@unito/integration-cli 0.55.5 → 0.56.1

package/dist/src/errors.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.handleError = exports.ConfigurationInvalid = exports.EntryDecryptionError = exports.DecryptionAuthenticationError = exports.AuthenticationFailed = exports.MissingApiKey = exports.FileSizeExceeded = exports.MissingCredentialsError = exports.InvalidRequestContentTypeError = exports.FailedToRetrieveAccessTokenError = exports.NoRefreshTokenError = exports.MissingEnvironmentVariableError = exports.ConfigurationMalformed = exports.NoConfigurationFileError = exports.NoIntegrationFoundError = void 0;
+exports.handleError = exports.ConfigurationInvalid = exports.EntryDecryptionError = exports.DecryptionAuthenticationError = exports.AuthenticationFailed = exports.MissingApiKey = exports.FileSizeExceeded = exports.MissingAuth2AuthorizationError = exports.MissingCredentialsError = exports.InvalidRequestContentTypeError = exports.FailedToRetrieveAccessTokenError = exports.NoRefreshTokenError = exports.MissingEnvironmentVariableError = exports.ConfigurationMalformed = exports.NoConfigurationFileError = exports.NoIntegrationFoundError = void 0;
 const tslib_1 = require("tslib");
 const core_1 = require("@oclif/core");
 const chalk_1 = tslib_1.__importDefault(require("chalk"));
@@ -32,6 +32,9 @@ exports.InvalidRequestContentTypeError = InvalidRequestContentTypeError;
 class MissingCredentialsError extends Error {
 }
 exports.MissingCredentialsError = MissingCredentialsError;
+class MissingAuth2AuthorizationError extends Error {
+}
+exports.MissingAuth2AuthorizationError = MissingAuth2AuthorizationError;
 class FileSizeExceeded extends Error {
 }
 exports.FileSizeExceeded = FileSizeExceeded;
@@ -71,87 +74,94 @@ class ConfigurationInvalid extends Error {
     }
 }
 exports.ConfigurationInvalid = ConfigurationInvalid;
-function handleError(error) {
+function handleError(command, error) {
     /* istanbul ignore if */
     if (core_1.ux.action.running) {
         core_1.ux.action.stop(chalk_1.default.redBright('failed'));
     }
     let handled = false;
     if (error instanceof NoIntegrationFoundError) {
-        core_1.ux.log(chalk_1.default.redBright('Your directory does not seem to contain an integration :('));
-        core_1.ux.log(`Make sure you are in the right directory and that you have a ${chalk_1.default.yellowBright(configuration_1.DEFAULT_CONFIGURATION_NAME)} file.`);
+        command.logToStderr(chalk_1.default.redBright('Your directory does not seem to contain an integration :('));
+        command.logToStderr(`Make sure you are in the right directory and that you have a ${chalk_1.default.yellowBright(configuration_1.DEFAULT_CONFIGURATION_NAME)} file.`);
         handled = true;
     }
     else if (error instanceof NoConfigurationFileError) {
-        core_1.ux.log(chalk_1.default.redBright('This command requires a configuration file for your integration :('));
-        core_1.ux.log(`This file should be located at ${chalk_1.default.yellowBright(path_1.default.relative(process.cwd(), (0, configuration_1.getConfigurationPath)()))}.`);
+        command.logToStderr(chalk_1.default.redBright('This command requires a configuration file for your integration :('));
+        command.logToStderr(`This file should be located at ${chalk_1.default.yellowBright(path_1.default.relative(process.cwd(), (0, configuration_1.getConfigurationPath)()))}.`);
         handled = true;
     }
     else if (error instanceof MissingEnvironmentVariableError) {
-        core_1.ux.log(chalk_1.default.redBright('This command requires a variable which is missing from your environment :('));
-        core_1.ux.log(`Make sure the environment variable ${chalk_1.default.yellowBright(error.message)} is defined.`);
+        command.logToStderr(chalk_1.default.redBright('This command requires a variable which is missing from your environment :('));
+        command.logToStderr(`Make sure the environment variable ${chalk_1.default.yellowBright(error.message)} is defined.`);
         handled = true;
     }
     else if (error instanceof ConfigurationMalformed) {
-        core_1.ux.log(chalk_1.default.redBright(`Your ${chalk_1.default.yellowBright(configuration_1.DEFAULT_CONFIGURATION_NAME)} was found but its not a valid JSON file!`));
+        command.logToStderr(chalk_1.default.redBright(`Your ${chalk_1.default.yellowBright(configuration_1.DEFAULT_CONFIGURATION_NAME)} was found but its not a valid JSON file!`));
         handled = true;
     }
     else if (error instanceof ConfigurationInvalid) {
-        core_1.ux.log(chalk_1.default.redBright(`Your ${chalk_1.default.yellowBright(configuration_1.DEFAULT_CONFIGURATION_NAME)} is invalid!`));
-        core_1.ux.log();
-        core_1.ux.log(error.prettyDetails);
+        command.logToStderr(chalk_1.default.redBright(`Your ${chalk_1.default.yellowBright(configuration_1.DEFAULT_CONFIGURATION_NAME)} is invalid!`));
+        command.logToStderr();
