Back to Details

auth

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

AEM Config Service Authentication

AEM Config Service身份验证

This skill handles browser-based authentication for AEM Edge Delivery Services Config Service API using Playwright CLI. It opens a browser window for Adobe ID login and captures the auth token when the browser is closed.
此技能使用Playwright CLI处理AEM Edge Delivery Services Config Service API的基于浏览器的身份验证。它会打开浏览器窗口用于Adobe ID登录,并在浏览器关闭时捕获身份验证令牌。

When to Use This Skill

何时使用此技能

  • Before generating admin/authoring/development guides that need API data
  • When Config Service API returns 401 Unauthorized
  • User says "login", "authenticate", "get auth token"
  • Orchestrated by handover/admin/authoring/development skills
  • 在生成需要API数据的管理员/创作/开发指南之前
  • 当Config Service API返回401未授权时
  • 用户提及"登录"、"身份验证"、"获取身份令牌"时
  • 由移交/管理员/创作/开发技能编排调用

Prerequisites

前提条件

  • Organization name must be known (from 
    .claude-plugin/project-config.json
    or user input)
  • Node.js and npm installed
  • 必须知晓组织名称(来自
    .claude-plugin/project-config.json
    或用户输入)
  • 已安装Node.js和npm

Authentication Flow

身份验证流程

Step 1: Get Organization and Site Names

步骤1:获取组织和站点名称

bash
undefined
bash
undefined

Read saved org name

Read saved org name

ORG=$(cat .claude-plugin/project-config.json 2>/dev/null | grep -o '"org"[[:space:]]:[[:space:]]"[^"]"' | sed 's/"org"[[:space:]]:[[:space:]]*"//' | sed 's/"$//')

If org is not saved, prompt user:
> "What is your Config Service organization name? (the `{org}` in `https://main--site--{org}.aem.page`)"

Save the org name:
```bash
mkdir -p .claude-plugin
ORG=$(cat .claude-plugin/project-config.json 2>/dev/null | grep -o '"org"[[:space:]]:[[:space:]]"[^"]"' | sed 's/"org"[[:space:]]:[[:space:]]*"//' | sed 's/"$//')

如果未保存组织名称,则提示用户:
> "您的Config Service组织名称是什么?(即`https://main--site--{org}.aem.page`中的`{org}`)"

保存组织名称:
```bash
mkdir -p .claude-plugin

Ensure .claude-plugin is in .gitignore (contains auth tokens)

Ensure .claude-plugin is in .gitignore (contains auth tokens)

grep -qxF '.claude-plugin/' .gitignore 2>/dev/null || echo '.claude-plugin/' >> .gitignore echo "{"org": "${ORG}"}" > .claude-plugin/project-config.json

Then fetch the first site name from Config Service (unauthenticated endpoint):

```bash
SITE=$(curl -s "https://admin.hlx.page/config/${ORG}/sites.json" | grep -o '"name"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"name"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')
grep -qxF '.claude-plugin/' .gitignore 2>/dev/null || echo '.claude-plugin/' >> .gitignore echo "{"org": "${ORG}"}" > .claude-plugin/project-config.json

然后从Config Service(未认证端点)获取第一个站点名称:

```bash
SITE=$(curl -s "https://admin.hlx.page/config/${ORG}/sites.json" | grep -o '"name"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"name"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

Step 2: Install Playwright (if needed)

步骤2:安装Playwright(如有需要)

bash
npx playwright --version 2>/dev/null || npm install -g playwright
npx playwright install chromium 2>/dev/null || true
bash
npx playwright --version 2>/dev/null || npm install -g playwright
npx playwright install chromium 2>/dev/null || true

