Skip to content

Commit 8abaeaa

Browse files
masnwilliamsclaude
andcommitted
Add health-checks, auto-reauth, record-session flags to managed auth
Exposes the health monitoring controls in auth connection create and update. Bumps kernel-go-sdk to v0.55.0 so the new fields land on the SDK request/response types. Create: - --no-health-checks (opt out; defaults on server-side) - --no-auto-reauth (opt out; defaults on server-side) - --record-session (opt in) Update: - --health-checks / --no-health-checks - --auto-reauth / --no-auto-reauth - --record-session / --no-record-session Also surfaces the three booleans in the managed auth summary table. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
1 parent b67d5ee commit 8abaeaa

4 files changed

Lines changed: 124 additions & 3 deletions

File tree

cmd/auth_connections.go

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,9 @@ type AuthConnectionCreateInput struct {
4646
SaveCredentials bool
4747
NoSaveCredentials bool
4848
HealthCheckInterval int
49+
NoHealthChecks bool
50+
NoAutoReauth bool
51+
RecordSession bool
4952
Output string
5053
}
5154

@@ -74,6 +77,9 @@ type AuthConnectionUpdateInput struct {
7477
SaveCredentials BoolFlag
7578
HealthCheckInterval int
7679
HealthCheckIntervalSet bool
80+
HealthChecks BoolFlag
81+
AutoReauth BoolFlag
82+
RecordSession BoolFlag
7783
Output string
7884
}
7985

@@ -179,6 +185,18 @@ func (c AuthConnectionCmd) Create(ctx context.Context, in AuthConnectionCreateIn
179185
params.ManagedAuthCreateRequest.SaveCredentials = kernel.Opt(false)
180186
}
181187

188+
if in.NoHealthChecks {
189+
params.ManagedAuthCreateRequest.HealthChecks = kernel.Opt(false)
190+
}
191+
192+
if in.NoAutoReauth {
193+
params.ManagedAuthCreateRequest.AutoReauth = kernel.Opt(false)
194+
}
195+
196+
if in.RecordSession {
197+
params.ManagedAuthCreateRequest.RecordSession = kernel.Opt(true)
198+
}
199+
182200
if in.Output != "json" {
183201
pterm.Info.Printf("Creating managed auth for %s...\n", in.Domain)
184202
}
@@ -218,6 +236,9 @@ func printManagedAuthSummary(auth *kernel.ManagedAuth) {
218236
if auth.ProxyID != "" {
219237
tableData = append(tableData, []string{"Proxy ID", auth.ProxyID})
220238
}
239+
tableData = append(tableData, []string{"Health Checks", fmt.Sprintf("%t", auth.HealthChecks)})
240+
tableData = append(tableData, []string{"Auto Reauth", fmt.Sprintf("%t", auth.AutoReauth)})
241+
tableData = append(tableData, []string{"Record Session", fmt.Sprintf("%t", auth.RecordSession)})
221242
PrintTableNoPad(tableData, true)
222243
}
223244

