nushell-plugins/nu_plugin_auth/examples/mfa_workflow.nu

#!/usr/bin/env nu

# MFA Workflow Example
# Demonstrates complete MFA enrollment and verification workflow

print "=== MFA Workflow Example ==="
print ""

# Step 1: Login (prerequisite)
print "Step 1: Login to get access token"
print "Command: auth login admin"
print ""

# In real usage:
# auth login admin
# Password: ********

print "✓ Access token stored in keyring"
print ""

# Step 2: Enroll in TOTP
print "Step 2: Enroll in TOTP"
print "Command: auth mfa enroll totp"
print ""

# In real usage:
# let enrollment = (auth mfa enroll totp)
#
# Example output:
# ████████████████████████████████
# ██ ▄▄▄▄▄ █▀▄█▀▄▀▄▀█ ▄▄▄▄▄ ██
# ██ █   █ ██▀▀▀▄▄▀█ █   █ ██
# ██ █▄▄▄█ ██▄▀▄▀ ██ █▄▄▄█ ██
# ██▄▄▄▄▄▄▄█ ▀ █ █ █▄▄▄▄▄▄▄██
# ████████████████████████████████
#
# Scan this QR code with your authenticator app
# Or enter this secret manually: JBSWY3DPEHPK3PXP

print "✓ QR code displayed (scan with Google Authenticator or Authy)"
print "✓ Secret: JBSWY3DPEHPK3PXP (for manual entry)"
print "✓ Backup codes saved"
print ""

# Step 3: Verify TOTP code
print "Step 3: Verify TOTP code from authenticator app"
print "Command: auth mfa verify --code 123456"
print ""

# In real usage:
# let verify = (auth mfa verify --code 123456)
#
# Example output:
# {
#     valid: true,
#     message: "MFA verified"
# }

print "✓ MFA code verified successfully"
print ""

print "=== Workflow Complete ==="
print ""
print "Next steps:"
print "  - MFA is now enabled for your account"
print "  - You'll need to provide TOTP code on sensitive operations"
print "  - Keep backup codes in a secure location"
print ""

# Advanced Usage Examples

print "=== Advanced Usage Examples ==="
print ""

print "1. Enroll for specific user:"
print "   auth mfa enroll totp --user alice"
print ""

print "2. Enroll with custom Control Center URL:"
print "   auth mfa enroll totp --url http://control-center.example.com:8081"
print ""

print "3. Verify with specific user:"
print "   auth mfa verify --code 123456 --user alice"
print ""

print "4. Enroll WebAuthn (YubiKey, Touch ID):"
print "   auth mfa enroll webauthn"
print ""

print "5. Error handling:"
print "   try {"
print "     auth mfa verify --code 123456"
print "   } catch {"
print "     print 'MFA verification failed, please try again'"
print "   }"
print ""

# Integration with other auth commands

print "=== Integration with Other Auth Commands ==="
print ""

print "Complete authentication workflow:"
print ""
print "# 1. Login and save token"
print "auth login admin --save"
print ""
print "# 2. Verify token is valid"
print "auth verify"
print ""
print "# 3. Enroll MFA"
print "auth mfa enroll totp"
print ""
print "# 4. Verify MFA code"
print "auth mfa verify --code 123456"
print ""
print "# 5. List active sessions"
print "auth sessions"
print ""
print "# 6. Logout"
print "auth logout"
print ""

# Troubleshooting

print "=== Troubleshooting ==="
print ""

print "Common issues:"
print ""
print "1. 'Not logged in' error:"
print "   Solution: Run 'auth login' first to get access token"
print ""
print "2. 'HTTP 401' error:"
print "   Solution: Token expired, run 'auth login' again"
print ""
print "3. 'Invalid code' message:"
print "   Solution: Ensure time is synchronized, TOTP codes expire every 30s"
print ""
print "4. QR code not displaying:"
print "   Solution: Use manual secret entry in authenticator app"
print ""
print "5. 'HTTP request failed':"
print "   Solution: Check Control Center is running and accessible"
print ""

print "=== End of Examples ==="
feat: Add ARGUMENTS documentation and interactive update mode - Add `show-arguments` recipe documenting all version update commands - Add `complete-update-interactive` recipe for manual confirmations - Maintain `complete-update` as automatic mode (no prompts) - Update `update-help` to reference new recipes and modes - Document 7-step workflow and step-by-step differences Changes: - complete-update: Automatic mode (recommended for CI/CD) - complete-update-interactive: Interactive mode (with confirmations) - show-arguments: Complete documentation of all commands and modes - Both modes share same 7-step workflow with different behavior in Step 4 2025-10-19 00:05:16 +01:00			`#!/usr/bin/env nu`

			`# MFA Workflow Example`
			`# Demonstrates complete MFA enrollment and verification workflow`

