authentication-patterns
npx machina-cli add skill athola/claude-night-market/authentication-patterns --openclawTable of Contents
- Overview
- When to Use
- Authentication Methods
- Quick Start
- Verify Authentication
- Smoke Test
- Standard Flow
- Step 1: Check Environment
- Step 2: Verify with Service
- Step 3: Handle Failures
- Integration Pattern
- Detailed Resources
- Exit Criteria
Authentication Patterns
Overview
Common authentication patterns for integrating with external services. Provides consistent approaches to credential management, verification, and error handling.
When To Use
- Integrating with external APIs
- Need credential verification
- Managing multiple auth methods
- Handling auth failures gracefully
When NOT To Use
- Project doesn't use the leyline infrastructure patterns
- Simple scripts without service architecture needs
Authentication Methods
| Method | Best For | Environment Variable |
|---|---|---|
| API Key | Simple integrations | {SERVICE}_API_KEY |
| OAuth | User-authenticated | Browser-based flow |
| Token | Session-based | {SERVICE}_TOKEN |
| None | Public APIs | N/A |
Quick Start
Verify Authentication
from leyline.auth import verify_auth, AuthMethod
# API Key verification
status = verify_auth(
service="gemini",
method=AuthMethod.API_KEY,
env_var="GEMINI_API_KEY"
)
if not status.authenticated:
print(f"Auth failed: {status.message}")
print(f"Action: {status.suggested_action}")
Verification: Run the command with --help flag to verify availability.
Smoke Test
def verify_with_smoke_test(service: str) -> bool:
"""Verify auth with simple request."""
result = execute_simple_request(service, "ping")
return result.success
Verification: Run pytest -v to verify tests pass.
Standard Flow
Step 1: Check Environment
def check_credentials(service: str, env_var: str) -> bool:
value = os.getenv(env_var)
if not value:
print(f"Missing {env_var}")
return False
return True
Verification: Run the command with --help flag to verify availability.
Step 2: Verify with Service
def verify_with_service(service: str) -> AuthStatus:
result = subprocess.run(
[service, "auth", "status"],
capture_output=True
)
return AuthStatus(
authenticated=(result.returncode == 0),
message=result.stdout.decode()
)
Verification: Run the command with --help flag to verify availability.
Step 3: Handle Failures
def handle_auth_failure(service: str, method: AuthMethod) -> str:
actions = {
AuthMethod.API_KEY: f"Set {service.upper()}_API_KEY environment variable",
AuthMethod.OAUTH: f"Run '{service} auth login' for browser auth",
AuthMethod.TOKEN: f"Refresh token with '{service} token refresh'"
}
return actions[method]
Verification: Run the command with --help flag to verify availability.
Integration Pattern
# In your skill's frontmatter
dependencies: [leyline:authentication-patterns]
Verification: Run the command with --help flag to verify availability.
Interactive Authentication (Shell)
For workflows requiring interactive authentication with token caching and session management:
# Source the interactive auth script
source plugins/leyline/scripts/interactive_auth.sh
# Ensure authentication before proceeding
ensure_auth github || exit 1
ensure_auth gitlab || exit 1
ensure_auth aws || exit 1
# Continue with authenticated operations
gh pr view 123
glab issue list
aws s3 ls
Features:
- ✅ Interactive OAuth flows for GitHub, GitLab, AWS, and more
- ✅ Token caching (5-minute TTL)
- ✅ Session persistence (24-hour TTL)
- ✅ CI/CD compatible (auto-detects non-interactive environments)
- ✅ Multi-service support
See modules/interactive-auth.md for complete documentation.
Detailed Resources
- Auth Methods: See
modules/auth-methods.mdfor method details - Verification: See
modules/verification-patterns.mdfor testing patterns - Interactive: See
modules/interactive-auth.mdfor shell-based auth flows
Exit Criteria
- Credentials verified or clear failure message
- Suggested action for auth failures
- Smoke test confirms working auth
Troubleshooting
Common Issues
Command not found Ensure all dependencies are installed and in PATH
Permission errors Check file permissions and run with appropriate privileges
Unexpected behavior
Enable verbose logging with --verbose flag
Source
git clone https://github.com/athola/claude-night-market/blob/master/plugins/leyline/skills/authentication-patterns/SKILL.mdView on GitHub Overview
Authentication Patterns provides standardized approaches to credentials, verification, and error handling when integrating with external services. It covers API keys, OAuth flows, and token management, aligning with Leyline infrastructure patterns.
How This Skill Works
It defines common authentication methods (API Key, OAuth, Token) and a verification flow to assess credentials. It also supplies quick-start templates, smoke tests, and a standard environment-check–verification–failure-handling lifecycle to ensure reliable service authentication.
When to Use It
- Integrating with external APIs
- Need credential verification before use
- Managing multiple authentication methods (API Key, OAuth, Token)
- Verifying and refreshing tokens during runtime
- Ensuring secure, reusable auth patterns within Leyline infrastructure
Quick Start
- Step 1: Define mapping of services to methods and environment variables
- Step 2: Call verify_auth with the target service and method
- Step 3: Interpret the status and take action or retry
Best Practices
- Store credentials in environment variables per method
- Prefer explicit verification steps over blind trust
- Centralize authentication logic to share across services
- Provide clear failure messages and auto-remediation hints
- Include smoke tests and environment checks in deployments
Example Use Cases
- API Key authentication against a third-party service
- OAuth flow for user-authenticated access
- Token-based session management with automatic refresh
- Credential verification in CI pipelines
- Graceful handling and rotation of credentials during outages
Frequently Asked Questions
Related Skills
terraform
chaterm/terminal-skills
Terraform 基础设施即代码
makefile-generation
athola/claude-night-market
Generate language-specific Makefiles with testing, linting, and automation targets. Use for project initialization and workflow standardization. Skip if Makefile exists.
precommit-setup
athola/claude-night-market
Configure three-layer pre-commit system with linting, type checking, and testing hooks. Use for quality gate setup and code standards. Skip if pre-commit is optimally configured.
error-patterns
athola/claude-night-market
'Standardized error handling patterns with classification, recovery,
risk-classification
athola/claude-night-market
'Inline risk classification for agent tasks using a 4-tier model. Hybrid
quota-management
athola/claude-night-market
'Quota tracking, threshold monitoring, and graceful degradation for rate-limited