+        command.logToStderr(error.prettyDetails);
         handled = true;
     }
     else if (error instanceof NoRefreshTokenError) {
-        core_1.ux.log(chalk_1.default.redBright('No refresh token found in your configuration file'));
+        command.logToStderr(chalk_1.default.redBright('No refresh token found in your configuration file'));
         handled = true;
     }
     else if (error instanceof FailedToRetrieveAccessTokenError) {
-        core_1.ux.log(chalk_1.default.redBright('Failed to retrieve access token'));
-        core_1.ux.log();
-        core_1.ux.log(error.message);
+        command.logToStderr(chalk_1.default.redBright('Failed to retrieve access token'));
+        command.logToStderr();
+        command.logToStderr(error.message);
         handled = true;
     }
     else if (error instanceof InvalidRequestContentTypeError) {
-        core_1.ux.log(chalk_1.default.redBright('Invalid request content type'));
+        command.logToStderr(chalk_1.default.redBright('Invalid request content type'));
         handled = true;
-        core_1.ux.log();
-        core_1.ux.log(error.message);
+        command.logToStderr();
+        command.logToStderr(error.message);
     }
     else if (error instanceof integrationsPlatform_1.HttpError) {
         handled = true;
-        core_1.ux.log();
-        core_1.ux.log((0, json_colorizer_1.default)(JSON.stringify(error.data, null, 2)));
+        command.logToStderr();
+        command.logToStderr((0, json_colorizer_1.default)(JSON.stringify(error.data, null, 2)));
     }
     else if (error instanceof MissingCredentialsError) {
-        core_1.ux.log();
-        core_1.ux.log(chalk_1.default.redBright('The credentials are missing from your configuration file'));
+        command.logToStderr();
+        command.logToStderr(chalk_1.default.redBright('The credentials are missing from your configuration file'));
         handled = true;
     }
     else if (error instanceof MissingApiKey) {
-        core_1.ux.log();
-        core_1.ux.log(chalk_1.default.redBright('Your API key is not set!'));
-        core_1.ux.log(`Make sure to run the ${chalk_1.default.yellowBright('login')} command first`);
+        command.logToStderr();
+        command.logToStderr(chalk_1.default.redBright('Your API key is not set!'));
+        command.logToStderr(`Make sure to run the ${chalk_1.default.yellowBright('login')} command first`);
         handled = true;
     }
     else if (error instanceof AuthenticationFailed) {
-        core_1.ux.log();
-        core_1.ux.log(chalk_1.default.redBright('This command requires that you are logged to Unito!'));
-        core_1.ux.log(`Make sure to run the ${chalk_1.default.yellowBright('login')} command first`);
+        command.logToStderr();
+        command.logToStderr(chalk_1.default.redBright('This command requires that you are logged to Unito!'));
+        command.logToStderr(`Make sure to run the ${chalk_1.default.yellowBright('login')} command first`);
         handled = true;
     }
     else if (error instanceof DecryptionAuthenticationError) {
-        core_1.ux.log();
-        core_1.ux.log(chalk_1.default.yellowBright(`Your configuration contains encrypted ${error.encryptedEntityName}.`));
-        core_1.ux.log('To use them locally, you must be authenticated to Unito.');
+        command.logToStderr();
+        command.logToStderr(chalk_1.default.yellowBright(`Your configuration contains encrypted ${error.encryptedEntityName}.`));
+        command.logToStderr('To use them locally, you must be authenticated to Unito.');
         handled = true;
     }
     else if (error instanceof EntryDecryptionError) {
-        core_1.ux.log();
-        core_1.ux.log(chalk_1.default.yellowBright(`Error decrypting entry:`));
-        core_1.ux.log(chalk_1.default.redBright(`${error.key}: ${error.value}`));
-        core_1.ux.log();
-        core_1.ux.log(`Make sure they were encrypted by the same environement (Currently targeting: ${error.environment}).`);
+        command.logToStderr();
+        command.logToStderr(chalk_1.default.yellowBright(`Error decrypting entry:`));
+        command.logToStderr(chalk_1.default.redBright(`${error.key}: ${error.value}`));
+        command.logToStderr();
+        command.logToStderr(`Make sure they were encrypted by the same environement (Currently targeting: ${error.environment}).`);
+        handled = true;
+    }
+    else if (error instanceof MissingAuth2AuthorizationError) {
+        command.logToStderr();
+        command.logToStderr(chalk_1.default.redBright(`No Oauth2 authorization found in your configuration file`));
+        // TODO: Update link once the documentation is made available publicly
+        command.logToStderr('See https://staging-dev.unito.io/docs/integrations/configuration/authorizations#oauth-2 for more information on how to configure Oauth2');
         handled = true;
     }
     return handled;

