Added globus auth scope show command

[derek-globus]

Added

• New command globus auth scope show SCOPE_ID_OR_STRING
  • Note: globus auth is a hidden command tree; Stephen and I discussed keeping it that way until we have 5+ commands registered under there.
• New FieldFormatters:
  • ArrayMultilineFormatter(ArrayFormatter) - Supports multiline formatted elements, adding a yaml-style - element start indicator to the beginning of each new one.
  • RecordFormatter - Prints an object using the RecordPrinter into a buffered string.
• New util,LazyDict - A dict with "key loaders" which will load values for specific keys when accessed the first time, caching the result.
• New termio module: terminal_info with a global singleton TERM_INFO to centrally track and mutate content width.

Changed

• Empty arrays render as [] instead of nothing.

Draft

• This PR is in draft until:
  1. I have a chance to put the command in front of the auth team.
  2. I figure out how to figure out reserved_width in RecordFormatter; it's a pretty minute thing but is hardcoded right now.

Auth team has signed off in slack & I figured it out!

Usage

By Scope ID

Standard Output (dependent scope strings get loaded in a secondary batched call)

> globus auth scope show 24f3dcbe-7655-4721-bc64-d1c5d635b9a1
Scope String:          https://auth.globus.org/scopes/actions.globus.org/hello_world
Scope ID:              24f3dcbe-7655-4721-bc64-d1c5d635b9a1
Name:                  Hello World Action
Description:           Allow the Hello World action to extend greetings.
Client ID:             5fac2e64-c734-4e6b-90ea-ff12ddbf9653
Allows Refresh Tokens: True
Required Domains:      
Advertised:            True
Dependent Scopes:      
  - Scope String:           urn:globus:auth:scope:nexus.api.globus.org:groups
    Scope ID:               69a73d8f-cd45-4e37-bb3b-43678424aeb7
    Optional:               False
    Requires Refresh Token: False
  - Scope String:           urn:globus:auth:scope:groups.api.globus.org:view_my_groups_and_memberships
    Scope ID:               73320ffe-4cb4-4b25-a0a3-83d53d59ce4f
    Optional:               False
    Requires Refresh Token: False

JSON Output (no secondary dependent scope resolution call happens)

> globus auth scope show 24f3dcbe-7655-4721-bc64-d1c5d635b9a1 -F json                
{
  "scope": {
    "advertised": true,
    "allows_refresh_token": true,
    "client": "5fac2e64-c734-4e6b-90ea-ff12ddbf9653",
    "dependent_scopes": [
      {
        "optional": false,
        "requires_refresh_token": false,
        "scope": "69a73d8f-cd45-4e37-bb3b-43678424aeb7"
      },
      {
        "optional": false,
        "requires_refresh_token": false,
        "scope": "73320ffe-4cb4-4b25-a0a3-83d53d59ce4f"
      }
    ],
    "description": "Allow the Hello World action to extend greetings.",
    "id": "24f3dcbe-7655-4721-bc64-d1c5d635b9a1",
    "name": "Hello World Action",
    "required_domains": [],
    "scope_string": "https://auth.globus.org/scopes/actions.globus.org/hello_world"
  }
}

By Scope String

Similarly when accessing by scope string

> globus auth scope show https://auth.globus.org/scopes/actions.globus.org/hello_world
Scope String:          https://auth.globus.org/scopes/actions.globus.org/hello_world
Scope ID:              24f3dcbe-7655-4721-bc64-d1c5d635b9a1
Name:                  Hello World Action
Description:           Allow the Hello World action to extend greetings.
Client ID:             5fac2e64-c734-4e6b-90ea-ff12ddbf9653
Allows Refresh Tokens: True
Required Domains:      
Advertised:            True
Dependent Scopes:      
  - Scope String:           urn:globus:auth:scope:nexus.api.globus.org:groups
    Scope ID:               69a73d8f-cd45-4e37-bb3b-43678424aeb7
    Optional:               False
    Requires Refresh Token: False
  - Scope String:           urn:globus:auth:scope:groups.api.globus.org:view_my_groups_and_memberships
    Scope ID:               73320ffe-4cb4-4b25-a0a3-83d53d59ce4f
    Optional:               False
    Requires Refresh Token: False

JSON by scope string uses a the get-scopes route so response is a list of one element

