npm - @geolonia/geonicdb-cli - Versions diffs - 0.5.0 → 0.6.0 - Mend

@geolonia/geonicdb-cli 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -172,6 +172,7 @@ Displays the current authenticated user, token expiry, and active profile.
 | `--origins <origins>` | Allowed origins (comma-separated, at least 1 required) |
 | `--entity-types <types>` | Allowed entity types (comma-separated) |
 | `--rate-limit <n>` | Rate limit (requests per minute) |
+| `--dpop-required` | Require DPoP token binding (RFC 9449) |
 | `--save` | Save the API key to profile config |
 ```bash
@@ -182,6 +183,8 @@ geonic me api-keys create --name my-app --scopes read:entities --save
 geonic me api-keys create '{"name":"my-app","allowedScopes":["read:entities"]}'
 ```
+`me api-keys list` output includes a `dpopRequired` field (boolean).
 ### entities — Manage context entities
 | Subcommand | Description |
@@ -369,9 +372,9 @@ Temporal entityOperations query supports: `--aggr-methods`, `--aggr-period`.
 | `admin api-keys update <keyId> [json]` | Update an API key |
 | `admin api-keys delete <keyId>` | Delete an API key |
-`admin api-keys list` supports `--tenant-id` to filter by tenant. `admin api-keys create` supports flag options: `--name`, `--scopes`, `--origins`, `--entity-types`, `--rate-limit`, `--tenant-id`, `--save`.
+`admin api-keys list` supports `--tenant-id` to filter by tenant. `admin api-keys create` supports flag options: `--name`, `--scopes`, `--origins`, `--entity-types`, `--rate-limit`, `--dpop-required`, `--tenant-id`, `--save`. `admin api-keys update` supports `--name`, `--scopes`, `--origins`, `--entity-types`, `--rate-limit`, `--dpop-required` / `--no-dpop-required`.
-**Note**: `allowedOrigins` must contain at least 1 item when specified. Use `*` to allow all origins. `allowedEntityTypes` is enforced at runtime — API key holders can only access entities of the specified types.
+**Note**: `allowedOrigins` must contain at least 1 item when specified. Use `*` to allow all origins. `allowedEntityTypes` is enforced at runtime — API key holders can only access entities of the specified types. `admin api-keys list` / `admin api-keys get` output includes a `dpopRequired` field (boolean).
 #### admin cadde

