reqon-dsl 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (388) hide show
  1. package/.claude/settings.local.json +31 -0
  2. package/.claude/skills/api-integration.md +125 -0
  3. package/.claude/skills/database-schema.md +51 -0
  4. package/.claude/skills/dsl-design.md +80 -0
  5. package/.claude/skills/property-testing.md +143 -0
  6. package/.claude/skills/reqon/SKILL.md +44 -0
  7. package/.claude/skills/reqon/references/examples.md +206 -0
  8. package/.claude/skills/reqon/references/syntax.md +263 -0
  9. package/.claude/skills/vscode-extension.md +113 -0
  10. package/.github/dependabot.yml +32 -0
  11. package/.github/pull_request_template.md +21 -0
  12. package/.github/workflows/ci.yml +174 -0
  13. package/.github/workflows/release.yml +73 -0
  14. package/CLAUDE.md +72 -0
  15. package/CONTRIBUTING.md +161 -0
  16. package/README.md +235 -0
  17. package/TODO.md +51 -0
  18. package/dist/ast/index.d.ts +1 -0
  19. package/dist/ast/index.js +1 -0
  20. package/dist/ast/nodes.d.ts +237 -0
  21. package/dist/ast/nodes.js +12 -0
  22. package/dist/auth/auth.test.d.ts +1 -0
  23. package/dist/auth/auth.test.js +255 -0
  24. package/dist/auth/circuit-breaker.d.ts +115 -0
  25. package/dist/auth/circuit-breaker.js +267 -0
  26. package/dist/auth/credentials.d.ts +91 -0
  27. package/dist/auth/credentials.js +169 -0
  28. package/dist/auth/index.d.ts +5 -0
  29. package/dist/auth/index.js +8 -0
  30. package/dist/auth/oauth2-provider.d.ts +41 -0
  31. package/dist/auth/oauth2-provider.js +131 -0
  32. package/dist/auth/rate-limiter.d.ts +61 -0
  33. package/dist/auth/rate-limiter.js +380 -0
  34. package/dist/auth/token-store.d.ts +30 -0
  35. package/dist/auth/token-store.js +148 -0
  36. package/dist/auth/types.d.ts +142 -0
  37. package/dist/auth/types.js +1 -0
  38. package/dist/cli.d.ts +2 -0
  39. package/dist/cli.js +270 -0
  40. package/dist/errors/errors.test.d.ts +1 -0
  41. package/dist/errors/errors.test.js +165 -0
  42. package/dist/errors/index.d.ts +83 -0
  43. package/dist/errors/index.js +159 -0
  44. package/dist/execution/execution.test.d.ts +1 -0
  45. package/dist/execution/execution.test.js +246 -0
  46. package/dist/execution/index.d.ts +4 -0
  47. package/dist/execution/index.js +2 -0
  48. package/dist/execution/state.d.ts +136 -0
  49. package/dist/execution/state.js +82 -0
  50. package/dist/execution/store.d.ts +52 -0
  51. package/dist/execution/store.js +120 -0
  52. package/dist/index.d.ts +27 -0
  53. package/dist/index.js +57 -0
  54. package/dist/integration.test.d.ts +1 -0
  55. package/dist/integration.test.js +168 -0
  56. package/dist/interpreter/context.d.ts +15 -0
  57. package/dist/interpreter/context.js +29 -0
  58. package/dist/interpreter/evaluator.d.ts +5 -0
  59. package/dist/interpreter/evaluator.js +223 -0
  60. package/dist/interpreter/evaluator.test.d.ts +1 -0
  61. package/dist/interpreter/evaluator.test.js +512 -0
  62. package/dist/interpreter/executor.d.ts +131 -0
  63. package/dist/interpreter/executor.js +663 -0
  64. package/dist/interpreter/fetch-handler.d.ts +43 -0
  65. package/dist/interpreter/fetch-handler.js +203 -0
  66. package/dist/interpreter/http.d.ts +57 -0
  67. package/dist/interpreter/http.js +210 -0
  68. package/dist/interpreter/http.test.d.ts +1 -0
  69. package/dist/interpreter/http.test.js +299 -0
  70. package/dist/interpreter/index.d.ts +7 -0
  71. package/dist/interpreter/index.js +7 -0
  72. package/dist/interpreter/pagination.d.ts +63 -0
  73. package/dist/interpreter/pagination.js +155 -0
  74. package/dist/interpreter/progress.test.d.ts +1 -0
  75. package/dist/interpreter/progress.test.js +216 -0
  76. package/dist/interpreter/schema-matcher.d.ts +16 -0
  77. package/dist/interpreter/schema-matcher.js +136 -0
  78. package/dist/interpreter/schema-matcher.test.d.ts +1 -0
  79. package/dist/interpreter/schema-matcher.test.js +122 -0
  80. package/dist/interpreter/signals.d.ts +57 -0
  81. package/dist/interpreter/signals.js +73 -0
  82. package/dist/interpreter/step-handlers/for-handler.d.ts +17 -0
  83. package/dist/interpreter/step-handlers/for-handler.js +51 -0
  84. package/dist/interpreter/step-handlers/index.d.ts +8 -0
  85. package/dist/interpreter/step-handlers/index.js +8 -0
