@provartesting/provardx-cli 1.5.0-beta.3 → 1.5.0-beta.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/README.md +101 -1
  2. package/lib/commands/provar/auth/clear.d.ts +7 -0
  3. package/lib/commands/provar/auth/clear.js +36 -0
  4. package/lib/commands/provar/auth/clear.js.map +1 -0
  5. package/lib/commands/provar/auth/login.d.ts +10 -0
  6. package/lib/commands/provar/auth/login.js +88 -0
  7. package/lib/commands/provar/auth/login.js.map +1 -0
  8. package/lib/commands/provar/auth/rotate.d.ts +7 -0
  9. package/lib/commands/provar/auth/rotate.js +42 -0
  10. package/lib/commands/provar/auth/rotate.js.map +1 -0
  11. package/lib/commands/provar/auth/status.d.ts +7 -0
  12. package/lib/commands/provar/auth/status.js +89 -0
  13. package/lib/commands/provar/auth/status.js.map +1 -0
  14. package/lib/mcp/tools/testCaseValidate.d.ts +4 -0
  15. package/lib/mcp/tools/testCaseValidate.js +98 -17
  16. package/lib/mcp/tools/testCaseValidate.js.map +1 -1
  17. package/lib/services/auth/credentials.d.ts +18 -0
  18. package/lib/services/auth/credentials.js +71 -0
  19. package/lib/services/auth/credentials.js.map +1 -0
  20. package/lib/services/auth/loginFlow.d.ts +61 -0
  21. package/lib/services/auth/loginFlow.js +183 -0
  22. package/lib/services/auth/loginFlow.js.map +1 -0
  23. package/lib/services/qualityHub/client.d.ts +131 -0
  24. package/lib/services/qualityHub/client.js +196 -0
  25. package/lib/services/qualityHub/client.js.map +1 -0
  26. package/messages/sf.provar.auth.clear.md +13 -0
  27. package/messages/sf.provar.auth.login.md +31 -0
  28. package/messages/sf.provar.auth.rotate.md +23 -0
  29. package/messages/sf.provar.auth.status.md +13 -0
  30. package/oclif.manifest.json +327 -114
  31. package/package.json +5 -2
@@ -0,0 +1,131 @@
1
+ /**
2
+ * Quality Hub validation result — our internal normalised shape.
3
+ * Mapped from the raw API response by normaliseApiResponse().
4
+ * Also returned by the local validator so both paths share one shape.
5
+ */
6
+ export interface QualityHubValidationResult {
7
+ is_valid: boolean;
8
+ validity_score: number;
9
+ quality_score: number;
10
+ issues: Array<{
11
+ rule_id: string;
12
+ severity: 'ERROR' | 'WARNING';
13
+ message: string;
14
+ applies_to?: string;
15
+ suggestion?: string;
16
+ }>;
17
+ }
18
+ interface QualityHubApiViolation {
19
+ severity: 'critical' | 'major' | 'minor' | 'info';
20
+ rule_id: string;
21
+ name: string;
22
+ description: string;
23
+ category: string;
24
+ message: string;
25
+ test_item_id?: string;
26
+ weight: number;
27
+ recommendation: string;
28
+ applies_to: string[];
29
+ }
30
+ interface QualityHubApiResponse {
31
+ valid: boolean;
32
+ errors: QualityHubApiViolation[];
33
+ warnings: QualityHubApiViolation[];
34
+ metadata: Record<string, unknown>;
35
+ quality_metrics: {
36
+ quality_score: number;
37
+ max_score: number;
38
+ total_violations: number;
39
+ best_practices_grade: number;
40
+ };
41
+ validation_mode: string;
42
+ validated_at: string;
43
+ }
44
+ /**
45
+ * Map the raw API response to our internal validation result shape.
46
+ * Exported for unit testing; called by validateTestCaseViaApi once the stub is replaced.
47
+ *
48
+ * Mapping rules (from AWS memo 2026-04-10):
49
+ * raw.valid → is_valid
50
+ * raw.errors[].severity "critical" → issues[].severity "ERROR"
51
+ * raw.warnings[].severity * → issues[].severity "WARNING"
52
+ * raw.quality_metrics.quality_score → quality_score
53
+ * validity_score: 100 when valid, else max(0, 100 - errors.length * 20)
54
+ */
55
+ export declare function normaliseApiResponse(raw: QualityHubApiResponse): QualityHubValidationResult;
56
+ /**
57
+ * Typed errors returned when the API call fails in a known way.
