@sitecore-content-sdk/cli 0.2.0-beta.16 → 0.2.0-beta.18

package/dist/cjs/scripts/auth/index.js

@@ -5,6 +5,7 @@ const login_1 = require("./login");
 const logout_1 = require("./logout");
 const status_1 = require("./status");
 const list_1 = require("./list");
+const switch_1 = require("./switch");
 /**
  * Registers the `auth` command group and its subcommands (`login`, `logout`, `status`, `list`) with Yargs.
  * @param {Argv} yargs - The Yargs instance used to define CLI commands.
@@ -16,7 +17,7 @@ function builder(yargs) {
         describe: 'Performs authentication for content services',
         builder: (_yargs) => {
             return _yargs
-                .command([login_1.login, logout_1.logout, status_1.status, list_1.list])
+                .command([login_1.login, logout_1.logout, status_1.status, list_1.list, switch_1.switchTenant])
                 .strict()
                 .demandCommand(1, 'You need to specify a command to run')
                 .help();

package/dist/cjs/scripts/auth/list.js

@@ -25,7 +25,7 @@ exports.list = {
             console.log('\n No tenant information found.');
             return;
         }
-        console.log('\n Known tenants:\n');
+        console.log('\nKnown tenants:\n');
         tenants.forEach((tenant, index) => {
             console.log(`Tenant ${index + 1}:`);
             console.log(`  Tenant ID       : ${tenant.tenantId}`);

