npm - @sitecore-content-sdk/cli - Versions diffs - 0.2.0-beta.15 → 0.2.0-beta.17 - Mend

@sitecore-content-sdk/cli 0.2.0-beta.15 → 0.2.0-beta.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/cjs/scripts/auth/list.js +1 -1
package/dist/cjs/scripts/auth/login.js +81 -39
package/dist/cjs/scripts/auth/logout.js +5 -3
package/dist/cjs/scripts/auth/status.js +4 -3
package/dist/esm/scripts/auth/list.js +1 -1
package/dist/esm/scripts/auth/login.js +81 -39
package/dist/esm/scripts/auth/logout.js +5 -3
package/dist/esm/scripts/auth/status.js +4 -3
package/package.json +3 -3

package/dist/cjs/scripts/auth/list.js CHANGED Viewed

@@ -25,7 +25,7 @@ exports.list = {
             console.log('\n No tenant information found.');
             return;
         }
-        console.log('\n Known tenants:\n');
+        console.log('\nKnown tenants:\n');
         tenants.forEach((tenant, index) => {
             console.log(`Tenant ${index + 1}:`);
             console.log(`  Tenant ID       : ${tenant.tenantId}`);

package/dist/cjs/scripts/auth/login.js CHANGED Viewed

@@ -12,12 +12,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.login = exports.unitMock = void 0;
 const tools_1 = require("@sitecore-content-sdk/core/tools");
 const core_1 = require("@sitecore-content-sdk/core");
-let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow } = tools_1.auth;
+let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow, getRefreshAccessToken, pollForDeviceToken, startDeviceAuthFlow, } = tools_1.auth;
 const unitMock = (formModule) => {
     setActiveTenant = formModule.setActiveTenant;
     writeTenantAuthInfo = formModule.writeTenantAuthInfo;
     writeTenantInfo = formModule.writeTenantInfo;
     clientCredentialsFlow = formModule.clientCredentialsFlow;
+    getRefreshAccessToken = formModule.getRefreshAccessToken;
+    pollForDeviceToken = formModule.pollForDeviceToken;
+    startDeviceAuthFlow = formModule.startDeviceAuthFlow;
 };
 exports.unitMock = unitMock;
 exports.login = {
@@ -70,51 +73,90 @@ exports.login = {
         'baseUrl',
     ], 'Login Options:'),
     handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
-        const { clientId } = argv;
-        let authResult, tenantId, organizationId, tenantName;
         const { DEFAULT_SITECORE_AUTH_DOMAIN, DEFAULT_SITECORE_AUTH_AUDIENCE, DEFAULT_SITECORE_AUTH_BASE_URL, } = core_1.constants;
-        if (argv.clientSecret) {
-            try {
-                const authData = yield clientCredentialsFlow({
+        const { clientId, clientSecret, organizationId, tenantId: inputTenantId, audience = DEFAULT_SITECORE_AUTH_AUDIENCE, authority = DEFAULT_SITECORE_AUTH_DOMAIN, baseUrl = DEFAULT_SITECORE_AUTH_BASE_URL, } = argv;
+        let authResponse;
+        let tenantId;
+        let tenantName;
+        let orgId;
+        try {
+            if (clientSecret) {
+                console.log('\n Using Client Credentials Flow...');
+                const { data, tokenTenantId, tokenOrgId, tokenTenantName } = yield clientCredentialsFlow({
                     clientId,
-                    clientSecret: argv.clientSecret,
-                    organizationId: argv.organizationId,
-                    tenantId: argv.tenantId,
-                    audience: argv.audience,
-                    authority: argv.authority,
-                    baseUrl: argv.baseUrl,
+                    clientSecret,
+                    organizationId,
+                    tenantId: inputTenantId,
+                    audience,
+                    authority,
+                    baseUrl,
                 });
-                authResult = authData.data;
-                tenantId = authData.tokenTenantId;
-                organizationId = authData.tokenOrgId;
-                tenantName = authData.tokenTenantName;
+                authResponse = data;
+                tenantId = tokenTenantId;
+                orgId = tokenOrgId;
+                tenantName = tokenTenantName;
             }
-            catch (err) {
