@redocly/cli 1.29.0 → 1.30.0

package/lib/otel.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.otelTelemetry = exports.OtelServerTelemetry = void 0;
+const api_1 = require("@opentelemetry/api");
+const resources_1 = require("@opentelemetry/resources");
+const sdk_trace_node_1 = require("@opentelemetry/sdk-trace-node");
+const exporter_trace_otlp_http_1 = require("@opentelemetry/exporter-trace-otlp-http");
+const semantic_conventions_1 = require("@opentelemetry/semantic-conventions");
+const update_version_notifier_1 = require("./utils/update-version-notifier");
+const fetch_with_timeout_1 = require("./utils/fetch-with-timeout");
+const OTEL_TRACES_URL = process.env.OTEL_TRACES_URL || 'https://otel.cloud.redocly.com/v1/traces';
+class OtelServerTelemetry {
+    init() {
+        const nodeTracerProvider = new sdk_trace_node_1.NodeTracerProvider({
+            resource: new resources_1.Resource({
+                [semantic_conventions_1.ATTR_SERVICE_NAME]: `redocly-cli`,
+                [semantic_conventions_1.ATTR_SERVICE_VERSION]: `@redocly/cli@${update_version_notifier_1.version}`,
+            }),
+        });
+        nodeTracerProvider.addSpanProcessor(new sdk_trace_node_1.SimpleSpanProcessor(new exporter_trace_otlp_http_1.OTLPTraceExporter({
+            url: OTEL_TRACES_URL,
+            headers: {},
+            timeoutMillis: fetch_with_timeout_1.DEFAULT_FETCH_TIMEOUT,
+        })));
+        nodeTracerProvider.register();
+    }
+    send(event, data) {
+        const time = new Date();
+        const eventId = crypto.randomUUID();
+        const span = api_1.trace.getTracer('CliTelemetry').startSpan(`event.${event}`, {
+            attributes: {
+                'cloudevents.event_client.id': eventId,
+                'cloudevents.event_client.type': event,
+            },
+            startTime: time,
+        });
+        for (const [key, value] of Object.entries(data)) {
+            const keySnakeCase = key.replace(/([A-Z])/g, '_$1').toLowerCase();
+            if (value !== undefined) {
+                span.setAttribute(`cloudevents.event_data.${keySnakeCase}`, value);
+            }
+        }
+        span.end(time);
+    }
+}
+exports.OtelServerTelemetry = OtelServerTelemetry;
+exports.otelTelemetry = new OtelServerTelemetry();

package/lib/reunite/api/__tests__/domains.test.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const domains_1 = require("../domains");
+const domains_2 = require("../domains");
+describe('getDomain()', () => {
+    afterEach(() => {
+        delete process.env.REDOCLY_DOMAIN;
+    });
+    it('should return the domain from environment variable', () => {
+        process.env.REDOCLY_DOMAIN = 'test-domain';
+        expect((0, domains_1.getDomain)()).toBe('test-domain');
+    });
+    it('should return the default domain if no domain provided', () => {
+        process.env.REDOCLY_DOMAIN = '';
+        expect((0, domains_1.getDomain)()).toBe('https://app.cloud.redocly.com');
+    });
+});
+describe('getReuniteUrl()', () => {
+    it('should return US API URL when US region specified', () => {
+        expect((0, domains_2.getReuniteUrl)('us')).toBe('https://app.cloud.redocly.com/api');
+    });
+    it('should return EU API URL when EU region specified', () => {
+        expect((0, domains_2.getReuniteUrl)('eu')).toBe('https://app.cloud.eu.redocly.com/api');
+    });
+    it('should return custom domain API URL when custom domain specified', () => {
+        const customDomain = 'https://custom.domain.com';
+        expect((0, domains_2.getReuniteUrl)(customDomain)).toBe('https://custom.domain.com/api');
+    });
+    it('should return US API URL when no region specified', () => {
+        expect((0, domains_2.getReuniteUrl)()).toBe('https://app.cloud.redocly.com/api');
+    });
+});

package/lib/{cms → reunite}/api/api-client.d.ts

@@ -15,6 +15,15 @@ export declare class ReuniteApiError extends Error {
     status: number;
     constructor(message: string, status: number);
 }
+export declare class ReuniteApiClient implements BaseApiClient {
+    protected version: string;
+    protected command: string;
+    sunsetWarnings: SunsetWarningsBuffer;
+    constructor(version: string, command: string);
+    request(url: string, options: FetchWithTimeoutOptions): Promise<Response>;
+    private collectSunsetWarning;
+    private getSunsetDate;
+}
 declare class RemotesApi {
     private client;
     private readonly domain;