@@ -243,6 +264,18 @@ func (c AuthConnectionCmd) Update(ctx context.Context, in AuthConnectionUpdateIn
243264
params.ManagedAuthUpdateRequest.SaveCredentials = kernel.Opt(in.SaveCredentials.Value)
244265
hasChanges = true
245266
}
267+
if in.HealthChecks.Set {
268+
params.ManagedAuthUpdateRequest.HealthChecks = kernel.Opt(in.HealthChecks.Value)
269+
hasChanges = true
270+
}
271+
if in.AutoReauth.Set {
272+
params.ManagedAuthUpdateRequest.AutoReauth = kernel.Opt(in.AutoReauth.Value)
273+
hasChanges = true
274+
}
275+
if in.RecordSession.Set {
276+
params.ManagedAuthUpdateRequest.RecordSession = kernel.Opt(in.RecordSession.Value)
277+
hasChanges = true
278+
}
246279
if in.AllowedDomainsSet {
247280
params.ManagedAuthUpdateRequest.AllowedDomains = in.AllowedDomains
248281
hasChanges = true
@@ -810,6 +843,9 @@ func init() {
810843
authConnectionsCreateCmd.Flags().String("proxy-name", "", "Proxy name to use")
811844
authConnectionsCreateCmd.Flags().Bool("no-save-credentials", false, "Disable saving credentials after successful login")
812845
authConnectionsCreateCmd.Flags().Int("health-check-interval", 0, "Interval in seconds between health checks (300-86400)")
846+
authConnectionsCreateCmd.Flags().Bool("no-health-checks", false, "Disable periodic health checks (also prevents automatic re-auth)")
847+
authConnectionsCreateCmd.Flags().Bool("no-auto-reauth", false, "Disable automatic re-authentication when a health check detects an expired session")
848+
authConnectionsCreateCmd.Flags().Bool("record-session", false, "Record browser sessions for this connection by default")
813849
_ = authConnectionsCreateCmd.MarkFlagRequired("domain")
814850
_ = authConnectionsCreateCmd.MarkFlagRequired("profile-name")
815851
authConnectionsCreateCmd.MarkFlagsMutuallyExclusive("credential-name", "credential-provider")
@@ -830,8 +866,17 @@ func init() {
830866
authConnectionsUpdateCmd.Flags().Bool("save-credentials", false, "Enable saving credentials after successful login")
831867
authConnectionsUpdateCmd.Flags().Bool("no-save-credentials", false, "Disable saving credentials after successful login")
832868
authConnectionsUpdateCmd.Flags().Int("health-check-interval", 0, "Interval in seconds between health checks")
869+
authConnectionsUpdateCmd.Flags().Bool("health-checks", false, "Enable periodic health checks")
870+
authConnectionsUpdateCmd.Flags().Bool("no-health-checks", false, "Disable periodic health checks (also prevents automatic re-auth)")
871+
authConnectionsUpdateCmd.Flags().Bool("auto-reauth", false, "Enable automatic re-authentication on health check failure")
872+
authConnectionsUpdateCmd.Flags().Bool("no-auto-reauth", false, "Disable automatic re-authentication")
873+
authConnectionsUpdateCmd.Flags().Bool("record-session", false, "Record browser sessions for this connection by default")
874+
authConnectionsUpdateCmd.Flags().Bool("no-record-session", false, "Do not record browser sessions by default")
833875
authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("credential-name", "credential-provider")
834876
authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("save-credentials", "no-save-credentials")
877+
authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("health-checks", "no-health-checks")
878+
authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("auto-reauth", "no-auto-reauth")
879+
authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("record-session", "no-record-session")
835880

836881
// List flags
837882
authConnectionsListCmd.Flags().StringP("output", "o", "", "Output format: json for raw API response")
@@ -887,6 +932,9 @@ func runAuthConnectionsCreate(cmd *cobra.Command, args []string) error {
887932
proxyName, _ := cmd.Flags().GetString("proxy-name")
888933
noSaveCredentials, _ := cmd.Flags().GetBool("no-save-credentials")
889934
healthCheckInterval, _ := cmd.Flags().GetInt("health-check-interval")
935+
noHealthChecks, _ := cmd.Flags().GetBool("no-health-checks")
936+
noAutoReauth, _ := cmd.Flags().GetBool("no-auto-reauth")
937+
recordSession, _ := cmd.Flags().GetBool("record-session")
890938

891939
svc := client.Auth.Connections
892940
c := AuthConnectionCmd{svc: &svc}
@@ -903,6 +951,9 @@ func runAuthConnectionsCreate(cmd *cobra.Command, args []string) error {
903951
ProxyName: proxyName,
904952
NoSaveCredentials: noSaveCredentials,
905953
HealthCheckInterval: healthCheckInterval,
954+
NoHealthChecks: noHealthChecks,
955+
NoAutoReauth: noAutoReauth,
956+
RecordSession: recordSession,
906957
Output: output,
907958
})
908959
}
@@ -942,6 +993,36 @@ func runAuthConnectionsUpdate(cmd *cobra.Command, args []string) error {
942993
saveCredentialsFlag = BoolFlag{Set: true, Value: !noSaveCredentials}
943994
}
944995