58
+ * The MCP tool maps these to appropriate fallback behaviour.
59
+ */
60
+ export declare class QualityHubAuthError extends Error {
61
+ readonly code = "AUTH_ERROR";
62
+ }
63
+ export declare class QualityHubRateLimitError extends Error {
64
+ readonly code = "RATE_LIMITED";
65
+ }
66
+ /**
67
+ * POST /validate — submit XML to the Quality Hub validation API.
68
+ *
69
+ * Request:
70
+ * POST <baseUrl>/validate
71
+ * x-provar-key: pv_k_... (user auth — no x-api-key infra gate on this endpoint)
72
+ * Content-Type: application/json
73
+ * { "test_case_xml": "<full XML string>" }
74
+ *
75
+ * On failure the MCP tool catches and falls back to local validation
76
+ * (validation_source: "local_fallback"). No user-visible crash.
77
+ */
78
+ export declare function validateTestCaseViaApi(xml: string, apiKey: string, baseUrl: string): Promise<QualityHubValidationResult>;
79
+ /**
80
+ * Self-service access request page for users who do not yet have a Provar MCP account.
81
+ * Public HTML — no API key or Cognito token required.
82
+ * Update when staging/prod stages are deployed.
83
+ */
84
+ export declare const REQUEST_ACCESS_URL = "https://aqqlrlhga7.execute-api.us-east-1.amazonaws.com/dev/auth/request-access";
85
+ export declare function getQualityHubBaseUrl(): string;
86
+ export interface AuthExchangeResponse {
87
+ api_key: string;
88
+ prefix: string;
89
+ tier: string;
90
+ username: string;
91
+ expires_at: string;
92
+ }
93
+ export interface KeyStatusResponse {
94
+ valid: boolean;
95
+ tier?: string;
96
+ username?: string;
97
+ expires_at?: string;
98
+ }
99
+ /**
100
+ * POST /auth/exchange — exchange a Cognito access token for a pv_k_ key.
101
+ * Called immediately after PKCE callback; Cognito tokens are discarded after this call.
102
+ */
103
+ export declare function exchangeTokenForKey(cognitoAccessToken: string, baseUrl: string): Promise<AuthExchangeResponse>;
104
+ /**
105
+ * GET /auth/status — verify a stored pv_k_ key is still valid server-side.
106
+ * Best-effort: callers should catch and fall back to locally cached values on failure.
107
+ */
108
+ export declare function fetchKeyStatus(apiKey: string, baseUrl: string): Promise<KeyStatusResponse>;
109
+ /**
110
+ * POST /auth/revoke — invalidate a pv_k_ key on the server.
111
+ * Best-effort: callers should catch, log a note, then delete the local file regardless.
112
+ */
113
+ export declare function revokeKey(apiKey: string, baseUrl: string): Promise<void>;
114
+ /**
115
+ * POST /auth/rotate — atomically replace the current pv_k_ key with a new one.
116
+ * The old key is invalidated immediately. Returns the same shape as /auth/exchange.
117
+ * On 401: key is invalid/expired — caller should direct user to sf provar auth login.
118
+ */
119
+ export declare function rotateKey(apiKey: string, baseUrl: string): Promise<AuthExchangeResponse>;
120
+ /**
121
+ * MCP tools and auth commands call qualityHubClient.X() so tests can replace
122
+ * properties with stubs without ESM re-export issues.
123
+ */
124
+ export declare const qualityHubClient: {
125
+ validateTestCaseViaApi: typeof validateTestCaseViaApi;
126
+ exchangeTokenForKey: typeof exchangeTokenForKey;
127
+ fetchKeyStatus: typeof fetchKeyStatus;
128
+ revokeKey: typeof revokeKey;
129
+ rotateKey: typeof rotateKey;
130
+ };
131
+ export {};
@@ -0,0 +1,196 @@
1
+ /*
2
+ * Copyright (c) 2024 Provar Limited.
3
+ * All rights reserved.
4
+ * Licensed under the BSD 3-Clause license.
5
+ * For full license text, see LICENSE.md file in the repo root or https://opensource.org/licenses/BSD-3-Clause
6
+ */
7
+ /* eslint-disable camelcase */
8
+ import https from 'node:https';
9
+ import { URL as NodeURL } from 'node:url';
10
+ /**
11
+ * Map the raw API response to our internal validation result shape.
12
+ * Exported for unit testing; called by validateTestCaseViaApi once the stub is replaced.