package/dist/src/resources/configuration.d.ts

@@ -23,7 +23,7 @@ export declare function getConfiguration(environment: Environment, customConfigP
 /**
  * Write the configuration to the default configuration file.
  */
-export declare function writeConfiguration(configuration: Configuration): Promise<void>;
+export declare function writeConfiguration(configuration: Configuration, environment?: Environment, customConfigPath?: string): Promise<void>;
 export declare function writeTestAccount(configuration: Configuration, account: {
     accessToken: string;
     refreshToken?: string;

package/dist/src/resources/configuration.js

@@ -88,10 +88,13 @@ exports.getConfiguration = getConfiguration;
 /**
  * Write the configuration to the default configuration file.
  */
-async function writeConfiguration(configuration) {
+async function writeConfiguration(configuration, environment = globalConfiguration_1.Environment.Production, customConfigPath) {
     (0, integrations_1.validateIsIntegrationDirectory)();
     await validateConfiguration(configuration);
-    await fs.promises.writeFile(getConfigurationPath(globalConfiguration_1.Environment.Production), JSON.stringify(configuration, null, 2));
+    const configurationPath = customConfigPath
+        ? `${process.cwd()}${customConfigPath.startsWith('/') ? customConfigPath : `/${customConfigPath}`}`
+        : getConfigurationPath(environment);
+    await fs.promises.writeFile(configurationPath, JSON.stringify(configuration, null, 2));
 }
 exports.writeConfiguration = writeConfiguration;
 async function writeTestAccount(configuration, account, accountName) {