  86. package/dist/interpreter/step-handlers/map-handler.d.ts +10 -0
  87. package/dist/interpreter/step-handlers/map-handler.js +20 -0
  88. package/dist/interpreter/step-handlers/match-handler.d.ts +27 -0
  89. package/dist/interpreter/step-handlers/match-handler.js +61 -0
  90. package/dist/interpreter/step-handlers/store-handler.d.ts +13 -0
  91. package/dist/interpreter/step-handlers/store-handler.js +66 -0
  92. package/dist/interpreter/step-handlers/types.d.ts +15 -0
  93. package/dist/interpreter/step-handlers/types.js +1 -0
  94. package/dist/interpreter/step-handlers/validate-handler.d.ts +10 -0
  95. package/dist/interpreter/step-handlers/validate-handler.js +26 -0
  96. package/dist/interpreter/step-handlers/webhook-handler.d.ts +36 -0
  97. package/dist/interpreter/step-handlers/webhook-handler.js +104 -0
  98. package/dist/lexer/index.d.ts +10 -0
  99. package/dist/lexer/index.js +12 -0
  100. package/dist/lexer/lexer.d.ts +24 -0
  101. package/dist/lexer/lexer.js +264 -0
  102. package/dist/lexer/lexer.test.d.ts +1 -0
  103. package/dist/lexer/lexer.test.js +259 -0
  104. package/dist/lexer/tokens.d.ts +69 -0
  105. package/dist/lexer/tokens.js +146 -0
  106. package/dist/loader/index.d.ts +36 -0
  107. package/dist/loader/index.js +220 -0
  108. package/dist/loader/loader.test.d.ts +1 -0
  109. package/dist/loader/loader.test.js +287 -0
  110. package/dist/oas/index.d.ts +4 -0
  111. package/dist/oas/index.js +2 -0
  112. package/dist/oas/loader.d.ts +21 -0
  113. package/dist/oas/loader.js +82 -0
  114. package/dist/oas/oas.test.d.ts +1 -0
  115. package/dist/oas/oas.test.js +218 -0
  116. package/dist/oas/validator.d.ts +12 -0
  117. package/dist/oas/validator.js +227 -0
  118. package/dist/parser/base.d.ts +33 -0
  119. package/dist/parser/base.js +97 -0
  120. package/dist/parser/expressions.d.ts +27 -0
  121. package/dist/parser/expressions.js +248 -0
  122. package/dist/parser/expressions.test.d.ts +1 -0
  123. package/dist/parser/expressions.test.js +378 -0
  124. package/dist/parser/index.d.ts +3 -0
  125. package/dist/parser/index.js +3 -0
  126. package/dist/parser/match.test.d.ts +1 -0
  127. package/dist/parser/match.test.js +254 -0
  128. package/dist/parser/parser.d.ts +68 -0
  129. package/dist/parser/parser.js +1229 -0
  130. package/dist/parser/parser.test.d.ts +1 -0
  131. package/dist/parser/parser.test.js +333 -0
  132. package/dist/parser/schedule.test.d.ts +1 -0
  133. package/dist/parser/schedule.test.js +241 -0
  134. package/dist/plugin.d.ts +35 -0
  135. package/dist/plugin.js +68 -0
  136. package/dist/scheduler/cron-parser.d.ts +32 -0
  137. package/dist/scheduler/cron-parser.js +198 -0
  138. package/dist/scheduler/cron-parser.test.d.ts +1 -0
  139. package/dist/scheduler/cron-parser.test.js +188 -0
  140. package/dist/scheduler/index.d.ts +3 -0
  141. package/dist/scheduler/index.js +2 -0
  142. package/dist/scheduler/scheduler.d.ts +81 -0
  143. package/dist/scheduler/scheduler.js +376 -0
  144. package/dist/scheduler/types.d.ts +65 -0
  145. package/dist/scheduler/types.js +1 -0
  146. package/dist/stores/factory.d.ts +36 -0
  147. package/dist/stores/factory.js +73 -0
  148. package/dist/stores/file.d.ts +60 -0
  149. package/dist/stores/file.js +173 -0
  150. package/dist/stores/file.test.d.ts +1 -0
  151. package/dist/stores/file.test.js +165 -0
  152. package/dist/stores/index.d.ts +6 -0
  153. package/dist/stores/index.js +5 -0
  154. package/dist/stores/memory.d.ts +19 -0
  155. package/dist/stores/memory.js +51 -0
  156. package/dist/stores/memory.test.d.ts +1 -0
  157. package/dist/stores/memory.test.js +157 -0
  158. package/dist/stores/postgrest.d.ts +55 -0
  159. package/dist/stores/postgrest.js +217 -0
  160. package/dist/stores/stores.test.d.ts +1 -0
  161. package/dist/stores/stores.test.js +158 -0
  162. package/dist/stores/types.d.ts +31 -0
  163. package/dist/stores/types.js +26 -0
  164. package/dist/sync/index.d.ts +4 -0
  165. package/dist/sync/index.js +2 -0
  166. package/dist/sync/state.d.ts +69 -0
  167. package/dist/sync/state.js +66 -0
  168. package/dist/sync/store.d.ts +49 -0
  169. package/dist/sync/store.js +93 -0
  170. package/dist/sync/sync.test.d.ts +1 -0
  171. package/dist/sync/sync.test.js +221 -0
