reqon-dsl 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/settings.local.json +31 -0
- package/.claude/skills/api-integration.md +125 -0
- package/.claude/skills/database-schema.md +51 -0
- package/.claude/skills/dsl-design.md +80 -0
- package/.claude/skills/property-testing.md +143 -0
- package/.claude/skills/reqon/SKILL.md +44 -0
- package/.claude/skills/reqon/references/examples.md +206 -0
- package/.claude/skills/reqon/references/syntax.md +263 -0
- package/.claude/skills/vscode-extension.md +113 -0
- package/.github/dependabot.yml +32 -0
- package/.github/pull_request_template.md +21 -0
- package/.github/workflows/ci.yml +174 -0
- package/.github/workflows/release.yml +73 -0
- package/CLAUDE.md +72 -0
- package/CONTRIBUTING.md +161 -0
- package/README.md +235 -0
- package/TODO.md +51 -0
- package/dist/ast/index.d.ts +1 -0
- package/dist/ast/index.js +1 -0
- package/dist/ast/nodes.d.ts +237 -0
- package/dist/ast/nodes.js +12 -0
- package/dist/auth/auth.test.d.ts +1 -0
- package/dist/auth/auth.test.js +255 -0
- package/dist/auth/circuit-breaker.d.ts +115 -0
- package/dist/auth/circuit-breaker.js +267 -0
- package/dist/auth/credentials.d.ts +91 -0
- package/dist/auth/credentials.js +169 -0
- package/dist/auth/index.d.ts +5 -0
- package/dist/auth/index.js +8 -0
- package/dist/auth/oauth2-provider.d.ts +41 -0
- package/dist/auth/oauth2-provider.js +131 -0
- package/dist/auth/rate-limiter.d.ts +61 -0
- package/dist/auth/rate-limiter.js +380 -0
- package/dist/auth/token-store.d.ts +30 -0
- package/dist/auth/token-store.js +148 -0
- package/dist/auth/types.d.ts +142 -0
- package/dist/auth/types.js +1 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +270 -0
- package/dist/errors/errors.test.d.ts +1 -0
- package/dist/errors/errors.test.js +165 -0
- package/dist/errors/index.d.ts +83 -0
- package/dist/errors/index.js +159 -0
- package/dist/execution/execution.test.d.ts +1 -0
- package/dist/execution/execution.test.js +246 -0
- package/dist/execution/index.d.ts +4 -0
- package/dist/execution/index.js +2 -0
- package/dist/execution/state.d.ts +136 -0
- package/dist/execution/state.js +82 -0
- package/dist/execution/store.d.ts +52 -0
- package/dist/execution/store.js +120 -0
- package/dist/index.d.ts +27 -0
- package/dist/index.js +57 -0
- package/dist/integration.test.d.ts +1 -0
- package/dist/integration.test.js +168 -0
- package/dist/interpreter/context.d.ts +15 -0
- package/dist/interpreter/context.js +29 -0
- package/dist/interpreter/evaluator.d.ts +5 -0
- package/dist/interpreter/evaluator.js +223 -0
- package/dist/interpreter/evaluator.test.d.ts +1 -0
- package/dist/interpreter/evaluator.test.js +512 -0
- package/dist/interpreter/executor.d.ts +131 -0
- package/dist/interpreter/executor.js +663 -0
- package/dist/interpreter/fetch-handler.d.ts +43 -0
- package/dist/interpreter/fetch-handler.js +203 -0
- package/dist/interpreter/http.d.ts +57 -0
- package/dist/interpreter/http.js +210 -0
- package/dist/interpreter/http.test.d.ts +1 -0
- package/dist/interpreter/http.test.js +299 -0
- package/dist/interpreter/index.d.ts +7 -0
- package/dist/interpreter/index.js +7 -0
- package/dist/interpreter/pagination.d.ts +63 -0
- package/dist/interpreter/pagination.js +155 -0
- package/dist/interpreter/progress.test.d.ts +1 -0
- package/dist/interpreter/progress.test.js +216 -0
- package/dist/interpreter/schema-matcher.d.ts +16 -0
- package/dist/interpreter/schema-matcher.js +136 -0
- package/dist/interpreter/schema-matcher.test.d.ts +1 -0
- package/dist/interpreter/schema-matcher.test.js +122 -0
- package/dist/interpreter/signals.d.ts +57 -0