> globus auth scope show https://auth.globus.org/scopes/actions.globus.org/hello_world -F json
{
  "scopes": [
    {
      "advertised": true,
      "allows_refresh_token": true,
      "client": "5fac2e64-c734-4e6b-90ea-ff12ddbf9653",
      "dependent_scopes": [
        {
          "optional": false,
          "requires_refresh_token": false,
          "scope": "69a73d8f-cd45-4e37-bb3b-43678424aeb7"
        },
        {
          "optional": false,
          "requires_refresh_token": false,
          "scope": "73320ffe-4cb4-4b25-a0a3-83d53d59ce4f"
        }
      ],
      "description": "Allow the Hello World action to extend greetings.",
      "id": "24f3dcbe-7655-4721-bc64-d1c5d635b9a1",
      "name": "Hello World Action",
      "required_domains": [],
      "scope_string": "https://auth.globus.org/scopes/actions.globus.org/hello_world"
    }
  ]
}

[kurtmckee]

globus auth is a hidden command tree; Stephen and I discussed keeping it that way until we have 5+ commands registered under there

Why?

[sirosen]

globus auth is a hidden command tree; Stephen and I discussed keeping it that way until we have 5+ commands registered under there

Why?

Because the launch of a globus auth command tree should potentially include aliasing/renaming and deprecation of existing commands like globus get-identities. We agreed on hidden commands as an easy way for us to continue to discuss exactly what should happen to the CLI when we add globus auth commands without blocking work, and that once there are a handful of commands implemented, the downside of holding back a release outweighs the potential upsides of making more adjustments for the initial release of these commands.

We can reopen this debate, but let's not do it in this PR thread.

[derek-globus]

Auth has confirmed their comfort with (1) this command structure proposal and (2) the decisions made in this PR that diverge our display slightly from their raw api.

So this guy is open for business!

[sirosen]

I only have a couple of minor comments I'd like us to evaluate before approval. I did a reread of the parts I had already reviewed and feel pretty good about the state of this.

[sirosen]

May I suggest that we name this to align with indented() as the indent? Also requires that we invert some of the arithmetic around it.

Suggested change

	self._column_delta = 0
	self._current_indent = 0

I suggest this after a moment of confusion reading the +=, -=, etc during review.

[sirosen]

I notice that we have pytest params matched to the data here. I think it's fine but if you wanted to break the dependency up a bit, you can

@pytest.mark.parametrize("lookup_method", ("id", "scope_string"))
def test_...:
    rset = load_response_set("cli.scopes")
    if lookup_method == "id":
        scope_arg = rset.metadata["hello_world_id"]
    elif lookup_method == "scope_string":
        scope_arg = rset.metadata["hello_world_string"]
    else:
        raise NotImplementedError(lookup_method)

It's totally optional, but if you'd like to do so, there's a path to doing this and potentially something similar to the expected output formulation.

[kurtmckee]

It doesn't look like a conditional is required.

@pytest.mark.parametrize(
    "metadata_key",
    (
        pytest.param("hello_world_id", id="lookup by scope id"),
        pytest.param("hello_world_string", id="lookup by scope string"),
    )
)
def test_...:
    rset = load_response_set("cli.scopes")
    scope_arg = rset.metadata[metadata_key]

[kurtmckee]

Since None isn't the default, I'm surprised that it appears in the type annotation. Is this an artifact of a previous rev?

[kurtmckee]

It looks like this condition exists in two places.

First it appears here, which appears to break the past behavior (render([]) return "" before but now returns "[]").

But then it's recreated in the subclass, which explicitly checks to see if the list is empty and then calls this function to rely on its behavior.

It seems like the subclass could take the responsibility to return "[]", rather than changing the behavior here. Is that accurate? Or am I overlooking some additional context?

[kurtmckee]

I haven't seen UserDict since the Python 2 days, when it was impossible to subclass the built-in dict. I didn't realize it was still around!

[sirosen]

Probably the comment reflects some of my influence via code I've left around. 😁
We have it in the SDK as well, as the base for the payload classes!

I think UserDict has some differences vs subclassing dict regarding the consistency of various mutators. It's all very niche stuff and I don't think there's much call for UserDict these days (and less for UserList and less than that for UserString!).

I also think it's incidentally nice that self.data is available on UserDict, since it means you can implement __getitem__ in terms of self.data.__getitem__ and have a clearer flow of control. So there is at least some rationale for still liking it!

But, of course, I'm not particularly attached to one implementation vs another for this sort of thing. 🙂

[kurtmckee]

It doesn't look like a conditional is required.

@pytest.mark.parametrize(
    "metadata_key",
    (
        pytest.param("hello_world_id", id="lookup by scope id"),
        pytest.param("hello_world_string", id="lookup by scope string"),
    )
)
def test_...:
    rset = load_response_set("cli.scopes")
    scope_arg = rset.metadata[metadata_key]