reqon-dsl 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/settings.local.json +31 -0
- package/.claude/skills/api-integration.md +125 -0
- package/.claude/skills/database-schema.md +51 -0
- package/.claude/skills/dsl-design.md +80 -0
- package/.claude/skills/property-testing.md +143 -0
- package/.claude/skills/reqon/SKILL.md +44 -0
- package/.claude/skills/reqon/references/examples.md +206 -0
- package/.claude/skills/reqon/references/syntax.md +263 -0
- package/.claude/skills/vscode-extension.md +113 -0
- package/.github/dependabot.yml +32 -0
- package/.github/pull_request_template.md +21 -0
- package/.github/workflows/ci.yml +174 -0
- package/.github/workflows/release.yml +73 -0
- package/CLAUDE.md +72 -0
- package/CONTRIBUTING.md +161 -0
- package/README.md +235 -0
- package/TODO.md +51 -0
- package/dist/ast/index.d.ts +1 -0
- package/dist/ast/index.js +1 -0
- package/dist/ast/nodes.d.ts +237 -0
- package/dist/ast/nodes.js +12 -0
- package/dist/auth/auth.test.d.ts +1 -0
- package/dist/auth/auth.test.js +255 -0
- package/dist/auth/circuit-breaker.d.ts +115 -0
- package/dist/auth/circuit-breaker.js +267 -0
- package/dist/auth/credentials.d.ts +91 -0
- package/dist/auth/credentials.js +169 -0
- package/dist/auth/index.d.ts +5 -0
- package/dist/auth/index.js +8 -0
- package/dist/auth/oauth2-provider.d.ts +41 -0
- package/dist/auth/oauth2-provider.js +131 -0
- package/dist/auth/rate-limiter.d.ts +61 -0
- package/dist/auth/rate-limiter.js +380 -0
- package/dist/auth/token-store.d.ts +30 -0
- package/dist/auth/token-store.js +148 -0
- package/dist/auth/types.d.ts +142 -0
- package/dist/auth/types.js +1 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +270 -0
- package/dist/errors/errors.test.d.ts +1 -0
- package/dist/errors/errors.test.js +165 -0
- package/dist/errors/index.d.ts +83 -0
- package/dist/errors/index.js +159 -0
- package/dist/execution/execution.test.d.ts +1 -0
- package/dist/execution/execution.test.js +246 -0
- package/dist/execution/index.d.ts +4 -0
- package/dist/execution/index.js +2 -0
- package/dist/execution/state.d.ts +136 -0
- package/dist/execution/state.js +82 -0
- package/dist/execution/store.d.ts +52 -0
- package/dist/execution/store.js +120 -0
- package/dist/index.d.ts +27 -0
- package/dist/index.js +57 -0
- package/dist/integration.test.d.ts +1 -0
- package/dist/integration.test.js +168 -0
- package/dist/interpreter/context.d.ts +15 -0
- package/dist/interpreter/context.js +29 -0
- package/dist/interpreter/evaluator.d.ts +5 -0
- package/dist/interpreter/evaluator.js +223 -0
- package/dist/interpreter/evaluator.test.d.ts +1 -0
- package/dist/interpreter/evaluator.test.js +512 -0
- package/dist/interpreter/executor.d.ts +131 -0
- package/dist/interpreter/executor.js +663 -0
- package/dist/interpreter/fetch-handler.d.ts +43 -0
- package/dist/interpreter/fetch-handler.js +203 -0
- package/dist/interpreter/http.d.ts +57 -0
- package/dist/interpreter/http.js +210 -0
- package/dist/interpreter/http.test.d.ts +1 -0
- package/dist/interpreter/http.test.js +299 -0
- package/dist/interpreter/index.d.ts +7 -0
- package/dist/interpreter/index.js +7 -0
- package/dist/interpreter/pagination.d.ts +63 -0
- package/dist/interpreter/pagination.js +155 -0
- package/dist/interpreter/progress.test.d.ts +1 -0
- package/dist/interpreter/progress.test.js +216 -0
- package/dist/interpreter/schema-matcher.d.ts +16 -0
- package/dist/interpreter/schema-matcher.js +136 -0
- package/dist/interpreter/schema-matcher.test.d.ts +1 -0
- package/dist/interpreter/schema-matcher.test.js +122 -0
- package/dist/interpreter/signals.d.ts +57 -0
- package/dist/interpreter/signals.js +73 -0
- package/dist/interpreter/step-handlers/for-handler.d.ts +17 -0
- package/dist/interpreter/step-handlers/for-handler.js +51 -0
- package/dist/interpreter/step-handlers/index.d.ts +8 -0
- package/dist/interpreter/step-handlers/index.js +8 -0
- package/dist/interpreter/step-handlers/map-handler.d.ts +10 -0
- package/dist/interpreter/step-handlers/map-handler.js +20 -0
- package/dist/interpreter/step-handlers/match-handler.d.ts +27 -0
- package/dist/interpreter/step-handlers/match-handler.js +61 -0
- package/dist/interpreter/step-handlers/store-handler.d.ts +13 -0
- package/dist/interpreter/step-handlers/store-handler.js +66 -0
- package/dist/interpreter/step-handlers/types.d.ts +15 -0
- package/dist/interpreter/step-handlers/types.js +1 -0
- package/dist/interpreter/step-handlers/validate-handler.d.ts +10 -0
- package/dist/interpreter/step-handlers/validate-handler.js +26 -0
- package/dist/interpreter/step-handlers/webhook-handler.d.ts +36 -0
- package/dist/interpreter/step-handlers/webhook-handler.js +104 -0