package/dist/index.js CHANGED Viewed

@@ -1370,7 +1370,7 @@ function addMeApiKeysSubcommand(me) {
       command: "geonic me api-keys list"
     }
   ]);
-  const create = apiKeys.command("create [json]").description("Create a new API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Allowed scopes (comma-separated)").option("--origins <origins>", "Allowed origins (comma-separated)").option("--entity-types <types>", "Allowed entity types (comma-separated)").option("--rate-limit <n>", "Rate limit per minute").option("--save", "Save the API key to config for automatic use").action(
+  const create = apiKeys.command("create [json]").description("Create a new API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Allowed scopes (comma-separated)").option("--origins <origins>", "Allowed origins (comma-separated)").option("--entity-types <types>", "Allowed entity types (comma-separated)").option("--rate-limit <n>", "Rate limit per minute").option("--dpop-required", "Require DPoP token binding").option("--save", "Save the API key to config for automatic use").action(
     withErrorHandler(async (json, _opts, cmd) => {
       const opts = cmd.opts();
       if (opts.origins !== void 0) {
@@ -1383,12 +1383,13 @@ function addMeApiKeysSubcommand(me) {
       let body;
       if (json) {
         body = await parseJsonInput(json);
-      } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit) {
+      } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit || opts.dpopRequired !== void 0) {
         const payload = {};
         if (opts.name) payload.name = opts.name;
         if (opts.scopes) payload.allowedScopes = opts.scopes.split(",").map((s) => s.trim()).filter(Boolean);
         if (opts.origins) payload.allowedOrigins = opts.origins.split(",").map((s) => s.trim()).filter(Boolean);
         if (opts.entityTypes) payload.allowedEntityTypes = opts.entityTypes.split(",").map((s) => s.trim()).filter(Boolean);
+        if (opts.dpopRequired !== void 0) payload.dpopRequired = opts.dpopRequired;
         if (opts.rateLimit) {
           const raw = opts.rateLimit.trim();
           if (!/^\d+$/.test(raw)) {
@@ -1453,6 +1454,10 @@ function addMeApiKeysSubcommand(me) {
     {
       description: "Create an API key with rate limiting",
       command: "geonic me api-keys create --name my-app --rate-limit 100"
+    },
+    {
+      description: "Create an API key with DPoP required",
+      command: "geonic me api-keys create --name my-app --dpop-required"
     }
   ]);
   const del = apiKeys.command("delete <keyId>").description("Delete an API key").action(
@@ -3363,6 +3368,7 @@ function buildBodyFromFlags(opts) {
     }
     payload.rateLimit = { perMinute };
   }
+  if (opts.dpopRequired !== void 0) payload.dpopRequired = opts.dpopRequired;
   if (opts.tenantId) payload.tenantId = opts.tenantId;
   return payload;
 }
@@ -3408,14 +3414,14 @@ function registerApiKeysCommand(parent) {
       command: "geonic admin api-keys get <key-id>"
     }
   ]);
-  const create = apiKeys.command("create [json]").description("Create a new API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Comma-separated scopes").option("--origins <origins>", "Comma-separated origins").option("--entity-types <types>", "Comma-separated entity types").option("--rate-limit <n>", "Rate limit per minute").option("--tenant-id <id>", "Tenant ID").option("--save", "Save the API key to profile config").action(
+  const create = apiKeys.command("create [json]").description("Create a new API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Comma-separated scopes").option("--origins <origins>", "Comma-separated origins").option("--entity-types <types>", "Comma-separated entity types").option("--rate-limit <n>", "Rate limit per minute").option("--dpop-required", "Require DPoP token binding").option("--tenant-id <id>", "Tenant ID").option("--save", "Save the API key to profile config").action(
     withErrorHandler(async (json, _opts, cmd) => {
       const opts = cmd.opts();
       validateOrigins(void 0, opts);
       let body;
       if (json) {
         body = await parseJsonInput(json);
-      } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit || opts.tenantId) {
+      } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit || opts.dpopRequired !== void 0 || opts.tenantId) {
         body = buildBodyFromFlags(opts);
       } else {
         body = await parseJsonInput();
@@ -3452,12 +3458,16 @@ function registerApiKeysCommand(parent) {
       description: "Create an API key with flags",
       command: "geonic admin api-keys create --name my-key --scopes entities:read,entities:write --origins '*'"
     },
+    {
+      description: "Create an API key with DPoP required",
+      command: "geonic admin api-keys create --name my-key --dpop-required"
+    },
     {
       description: "Create an API key from JSON and save to config",
       command: "geonic admin api-keys create @key.json --save"
     }
   ]);
-  const update = apiKeys.command("update <keyId> [json]").description("Update an API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Comma-separated scopes").option("--origins <origins>", "Comma-separated origins").option("--entity-types <types>", "Comma-separated entity types").option("--rate-limit <n>", "Rate limit per minute").action(
+  const update = apiKeys.command("update <keyId> [json]").description("Update an API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Comma-separated scopes").option("--origins <origins>", "Comma-separated origins").option("--entity-types <types>", "Comma-separated entity types").option("--rate-limit <n>", "Rate limit per minute").option("--dpop-required", "Require DPoP token binding").option("--no-dpop-required", "Disable DPoP token binding").action(
     withErrorHandler(
       async (keyId, json, _opts, cmd) => {
         const opts = cmd.opts();
@@ -3465,7 +3475,7 @@ function registerApiKeysCommand(parent) {
         let body;
         if (json) {
           body = await parseJsonInput(json);
-        } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit) {
+        } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit || opts.dpopRequired !== void 0) {
           body = buildBodyFromFlags(opts);
         } else {
           body = await parseJsonInput();
@@ -3488,6 +3498,14 @@ function registerApiKeysCommand(parent) {
       description: "Update an API key name",
       command: "geonic admin api-keys update <key-id> --name new-name"
     },
+    {
+      description: "Enable DPoP requirement",
+      command: "geonic admin api-keys update <key-id> --dpop-required"
+    },
+    {
+      description: "Disable DPoP requirement",
+      command: "geonic admin api-keys update <key-id> --no-dpop-required"
+    },
     {
       description: "Update an API key from a JSON file",
       command: "geonic admin api-keys update <key-id> @key.json"