From 62138419a22c863c8ef243c8198ae2eab9d693d8 Mon Sep 17 00:00:00 2001
From: Jesse Morgan <jesse@jesterpm.net>
Date: Tue, 23 Dec 2025 12:40:42 -0800
Subject: Add explicit setup command for profile configuration

---
 src/bin/sso/main.rs | 64 +++++++++++++++++++++++++++++++++++++----------------
 1 file changed, 45 insertions(+), 19 deletions(-)

(limited to 'src')

diff --git a/src/bin/sso/main.rs b/src/bin/sso/main.rs
index 2e22198..7d4150f 100644
--- a/src/bin/sso/main.rs
+++ b/src/bin/sso/main.rs
@@ -2,13 +2,15 @@
 //!
 //! Usage: sso [OPTIONS] [COMMAND] [ARGS]
 //!
-//! Options:
+//! Commands:
+//!   login - default: get or renew an access token
+//!   curl  - Send a curl request with an authorization header
+//!   setup - Configure a profile.
+//!
+//! Setup options:
 //!   --scope <SCOPE>          Request an additional scope
 //!   --endpoint <URL>         The jesterpm-sso endpoint
 //!
-//! Commands:
-//!   login - default: get or renew an access token
-//!   curl  - pass the
 
 use chrono::{DateTime, Duration, Utc};
 use clap::{Parser, Subcommand};
@@ -35,14 +37,6 @@ struct Args {
     #[clap(short = 'P', long, default_value = "default")]
     profile: String,
 
-    /// Request an additional scope
-    #[clap(short, long)]
-    scope: Vec<String>,
-
-    /// The jesterpm-sso endpoint
-    #[clap(long)]
-    endpoint: Option<Url>,
-
     /// Turn debugging information on
     #[clap(short, long, parse(from_occurrences))]
     verbose: usize,
@@ -63,6 +57,19 @@ enum Commands {
     Curl { args: Vec<String> },
     /// Print the current bearer token.
     Token,
+    /// Configure a profile
+    Setup(SetupOptions),
+}
+
+#[derive(Parser, PartialEq)]
+struct SetupOptions {
+    /// Request an additional scope
+    #[clap(short, long)]
+    scope: Vec<String>,
+
+    /// The jesterpm-sso endpoint
+    #[clap(long)]
+    endpoint: Option<Url>,
 }
 
 #[derive(Serialize, Deserialize, Clone)]
@@ -287,14 +294,31 @@ fn main() -> Result<(), Box<dyn Error>> {
     let profile_name = args.profile.as_str();
     let mut profile = load_profile(config_dir.as_path(), profile_name)?;
 
-    // Add any new scopes to the profile.
-    for scope in args.scope {
-        profile.add_scope(scope);
-    }
+    // The setup command must run before any interactions with the SSO server.
+    if let Commands::Setup(cfg) = command {
+        // Add any new scopes to the profile.
+        for scope in cfg.scope {
+            profile.add_scope(scope);
+        }
 
-    // Set the endpoint
-    if let Some(endpoint) = args.endpoint {
-        profile.set_endpoint(endpoint.to_string());
+        // Set the endpoint
+        if let Some(endpoint) = cfg.endpoint {
+            profile.set_endpoint(endpoint.to_string());
+        }
+
+        // Print out the current configuration.
+        println!("Profile {}", profile_name);
+        println!("\tEndpoint: {}", profile.endpoint);
+        println!("\tScopes: {}", profile.scopes
+                 .iter()
+                 .map(String::as_str)
+                 .collect::<Vec<_>>()
+                 .join(" "));
+
+        if profile.modified() {
+            save_profile(config_dir.as_path(), profile_name, &profile)?;
+        }
+        return Ok(());
     }
 
     // Determine if we need a new token
@@ -332,5 +356,7 @@ fn main() -> Result<(), Box<dyn Error>> {
             );
             Ok(())
         }
+        // This is handled above.
+        Commands::Setup(_) => unreachable!(),
     }
 }
-- 
cgit v1.2.3