13
+ *
14
+ * Mapping rules (from AWS memo 2026-04-10):
15
+ * raw.valid → is_valid
16
+ * raw.errors[].severity "critical" → issues[].severity "ERROR"
17
+ * raw.warnings[].severity * → issues[].severity "WARNING"
18
+ * raw.quality_metrics.quality_score → quality_score
19
+ * validity_score: 100 when valid, else max(0, 100 - errors.length * 20)
20
+ */
21
+ export function normaliseApiResponse(raw) {
22
+ const issues = [
23
+ ...raw.errors.map((v) => ({
24
+ rule_id: v.rule_id,
25
+ severity: 'ERROR',
26
+ message: v.message,
27
+ applies_to: v.applies_to[0],
28
+ suggestion: v.recommendation,
29
+ })),
30
+ ...raw.warnings.map((v) => ({
31
+ rule_id: v.rule_id,
32
+ severity: 'WARNING',
33
+ message: v.message,
34
+ applies_to: v.applies_to[0],
35
+ suggestion: v.recommendation,
36
+ })),
37
+ ];
38
+ return {
39
+ is_valid: raw.valid,
40
+ validity_score: raw.valid ? 100 : Math.max(0, 100 - raw.errors.length * 20),
41
+ quality_score: raw.quality_metrics.quality_score,
42
+ issues,
43
+ };
44
+ }
45
+ /**
46
+ * Typed errors returned when the API call fails in a known way.
47
+ * The MCP tool maps these to appropriate fallback behaviour.
48
+ */
49
+ export class QualityHubAuthError extends Error {
50
+ code = 'AUTH_ERROR';
51
+ }
52
+ export class QualityHubRateLimitError extends Error {
53
+ code = 'RATE_LIMITED';
54
+ }
55
+ /**
56
+ * POST /validate — submit XML to the Quality Hub validation API.
57
+ *
58
+ * Request:
59
+ * POST <baseUrl>/validate
60
+ * x-provar-key: pv_k_... (user auth — no x-api-key infra gate on this endpoint)
61
+ * Content-Type: application/json
62
+ * { "test_case_xml": "<full XML string>" }
63
+ *
64
+ * On failure the MCP tool catches and falls back to local validation
65
+ * (validation_source: "local_fallback"). No user-visible crash.
66
+ */
67
+ export async function validateTestCaseViaApi(xml, apiKey, baseUrl) {
68
+ const body = JSON.stringify({ test_case_xml: xml });
69
+ const { status, responseBody } = await httpsRequest(`${baseUrl}/validate`, 'POST', { 'Content-Type': 'application/json', 'x-provar-key': apiKey }, body);
70
+ if (status === 401) {
71
+ throw new QualityHubAuthError('API key is invalid, expired, or revoked. Run `sf provar auth login` to get a new key.');
72
+ }
73
+ if (status === 429) {
74
+ throw new QualityHubRateLimitError('Quality Hub validation rate limit exceeded. Try again later.');
75
+ }
76
+ if (!isOk(status)) {
77
+ throw new Error(`Quality Hub validate failed (${status}): ${responseBody}`);
78
+ }
79
+ return normaliseApiResponse(JSON.parse(responseBody));
80
+ }
81
+ /**
82
+ * Returns the Quality Hub base URL to use for API calls.
83
+ * Defaults to the dev environment URL; override via PROVAR_QUALITY_HUB_URL for production.
84
+ * Update DEFAULT_QUALITY_HUB_URL when the production URL is confirmed.
85
+ */
86
+ const DEFAULT_QUALITY_HUB_URL = 'https://aqqlrlhga7.execute-api.us-east-1.amazonaws.com/dev';
87
+ /**
88
+ * Self-service access request page for users who do not yet have a Provar MCP account.
89
+ * Public HTML — no API key or Cognito token required.
90
+ * Update when staging/prod stages are deployed.
91
+ */
92
+ export const REQUEST_ACCESS_URL = `${DEFAULT_QUALITY_HUB_URL}/auth/request-access`;
93
+ export function getQualityHubBaseUrl() {
94
+ return process.env.PROVAR_QUALITY_HUB_URL ?? DEFAULT_QUALITY_HUB_URL;
95
+ }
96
+ // ── Auth endpoint functions ───────────────────────────────────────────────────
97
+ /**
98
+ * POST /auth/exchange — exchange a Cognito access token for a pv_k_ key.
99
+ * Called immediately after PKCE callback; Cognito tokens are discarded after this call.