package/lib/{cms → reunite}/api/api-client.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ReuniteApi = exports.ReuniteApiError = void 0;
+exports.ReuniteApi = exports.ReuniteApiClient = exports.ReuniteApiError = void 0;
 exports.streamToBuffer = streamToBuffer;
 const colorette_1 = require("colorette");
 const fetch_with_timeout_1 = require("../../utils/fetch-with-timeout");
@@ -59,6 +59,7 @@ class ReuniteApiClient {
         return Date.parse(sunsetDate);
     }
 }
+exports.ReuniteApiClient = ReuniteApiClient;
 class RemotesApi {
     constructor(client, domain, apiKey) {
         this.client = client;

package/lib/reunite/api/domains.d.ts

@@ -0,0 +1,4 @@
+import type { Region } from '@redocly/openapi-core';
+export declare const REUNITE_URLS: Record<Region, string>;
+export declare function getDomain(): string;
+export declare function getReuniteUrl(residency?: string): string;

package/lib/reunite/api/domains.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.REUNITE_URLS = void 0;
+exports.getDomain = getDomain;
+exports.getReuniteUrl = getReuniteUrl;
+exports.REUNITE_URLS = {
+    us: 'https://app.cloud.redocly.com',
+    eu: 'https://app.cloud.eu.redocly.com',
+};
+function getDomain() {
+    return process.env.REDOCLY_DOMAIN || exports.REUNITE_URLS.us;
+}
+function getReuniteUrl(residency) {
+    if (!residency)
+        residency = 'us';
+    let reuniteUrl = exports.REUNITE_URLS[residency];
+    if (!reuniteUrl) {
+        reuniteUrl = residency;
+    }
+    const url = new URL('/api', reuniteUrl).toString();
+    return url;
+}

package/lib/reunite/commands/__tests__/push.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/reunite/commands/__tests__/utils.test.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/types.d.ts

@@ -3,14 +3,14 @@ import type { ArgumentsCamelCase } from 'yargs';
 import type { LintOptions } from './commands/lint';
 import type { BundleOptions } from './commands/bundle';
 import type { JoinOptions } from './commands/join';
-import type { LoginOptions } from './commands/login';
+import type { LoginOptions, LogoutOptions } from './commands/auth';
 import type { PushOptions } from './commands/push';
 import type { StatsOptions } from './commands/stats';
 import type { SplitOptions } from './commands/split';
 import type { PreviewDocsOptions } from './commands/preview-docs';
 import type { BuildDocsArgv } from './commands/build-docs/types';
-import type { PushOptions as CMSPushOptions } from './cms/commands/push';
-import type { PushStatusOptions } from './cms/commands/push-status';
+import type { PushOptions as CMSPushOptions } from './reunite/commands/push';
+import type { PushStatusOptions } from './reunite/commands/push-status';
 import type { PreviewProjectOptions } from './commands/preview-project/types';
 import type { TranslationsOptions } from './commands/translations';
 import type { EjectOptions } from './commands/eject';
@@ -27,7 +27,7 @@ export type Entrypoint = {
 export declare const outputExtensions: ReadonlyArray<BundleOutputFormat>;
 export type OutputExtensions = 'json' | 'yaml' | 'yml' | undefined;
 export declare const regionChoices: ReadonlyArray<Region>;
-export type CommandOptions = StatsOptions | SplitOptions | JoinOptions | PushOptions | CMSPushOptions | LintOptions | BundleOptions | LoginOptions | PreviewDocsOptions | BuildDocsArgv | PushStatusOptions | PreviewProjectOptions | TranslationsOptions | EjectOptions;
+export type CommandOptions = StatsOptions | SplitOptions | JoinOptions | PushOptions | CMSPushOptions | LintOptions | BundleOptions | LoginOptions | LogoutOptions | PreviewDocsOptions | BuildDocsArgv | PushStatusOptions | PreviewProjectOptions | TranslationsOptions | EjectOptions;
 export type VerifyConfigOptions = {
     config?: string;
     'lint-config'?: RuleSeverity;