  172. package/dist/utils/async.d.ts +7 -0
  173. package/dist/utils/async.js +9 -0
  174. package/dist/utils/file.d.ts +38 -0
  175. package/dist/utils/file.js +92 -0
  176. package/dist/utils/index.d.ts +4 -0
  177. package/dist/utils/index.js +4 -0
  178. package/dist/utils/logger.d.ts +34 -0
  179. package/dist/utils/logger.js +39 -0
  180. package/dist/utils/path.d.ts +12 -0
  181. package/dist/utils/path.js +41 -0
  182. package/dist/webhook/index.d.ts +8 -0
  183. package/dist/webhook/index.js +7 -0
  184. package/dist/webhook/server.d.ts +84 -0
  185. package/dist/webhook/server.js +319 -0
  186. package/dist/webhook/store.d.ts +67 -0
  187. package/dist/webhook/store.js +193 -0
  188. package/dist/webhook/types.d.ts +88 -0
  189. package/dist/webhook/types.js +6 -0
  190. package/docusaurus/README.md +41 -0
  191. package/docusaurus/docs/advanced/execution-state.md +283 -0
  192. package/docusaurus/docs/advanced/extending-reqon.md +388 -0
  193. package/docusaurus/docs/advanced/multi-file-missions.md +250 -0
  194. package/docusaurus/docs/advanced/parallel-execution.md +353 -0
  195. package/docusaurus/docs/api-reference.md +443 -0
  196. package/docusaurus/docs/authentication/api-key.md +339 -0
  197. package/docusaurus/docs/authentication/basic.md +276 -0
  198. package/docusaurus/docs/authentication/bearer.md +282 -0
  199. package/docusaurus/docs/authentication/oauth2.md +317 -0
  200. package/docusaurus/docs/authentication/overview.md +251 -0
  201. package/docusaurus/docs/cli.md +229 -0
  202. package/docusaurus/docs/core-concepts/actions.md +286 -0
  203. package/docusaurus/docs/core-concepts/missions.md +264 -0
  204. package/docusaurus/docs/core-concepts/schemas.md +353 -0
  205. package/docusaurus/docs/core-concepts/sources.md +339 -0
  206. package/docusaurus/docs/core-concepts/stores.md +332 -0
  207. package/docusaurus/docs/dsl-syntax/expressions.md +361 -0
  208. package/docusaurus/docs/dsl-syntax/fetch.md +293 -0
  209. package/docusaurus/docs/dsl-syntax/for-loops.md +324 -0
  210. package/docusaurus/docs/dsl-syntax/map.md +345 -0
  211. package/docusaurus/docs/dsl-syntax/match.md +387 -0
  212. package/docusaurus/docs/dsl-syntax/pipelines.md +397 -0
  213. package/docusaurus/docs/dsl-syntax/validate.md +401 -0
  214. package/docusaurus/docs/error-handling/dead-letter-queues.md +399 -0
  215. package/docusaurus/docs/error-handling/flow-control.md +337 -0
  216. package/docusaurus/docs/error-handling/retry-strategies.md +368 -0
  217. package/docusaurus/docs/examples.md +488 -0
  218. package/docusaurus/docs/getting-started.md +256 -0
  219. package/docusaurus/docs/http/circuit-breaker.md +401 -0
  220. package/docusaurus/docs/http/incremental-sync.md +394 -0
  221. package/docusaurus/docs/http/pagination.md +361 -0
  222. package/docusaurus/docs/http/rate-limiting.md +383 -0
  223. package/docusaurus/docs/http/requests.md +328 -0
  224. package/docusaurus/docs/http/retry.md +402 -0
  225. package/docusaurus/docs/intro.md +90 -0
  226. package/docusaurus/docs/openapi/loading-specs.md +305 -0
  227. package/docusaurus/docs/openapi/operation-calls.md +314 -0
  228. package/docusaurus/docs/openapi/overview.md +212 -0
  229. package/docusaurus/docs/openapi/response-validation.md +344 -0
  230. package/docusaurus/docs/scheduling/cron.md +305 -0
  231. package/docusaurus/docs/scheduling/daemon-mode.md +317 -0
  232. package/docusaurus/docs/scheduling/intervals.md +289 -0
  233. package/docusaurus/docs/scheduling/overview.md +231 -0
  234. package/docusaurus/docs/stores/custom-adapters.md +376 -0
  235. package/docusaurus/docs/stores/file.md +236 -0
  236. package/docusaurus/docs/stores/memory.md +193 -0
  237. package/docusaurus/docs/stores/overview.md +274 -0
  238. package/docusaurus/docs/stores/postgrest.md +316 -0
  239. package/docusaurus/docusaurus.config.ts +148 -0
  240. package/docusaurus/package-lock.json +18029 -0
  241. package/docusaurus/package.json +47 -0
  242. package/docusaurus/sidebars.ts +155 -0
  243. package/docusaurus/src/components/HomepageFeatures/index.tsx +105 -0
  244. package/docusaurus/src/components/HomepageFeatures/styles.module.css +12 -0
  245. package/docusaurus/src/css/custom.css +169 -0