- package/dist/lexer/index.d.ts +10 -0
- package/dist/lexer/index.js +12 -0
- package/dist/lexer/lexer.d.ts +24 -0
- package/dist/lexer/lexer.js +264 -0
- package/dist/lexer/lexer.test.d.ts +1 -0
- package/dist/lexer/lexer.test.js +259 -0
- package/dist/lexer/tokens.d.ts +69 -0
- package/dist/lexer/tokens.js +146 -0
- package/dist/loader/index.d.ts +36 -0
- package/dist/loader/index.js +220 -0
- package/dist/loader/loader.test.d.ts +1 -0
- package/dist/loader/loader.test.js +287 -0
- package/dist/oas/index.d.ts +4 -0
- package/dist/oas/index.js +2 -0
- package/dist/oas/loader.d.ts +21 -0
- package/dist/oas/loader.js +82 -0
- package/dist/oas/oas.test.d.ts +1 -0
- package/dist/oas/oas.test.js +218 -0
- package/dist/oas/validator.d.ts +12 -0
- package/dist/oas/validator.js +227 -0
- package/dist/parser/base.d.ts +33 -0
- package/dist/parser/base.js +97 -0
- package/dist/parser/expressions.d.ts +27 -0
- package/dist/parser/expressions.js +248 -0
- package/dist/parser/expressions.test.d.ts +1 -0
- package/dist/parser/expressions.test.js +378 -0
- package/dist/parser/index.d.ts +3 -0
- package/dist/parser/index.js +3 -0
- package/dist/parser/match.test.d.ts +1 -0
- package/dist/parser/match.test.js +254 -0
- package/dist/parser/parser.d.ts +68 -0
- package/dist/parser/parser.js +1229 -0
- package/dist/parser/parser.test.d.ts +1 -0
- package/dist/parser/parser.test.js +333 -0
- package/dist/parser/schedule.test.d.ts +1 -0
- package/dist/parser/schedule.test.js +241 -0
- package/dist/plugin.d.ts +35 -0
- package/dist/plugin.js +68 -0
- package/dist/scheduler/cron-parser.d.ts +32 -0
- package/dist/scheduler/cron-parser.js +198 -0
- package/dist/scheduler/cron-parser.test.d.ts +1 -0
- package/dist/scheduler/cron-parser.test.js +188 -0
- package/dist/scheduler/index.d.ts +3 -0
- package/dist/scheduler/index.js +2 -0
- package/dist/scheduler/scheduler.d.ts +81 -0
- package/dist/scheduler/scheduler.js +376 -0
- package/dist/scheduler/types.d.ts +65 -0
- package/dist/scheduler/types.js +1 -0
- package/dist/stores/factory.d.ts +36 -0
- package/dist/stores/factory.js +73 -0
- package/dist/stores/file.d.ts +60 -0
- package/dist/stores/file.js +173 -0
- package/dist/stores/file.test.d.ts +1 -0
- package/dist/stores/file.test.js +165 -0
- package/dist/stores/index.d.ts +6 -0
- package/dist/stores/index.js +5 -0
- package/dist/stores/memory.d.ts +19 -0
- package/dist/stores/memory.js +51 -0
- package/dist/stores/memory.test.d.ts +1 -0
- package/dist/stores/memory.test.js +157 -0
- package/dist/stores/postgrest.d.ts +55 -0
- package/dist/stores/postgrest.js +217 -0
- package/dist/stores/stores.test.d.ts +1 -0
- package/dist/stores/stores.test.js +158 -0
- package/dist/stores/types.d.ts +31 -0
- package/dist/stores/types.js +26 -0
- package/dist/sync/index.d.ts +4 -0
- package/dist/sync/index.js +2 -0
- package/dist/sync/state.d.ts +69 -0
- package/dist/sync/state.js +66 -0
- package/dist/sync/store.d.ts +49 -0
- package/dist/sync/store.js +93 -0
- package/dist/sync/sync.test.d.ts +1 -0
- package/dist/sync/sync.test.js +221 -0
- package/dist/utils/async.d.ts +7 -0
- package/dist/utils/async.js +9 -0
- package/dist/utils/file.d.ts +38 -0
- package/dist/utils/file.js +92 -0
- package/dist/utils/index.d.ts +4 -0
- package/dist/utils/index.js +4 -0
- package/dist/utils/logger.d.ts +34 -0
- package/dist/utils/logger.js +39 -0
- package/dist/utils/path.d.ts +12 -0
- package/dist/utils/path.js +41 -0
- package/dist/webhook/index.d.ts +8 -0
- package/dist/webhook/index.js +7 -0
- package/dist/webhook/server.d.ts +84 -0
- package/dist/webhook/server.js +319 -0
- package/dist/webhook/store.d.ts +67 -0
- package/dist/webhook/store.js +193 -0
- package/dist/webhook/types.d.ts +88 -0
- package/dist/webhook/types.js +6 -0
- package/docusaurus/README.md +41 -0
- package/docusaurus/docs/advanced/execution-state.md +283 -0
- package/docusaurus/docs/advanced/extending-reqon.md +388 -0
- package/docusaurus/docs/advanced/multi-file-missions.md +250 -0
- package/docusaurus/docs/advanced/parallel-execution.md +353 -0
- package/docusaurus/docs/api-reference.md +443 -0
- package/docusaurus/docs/authentication/api-key.md +339 -0
- package/docusaurus/docs/authentication/basic.md +276 -0
- package/docusaurus/docs/authentication/bearer.md +282 -0
- package/docusaurus/docs/authentication/oauth2.md +317 -0
- package/docusaurus/docs/authentication/overview.md +251 -0
- package/docusaurus/docs/cli.md +229 -0
- package/docusaurus/docs/core-concepts/actions.md +286 -0
- package/docusaurus/docs/core-concepts/missions.md +264 -0
- package/docusaurus/docs/core-concepts/schemas.md +353 -0
- package/docusaurus/docs/core-concepts/sources.md +339 -0