package/lib/utils/miscellaneous.d.ts

@@ -59,17 +59,18 @@ export type ExitCode = 0 | 1 | 2;
 export type Analytics = {
     event: string;
     event_time: string;
-    logged_in: boolean;
-    command: string | number;
-    arguments: Record<string, unknown>;
+    logged_in: 'yes' | 'no';
+    command: string;
+    arguments: string;
     node_version: string;
     npm_version: string;
+    os_platform: string;
     version: string;
     exit_code: ExitCode;
     environment?: string;
     environment_ci?: string;
     raw_input: string;
-    has_config?: boolean;
+    has_config?: 'yes' | 'no';
     spec_version?: string;
     spec_keyword?: string;
     spec_full_version?: string;

package/lib/utils/miscellaneous.js

@@ -37,6 +37,7 @@ const colorette_1 = require("colorette");
 const perf_hooks_1 = require("perf_hooks");
 const glob = require("glob");
 const fs = require("fs");
+const os = require("os");
 const readline = require("readline");
 const stream_1 = require("stream");
 const child_process_1 = require("child_process");
@@ -48,7 +49,9 @@ const reference_docs_config_schema_1 = require("@redocly/config/lib/reference-do
 const types_1 = require("../types");
 const update_version_notifier_1 = require("./update-version-notifier");
 const push_1 = require("../commands/push");
-const fetch_with_timeout_1 = require("./fetch-with-timeout");
+const oauth_client_1 = require("../auth/oauth-client");
+const api_1 = require("../reunite/api");
+const otel_1 = require("../otel");
 async function getFallbackApisOrExit(argsApis, config) {
     const { apis } = config;
     const shouldFallbackToAllDefinitions = !(0, utils_1.isNotEmptyArray)(argsApis) && (0, utils_1.isNotEmptyObject)(apis);
@@ -440,6 +443,7 @@ function cleanColors(input) {
     // eslint-disable-next-line no-control-regex
     return input.replace(/\x1b\[\d+m/g, '');
 }
+otel_1.otelTelemetry.init();
 async function sendTelemetry(argv, exit_code, has_config, spec_version, spec_keyword, spec_full_version) {
     try {
         if (!argv) {
@@ -448,33 +452,29 @@ async function sendTelemetry(argv, exit_code, has_config, spec_version, spec_key
         const { _: [command], $0: _, ...args } = argv;
         const event_time = new Date().toISOString();
         const redoclyClient = new openapi_core_1.RedoclyClient();
-        const logged_in = redoclyClient.hasTokens();
+        const oauthClient = new oauth_client_1.RedoclyOAuthClient('redocly-cli', update_version_notifier_1.version);
+        const reuniteUrl = (0, api_1.getReuniteUrl)(argv.residency);
+        const logged_in = redoclyClient.hasTokens() || (await oauthClient.isAuthorized(reuniteUrl));
         const data = {
             event: 'cli_command',
             event_time,
-            logged_in,
-            command,
-            arguments: cleanArgs(args),
+            logged_in: logged_in ? 'yes' : 'no',
+            command: `${command}`,
+            arguments: JSON.stringify(cleanArgs(args)),
             node_version: process.version,
             npm_version: (0, child_process_1.execSync)('npm -v').toString().replace('\n', ''),
+            os_platform: os.platform(),
             version: update_version_notifier_1.version,
             exit_code,
             environment: process.env.REDOCLY_ENVIRONMENT,
             environment_ci: process.env.CI,
             raw_input: cleanRawInput(process.argv.slice(2)),
-            has_config,
+            has_config: has_config ? 'yes' : 'no',
             spec_version,
             spec_keyword,
             spec_full_version,
         };
-        await (0, fetch_with_timeout_1.default)(`https://api.redocly.com/registry/telemetry/cli`, {
-            timeout: fetch_with_timeout_1.DEFAULT_FETCH_TIMEOUT,
-            method: 'POST',
-            headers: {
-                'content-type': 'application/json',
-            },
-            body: JSON.stringify(data),
-        });
+        otel_1.otelTelemetry.send(data.command, data);
     }
     catch (err) {
         // Do nothing.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@redocly/cli",
-  "version": "1.29.0",
+  "version": "1.30.0",
   "description": "",
   "license": "MIT",
   "bin": {
@@ -36,7 +36,7 @@
     "Roman Hotsiy <roman@redocly.com> (https://redocly.com/)"
   ],
   "dependencies": {
-    "@redocly/openapi-core": "1.29.0",
+    "@redocly/openapi-core": "1.30.0",
     "abort-controller": "^3.0.0",
     "chokidar": "^3.5.1",
     "colorette": "^1.2.0",
@@ -46,6 +46,11 @@
     "glob": "^7.1.6",
     "handlebars": "^4.7.6",
     "mobx": "^6.0.4",
+    "@opentelemetry/api": "1.9.0",
+    "@opentelemetry/exporter-trace-otlp-http": "0.53.0",
+    "@opentelemetry/resources": "1.26.0",
+    "@opentelemetry/sdk-trace-node": "1.26.0",
+    "@opentelemetry/semantic-conventions": "1.27.0",
     "pluralize": "^8.0.0",
     "react": "^17.0.0 || ^18.2.0 || ^19.0.0",
     "react-dom": "^17.0.0 || ^18.2.0 || ^19.0.0",