- package/dist/interpreter/signals.js +73 -0
- package/dist/interpreter/step-handlers/for-handler.d.ts +17 -0
- package/dist/interpreter/step-handlers/for-handler.js +51 -0
- package/dist/interpreter/step-handlers/index.d.ts +8 -0
- package/dist/interpreter/step-handlers/index.js +8 -0
- package/dist/interpreter/step-handlers/map-handler.d.ts +10 -0
- package/dist/interpreter/step-handlers/map-handler.js +20 -0
- package/dist/interpreter/step-handlers/match-handler.d.ts +27 -0
- package/dist/interpreter/step-handlers/match-handler.js +61 -0
- package/dist/interpreter/step-handlers/store-handler.d.ts +13 -0
- package/dist/interpreter/step-handlers/store-handler.js +66 -0
- package/dist/interpreter/step-handlers/types.d.ts +15 -0
- package/dist/interpreter/step-handlers/types.js +1 -0
- package/dist/interpreter/step-handlers/validate-handler.d.ts +10 -0
- package/dist/interpreter/step-handlers/validate-handler.js +26 -0
- package/dist/interpreter/step-handlers/webhook-handler.d.ts +36 -0
- package/dist/interpreter/step-handlers/webhook-handler.js +104 -0
- package/dist/lexer/index.d.ts +10 -0
- package/dist/lexer/index.js +12 -0
- package/dist/lexer/lexer.d.ts +24 -0
- package/dist/lexer/lexer.js +264 -0
- package/dist/lexer/lexer.test.d.ts +1 -0
- package/dist/lexer/lexer.test.js +259 -0
- package/dist/lexer/tokens.d.ts +69 -0
- package/dist/lexer/tokens.js +146 -0
- package/dist/loader/index.d.ts +36 -0
- package/dist/loader/index.js +220 -0
- package/dist/loader/loader.test.d.ts +1 -0
- package/dist/loader/loader.test.js +287 -0
- package/dist/oas/index.d.ts +4 -0
- package/dist/oas/index.js +2 -0
- package/dist/oas/loader.d.ts +21 -0
- package/dist/oas/loader.js +82 -0
- package/dist/oas/oas.test.d.ts +1 -0
- package/dist/oas/oas.test.js +218 -0
- package/dist/oas/validator.d.ts +12 -0
- package/dist/oas/validator.js +227 -0
- package/dist/parser/base.d.ts +33 -0
- package/dist/parser/base.js +97 -0
- package/dist/parser/expressions.d.ts +27 -0
- package/dist/parser/expressions.js +248 -0
- package/dist/parser/expressions.test.d.ts +1 -0
- package/dist/parser/expressions.test.js +378 -0
- package/dist/parser/index.d.ts +3 -0
- package/dist/parser/index.js +3 -0
- package/dist/parser/match.test.d.ts +1 -0
- package/dist/parser/match.test.js +254 -0
- package/dist/parser/parser.d.ts +68 -0
- package/dist/parser/parser.js +1229 -0
- package/dist/parser/parser.test.d.ts +1 -0
- package/dist/parser/parser.test.js +333 -0
- package/dist/parser/schedule.test.d.ts +1 -0
- package/dist/parser/schedule.test.js +241 -0
- package/dist/plugin.d.ts +35 -0
- package/dist/plugin.js +68 -0
- package/dist/scheduler/cron-parser.d.ts +32 -0
- package/dist/scheduler/cron-parser.js +198 -0
- package/dist/scheduler/cron-parser.test.d.ts +1 -0
- package/dist/scheduler/cron-parser.test.js +188 -0
- package/dist/scheduler/index.d.ts +3 -0
- package/dist/scheduler/index.js +2 -0
- package/dist/scheduler/scheduler.d.ts +81 -0
- package/dist/scheduler/scheduler.js +376 -0
- package/dist/scheduler/types.d.ts +65 -0
- package/dist/scheduler/types.js +1 -0
- package/dist/stores/factory.d.ts +36 -0
- package/dist/stores/factory.js +73 -0
- package/dist/stores/file.d.ts +60 -0
- package/dist/stores/file.js +173 -0
- package/dist/stores/file.test.d.ts +1 -0
- package/dist/stores/file.test.js +165 -0
- package/dist/stores/index.d.ts +6 -0
- package/dist/stores/index.js +5 -0
- package/dist/stores/memory.d.ts +19 -0
- package/dist/stores/memory.js +51 -0
- package/dist/stores/memory.test.d.ts +1 -0
- package/dist/stores/memory.test.js +157 -0
- package/dist/stores/postgrest.d.ts +55 -0