-                console.error(`\n Login failed: ${err.message}`);
-                process.exit(1);
+            else {
+                console.log('\n Using Device Authorization Flow...');
+                if (!inputTenantId) {
+                    throw new Error('\n Tenant ID is required for Device Code Flow.');
+                }
+                if (!organizationId) {
+                    throw new Error('\n Organization ID is required for Device Code Flow.');
+                }
+                const deviceAuthData = yield startDeviceAuthFlow({
+                    clientId,
+                    audience,
+                    authority,
+                    baseUrl,
+                });
+                const { device_code, user_code, verification_uri, verification_uri_complete, interval, } = deviceAuthData;
+                console.log('\n🔐 Device Authorization Started');
+                if (verification_uri_complete) {
+                    console.log(`\n 👉 Open the following URL to authenticate:\n  ${verification_uri_complete}`);
+                }
+                else {
+                    console.log(`👉 Visit: ${verification_uri}`);
+                    console.log(`🔑 Then enter the code: ${user_code}`);
+                }
+                const { refresh_token } = yield pollForDeviceToken({
+                    clientId,
+                    device_code,
+                    authority,
+                    interval,
+                });
+                // The initial device code flow does not support custom claims (e.g., tenantId, organizationId),
+                // which are required for proper token validation in our multi-tenant system.
+                // To include these claims, we immediately use the returned refresh_token to request a new
+                // access token with tenantId and organizationId explicitly provided.
+                authResponse = yield getRefreshAccessToken({
+                    clientId,
+                    refreshToken: refresh_token,
+                    tenantId: inputTenantId,
+                    organizationId,
+                    authority,
+                });
+                tenantId = inputTenantId;
+                orgId = organizationId;
+                tenantName = authResponse.tenantName;
+                console.log('\n Device Authorization Completed');
             }
+            yield writeTenantAuthInfo(tenantId || inputTenantId, Object.assign({ expires_at: new Date(Date.now() + authResponse.expires_in * 1000).toISOString() }, authResponse));
+            yield writeTenantInfo({
+                tenantId,
+                organizationId: orgId,
+                clientId,
+                tenantName,
+                authority,
+                audience,
+                baseUrl,
+            });
+            setActiveTenant(tenantId);
+            console.log(`\n Logged in successfully to tenant: ${tenantId}`);
         }
-        else {
-            // TODO: Implement Device Authorization Flow when clientSecret is not provided.
-            console.log('\n Please provide client secret for authentication.');
+        catch (error) {
+            console.error(`\n Login failed: ${error.message}`);
             process.exit(1);
         }
-        yield writeTenantAuthInfo(tenantId, {
-            clientSecret: argv.clientSecret,
-            access_token: authResult.access_token,
-            expires_in: authResult.expires_in,
-            expires_at: new Date(Date.now() + authResult.expires_in * 1000).toISOString(),
-        });
-        yield writeTenantInfo({
-            tenantId,
-            organizationId,
-            clientId,
-            tenantName,
-            authority: argv.authority || DEFAULT_SITECORE_AUTH_DOMAIN,
-            audience: argv.audience || DEFAULT_SITECORE_AUTH_AUDIENCE,
-            baseUrl: argv.baseUrl || DEFAULT_SITECORE_AUTH_BASE_URL,
-        });
-        setActiveTenant(tenantId);
-        console.info(`\n Logged in successfully to tenant ${tenantId}.`);
     }),
 };

