@getrouter/getrouter-cli 0.1.0 → 0.1.2

package/src/cmd/keys.ts

@@ -1,6 +1,6 @@
 import type { Command } from "commander";
 import { createApiClients } from "../core/api/client";
-import { redactSecrets } from "../core/config/redact";
+import { fetchAllPages } from "../core/api/pagination";
 import {
   confirmDelete,
   promptKeyEnabled,
@@ -32,17 +32,16 @@ const consumerRow = (consumer: ConsumerLike) => [
 ];
 
 const outputConsumerTable = (consumer: ConsumerLike) => {
-  console.log(renderTable(consumerHeaders, [consumerRow(consumer)]));
+  console.log(
+    renderTable(consumerHeaders, [consumerRow(consumer)], { maxColWidth: 64 }),
+  );
 };
 
 const outputConsumers = (consumers: routercommonv1_Consumer[]) => {
   const rows = consumers.map(consumerRow);
-  console.log(renderTable(consumerHeaders, rows));
+  console.log(renderTable(consumerHeaders, rows, { maxColWidth: 64 }));
 };
 
-const redactConsumer = (consumer: routercommonv1_Consumer) =>
-  redactSecrets(consumer);
-
 const requireInteractive = (message: string) => {
   if (!process.stdin.isTTY) {
     throw new Error(message);
@@ -83,11 +82,15 @@ const updateConsumer = async (
 const listConsumers = async (
   consumerService: Pick<ConsumerService, "ListConsumers">,
 ) => {
-  const res = await consumerService.ListConsumers({
-    pageSize: undefined,
-    pageToken: undefined,
-  });
-  const consumers = (res?.consumers ?? []).map(redactConsumer);
+  const consumers = await fetchAllPages(
+    (pageToken) =>
+      consumerService.ListConsumers({
+        pageSize: undefined,
+        pageToken,
+      }),
+    (res) => res?.consumers ?? [],
+    (res) => res?.nextPageToken || undefined,
+  );
   outputConsumers(consumers);
 };
 
@@ -143,7 +146,7 @@ const updateConsumerById = async (
     name,
     enabled,
   );
-  outputConsumerTable(redactConsumer(consumer));
+  outputConsumerTable(consumer);
 };
 
 const deleteConsumerById = async (
@@ -159,7 +162,7 @@ const deleteConsumerById = async (
   const confirmed = await confirmDelete(selected);
   if (!confirmed) return;
   await consumerService.DeleteConsumer({ id: selected.id });
-  outputConsumerTable(redactConsumer(selected));
+  outputConsumerTable(selected);
 };
 
 export const registerKeysCommands = (program: Command) => {

package/src/cmd/models.ts

@@ -3,9 +3,10 @@ import { createApiClients } from "../core/api/client";
 import { renderTable } from "../core/output/table";
 import type { routercommonv1_Model } from "../generated/router/dashboard/v1";
 
-const modelHeaders = ["NAME", "AUTHOR", "ENABLED", "UPDATED_AT"];
+const modelHeaders = ["ID", "NAME", "AUTHOR", "ENABLED", "UPDATED_AT"];
 
 const modelRow = (model: routercommonv1_Model) => [
+  String(model.id ?? ""),
   String(model.name ?? ""),
   String(model.author ?? ""),
   String(model.enabled ?? ""),

package/src/core/api/pagination.ts

@@ -0,0 +1,25 @@
+/**
+ * Fetches all pages from a paginated API endpoint.
+ *
+ * @param fetchPage - Function that fetches a single page given a pageToken
+ * @param getItems - Function that extracts items from the response
+ * @param getNextToken - Function that extracts the next page token from the response
+ * @returns Array of all items across all pages
+ */
+export const fetchAllPages = async <TResponse, TItem>(
+  fetchPage: (pageToken?: string) => Promise<TResponse>,
+  getItems: (response: TResponse) => TItem[],
+  getNextToken: (response: TResponse) => string | undefined,
+): Promise<TItem[]> => {
+  const allItems: TItem[] = [];
+  let pageToken: string | undefined;
+
+  do {
+    const response = await fetchPage(pageToken);
+    const items = getItems(response);
+    allItems.push(...items);
+    pageToken = getNextToken(response);
+  } while (pageToken);
+
+  return allItems;
+};