  246. package/docusaurus/src/pages/index.module.css +48 -0
  247. package/docusaurus/src/pages/index.tsx +110 -0
  248. package/docusaurus/src/pages/markdown-page.md +7 -0
  249. package/docusaurus/static/.nojekyll +0 -0
  250. package/docusaurus/static/img/docusaurus-social-card.jpg +0 -0
  251. package/docusaurus/static/img/docusaurus.png +0 -0
  252. package/docusaurus/static/img/favicon.ico +0 -0
  253. package/docusaurus/static/img/logo.svg +10 -0
  254. package/docusaurus/static/img/undraw_docusaurus_mountain.svg +171 -0
  255. package/docusaurus/static/img/undraw_docusaurus_react.svg +170 -0
  256. package/docusaurus/static/img/undraw_docusaurus_tree.svg +40 -0
  257. package/docusaurus/tsconfig.json +8 -0
  258. package/examples/README.md +112 -0
  259. package/examples/error-handling/README.md +150 -0
  260. package/examples/error-handling/payment-processor.vague +287 -0
  261. package/examples/github-sync/README.md +74 -0
  262. package/examples/github-sync/fetch-issues.vague +47 -0
  263. package/examples/github-sync/fetch-prs.vague +40 -0
  264. package/examples/github-sync/mission.vague +101 -0
  265. package/examples/github-sync/normalize.vague +70 -0
  266. package/examples/jsonplaceholder/README.md +28 -0
  267. package/examples/jsonplaceholder/posts.vague +48 -0
  268. package/examples/petstore/README.md +35 -0
  269. package/examples/petstore/openapi.yaml +97 -0
  270. package/examples/petstore/sync.vague +52 -0
  271. package/examples/temporal-comparison/README.md +297 -0
  272. package/examples/temporal-comparison/reconciliation.vague +355 -0
  273. package/examples/temporal-comparison/temporal/activities/index.ts +8 -0
  274. package/examples/temporal-comparison/temporal/activities/shipstation.ts +225 -0
  275. package/examples/temporal-comparison/temporal/activities/shopify.ts +257 -0
  276. package/examples/temporal-comparison/temporal/activities/storage.ts +198 -0
  277. package/examples/temporal-comparison/temporal/activities/stripe.ts +169 -0
  278. package/examples/temporal-comparison/temporal/activities/validation.ts +205 -0
  279. package/examples/temporal-comparison/temporal/client/schedule.ts +218 -0
  280. package/examples/temporal-comparison/temporal/config/retry.ts +63 -0
  281. package/examples/temporal-comparison/temporal/types/index.ts +129 -0
  282. package/examples/temporal-comparison/temporal/workers/main.ts +130 -0
  283. package/examples/temporal-comparison/temporal/workflows/orderReconciliation.ts +262 -0
  284. package/examples/xero/README.md +88 -0
  285. package/examples/xero/invoices.vague +189 -0
  286. package/package.json +40 -0
  287. package/src/api-integration.test.ts +954 -0
  288. package/src/ast/index.ts +1 -0
  289. package/src/ast/nodes.ts +310 -0
  290. package/src/auth/auth.test.ts +326 -0
  291. package/src/auth/circuit-breaker.test.ts +390 -0
  292. package/src/auth/circuit-breaker.ts +379 -0
  293. package/src/auth/credentials.test.ts +273 -0
  294. package/src/auth/credentials.ts +246 -0
  295. package/src/auth/index.ts +40 -0
  296. package/src/auth/oauth2-provider.ts +177 -0
  297. package/src/auth/rate-limiter.ts +459 -0
  298. package/src/auth/token-store.ts +177 -0
  299. package/src/auth/types.ts +159 -0
  300. package/src/benchmark/e2e.bench.ts +288 -0
  301. package/src/benchmark/evaluator.bench.ts +331 -0
  302. package/src/benchmark/fixtures.ts +295 -0
  303. package/src/benchmark/index.ts +108 -0
  304. package/src/benchmark/lexer.bench.ts +69 -0
  305. package/src/benchmark/parser.bench.ts +103 -0
  306. package/src/benchmark/resilience.bench.ts +193 -0
  307. package/src/benchmark/store.bench.ts +147 -0
  308. package/src/benchmark/utils.ts +230 -0
  309. package/src/cli.ts +313 -0
  310. package/src/errors/errors.test.ts +234 -0
  311. package/src/errors/index.ts +223 -0
  312. package/src/execution/execution.test.ts +307 -0
  313. package/src/execution/index.ts +21 -0
  314. package/src/execution/state.ts +207 -0
  315. package/src/execution/store.ts +188 -0
  316. package/src/index.ts +169 -0
  317. package/src/integration.test.ts +192 -0
  318. package/src/interpreter/context.ts +57 -0
  319. package/src/interpreter/evaluator.test.ts +796 -0
  320. package/src/interpreter/evaluator.ts +245 -0