package/dist/cjs/scripts/auth/login.js

@@ -12,12 +12,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.login = exports.unitMock = void 0;
 const tools_1 = require("@sitecore-content-sdk/core/tools");
 const core_1 = require("@sitecore-content-sdk/core");
-let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow } = tools_1.auth;
+let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow, getRefreshAccessToken, pollForDeviceToken, startDeviceAuthFlow, } = tools_1.auth;
 const unitMock = (formModule) => {
     setActiveTenant = formModule.setActiveTenant;
     writeTenantAuthInfo = formModule.writeTenantAuthInfo;
     writeTenantInfo = formModule.writeTenantInfo;
     clientCredentialsFlow = formModule.clientCredentialsFlow;
+    getRefreshAccessToken = formModule.getRefreshAccessToken;
+    pollForDeviceToken = formModule.pollForDeviceToken;
+    startDeviceAuthFlow = formModule.startDeviceAuthFlow;
 };
 exports.unitMock = unitMock;
 exports.login = {
@@ -70,51 +73,90 @@ exports.login = {
         'baseUrl',
     ], 'Login Options:'),
     handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
-        const { clientId } = argv;
-        let authResult, tenantId, organizationId, tenantName;
         const { DEFAULT_SITECORE_AUTH_DOMAIN, DEFAULT_SITECORE_AUTH_AUDIENCE, DEFAULT_SITECORE_AUTH_BASE_URL, } = core_1.constants;
-        if (argv.clientSecret) {
-            try {
-                const authData = yield clientCredentialsFlow({
+        const { clientId, clientSecret, organizationId, tenantId: inputTenantId, audience = DEFAULT_SITECORE_AUTH_AUDIENCE, authority = DEFAULT_SITECORE_AUTH_DOMAIN, baseUrl = DEFAULT_SITECORE_AUTH_BASE_URL, } = argv;
+        let authResponse;
+        let tenantId;
+        let tenantName;
+        let orgId;
+        try {
+            if (clientSecret) {
+                console.log('\n Using Client Credentials Flow...');
+                const { data, tokenTenantId, tokenOrgId, tokenTenantName } = yield clientCredentialsFlow({
                     clientId,
-                    clientSecret: argv.clientSecret,
-                    organizationId: argv.organizationId,
-                    tenantId: argv.tenantId,
-                    audience: argv.audience,
-                    authority: argv.authority,
-                    baseUrl: argv.baseUrl,
+                    clientSecret,
+                    organizationId,
+                    tenantId: inputTenantId,
+                    audience,
+                    authority,
+                    baseUrl,
                 });
-                authResult = authData.data;
-                tenantId = authData.tokenTenantId;
-                organizationId = authData.tokenOrgId;
-                tenantName = authData.tokenTenantName;
+                authResponse = data;
+                tenantId = tokenTenantId;
+                orgId = tokenOrgId;
+                tenantName = tokenTenantName;
             }
-            catch (err) {
-                console.error(`\n Login failed: ${err.message}`);
-                process.exit(1);
+            else {
+                console.log('\n Using Device Authorization Flow...');
+                if (!inputTenantId) {
+                    throw new Error('\n Tenant ID is required for Device Code Flow.');
+                }
+                if (!organizationId) {
+                    throw new Error('\n Organization ID is required for Device Code Flow.');
+                }
+                const deviceAuthData = yield startDeviceAuthFlow({
+                    clientId,
+                    audience,
+                    authority,
+                    baseUrl,
+                });
+                const { device_code, user_code, verification_uri, verification_uri_complete, interval, } = deviceAuthData;
+                console.log('\n🔐 Device Authorization Started');
+                if (verification_uri_complete) {
+                    console.log(`\n 👉 Open the following URL to authenticate:\n  ${verification_uri_complete}`);
+                }
+                else {
+                    console.log(`👉 Visit: ${verification_uri}`);
+                    console.log(`🔑 Then enter the code: ${user_code}`);
+                }
+                const { refresh_token } = yield pollForDeviceToken({
+                    clientId,
+                    device_code,
+                    authority,
+                    interval,
+                });
+                // The initial device code flow does not support custom claims (e.g., tenantId, organizationId),
+                // which are required for proper token validation in our multi-tenant system.
+                // To include these claims, we immediately use the returned refresh_token to request a new
+                // access token with tenantId and organizationId explicitly provided.
+                authResponse = yield getRefreshAccessToken({
+                    clientId,
+                    refreshToken: refresh_token,
+                    tenantId: inputTenantId,
+                    organizationId,
+                    authority,
+                });
+                tenantId = inputTenantId;
+                orgId = organizationId;
+                tenantName = authResponse.tenantName;
+                console.log('\n Device Authorization Completed');
             }
+            yield writeTenantAuthInfo(tenantId || inputTenantId, Object.assign({ expires_at: new Date(Date.now() + authResponse.expires_in * 1000).toISOString() }, authResponse));
+            yield writeTenantInfo({
+                tenantId,
+                organizationId: orgId,
+                clientId,
+                tenantName,
+                authority,
+                audience,
+                baseUrl,
+            });
+            setActiveTenant(tenantId);
+            console.log(`\n Logged in successfully to tenant: ${tenantId}`);
         }
-        else {
-            // TODO: Implement Device Authorization Flow when clientSecret is not provided.
-            console.log('\n Please provide client secret for authentication.');
+        catch (error) {
+            console.error(`\n Login failed: ${error.message}`);
             process.exit(1);
         }
-        yield writeTenantAuthInfo(tenantId, {
-            clientSecret: argv.clientSecret,
-            access_token: authResult.access_token,
-            expires_in: authResult.expires_in,
-            expires_at: new Date(Date.now() + authResult.expires_in * 1000).toISOString(),
-        });
-        yield writeTenantInfo({
-            tenantId,
-            organizationId,
-            clientId,
-            tenantName,
-            authority: argv.authority || DEFAULT_SITECORE_AUTH_DOMAIN,
-            audience: argv.audience || DEFAULT_SITECORE_AUTH_AUDIENCE,
-            baseUrl: argv.baseUrl || DEFAULT_SITECORE_AUTH_BASE_URL,
-        });
-        setActiveTenant(tenantId);
-        console.info(`\n Logged in successfully to tenant ${tenantId}.`);
     }),
 };

package/dist/cjs/scripts/auth/logout.js

@@ -12,11 +12,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.logout = exports.unitMock = void 0;
 const tools_1 = require("@sitecore-content-sdk/core/tools");
 let { deleteTenantAuthInfo, getActiveTenant, clearActiveTenant, deleteKey } = tools_1.auth;
-const unitMock = (formModule) => {
-    deleteTenantAuthInfo = formModule.deleteTenantAuthInfo || deleteTenantAuthInfo;
-    getActiveTenant = formModule.getActiveTenant || getActiveTenant;
-    clearActiveTenant = formModule.clearActiveTenant || clearActiveTenant;
-    deleteKey = formModule.deleteKey || deleteKey;
+const unitMock = (authModule) => {
+    deleteTenantAuthInfo = authModule.deleteTenantAuthInfo || deleteTenantAuthInfo;
+    getActiveTenant = authModule.getActiveTenant || getActiveTenant;
+    clearActiveTenant = authModule.clearActiveTenant || clearActiveTenant;
+    deleteKey = authModule.deleteKey || deleteKey;
 };
 exports.unitMock = unitMock;
 exports.logout = {
@@ -28,9 +28,9 @@ exports.logout = {
             console.error('\n No active tenant found. Please login first.');
             return;
         }
-        deleteTenantAuthInfo(tenantId);
-        deleteKey(tenantId);
+        yield deleteTenantAuthInfo(tenantId);
+        yield deleteKey(tenantId);
         clearActiveTenant();
-        console.info(`\n Logged out from tenant ${tenantId}`);
+        console.log(`\n Logged out from tenant ${tenantId}`);
     }),
 };

