UNPKG

heroku-cli-oauth/README.md

Version:

4.17 kBMarkdownView Raw

1# Heroku OAuth [![CircleCI](https://circleci.com/gh/heroku/heroku-cli-oauth.svg?style=svg)](https://circleci.com/gh/heroku/heroku-cli-oauth)
2[![Code Climate](https://codeclimate.com/github/heroku/heroku-cli-oauth/badges/gpa.svg)](https://codeclimate.com/github/heroku/heroku-cli-oauth)
3[![codecov](https://codecov.io/gh/heroku/heroku-cli-oauth/branch/master/graph/badge.svg)](https://codecov.io/gh/heroku/heroku-cli-oauth)
4[![npm version](https://badge.fury.io/js/heroku-cli-oauth.svg)](https://badge.fury.io/js/heroku-cli-oauth)
5[![License](https://img.shields.io/github/license/heroku/heroku-cli-oauth.svg)](https://github.com/heroku/heroku-cli-oauth/blob/master/LICENSE)
6
7[![js-standard-style](https://cdn.rawgit.com/feross/standard/master/badge.svg)](https://github.com/feross/standard)
8
9Command line plugin for managing OAuth clients, authorizations and tokens.
10
11To install:
12
13``` bash
14$ heroku plugins:install heroku-cli-oauth
15```
16
17### Clients
18
19To create a client:
20
21``` bash
22$ heroku clients:create "Amazing" https://amazing-client.herokuapp.com/auth/heroku/callback
23Creating Amazing... done
24HEROKU_OAUTH_ID=3e304bda-d376-4278-bdea-6d6c08aa1359
25HEROKU_OAUTH_SECRET=e6a5f58f-f8a9-49f1-a1a6-d1dd98930ef6
26```
27
28See OAuth clients under your account with:
29
30``` bash
31$ heroku clients
32Amazing  3e304bda-d376-4278-bdea-6d6c08aa1359  https://amazing-client.herokuapp.com/auth/heroku/callback
33```
34
35Get details about a client:
36```bash
37$ heroku clients:info 36120128-fee7-455e-8b7f-807aee130946
38=== Amazing
39created_at:         2016-01-21T02:11:57Z
40id:                 36120128-fee7-455e-8b7f-807aee130946
41name:               Amazing
42redirect_uri:       https://amazing-client.herokuapp.com/auth/heroku/callback
43secret:             a14cf558-60b8-44f2-a804-3b249b48aa57
44updated_at:         2016-01-21T02:11:57Z
45```
46
47Update clients:
48
49``` bash
50$ heroku clients:update 3e304bda-d376-4278-bdea-6d6c08aa1359 --url https://amazing-client.herokuapp.com/auth/heroku/callback
51Updated Amazing... done
52```
53
54### Authorizations
55
56List them:
57
58``` bash
59$ heroku authorizations
60Amazing                        9e3a4063-b833-432e-ad75-4b0d7195be13  global
61Heroku CLI                     676cb46c-7597-4be1-8a6a-f87b9f2f1065  global
62```
63
64#### Creating
65
66You can create a special user-created authorization against your account that will come with an access token which doesn't expire:
67
68``` bash
69$ heroku authorizations:create --description "For use with Anvil"
70Created OAuth authorization.
71  ID:          105a7bfa-34c3-476e-873a-b1ac3fdc12fb
72  Description: For use with Anvil
73  Token:       4cee516c-f8c6-4f14-9edf-fc6ef09cedc5
74  Scope:       global
75```
76
77You can also pass in short output format to only output the token.
78
79```bash
80$ heroku authorizations:create --output_format short
81nec6a9b6-b21a-4ba1-il95-70zd47e14c4d
82```
83
84Another option allows for tokens that expire.  This token expires in 10 seconds.
85```
86$ heroku authorizations:create --expires_in 10
87Created OAuth authorization.
88  Client:      <none>
89  ID:          2231biha6-5b1e-4268-ba04-2ee7b74m2gf6
90  Description: Long-lived user authorization
91  Scope:       global
92  Token:       9aa5d667-fg37-4028-8dc9-b2191b5z5966
93```
94
95A combination of short format and expires_in can be handy to pass into a job that needs access to heroku:
96
97``` bash
98$ heroku run "HEROKU_EMAIL=`heroku auth:whoami` HEROKU_API_KEY=`heroku authorizations:create --expires_in 120 --output_format short` ./my_job.sh" -a myapp
99```
100
101
102Optionally, you can specify a list of scopes for the authorization:
103
104``` bash
105$ heroku authorizations:create --description "For use with Anvil" --scope identity,read-protected
106Created OAuth authorization.
107  ID:          105a7bfa-34c3-476e-873a-b1ac3fdc12fb
108  Description: For use with Anvil
109  Token:       4cee516c-f8c6-4f14-9edf-fc6ef09cedc5
110  Scope:       identity, read-protected
111```
112
113The procured token can now be used like an API key:
114
115``` bash
116$ curl -u ":4cee516c-f8c6-4f14-9edf-fc6ef09cedc5" https://api.heroku.com/apps
117```
118
119
120#### Revoking
121
122Any authorization on your account can be revoked at any time:
123
124``` bash
125$ heroku authorizations:revoke 105a7bfa-34c3-476e-873a-b1ac3fdc12fb
126Revoked authorization from "Another App".
127```