  321. package/src/interpreter/executor.ts +946 -0
  322. package/src/interpreter/fetch-handler.ts +302 -0
  323. package/src/interpreter/http.test.ts +423 -0
  324. package/src/interpreter/http.ts +308 -0
  325. package/src/interpreter/index.ts +32 -0
  326. package/src/interpreter/pagination.ts +207 -0
  327. package/src/interpreter/progress.test.ts +276 -0
  328. package/src/interpreter/schema-matcher.test.ts +160 -0
  329. package/src/interpreter/schema-matcher.ts +168 -0
  330. package/src/interpreter/signals.ts +73 -0
  331. package/src/interpreter/step-handlers/for-handler.ts +65 -0
  332. package/src/interpreter/step-handlers/index.ts +17 -0
  333. package/src/interpreter/step-handlers/map-handler.ts +24 -0
  334. package/src/interpreter/step-handlers/match-handler.ts +101 -0
  335. package/src/interpreter/step-handlers/store-handler.ts +78 -0
  336. package/src/interpreter/step-handlers/types.ts +17 -0
  337. package/src/interpreter/step-handlers/validate-handler.ts +30 -0
  338. package/src/interpreter/step-handlers/webhook-handler.ts +142 -0
  339. package/src/lexer/index.ts +18 -0
  340. package/src/lexer/lexer.test.ts +316 -0
  341. package/src/lexer/tokens.ts +179 -0
  342. package/src/loader/index.ts +288 -0
  343. package/src/loader/loader.test.ts +360 -0
  344. package/src/oas/index.ts +4 -0
  345. package/src/oas/loader.ts +126 -0
  346. package/src/oas/oas.test.ts +254 -0
  347. package/src/oas/validator.ts +299 -0
  348. package/src/parser/base.ts +124 -0
  349. package/src/parser/expressions.test.ts +525 -0
  350. package/src/parser/expressions.ts +314 -0
  351. package/src/parser/index.ts +3 -0
  352. package/src/parser/match.test.ts +296 -0
  353. package/src/parser/parser.test.ts +739 -0
  354. package/src/parser/parser.ts +1469 -0
  355. package/src/parser/schedule.test.ts +287 -0
  356. package/src/parser/webhook.test.ts +248 -0
  357. package/src/plugin.ts +83 -0
  358. package/src/scheduler/cron-parser.test.ts +236 -0
  359. package/src/scheduler/cron-parser.ts +236 -0
  360. package/src/scheduler/index.ts +10 -0
  361. package/src/scheduler/scheduler.ts +443 -0
  362. package/src/scheduler/types.ts +71 -0
  363. package/src/stores/factory.ts +104 -0
  364. package/src/stores/file.test.ts +276 -0
  365. package/src/stores/file.ts +211 -0
  366. package/src/stores/index.ts +6 -0
  367. package/src/stores/memory.test.ts +238 -0
  368. package/src/stores/memory.ts +63 -0
  369. package/src/stores/postgrest.test.ts +488 -0
  370. package/src/stores/postgrest.ts +263 -0
  371. package/src/stores/stores.test.ts +197 -0
  372. package/src/stores/types.ts +58 -0
  373. package/src/sync/index.ts +16 -0
  374. package/src/sync/state.ts +126 -0
  375. package/src/sync/store.ts +139 -0
  376. package/src/sync/sync.test.ts +271 -0
  377. package/src/utils/async.ts +10 -0
  378. package/src/utils/file.ts +106 -0
  379. package/src/utils/index.ts +14 -0
  380. package/src/utils/logger.ts +53 -0
  381. package/src/utils/path.ts +47 -0
  382. package/src/webhook/index.ts +15 -0
  383. package/src/webhook/server.test.ts +253 -0
  384. package/src/webhook/server.ts +389 -0
  385. package/src/webhook/store.ts +239 -0
  386. package/src/webhook/types.ts +93 -0
  387. package/tsconfig.json +17 -0
  388. package/vitest.config.ts +39 -0
@@ -0,0 +1,339 @@
1
+ ---
2
+ sidebar_position: 4
3
+ ---
4
+
5
+ # API Key Authentication
6
+
7
+ API key authentication sends a key in either a header or query parameter. Many SaaS APIs use this method.
8
+
9
+ ## Configuration
10
+
11
+ ### Mission File
12
+
13
+ ```vague
14
+ source API {
15
+ auth: api_key,
16
+ base: "https://api.example.com"
17
+ }
18
+ ```
19
+
20
+ ### Credentials File
21
+
22
+ ```json
23
+ {
24
+ "API": {
25
+ "type": "api_key",
26
+ "key": "your-api-key",
27
+ "header": "X-API-Key"
28
+ }
29
+ }
30
+ ```
31
+
32
+ ## Credential Options
33
+
34
+ | Field | Required | Description |
35
+ |-------|----------|-------------|
36
+ | `type` | Yes | Must be `"api_key"` |
37
+ | `key` | Yes | The API key value |
38
+ | `header` | No* | Header name for the key |
39
+ | `query` | No* | Query parameter name for the key |
40
+ | `prefix` | No | Prefix for header value (e.g., "Bearer") |
41
+
42
+ *One of `header` or `query` is required.