package/dist/src/resources/decryption.d.ts

@@ -1,5 +1,11 @@
-import { Configuration } from '../configurationTypes';
 import * as GlobalConfiguration from './globalConfiguration';
-import { CredentialScope } from './configuration';
-export declare function decryptTestAccountCredentials(configuration: Configuration, environment: GlobalConfiguration.Environment, testAccount: CredentialScope, configDir: string): Promise<Record<string, unknown>>;
-export declare function decryptSecrets(configuration: Configuration, environment: GlobalConfiguration.Environment, configDir: string): Promise<Record<string, unknown>>;
+/**
+ * Object returned when decrypting
+ *
+ * Allows the caller to know which keys were decrypted to reencrypt them later as needed
+ */
+export type DecryptionResult = {
+    decryptedKeys: string[];
+    entries: Record<string, unknown>;
+};
+export declare function decryptEntries(configurationName: string, environment: GlobalConfiguration.Environment, configDir: string, entries: Record<string, unknown>, fieldName?: string): Promise<DecryptionResult>;

package/dist/src/resources/decryption.js

@@ -1,62 +1,35 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.decryptSecrets = exports.decryptTestAccountCredentials = void 0;
+exports.decryptEntries = void 0;
 const tslib_1 = require("tslib");
 const errors_1 = require("../errors");
 const GlobalConfiguration = tslib_1.__importStar(require("./globalConfiguration"));
 const integrationsPlatform_1 = require("./integrationsPlatform");
 const configuration_1 = require("./configuration");
 const integrationsPlatform_2 = require("../services/integrationsPlatform");
-async function decryptTestAccountCredentials(configuration, environment, testAccount, configDir) {
-    const credentials = configuration.testAccounts?.[testAccount];
-    if (!credentials) {
-        return {};
-    }
-    // Get encrypted credential entries
-    const encryptedEntries = Object.entries(credentials).filter((entry) => typeof entry[1] === 'string' && entry[1].startsWith(configuration_1.ENCRYPTION_PREFIX));
+async function decryptEntries(configurationName, environment, configDir, entries, fieldName = 'entries') {
+    // Get encrypted entries
+    const encryptedEntries = Object.entries(entries).filter((entry) => typeof entry[1] === 'string' && entry[1].startsWith(configuration_1.ENCRYPTION_PREFIX));
     if (!encryptedEntries.length) {
-        return credentials;
-    }
-    // Copy credentials to avoid mutating the configuration.
-    const decryptedCredentials = structuredClone(credentials);
-    const globalConfiguration = await GlobalConfiguration.read(configDir);
-    try {
-        await (0, integrationsPlatform_1.validateAuthenticated)(globalConfiguration, environment);
-    }
-    catch (err) {
-        throw new errors_1.DecryptionAuthenticationError('credentials');
-    }
-    for (const [key, encryptedCredential] of encryptedEntries) {
-        try {
-            decryptedCredentials[key] = (await (0, integrationsPlatform_2.decryptData)(configuration.name, encryptedCredential)).decryptedData;
-        }
-        catch (err) {
-            throw new errors_1.EntryDecryptionError(key, encryptedCredential, environment);
-        }
-    }
-    return decryptedCredentials;
-}
-exports.decryptTestAccountCredentials = decryptTestAccountCredentials;
-async function decryptSecrets(configuration, environment, configDir) {
-    if (!Object.entries(configuration.secrets ?? {}).length) {
-        return {};
+        return { decryptedKeys: [], entries };
     }
     const globalConfiguration = await GlobalConfiguration.read(configDir);
     try {
         await (0, integrationsPlatform_1.validateAuthenticated)(globalConfiguration, environment);
     }
     catch (err) {
-        throw new errors_1.DecryptionAuthenticationError('secrets');
+        throw new errors_1.DecryptionAuthenticationError(fieldName);
     }
-    const decryptedSecrets = {};
-    for (const [key, encryptedSecret] of Object.entries(configuration.secrets ?? {})) {
+    // Copy credentials to avoid mutating the configuration.
+    const decryptedEntries = structuredClone(entries);
+    for (const [key, encryptedEntry] of encryptedEntries) {
         try {
-            decryptedSecrets[key] = (await (0, integrationsPlatform_2.decryptData)(configuration.name, encryptedSecret)).decryptedData;
+            decryptedEntries[key] = (await (0, integrationsPlatform_2.decryptData)(configurationName, encryptedEntry)).decryptedData;
         }
         catch (err) {
-            throw new errors_1.EntryDecryptionError(key, encryptedSecret, environment);
+            throw new errors_1.EntryDecryptionError(key, encryptedEntry, environment);
         }
     }
-    return decryptedSecrets;
+    return { decryptedKeys: encryptedEntries.map(([key]) => key), entries: decryptedEntries };
 }
-exports.decryptSecrets = decryptSecrets;
+exports.decryptEntries = decryptEntries;