package/src/core/auth/refresh.ts

@@ -0,0 +1,68 @@
+import { readAuth, writeAuth } from "../config";
+import { buildApiUrl } from "../http/url";
+
+type AuthToken = {
+  accessToken: string | undefined;
+  refreshToken: string | undefined;
+  expiresAt: string | undefined;
+};
+
+const EXPIRY_BUFFER_MS = 60 * 1000; // Refresh 1 minute before expiry
+
+export const isTokenExpiringSoon = (expiresAt: string): boolean => {
+  if (!expiresAt) return true;
+  const t = Date.parse(expiresAt);
+  if (Number.isNaN(t)) return true;
+  return t <= Date.now() + EXPIRY_BUFFER_MS;
+};
+
+export const refreshAccessToken = async ({
+  fetchImpl,
+}: {
+  fetchImpl?: typeof fetch;
+}): Promise<AuthToken | null> => {
+  const auth = readAuth();
+  if (!auth.refreshToken) {
+    return null;
+  }
+
+  const res = await (fetchImpl ?? fetch)(
+    buildApiUrl("v1/dashboard/auth/token"),
+    {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ refreshToken: auth.refreshToken }),
+    },
+  );
+
+  if (!res.ok) {
+    return null;
+  }
+
+  const token = (await res.json()) as AuthToken;
+  if (token.accessToken && token.refreshToken) {
+    writeAuth({
+      accessToken: token.accessToken,
+      refreshToken: token.refreshToken,
+      expiresAt: token.expiresAt ?? "",
+      tokenType: "Bearer",
+    });
+  }
+  return token;
+};
+
+export const ensureValidToken = async ({
+  fetchImpl,
+}: {
+  fetchImpl?: typeof fetch;
+}): Promise<boolean> => {
+  const auth = readAuth();
+  if (!auth.accessToken || !auth.refreshToken) {
+    return false;
+  }
+  if (!isTokenExpiringSoon(auth.expiresAt)) {
+    return true;
+  }
+  const refreshed = await refreshAccessToken({ fetchImpl });
+  return refreshed !== null && Boolean(refreshed.accessToken);
+};

package/src/core/http/request.ts

@@ -1,5 +1,7 @@
+import { refreshAccessToken } from "../auth/refresh";
 import { readAuth } from "../config";
 import { createApiError } from "./errors";
+import { isServerError, withRetry } from "./retry";
 import { buildApiUrl } from "./url";
 
 type RequestInput = {
@@ -7,6 +9,9 @@ type RequestInput = {
   method: string;
   body?: unknown;
   fetchImpl?: typeof fetch;
+  maxRetries?: number;
+  /** For testing: override the sleep function used for retry delays */
+  _retrySleep?: (ms: number) => Promise<void>;
 };
 
 const getAuthCookieName = () =>
@@ -14,28 +19,79 @@ const getAuthCookieName = () =>
   process.env.KRATOS_AUTH_COOKIE ||
   "access_token";
 