43
+
44
+ ## Header-Based API Key
45
+
46
+ ### Standard Header
47
+
48
+ ```json
49
+ {
50
+ "API": {
51
+ "type": "api_key",
52
+ "key": "your-api-key",
53
+ "header": "X-API-Key"
54
+ }
55
+ }
56
+ ```
57
+
58
+ Request:
59
+ ```http
60
+ GET /api/data HTTP/1.1
61
+ X-API-Key: your-api-key
62
+ ```
63
+
64
+ ### Authorization Header with Prefix
65
+
66
+ ```json
67
+ {
68
+ "API": {
69
+ "type": "api_key",
70
+ "key": "your-api-key",
71
+ "header": "Authorization",
72
+ "prefix": "ApiKey"
73
+ }
74
+ }
75
+ ```
76
+
77
+ Request:
78
+ ```http
79
+ GET /api/data HTTP/1.1
80
+ Authorization: ApiKey your-api-key
81
+ ```
82
+
83
+ ### Bearer-Style API Key
84
+
85
+ Some APIs use bearer format for API keys:
86
+
87
+ ```json
88
+ {
89
+ "API": {
90
+ "type": "api_key",
91
+ "key": "sk_live_xxxxx",
92
+ "header": "Authorization",
93
+ "prefix": "Bearer"
94
+ }
95
+ }
96
+ ```
97
+
98
+ Request:
99
+ ```http
100
+ GET /api/data HTTP/1.1
101
+ Authorization: Bearer sk_live_xxxxx
102
+ ```
103
+
104
+ ## Query Parameter API Key
105
+
106
+ ```json
107
+ {
108
+ "API": {
109
+ "type": "api_key",
110
+ "key": "your-api-key",
111
+ "query": "api_key"
112
+ }
113
+ }
114
+ ```
115
+
116
+ Request:
117
+ ```http
118
+ GET /api/data?api_key=your-api-key HTTP/1.1
119
+ ```
120
+
121
+ ## Common API Examples
122
+
123
+ ### SendGrid
124
+
125
+ ```json
126
+ {
127
+ "SendGrid": {
128
+ "type": "api_key",
129
+ "key": "SG.xxxxxxxxxxxx",
130
+ "header": "Authorization",
131
+ "prefix": "Bearer"
132
+ }
133
+ }
134
+ ```
135
+
136
+ ### Mailchimp
137
+
138
+ ```json
139
+ {
140
+ "Mailchimp": {
141
+ "type": "api_key",
142
+ "key": "your-api-key-us1",
143
+ "header": "Authorization",
144
+ "prefix": "apikey"
145
+ }
146
+ }
147
+ ```
148
+
149
+ ### OpenAI
150
+
151
+ ```json
152
+ {
153
+ "OpenAI": {
154
+ "type": "api_key",
155
+ "key": "sk-xxxxxxxxxxxx",
156
+ "header": "Authorization",
157
+ "prefix": "Bearer"
158
+ }
159
+ }
160
+ ```
161
+
162
+ ### Google Maps
163
+
164
+ ```json
165
+ {
166
+ "GoogleMaps": {
167
+ "type": "api_key",
168
+ "key": "AIzaxxxxxxxxxxxxx",
169
+ "query": "key"
170
+ }
171
+ }
172
+ ```
173
+
174
+ ### Custom API
175
+
176
+ ```json
177
+ {
178
+ "CustomAPI": {
179
+ "type": "api_key",
180
+ "key": "your-api-key",
181
+ "header": "X-Custom-Auth"
182
+ }
183
+ }
184
+ ```
185
+
186
+ ## Environment Variables
187
+
188
+ ### In Credentials
189
+
190
+ ```json
191
+ {
192
+ "API": {
193
+ "type": "api_key",
194
+ "key": "${API_KEY}",
195
+ "header": "X-API-Key"
196
+ }
197
+ }
198
+ ```
199
+
200
+ ### In Mission
201
+
202
+ ```vague
203
+ source API {
204
+ auth: api_key,
205
+ base: "https://api.example.com",
206
+ apiKey: env("API_KEY"),
207
+ apiKeyHeader: "X-API-Key"
208
+ }
209
+ ```
210
+
211
+ ## Multiple API Keys
212
+
213
+ For APIs requiring multiple keys:
214
+
215
+ ```vague
216
+ source API {
217
+ auth: api_key,
218
+ base: "https://api.example.com",
219
+ headers: {
220
+ "X-API-Key": env("API_KEY"),
221
+ "X-App-ID": env("APP_ID")
222
+ }
223
+ }
224
+ ```
225
+
226
+ Or use custom header addition:
227
+
228
+ ```json
229
+ {
230
+ "API": {
