 KiB
Go
// Copyright (c) 2026 Lark Technologies Pte. Ltd.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package auth
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
"github.com/larksuite/cli/errs"
|
|
larkauth "github.com/larksuite/cli/internal/auth"
|
|
"github.com/larksuite/cli/internal/cmdutil"
|
|
"github.com/larksuite/cli/internal/output"
|
|
)
|
|
|
|
// CheckOptions holds all inputs for auth check.
|
|
type CheckOptions struct {
|
|
Factory *cmdutil.Factory
|
|
Scope string
|
|
JSON bool
|
|
}
|
|
|
|
// NewCmdAuthCheck creates the auth check subcommand.
|
|
func NewCmdAuthCheck(f *cmdutil.Factory, runF func(*CheckOptions) error) *cobra.Command {
|
|
opts := &CheckOptions{Factory: f}
|
|
|
|
cmd := &cobra.Command{
|
|
Use: "check",
|
|
Short: "Check if current token has specified scopes",
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
|
if runF != nil {
|
|
return runF(opts)
|
|
}
|
|
return authCheckRun(opts)
|
|
},
|
|
}
|
|
|
|
cmd.Flags().StringVar(&opts.Scope, "scope", "", "scopes to check (space-separated)")
|
|
cmd.Flags().BoolVar(&opts.JSON, "json", false, "structured JSON output")
|
|
cmd.MarkFlagRequired("scope")
|
|
cmdutil.SetRisk(cmd, "read")
|
|
|
|
return cmd
|
|
}
|
|
|
|
func authCheckRun(opts *CheckOptions) error {
|
|
f := opts.Factory
|
|
|
|
required := strings.Fields(opts.Scope)
|
|
if len(required) == 0 {
|
|
return errs.NewValidationError(errs.SubtypeInvalidArgument, "--scope cannot be empty").WithParam("--scope")
|
|
}
|
|
|
|
config, err := f.Config()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if config.UserOpenId == "" {
|
|
output.PrintJson(f.IOStreams.Out, map[string]interface{}{"ok": false, "error": "not_logged_in", "missing": required})
|
|
return output.ErrBare(1)
|
|
}
|
|
|
|
stored := larkauth.GetStoredToken(config.AppID, config.UserOpenId)
|
|
if stored == nil {
|
|
output.PrintJson(f.IOStreams.Out, map[string]interface{}{"ok": false, "error": "no_token", "missing": required})
|
|
return output.ErrBare(1)
|
|
}
|
|
|
|
missing := larkauth.MissingScopes(stored.Scope, required)
|
|
missingSet := make(map[string]bool, len(missing))
|
|
for _, s := range missing {
|
|
missingSet[s] = true
|
|
}
|
|
var granted []string
|
|
for _, s := range required {
|
|
if !missingSet[s] {
|
|
granted = append(granted, s)
|
|
}
|
|
}
|
|
|
|
ok := len(missing) == 0
|
|
result := map[string]interface{}{"ok": ok, "granted": granted, "missing": missing}
|
|
if len(missing) > 0 {
|
|
result["suggestion"] = fmt.Sprintf(`lark-cli auth login --scope "%s"`, strings.Join(missing, " "))
|
|
}
|
|
output.PrintJson(f.IOStreams.Out, result)
|
|
if !ok {
|
|
return output.ErrBare(1)
|
|
}
|
|
return nil
|
|
}
|