package/dist/cjs/scripts/auth/logout.js CHANGED Viewed

@@ -11,11 +11,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.logout = exports.unitMock = void 0;
 const tools_1 = require("@sitecore-content-sdk/core/tools");
-let { deleteTenantAuthInfo, getActiveTenant, clearActiveTenant } = tools_1.auth;
+let { deleteTenantAuthInfo, getActiveTenant, clearActiveTenant, deleteKey } = tools_1.auth;
 const unitMock = (formModule) => {
     deleteTenantAuthInfo = formModule.deleteTenantAuthInfo || deleteTenantAuthInfo;
     getActiveTenant = formModule.getActiveTenant || getActiveTenant;
     clearActiveTenant = formModule.clearActiveTenant || clearActiveTenant;
+    deleteKey = formModule.deleteKey || deleteKey;
 };
 exports.unitMock = unitMock;
 exports.logout = {
@@ -27,8 +28,9 @@ exports.logout = {
             console.error('\n No active tenant found. Please login first.');
             return;
         }
+        yield deleteTenantAuthInfo(tenantId);
+        yield deleteKey(tenantId);
         clearActiveTenant();
-        deleteTenantAuthInfo(tenantId);
-        console.info(`\n Logged out from tenant ${tenantId}`);
+        console.log(`\n Logged out from tenant ${tenantId}`);
     }),
 };

package/dist/cjs/scripts/auth/status.js CHANGED Viewed

@@ -11,17 +11,18 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.status = exports.unitMock = void 0;
 const tools_1 = require("@sitecore-content-sdk/core/tools");
-let { readTenantInfo, renewAuthIfExpired } = tools_1.auth;
+let { readTenantInfo, validateAndRenewAuthIfExpired } = tools_1.auth;
 const unitMock = (formModule) => {
     readTenantInfo = formModule.readTenantInfo || readTenantInfo;
-    renewAuthIfExpired = formModule.renewAuthIfExpired || renewAuthIfExpired;
+    validateAndRenewAuthIfExpired =
+        formModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
 };
 exports.unitMock = unitMock;
 exports.status = {
     command: 'status',
     describe: 'Show current status of active tenant',
     handler: () => __awaiter(void 0, void 0, void 0, function* () {
-        const context = yield renewAuthIfExpired();
+        const context = yield validateAndRenewAuthIfExpired();
         if (!context) {
             console.log('\n No valid authentication found. Please login.');
             return;

package/dist/esm/scripts/auth/list.js CHANGED Viewed

@@ -21,7 +21,7 @@ export const list = {
             console.log('\n No tenant information found.');
             return;
         }
-        console.log('\n Known tenants:\n');
+        console.log('\nKnown tenants:\n');
         tenants.forEach((tenant, index) => {
             console.log(`Tenant ${index + 1}:`);
             console.log(`  Tenant ID       : ${tenant.tenantId}`);