package/dist/src/services/integrationsPlatform.d.ts

@@ -27,7 +27,7 @@ export declare function reencryptData(integrationName: string, encryptedData: st
     encryptedData: string;
 }>;
 export declare function getIntegration(integrationId: number): Promise<Integration>;
-export declare function getIntegrationByName(integrationName: string): Promise<Integration | null>;
+export declare function getIntegrationByName(integrationName: string): Promise<Integration>;
 export declare function getIntegrations(): Promise<IntegrationSummary[]>;
 export declare function publishIntegration(archivePath: string): Promise<Integration>;
 export declare function createIntegration(configuration: Configuration): Promise<Integration>;

package/dist/src/services/integrationsPlatform.js

@@ -62,14 +62,7 @@ async function getIntegration(integrationId) {
 }
 exports.getIntegration = getIntegration;
 async function getIntegrationByName(integrationName) {
-    let integration;
-    try {
-        integration = await integrations_platform_client_1.default.getIntegrationByName(integrationName);
-    }
-    catch {
-        return null;
-    }
-    return integration;
+    return integrations_platform_client_1.default.getIntegrationByName(integrationName);
 }
 exports.getIntegrationByName = getIntegrationByName;
 async function getIntegrations() {

package/dist/test/commands/activity.test.js

@@ -53,7 +53,9 @@ describe('activity', () => {
     });
     test_1.test
         .stdout()
-        .stub(IntegrationsPlatform, 'getIntegrationByName', () => undefined)
+        .stub(IntegrationsPlatform, 'getIntegrationByName', () => {
+        throw new Error();
+    })
         .command(['activity'])
         .catch(error => {
         (0, test_1.expect)(error.message).to.equal('EEXIT: -1');

package/dist/test/commands/encrypt.test.js

@@ -53,12 +53,12 @@ describe('encrypt', () => {
         (0, test_1.expect)(ctx.stdout).to.contains('Encrypted Data:');
     });
     test_1.test
-        .stdout()
+        .stderr()
         .stub(GlobalConfiguration, 'read', () => ({}))
         .command(['encrypt'])
         .exit(-1)
         .it('missing api key', ctx => {
-        (0, test_1.expect)(ctx.stdout).to.contain('Your API key is not set!\nMake sure to run the login command first');
+        (0, test_1.expect)(ctx.stderr).to.contain('Your API key is not set!\nMake sure to run the login command first');
     });
     test_1.test
         .stdout()

package/dist/test/commands/invite.test.js

@@ -47,7 +47,9 @@ describe('invite', () => {
     test_1.test
         .stdout()
         .stub(GlobalConfiguration, 'read', () => ({ email: 'foo@bar.com' }))
-        .stub(IntegrationsPlatform, 'getIntegrationByName', () => undefined)
+        .stub(IntegrationsPlatform, 'getIntegrationByName', () => {
+        throw new Error();
+    })
         .command(['invite'])
         .catch(error => {
         (0, test_1.expect)(error.message).to.equal('EEXIT: -1');