231
+ "type": "api_key",
232
+ "key": "primary-key",
233
+ "header": "X-API-Key",
234
+ "additionalHeaders": {
235
+ "X-App-ID": "your-app-id"
236
+ }
237
+ }
238
+ }
239
+ ```
240
+
241
+ ## Key Rotation
242
+
243
+ ### Manual Rotation
244
+
245
+ 1. Generate new key in provider dashboard
246
+ 2. Update credentials file
247
+ 3. Run mission
248
+
249
+ ### Zero-Downtime Rotation
250
+
251
+ Some APIs support multiple active keys:
252
+
253
+ ```json
254
+ {
255
+ "API": {
256
+ "type": "api_key",
257
+ "key": "new-key",
258
+ "header": "X-API-Key"
259
+ }
260
+ }
261
+ ```
262
+
263
+ 1. Create new key (old still works)
264
+ 2. Update credentials
265
+ 3. Verify new key works
266
+ 4. Revoke old key
267
+
268
+ ## Error Handling
269
+
270
+ ```vague
271
+ action FetchData {
272
+ get "/data"
273
+
274
+ match response {
275
+ { error: "invalid_api_key" } -> abort "Invalid API key",
276
+ { error: "expired_api_key" } -> abort "API key expired",
277
+ { error: _, code: 401 } -> abort "Authentication failed",
278
+ { error: _, code: 403 } -> abort "API key lacks permissions",
279
+ _ -> continue
280
+ }
281
+ }
282
+ ```
283
+
284
+ ## Security Best Practices
285
+
286
+ ### Never Expose in URLs (When Possible)
287
+
288
+ Prefer header over query:
289
+
290
+ ```json
291
+ // Better: key in header
292
+ {
293
+ "type": "api_key",
294
+ "key": "...",
295
+ "header": "X-API-Key"
296
+ }
297
+
298
+ // Avoid: key in URL (may be logged)
299
+ {
300
+ "type": "api_key",
301
+ "key": "...",
302
+ "query": "api_key"
303
+ }
304
+ ```
305
+
306
+ ### Use Environment Variables
307
+
308
+ ```bash
309
+ export API_KEY="your-key"
310
+ ```
311
+
312
+ ### Restrict Key Permissions
313
+
314
+ Use keys with minimal required permissions.
315
+
316
+ ## Troubleshooting
317
+
318
+ ### "Invalid API Key"
319
+
320
+ 1. Check key is correct
321
+ 2. Check for extra whitespace
322
+ 3. Verify key hasn't been revoked
323
+
324
+ ### "Header Not Recognized"
325
+
326
+ Check the exact header name the API expects:
327
+
328
+ ```json
329
+ // Case matters!
330
+ "header": "X-API-Key" // Not "x-api-key"
331
+ ```
332
+
333
+ ### Key Being Sent Wrong
334
+
335
+ Debug by checking what's being sent:
336
+
337
+ ```bash
338
+ reqon mission.vague --verbose
339
+ ```
@@ -0,0 +1,276 @@
1
+ ---
2
+ sidebar_position: 5
3
+ ---
4
+
5
+ # Basic Authentication
6
+
7
+ HTTP Basic Authentication sends username and password with each request, encoded in Base64. While simple, it should only be used over HTTPS.
8
+
9
+ ## Configuration
10
+
11
+ ### Mission File
12
+
13
+ ```vague
14
+ source API {
15
+ auth: basic,
16
+ base: "https://api.example.com"
17
+ }
18
+ ```
19
+
20
+ ### Credentials File
21
+
22
+ ```json
23
+ {
24
+ "API": {
25
+ "type": "basic",
26
+ "username": "your-username",
27
+ "password": "your-password"
28
+ }
29
+ }
30
+ ```
31
+
32
+ ## How It Works
33
+
34
+ Reqon encodes credentials and adds them to every request:
35
+
36
+ ```http
37
+ GET /api/data HTTP/1.1
38
+ Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
39
+ ```
40
+
41
+ The value is `base64(username:password)`.