-export const requestJson = async <T = unknown>({
-  path,
-  method,
-  body,
-  fetchImpl,
-}: RequestInput): Promise<T> => {
+const buildHeaders = (accessToken?: string): Record<string, string> => {
   const headers: Record<string, string> = {
     "Content-Type": "application/json",
   };
-  const auth = readAuth();
-  if (auth.accessToken) {
-    headers.Authorization = `Bearer ${auth.accessToken}`;
-    headers.Cookie = `${getAuthCookieName()}=${auth.accessToken}`;
+  if (accessToken) {
+    headers.Authorization = `Bearer ${accessToken}`;
+    headers.Cookie = `${getAuthCookieName()}=${accessToken}`;
   }
-  const res = await (fetchImpl ?? fetch)(buildApiUrl(path), {
+  return headers;
+};
+
+const doFetch = async (
+  url: string,
+  method: string,
+  headers: Record<string, string>,
+  body: unknown,
+  fetchImpl?: typeof fetch,
+): Promise<Response> => {
+  return (fetchImpl ?? fetch)(url, {
     method,
     headers,
     body: body == null ? undefined : JSON.stringify(body),
   });
-  if (!res.ok) {
-    const payload = await res.json().catch(() => null);
-    throw createApiError(payload, res.statusText, res.status);
+};
+
+const shouldRetryResponse = (error: unknown): boolean => {
+  if (
+    typeof error === "object" &&
+    error !== null &&
+    "status" in error &&
+    typeof (error as { status: unknown }).status === "number"
+  ) {
+    return isServerError((error as { status: number }).status);
   }
-  return (await res.json()) as T;
+  // Retry on network errors (TypeError from fetch)
+  return error instanceof TypeError;
+};
+
+export const requestJson = async <T = unknown>({
+  path,
+  method,
+  body,
+  fetchImpl,
+  maxRetries = 3,
+  _retrySleep,
+}: RequestInput): Promise<T> => {
+  return withRetry(
+    async () => {
+      const auth = readAuth();
+      const url = buildApiUrl(path);
+      const headers = buildHeaders(auth.accessToken);
+
+      let res = await doFetch(url, method, headers, body, fetchImpl);
+
+      // On 401, attempt token refresh and retry once
+      if (res.status === 401 && auth.refreshToken) {
+        const refreshed = await refreshAccessToken({ fetchImpl });
+        if (refreshed?.accessToken) {
+          const newHeaders = buildHeaders(refreshed.accessToken);
+          res = await doFetch(url, method, newHeaders, body, fetchImpl);
+        }
+      }
+
+      if (!res.ok) {
+        const payload = await res.json().catch(() => null);
+        throw createApiError(payload, res.statusText, res.status);
+      }
+      return (await res.json()) as T;
+    },
+    {
+      maxRetries,
+      shouldRetry: shouldRetryResponse,
+      sleep: _retrySleep,
+    },
+  );
 };

package/src/core/http/retry.ts

@@ -0,0 +1,68 @@
+export type RetryOptions = {
+  maxRetries?: number;
+  initialDelayMs?: number;
+  maxDelayMs?: number;
+  shouldRetry?: (error: unknown, attempt: number) => boolean;
+  onRetry?: (error: unknown, attempt: number, delayMs: number) => void;
+  sleep?: (ms: number) => Promise<void>;
+};
+
+const defaultSleep = (ms: number) =>
+  new Promise<void>((resolve) => setTimeout(resolve, ms));
+
+const isRetryableError = (error: unknown): boolean => {
+  // Network errors (fetch failures)
+  if (error instanceof TypeError) {
+    return true;
+  }
+  // Errors with status codes
+  if (
+    typeof error === "object" &&
+    error !== null &&
+    "status" in error &&
+    typeof (error as { status: unknown }).status === "number"
+  ) {
+    const status = (error as { status: number }).status;
+    // Retry on 5xx server errors, 408 timeout, 429 rate limit
+    return status >= 500 || status === 408 || status === 429;
+  }
+  return false;
+};
+
+export const withRetry = async <T>(
+  fn: () => Promise<T>,
+  options: RetryOptions = {},
+): Promise<T> => {
+  const {
+    maxRetries = 3,
+    initialDelayMs = 1000,
+    maxDelayMs = 10000,
+    shouldRetry = isRetryableError,
+    onRetry,
+    sleep = defaultSleep,
+  } = options;
+
+  let lastError: unknown;
+  let delay = initialDelayMs;
+
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    try {
+      return await fn();
+    } catch (error) {
+      lastError = error;
+
+      if (attempt >= maxRetries || !shouldRetry(error, attempt)) {
+        throw error;
+      }
+
+      onRetry?.(error, attempt + 1, delay);
+      await sleep(delay);
+      delay = Math.min(delay * 2, maxDelayMs);
+    }
+  }
+
+  throw lastError;
+};
+
+export const isServerError = (status: number): boolean =>
+  status >= 500 || status === 408 || status === 429;