package/dist/test/commands/oauth2.test.js

@@ -7,12 +7,13 @@ const sinon = tslib_1.__importStar(require("sinon"));
 const inquirer_1 = tslib_1.__importDefault(require("inquirer"));
 const Configuration = tslib_1.__importStar(require("../../src/resources/configuration"));
 const oauth2Service = tslib_1.__importStar(require("../../src/services/oauth2Helper"));
+const IntegrationsPlatform = tslib_1.__importStar(require("../../src/services/integrationsPlatform"));
+const decryptionResource = tslib_1.__importStar(require("../../src/resources/decryption"));
 const configurationTypes_1 = require("../../src/configurationTypes");
 describe('oauth2', () => {
     const INTEGRATION_NAME = 'myintegration';
     const sandbox = sinon.createSandbox();
     let getConfigurationsStub;
-    let writeConfigurationStub;
     let writeTestAccountStub;
     let performOAuth2FlowStub;
     let updateTokenStub;
@@ -30,7 +31,7 @@ describe('oauth2', () => {
         name: INTEGRATION_NAME,
         authorizations: [
             {
-                name: 'development',
+                name: 'MyAuthorization',
                 method: configurationTypes_1.Method.OAUTH2,
                 oauth2: oauth2Information,
             },
@@ -48,7 +49,6 @@ describe('oauth2', () => {
         sandbox.stub(inquirer_1.default, 'prompt').resolves({
             oauth2Information: JSON.stringify(oauth2Information),
         });
-        writeConfigurationStub = sandbox.stub(Configuration, 'writeConfiguration');
         writeTestAccountStub = sandbox.stub(Configuration, 'writeTestAccount');
         performOAuth2FlowStub = sandbox.stub(oauth2Service, 'performOAuth2Flow');
         performOAuth2FlowStub.resolves(credentials);
@@ -63,16 +63,48 @@ describe('oauth2', () => {
         ...baseConfiguration,
         authorizations: [],
     }))
-        .command(['oauth2', '--accountName', 'development'])
-        .it("asks for authentication information when it's not setup in the configuration file", () => {
-        (0, test_1.expect)(writeConfigurationStub.getCall(0)?.firstArg).to.deep.equal({
-            ...baseConfiguration,
-            authorizations: [{ oauth2: oauth2Information, name: 'development', method: 'oauth2', development: true }],
-        });
+        .command(['oauth2', '--test-account', 'development'])
+        .exit(-1)
+        .it("Errors out if no oauth2 authorization scheme is found in the integration's configuration");
+    test_1.test
+        .stdout()
+        .do(() => getConfigurationsStub.returns({
+        ...baseConfiguration,
+        authorizations: [
+            ...(baseConfiguration.authorizations ?? []),
+            {
+                name: 'Development Authorization',
+                method: configurationTypes_1.Method.OAUTH2,
+                oauth2: { ...oauth2Information, clientId: 'devClientID' },
+                development: true,
+            },
+        ],
+    }))
+        .command(['oauth2', '--test-account', 'development'])
+        .it('prioritize development authorization', () => {
+        (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(1);
+        (0, test_1.expect)(performOAuth2FlowStub.getCall(0).args).to.deep.equal([{ ...oauth2Information, clientId: 'devClientID' }]);
+        (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(0);
+        (0, test_1.expect)(writeTestAccountStub.getCall(0).args).to.deep.equal([
+            {
+                ...baseConfiguration,
+                authorizations: [
+                    ...(baseConfiguration.authorizations ?? []),
+                    {
+                        name: 'Development Authorization',
+                        method: configurationTypes_1.Method.OAUTH2,
+                        oauth2: { ...oauth2Information, clientId: 'devClientID' },
+                        development: true,
+                    },
+                ],
+            },
+            credentials,
+            'development',
+        ]);
     });
     test_1.test
         .stdout()
-        .command(['oauth2', '--accountName', 'development'])
+        .command(['oauth2', '--test-account', 'development'])
         .it('performs the oauth flow when there is no test accounts and the auth information are setup', () => {
         (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(1);
         (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(0);
@@ -86,7 +118,53 @@ describe('oauth2', () => {
             development: credentials,
         },
     }))
-        .command(['oauth2', '--accountName', 'development'])
+        .command(['oauth2', '--test-account', 'development', '--reauth'])
+        .it('performs the oauth flow when there is a test accounts, the auth information are setup and --reauth flag is present', () => {