- package/docusaurus/docs/core-concepts/stores.md +332 -0
- package/docusaurus/docs/dsl-syntax/expressions.md +361 -0
- package/docusaurus/docs/dsl-syntax/fetch.md +293 -0
- package/docusaurus/docs/dsl-syntax/for-loops.md +324 -0
- package/docusaurus/docs/dsl-syntax/map.md +345 -0
- package/docusaurus/docs/dsl-syntax/match.md +387 -0
- package/docusaurus/docs/dsl-syntax/pipelines.md +397 -0
- package/docusaurus/docs/dsl-syntax/validate.md +401 -0
- package/docusaurus/docs/error-handling/dead-letter-queues.md +399 -0
- package/docusaurus/docs/error-handling/flow-control.md +337 -0
- package/docusaurus/docs/error-handling/retry-strategies.md +368 -0
- package/docusaurus/docs/examples.md +488 -0
- package/docusaurus/docs/getting-started.md +256 -0
- package/docusaurus/docs/http/circuit-breaker.md +401 -0
- package/docusaurus/docs/http/incremental-sync.md +394 -0
- package/docusaurus/docs/http/pagination.md +361 -0
- package/docusaurus/docs/http/rate-limiting.md +383 -0
- package/docusaurus/docs/http/requests.md +328 -0
- package/docusaurus/docs/http/retry.md +402 -0
- package/docusaurus/docs/intro.md +90 -0
- package/docusaurus/docs/openapi/loading-specs.md +305 -0
- package/docusaurus/docs/openapi/operation-calls.md +314 -0
- package/docusaurus/docs/openapi/overview.md +212 -0
- package/docusaurus/docs/openapi/response-validation.md +344 -0
- package/docusaurus/docs/scheduling/cron.md +305 -0
- package/docusaurus/docs/scheduling/daemon-mode.md +317 -0
- package/docusaurus/docs/scheduling/intervals.md +289 -0
- package/docusaurus/docs/scheduling/overview.md +231 -0
- package/docusaurus/docs/stores/custom-adapters.md +376 -0
- package/docusaurus/docs/stores/file.md +236 -0
- package/docusaurus/docs/stores/memory.md +193 -0
- package/docusaurus/docs/stores/overview.md +274 -0
- package/docusaurus/docs/stores/postgrest.md +316 -0
- package/docusaurus/docusaurus.config.ts +148 -0
- package/docusaurus/package-lock.json +18029 -0
- package/docusaurus/package.json +47 -0
- package/docusaurus/sidebars.ts +155 -0
- package/docusaurus/src/components/HomepageFeatures/index.tsx +105 -0
- package/docusaurus/src/components/HomepageFeatures/styles.module.css +12 -0
- package/docusaurus/src/css/custom.css +169 -0
- package/docusaurus/src/pages/index.module.css +48 -0
- package/docusaurus/src/pages/index.tsx +110 -0
- package/docusaurus/src/pages/markdown-page.md +7 -0
- package/docusaurus/static/.nojekyll +0 -0
- package/docusaurus/static/img/docusaurus-social-card.jpg +0 -0
- package/docusaurus/static/img/docusaurus.png +0 -0
- package/docusaurus/static/img/favicon.ico +0 -0
- package/docusaurus/static/img/logo.svg +10 -0
- package/docusaurus/static/img/undraw_docusaurus_mountain.svg +171 -0
- package/docusaurus/static/img/undraw_docusaurus_react.svg +170 -0
- package/docusaurus/static/img/undraw_docusaurus_tree.svg +40 -0
- package/docusaurus/tsconfig.json +8 -0
- package/examples/README.md +112 -0
- package/examples/error-handling/README.md +150 -0
- package/examples/error-handling/payment-processor.vague +287 -0
- package/examples/github-sync/README.md +74 -0
- package/examples/github-sync/fetch-issues.vague +47 -0
- package/examples/github-sync/fetch-prs.vague +40 -0
- package/examples/github-sync/mission.vague +101 -0
- package/examples/github-sync/normalize.vague +70 -0
- package/examples/jsonplaceholder/README.md +28 -0
- package/examples/jsonplaceholder/posts.vague +48 -0
- package/examples/petstore/README.md +35 -0
- package/examples/petstore/openapi.yaml +97 -0
- package/examples/petstore/sync.vague +52 -0
- package/examples/temporal-comparison/README.md +297 -0
- package/examples/temporal-comparison/reconciliation.vague +355 -0
- package/examples/temporal-comparison/temporal/activities/index.ts +8 -0
- package/examples/temporal-comparison/temporal/activities/shipstation.ts +225 -0
- package/examples/temporal-comparison/temporal/activities/shopify.ts +257 -0
- package/examples/temporal-comparison/temporal/activities/storage.ts +198 -0
- package/examples/temporal-comparison/temporal/activities/stripe.ts +169 -0
- package/examples/temporal-comparison/temporal/activities/validation.ts +205 -0
- package/examples/temporal-comparison/temporal/client/schedule.ts +218 -0
- package/examples/temporal-comparison/temporal/config/retry.ts +63 -0
- package/examples/temporal-comparison/temporal/types/index.ts +129 -0
- package/examples/temporal-comparison/temporal/workers/main.ts +130 -0
- package/examples/temporal-comparison/temporal/workflows/orderReconciliation.ts +262 -0
- package/examples/xero/README.md +88 -0
- package/examples/xero/invoices.vague +189 -0
- package/package.json +40 -0