1	`# Heroku OAuth [![CircleCI](https://circleci.com/gh/heroku/heroku-cli-oauth.svg?style=svg)](https://circleci.com/gh/heroku/heroku-cli-oauth)`
2	`[![Code Climate](https://codeclimate.com/github/heroku/heroku-cli-oauth/badges/gpa.svg)](https://codeclimate.com/github/heroku/heroku-cli-oauth)`
3	`[![codecov](https://codecov.io/gh/heroku/heroku-cli-oauth/branch/master/graph/badge.svg)](https://codecov.io/gh/heroku/heroku-cli-oauth)`
4	`[![npm version](https://badge.fury.io/js/heroku-cli-oauth.svg)](https://badge.fury.io/js/heroku-cli-oauth)`
5	`[![License](https://img.shields.io/github/license/heroku/heroku-cli-oauth.svg)](https://github.com/heroku/heroku-cli-oauth/blob/master/LICENSE)`
6
7	`[![js-standard-style](https://cdn.rawgit.com/feross/standard/master/badge.svg)](https://github.com/feross/standard)`
8
9	`Command line plugin for managing OAuth clients, authorizations and tokens.`
10
11	`To install:`
12
13	``` bash
14	`$ heroku plugins:install heroku-cli-oauth`
15	```
16
17	`### Clients`
18
19	`To create a client:`
20
21	``` bash
22	`$ heroku clients:create "Amazing" https://amazing-client.herokuapp.com/auth/heroku/callback`
23	`Creating Amazing... done`
24	`HEROKU_OAUTH_ID=3e304bda-d376-4278-bdea-6d6c08aa1359`
25	`HEROKU_OAUTH_SECRET=e6a5f58f-f8a9-49f1-a1a6-d1dd98930ef6`
26	```
27
28	`See OAuth clients under your account with:`
29
30	``` bash
31	`$ heroku clients`
32	`Amazing 3e304bda-d376-4278-bdea-6d6c08aa1359 https://amazing-client.herokuapp.com/auth/heroku/callback`
33	```
34
35	`Get details about a client:`
36	```bash
37	`$ heroku clients:info 36120128-fee7-455e-8b7f-807aee130946`
38	`=== Amazing`
39	`created_at: 2016-01-21T02:11:57Z`
40	`id: 36120128-fee7-455e-8b7f-807aee130946`
41	`name: Amazing`
42	`redirect_uri: https://amazing-client.herokuapp.com/auth/heroku/callback`
43	`secret: a14cf558-60b8-44f2-a804-3b249b48aa57`
44	`updated_at: 2016-01-21T02:11:57Z`
45	```
46
47	`Update clients:`
48
49	``` bash
50	`$ heroku clients:update 3e304bda-d376-4278-bdea-6d6c08aa1359 --url https://amazing-client.herokuapp.com/auth/heroku/callback`
51	`Updated Amazing... done`
52	```
53
54	`### Authorizations`
55
56	`List them:`
57
58	``` bash
59	`$ heroku authorizations`
60	`Amazing 9e3a4063-b833-432e-ad75-4b0d7195be13 global`
61	`Heroku CLI 676cb46c-7597-4be1-8a6a-f87b9f2f1065 global`
62	```
63
64	`#### Creating`
65
66	`You can create a special user-created authorization against your account that will come with an access token which doesn't expire:`
67
68	``` bash
69	`$ heroku authorizations:create --description "For use with Anvil"`
70	`Created OAuth authorization.`
71	`ID: 105a7bfa-34c3-476e-873a-b1ac3fdc12fb`
72	`Description: For use with Anvil`
73	`Token: 4cee516c-f8c6-4f14-9edf-fc6ef09cedc5`
74	`Scope: global`
75	```
76
77	`You can also pass in short output format to only output the token.`
78
79	```bash
80	`$ heroku authorizations:create --output_format short`
81	`nec6a9b6-b21a-4ba1-il95-70zd47e14c4d`
82	```
83
84	`Another option allows for tokens that expire. This token expires in 10 seconds.`
85	```
86	`$ heroku authorizations:create --expires_in 10`
87	`Created OAuth authorization.`
88	`Client: <none>`
89	`ID: 2231biha6-5b1e-4268-ba04-2ee7b74m2gf6`
90	`Description: Long-lived user authorization`
91	`Scope: global`
92	`Token: 9aa5d667-fg37-4028-8dc9-b2191b5z5966`
93	```
94
95	`A combination of short format and expires_in can be handy to pass into a job that needs access to heroku:`
96
97	``` bash
98	$ heroku run "HEROKU_EMAIL=`heroku auth:whoami` HEROKU_API_KEY=`heroku authorizations:create --expires_in 120 --output_format short` ./my_job.sh" -a myapp
99	```
100
101
102	`Optionally, you can specify a list of scopes for the authorization:`
103
104	``` bash
105	`$ heroku authorizations:create --description "For use with Anvil" --scope identity,read-protected`
106	`Created OAuth authorization.`
107	`ID: 105a7bfa-34c3-476e-873a-b1ac3fdc12fb`
108	`Description: For use with Anvil`
109	`Token: 4cee516c-f8c6-4f14-9edf-fc6ef09cedc5`
110	`Scope: identity, read-protected`
111	```
112
113	`The procured token can now be used like an API key:`
114
115	``` bash
116	`$ curl -u ":4cee516c-f8c6-4f14-9edf-fc6ef09cedc5" https://api.heroku.com/apps`
117	```
118
119
120	`#### Revoking`
121
122	`Any authorization on your account can be revoked at any time:`
123
124	``` bash
125	`$ heroku authorizations:revoke 105a7bfa-34c3-476e-873a-b1ac3fdc12fb`
126	`Revoked authorization from "Another App".`
127	```