package/dist/esm/scripts/auth/login.js CHANGED Viewed

@@ -9,12 +9,15 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { auth } from '@sitecore-content-sdk/core/tools';
 import { constants } from '@sitecore-content-sdk/core';
-let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow } = auth;
+let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow, getRefreshAccessToken, pollForDeviceToken, startDeviceAuthFlow, } = auth;
 export const unitMock = (formModule) => {
     setActiveTenant = formModule.setActiveTenant;
     writeTenantAuthInfo = formModule.writeTenantAuthInfo;
     writeTenantInfo = formModule.writeTenantInfo;
     clientCredentialsFlow = formModule.clientCredentialsFlow;
+    getRefreshAccessToken = formModule.getRefreshAccessToken;
+    pollForDeviceToken = formModule.pollForDeviceToken;
+    startDeviceAuthFlow = formModule.startDeviceAuthFlow;
 };
 export const login = {
     command: 'login',
@@ -66,51 +69,90 @@ export const login = {
         'baseUrl',
     ], 'Login Options:'),
     handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
-        const { clientId } = argv;
-        let authResult, tenantId, organizationId, tenantName;
         const { DEFAULT_SITECORE_AUTH_DOMAIN, DEFAULT_SITECORE_AUTH_AUDIENCE, DEFAULT_SITECORE_AUTH_BASE_URL, } = constants;
-        if (argv.clientSecret) {
-            try {
-                const authData = yield clientCredentialsFlow({
+        const { clientId, clientSecret, organizationId, tenantId: inputTenantId, audience = DEFAULT_SITECORE_AUTH_AUDIENCE, authority = DEFAULT_SITECORE_AUTH_DOMAIN, baseUrl = DEFAULT_SITECORE_AUTH_BASE_URL, } = argv;
+        let authResponse;
+        let tenantId;
+        let tenantName;
+        let orgId;
+        try {
+            if (clientSecret) {
+                console.log('\n Using Client Credentials Flow...');
+                const { data, tokenTenantId, tokenOrgId, tokenTenantName } = yield clientCredentialsFlow({
                     clientId,
-                    clientSecret: argv.clientSecret,
-                    organizationId: argv.organizationId,
-                    tenantId: argv.tenantId,
-                    audience: argv.audience,
-                    authority: argv.authority,
-                    baseUrl: argv.baseUrl,
+                    clientSecret,
+                    organizationId,
+                    tenantId: inputTenantId,
+                    audience,
+                    authority,
+                    baseUrl,
                 });
-                authResult = authData.data;
-                tenantId = authData.tokenTenantId;
-                organizationId = authData.tokenOrgId;
-                tenantName = authData.tokenTenantName;
+                authResponse = data;
+                tenantId = tokenTenantId;
+                orgId = tokenOrgId;
+                tenantName = tokenTenantName;
             }
-            catch (err) {
-                console.error(`\n Login failed: ${err.message}`);
-                process.exit(1);
+            else {
+                console.log('\n Using Device Authorization Flow...');
+                if (!inputTenantId) {
+                    throw new Error('\n Tenant ID is required for Device Code Flow.');
+                }
+                if (!organizationId) {
+                    throw new Error('\n Organization ID is required for Device Code Flow.');
+                }
+                const deviceAuthData = yield startDeviceAuthFlow({
+                    clientId,
+                    audience,
+                    authority,
+                    baseUrl,
+                });
+                const { device_code, user_code, verification_uri, verification_uri_complete, interval, } = deviceAuthData;
+                console.log('\n🔐 Device Authorization Started');
+                if (verification_uri_complete) {
+                    console.log(`\n 👉 Open the following URL to authenticate:\n  ${verification_uri_complete}`);
+                }
+                else {
+                    console.log(`👉 Visit: ${verification_uri}`);
+                    console.log(`🔑 Then enter the code: ${user_code}`);
+                }
+                const { refresh_token } = yield pollForDeviceToken({
+                    clientId,
+                    device_code,
+                    authority,
+                    interval,
+                });
+                // The initial device code flow does not support custom claims (e.g., tenantId, organizationId),
+                // which are required for proper token validation in our multi-tenant system.
+                // To include these claims, we immediately use the returned refresh_token to request a new
+                // access token with tenantId and organizationId explicitly provided.
+                authResponse = yield getRefreshAccessToken({
+                    clientId,
+                    refreshToken: refresh_token,
+                    tenantId: inputTenantId,
+                    organizationId,
+                    authority,
+                });
+                tenantId = inputTenantId;
+                orgId = organizationId;
+                tenantName = authResponse.tenantName;
+                console.log('\n Device Authorization Completed');
             }
+            yield writeTenantAuthInfo(tenantId || inputTenantId, Object.assign({ expires_at: new Date(Date.now() + authResponse.expires_in * 1000).toISOString() }, authResponse));
+            yield writeTenantInfo({
+                tenantId,
+                organizationId: orgId,
+                clientId,
+                tenantName,
+                authority,
+                audience,
+                baseUrl,
+            });
+            setActiveTenant(tenantId);
+            console.log(`\n Logged in successfully to tenant: ${tenantId}`);
         }
-        else {
-            // TODO: Implement Device Authorization Flow when clientSecret is not provided.
-            console.log('\n Please provide client secret for authentication.');
+        catch (error) {
+            console.error(`\n Login failed: ${error.message}`);
             process.exit(1);
         }
-        yield writeTenantAuthInfo(tenantId, {
-            clientSecret: argv.clientSecret,
-            access_token: authResult.access_token,
-            expires_in: authResult.expires_in,
-            expires_at: new Date(Date.now() + authResult.expires_in * 1000).toISOString(),
-        });
-        yield writeTenantInfo({
-            tenantId,
-            organizationId,
-            clientId,
-            tenantName,
-            authority: argv.authority || DEFAULT_SITECORE_AUTH_DOMAIN,
-            audience: argv.audience || DEFAULT_SITECORE_AUTH_AUDIENCE,
-            baseUrl: argv.baseUrl || DEFAULT_SITECORE_AUTH_BASE_URL,
-        });
-        setActiveTenant(tenantId);
-        console.info(`\n Logged in successfully to tenant ${tenantId}.`);
     }),
 };