- package/src/api-integration.test.ts +954 -0
- package/src/ast/index.ts +1 -0
- package/src/ast/nodes.ts +310 -0
- package/src/auth/auth.test.ts +326 -0
- package/src/auth/circuit-breaker.test.ts +390 -0
- package/src/auth/circuit-breaker.ts +379 -0
- package/src/auth/credentials.test.ts +273 -0
- package/src/auth/credentials.ts +246 -0
- package/src/auth/index.ts +40 -0
- package/src/auth/oauth2-provider.ts +177 -0
- package/src/auth/rate-limiter.ts +459 -0
- package/src/auth/token-store.ts +177 -0
- package/src/auth/types.ts +159 -0
- package/src/benchmark/e2e.bench.ts +288 -0
- package/src/benchmark/evaluator.bench.ts +331 -0
- package/src/benchmark/fixtures.ts +295 -0
- package/src/benchmark/index.ts +108 -0
- package/src/benchmark/lexer.bench.ts +69 -0
- package/src/benchmark/parser.bench.ts +103 -0
- package/src/benchmark/resilience.bench.ts +193 -0
- package/src/benchmark/store.bench.ts +147 -0
- package/src/benchmark/utils.ts +230 -0
- package/src/cli.ts +313 -0
- package/src/errors/errors.test.ts +234 -0
- package/src/errors/index.ts +223 -0
- package/src/execution/execution.test.ts +307 -0
- package/src/execution/index.ts +21 -0
- package/src/execution/state.ts +207 -0
- package/src/execution/store.ts +188 -0
- package/src/index.ts +169 -0
- package/src/integration.test.ts +192 -0
- package/src/interpreter/context.ts +57 -0
- package/src/interpreter/evaluator.test.ts +796 -0
- package/src/interpreter/evaluator.ts +245 -0
- package/src/interpreter/executor.ts +946 -0
- package/src/interpreter/fetch-handler.ts +302 -0
- package/src/interpreter/http.test.ts +423 -0
- package/src/interpreter/http.ts +308 -0
- package/src/interpreter/index.ts +32 -0
- package/src/interpreter/pagination.ts +207 -0
- package/src/interpreter/progress.test.ts +276 -0
- package/src/interpreter/schema-matcher.test.ts +160 -0
- package/src/interpreter/schema-matcher.ts +168 -0
- package/src/interpreter/signals.ts +73 -0
- package/src/interpreter/step-handlers/for-handler.ts +65 -0
- package/src/interpreter/step-handlers/index.ts +17 -0
- package/src/interpreter/step-handlers/map-handler.ts +24 -0
- package/src/interpreter/step-handlers/match-handler.ts +101 -0
- package/src/interpreter/step-handlers/store-handler.ts +78 -0
- package/src/interpreter/step-handlers/types.ts +17 -0
- package/src/interpreter/step-handlers/validate-handler.ts +30 -0
- package/src/interpreter/step-handlers/webhook-handler.ts +142 -0
- package/src/lexer/index.ts +18 -0
- package/src/lexer/lexer.test.ts +316 -0
- package/src/lexer/tokens.ts +179 -0
- package/src/loader/index.ts +288 -0
- package/src/loader/loader.test.ts +360 -0
- package/src/oas/index.ts +4 -0
- package/src/oas/loader.ts +126 -0
- package/src/oas/oas.test.ts +254 -0
- package/src/oas/validator.ts +299 -0
- package/src/parser/base.ts +124 -0
- package/src/parser/expressions.test.ts +525 -0
- package/src/parser/expressions.ts +314 -0
- package/src/parser/index.ts +3 -0
- package/src/parser/match.test.ts +296 -0
- package/src/parser/parser.test.ts +739 -0
- package/src/parser/parser.ts +1469 -0
- package/src/parser/schedule.test.ts +287 -0
- package/src/parser/webhook.test.ts +248 -0
- package/src/plugin.ts +83 -0
- package/src/scheduler/cron-parser.test.ts +236 -0
- package/src/scheduler/cron-parser.ts +236 -0
- package/src/scheduler/index.ts +10 -0
- package/src/scheduler/scheduler.ts +443 -0
- package/src/scheduler/types.ts +71 -0
- package/src/stores/factory.ts +104 -0
- package/src/stores/file.test.ts +276 -0
- package/src/stores/file.ts +211 -0
- package/src/stores/index.ts +6 -0
- package/src/stores/memory.test.ts +238 -0
- package/src/stores/memory.ts +63 -0
- package/src/stores/postgrest.test.ts +488 -0
- package/src/stores/postgrest.ts +263 -0
- package/src/stores/stores.test.ts +197 -0
- package/src/stores/types.ts +58 -0
- package/src/sync/index.ts +16 -0
- package/src/sync/state.ts +126 -0
- package/src/sync/store.ts +139 -0
- package/src/sync/sync.test.ts +271 -0
- package/src/utils/async.ts +10 -0
- package/src/utils/file.ts +106 -0
- package/src/utils/index.ts +14 -0
- package/src/utils/logger.ts +53 -0
- package/src/utils/path.ts +47 -0
- package/src/webhook/index.ts +15 -0
- package/src/webhook/server.test.ts +253 -0
- package/src/webhook/server.ts +389 -0
- package/src/webhook/store.ts +239 -0
- package/src/webhook/types.ts +93 -0
- package/tsconfig.json +17 -0
- package/vitest.config.ts +39 -0
|
@@ -0,0 +1,339 @@
|
|
|
1
|
+
---
|
|
2
|
+
sidebar_position: 4
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
# API Key Authentication
|
|
6
|
+
|
|
7
|
+
API key authentication sends a key in either a header or query parameter. Many SaaS APIs use this method.
