@robinmordasiewicz/f5xc-xcsh 6.39.0 → 6.40.0

package/dist/index.js

@@ -45354,8 +45354,8 @@ function getLogoModeFromEnv(envPrefix) {
 var CLI_NAME = "xcsh";
 var CLI_FULL_NAME = "F5 Distributed Cloud Shell";
 function getVersion() {
-  if ("6.39.0") {
-    return "6.39.0";
+  if ("6.40.0") {
+    return "6.40.0";
   }
   if (process.env.XCSH_VERSION) {
     return process.env.XCSH_VERSION;
@@ -45791,6 +45791,9 @@ var APIClient = class {
   timeout;
   debug;
   retryConfig;
+  // Token validation state
+  _isValidated = false;
+  _validationError = null;
   constructor(config) {
     this.serverUrl = config.serverUrl.replace(/\/+$/, "");
     this.apiToken = config.apiToken ?? "";
@@ -45802,11 +45805,64 @@ var APIClient = class {
     };
   }
   /**
-   * Check if client has authentication configured
+   * Check if client has authentication configured (token exists).
+   * Note: This does NOT verify the token is valid. Use isValidated() for that.
    */
   isAuthenticated() {
     return this.apiToken !== "";
   }
+  /**
+   * Validate the API token by making a lightweight API call.
+   * Returns true if token is valid, false otherwise.
+   */
+  async validateToken() {
+    if (!this.apiToken) {
+      this._isValidated = false;
+      this._validationError = "No API token configured";
+      return { valid: false, error: this._validationError };
+    }
+    try {
+      await this.get("/api/web/namespaces");
+      this._isValidated = true;
+      this._validationError = null;
+      return { valid: true };
+    } catch (error) {
+      this._isValidated = false;
+      if (error instanceof APIError) {
+        if (error.statusCode === 401) {
+          this._validationError = "Invalid or expired API token";
+        } else if (error.statusCode === 403) {
+          this._validationError = "Token lacks required permissions";
+        } else if (error.statusCode === 0) {
+          this._validationError = "Network error - could not reach server";
+        } else {
+          this._validationError = `Validation failed: HTTP ${error.statusCode}`;
+        }
+      } else {
+        this._validationError = "Validation failed: Unknown error";
+      }
+      return { valid: false, error: this._validationError };
+    }
+  }
+  /**
+   * Check if client has a validated (verified working) token
+   */
+  isValidated() {
+    return this._isValidated;
+  }
+  /**
+   * Get the validation error message, if any
+   */
+  getValidationError() {
+    return this._validationError;
+  }
+  /**
+   * Clear validation state (called on profile switch)
+   */
+  clearValidationCache() {
+    this._isValidated = false;
+    this._validationError = null;
+  }
   /**
    * Get the server URL
    */
@@ -46766,6 +46822,9 @@ var REPLSession = class {
   _activeProfileName = null;
   _namespaceCache = [];
   _namespaceCacheTime = 0;
+  // Token validation state
+  _tokenValidated = false;
+  _validationError = null;
   constructor(config = {}) {
     this._namespace = config.namespace ?? this.getDefaultNamespace();
     this._contextPath = new ContextPath();
@@ -46801,7 +46860,12 @@ var REPLSession = class {
     }
     await this.loadActiveProfile();
     if (this._apiClient?.isAuthenticated()) {
-      await this.fetchUserInfo();
+      const result = await this._apiClient.validateToken();
+      this._tokenValidated = result.valid;
+      this._validationError = result.error ?? null;
+      if (result.valid) {
+        await this.fetchUserInfo();
+      }
     }
   }
   /**
@@ -46963,6 +47027,18 @@ var REPLSession = class {
   isAuthenticated() {
     return this._apiClient?.isAuthenticated() ?? false;
   }
+  /**
+   * Check if the token has been validated (verified working)
+   */
+  isTokenValidated() {
+    return this._tokenValidated;
+  }
+  /**
+   * Get the token validation error, if any
+   */
+  getValidationError() {
+    return this._validationError;
+  }
   /**
    * Get the API client
    */
@@ -47018,6 +47094,8 @@ var REPLSession = class {
       return false;
     }
     this.clearNamespaceCache();
+    this._tokenValidated = false;
+    this._validationError = null;
     this._activeProfileName = profileName;
     this._activeProfile = profile;
     if (profile.apiUrl) {
@@ -47036,6 +47114,11 @@ var REPLSession = class {
         apiToken: this._apiToken,
         debug: this._debug
       });
+      if (this._apiClient.isAuthenticated()) {
+        const validationResult = await this._apiClient.validateToken();
+        this._tokenValidated = validationResult.valid;
+        this._validationError = validationResult.error ?? null;
+      }
     } else {
       this._apiClient = null;
     }
@@ -48390,6 +48473,18 @@ function extractTenantFromUrl(url) {
     return "unknown";
   }
 }
+function getAuthStatusValue(info, colorStatus) {
+  if (!info.hasToken) {
+    return colorStatus("\u2717 No token", false);
+  }
+  if (info.isValidated) {
+    return colorStatus("\u2713 Authenticated", true);
+  }
+  if (info.validationError) {
+    return colorStatus(`\u2717 ${info.validationError}`, false);
+  }
+  return colorStatus("\u26A0 Token not verified", false);
+}
 function formatConnectionTable(info, noColor = false) {
   const useColors = shouldUseColors(void 0, noColor);
   const box = useColors ? UNICODE_BOX2 : ASCII_BOX2;
@@ -48404,7 +48499,7 @@ function formatConnectionTable(info, noColor = false) {
     { label: "API URL", value: info.apiUrl },
     {
       label: "Auth",
-      value: info.hasToken ? colorStatus("\u2713 Token configured", true) : colorStatus("\u2717 No token", false)
+      value: getAuthStatusValue(info, colorStatus)
     },
     { label: "Namespace", value: info.namespace || "default" },
     {
@@ -48445,8 +48540,8 @@ function formatConnectionTable(info, noColor = false) {
 function stripAnsi2(str) {
   return str.replace(/\x1b\[[0-9;]*m/g, "");
 }
-function buildConnectionInfo(profileName, apiUrl, hasToken, namespace, isConnected) {
-  return {
+function buildConnectionInfo(profileName, apiUrl, hasToken, namespace, isConnected, isValidated, validationError) {
+  const info = {
     profileName,
     tenant: extractTenantFromUrl(apiUrl),
     apiUrl,
@@ -48454,6 +48549,13 @@ function buildConnectionInfo(profileName, apiUrl, hasToken, namespace, isConnect
     namespace,
     isConnected
   };
+  if (isValidated !== void 0) {
+    info.isValidated = isValidated;
+  }
+  if (validationError) {
+    info.validationError = validationError;
+  }
+  return info;
 }
 
