|
| 1 | +#' Posit Package Manager single sign-on (SSO) authentication |
| 2 | +#' |
| 3 | +#' @details |
| 4 | +#' ## Set up SSO authentication: |
| 5 | +#' - Set the `PACKAGEMANAGER_ADDRESS` environment variable to the URL of |
| 6 | +#' your RStudio Package Manager instance. For example, add this line to |
| 7 | +#' your `.Renviron` file: |
| 8 | +#' ``` |
| 9 | +#' PACKAGEMANAGER_ADDRESS=https://<ppm-url> |
| 10 | +#' ``` |
| 11 | +#' Alternatively, you can also set it in your shell profile on Unix, |
| 12 | +#' or in the System or User environment variables on Windows. |
| 13 | +#' - Set `options(repos)` to include a repository from your Package Manager |
| 14 | +#' instance. Include `__token__` as the username in the URL. For example: |
| 15 | +#' ``` |
| 16 | +#' options(repos = c( |
| 17 | +#' PPM = "https://__token__@<ppm-url>/<repo-path>", |
| 18 | +#' getOption("repos") |
| 19 | +#' )) |
| 20 | +#' ``` |
| 21 | +#' You probably want to add this to your `.Rprofile` file, so that it is |
| 22 | +#' set in every R session. |
| 23 | +#' - Call [repo_get()] to trigger authentication and caching of the token. |
| 24 | +#' You should be prompted to log in via your browser, and the obtained |
| 25 | +#' token will be cached for future use. Call `ppm_sso_status()` to check |
| 26 | +#' the status of your authentication, including the path of the cached |
| 27 | +#' token and its expiration time. |
| 28 | +#' - Alternatively, you can call `ppm_sso_login()` directly to trigger |
| 29 | +#' the login process directly. |
| 30 | +#' |
| 31 | +#' `ppm_sso_login()` initiates the SSO login process. You should be |
| 32 | +#' prompted to log in via your browser, and the obtained token will be |
| 33 | +#' cached for future use. |
| 34 | +#' |
| 35 | +#' @return `ppm_sso_login()` returns the obtained token invisibly. |
| 36 | +#' |
| 37 | +#' @seealso [Authenticated repositories], |
| 38 | +#' <https://docs.posit.co/rspm/admin/authentication/> |
| 39 | +#' @export |
| 40 | +#' @examplesIf FALSE |
| 41 | +#' Sys.setenv(PACKAGEMANAGER_ADDRESS = "https://<ppm-url>") |
| 42 | +#' options(repos = c( |
| 43 | +#' PPM = "https://__token__@<ppm-url>/<repo-path>", |
| 44 | +#' getOption("repos") |
| 45 | +#' )) |
| 46 | +#' ppm_sso_login() |
| 47 | +#' ppm_sso_status() |
| 48 | +#' ppm_sso_status(connect = TRUE) |
| 49 | +#' ppm_sso_logout() |
| 50 | + |
| 51 | +ppm_sso_login <- function() { |
| 52 | + res <- remote( |
| 53 | + function() { |
| 54 | + asNamespace("pkgcache")$ppm_sso_login() |
| 55 | + }, |
| 56 | + list() |
| 57 | + ) |
| 58 | + invisible(res) |
| 59 | +} |
| 60 | + |
| 61 | +#' @rdname ppm_sso_login |
| 62 | +#' @details |
| 63 | +#' `ppm_sso_logout()` removes the cached token, effectively logging you |
| 64 | +#' out. If there is no cached token, it does nothing. |
| 65 | +#' @return `ppm_sso_logout()` does not return anything. |
| 66 | +#' @export |
| 67 | + |
| 68 | +ppm_sso_logout <- function() { |
| 69 | + res <- remote( |
| 70 | + function() { |
| 71 | + asNamespace("pkgcache")$ppm_sso_logout() |
| 72 | + }, |
| 73 | + list() |
| 74 | + ) |
| 75 | + invisible(res) |
| 76 | +} |
| 77 | + |
| 78 | +#' @rdname ppm_sso_login |
| 79 | +#' @param connect If `TRUE`, also checks if the token is valid by making a test |
| 80 | +#' request to the Package Manager instance. This requires an active internet |
| 81 | +#' connection and may take a few seconds. If `FALSE`, only checks if a |
| 82 | +#' token is cached and not expired. |
| 83 | +#' @details |
| 84 | +#' `ppm_sso_status()` checks the status of your authentication, including |
| 85 | +#' the path of the cached token and its expiration time. |
| 86 | +#' @return `ppm_sso_status()` returns a list with the following components: |
| 87 | +#' - `ppm_url`: The URL of the Package Manager instance. |
| 88 | +#' - `token_file`: The path of the cached token file. |
| 89 | +#' - `token`: The cached token (partially masked for display) or `NA` if |
| 90 | +#' no token is found locally. |
| 91 | +#' - `valid`: `TRUE` if the token is valid (only if `connect = TRUE`), |
| 92 | +#' `FALSE` if invalid, or `NA` if not checked. |
| 93 | +#' - `issuer`: The issuer of the token, or `NA` if not available. |
| 94 | +#' - `subject`: The subject of the token, or `NA` if not available. |
| 95 | +#' - `audience`: The audience of the token, or `NA` if not available. |
| 96 | +#' - `issued_at`: The issue time of the token as a POSIXct object, or `NA` |
| 97 | +#' if not available. |
| 98 | +#' - `expires_at`: The expiration time of the token as a POSIXct object, |
| 99 | +#' or `NA` if not available. |
| 100 | +#' - `expired`: `TRUE` if the token is expired, `FALSE` if not expired, |
| 101 | +#' or `NA` if expiration time is not available. |
| 102 | +#' - `expires_in`: The time until expiration as a difftime object, or |
| 103 | +#' `NA` if expiration time is not available or the token is already |
| 104 | +#' expired. |
| 105 | +#' @export |
| 106 | +ppm_sso_status <- function(connect = FALSE) { |
| 107 | + remote( |
| 108 | + function(connect) { |
| 109 | + ret <- asNamespace("pkgcache")$ppm_sso_status(connect) |
| 110 | + asNamespace("pak")$pak_preformat(ret) |
| 111 | + }, |
| 112 | + list(connect) |
| 113 | + ) |
| 114 | +} |
0 commit comments