Add support for viewer API key #362
Description
Add support for getting a viewer API key when running on Connect.
The Python implementation is here: posit-dev/posit-sdk-py#372
The core handshake is most easily seen in this excerpt from a Python test fixture:
def register_mocks():
responses.post(
"https://connect.example/__api__/v1/oauth/integrations/credentials",
match=[
responses.matchers.urlencoded_params_matcher(
{
"grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
"subject_token_type": "urn:posit:connect:user-session-token",
"subject_token": "cit",
"requested_token_type": "urn:posit:connect:api-key",
},
),
],
json={
"access_token": "viewer-api-key",
"issued_token_type": "urn:posit:connect:api-key",
"token_type": "Key",
},
)In connectapi, the client is created with a connect() function, which gets the server URL and API key from environment variables by default. Perhaps the best workflow is adding an optional user_session_token argument to that function that, when provided, returns a viewer client object. Something like:
library(shiny)
library(connectapi)
ui <- fluidPage(
"Publisher API key",
verbatimTextOutput("default_api_key"),
"Viewer API key",
verbatimTextOutput("viewer_api_key")
)
server <- function(input, output, session) {
# Create a publisher client for comparison. This is not needed to create a viewer client.
publisher_client <- connect()
# Read the user-session-token header and create a viewer client
user_session_token <- session$request$HTTP_POSIT_CONNECT_USER_SESSION_TOKEN
viewer_client <- connect(token = user_session_token)
output$default_api_key <- renderText(publisher_client$api_key)
output$viewer_api_key <- renderText(viewer_client$api_key)
}
shinyApp(ui, server)Implementation notes:
- Call
get_oauth_credentials()here. It looks like it needs an additional field though:"requested_token_type": "urn:posit:connect:api-key". Is that the field which makes this request special?
Metadata
Metadata
Assignees
Labels
No labels