package/dist/cjs/scripts/auth/status.js

@@ -12,10 +12,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.status = exports.unitMock = void 0;
 const tools_1 = require("@sitecore-content-sdk/core/tools");
 let { readTenantInfo, validateAndRenewAuthIfExpired } = tools_1.auth;
-const unitMock = (formModule) => {
-    readTenantInfo = formModule.readTenantInfo || readTenantInfo;
+const unitMock = (authModule) => {
+    readTenantInfo = authModule.readTenantInfo || readTenantInfo;
     validateAndRenewAuthIfExpired =
-        formModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
+        authModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
 };
 exports.unitMock = unitMock;
 exports.status = {
@@ -24,7 +24,7 @@ exports.status = {
     handler: () => __awaiter(void 0, void 0, void 0, function* () {
         const context = yield validateAndRenewAuthIfExpired();
         if (!context) {
-            console.log('\nNo valid authentication found. Please login.');
+            console.log('\n No valid authentication found. Please login.');
             return;
         }
         const tenantInfo = yield readTenantInfo(context.tenantId);

package/dist/cjs/scripts/auth/switch.js

@@ -0,0 +1,57 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.switchTenant = exports.unitMock = void 0;
+const tools_1 = require("@sitecore-content-sdk/core/tools");
+let { readTenantAuthInfo, validateAndRenewAuthIfExpired, setActiveTenant } = tools_1.auth;
+const unitMock = (authModule) => {
+    readTenantAuthInfo = authModule.readTenantAuthInfo || readTenantAuthInfo;
+    setActiveTenant = authModule.setActiveTenant || setActiveTenant;
+    validateAndRenewAuthIfExpired =
+        authModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
+};
+exports.unitMock = unitMock;
+exports.switchTenant = {
+    command: 'switch <tenantId>',
+    describe: 'Switch into another tenant that you have logged into previously',
+    builder: (yargs) => yargs.positional('tenantId', {
+        positional: true,
+        demandOption: true,
+        type: 'string',
+        describe: 'Tenant ID to switch into.',
+    }),
+    handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
+        const tenantId = argv.tenantId;
+        const currentContext = yield validateAndRenewAuthIfExpired();
+        if (!currentContext) {
+            console.error('\nNo valid authentication found. Please login.');
+            return;
+        }
+        if (currentContext.tenantId === tenantId) {
+            console.log(`Already in tenant: ${tenantId}`);
+            return;
+        }
+        const newTenantInfo = yield readTenantAuthInfo(tenantId);
+        if (!newTenantInfo) {
+            console.error(`Tenant info for ID '${tenantId}' not found in local storage.`);
+            console.error('Please ensure you have logged into the tenant by running the auth login command');
+            return;
+        }
+        setActiveTenant(tenantId);
+        const tenantContext = validateAndRenewAuthIfExpired();
+        if (!tenantContext) {
+            console.error(`Failed to switch to tenant '${tenantId}', remaining in tenant '${currentContext.tenantId}'.`);
+            setActiveTenant(currentContext.tenantId);
+            return;
+        }
+        console.log(`Switched to tenant: ${tenantId}`);
+    }),
+};

package/dist/esm/scripts/auth/index.js

@@ -2,6 +2,7 @@ import { login } from './login';
 import { logout } from './logout';
 import { status } from './status';
 import { list } from './list';
+import { switchTenant } from './switch';
 /**
  * Registers the `auth` command group and its subcommands (`login`, `logout`, `status`, `list`) with Yargs.
  * @param {Argv} yargs - The Yargs instance used to define CLI commands.
@@ -13,7 +14,7 @@ export function builder(yargs) {
         describe: 'Performs authentication for content services',
         builder: (_yargs) => {
             return _yargs
-                .command([login, logout, status, list])
+                .command([login, logout, status, list, switchTenant])
                 .strict()
                 .demandCommand(1, 'You need to specify a command to run')
                 .help();