package/dist/esm/scripts/auth/logout.js CHANGED Viewed

@@ -8,11 +8,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 import { auth } from '@sitecore-content-sdk/core/tools';
-let { deleteTenantAuthInfo, getActiveTenant, clearActiveTenant } = auth;
+let { deleteTenantAuthInfo, getActiveTenant, clearActiveTenant, deleteKey } = auth;
 export const unitMock = (formModule) => {
     deleteTenantAuthInfo = formModule.deleteTenantAuthInfo || deleteTenantAuthInfo;
     getActiveTenant = formModule.getActiveTenant || getActiveTenant;
     clearActiveTenant = formModule.clearActiveTenant || clearActiveTenant;
+    deleteKey = formModule.deleteKey || deleteKey;
 };
 export const logout = {
     command: 'logout',
@@ -23,8 +24,9 @@ export const logout = {
             console.error('\n No active tenant found. Please login first.');
             return;
         }
+        yield deleteTenantAuthInfo(tenantId);
+        yield deleteKey(tenantId);
         clearActiveTenant();
-        deleteTenantAuthInfo(tenantId);
-        console.info(`\n Logged out from tenant ${tenantId}`);
+        console.log(`\n Logged out from tenant ${tenantId}`);
     }),
 };

package/dist/esm/scripts/auth/status.js CHANGED Viewed

@@ -8,16 +8,17 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 import { auth } from '@sitecore-content-sdk/core/tools';
-let { readTenantInfo, renewAuthIfExpired } = auth;
+let { readTenantInfo, validateAndRenewAuthIfExpired } = auth;
 export const unitMock = (formModule) => {
     readTenantInfo = formModule.readTenantInfo || readTenantInfo;
-    renewAuthIfExpired = formModule.renewAuthIfExpired || renewAuthIfExpired;
+    validateAndRenewAuthIfExpired =
+        formModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
 };
 export const status = {
     command: 'status',
     describe: 'Show current status of active tenant',
     handler: () => __awaiter(void 0, void 0, void 0, function* () {
-        const context = yield renewAuthIfExpired();
+        const context = yield validateAndRenewAuthIfExpired();
         if (!context) {
             console.log('\n No valid authentication found. Please login.');
             return;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sitecore-content-sdk/cli",
-  "version": "0.2.0-beta.15",
+  "version": "0.2.0-beta.17",
   "description": "Sitecore Content SDK CLI",
   "main": "dist/cjs/cli.js",
   "module": "dist/esm/cli.js",
@@ -34,7 +34,7 @@
     "url": "https://github.com/sitecore/content-sdk/issues"
   },
   "dependencies": {
-    "@sitecore-content-sdk/core": "0.2.0-beta.15",
+    "@sitecore-content-sdk/core": "0.2.0-beta.17",
     "dotenv": "^16.5.0",
     "dotenv-expand": "^12.0.2",
     "resolve": "^1.22.10",
@@ -60,7 +60,7 @@
     "ts-node": "^10.9.1",
     "typescript": "~5.8.3"
   },
-  "gitHead": "bd5745567f36adecc31440fa4bb53062a8ac0f2d",
+  "gitHead": "040c17b860375d6692dde718e9e5dec9f4a09c04",
   "files": [
     "dist",
     "types"