42
+
43
+ ## Credential Options
44
+
45
+ | Field | Required | Description |
46
+ |-------|----------|-------------|
47
+ | `type` | Yes | Must be `"basic"` |
48
+ | `username` | Yes | The username |
49
+ | `password` | Yes | The password |
50
+
51
+ ## Environment Variables
52
+
53
+ ### In Credentials File
54
+
55
+ ```json
56
+ {
57
+ "API": {
58
+ "type": "basic",
59
+ "username": "${API_USERNAME}",
60
+ "password": "${API_PASSWORD}"
61
+ }
62
+ }
63
+ ```
64
+
65
+ ```bash
66
+ export API_USERNAME="myuser"
67
+ export API_PASSWORD="mypass"
68
+ reqon mission.vague --auth credentials.json
69
+ ```
70
+
71
+ ### In Mission File
72
+
73
+ ```vague
74
+ source API {
75
+ auth: basic,
76
+ base: "https://api.example.com",
77
+ username: env("API_USERNAME"),
78
+ password: env("API_PASSWORD")
79
+ }
80
+ ```
81
+
82
+ ## Common Use Cases
83
+
84
+ ### Legacy Systems
85
+
86
+ ```vague
87
+ source LegacyERP {
88
+ auth: basic,
89
+ base: "https://erp.company.com/api"
90
+ }
91
+ ```
92
+
93
+ ### JIRA (Server)
94
+
95
+ ```json
96
+ {
97
+ "JIRA": {
98
+ "type": "basic",
99
+ "username": "user@company.com",
100
+ "password": "api-token"
101
+ }
102
+ }
103
+ ```
104
+
105
+ ### Bitbucket Server
106
+
107
+ ```json
108
+ {
109
+ "Bitbucket": {
110
+ "type": "basic",
111
+ "username": "username",
112
+ "password": "app-password"
113
+ }
114
+ }
115
+ ```
116
+
117
+ ### Jenkins
118
+
119
+ ```json
120
+ {
121
+ "Jenkins": {
122
+ "type": "basic",
123
+ "username": "admin",
124
+ "password": "api-token"
125
+ }
126
+ }
127
+ ```
128
+
129
+ ### Elasticsearch
130
+
131
+ ```json
132
+ {
133
+ "Elasticsearch": {
134
+ "type": "basic",
135
+ "username": "elastic",
136
+ "password": "changeme"
137
+ }
138
+ }
139
+ ```
140
+
141
+ ## Token as Password
142
+
143
+ Many APIs use Basic auth with a token as password:
144
+
145
+ ### Atlassian Cloud
146
+
147
+ ```json
148
+ {
149
+ "Atlassian": {
150
+ "type": "basic",
151
+ "username": "email@example.com",
152
+ "password": "ATATT3xFfGF0..." // API token
153
+ }
154
+ }
155
+ ```
156
+
157
+ ### npm Registry
158
+
159
+ ```json
160
+ {
161
+ "NPM": {
162
+ "type": "basic",
163
+ "username": "username",
164
+ "password": "npm_xxxxx" // Access token
165
+ }
166
+ }
167
+ ```
168
+
169
+ ## Error Handling
170
+
171
+ ```vague
172
+ action FetchData {
173
+ get "/data"
174
+
175
+ match response {
176
+ { error: _, code: 401 } -> abort "Invalid credentials",
177
+ { error: _, code: 403 } -> abort "Access denied",
178
+ _ -> continue
179
+ }
180
+ }
181
+ ```
182
+
183
+ ## Security Considerations
184
+
185
+ ### Always Use HTTPS
186
+
187
+ Basic auth credentials are only Base64 encoded (not encrypted):
188
+
189
+ ```vague
190
+ // Good
191
+ source API {
192
+ auth: basic,
193
+ base: "https://api.example.com" // HTTPS
194
+ }
195
+
196
+ // DANGEROUS - credentials exposed
197
+ source API {
198
+ auth: basic,
199
+ base: "http://api.example.com" // HTTP
200
+ }
201
+ ```
202
+
203
+ ### Prefer Token-Based Auth
204
+
205
+ When available, use tokens instead:
206
+
207
+ ```vague
208
+ // Preferred: token-based
209
+ source API {
210
+ auth: bearer,
211
+ base: "https://api.example.com"
212
+ }
213
+
214
+ // Use basic only when necessary
215
+ source LegacyAPI {
216
+ auth: basic,
217
+ base: "https://legacy.example.com"
218
+ }
219
+ ```
220
+
221
+ ### Use Strong Passwords
222
+
223
+ If using actual password (not token):
224
+ - Use a unique password for API access
225
+ - Enable MFA on the account if available
226
+ - Rotate regularly
227
+
228
+ ## Credential Rotation
229
+
230
+ ### Rotate Password
231
+
232
+ 1. Update password in API provider
233
+ 2. Update credentials file
234
+ 3. Verify mission works
235
+
236
+ ### Minimal Disruption
237
+
238
+ ```bash
239
+ # Update credentials
240
+ echo '{"API": {"type": "basic", "username": "user", "password": "new-pass"}}' > credentials.json
241
+
242
+ # Test
243
+ reqon mission.vague --dry-run --auth credentials.json
244
+
245
+ # Run
246
+ reqon mission.vague --auth credentials.json
247
+ ```
248
+
249
+ ## Troubleshooting
250
+
251
+ ### "401 Unauthorized"
252
+
253
+ 1. Verify username and password
254
+ 2. Check for typos
255
+ 3. Ensure account has API access
256
+
257
+ ### "Encoding Issues"
258
+
259
+ Check for special characters in password. They should be URL-safe or properly escaped:
260
+
261
+ ```json
262
+ {
263
+ "API": {
264
+ "username": "user",
265
+ "password": "pass:word@123" // Special chars OK
266
+ }
267
+ }
268
+ ```
269
+
270
+ ### "Connection Refused"
271
+
272
+ Verify HTTPS is working:
273
+
274
+ ```bash
275
+ curl -u "user:pass" https://api.example.com/health
276
+ ```