Skip to content

Comments

implicit auth#5

Merged
clavery merged 3 commits intomainfrom
feature/implicit-auth
Dec 1, 2025
Merged

implicit auth#5
clavery merged 3 commits intomainfrom
feature/implicit-auth

Conversation

@clavery
Copy link
Collaborator

@clavery clavery commented Dec 1, 2025

Summary

Adds OAuth 2.0 Implicit Grant Flow support for interactive/CLI authentication, and a flexible --auth-method flag to control which authentication methods are allowed.

Features

  • Implicit OAuth Strategy (ImplicitOAuthStrategy)

    • Browser-based OAuth flow for when only a client ID is available (no secret)
    • Opens browser to Account Manager authorize URL
    • Local HTTP server captures OAuth redirect with token
    • Token caching with expiration and scope validation
    • Comprehensive debug/trace logging
  • Auth Method Selection

    • New --auth-method flag (can be specified multiple times for priority order)
    • Supports: client-credentials, implicit, basic, api-key
    • Configurable via flag, SFCC_AUTH_METHODS env var, or auth-methods in dw.json
    • Works across all commands (auth, code, sites, etc.)
  • Library API

    • resolveAuthStrategy() - Auto-selects best strategy from credentials and allowed methods
    • checkAvailableAuthMethods() - Reports which methods are available/unavailable
    • Full JSDoc documentation with examples

Usage

# Use implicit flow (opens browser)
b2c auth token --client-id your-client-id --auth-method implicit

# Use implicit flow with code commands
b2c code list --client-id your-client-id --auth-method implicit --server your-sandbox.demandware.net

# Priority order: try client-credentials first, fall back to implicit
b2c code deploy --client-id your-client-id --auth-method client-credentials --auth-method implicit

Library Usage

import { resolveAuthStrategy, checkAvailableAuthMethods } from '@salesforce/b2c-tooling';

// Auto-select best strategy
const strategy = resolveAuthStrategy({
  clientId: 'my-client-id',
  clientSecret: process.env.CLIENT_SECRET, // may be undefined
});

// Force implicit auth only
const implicitStrategy = resolveAuthStrategy(
  { clientId: 'my-client-id' },
  { allowedMethods: ['implicit'] }
);

Files Changed

  • packages/b2c-tooling/src/auth/oauth-implicit.ts - New implicit OAuth strategy
  • packages/b2c-tooling/src/auth/resolve.ts - Auth resolution helpers
  • packages/b2c-tooling/src/auth/types.ts - AuthMethod type, AuthCredentials
  • packages/b2c-tooling/src/cli/oauth-command.ts - --auth-method flag
  • packages/b2c-tooling/src/cli/instance-command.ts - Pass authMethods to B2CInstance
  • packages/b2c-tooling/src/instance/index.ts - Use resolveAuthStrategy
  • packages/b2c-tooling/src/config/dw-json.ts - auth-methods in dw.json

  • Tests pass (pnpm test)
  • Code is formatted (pnpm run format)

🤖 Generated with Claude Code

@clavery clavery changed the title Feature/implicit auth Implicit OAuth flow and auth method selection Dec 1, 2025
@clavery clavery changed the title Implicit OAuth flow and auth method selection implicit auth Dec 1, 2025
@clavery clavery merged commit 630f502 into main Dec 1, 2025
2 checks passed
@clavery clavery deleted the feature/implicit-auth branch January 27, 2026 01:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant