@unito/integration-cli 0.63.3 → 0.64.3

package/dist/src/commands/dev.d.ts

@@ -8,7 +8,7 @@ export default class Dev extends BaseCommand<typeof Dev> {
         environment: import("@oclif/core/lib/interfaces").OptionFlag<GlobalConfiguration.Environment, import("@oclif/core/lib/interfaces").CustomOptions>;
         verbose: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
         'credential-payload': import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        'credential-id': import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        'credential-id': import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         'test-account': import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
         'read-only': import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
         timeout: import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
@@ -16,6 +16,7 @@ export default class Dev extends BaseCommand<typeof Dev> {
         checks: import("@oclif/core/lib/interfaces").OptionFlag<string[], import("@oclif/core/lib/interfaces").CustomOptions>;
         'config-path': import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         'skip-install': import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+        port: import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
     };
     run(): Promise<void>;
 }

package/dist/src/commands/dev.js

@@ -35,7 +35,7 @@ class Dev extends baseCommand_1.BaseCommand {
             description: '(advanced) credential payload to use.',
             exclusive: ['credential-id'],
         }),
-        'credential-id': core_1.Flags.integer({
+        'credential-id': core_1.Flags.string({
             description: '(advanced) credential to use.',
             exclusive: ['credential-payload'],
         }),
@@ -77,6 +77,10 @@ class Dev extends baseCommand_1.BaseCommand {
             allowNo: true,
             default: false,
         }),
+        port: core_1.Flags.integer({
+            description: 'port to run the integration on',
+            default: 9200,
+        }),
     };
     async run() {
         (0, integrations_1.validateIsIntegrationDirectory)();
@@ -141,7 +145,7 @@ class Dev extends baseCommand_1.BaseCommand {
         // Launch the debugger.
         const commandArguments = [
             `${process.env.NODE_MODULES_FOLDER}/@unito/integration-debugger/dist/src/index.js`,
-            '--integration-url=http://localhost:9200',
+            `--integration-url=http://localhost:${flags.port}`,
             `--spawn-process=npm run dev`,
             `--credential-payload=${credentialPayload}`,
             `--secrets-payload=${JSON.stringify(secrets)}`,
@@ -185,7 +189,7 @@ class Dev extends baseCommand_1.BaseCommand {
         const child = child_process_1.default.spawn('node', commandArguments, {
             detached: true,
             stdio: 'inherit',
-            env: { ...process.env, ...environmentVariables, NODE_ENV: 'development', PORT: '9200' },
+            env: { ...process.env, ...environmentVariables, NODE_ENV: 'development', PORT: `${flags.port}` },
         });
         // istanbul ignore next
         child.on('exit', (code) => {

package/dist/src/commands/init.js

@@ -26,15 +26,15 @@ class Init extends baseCommand_1.BaseCommand {
         const name = nameFromFlag ??
             (await inquirer_1.default.prompt([
                 {
+                    type: 'input',
                     name: 'name',
-                    prefix: [
+                    message: [
                         chalk_1.default.gray('Choose a name for your integration.'),
                         chalk_1.default.gray('A folder will be created with the value provided.'),
                         chalk_1.default.gray('Note that "My Integration" will become "my_integration".'),
-                        chalk_1.default.greenBright('?'),
+                        chalk_1.default.yellowBright('What is the name of your integration?'),
                     ].join('\n'),
-                    message: chalk_1.default.yellowBright('What is the name of your integration?'),
-                    filter: name => name
+                    filter: (name) => name
                         .toLowerCase()
                         .replace(/ /g, '_')
                         .replace(/[^a-z0-9_-]*/g, ''),

package/dist/src/commands/login.js

@@ -36,6 +36,7 @@ class Login extends baseCommand_1.BaseCommand {
         try {
             apiKey = (await inquirer_1.default.prompt([
                 {
+                    type: 'input',
                     name: 'apiKey',
                     message: 'Enter your API key:',
                 },

package/dist/src/commands/oauth2.js

@@ -102,7 +102,7 @@ class Oauth2 extends core_1.Command {
             }
             const refreshToken = decryptionResult?.successful.refreshToken;
             core_1.ux.action.start(`Refreshing test account ${testAccount}`, undefined, { stdout: true });
-            credentials = await Oauth2Resource.updateToken(oauth2, refreshToken);
+            credentials = await Oauth2Resource.updateToken(oauth2, refreshToken, decryptionResult?.successful, environment);
             // If provider response doesn't contain a new refresh token, use the existing one
             credentials.refreshToken = credentials.refreshToken ?? refreshToken;
             core_1.ux.action.stop();

package/dist/src/commands/test.js

@@ -41,7 +41,7 @@ class Test extends baseCommand_1.BaseCommand {
             description: '(advanced) credential payload to use.',
             exclusive: ['credential-id'],
         }),
-        'credential-id': core_1.Flags.integer({
+        'credential-id': core_1.Flags.string({
             description: '(advanced) credential to use.',
             exclusive: ['credential-payload'],
         }),

package/dist/src/index.js

@@ -1,4 +1,5 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+// Public re-exports
 var core_1 = require("@oclif/core");
 Object.defineProperty(exports, "run", { enumerable: true, get: function () { return core_1.run; } });

package/dist/src/resources/credentials.d.ts

@@ -1,3 +1,3 @@
 import * as GlobalConfiguration from './globalConfiguration';
 import { Credential } from '../services/integrationsPlatform';
-export declare function fetchCredential(environment: GlobalConfiguration.Environment, configDir: string, credentialId: number): Promise<Credential>;
+export declare function fetchCredential(environment: GlobalConfiguration.Environment, configDir: string, credentialId: string): Promise<Credential>;

package/dist/src/resources/oauth2.d.ts

@@ -1,4 +1,4 @@
 import { Oauth2Response, Oauth2Payload } from '../services/oauth2';
 import { Environment } from './globalConfiguration';
 export declare function performOAuth2Flow(applicationCredentials: Oauth2Payload, environment?: Environment, credentialPayload?: Record<string, unknown>): Promise<Oauth2Response>;
-export declare function updateToken(applicationCredentials: Oauth2Payload, refreshToken: string): Promise<Oauth2Response>;
+export declare function updateToken(applicationCredentials: Oauth2Payload, refreshToken: string, credentialPayload?: Record<string, unknown>, environment?: Environment): Promise<Oauth2Response>;

package/dist/src/resources/oauth2.js

@@ -22,7 +22,7 @@ async function performOAuth2Flow(applicationCredentials, environment = globalCon
     }
     return oauth2Response;
 }
-async function updateToken(applicationCredentials, refreshToken) {
-    const oauthHelper = new oauth2_1.default(applicationCredentials);
+async function updateToken(applicationCredentials, refreshToken, credentialPayload, environment = globalConfiguration_1.Environment.Production) {
+    const oauthHelper = new oauth2_1.default(applicationCredentials, environment, credentialPayload);
     return oauthHelper.updateToken(refreshToken);
 }

package/dist/src/services/integrationsPlatform.d.ts

@@ -40,4 +40,4 @@ export declare function getIntegrationEvents(integrationId: number, options?: {
 export declare function updateIntegration(integrationId: number, configuration: Configuration & {
     archived?: boolean;
 }): Promise<Integration>;
-export declare function getCredential(credentialId: number): Promise<Credential>;
+export declare function getCredential(credentialId: string): Promise<Credential>;

package/dist/src/services/integrationsPlatformClient.d.ts

@@ -66,7 +66,7 @@ export type Error = {
     stack?: string[];
 };
 export type AuthorizationMethod = 'custom' | 'oauth2';
-export type AuthorizationGrantType = 'authorization_code' | 'password' | 'client_credentials';
+export type AuthorizationGrantType = 'authorization_code' | 'password' | 'client_credentials' | 'urn:ietf:params:oauth:grant-type:jwt-bearer';
 export type AuthorizationScope = {
     /** The name of the scope. */
     name: string;
@@ -93,6 +93,8 @@ export type AuthorizationOAuth2 = {
     authorizationUrl?: string;
     /** The URL to obtain or refresh an access token. */
     tokenUrl: string;
+    /** The callback URL which the provider will redirect the user after granting or denying access. */
+    legacyRedirectUrl?: string;
     grantType: AuthorizationGrantType;
     scopes: AuthorizationScope[];
     requestContentType: AuthorizationOAuth2ContentType;
@@ -143,7 +145,7 @@ export type IntegrationEvent = {
 };
 export type Credential = Base & {
     /** The id of the credential. */
-    id: number;
+    id: string;
     /** The id of the integration. */
     integrationId: number;
     /** The name of the integration. */
@@ -319,7 +321,7 @@ export declare function getCredentials({ pagination, filters, }?: {
         /** The integration id of the credential. */
         integrationId?: number;
         /** List of credential ids. */
-        id?: number[];
+        id?: string[];
         /** The scope of the credential. */
         credentialScope?: 'development' | 'compliance' | 'production' | 'service';
         /** The id of the Unito User for which this credential belongs to. */
@@ -350,11 +352,11 @@ export declare function createCredential(body?: {
 /**
  * Get a credential
  */
-export declare function getCredentialById(credentialId: number, opts?: Oazapfts.RequestOpts): Promise<Credential>;
+export declare function getCredentialById(credentialId: string, opts?: Oazapfts.RequestOpts): Promise<Credential>;
 /**
  * Update a credential
  */
-export declare function updateCredential(credentialId: number, body?: {
+export declare function updateCredential(credentialId: string, body?: {
     payload?: {
         [key: string]: any;
     };
@@ -366,7 +368,7 @@ export declare function updateCredential(credentialId: number, body?: {
 /**
  * Delete a credential
  */
-export declare function deleteCredential(credentialId: number, opts?: Oazapfts.RequestOpts): Promise<unknown>;
+export declare function deleteCredential(credentialId: string, opts?: Oazapfts.RequestOpts): Promise<unknown>;
 /**
  * Returns the credentialAccount either from the integration's /me endpoint, if available, or the credential's latestCredentialAccount
  */
@@ -444,33 +446,47 @@ export declare function updateWebhookSubscription(xUnitoCredentialId: string, bo
 /**
  * Call an integration's graph
  */
-export declare function getProxyGraph(xUnitoCredentialId: string, path: string, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, accept, }?: {
+export declare function getProxyGraph(xUnitoCredentialId: string, path: string, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, accept, xUnitoOperationDeadline, }?: {
     xUnitoCorrelationId?: string;
     xUnitoAdditionalLoggingContext?: string;
     accept?: string;
+    xUnitoOperationDeadline?: string;
 }, opts?: Oazapfts.RequestOpts): Promise<any>;
 /**
  * Call an integration's graph
  */
-export declare function patchProxyGraph(xUnitoCredentialId: string, path: string, body?: object, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, }?: {
+export declare function patchProxyGraph(xUnitoCredentialId: string, path: string, body?: object, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, xUnitoOperationDeadline, }?: {
     xUnitoCorrelationId?: string;
     xUnitoAdditionalLoggingContext?: string;
     contentType?: string;
+    xUnitoOperationDeadline?: string;
 }, opts?: Oazapfts.RequestOpts): Promise<any>;
 /**
  * Call an integration's graph
  */
-export declare function postProxyGraph(xUnitoCredentialId: string, path: string, body?: object, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, }?: {
+export declare function postProxyGraph(xUnitoCredentialId: string, path: string, body?: object, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, xUnitoOperationDeadline, }?: {
     xUnitoCorrelationId?: string;
     xUnitoAdditionalLoggingContext?: string;
     contentType?: string;
+    xUnitoOperationDeadline?: string;
 }, opts?: Oazapfts.RequestOpts): Promise<any>;
 /**
  * Call an integration's graph
  */
-export declare function deleteProxyGraph(xUnitoCredentialId: string, path: string, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, }?: {
+export declare function deleteProxyGraph(xUnitoCredentialId: string, path: string, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, xUnitoOperationDeadline, }?: {
+    xUnitoCorrelationId?: string;
+    xUnitoAdditionalLoggingContext?: string;
+    xUnitoOperationDeadline?: string;
+}, opts?: Oazapfts.RequestOpts): Promise<any>;
+/**
+ * Call an integration's graph with multipart/form-data
+ */
+export declare function postProxyGraphMultipart(xUnitoCredentialId: string, path: string, body?: {
+    [key: string]: any;
+}, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, xUnitoOperationDeadline, }?: {
     xUnitoCorrelationId?: string;
     xUnitoAdditionalLoggingContext?: string;
+    xUnitoOperationDeadline?: string;
 }, opts?: Oazapfts.RequestOpts): Promise<any>;
 /**
  * Get all the users

package/dist/src/services/integrationsPlatformClient.js

@@ -30,6 +30,7 @@ exports.getProxyGraph = getProxyGraph;
 exports.patchProxyGraph = patchProxyGraph;
 exports.postProxyGraph = postProxyGraph;
 exports.deleteProxyGraph = deleteProxyGraph;
+exports.postProxyGraphMultipart = postProxyGraphMultipart;
 exports.getUsers = getUsers;
 exports.createUser = createUser;
 exports.getUserById = getUserById;
@@ -314,7 +315,7 @@ function updateWebhookSubscription(xUnitoCredentialId, body, { xUnitoCorrelation
 /**
  * Call an integration's graph
  */
-function getProxyGraph(xUnitoCredentialId, path, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, accept, } = {}, opts) {
+function getProxyGraph(xUnitoCredentialId, path, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, accept, xUnitoOperationDeadline, } = {}, opts) {
     return oazapfts.ok(oazapfts.fetchJson(`/proxy/graph${QS.query(QS.explode({
         path,
     }))}`, {
@@ -324,13 +325,14 @@ function getProxyGraph(xUnitoCredentialId, path, { xUnitoCorrelationId, xUnitoAd
             'X-Unito-Correlation-Id': xUnitoCorrelationId,
             'X-Unito-Additional-Logging-Context': xUnitoAdditionalLoggingContext,
             Accept: accept,
+            'X-Unito-Operation-Deadline': xUnitoOperationDeadline,
         }),
     }));
 }
 /**
  * Call an integration's graph
  */
-function patchProxyGraph(xUnitoCredentialId, path, body, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, } = {}, opts) {
+function patchProxyGraph(xUnitoCredentialId, path, body, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, xUnitoOperationDeadline, } = {}, opts) {
     return oazapfts.ok(oazapfts.fetchJson(`/proxy/graph${QS.query(QS.explode({
         path,
     }))}`, oazapfts.json({
@@ -342,13 +344,14 @@ function patchProxyGraph(xUnitoCredentialId, path, body, { xUnitoCorrelationId,
             'X-Unito-Correlation-Id': xUnitoCorrelationId,
             'X-Unito-Additional-Logging-Context': xUnitoAdditionalLoggingContext,
             'Content-Type': contentType,
+            'X-Unito-Operation-Deadline': xUnitoOperationDeadline,
         }),
     })));
 }
 /**
  * Call an integration's graph
  */
-function postProxyGraph(xUnitoCredentialId, path, body, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, } = {}, opts) {
+function postProxyGraph(xUnitoCredentialId, path, body, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, contentType, xUnitoOperationDeadline, } = {}, opts) {
     return oazapfts.ok(oazapfts.fetchJson(`/proxy/graph${QS.query(QS.explode({
         path,
     }))}`, oazapfts.json({
@@ -360,13 +363,14 @@ function postProxyGraph(xUnitoCredentialId, path, body, { xUnitoCorrelationId, x
             'X-Unito-Correlation-Id': xUnitoCorrelationId,
             'X-Unito-Additional-Logging-Context': xUnitoAdditionalLoggingContext,
             'Content-Type': contentType,
+            'X-Unito-Operation-Deadline': xUnitoOperationDeadline,
         }),
     })));
 }
 /**
  * Call an integration's graph
  */
-function deleteProxyGraph(xUnitoCredentialId, path, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, } = {}, opts) {
+function deleteProxyGraph(xUnitoCredentialId, path, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, xUnitoOperationDeadline, } = {}, opts) {
     return oazapfts.ok(oazapfts.fetchJson(`/proxy/graph${QS.query(QS.explode({
         path,
     }))}`, {
@@ -376,9 +380,28 @@ function deleteProxyGraph(xUnitoCredentialId, path, { xUnitoCorrelationId, xUnit
             'X-Unito-Credential-Id': xUnitoCredentialId,
             'X-Unito-Correlation-Id': xUnitoCorrelationId,
             'X-Unito-Additional-Logging-Context': xUnitoAdditionalLoggingContext,
+            'X-Unito-Operation-Deadline': xUnitoOperationDeadline,
         }),
     }));
 }
+/**
+ * Call an integration's graph with multipart/form-data
+ */
+function postProxyGraphMultipart(xUnitoCredentialId, path, body, { xUnitoCorrelationId, xUnitoAdditionalLoggingContext, xUnitoOperationDeadline, } = {}, opts) {
+    return oazapfts.ok(oazapfts.fetchJson(`/proxy/graph/multipart${QS.query(QS.explode({
+        path,
+    }))}`, oazapfts.multipart({
+        ...opts,
+        method: 'POST',
+        body,
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            'X-Unito-Credential-Id': xUnitoCredentialId,
+            'X-Unito-Correlation-Id': xUnitoCorrelationId,
+            'X-Unito-Additional-Logging-Context': xUnitoAdditionalLoggingContext,
+            'X-Unito-Operation-Deadline': xUnitoOperationDeadline,
+        }),
+    })));
+}
 /**
  * Get all the users
  */

package/dist/src/services/oauth2.js

@@ -250,7 +250,7 @@ class OAuth2Service {
             });
         }
         try {
-            const tokenResponse = await fetch(this.tokenUrl, {
+            const tokenResponse = await fetch((0, template_1.expandTemplate)(this.tokenUrl, templateVariables, { urlEncodeVariables: true }), {
                 headers: {
                     'Content-Type': this.requestContentType,
                     ...(tokenRequestHeaders ?? {}),

package/dist/test/commands/oauth2.test.js

@@ -303,4 +303,70 @@ describe('oauth2', () => {
         .it('must successfully decrypt all secrets', ctx => {
         (0, test_1.expect)(ctx.stderr).to.contain((0, styles_1.uncolorize)('The secret boom! could not be decrypted.'));
     });
+    test_1.test
+        .stdout()
+        .do(() => {
+        getConfigurationsStub.returns({
+            ...baseConfiguration,
+            testAccounts: {
+                development: credentials,
+            },
+        });
+        sinon
+            .stub(IntegrationsPlatform, 'encryptData')
+            .onFirstCall()
+            .resolves({ encryptedData: `${Configuration.ENCRYPTION_PREFIX}encryptedAccessToken` })
+            .onSecondCall()
+            .resolves({ encryptedData: `${Configuration.ENCRYPTION_PREFIX}encryptedRefreshToken` });
+    })
+        .stub(DecryptionResource, 'decryptEntries', stub => stub
+        .onFirstCall()
+        .resolves({ successful: { ...oauth2Information }, failed: [] })
+        .onSecondCall()
+        .resolves({ successful: { refreshToken: 'test-refresh-token' }, failed: [] }))
+        .command(['oauth2', '--test-account', 'development', '--environment', 'staging'])
+        .it('passes the staging environment to updateToken when specified', () => {
+        (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(0);
+        (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(1);
+        // Verify that updateToken was called with the correct environment parameter
+        const updateTokenCall = updateTokenStub.getCall(0);
+        (0, test_1.expect)(updateTokenCall.args).to.have.lengthOf(4);
+        (0, test_1.expect)(updateTokenCall.args[0]).to.deep.equal(oauth2Information); // oauth2 config
+        (0, test_1.expect)(updateTokenCall.args[1]).to.equal('test-refresh-token'); // refresh token
+        (0, test_1.expect)(updateTokenCall.args[2]).to.deep.equal({ refreshToken: 'test-refresh-token' }); // credential payload
+        (0, test_1.expect)(updateTokenCall.args[3]).to.equal('staging'); // environment
+    });
+    test_1.test
+        .stdout()
+        .do(() => {
+        getConfigurationsStub.returns({
+            ...baseConfiguration,
+            testAccounts: {
+                development: credentials,
+            },
+        });
+        sinon
+            .stub(IntegrationsPlatform, 'encryptData')
+            .onFirstCall()
+            .resolves({ encryptedData: `${Configuration.ENCRYPTION_PREFIX}encryptedAccessToken` })
+            .onSecondCall()
+            .resolves({ encryptedData: `${Configuration.ENCRYPTION_PREFIX}encryptedRefreshToken` });
+    })
+        .stub(DecryptionResource, 'decryptEntries', stub => stub
+        .onFirstCall()
+        .resolves({ successful: { ...oauth2Information }, failed: [] })
+        .onSecondCall()
+        .resolves({ successful: { refreshToken: 'test-refresh-token' }, failed: [] }))
+        .command(['oauth2', '--test-account', 'development'])
+        .it('defaults to production environment when no environment flag is specified', () => {
+        (0, test_1.expect)(performOAuth2FlowStub.getCalls().length).to.equal(0);
+        (0, test_1.expect)(updateTokenStub.getCalls().length).to.equal(1);
+        // Verify that updateToken was called with the default production environment
+        const updateTokenCall = updateTokenStub.getCall(0);
+        (0, test_1.expect)(updateTokenCall.args).to.have.lengthOf(4);
+        (0, test_1.expect)(updateTokenCall.args[0]).to.deep.equal(oauth2Information); // oauth2 config
+        (0, test_1.expect)(updateTokenCall.args[1]).to.equal('test-refresh-token'); // refresh token
+        (0, test_1.expect)(updateTokenCall.args[2]).to.deep.equal({ refreshToken: 'test-refresh-token' }); // credential payload
+        (0, test_1.expect)(updateTokenCall.args[3]).to.equal('production'); // environment (default)
+    });
 });