 // src/domains/login/profile/create.ts
@@ -48568,7 +48670,9 @@ var useCommand = {
         profile?.apiUrl || "",
         !!profile?.apiToken,
         profile?.defaultNamespace || session.getNamespace(),
-        session.isAuthenticated()
+        session.isAuthenticated(),
+        session.isTokenValidated(),
+        session.getValidationError() ?? void 0
       );
       const tableLines = formatConnectionTable(connectionInfo);
       return successResult(
@@ -49260,6 +49364,14 @@ async function getWhoamiInfo(session, _options = {}) {
     namespace: session.getNamespace(),
     isAuthenticated: session.isAuthenticated()
   };
+  const isValidated = session.isTokenValidated();
+  const validationError = session.getValidationError();
+  if (isValidated !== void 0) {
+    info.isValidated = isValidated;
+  }
+  if (validationError) {
+    info.validationError = validationError;
+  }
   if (!info.isAuthenticated) {
     return info;
   }
@@ -49298,6 +49410,18 @@ function formatWhoamiJson(info) {
   output.isAuthenticated = info.isAuthenticated;
   return [JSON.stringify(output, null, 2)];
 }
+function getAuthStatusDisplay(info) {
+  if (!info.isAuthenticated) {
+    return "Not authenticated";
+  }
+  if (info.isValidated) {
+    return "\u2713 Authenticated";
+  }
+  if (info.validationError) {
+    return `\u2717 ${info.validationError}`;
+  }
+  return "\u26A0 Token not verified";
+}
 function formatWhoamiBox(info) {
   const lines = [];
   const red = colors.red;
@@ -49323,7 +49447,7 @@ function formatWhoamiBox(info) {
   contentLines.push({ label: "Server", value: info.serverUrl });
   contentLines.push({
     label: "Auth",
-    value: info.isAuthenticated ? "\u2713 Authenticated" : "Not authenticated"
+    value: getAuthStatusDisplay(info)
   });
   const maxLabelWidth = Math.max(...contentLines.map((c) => c.label.length));
   const formattedContent = contentLines.map((c) => {
@@ -53055,6 +53179,12 @@ program2.name(CLI_NAME).description("F5 Distributed Cloud Shell - Interactive CL
       await session.initialize();
       process.stdout.write("\r\x1B[K");
       renderBanner(cliLogoMode, "startup");
+      if (session.isAuthenticated() && !session.isTokenValidated() && session.getValidationError()) {
+        console.log("");
+        console.log(
+          `${colors.yellow}Warning: ${session.getValidationError()}${colors.reset}`
+        );
+      }
       const profiles = await session.getProfileManager().list();
       const envConfigured = process.env[`${ENV_PREFIX}_API_URL`] && process.env[`${ENV_PREFIX}_API_TOKEN`];
       if (profiles.length === 0 && !envConfigured) {
@@ -53092,6 +53222,11 @@ program2.name(CLI_NAME).description("F5 Distributed Cloud Shell - Interactive CL
 async function executeNonInteractive(args) {
   const session = new REPLSession();
   await session.initialize();
+  if (session.isAuthenticated() && !session.isTokenValidated() && session.getValidationError()) {
+    console.error(
+      `${colors.yellow}Warning: ${session.getValidationError()}${colors.reset}`
+    );
+  }
   const command = args.join(" ");
   const result = await executeCommand(command, session);
   result.output.forEach((line) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@robinmordasiewicz/f5xc-xcsh",
-  "version": "6.39.0",
+  "version": "6.40.0",
   "description": "F5 Distributed Cloud Shell - Interactive CLI for F5 XC",
   "type": "module",
   "bin": {