996+
healthChecksFlag := BoolFlag{}
997+
if cmd.Flags().Changed("health-checks") {
998+
v, _ := cmd.Flags().GetBool("health-checks")
999+
healthChecksFlag = BoolFlag{Set: true, Value: v}
1000+
}
1001+
if cmd.Flags().Changed("no-health-checks") {
1002+
v, _ := cmd.Flags().GetBool("no-health-checks")
1003+
healthChecksFlag = BoolFlag{Set: true, Value: !v}
1004+
}
1005+
1006+
autoReauthFlag := BoolFlag{}
1007+
if cmd.Flags().Changed("auto-reauth") {
1008+
v, _ := cmd.Flags().GetBool("auto-reauth")
1009+
autoReauthFlag = BoolFlag{Set: true, Value: v}
1010+
}
1011+
if cmd.Flags().Changed("no-auto-reauth") {
1012+
v, _ := cmd.Flags().GetBool("no-auto-reauth")
1013+
autoReauthFlag = BoolFlag{Set: true, Value: !v}
1014+
}
1015+
1016+
recordSessionFlag := BoolFlag{}
1017+
if cmd.Flags().Changed("record-session") {
1018+
v, _ := cmd.Flags().GetBool("record-session")
1019+
recordSessionFlag = BoolFlag{Set: true, Value: v}
1020+
}
1021+
if cmd.Flags().Changed("no-record-session") {
1022+
v, _ := cmd.Flags().GetBool("no-record-session")
1023+
recordSessionFlag = BoolFlag{Set: true, Value: !v}
1024+
}
1025+
9451026
svc := client.Auth.Connections
9461027
c := AuthConnectionCmd{svc: &svc}
9471028
return c.Update(cmd.Context(), AuthConnectionUpdateInput{
@@ -964,6 +1045,9 @@ func runAuthConnectionsUpdate(cmd *cobra.Command, args []string) error {
9641045
SaveCredentials: saveCredentialsFlag,
9651046
HealthCheckInterval: healthCheckInterval,
9661047
HealthCheckIntervalSet: cmd.Flags().Changed("health-check-interval"),
1048+
HealthChecks: healthChecksFlag,
1049+
AutoReauth: autoReauthFlag,
1050+
RecordSession: recordSessionFlag,
9671051
Output: output,
9681052
})
9691053
}

cmd/auth_connections_test.go

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,34 @@ func TestAuthConnectionsCreate_ProviderWithExplicitAuto_SetsAuto(t *testing.T) {
293293
assert.True(t, cred.Auto.Value)
294294
}
295295