- package/dist/stores/postgrest.js +217 -0
- package/dist/stores/stores.test.d.ts +1 -0
- package/dist/stores/stores.test.js +158 -0
- package/dist/stores/types.d.ts +31 -0
- package/dist/stores/types.js +26 -0
- package/dist/sync/index.d.ts +4 -0
- package/dist/sync/index.js +2 -0
- package/dist/sync/state.d.ts +69 -0
- package/dist/sync/state.js +66 -0
- package/dist/sync/store.d.ts +49 -0
- package/dist/sync/store.js +93 -0
- package/dist/sync/sync.test.d.ts +1 -0
- package/dist/sync/sync.test.js +221 -0
- package/dist/utils/async.d.ts +7 -0
- package/dist/utils/async.js +9 -0
- package/dist/utils/file.d.ts +38 -0
- package/dist/utils/file.js +92 -0
- package/dist/utils/index.d.ts +4 -0
- package/dist/utils/index.js +4 -0
- package/dist/utils/logger.d.ts +34 -0
- package/dist/utils/logger.js +39 -0
- package/dist/utils/path.d.ts +12 -0
- package/dist/utils/path.js +41 -0
- package/dist/webhook/index.d.ts +8 -0
- package/dist/webhook/index.js +7 -0
- package/dist/webhook/server.d.ts +84 -0
- package/dist/webhook/server.js +319 -0
- package/dist/webhook/store.d.ts +67 -0
- package/dist/webhook/store.js +193 -0
- package/dist/webhook/types.d.ts +88 -0
- package/dist/webhook/types.js +6 -0
- package/docusaurus/README.md +41 -0
- package/docusaurus/docs/advanced/execution-state.md +283 -0
- package/docusaurus/docs/advanced/extending-reqon.md +388 -0
- package/docusaurus/docs/advanced/multi-file-missions.md +250 -0
- package/docusaurus/docs/advanced/parallel-execution.md +353 -0
- package/docusaurus/docs/api-reference.md +443 -0
- package/docusaurus/docs/authentication/api-key.md +339 -0
- package/docusaurus/docs/authentication/basic.md +276 -0
- package/docusaurus/docs/authentication/bearer.md +282 -0
- package/docusaurus/docs/authentication/oauth2.md +317 -0
- package/docusaurus/docs/authentication/overview.md +251 -0
- package/docusaurus/docs/cli.md +229 -0
- package/docusaurus/docs/core-concepts/actions.md +286 -0
- package/docusaurus/docs/core-concepts/missions.md +264 -0
- package/docusaurus/docs/core-concepts/schemas.md +353 -0
- package/docusaurus/docs/core-concepts/sources.md +339 -0
- package/docusaurus/docs/core-concepts/stores.md +332 -0
- package/docusaurus/docs/dsl-syntax/expressions.md +361 -0
- package/docusaurus/docs/dsl-syntax/fetch.md +293 -0
- package/docusaurus/docs/dsl-syntax/for-loops.md +324 -0
- package/docusaurus/docs/dsl-syntax/map.md +345 -0
- package/docusaurus/docs/dsl-syntax/match.md +387 -0
- package/docusaurus/docs/dsl-syntax/pipelines.md +397 -0
- package/docusaurus/docs/dsl-syntax/validate.md +401 -0
- package/docusaurus/docs/error-handling/dead-letter-queues.md +399 -0
- package/docusaurus/docs/error-handling/flow-control.md +337 -0
- package/docusaurus/docs/error-handling/retry-strategies.md +368 -0
- package/docusaurus/docs/examples.md +488 -0
- package/docusaurus/docs/getting-started.md +256 -0
- package/docusaurus/docs/http/circuit-breaker.md +401 -0
- package/docusaurus/docs/http/incremental-sync.md +394 -0
- package/docusaurus/docs/http/pagination.md +361 -0
- package/docusaurus/docs/http/rate-limiting.md +383 -0
- package/docusaurus/docs/http/requests.md +328 -0
- package/docusaurus/docs/http/retry.md +402 -0
- package/docusaurus/docs/intro.md +90 -0
- package/docusaurus/docs/openapi/loading-specs.md +305 -0
- package/docusaurus/docs/openapi/operation-calls.md +314 -0
- package/docusaurus/docs/openapi/overview.md +212 -0
- package/docusaurus/docs/openapi/response-validation.md +344 -0
- package/docusaurus/docs/scheduling/cron.md +305 -0
- package/docusaurus/docs/scheduling/daemon-mode.md +317 -0
