Add service to generate OAuth tokens for command line apps

Description

Users should be able to get refresh tokens for command line apps using a typical login session. This would allow users to use OAuth refresh tokens to authenticate their command line apps in scenarios where no browser is available.

Possible implementation could be a generic service for generating tokens:
endpoint: POST /oauth2/userGeneratedToken
request body: OIDCTokenGenerationRequest {

name: string (a unique-to-the-user, human-readable name. if unspecified, this will be a UUID)

clientId: string (the client that can use the OAuth token)

scope: Array<OAuthScope> (scopes granted by the tokens)

claims: OIDCClaimsRequest (claims granted by the tokens)

}

Response body: OIDCTokenResponse

Doc:
Generates a token response that users can copy and paste into the command line client. Effectively replaces API keys.

In most cases, the clientId will be set to the ID used for the bootstrapped command line client (SWC could even hard-code it, since users likely only need to generate tokens for this client).

Environment

None

Assignee

Unassigned

Reporter

Nick Grosenbacher

Labels

None

Validator

Bruce Hoff

Development Area

None

Release Version History

None

Epic Link

Priority

Major
Configure