package/dist/esm/scripts/auth/list.js

@@ -21,7 +21,7 @@ export const list = {
             console.log('\n No tenant information found.');
             return;
         }
-        console.log('\n Known tenants:\n');
+        console.log('\nKnown tenants:\n');
         tenants.forEach((tenant, index) => {
             console.log(`Tenant ${index + 1}:`);
             console.log(`  Tenant ID       : ${tenant.tenantId}`);

package/dist/esm/scripts/auth/login.js

@@ -9,12 +9,15 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { auth } from '@sitecore-content-sdk/core/tools';
 import { constants } from '@sitecore-content-sdk/core';
-let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow } = auth;
+let { setActiveTenant, writeTenantAuthInfo, writeTenantInfo, clientCredentialsFlow, getRefreshAccessToken, pollForDeviceToken, startDeviceAuthFlow, } = auth;
 export const unitMock = (formModule) => {
     setActiveTenant = formModule.setActiveTenant;
     writeTenantAuthInfo = formModule.writeTenantAuthInfo;
     writeTenantInfo = formModule.writeTenantInfo;
     clientCredentialsFlow = formModule.clientCredentialsFlow;
+    getRefreshAccessToken = formModule.getRefreshAccessToken;
+    pollForDeviceToken = formModule.pollForDeviceToken;
+    startDeviceAuthFlow = formModule.startDeviceAuthFlow;
 };
 export const login = {
     command: 'login',
@@ -66,51 +69,90 @@ export const login = {
         'baseUrl',
     ], 'Login Options:'),
     handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
-        const { clientId } = argv;
-        let authResult, tenantId, organizationId, tenantName;
         const { DEFAULT_SITECORE_AUTH_DOMAIN, DEFAULT_SITECORE_AUTH_AUDIENCE, DEFAULT_SITECORE_AUTH_BASE_URL, } = constants;
-        if (argv.clientSecret) {
-            try {
-                const authData = yield clientCredentialsFlow({
+        const { clientId, clientSecret, organizationId, tenantId: inputTenantId, audience = DEFAULT_SITECORE_AUTH_AUDIENCE, authority = DEFAULT_SITECORE_AUTH_DOMAIN, baseUrl = DEFAULT_SITECORE_AUTH_BASE_URL, } = argv;
+        let authResponse;
+        let tenantId;
+        let tenantName;
+        let orgId;
+        try {
+            if (clientSecret) {
+                console.log('\n Using Client Credentials Flow...');
+                const { data, tokenTenantId, tokenOrgId, tokenTenantName } = yield clientCredentialsFlow({
                     clientId,
-                    clientSecret: argv.clientSecret,
-                    organizationId: argv.organizationId,
-                    tenantId: argv.tenantId,
-                    audience: argv.audience,
-                    authority: argv.authority,
-                    baseUrl: argv.baseUrl,
+                    clientSecret,
+                    organizationId,
+                    tenantId: inputTenantId,
+                    audience,
+                    authority,
+                    baseUrl,
                 });
-                authResult = authData.data;
-                tenantId = authData.tokenTenantId;
-                organizationId = authData.tokenOrgId;
-                tenantName = authData.tokenTenantName;
+                authResponse = data;
+                tenantId = tokenTenantId;
+                orgId = tokenOrgId;
+                tenantName = tokenTenantName;
             }
-            catch (err) {
-                console.error(`\n Login failed: ${err.message}`);
-                process.exit(1);
+            else {
+                console.log('\n Using Device Authorization Flow...');
+                if (!inputTenantId) {
+                    throw new Error('\n Tenant ID is required for Device Code Flow.');
+                }
+                if (!organizationId) {
+                    throw new Error('\n Organization ID is required for Device Code Flow.');
+                }
+                const deviceAuthData = yield startDeviceAuthFlow({
+                    clientId,
+                    audience,
+                    authority,
+                    baseUrl,
+                });
+                const { device_code, user_code, verification_uri, verification_uri_complete, interval, } = deviceAuthData;
+                console.log('\n🔐 Device Authorization Started');
+                if (verification_uri_complete) {
+                    console.log(`\n 👉 Open the following URL to authenticate:\n  ${verification_uri_complete}`);
+                }
+                else {
+                    console.log(`👉 Visit: ${verification_uri}`);
+                    console.log(`🔑 Then enter the code: ${user_code}`);
+                }
+                const { refresh_token } = yield pollForDeviceToken({
+                    clientId,
+                    device_code,
+                    authority,
+                    interval,
+                });
+                // The initial device code flow does not support custom claims (e.g., tenantId, organizationId),
+                // which are required for proper token validation in our multi-tenant system.
+                // To include these claims, we immediately use the returned refresh_token to request a new
+                // access token with tenantId and organizationId explicitly provided.
+                authResponse = yield getRefreshAccessToken({
+                    clientId,
+                    refreshToken: refresh_token,
+                    tenantId: inputTenantId,
+                    organizationId,
+                    authority,
+                });
+                tenantId = inputTenantId;
+                orgId = organizationId;
+                tenantName = authResponse.tenantName;
+                console.log('\n Device Authorization Completed');
             }
+            yield writeTenantAuthInfo(tenantId || inputTenantId, Object.assign({ expires_at: new Date(Date.now() + authResponse.expires_in * 1000).toISOString() }, authResponse));
+            yield writeTenantInfo({
+                tenantId,
+                organizationId: orgId,
+                clientId,
+                tenantName,
+                authority,
+                audience,
+                baseUrl,
+            });
+            setActiveTenant(tenantId);
+            console.log(`\n Logged in successfully to tenant: ${tenantId}`);
         }
-        else {
-            // TODO: Implement Device Authorization Flow when clientSecret is not provided.
-            console.log('\n Please provide client secret for authentication.');
+        catch (error) {
+            console.error(`\n Login failed: ${error.message}`);
             process.exit(1);
         }
-        yield writeTenantAuthInfo(tenantId, {
-            clientSecret: argv.clientSecret,
-            access_token: authResult.access_token,
-            expires_in: authResult.expires_in,
-            expires_at: new Date(Date.now() + authResult.expires_in * 1000).toISOString(),
-        });
-        yield writeTenantInfo({
-            tenantId,
-            organizationId,
-            clientId,
-            tenantName,
-            authority: argv.authority || DEFAULT_SITECORE_AUTH_DOMAIN,
-            audience: argv.audience || DEFAULT_SITECORE_AUTH_AUDIENCE,
-            baseUrl: argv.baseUrl || DEFAULT_SITECORE_AUTH_BASE_URL,
-        });
-        setActiveTenant(tenantId);
-        console.info(`\n Logged in successfully to tenant ${tenantId}.`);
     }),
 };