package/src/__tests__/commands/push-region.test.ts

@@ -1,6 +1,6 @@
 import { getMergedConfig } from '@redocly/openapi-core';
 import { handlePush } from '../../commands/push';
-import { promptClientToken } from '../../commands/login';
+import { promptClientToken } from '../../commands/auth';
 import { ConfigFixture } from '../fixtures/config';
 import { Readable } from 'node:stream';
 
@@ -23,7 +23,7 @@ jest.mock('fs', () => ({
 
 // Mock OpenAPI core
 jest.mock('@redocly/openapi-core');
-jest.mock('../../commands/login');
+jest.mock('../../commands/auth');
 jest.mock('../../utils/miscellaneous');
 
 const mockPromptClientToken = promptClientToken as jest.MockedFunction<typeof promptClientToken>;

package/src/auth/__tests__/device-flow.test.ts

@@ -0,0 +1,73 @@
+import { RedoclyOAuthDeviceFlow } from '../device-flow';
+
+jest.mock('child_process');
+
+describe('RedoclyOAuthDeviceFlow', () => {
+  const mockBaseUrl = 'https://test.redocly.com';
+  const mockClientName = 'test-client';
+  const mockVersion = '1.0.0';
+  let flow: RedoclyOAuthDeviceFlow;
+
+  beforeEach(() => {
+    flow = new RedoclyOAuthDeviceFlow(mockBaseUrl, mockClientName, mockVersion);
+    jest.resetAllMocks();
+  });
+
+  describe('verifyToken', () => {
+    it('returns true for valid token', async () => {
+      jest.spyOn(flow['apiClient'], 'request').mockResolvedValue({
+        json: () => Promise.resolve({ user: { id: '123' } }),
+      } as Response);
+
+      const result = await flow.verifyToken('valid-token');
+      expect(result).toBe(true);
+    });
+
+    it('returns false for invalid token', async () => {
+      jest.spyOn(flow['apiClient'], 'request').mockRejectedValue(new Error('Invalid token'));
+      const result = await flow.verifyToken('invalid-token');
+      expect(result).toBe(false);
+    });
+  });
+
+  describe('verifyApiKey', () => {
+    it('returns true for valid API key', async () => {
+      jest.spyOn(flow['apiClient'], 'request').mockResolvedValue({
+        json: () => Promise.resolve({ success: true }),
+      } as Response);
+
+      const result = await flow.verifyApiKey('valid-key');
+      expect(result).toBe(true);
+    });
+
+    it('returns false for invalid API key', async () => {
+      jest.spyOn(flow['apiClient'], 'request').mockRejectedValue(new Error('Invalid API key'));
+      const result = await flow.verifyApiKey('invalid-key');
+      expect(result).toBe(false);
+    });
+  });
+
+  describe('refreshToken', () => {
+    it('successfully refreshes token', async () => {
+      const mockResponse = {
+        access_token: 'new-token',
+        refresh_token: 'new-refresh',
+        expires_in: 3600,
+      };
+      jest.spyOn(flow['apiClient'], 'request').mockResolvedValue({
+        json: () => Promise.resolve(mockResponse),
+      } as Response);
+
+      const result = await flow.refreshToken('old-refresh-token');
+      expect(result).toEqual(mockResponse);
+    });
+
+    it('throws error when refresh fails', async () => {
+      jest.spyOn(flow['apiClient'], 'request').mockResolvedValue({
+        json: () => Promise.resolve({}),
+      } as Response);
+
+      await expect(flow.refreshToken('invalid-refresh')).rejects.toThrow('Failed to refresh token');
+    });
+  });
+});