package/src/core/interactive/keys.ts

@@ -3,6 +3,7 @@ import type {
   ConsumerService as DashboardConsumerService,
   routercommonv1_Consumer,
 } from "../../generated/router/dashboard/v1";
+import { fetchAllPages } from "../api/pagination";
 import { fuzzySelect } from "./fuzzy";
 
 type Consumer = routercommonv1_Consumer;
@@ -101,11 +102,15 @@ export const promptKeyEnabled = async (initial: boolean): Promise<boolean> => {
 export const selectConsumer = async (
   consumerService: ConsumerService,
 ): Promise<routercommonv1_Consumer | null> => {
-  const res = await consumerService.ListConsumers({
-    pageSize: undefined,
-    pageToken: undefined,
-  });
-  const consumers = res?.consumers ?? [];
+  const consumers = await fetchAllPages(
+    (pageToken) =>
+      consumerService.ListConsumers({
+        pageSize: undefined,
+        pageToken,
+      }),
+    (res) => res?.consumers ?? [],
+    (res) => res?.nextPageToken || undefined,
+  );
   if (consumers.length === 0) {
     throw new Error("No available API keys");
   }
@@ -128,11 +133,15 @@ export const selectConsumerList = async (
   consumerService: ConsumerService,
   message: string,
 ): Promise<routercommonv1_Consumer | null> => {
-  const res = await consumerService.ListConsumers({
-    pageSize: undefined,
-    pageToken: undefined,
-  });
-  const consumers = res?.consumers ?? [];
+  const consumers = await fetchAllPages(
+    (pageToken) =>
+      consumerService.ListConsumers({
+        pageSize: undefined,
+        pageToken,
+      }),
+    (res) => res?.consumers ?? [],
+    (res) => res?.nextPageToken || undefined,
+  );
   if (consumers.length === 0) {
     throw new Error("No available API keys");
   }

package/src/core/output/usages.ts

@@ -1,7 +1,6 @@
 import type { AggregatedUsage } from "../usages/aggregate";
 
-const INPUT_BLOCK = "█";
-const OUTPUT_BLOCK = "▒";
+const TOTAL_BLOCK = "█";
 const DEFAULT_WIDTH = 24;
 