100
+ */
101
+ export async function exchangeTokenForKey(cognitoAccessToken, baseUrl) {
102
+ const body = JSON.stringify({ access_token: cognitoAccessToken });
103
+ const { status, responseBody } = await httpsRequest(`${baseUrl}/auth/exchange`, 'POST', { 'Content-Type': 'application/json' }, body);
104
+ if (status === 401)
105
+ throw new QualityHubAuthError(`Account not found or no active subscription.\nRequest access at: ${REQUEST_ACCESS_URL}`);
106
+ if (!isOk(status))
107
+ throw new Error(`Auth exchange failed (${status}): ${responseBody}`);
108
+ return JSON.parse(responseBody);
109
+ }
110
+ /**
111
+ * GET /auth/status — verify a stored pv_k_ key is still valid server-side.
112
+ * Best-effort: callers should catch and fall back to locally cached values on failure.
113
+ */
114
+ export async function fetchKeyStatus(apiKey, baseUrl) {
115
+ const { status, responseBody } = await httpsRequest(`${baseUrl}/auth/status`, 'GET', {
116
+ 'x-provar-key': apiKey,
117
+ });
118
+ if (!isOk(status))
119
+ throw new Error(`Auth status check failed (${status})`);
120
+ return JSON.parse(responseBody);
121
+ }
122
+ /**
123
+ * POST /auth/revoke — invalidate a pv_k_ key on the server.
124
+ * Best-effort: callers should catch, log a note, then delete the local file regardless.
125
+ */
126
+ export async function revokeKey(apiKey, baseUrl) {
127
+ const { status, responseBody } = await httpsRequest(`${baseUrl}/auth/revoke`, 'POST', {
128
+ 'x-provar-key': apiKey,
129
+ 'Content-Length': '0',
130
+ });
131
+ if (!isOk(status))
132
+ throw new Error(`Key revocation failed (${status}): ${responseBody}`);
133
+ }
134
+ /**
135
+ * POST /auth/rotate — atomically replace the current pv_k_ key with a new one.
136
+ * The old key is invalidated immediately. Returns the same shape as /auth/exchange.
137
+ * On 401: key is invalid/expired — caller should direct user to sf provar auth login.
138
+ */
139
+ export async function rotateKey(apiKey, baseUrl) {
140
+ const { status, responseBody } = await httpsRequest(`${baseUrl}/auth/rotate`, 'POST', {
141
+ 'x-provar-key': apiKey,
142
+ 'Content-Length': '0',
143
+ });
144
+ if (status === 401)
145
+ throw new QualityHubAuthError('API key is invalid or expired. Run `sf provar auth login` to get a new key.');
146
+ if (!isOk(status))
147
+ throw new Error(`Key rotation failed (${status}): ${responseBody}`);
148
+ return JSON.parse(responseBody);
149
+ }
150
+ // ── Internal HTTPS helper ─────────────────────────────────────────────────────
151
+ function isOk(status) {
152
+ return status >= 200 && status < 300;
153
+ }
154
+ const REQUEST_TIMEOUT_MS = 30000;
155
+ function httpsRequest(url, method, headers, body) {
156
+ return new Promise((resolve, reject) => {
157
+ const parsed = new NodeURL(url);
158
+ const opts = {
159
+ hostname: parsed.hostname,
160
+ port: parsed.port || undefined,
161
+ path: parsed.pathname + parsed.search,
162
+ method,
163
+ headers: {
164
+ ...headers,
165
+ ...(body ? { 'Content-Length': Buffer.byteLength(body).toString() } : {}),
166
+ },
167
+ };
168
+ const req = https.request(opts, (res) => {
169
+ let data = '';
170
+ res.on('data', (chunk) => {
171
+ data += chunk.toString('utf-8');
172
+ });
173
+ res.on('end', () => resolve({ status: res.statusCode ?? 0, responseBody: data }));
174
+ });
175
+ req.setTimeout(REQUEST_TIMEOUT_MS, () => {
176
+ req.destroy(new Error(`Quality Hub API request timed out after ${REQUEST_TIMEOUT_MS / 1000}s`));
177
+ });
178
+ req.on('error', reject);
179
+ if (body)
180
+ req.write(body);
181
+ req.end();
182
+ });
183
+ }
184
+ // ── Indirection object used by MCP tools and testable via sinon ───────────────
185
+ /**
186
+ * MCP tools and auth commands call qualityHubClient.X() so tests can replace
187
+ * properties with stubs without ESM re-export issues.