|
|
8
|
+
|
|
9
|
+
## Configuration
|
|
10
|
+
|
|
11
|
+
### Mission File
|
|
12
|
+
|
|
13
|
+
```vague
|
|
14
|
+
source API {
|
|
15
|
+
auth: api_key,
|
|
16
|
+
base: "https://api.example.com"
|
|
17
|
+
}
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
### Credentials File
|
|
21
|
+
|
|
22
|
+
```json
|
|
23
|
+
{
|
|
24
|
+
"API": {
|
|
25
|
+
"type": "api_key",
|
|
26
|
+
"key": "your-api-key",
|
|
27
|
+
"header": "X-API-Key"
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
## Credential Options
|
|
33
|
+
|
|
34
|
+
| Field | Required | Description |
|
|
35
|
+
|-------|----------|-------------|
|
|
36
|
+
| `type` | Yes | Must be `"api_key"` |
|
|
37
|
+
| `key` | Yes | The API key value |
|
|
38
|
+
| `header` | No* | Header name for the key |
|
|
39
|
+
| `query` | No* | Query parameter name for the key |
|
|
40
|
+
| `prefix` | No | Prefix for header value (e.g., "Bearer") |
|
|
41
|
+
|
|
42
|
+
*One of `header` or `query` is required.
|
|
43
|
+
|
|
44
|
+
## Header-Based API Key
|
|
45
|
+
|
|
46
|
+
### Standard Header
|
|
47
|
+
|
|
48
|
+
```json
|
|
49
|
+
{
|
|
50
|
+
"API": {
|
|
51
|
+
"type": "api_key",
|
|
52
|
+
"key": "your-api-key",
|
|
53
|
+
"header": "X-API-Key"
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
Request:
|
|
59
|
+
```http
|
|
60
|
+
GET /api/data HTTP/1.1
|
|
61
|
+
X-API-Key: your-api-key
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
### Authorization Header with Prefix
|
|
65
|
+
|
|
66
|
+
```json
|
|
67
|
+
{
|
|
68
|
+
"API": {
|
|
69
|
+
"type": "api_key",
|
|
70
|
+
"key": "your-api-key",
|
|
71
|
+
"header": "Authorization",
|
|
72
|
+
"prefix": "ApiKey"
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
Request:
|
|
78
|
+
```http
|
|
79
|
+
GET /api/data HTTP/1.1
|
|
80
|
+
Authorization: ApiKey your-api-key
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
### Bearer-Style API Key
|
|
84
|
+
|
|
85
|
+
Some APIs use bearer format for API keys:
|
|
86
|
+
|
|
87
|
+
```json
|
|
88
|
+
{
|
|
89
|
+
"API": {
|
|
90
|
+
"type": "api_key",
|
|
91
|
+
"key": "sk_live_xxxxx",
|
|
92
|
+
"header": "Authorization",
|
|
93
|
+
"prefix": "Bearer"
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
Request:
|
|
99
|
+
```http
|
|
100
|
+
GET /api/data HTTP/1.1
|
|
101
|
+
Authorization: Bearer sk_live_xxxxx
|
|
102
|
+
```
|
|
103
|
+
|
|
104
|
+
## Query Parameter API Key
|
|
105
|
+
|
|
106
|
+
```json
|
|
107
|
+
{
|
|
108
|
+
"API": {
|
|
109
|
+
"type": "api_key",
|
|
110
|
+
"key": "your-api-key",
|
|
111
|
+
"query": "api_key"
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
```
|
|
115
|
+
|
|
116
|
+
Request:
|
|
117
|
+
```http
|
|
118
|
+
GET /api/data?api_key=your-api-key HTTP/1.1
|
|
119
|
+
```
|
|
120
|
+
|
|
121
|
+
## Common API Examples
|
|
122
|
+
|
|
123
|
+
### SendGrid
|
|
124
|
+
|
|
125
|
+
```json
|
|
126
|
+
{
|
|
127
|
+
"SendGrid": {
|
|
128
|
+
"type": "api_key",
|
|
129
|
+
"key": "SG.xxxxxxxxxxxx",
|
|
130
|
+
"header": "Authorization",
|
|
131
|
+
"prefix": "Bearer"
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
### Mailchimp
|
|
137
|
+
|
|
138
|
+
```json
|
|
139
|
+
{
|
|
140
|
+
"Mailchimp": {
|
|
141
|
+
"type": "api_key",
|
|
142
|
+
"key": "your-api-key-us1",
|
|
143
|
+
"header": "Authorization",
|
|
144
|
+
"prefix": "apikey"
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
```
|
|
148
|
+
|
|
149
|
+
### OpenAI
|
|
150
|
+
|
|
151
|
+
```json
|
|
152
|
+
{
|
|
153
|
+
"OpenAI": {
|
|
154
|
+
"type": "api_key",
|
|
155
|
+
"key": "sk-xxxxxxxxxxxx",
|
|
156
|
+
"header": "Authorization",
|
|
157
|
+
"prefix": "Bearer"
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
```
|
|
161
|
+
|
|
162
|
+
### Google Maps
|
|
163
|
+
|
|
164
|
+
```json
|
|
165
|
+
{
|
|