package/dist/esm/scripts/auth/logout.js

@@ -9,11 +9,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { auth } from '@sitecore-content-sdk/core/tools';
 let { deleteTenantAuthInfo, getActiveTenant, clearActiveTenant, deleteKey } = auth;
-export const unitMock = (formModule) => {
-    deleteTenantAuthInfo = formModule.deleteTenantAuthInfo || deleteTenantAuthInfo;
-    getActiveTenant = formModule.getActiveTenant || getActiveTenant;
-    clearActiveTenant = formModule.clearActiveTenant || clearActiveTenant;
-    deleteKey = formModule.deleteKey || deleteKey;
+export const unitMock = (authModule) => {
+    deleteTenantAuthInfo = authModule.deleteTenantAuthInfo || deleteTenantAuthInfo;
+    getActiveTenant = authModule.getActiveTenant || getActiveTenant;
+    clearActiveTenant = authModule.clearActiveTenant || clearActiveTenant;
+    deleteKey = authModule.deleteKey || deleteKey;
 };
 export const logout = {
     command: 'logout',
@@ -24,9 +24,9 @@ export const logout = {
             console.error('\n No active tenant found. Please login first.');
             return;
         }
-        deleteTenantAuthInfo(tenantId);
-        deleteKey(tenantId);
+        yield deleteTenantAuthInfo(tenantId);
+        yield deleteKey(tenantId);
         clearActiveTenant();
-        console.info(`\n Logged out from tenant ${tenantId}`);
+        console.log(`\n Logged out from tenant ${tenantId}`);
     }),
 };

package/dist/esm/scripts/auth/status.js

@@ -9,10 +9,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { auth } from '@sitecore-content-sdk/core/tools';
 let { readTenantInfo, validateAndRenewAuthIfExpired } = auth;
-export const unitMock = (formModule) => {
-    readTenantInfo = formModule.readTenantInfo || readTenantInfo;
+export const unitMock = (authModule) => {
+    readTenantInfo = authModule.readTenantInfo || readTenantInfo;
     validateAndRenewAuthIfExpired =
-        formModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
+        authModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
 };
 export const status = {
     command: 'status',
@@ -20,7 +20,7 @@ export const status = {
     handler: () => __awaiter(void 0, void 0, void 0, function* () {
         const context = yield validateAndRenewAuthIfExpired();
         if (!context) {
-            console.log('\nNo valid authentication found. Please login.');
+            console.log('\n No valid authentication found. Please login.');
             return;
         }
         const tenantInfo = yield readTenantInfo(context.tenantId);

