Feature Request: Expose a mechanism to authorize using private access token for testing
Closed this issue · 2 comments
It would be great if we have a way to authorize API call using Gitlab private access token. This is good for automated tests in order to quickly setup test projects for example. Also this will allow us to test SDLC in a more e2e like manner. Or when somebody needs to setup system users/bots to do stuffs through the SDLC server. There are a few things to consider/do:
- Come up with a way for the client to pass the private token to the SDLC Server
- Cone up with a distinction in the session between private and OAuth tokens - we'll then need to keep track of what kind of token you have
- Come up with logic to use that distinction to create the GitLabApi - private access tokens and OAuth tokens are communicated to GitLab in different ways
Also, we'd need to think about how this would work with authentication, do we separately authenticate the user? Or do we use the token to authenticate?
We should definitely make it easier to run integration tests. But not sure about adding support for a Gitlab specific auth scheme,
Could we use the Resource owner password credentials flow ? https://docs.gitlab.com/ee/api/oauth2.html#resource-owner-password-credentials-flow
Also, if we are planning on automating UI testing via Puppeteer etc., can we use the same automation to drive the OAuth forms ?
Or when somebody needs to setup system users/bots to do stuffs through the SDLC server. There are a few things to consider/do
Yeah. We had an ask for programmatically updating the models via SDLC instead of via the Studio UI.
Closed by finos/legend-shared#115