166
|
+
"GoogleMaps": {
|
|
167
|
+
"type": "api_key",
|
|
168
|
+
"key": "AIzaxxxxxxxxxxxxx",
|
|
169
|
+
"query": "key"
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
```
|
|
173
|
+
|
|
174
|
+
### Custom API
|
|
175
|
+
|
|
176
|
+
```json
|
|
177
|
+
{
|
|
178
|
+
"CustomAPI": {
|
|
179
|
+
"type": "api_key",
|
|
180
|
+
"key": "your-api-key",
|
|
181
|
+
"header": "X-Custom-Auth"
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
## Environment Variables
|
|
187
|
+
|
|
188
|
+
### In Credentials
|
|
189
|
+
|
|
190
|
+
```json
|
|
191
|
+
{
|
|
192
|
+
"API": {
|
|
193
|
+
"type": "api_key",
|
|
194
|
+
"key": "${API_KEY}",
|
|
195
|
+
"header": "X-API-Key"
|
|
196
|
+
}
|
|
197
|
+
}
|
|
198
|
+
```
|
|
199
|
+
|
|
200
|
+
### In Mission
|
|
201
|
+
|
|
202
|
+
```vague
|
|
203
|
+
source API {
|
|
204
|
+
auth: api_key,
|
|
205
|
+
base: "https://api.example.com",
|
|
206
|
+
apiKey: env("API_KEY"),
|
|
207
|
+
apiKeyHeader: "X-API-Key"
|
|
208
|
+
}
|
|
209
|
+
```
|
|
210
|
+
|
|
211
|
+
## Multiple API Keys
|
|
212
|
+
|
|
213
|
+
For APIs requiring multiple keys:
|
|
214
|
+
|
|
215
|
+
```vague
|
|
216
|
+
source API {
|
|
217
|
+
auth: api_key,
|
|
218
|
+
base: "https://api.example.com",
|
|
219
|
+
headers: {
|
|
220
|
+
"X-API-Key": env("API_KEY"),
|
|
221
|
+
"X-App-ID": env("APP_ID")
|
|
222
|
+
}
|
|
223
|
+
}
|
|
224
|
+
```
|
|
225
|
+
|
|
226
|
+
Or use custom header addition:
|
|
227
|
+
|
|
228
|
+
```json
|
|
229
|
+
{
|
|
230
|
+
"API": {
|
|
231
|
+
"type": "api_key",
|
|
232
|
+
"key": "primary-key",
|
|
233
|
+
"header": "X-API-Key",
|
|
234
|
+
"additionalHeaders": {
|
|
235
|
+
"X-App-ID": "your-app-id"
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
}
|
|
239
|
+
```
|
|
240
|
+
|
|
241
|
+
## Key Rotation
|
|
242
|
+
|
|
243
|
+
### Manual Rotation
|
|
244
|
+
|
|
245
|
+
1. Generate new key in provider dashboard
|
|
246
|
+
2. Update credentials file
|
|
247
|
+
3. Run mission
|
|
248
|
+
|
|
249
|
+
### Zero-Downtime Rotation
|
|
250
|
+
|
|
251
|
+
Some APIs support multiple active keys:
|
|
252
|
+
|
|
253
|
+
```json
|
|
254
|
+
{
|
|
255
|
+
"API": {
|
|
256
|
+
"type": "api_key",
|
|
257
|
+
"key": "new-key",
|
|
258
|
+
"header": "X-API-Key"
|
|
259
|
+
}
|
|
260
|
+
}
|
|
261
|
+
```
|
|
262
|
+
|
|
263
|
+
1. Create new key (old still works)
|
|
264
|
+
2. Update credentials
|
|
265
|
+
3. Verify new key works
|
|
266
|
+
4. Revoke old key
|
|
267
|
+
|
|
268
|
+
## Error Handling
|
|
269
|
+
|
|
270
|
+
```vague
|
|
271
|
+
action FetchData {
|
|
272
|
+
get "/data"
|
|
273
|
+
|
|
274
|
+
match response {
|
|
275
|
+
{ error: "invalid_api_key" } -> abort "Invalid API key",
|
|
276
|
+
{ error: "expired_api_key" } -> abort "API key expired",
|
|
277
|
+
{ error: _, code: 401 } -> abort "Authentication failed",
|
|
278
|
+
{ error: _, code: 403 } -> abort "API key lacks permissions",
|
|
279
|
+
_ -> continue
|
|
280
|
+
}
|
|
281
|
+
}
|
|
282
|
+
```
|
|
283
|
+
|
|
284
|
+
## Security Best Practices
|
|
285
|
+
|
|
286
|
+
### Never Expose in URLs (When Possible)
|
|
287
|
+
|
|
288
|
+
Prefer header over query:
|
|
289
|
+
|
|
290
|
+
```json
|
|
291
|
+
// Better: key in header
|
|
292
|
+
{
|
|
293
|
+
"type": "api_key",
|
|
294
|
+
"key": "...",
|
|
295
|
+
"header": "X-API-Key"
|
|
296
|
+
}
|
|
297
|
+
|
|
298
|
+
// Avoid: key in URL (may be logged)
|
|
299
|
+
{
|
|
300
|
+
"type": "api_key",
|
|
301
|
+
"key": "...",
|
|
302
|
+
"query": "api_key"
|
|
303
|
+
}
|
|
304
|
+
```
|
|
305
|
+
|
|
306
|
+
### Use Environment Variables
|
|
307
|
+
|
|
308
|
+
```bash
|
|
309
|
+
export API_KEY="your-key"
|
|
310
|
+
```
|
|
311
|
+
|
|
312
|
+
### Restrict Key Permissions
|
|
313
|
+
|
|
314
|
+
Use keys with minimal required permissions.