Step 3: Display Clear Instructions and Open Browser

步骤3:显示清晰说明并打开浏览器

IMPORTANT: Print highly visible instructions BEFORE opening the browser:
bash
echo ""
echo "╔════════════════════════════════════════════════════════════════╗"
echo "║                                                                ║"
echo "║   BROWSER WINDOW OPENING FOR ADOBE ID LOGIN                    ║"
echo "║                                                                ║"
echo "║   1. Sign in with your Adobe ID credentials                   ║"
echo "║   2. After successful login, CLOSE THE BROWSER WINDOW         ║"
echo "║                                                                ║"
echo "║   >>> CLOSE THE BROWSER TO CONTINUE <<<                       ║"
echo "║                                                                ║"
echo "╚════════════════════════════════════════════════════════════════╝"
echo ""
Then open the browser with storage save:
bash
mkdir -p .claude-plugin
npx playwright open --save-storage=.claude-plugin/auth-storage.json "https://admin.hlx.page/login/${ORG}/${SITE}/main"
Note: This command blocks until the browser is closed. The auth token is saved to 
auth-storage.json
when the browser closes.
重要提示:在打开浏览器前,先显示高可见度的说明:
bash
echo ""
echo "╔════════════════════════════════════════════════════════════════╗"
echo "║                                                                ║"
echo "║   BROWSER WINDOW OPENING FOR ADOBE ID LOGIN                    ║"
echo "║                                                                ║"
echo "║   1. Sign in with your Adobe ID credentials                   ║"
echo "║   2. After successful login, CLOSE THE BROWSER WINDOW         ║"
echo "║                                                                ║"
echo "║   >>> CLOSE THE BROWSER TO CONTINUE <<<                       ║"
echo "║                                                                ║"
echo "╚════════════════════════════════════════════════════════════════╝"
echo ""
然后打开浏览器并保存存储:
bash
mkdir -p .claude-plugin
npx playwright open --save-storage=.claude-plugin/auth-storage.json "https://admin.hlx.page/login/${ORG}/${SITE}/main"
注意: 此命令会阻塞直到浏览器关闭。当浏览器关闭时,身份令牌会保存到
auth-storage.json
中。

Step 4: Extract Auth Token from Storage

步骤4:从存储中提取身份令牌

After browser is closed, extract the token:
bash
echo ""
echo "Browser closed. Extracting auth token..."

AUTH_TOKEN=$(node -e "
const fs = require('fs');
try {
  const data = JSON.parse(fs.readFileSync('.claude-plugin/auth-storage.json', 'utf8'));
  const cookie = data.cookies.find(c => c.name === 'auth_token');
  if (cookie) {
    console.log(cookie.value);
  } else {
    console.error('ERROR: auth_token cookie not found. Login may have failed.');
    process.exit(1);
  }
} catch (e) {
  console.error('ERROR: Could not read auth storage file.');
  process.exit(1);
}
")
浏览器关闭后,提取令牌:
bash
echo ""
echo "Browser closed. Extracting auth token..."

AUTH_TOKEN=$(node -e "
const fs = require('fs');
try {
  const data = JSON.parse(fs.readFileSync('.claude-plugin/auth-storage.json', 'utf8'));
  const cookie = data.cookies.find(c => c.name === 'auth_token');
  if (cookie) {
    console.log(cookie.value);
  } else {
    console.error('ERROR: auth_token cookie not found. Login may have failed.');
    process.exit(1);
  }
} catch (e) {
  console.error('ERROR: Could not read auth storage file.');
  process.exit(1);
}
")

Step 5: Save Auth Token to Project Config

步骤5:将身份令牌保存到项目配置中

bash
ORG=$(cat .claude-plugin/project-config.json | grep -o '"org"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"org"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

echo "{\"org\": \"${ORG}\", \"authToken\": \"${AUTH_TOKEN}\"}" > .claude-plugin/project-config.json
bash
ORG=$(cat .claude-plugin/project-config.json | grep -o '"org"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"org"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

echo "{\"org\": \"${ORG}\", \"authToken\": \"${AUTH_TOKEN}\"}" > .claude-plugin/project-config.json

Clean up storage file (contains sensitive session data)

Clean up storage file (contains sensitive session data)

rm -f .claude-plugin/auth-storage.json
echo "Auth token saved successfully."
undefined
rm -f .claude-plugin/auth-storage.json
echo "Auth token saved successfully."
undefined