188
+ */
189
+ export const qualityHubClient = {
190
+ validateTestCaseViaApi,
191
+ exchangeTokenForKey,
192
+ fetchKeyStatus,
193
+ revokeKey,
194
+ rotateKey,
195
+ };
196
+ //# sourceMappingURL=client.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/services/qualityHub/client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,8BAA8B;AAC9B,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,EAAE,GAAG,IAAI,OAAO,EAAE,MAAM,UAAU,CAAC;AAkD1C;;;;;;;;;;GAUG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAA0B;IAC7D,MAAM,MAAM,GAAG;QACb,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxB,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,QAAQ,EAAE,OAAgB;YAC1B,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,UAAU,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,CAAuB;YACjD,UAAU,EAAE,CAAC,CAAC,cAAc;SAC7B,CAAC,CAAC;QACH,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1B,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,QAAQ,EAAE,SAAkB;YAC5B,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,UAAU,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,CAAuB;YACjD,UAAU,EAAE,CAAC,CAAC,cAAc;SAC7B,CAAC,CAAC;KACJ,CAAC;IAEF,OAAO;QACL,QAAQ,EAAE,GAAG,CAAC,KAAK;QACnB,cAAc,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;QAC3E,aAAa,EAAE,GAAG,CAAC,eAAe,CAAC,aAAa;QAChD,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAC5B,IAAI,GAAG,YAAY,CAAC;CACrC;AAED,MAAM,OAAO,wBAAyB,SAAQ,KAAK;IACjC,IAAI,GAAG,cAAc,CAAC;CACvC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,GAAW,EACX,MAAc,EACd,OAAe;IAEf,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IACpD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,YAAY,CACjD,GAAG,OAAO,WAAW,EACrB,MAAM,EACN,EAAE,cAAc,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,EAAE,EAC9D,IAAI,CACL,CAAC;IAEF,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,MAAM,IAAI,mBAAmB,CAC3B,uFAAuF,CACxF,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,MAAM,IAAI,wBAAwB,CAAC,8DAA8D,CAAC,CAAC;IACrG,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,MAAM,YAAY,EAAE,CAAC,CAAC;IAC9E,CAAC;IAED,OAAO,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAA0B,CAAC,CAAC;AACjF,CAAC;AAED;;;;GAIG;AACH,MAAM,uBAAuB,GAAG,4DAA4D,CAAC;AAE7F;;;;GAIG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAG,uBAAuB,sBAAsB,CAAC;AAEnF,MAAM,UAAU,oBAAoB;IAClC,OAAO,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,uBAAuB,CAAC;AACvE,CAAC;AAmBD,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,kBAA0B,EAAE,OAAe;IACnF,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,kBAAkB,EAAE,CAAC,CAAC;IAClE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,YAAY,CACjD,GAAG,OAAO,gBAAgB,EAC1B,MAAM,EACN,EAAE,cAAc,EAAE,kBAAkB,EAAE,EACtC,IAAI,CACL,CAAC;IACF,IAAI,MAAM,KAAK,GAAG;QAChB,MAAM,IAAI,mBAAmB,CAC3B,oEAAoE,kBAAkB,EAAE,CACzF,CAAC;IACJ,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,MAAM,MAAM,YAAY,EAAE,CAAC,CAAC;IACxF,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAyB,CAAC;AAC1D,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,MAAc,EAAE,OAAe;IAClE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,YAAY,CAAC,GAAG,OAAO,cAAc,EAAE,KAAK,EAAE;QACnF,cAAc,EAAE,MAAM;KACvB,CAAC,CAAC;IACH,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,MAAM,GAAG,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAsB,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,MAAc,EAAE,OAAe;IAC7D,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,YAAY,CAAC,GAAG,OAAO,cAAc,EAAE,MAAM,EAAE;QACpF,cAAc,EAAE,MAAM;QACtB,gBAAgB,EAAE,GAAG;KACtB,CAAC,CAAC;IACH,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,MAAM,MAAM,YAAY,EAAE,CAAC,CAAC;AAC3F,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,MAAc,EAAE,OAAe;IAC7D,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,YAAY,CAAC,GAAG,OAAO,cAAc,EAAE,MAAM,EAAE;QACpF,cAAc,EAAE,MAAM;QACtB,gBAAgB,EAAE,GAAG;KACtB,CAAC,CAAC;IACH,IAAI,MAAM,KAAK,GAAG;QAChB,MAAM,IAAI,mBAAmB,CAAC,6EAA6E,CAAC,CAAC;IAC/G,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,MAAM,MAAM,YAAY,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAyB,CAAC;AAC1D,CAAC;AAED,iFAAiF;AAEjF,SAAS,IAAI,CAAC,MAAc;IAC1B,OAAO,MAAM,IAAI,GAAG,IAAI,MAAM,GAAG,GAAG,CAAC;AACvC,CAAC;AAED,MAAM,kBAAkB,GAAG,KAAM,CAAC;AAElC,SAAS,YAAY,CACnB,GAAW,EACX,MAAc,EACd,OAA+B,EAC/B,IAAa;IAEb,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,CAAC;QAChC,MAAM,IAAI,GAAG;YACX,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,SAAS;YAC9B,IAAI,EAAE,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM;YACrC,MAAM;YACN,OAAO,EAAE;gBACP,GAAG,OAAO;gBACV,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC1E;SACF,CAAC;QACF,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;YACtC,IAAI,IAAI,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;gBAC/B,IAAI,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;YACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,UAAU,IAAI,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACpF,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,UAAU,CAAC,kBAAkB,EAAE,GAAG,EAAE;YACtC,GAAG,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,2CAA2C,kBAAkB,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC;QAClG,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACxB,IAAI,IAAI;YAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1B,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,sBAAsB;IACtB,mBAAmB;IACnB,cAAc;IACd,SAAS;IACT,SAAS;CACV,CAAC"}
@@ -0,0 +1,13 @@
1
+ # summary
2
+ Remove the stored Provar API key.
3
+
4
+ # description
5
+ Deletes the API key stored at ~/.provar/credentials.json. After clearing, the
6
+ provar.testcase.validate MCP tool falls back to local validation (structural rules only,
7
+ no Quality Hub quality scoring).
8
+
9
+ The PROVAR_API_KEY environment variable is not affected by this command.
10
+
11
+ # examples
12
+ - Clear the stored API key:
13
+ <%= config.bin %> <%= command.id %>
@@ -0,0 +1,31 @@
1
+ # summary
2
+
3
+ Log in to Provar Quality Hub and store your API key.
4
+
5
+ # description
6
+
7
+ Opens a browser to the Provar login page. After you authenticate, your API key
8
+ is stored at ~/.provar/credentials.json and used automatically by the Provar MCP
9
+ tools and CI/CD integrations.
10
+
11
+ The Cognito session tokens are held in memory only for the duration of the key
12
+ exchange and are then discarded — only the pv*k* API key is written to disk.
13
+
14
+ Run 'sf provar auth status' after login to confirm the key is configured correctly.
15
+
16
+ Don't have an account? Request access at:
17
+ https://aqqlrlhga7.execute-api.us-east-1.amazonaws.com/dev/auth/request-access
18
+
19
+ # flags.url.summary
20
+
21
+ Override the Quality Hub API base URL (for testing against a non-production environment).
22
+
23
+ # examples
24
+
25
+ - Log in interactively (opens browser):
26
+
27
+ <%= config.bin %> <%= command.id %>
28
+
29
+ - Log in against a staging environment:
30
+
31
+ <%= config.bin %> <%= command.id %> --url https://dev.api.example.com
@@ -0,0 +1,23 @@
1
+ # summary
2
+
3
+ Rotate your stored Provar Quality Hub API key.
4
+
5
+ # description
6
+
7
+ Exchanges your current pv*k* key for a new one in a single atomic operation.
8
+ The old key is invalidated the moment the new key is issued — there is no window
9
+ where both are valid.
10
+
11
+ The new key is written to ~/.provar/credentials.json automatically.
12
+
13
+ Use this command to rotate your key on a regular schedule (every ~90 days) without
14
+ going through the browser login flow again.
15
+
16
+ If the current key is already expired or revoked, rotation is not possible — run
17
+ sf provar auth login instead to authenticate via browser and get a fresh key.
18
+
19
+ # examples
20
+
21
+ - Rotate the stored API key:
22
+
23
+ <%= config.bin %> <%= command.id %>
@@ -0,0 +1,13 @@
1
+ # summary
2
+ Show the current Provar API key configuration status.
3
+
4
+ # description
5
+ Reports where the active API key comes from (environment variable or stored file),
6
+ shows the key prefix and when it was set, and states whether validation will use the
7
+ Quality Hub API or local rules only. The full key is never printed.
8
+
9
+ If no key is configured, guidance is shown for logging in or requesting access.
10
+
11
+ # examples
12
+ - Check auth status:
13
+ <%= config.bin %> <%= command.id %>