|
|
315
|
+
|
|
316
|
+
## Troubleshooting
|
|
317
|
+
|
|
318
|
+
### "Invalid API Key"
|
|
319
|
+
|
|
320
|
+
1. Check key is correct
|
|
321
|
+
2. Check for extra whitespace
|
|
322
|
+
3. Verify key hasn't been revoked
|
|
323
|
+
|
|
324
|
+
### "Header Not Recognized"
|
|
325
|
+
|
|
326
|
+
Check the exact header name the API expects:
|
|
327
|
+
|
|
328
|
+
```json
|
|
329
|
+
// Case matters!
|
|
330
|
+
"header": "X-API-Key" // Not "x-api-key"
|
|
331
|
+
```
|
|
332
|
+
|
|
333
|
+
### Key Being Sent Wrong
|
|
334
|
+
|
|
335
|
+
Debug by checking what's being sent:
|
|
336
|
+
|
|
337
|
+
```bash
|
|
338
|
+
reqon mission.vague --verbose
|
|
339
|
+
```
|
|
@@ -0,0 +1,276 @@
|
|
|
1
|
+
---
|
|
2
|
+
sidebar_position: 5
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
# Basic Authentication
|
|
6
|
+
|
|
7
|
+
HTTP Basic Authentication sends username and password with each request, encoded in Base64. While simple, it should only be used over HTTPS.
|
|
8
|
+
|
|
9
|
+
## Configuration
|
|
10
|
+
|
|
11
|
+
### Mission File
|
|
12
|
+
|
|
13
|
+
```vague
|
|
14
|
+
source API {
|
|
15
|
+
auth: basic,
|
|
16
|
+
base: "https://api.example.com"
|
|
17
|
+
}
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
### Credentials File
|
|
21
|
+
|
|
22
|
+
```json
|
|
23
|
+
{
|
|
24
|
+
"API": {
|
|
25
|
+
"type": "basic",
|
|
26
|
+
"username": "your-username",
|
|
27
|
+
"password": "your-password"
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
## How It Works
|
|
33
|
+
|
|
34
|
+
Reqon encodes credentials and adds them to every request:
|
|
35
|
+
|
|
36
|
+
```http
|
|
37
|
+
GET /api/data HTTP/1.1
|
|
38
|
+
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
The value is `base64(username:password)`.
|
|
42
|
+
|
|
43
|
+
## Credential Options
|
|
44
|
+
|
|
45
|
+
| Field | Required | Description |
|
|
46
|
+
|-------|----------|-------------|
|
|
47
|
+
| `type` | Yes | Must be `"basic"` |
|
|
48
|
+
| `username` | Yes | The username |
|
|
49
|
+
| `password` | Yes | The password |
|
|
50
|
+
|
|
51
|
+
## Environment Variables
|
|
52
|
+
|
|
53
|
+
### In Credentials File
|
|
54
|
+
|
|
55
|
+
```json
|
|
56
|
+
{
|
|
57
|
+
"API": {
|
|
58
|
+
"type": "basic",
|
|
59
|
+
"username": "${API_USERNAME}",
|
|
60
|
+
"password": "${API_PASSWORD}"
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
```bash
|
|
66
|
+
export API_USERNAME="myuser"
|
|
67
|
+
export API_PASSWORD="mypass"
|
|
68
|
+
reqon mission.vague --auth credentials.json
|
|
69
|
+
```
|
|
70
|
+
|
|
71
|
+
### In Mission File
|
|
72
|
+
|
|
73
|
+
```vague
|
|
74
|
+
source API {
|
|
75
|
+
auth: basic,
|
|
76
|
+
base: "https://api.example.com",
|
|
77
|
+
username: env("API_USERNAME"),
|
|
78
|
+
password: env("API_PASSWORD")
|
|
79
|
+
}
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
## Common Use Cases
|
|
83
|
+
|
|
84
|
+
### Legacy Systems
|
|
85
|
+
|
|
86
|
+
```vague
|
|
87
|
+
source LegacyERP {
|
|
88
|
+
auth: basic,
|
|
89
|
+
base: "https://erp.company.com/api"
|
|
90
|
+
}
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
### JIRA (Server)
|
|
94
|
+
|
|
95
|
+
```json
|
|
96
|
+
{
|
|
97
|
+
"JIRA": {
|
|
98
|
+
"type": "basic",
|
|
99
|
+
"username": "user@company.com",
|
|
100
|
+
"password": "api-token"
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
### Bitbucket Server
|
|
106
|
+
|
|
107
|
+
```json
|
|
108
|
+
{
|
|
109
|
+
"Bitbucket": {
|
|
110
|
+
"type": "basic",
|
|
111
|
+
"username": "username",
|
|
112
|
+
"password": "app-password"
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
### Jenkins
|
|
118
|
+
|
|
119
|
+
```json
|
|
120
|
+
{
|
|
121
|
+
"Jenkins": {
|
|
122
|
+
"type": "basic",
|
|
123
|
+
"username": "admin",
|
|
124
|
+
"password": "api-token"
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
```
|
|
128
|
+
|
|
129
|
+
### Elasticsearch
|
|
130
|
+
|
|
131
|
+
```json
|
|
132
|
+
{
|
|
133
|
+
"Elasticsearch": {