 const formatTokens = (value: number) => {
@@ -35,41 +34,23 @@ export const renderUsageChart = (
     return `${header}\n\nNo usage data available.`;
   }
   const normalized = rows.map((row) => {
-    const input = Number(row.inputTokens);
-    const output = Number(row.outputTokens);
-    const safeInput = Number.isFinite(input) ? input : 0;
-    const safeOutput = Number.isFinite(output) ? output : 0;
+    const total = Number(row.totalTokens);
+    const safeTotal = Number.isFinite(total) ? total : 0;
     return {
       day: row.day,
-      input: safeInput,
-      output: safeOutput,
-      total: safeInput + safeOutput,
+      total: safeTotal,
     };
   });
   const totals = normalized.map((row) => row.total);
   const maxTotal = Math.max(0, ...totals);
   const lines = normalized.map((row) => {
-    const total = row.total;
-    if (maxTotal === 0 || total === 0) {
-      return `${row.day} ${"".padEnd(width, " ")} I:0 O:0`;
+    if (maxTotal === 0 || row.total === 0) {
+      return `${row.day} ${"".padEnd(width, " ")} 0`;
     }
-    const scaled = Math.max(1, Math.round((total / maxTotal) * width));
-    let inputBars = Math.round((row.input / total) * scaled);
-    let outputBars = Math.max(0, scaled - inputBars);
-    if (row.input > 0 && row.output > 0) {
-      if (inputBars === 0) {
-        inputBars = 1;
-        outputBars = Math.max(0, scaled - 1);
-      } else if (outputBars === 0) {
-        outputBars = 1;
-        inputBars = Math.max(0, scaled - 1);
-      }
-    }
-    const bar = `${INPUT_BLOCK.repeat(inputBars)}${OUTPUT_BLOCK.repeat(outputBars)}`;
-    const inputLabel = formatTokens(row.input);
-    const outputLabel = formatTokens(row.output);
-    return `${row.day} ${bar.padEnd(width, " ")} I:${inputLabel} O:${outputLabel}`;
+    const scaled = Math.max(1, Math.round((row.total / maxTotal) * width));
+    const bar = TOTAL_BLOCK.repeat(scaled);
+    const totalLabel = formatTokens(row.total);
+    return `${row.day} ${bar.padEnd(width, " ")} ${totalLabel}`;
   });
-  const legend = `Legend: ${INPUT_BLOCK} input    ${OUTPUT_BLOCK} output`;
-  return [header, "", ...lines, "", legend].join("\n");
+  return [header, "", ...lines].join("\n");
 };

