Create alpha command for up alpha web-login. This supports SSO integration. When enabling SSO, upbound-api locks logins to SSO only and this means the cli would no longer be able to be used by those orgs. This allows web and SSO based logins via the up cli by creating a server listening for a callback, it then opens a browser to do a login. Any type of login can be done here, password, social or SSO (if SSO is enabled on an org then ONLY SSO may be used) and once logged in redirects to the callback in up cli passing it a time based one-time password. This TOTP is then exchanged for a session in upbound-api which is then stored and used by the up cli.
Note: in the case of headless terminals (ssh in to server) where a graphical web-browser cannot be used to complete SSO the up cli detects this and displays a link and QR code that can be used to authenticate on your phone or other device, once authenticated you can type in the 6 digit TOTP code and up cli will complete the login.
Description of your changes
Create alpha command for
up alpha web-login
. This supports SSO integration. When enabling SSO, upbound-api locks logins to SSO only and this means the cli would no longer be able to be used by those orgs. This allows web and SSO based logins via theup
cli by creating a server listening for a callback, it then opens a browser to do a login. Any type of login can be done here, password, social or SSO (if SSO is enabled on an org then ONLY SSO may be used) and once logged in redirects to the callback inup
cli passing it a time based one-time password. This TOTP is then exchanged for a session in upbound-api which is then stored and used by theup
cli.Note: in the case of headless terminals (ssh in to server) where a graphical web-browser cannot be used to complete SSO the
up
cli detects this and displays a link and QR code that can be used to authenticate on your phone or other device, once authenticated you can type in the 6 digit TOTP code andup
cli will complete the login.Fixes #
I have:
make reviewable
to ensure this PR is ready for review.backport release-x.y
labels to auto-backport this PR, as appropriate.How has this code been tested
Tested locally and against dev