package/src/auth/__tests__/oauth-client.test.ts

@@ -0,0 +1,117 @@
+import { RedoclyOAuthClient } from '../oauth-client';
+import { RedoclyOAuthDeviceFlow } from '../device-flow';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
+
+jest.mock('node:fs');
+jest.mock('node:os');
+jest.mock('../device-flow');
+
+describe('RedoclyOAuthClient', () => {
+  const mockClientName = 'test-client';
+  const mockVersion = '1.0.0';
+  const mockBaseUrl = 'https://test.redocly.com';
+  const mockHomeDir = '/mock/home/dir';
+  const mockRedoclyDir = path.join(mockHomeDir, '.redocly');
+  let client: RedoclyOAuthClient;
+
+  beforeEach(() => {
+    jest.resetAllMocks();
+    (os.homedir as jest.Mock).mockReturnValue(mockHomeDir);
+    process.env.HOME = mockHomeDir;
+    client = new RedoclyOAuthClient(mockClientName, mockVersion);
+  });
+
+  describe('login', () => {
+    it('successfully logs in and saves token', async () => {
+      const mockToken = { access_token: 'test-token' };
+      const mockDeviceFlow = {
+        run: jest.fn().mockResolvedValue(mockToken),
+      };
+      (RedoclyOAuthDeviceFlow as jest.Mock).mockImplementation(() => mockDeviceFlow);
+
+      await client.login(mockBaseUrl);
+
+      expect(mockDeviceFlow.run).toHaveBeenCalled();
+      expect(fs.writeFileSync).toHaveBeenCalled();
+    });
+
+    it('throws error when login fails', async () => {
+      const mockDeviceFlow = {
+        run: jest.fn().mockResolvedValue(null),
+      };
+      (RedoclyOAuthDeviceFlow as jest.Mock).mockImplementation(() => mockDeviceFlow);
+
+      await expect(client.login(mockBaseUrl)).rejects.toThrow('Failed to login');
+    });
+  });
+
+  describe('logout', () => {
+    it('removes token file if it exists', async () => {
+      (fs.existsSync as jest.Mock).mockReturnValue(true);
+
+      await client.logout();
+
+      expect(fs.rmSync).toHaveBeenCalledWith(path.join(mockRedoclyDir, 'auth.json'));
+    });
+
+    it('silently fails if token file does not exist', async () => {
+      (fs.existsSync as jest.Mock).mockReturnValue(false);
+
+      await expect(client.logout()).resolves.not.toThrow();
+      expect(fs.rmSync).not.toHaveBeenCalled();
+    });
+  });
+
+  describe('isAuthorized', () => {
+    it('verifies API key if provided', async () => {
+      const mockDeviceFlow = {
+        verifyApiKey: jest.fn().mockResolvedValue(true),
+      };
+      (RedoclyOAuthDeviceFlow as jest.Mock).mockImplementation(() => mockDeviceFlow);
+
+      const result = await client.isAuthorized(mockBaseUrl, 'test-api-key');
+
+      expect(result).toBe(true);
+      expect(mockDeviceFlow.verifyApiKey).toHaveBeenCalledWith('test-api-key');
+    });
+
+    it('verifies access token if no API key provided', async () => {
+      const mockToken = { access_token: 'test-token' };
+      const mockDeviceFlow = {
+        verifyToken: jest.fn().mockResolvedValue(true),
+      };
+      (RedoclyOAuthDeviceFlow as jest.Mock).mockImplementation(() => mockDeviceFlow);
+      (fs.readFileSync as jest.Mock).mockReturnValue(
+        client['cipher'].update(JSON.stringify(mockToken), 'utf8', 'hex') +
+          client['cipher'].final('hex')
+      );
+
+      const result = await client.isAuthorized(mockBaseUrl);
+
+      expect(result).toBe(true);
+      expect(mockDeviceFlow.verifyToken).toHaveBeenCalledWith('test-token');
+    });
+
+    it('returns false if token refresh fails', async () => {
+      const mockToken = {
+        access_token: 'old-token',
+        refresh_token: 'refresh-token',
+      };
+      const mockDeviceFlow = {
+        verifyToken: jest.fn().mockResolvedValue(false),
+        refreshToken: jest.fn().mockRejectedValue(new Error('Refresh failed')),
+      };
+      (RedoclyOAuthDeviceFlow as jest.Mock).mockImplementation(() => mockDeviceFlow);
+      (fs.readFileSync as jest.Mock).mockReturnValue(
+        client['cipher'].update(JSON.stringify(mockToken), 'utf8', 'hex') +
+          client['cipher'].final('hex')
+      );
+
+      const result = await client.isAuthorized(mockBaseUrl);
+
+      expect(result).toBe(false);
+    });
+  });
+});