			`print "=== MFA Workflow Example ==="`
			`print ""`

			`# Step 1: Login (prerequisite)`
			`print "Step 1: Login to get access token"`
			`print "Command: auth login admin"`
			`print ""`

			`# In real usage:`
			`# auth login admin`
			`# Password: ********`

			`print "✓ Access token stored in keyring"`
			`print ""`

			`# Step 2: Enroll in TOTP`
			`print "Step 2: Enroll in TOTP"`
			`print "Command: auth mfa enroll totp"`
			`print ""`

			`# In real usage:`
			`# let enrollment = (auth mfa enroll totp)`
			`#`
			`# Example output:`
			`# ████████████████████████████████`
			`# ██ ▄▄▄▄▄ █▀▄█▀▄▀▄▀█ ▄▄▄▄▄ ██`
			`# ██ █ █ ██▀▀▀▄▄▀█ █ █ ██`
			`# ██ █▄▄▄█ ██▄▀▄▀ ██ █▄▄▄█ ██`
			`# ██▄▄▄▄▄▄▄█ ▀ █ █ █▄▄▄▄▄▄▄██`
			`# ████████████████████████████████`
			`#`
			`# Scan this QR code with your authenticator app`
			`# Or enter this secret manually: JBSWY3DPEHPK3PXP`

			`print "✓ QR code displayed (scan with Google Authenticator or Authy)"`
			`print "✓ Secret: JBSWY3DPEHPK3PXP (for manual entry)"`
			`print "✓ Backup codes saved"`
			`print ""`

			`# Step 3: Verify TOTP code`
			`print "Step 3: Verify TOTP code from authenticator app"`
			`print "Command: auth mfa verify --code 123456"`
			`print ""`

			`# In real usage:`
			`# let verify = (auth mfa verify --code 123456)`
			`#`
			`# Example output:`
			`# {`
			`# valid: true,`
			`# message: "MFA verified"`
			`# }`

			`print "✓ MFA code verified successfully"`
			`print ""`

			`print "=== Workflow Complete ==="`
			`print ""`
			`print "Next steps:"`
			`print " - MFA is now enabled for your account"`
			`print " - You'll need to provide TOTP code on sensitive operations"`
			`print " - Keep backup codes in a secure location"`
			`print ""`

			`# Advanced Usage Examples`

			`print "=== Advanced Usage Examples ==="`
			`print ""`

			`print "1. Enroll for specific user:"`
			`print " auth mfa enroll totp --user alice"`
			`print ""`

			`print "2. Enroll with custom Control Center URL:"`
			`print " auth mfa enroll totp --url http://control-center.example.com:8081"`
			`print ""`

			`print "3. Verify with specific user:"`
			`print " auth mfa verify --code 123456 --user alice"`
			`print ""`

			`print "4. Enroll WebAuthn (YubiKey, Touch ID):"`
			`print " auth mfa enroll webauthn"`
			`print ""`

			`print "5. Error handling:"`
			`print " try {"`
			`print " auth mfa verify --code 123456"`
			`print " } catch {"`
			`print " print 'MFA verification failed, please try again'"`
			`print " }"`
			`print ""`

			`# Integration with other auth commands`

			`print "=== Integration with Other Auth Commands ==="`
			`print ""`

			`print "Complete authentication workflow:"`
			`print ""`
			`print "# 1. Login and save token"`
			`print "auth login admin --save"`
			`print ""`
			`print "# 2. Verify token is valid"`
			`print "auth verify"`
			`print ""`
			`print "# 3. Enroll MFA"`
			`print "auth mfa enroll totp"`
			`print ""`
			`print "# 4. Verify MFA code"`
			`print "auth mfa verify --code 123456"`
			`print ""`
			`print "# 5. List active sessions"`
			`print "auth sessions"`
			`print ""`
			`print "# 6. Logout"`
			`print "auth logout"`
			`print ""`

			`# Troubleshooting`

			`print "=== Troubleshooting ==="`
			`print ""`

			`print "Common issues:"`
			`print ""`
			`print "1. 'Not logged in' error:"`
			`print " Solution: Run 'auth login' first to get access token"`
			`print ""`
			`print "2. 'HTTP 401' error:"`
			`print " Solution: Token expired, run 'auth login' again"`
			`print ""`
			`print "3. 'Invalid code' message:"`
			`print " Solution: Ensure time is synchronized, TOTP codes expire every 30s"`
			`print ""`
			`print "4. QR code not displaying:"`
			`print " Solution: Use manual secret entry in authenticator app"`
			`print ""`
			`print "5. 'HTTP request failed':"`
			`print " Solution: Check Control Center is running and accessible"`
			`print ""`

			`print "=== End of Examples ==="`