296+
func TestAuthConnectionsCreate_HealthMonitoringFlags(t *testing.T) {
297+
var captured kernel.AuthConnectionNewParams
298+
fake := &FakeAuthConnectionService{
299+
NewFunc: func(ctx context.Context, body kernel.AuthConnectionNewParams, opts ...option.RequestOption) (*kernel.ManagedAuth, error) {
300+
captured = body
301+
return &kernel.ManagedAuth{ID: "conn-new"}, nil
302+
},
303+
}
304+
305+
c := AuthConnectionCmd{svc: fake}
306+
err := c.Create(context.Background(), AuthConnectionCreateInput{
307+
Domain: "example.com",
308+
ProfileName: "p",
309+
NoHealthChecks: true,
310+
NoAutoReauth: true,
311+
RecordSession: true,
312+
Output: "json",
313+
})
314+
require.NoError(t, err)
315+
316+
require.True(t, captured.ManagedAuthCreateRequest.HealthChecks.Valid())
317+
assert.False(t, captured.ManagedAuthCreateRequest.HealthChecks.Value)
318+
require.True(t, captured.ManagedAuthCreateRequest.AutoReauth.Valid())
319+
assert.False(t, captured.ManagedAuthCreateRequest.AutoReauth.Value)
320+
require.True(t, captured.ManagedAuthCreateRequest.RecordSession.Valid())
321+
assert.True(t, captured.ManagedAuthCreateRequest.RecordSession.Value)
322+
}
323+
296324
// --credential-name references a Kernel-managed credential and should never
297325
// carry a provider/auto/path — the default-auto logic must not kick in here.
298326
func TestAuthConnectionsCreate_CredentialName_UnaffectedByAutoDefault(t *testing.T) {
@@ -352,6 +380,9 @@ func TestAuthConnectionsUpdate_MapsParams(t *testing.T) {
352380
SaveCredentials: BoolFlag{Set: true, Value: false},
353381
HealthCheckInterval: 900,
354382
HealthCheckIntervalSet: true,
383+
HealthChecks: BoolFlag{Set: true, Value: false},
384+
AutoReauth: BoolFlag{Set: true, Value: false},
385+
RecordSession: BoolFlag{Set: true, Value: true},
355386
})
356387
require.NoError(t, err)
357388
require.True(t, captured.ManagedAuthUpdateRequest.LoginURL.Valid())
@@ -369,6 +400,12 @@ func TestAuthConnectionsUpdate_MapsParams(t *testing.T) {
369400
assert.False(t, captured.ManagedAuthUpdateRequest.SaveCredentials.Value)
370401
require.True(t, captured.ManagedAuthUpdateRequest.HealthCheckInterval.Valid())
371402
assert.Equal(t, int64(900), captured.ManagedAuthUpdateRequest.HealthCheckInterval.Value)
403+
require.True(t, captured.ManagedAuthUpdateRequest.HealthChecks.Valid())
404+
assert.False(t, captured.ManagedAuthUpdateRequest.HealthChecks.Value)
405+
require.True(t, captured.ManagedAuthUpdateRequest.AutoReauth.Valid())
406+
assert.False(t, captured.ManagedAuthUpdateRequest.AutoReauth.Value)
407+
require.True(t, captured.ManagedAuthUpdateRequest.RecordSession.Valid())
408+
assert.True(t, captured.ManagedAuthUpdateRequest.RecordSession.Value)
372409
}
373410

374411
func newFakeWithMfaOptions(options []kernel.ManagedAuthMfaOption) *FakeAuthConnectionService {

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ require (
99
github.com/charmbracelet/lipgloss/v2 v2.0.0-beta.1
1010
github.com/golang-jwt/jwt/v5 v5.2.2
1111
github.com/joho/godotenv v1.5.1
12-
github.com/kernel/kernel-go-sdk v0.53.0
12+
github.com/kernel/kernel-go-sdk v0.55.0
1313
github.com/klauspost/compress v1.18.5
1414
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c
1515
github.com/pterm/pterm v0.12.80

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,8 +64,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2
6464
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
6565
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
6666
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
67-
github.com/kernel/kernel-go-sdk v0.53.0 h1:XgcuJv3G4a6nr9LYBZ21gLUWvsIDLSG4YhZAngNrqE0=
68-
github.com/kernel/kernel-go-sdk v0.53.0/go.mod h1:EeZzSuHZVeHKxKCPUzxou2bovNGhXaz0RXrSqKNf1AQ=
67+
github.com/kernel/kernel-go-sdk v0.55.0 h1:JjLqrh+58oX8l4N/+MfVGVh+L6G/UHnCRdeXFUpXPWo=
68+
github.com/kernel/kernel-go-sdk v0.55.0/go.mod h1:EeZzSuHZVeHKxKCPUzxou2bovNGhXaz0RXrSqKNf1AQ=
6969
github.com/klauspost/compress v1.18.5 h1:/h1gH5Ce+VWNLSWqPzOVn6XBO+vJbCNGvjoaGBFW2IE=
7070
github.com/klauspost/compress v1.18.5/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ=
7171
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=

0 commit comments

Comments
 (0)