This will be called in a future PR while executing the token trade endpoint.
This stub allows me to perform the token trade flow with a current V4 API key, without any of the improvements we will need (such as hiding this API keys from the API key page, not sending API key expiration messages, etc.).
Progress on https://github.com/NuGet/NuGetGallery/issues/10212. Depends on https://github.com/NuGet/NuGetGallery/pull/10262.
This adds a new method to
CredentialBuilderwhich creates a short-lived API key given a federated credential trust policy.This method has a TODO in it linking to the OIDC work item because the exact shape of the short lived API key is still in discussion. The created credential is not yet associated with a user (the created by user account) because this is the responsibility of
IAuthenticationService.AddCredential: https://github.com/NuGet/NuGetGallery/blob/0ec99618043ae7f7e54a3ed8fdbbb47acc5e30b1/src/NuGetGallery.Services/Authentication/AuthenticationService.cs#L629-L641This will be called in a future PR while executing the token trade endpoint.
This stub allows me to perform the token trade flow with a current V4 API key, without any of the improvements we will need (such as hiding this API keys from the API key page, not sending API key expiration messages, etc.).