package/dist/test/resources/oauth2.test.js

@@ -52,4 +52,32 @@ describe('OAuth2Helper', () => {
             await strict_1.default.rejects(response, errors_1.FailedToRetrieveAccessTokenError);
         });
     });
+    describe('updateToken', () => {
+        let updateTokenStub;
+        beforeEach(() => {
+            updateTokenStub = sinon_1.default.stub(oauth2_1.default.prototype, 'updateToken');
+        });
+        it('should create OAuth2Service with credential payload and call updateToken', async () => {
+            const mockResponse = { accessToken: 'new-token', refreshToken: 'new-refresh-token' };
+            updateTokenStub.resolves(mockResponse);
+            const credentialPayload = { domain: 'test-domain', customVar: 'test-value' };
+            const refreshToken = 'test-refresh-token';
+            const result = await oauth2HelperResource.updateToken(authorizationInfo, refreshToken, credentialPayload);
+            // Assert that the OAuth2Service was instantiated with the credential payload
+            // and that updateToken was called with the refresh token
+            sinon_1.default.assert.calledOnce(updateTokenStub);
+            sinon_1.default.assert.calledWith(updateTokenStub, refreshToken);
+            strict_1.default.deepEqual(result, mockResponse);
+        });
+        it('should work without credential payload', async () => {
+            const mockResponse = { accessToken: 'new-token', refreshToken: 'new-refresh-token' };
+            updateTokenStub.resolves(mockResponse);
+            const refreshToken = 'test-refresh-token';
+            const result = await oauth2HelperResource.updateToken(authorizationInfo, refreshToken);
+            // Should still work when no credential payload is provided
+            sinon_1.default.assert.calledOnce(updateTokenStub);
+            sinon_1.default.assert.calledWith(updateTokenStub, refreshToken);
+            strict_1.default.deepEqual(result, mockResponse);
+        });
+    });
 });

package/dist/test/services/oauth2.test.js

@@ -422,6 +422,43 @@ describe('OAuth2Helper', () => {
                 const response = oauth2Helper.updateToken(refreshToken);
                 await strict_1.default.rejects(response, errors_1.InvalidRequestContentTypeError);
             });
+            describe('token URL template expansion', () => {
+                it('expands template variables in token URL during refresh', async () => {
+                    const credentialPayload = { domain: 'test-domain' };
+                    oauth2Helper = new oauth2_1.default({
+                        clientId: 'test-client-id',
+                        clientSecret: 'test-client-secret',
+                        authorizationUrl: 'https://provider.com/oauth/authorize',
+                        scopes: [{ name: 'scope1' }],
+                        tokenUrl: 'https://{+domain}.provider.com/oauth/token', // Template URL
+                        grantType: configurationTypes_1.GrantType.AUTHORIZATION_CODE,
+                        requestContentType: configurationTypes_1.RequestContentType.URL_ENCODED,
+                    }, globalConfiguration_1.Environment.Production, credentialPayload);
+                    const { refreshToken } = setupSuccessfulRefreshResponse();
+                    await oauth2Helper.updateToken(refreshToken);
+                    // Assert that the token URL was expanded with the domain
+                    sinon_1.default.assert.calledWith(fetchStub, 'https://test-domain.provider.com/oauth/token', sinon_1.default.match.object);
+                });
+                it('expands multiple template variables in token URL', async () => {
+                    const credentialPayload = {
+                        domain: 'my-company',
+                        environment: 'staging',
+                    };
+                    oauth2Helper = new oauth2_1.default({
+                        clientId: 'test-client-id',
+                        clientSecret: 'test-client-secret',
+                        authorizationUrl: 'https://provider.com/oauth/authorize',
+                        scopes: [{ name: 'scope1' }],
+                        tokenUrl: 'https://{+domain}.{+environment}.provider.com/oauth/token',
+                        grantType: configurationTypes_1.GrantType.AUTHORIZATION_CODE,
+                        requestContentType: configurationTypes_1.RequestContentType.URL_ENCODED,
+                    }, globalConfiguration_1.Environment.Production, credentialPayload);
+                    const { refreshToken } = setupSuccessfulRefreshResponse();
+                    await oauth2Helper.updateToken(refreshToken);
+                    // Assert that both template variables were expanded
+                    sinon_1.default.assert.calledWith(fetchStub, 'https://my-company.staging.provider.com/oauth/token', sinon_1.default.match.object);
+                });
+            });
         });
         describe('encodeBody', () => {
             it('encodes body data as URL-encoded when content type is URL_ENCODED', () => {

package/dist/tsconfig.tsbuildinfo

@@ -1 +1 @@
-{"root":["../src/baseCommand.ts","../src/configurationTypes.ts","../src/errors.ts","../src/index.ts","../src/commands/activity.ts","../src/commands/dev.ts","../src/commands/encrypt.ts","../src/commands/init.ts","../src/commands/invite.ts","../src/commands/login.ts","../src/commands/oauth2.ts","../src/commands/publish.ts","../src/commands/test.ts","../src/commands/upgrade.ts","../src/hooks/init/displayLogo.ts","../src/resources/configuration.ts","../src/resources/credentials.ts","../src/resources/decryption.ts","../src/resources/fileSystem.ts","../src/resources/globalConfiguration.ts","../src/resources/integrations.ts","../src/resources/integrationsPlatform.ts","../src/resources/oauth2.ts","../src/resources/template.ts","../src/services/integrationsPlatform.ts","../src/services/integrationsPlatformClient.ts","../src/services/oauth2.ts","../test/errors.test.ts","../test/commands/activity.test.ts","../test/commands/dev.test.ts","../test/commands/encrypt.test.ts","../test/commands/init.test.ts","../test/commands/invite.test.ts","../test/commands/login.test.ts","../test/commands/oauth2.test.ts","../test/commands/publish.test.ts","../test/commands/test.test.ts","../test/commands/upgrade.test.ts","../test/helpers/init.js","../test/helpers/integrations.ts","../test/helpers/styles.ts","../test/resources/configuration.test.ts","../test/resources/decryption.test.ts","../test/resources/globalConfiguration.test.ts","../test/resources/integrations.test.ts","../test/resources/oauth2.test.ts","../test/resources/template.test.ts","../test/services/integrationsPlatform.test.ts","../test/services/oauth2.test.ts","../scripts/generateTypes.ts","../.eslintrc.js"],"version":"5.8.3"}
+{"root":["../src/baseCommand.ts","../src/configurationTypes.ts","../src/errors.ts","../src/index.ts","../src/commands/activity.ts","../src/commands/dev.ts","../src/commands/encrypt.ts","../src/commands/init.ts","../src/commands/invite.ts","../src/commands/login.ts","../src/commands/oauth2.ts","../src/commands/publish.ts","../src/commands/test.ts","../src/commands/upgrade.ts","../src/hooks/init/displayLogo.ts","../src/resources/configuration.ts","../src/resources/credentials.ts","../src/resources/decryption.ts","../src/resources/fileSystem.ts","../src/resources/globalConfiguration.ts","../src/resources/integrations.ts","../src/resources/integrationsPlatform.ts","../src/resources/oauth2.ts","../src/resources/template.ts","../src/services/integrationsPlatform.ts","../src/services/integrationsPlatformClient.ts","../src/services/oauth2.ts","../test/errors.test.ts","../test/commands/activity.test.ts","../test/commands/dev.test.ts","../test/commands/encrypt.test.ts","../test/commands/init.test.ts","../test/commands/invite.test.ts","../test/commands/login.test.ts","../test/commands/oauth2.test.ts","../test/commands/publish.test.ts","../test/commands/test.test.ts","../test/commands/upgrade.test.ts","../test/helpers/init.js","../test/helpers/integrations.ts","../test/helpers/styles.ts","../test/resources/configuration.test.ts","../test/resources/decryption.test.ts","../test/resources/globalConfiguration.test.ts","../test/resources/integrations.test.ts","../test/resources/oauth2.test.ts","../test/resources/template.test.ts","../test/services/integrationsPlatform.test.ts","../test/services/oauth2.test.ts","../scripts/generateTypes.ts","../.eslintrc.js"],"version":"5.9.3"}