|
|
134
|
+
"type": "basic",
|
|
135
|
+
"username": "elastic",
|
|
136
|
+
"password": "changeme"
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
```
|
|
140
|
+
|
|
141
|
+
## Token as Password
|
|
142
|
+
|
|
143
|
+
Many APIs use Basic auth with a token as password:
|
|
144
|
+
|
|
145
|
+
### Atlassian Cloud
|
|
146
|
+
|
|
147
|
+
```json
|
|
148
|
+
{
|
|
149
|
+
"Atlassian": {
|
|
150
|
+
"type": "basic",
|
|
151
|
+
"username": "email@example.com",
|
|
152
|
+
"password": "ATATT3xFfGF0..." // API token
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
```
|
|
156
|
+
|
|
157
|
+
### npm Registry
|
|
158
|
+
|
|
159
|
+
```json
|
|
160
|
+
{
|
|
161
|
+
"NPM": {
|
|
162
|
+
"type": "basic",
|
|
163
|
+
"username": "username",
|
|
164
|
+
"password": "npm_xxxxx" // Access token
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
## Error Handling
|
|
170
|
+
|
|
171
|
+
```vague
|
|
172
|
+
action FetchData {
|
|
173
|
+
get "/data"
|
|
174
|
+
|
|
175
|
+
match response {
|
|
176
|
+
{ error: _, code: 401 } -> abort "Invalid credentials",
|
|
177
|
+
{ error: _, code: 403 } -> abort "Access denied",
|
|
178
|
+
_ -> continue
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
```
|
|
182
|
+
|
|
183
|
+
## Security Considerations
|
|
184
|
+
|
|
185
|
+
### Always Use HTTPS
|
|
186
|
+
|
|
187
|
+
Basic auth credentials are only Base64 encoded (not encrypted):
|
|
188
|
+
|
|
189
|
+
```vague
|
|
190
|
+
// Good
|
|
191
|
+
source API {
|
|
192
|
+
auth: basic,
|
|
193
|
+
base: "https://api.example.com" // HTTPS
|
|
194
|
+
}
|
|
195
|
+
|
|
196
|
+
// DANGEROUS - credentials exposed
|
|
197
|
+
source API {
|
|
198
|
+
auth: basic,
|
|
199
|
+
base: "http://api.example.com" // HTTP
|
|
200
|
+
}
|
|
201
|
+
```
|
|
202
|
+
|
|
203
|
+
### Prefer Token-Based Auth
|
|
204
|
+
|
|
205
|
+
When available, use tokens instead:
|
|
206
|
+
|
|
207
|
+
```vague
|
|
208
|
+
// Preferred: token-based
|
|
209
|
+
source API {
|
|
210
|
+
auth: bearer,
|
|
211
|
+
base: "https://api.example.com"
|
|
212
|
+
}
|
|
213
|
+
|
|
214
|
+
// Use basic only when necessary
|
|
215
|
+
source LegacyAPI {
|
|
216
|
+
auth: basic,
|
|
217
|
+
base: "https://legacy.example.com"
|
|
218
|
+
}
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
### Use Strong Passwords
|
|
222
|
+
|
|
223
|
+
If using actual password (not token):
|
|
224
|
+
- Use a unique password for API access
|
|
225
|
+
- Enable MFA on the account if available
|
|
226
|
+
- Rotate regularly
|
|
227
|
+
|
|
228
|
+
## Credential Rotation
|
|
229
|
+
|
|
230
|
+
### Rotate Password
|
|
231
|
+
|
|
232
|
+
1. Update password in API provider
|
|
233
|
+
2. Update credentials file
|
|
234
|
+
3. Verify mission works
|
|
235
|
+
|
|
236
|
+
### Minimal Disruption
|
|
237
|
+
|
|
238
|
+
```bash
|
|
239
|
+
# Update credentials
|
|
240
|
+
echo '{"API": {"type": "basic", "username": "user", "password": "new-pass"}}' > credentials.json
|
|
241
|
+
|
|
242
|
+
# Test
|
|
243
|
+
reqon mission.vague --dry-run --auth credentials.json
|
|
244
|
+
|
|
245
|
+
# Run
|
|
246
|
+
reqon mission.vague --auth credentials.json
|
|
247
|
+
```
|
|
248
|
+
|
|
249
|
+
## Troubleshooting
|
|
250
|
+
|
|
251
|
+
### "401 Unauthorized"
|
|
252
|
+
|
|
253
|
+
1. Verify username and password
|
|
254
|
+
2. Check for typos
|
|
255
|
+
3. Ensure account has API access
|
|
256
|
+
|
|
257
|
+
### "Encoding Issues"
|
|
258
|
+
|
|
259
|
+
Check for special characters in password. They should be URL-safe or properly escaped:
|
|
260
|
+
|
|
261
|
+
```json
|
|
262
|
+
{
|
|
263
|
+
"API": {
|
|
264
|
+
"username": "user",
|
|
265
|
+
"password": "pass:word@123" // Special chars OK
|
|
266
|
+
}
|
|
267
|
+
}
|
|
268
|
+
```
|
|
269
|
+
|
|
270
|
+
### "Connection Refused"
|
|
271
|
+
|
|
272
|
+
Verify HTTPS is working:
|
|
273
|
+
|
|
274
|
+
```bash
|
|
275
|
+
curl -u "user:pass" https://api.example.com/health
|
|
276
|
+
```
|