feat: adds create support for users #142
Draft
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm torn between a few different approaches to solve this problem.
My primary goal is to eliminate the consumer's need to understand which authentication implementation their Connect server is using.
Option 1
A simple way to do this (the current implementation) is to key off the provided parameters. If the consumer provides a "prefix", we assume the "remote" flow. Otherwise, do the normal POST flow.
Option 2
However, I think the better option is to abstract this further and define an interface that provides a better user experience. One that does not require the consumer to know all of our implementation's quirks.
e.g.,
We can utilize the @overload capabilities to guide users towards the correct set of parameters. For example, if the
password
isn't supplied, then we should setuser_must_set_password=True
duringPOST /v1/users
.e.g.,
Option 3
Another option is to force the user to know their Connect instances auth implementation and have them specify the type. Then, we can key the auth flow and client side assertions based on the provided auth type.
e.g.,