Step 6: Verify Token Works

步骤6:验证令牌是否有效

bash
AUTH_TOKEN=$(cat .claude-plugin/project-config.json | grep -o '"authToken"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"authToken"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')
ORG=$(cat .claude-plugin/project-config.json | grep -o '"org"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"org"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

HTTP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -H "x-auth-token: ${AUTH_TOKEN}" \
  "https://admin.hlx.page/config/${ORG}/sites.json")

if [ "$HTTP_CODE" = "200" ]; then
  echo ""
  echo "╔════════════════════════════════════════════════════════════════╗"
  echo "║  ✓ AUTHENTICATION SUCCESSFUL                                   ║"
  echo "╚════════════════════════════════════════════════════════════════╝"
  echo ""
else
  echo ""
  echo "╔════════════════════════════════════════════════════════════════╗"
  echo "║  ✗ AUTHENTICATION FAILED (HTTP $HTTP_CODE)                        ║"
  echo "║    Please try again                                            ║"
  echo "╚════════════════════════════════════════════════════════════════╝"
  echo ""
fi
bash
AUTH_TOKEN=$(cat .claude-plugin/project-config.json | grep -o '"authToken"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"authToken"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')
ORG=$(cat .claude-plugin/project-config.json | grep -o '"org"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"org"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

HTTP_CODE=$(curl -s -w "%{http_code}" -o /dev/null -H "x-auth-token: ${AUTH_TOKEN}" \
  "https://admin.hlx.page/config/${ORG}/sites.json")

if [ "$HTTP_CODE" = "200" ]; then
  echo ""
  echo "╔════════════════════════════════════════════════════════════════╗"
  echo "║  ✓ AUTHENTICATION SUCCESSFUL                                   ║"
  echo "╚════════════════════════════════════════════════════════════════╝"
  echo ""
else
  echo ""
  echo "╔════════════════════════════════════════════════════════════════╗"
  echo "║  ✗ AUTHENTICATION FAILED (HTTP $HTTP_CODE)                        ║"
  echo "║    Please try again                                            ║"
  echo "╚════════════════════════════════════════════════════════════════╝"
  echo ""
fi

Token Storage

令牌存储

Auth tokens are stored in 
.claude-plugin/project-config.json
:
json
{
  "org": "myorg",
  "authToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Security Note: Add 
.claude-plugin/
to 
.gitignore
.
身份令牌存储在
.claude-plugin/project-config.json
中:
json
{
  "org": "myorg",
  "authToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}
安全注意事项:
.claude-plugin/
添加到
.gitignore
中。

Using the Token in Other Skills

在其他技能中使用令牌

bash
AUTH_TOKEN=$(cat .claude-plugin/project-config.json 2>/dev/null | grep -o '"authToken"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"authToken"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

curl -H "x-auth-token: ${AUTH_TOKEN}" \
  "https://admin.hlx.page/config/${ORG}/sites/{site}/access.json"
bash
AUTH_TOKEN=$(cat .claude-plugin/project-config.json 2>/dev/null | grep -o '"authToken"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"authToken"[[:space:]]*:[[:space:]]*"//' | sed 's/"$//')

curl -H "x-auth-token: ${AUTH_TOKEN}" \
  "https://admin.hlx.page/config/${ORG}/sites/{site}/access.json"

Troubleshooting

故障排除

IssueSolution
npx playwright
not found		Run 
npm install -g playwright
Browser doesn't openRun 
npx playwright install chromium
Token not found after loginEnsure login completed before closing browser
Login page not loadingVerify org/site names are correct
API returns 401Token expired, re-authenticate
问题解决方案
npx playwright
未找到		运行
npm install -g playwright
浏览器无法打开运行
npx playwright install chromium
登录后未找到令牌确保完成登录后再关闭浏览器
登录页面无法加载验证组织/站点名称是否正确
API返回401令牌已过期,请重新进行身份验证

Integration with Other Skills

与其他技能的集成

Called by: 
admin
, 
authoring
, 
development
, 
handover
Invocation:
Skill({ skill: "project-management:auth" })
调用者:
admin
authoring
development
handover
调用方式:
Skill({ skill: "project-management:auth" })