Skip to contents

Changelog

spdgt.auth 1.1.0.14

  • Added telemetry realm configuration. auth_login(realm = "telemetry") now authenticates directly against telemetry-api via OAuth, instead of copying a count-api token that would fail on telemetry-api. Auth dispatch is NULL-safe for realms without OIDC or API key env vars.

  • refresh_auth() now handles auth_type = "api_key" with a clear error message (“API key was rejected by the server”) instead of the misleading “Unknown authentication type for refresh”.

  • auth_url() is deprecated. Use add_api() to register API endpoints with their correct URLs instead.

  • Removed legacy counts-hardcoded methods from APIAuthState (set_api_token(), get_api_token(), forward_token(), set_expiration(), get_expiration(), get_refresh_token(), set_refresh_token(), get_auth_type(), set_auth_type(), set_is_auth(), and backward-compatible URL getters). Use the realm-aware equivalents (get_realm_token(), set_realm_token(), etc.) instead.

  • set_api_key() is deprecated. Set the SPDGT_API_KEY environment variable in .Renviron instead. The keyring package is no longer a dependency.

spdgt.auth 1.1.0.13

  • auth_login() now checks for API key credentials (environment variable and system keyring) before falling back to OAuth in interactive sessions. Previously, interactive sessions always used OAuth regardless of whether an API key was configured.

spdgt.auth 1.1.0.12

  • api_post(), api_post_multi(), and api_post_df() now abort when add_project_id = TRUE but no project is assigned to the authenticated user, instead of silently injecting NULL into the request body. All three auth flows (authenticate_api_key, authenticate_oidc, authenticate_oauth) now warn at login when the server returns no project assignment.

  • auth_login() now errors with an informative message when no authentication method is available in a non-interactive session, instead of silently returning NULL.

  • auth_logout() and auth_me() now validate the realm argument and error early for unknown realms.

  • parse_json2tibble() now errors when the requested data element is missing from the response, instead of silently returning NULL.

  • parse_json2tibble(null_action=) is deprecated. The parameter was a no-op; tibble columns are never NULL.

  • parse_url() now validates that the export response contains all required fields before accessing them.

  • type_convert() now warns when the API response has no schema and validate = TRUE was requested, returning data un-validated instead of silently skipping.

  • type_fun() now falls back to identity with a warning for unrecognized schema types (e.g., “date”, “datetime”, “decimal”) instead of crashing.

  • auth_url() now warns when called with a non-counts realm, as URL overrides are currently only supported for the counts realm.

  • format_timestamp() now accepts POSIXlt values in addition to POSIXct and character.

  • Fixed OIDC token refresh to correctly send the request body as JSON and to update the correct realm-specific environment variable instead of always writing to the counts realm’s env var.

  • Fixed OAuth authentication to abort with a clear error when the /me verification call fails, instead of silently returning with no credentials set.

  • Removed unused internal helper null2na().

  • api_body_multi() now errors when passed a zero-row tibble instead of sending an empty request.

  • api_patch() now validates the body argument: NULL is rejected with a clear error, and list bodies are accepted in addition to data frames.

  • api_patch_multi() now merges the id vector into the request body for batch PATCH requests, matching the server’s expected format for /multiple endpoints.

  • api_perform() now treats HTTP 202 and 204 as success, fixing api_delete() which was erroring on standard 204 No Content responses.

  • api_post(), api_post_multi(), and api_post_df() now abort when add_user_id = TRUE but no user is authenticated, instead of silently injecting NULL.

  • spdgt_select() now requires a tibble (tbl_df) input; plain data frames and other objects are returned unchanged.

  • Moved lifecycle and R6 to Imports and added %||% to importFrom(rlang) to fix undeclared dependency issues.

spdgt.auth 1.1.0.11

  • api_filters() and api_parameters() now silently drop NULL entries from their input lists via compact_list(), so callers can pass list(a = val, b = NULL) without NULL values leaking into query parameters.

  • New exported utility functions consolidate helpers previously duplicated across domain packages: check_enum(), check_required_cols(), compact_list(), format_timestamp(), and parse_multi2tibble().

  • Multi-realm token authentication allows independent per-realm token storage for APIs that have separate databases and token stores. A realm is a named group of APIs sharing one token authority (e.g., "counts", "telemetry"). All existing behavior defaults to the "counts" realm for full backward compatibility.

  • add_api() gains a realm parameter. When realm = NULL (default), a new realm is created using the API name. When a realm name is provided, the API joins that existing realm and shares its token (e.g., add_api("sightability", url, realm = "counts")).

  • api_init() now tags each request with spdgt_api_name so that api_perform() can automatically resolve the correct realm and use the appropriate token.

  • api_perform() now performs per-realm token resolution. It checks the request for a realm tag, falls back to the API name mapping, and defaults to "counts". Token refresh is also per-realm.

  • api_perform() now aborts with a structured error on any non-2xx final response, including the HTTP status code, the server’s error message, and field-level validation errors. Previously, some error statuses (e.g., 401 with a valid token, 403) were silently returned to the caller, and validation errors from the $errors field were lost.

  • auth_check() gains a realm parameter to validate tokens against the correct realm’s /api/me endpoint.

  • auth_forward_token() gains a realm parameter to forward tokens to a specific realm rather than always using the global state.

  • auth_login() gains a realm parameter. Each realm uses its own OAuth client credentials, API key environment variable, and OIDC token, configured in an internal registry.

  • auth_logout() gains a realm parameter. When NULL (default), all realms are logged out. When a specific realm is provided, only that realm is cleared.

  • auth_me() gains a realm parameter to query a specific realm’s /api/me endpoint.

  • set_api_key() gains a realm parameter to store API keys per-realm in the system keyring (e.g., set_api_key(key, realm = "telemetry")). Keys previously stored under "spdgt" are still found by the legacy fallback.

  • swagger_login() gains a realm parameter to authenticate against a specific realm’s login endpoint.

  • Switched from magrittr pipe (%>%) to the native pipe operator (|>) throughout the package. The %>% re-export has been removed. Downstream packages that imported %>% from spdgt.auth should import it from magrittr directly or switch to |>.