+        (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(1);
+        (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(0);
+        (0, test_1.expect)(writeTestAccountStub.getCall(0).args).to.deep.equal([
+            {
+                ...baseConfiguration,
+                testAccounts: {
+                    development: credentials,
+                },
+            },
+            credentials,
+            'development',
+        ]);
+    });
+    test_1.test
+        .stdout()
+        .do(() => getConfigurationsStub.returns({
+        ...baseConfiguration,
+        testAccounts: {
+            development: { something: 'something' },
+        },
+    }))
+        .command(['oauth2', '--test-account', 'compliance'])
+        .it('performs the oauth flow when the requested test account is not setup', () => {
+        (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(1);
+        (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(0);
+        (0, test_1.expect)(writeTestAccountStub.getCall(0).args).to.deep.equal([
+            {
+                ...baseConfiguration,
+                testAccounts: {
+                    development: { something: 'something' },
+                },
+            },
+            credentials,
+            'compliance',
+        ]);
+    });
+    test_1.test
+        .stdout()
+        .do(() => getConfigurationsStub.returns({
+        ...baseConfiguration,
+        testAccounts: {
+            development: credentials,
+        },
+    }))
+        .command(['oauth2', '--test-account', 'development'])
         .it('refresh the token when there is an existing test accounts and the auth information are setup', () => {
         (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(0);
         (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(1);
@@ -101,4 +179,70 @@ describe('oauth2', () => {
             'development',
         ]);
     });
+    test_1.test
+        .stdout()
+        .do(() => {
+        getConfigurationsStub.returns({
+            ...baseConfiguration,
+            authorizations: [
+                {
+                    name: 'Authorization',
+                    method: configurationTypes_1.Method.OAUTH2,
+                    oauth2: { ...oauth2Information, clientSecret: `${Configuration.ENCRYPTION_PREFIX}devClientID` },
+                },
+            ],
+            testAccounts: {
+                development: {
+                    accessToken: `${Configuration.ENCRYPTION_PREFIX}devAccessToken`,
+                    refreshToken: `${Configuration.ENCRYPTION_PREFIX}devRefreshToken`,
+                },
+            },
+        });
+        sandbox
+            .stub(decryptionResource, 'decryptEntries')
+            .onFirstCall()
+            .resolves({ decryptedKeys: ['clientSecret'], entries: { ...oauth2Information, clientSecret: 'devClientID' } })
+            .onSecondCall()
+            .resolves({
+            decryptedKeys: ['accessToken', 'refreshToken'],
+            entries: {
+                accessToken: 'devAccessToken',
+                refreshToken: 'devRefreshToken',
+            },
+        });
+        sandbox
+            .stub(IntegrationsPlatform, 'encryptData')
+            .onFirstCall()
+            .resolves({ encryptedData: `${Configuration.ENCRYPTION_PREFIX}encryptedAccessToken` })
+            .onSecondCall()
+            .resolves({ encryptedData: `${Configuration.ENCRYPTION_PREFIX}encryptedRefreshToken` });
+    })
+        .command(['oauth2', '--test-account', 'development'])
+        .it('decrypt oauth2 authorization entries and test-account', () => {
+        (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(0);
+        (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(1);
+        (0, test_1.expect)(writeTestAccountStub.getCall(0).args).to.deep.equal([
+            {
+                ...baseConfiguration,
+                authorizations: [
+                    {
+                        name: 'Authorization',
+                        method: configurationTypes_1.Method.OAUTH2,
+                        oauth2: { ...oauth2Information, clientSecret: `${Configuration.ENCRYPTION_PREFIX}devClientID` },
+                    },
+                ],
+                testAccounts: {
+                    development: {
+                        accessToken: `${Configuration.ENCRYPTION_PREFIX}devAccessToken`,
+                        refreshToken: `${Configuration.ENCRYPTION_PREFIX}devRefreshToken`,
+                    },
+                },
+            },
+            {
+                accessToken: `${Configuration.ENCRYPTION_PREFIX}encryptedAccessToken`,
+                refreshToken: `${Configuration.ENCRYPTION_PREFIX}encryptedRefreshToken`,
+            },
+            'development',
+        ]);
+    });
 });