package/dist/esm/scripts/auth/switch.js

@@ -0,0 +1,53 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { auth } from '@sitecore-content-sdk/core/tools';
+let { readTenantAuthInfo, validateAndRenewAuthIfExpired, setActiveTenant } = auth;
+export const unitMock = (authModule) => {
+    readTenantAuthInfo = authModule.readTenantAuthInfo || readTenantAuthInfo;
+    setActiveTenant = authModule.setActiveTenant || setActiveTenant;
+    validateAndRenewAuthIfExpired =
+        authModule.validateAndRenewAuthIfExpired || validateAndRenewAuthIfExpired;
+};
+export const switchTenant = {
+    command: 'switch <tenantId>',
+    describe: 'Switch into another tenant that you have logged into previously',
+    builder: (yargs) => yargs.positional('tenantId', {
+        positional: true,
+        demandOption: true,
+        type: 'string',
+        describe: 'Tenant ID to switch into.',
+    }),
+    handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
+        const tenantId = argv.tenantId;
+        const currentContext = yield validateAndRenewAuthIfExpired();
+        if (!currentContext) {
+            console.error('\nNo valid authentication found. Please login.');
+            return;
+        }
+        if (currentContext.tenantId === tenantId) {
+            console.log(`Already in tenant: ${tenantId}`);
+            return;
+        }
+        const newTenantInfo = yield readTenantAuthInfo(tenantId);
+        if (!newTenantInfo) {
+            console.error(`Tenant info for ID '${tenantId}' not found in local storage.`);
+            console.error('Please ensure you have logged into the tenant by running the auth login command');
+            return;
+        }
+        setActiveTenant(tenantId);
+        const tenantContext = validateAndRenewAuthIfExpired();
+        if (!tenantContext) {
+            console.error(`Failed to switch to tenant '${tenantId}', remaining in tenant '${currentContext.tenantId}'.`);
+            setActiveTenant(currentContext.tenantId);
+            return;
+        }
+        console.log(`Switched to tenant: ${tenantId}`);
+    }),
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sitecore-content-sdk/cli",
-  "version": "0.2.0-beta.16",
+  "version": "0.2.0-beta.18",
   "description": "Sitecore Content SDK CLI",
   "main": "dist/cjs/cli.js",
   "module": "dist/esm/cli.js",
@@ -34,7 +34,7 @@
     "url": "https://github.com/sitecore/content-sdk/issues"
   },
   "dependencies": {
-    "@sitecore-content-sdk/core": "0.2.0-beta.16",
+    "@sitecore-content-sdk/core": "0.2.0-beta.18",
     "dotenv": "^16.5.0",
     "dotenv-expand": "^12.0.2",
     "resolve": "^1.22.10",
@@ -60,7 +60,7 @@
     "ts-node": "^10.9.1",
     "typescript": "~5.8.3"
   },
-  "gitHead": "c3fdb664842dd1bf000cb6bca7c55cf6d33ff446",
+  "gitHead": "358368ae9455c999c64af4cf63d7daef08a4fcb1",
   "files": [
     "dist",
     "types"

package/types/scripts/auth/logout.d.ts

@@ -1,3 +1,3 @@
 import { CommandModule } from 'yargs';
-export declare const unitMock: (formModule: any) => void;
+export declare const unitMock: (authModule: any) => void;
 export declare const logout: CommandModule;

package/types/scripts/auth/status.d.ts

@@ -1,3 +1,3 @@
 import { CommandModule } from 'yargs';
-export declare const unitMock: (formModule: any) => void;
+export declare const unitMock: (authModule: any) => void;
 export declare const status: CommandModule;

package/types/scripts/auth/switch.d.ts

@@ -0,0 +1,5 @@
+import { CommandModule } from 'yargs';
+import { TenantInfo } from '@sitecore-content-sdk/core/tools';
+export declare const unitMock: (authModule: any) => void;
+export type SwitchArgs = Pick<TenantInfo, 'tenantId'>;
+export declare const switchTenant: CommandModule<object, SwitchArgs>;