package/tests/auth/refresh.test.ts

@@ -0,0 +1,149 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import {
+  ensureValidToken,
+  isTokenExpiringSoon,
+  refreshAccessToken,
+} from "../../src/core/auth/refresh";
+import { readAuth, writeAuth } from "../../src/core/config";
+
+const makeDir = () => fs.mkdtempSync(path.join(os.tmpdir(), "getrouter-"));
+
+describe("isTokenExpiringSoon", () => {
+  it("returns true for empty string", () => {
+    expect(isTokenExpiringSoon("")).toBe(true);
+  });
+
+  it("returns true for invalid date", () => {
+    expect(isTokenExpiringSoon("not-a-date")).toBe(true);
+  });
+
+  it("returns true for expired token", () => {
+    const past = new Date(Date.now() - 10000).toISOString();
+    expect(isTokenExpiringSoon(past)).toBe(true);
+  });
+
+  it("returns true for token expiring within buffer", () => {
+    const soon = new Date(Date.now() + 30000).toISOString(); // 30 seconds
+    expect(isTokenExpiringSoon(soon)).toBe(true);
+  });
+
+  it("returns false for token with plenty of time", () => {
+    const future = new Date(Date.now() + 5 * 60 * 1000).toISOString(); // 5 minutes
+    expect(isTokenExpiringSoon(future)).toBe(false);
+  });
+});
+
+describe("refreshAccessToken", () => {
+  beforeEach(() => {
+    process.env.GETROUTER_CONFIG_DIR = makeDir();
+  });
+
+  it("returns null when no refresh token", async () => {
+    writeAuth({
+      accessToken: "",
+      refreshToken: "",
+      expiresAt: "",
+      tokenType: "",
+    });
+    const result = await refreshAccessToken({});
+    expect(result).toBeNull();
+  });
+
+  it("returns null when refresh fails", async () => {
+    writeAuth({
+      accessToken: "old",
+      refreshToken: "refresh",
+      expiresAt: "",
+      tokenType: "Bearer",
+    });
+    const mockFetch = vi.fn().mockResolvedValue({
+      ok: false,
+      status: 401,
+    });
+    const result = await refreshAccessToken({
+      fetchImpl: mockFetch as unknown as typeof fetch,
+    });
+    expect(result).toBeNull();
+  });
+
+  it("refreshes and updates auth on success", async () => {
+    writeAuth({
+      accessToken: "old",
+      refreshToken: "refresh",
+      expiresAt: "",
+      tokenType: "Bearer",
+    });
+    const newToken = {
+      accessToken: "new-access",
+      refreshToken: "new-refresh",
+      expiresAt: "2026-12-01T00:00:00Z",
+    };
+    const mockFetch = vi.fn().mockResolvedValue({
+      ok: true,
+      json: async () => newToken,
+    });
+    const result = await refreshAccessToken({
+      fetchImpl: mockFetch as unknown as typeof fetch,
+    });
+    expect(result).toEqual(newToken);
+    const saved = readAuth();
+    expect(saved.accessToken).toBe("new-access");
+    expect(saved.refreshToken).toBe("new-refresh");
+  });
+});
+
+describe("ensureValidToken", () => {
+  beforeEach(() => {
+    process.env.GETROUTER_CONFIG_DIR = makeDir();
+  });
+
+  it("returns false when no tokens", async () => {
+    writeAuth({
+      accessToken: "",
+      refreshToken: "",
+      expiresAt: "",
+      tokenType: "",
+    });
+    const result = await ensureValidToken({});
+    expect(result).toBe(false);
+  });
+
+  it("returns true when token is still valid", async () => {
+    const future = new Date(Date.now() + 10 * 60 * 1000).toISOString();
+    writeAuth({
+      accessToken: "valid",
+      refreshToken: "refresh",
+      expiresAt: future,
+      tokenType: "Bearer",
+    });
+    const result = await ensureValidToken({});
+    expect(result).toBe(true);
+  });
+
+  it("refreshes when token is expiring soon", async () => {
+    const soon = new Date(Date.now() + 10000).toISOString(); // 10 seconds
+    writeAuth({
+      accessToken: "expiring",
+      refreshToken: "refresh",
+      expiresAt: soon,
+      tokenType: "Bearer",
+    });
+    const newToken = {
+      accessToken: "new-access",
+      refreshToken: "new-refresh",
+      expiresAt: new Date(Date.now() + 3600000).toISOString(),
+    };
+    const mockFetch = vi.fn().mockResolvedValue({
+      ok: true,
+      json: async () => newToken,
+    });
+    const result = await ensureValidToken({
+      fetchImpl: mockFetch as unknown as typeof fetch,
+    });
+    expect(result).toBe(true);
+    expect(mockFetch).toHaveBeenCalled();
+  });
+});

package/tests/cli.test.ts

@@ -1,6 +1,6 @@
 import { readdirSync } from "node:fs";
 import path from "node:path";
-import { describe, expect, it } from "vitest";
+import { describe, expect, it, vi } from "vitest";
 import { createProgram } from "../src/cli";
 
 describe("getrouter cli", () => {
@@ -10,6 +10,25 @@ describe("getrouter cli", () => {
     expect(program.helpInformation()).toContain("getrouter");
   });
 
+  it("rejects removed config command", async () => {
+    const writeErr = vi
+      .spyOn(process.stderr, "write")
+      .mockImplementation(() => true);
+    const program = createProgram();
+    program.exitOverride();
+    program.configureOutput({
+      writeErr: () => {},
+    });
+    try {
+      await expect(
+        program.parseAsync(["node", "getrouter", "config"]),
+      ).rejects.toBeTruthy();
+      expect(writeErr).not.toHaveBeenCalled();
+    } finally {
+      writeErr.mockRestore();
+    }
+  });
+
   it("only ships registered command entrypoints", () => {
     const cmdDir = path.join(process.cwd(), "src", "cmd");
     const files = readdirSync(cmdDir).filter((file) => file.endsWith(".ts"));
@@ -17,8 +36,6 @@ describe("getrouter cli", () => {
       "auth.ts",
       "claude.ts",
       "codex.ts",
-      "config-helpers.ts",
-      "config.ts",
       "env.ts",
       "index.ts",
       "keys.ts",