While the SAFE Browser provides an integrated Authenticator GUI for users to create and manage their SAFE Network accounts and authorised applications, there are many situations where being forced to use a GUI, such as the browser, is less than ideal.
For example, developers working on a desktop SAFE application, either during development, testing, or even the debugging phase, may find it uncomfortable or overkill if all they need is just the app’s credentials to connect to the SAFE Network to test their application logic, and perhaps not the authorisation flow. In these scenarios having a CLI is much more flexible and easy to use as its output could also be chained with other commands, and/or applications can simply execute the CLI and read the result from its
stdout instead of having to interface with the SAFE Browser/Authenticator through the system URI protocol (which in turn requires human interaction, mouse clicks, etc.).
So we’re stoked to be sharing our recent early-stage work on an Authenticator CLI. Ultimately this should provide an alternative to the Authenticator that is currently integrated with the SAFE Browser, and to its communication protocol (system URI), allowing to perform the same set of operations but through a command line user interface, or via a web server.
At this stage, we are not providing a release binary, but just the instructions to build the tool from source code and a simple user guide. Please follow the steps we documented in the README file of the safe_authenticator_cli repository to build it and start using it.
Current known issues and limitations
As said above, this small project is in its nascency, and we are trying to get the community engaged in its progress at this early stage. Thus there are some known issues we still have to sort out, but they shouldn’t prevent you from starting to use this tool:
- It currently builds for Mock network only.
- SAFE account secret and password are prompted every time the CLI is executed. We are researching on an additional feature to support credentials store (similar to what’s possible with Git and SSH for example).
- There is no prompt to allow/deny each authorisation request, they are automatically allowed for now.
- It doesn’t support system URI protocol yet.
- The PoC authenticator web service can be executed using the
--daemonargument, although it still doesn’t run as a proper OS daemon/service but just as a standalone web server app.
- We are temporarily using a forked branch of the
safe_client_libscrates since some enhancements are required in the main SCL repo to properly support this tool. We already started internal discussions around this particular aspect.
While it should be borne in mind that this is not intended to be a feature complete CLI at this stage, we’re very much looking for ideas/direction/features and bugs. So all feedback, ideas, criticism, and any issues encountered can be directly reported here. From which we’ll be looking to plan a new milestone of work on the codebase.
However, please feel free to ask for help and/or clarifications in this same thread as well. We’ll be keeping an eye on it for giving support