- package/docusaurus/docs/scheduling/intervals.md +289 -0
- package/docusaurus/docs/scheduling/overview.md +231 -0
- package/docusaurus/docs/stores/custom-adapters.md +376 -0
- package/docusaurus/docs/stores/file.md +236 -0
- package/docusaurus/docs/stores/memory.md +193 -0
- package/docusaurus/docs/stores/overview.md +274 -0
- package/docusaurus/docs/stores/postgrest.md +316 -0
- package/docusaurus/docusaurus.config.ts +148 -0
- package/docusaurus/package-lock.json +18029 -0
- package/docusaurus/package.json +47 -0
- package/docusaurus/sidebars.ts +155 -0
- package/docusaurus/src/components/HomepageFeatures/index.tsx +105 -0
- package/docusaurus/src/components/HomepageFeatures/styles.module.css +12 -0
- package/docusaurus/src/css/custom.css +169 -0
- package/docusaurus/src/pages/index.module.css +48 -0
- package/docusaurus/src/pages/index.tsx +110 -0
- package/docusaurus/src/pages/markdown-page.md +7 -0
- package/docusaurus/static/.nojekyll +0 -0
- package/docusaurus/static/img/docusaurus-social-card.jpg +0 -0
- package/docusaurus/static/img/docusaurus.png +0 -0
- package/docusaurus/static/img/favicon.ico +0 -0
- package/docusaurus/static/img/logo.svg +10 -0
- package/docusaurus/static/img/undraw_docusaurus_mountain.svg +171 -0
- package/docusaurus/static/img/undraw_docusaurus_react.svg +170 -0
- package/docusaurus/static/img/undraw_docusaurus_tree.svg +40 -0
- package/docusaurus/tsconfig.json +8 -0
- package/examples/README.md +112 -0
- package/examples/error-handling/README.md +150 -0
- package/examples/error-handling/payment-processor.vague +287 -0
- package/examples/github-sync/README.md +74 -0
- package/examples/github-sync/fetch-issues.vague +47 -0
- package/examples/github-sync/fetch-prs.vague +40 -0
- package/examples/github-sync/mission.vague +101 -0
- package/examples/github-sync/normalize.vague +70 -0
- package/examples/jsonplaceholder/README.md +28 -0
- package/examples/jsonplaceholder/posts.vague +48 -0
- package/examples/petstore/README.md +35 -0
- package/examples/petstore/openapi.yaml +97 -0
- package/examples/petstore/sync.vague +52 -0
- package/examples/temporal-comparison/README.md +297 -0
- package/examples/temporal-comparison/reconciliation.vague +355 -0
- package/examples/temporal-comparison/temporal/activities/index.ts +8 -0
- package/examples/temporal-comparison/temporal/activities/shipstation.ts +225 -0
- package/examples/temporal-comparison/temporal/activities/shopify.ts +257 -0
- package/examples/temporal-comparison/temporal/activities/storage.ts +198 -0
- package/examples/temporal-comparison/temporal/activities/stripe.ts +169 -0
- package/examples/temporal-comparison/temporal/activities/validation.ts +205 -0
- package/examples/temporal-comparison/temporal/client/schedule.ts +218 -0
- package/examples/temporal-comparison/temporal/config/retry.ts +63 -0
- package/examples/temporal-comparison/temporal/types/index.ts +129 -0
- package/examples/temporal-comparison/temporal/workers/main.ts +130 -0
- package/examples/temporal-comparison/temporal/workflows/orderReconciliation.ts +262 -0
- package/examples/xero/README.md +88 -0
- package/examples/xero/invoices.vague +189 -0
- package/package.json +40 -0
- package/src/api-integration.test.ts +954 -0
- package/src/ast/index.ts +1 -0
- package/src/ast/nodes.ts +310 -0
- package/src/auth/auth.test.ts +326 -0
- package/src/auth/circuit-breaker.test.ts +390 -0
- package/src/auth/circuit-breaker.ts +379 -0
- package/src/auth/credentials.test.ts +273 -0
- package/src/auth/credentials.ts +246 -0
- package/src/auth/index.ts +40 -0
- package/src/auth/oauth2-provider.ts +177 -0
- package/src/auth/rate-limiter.ts +459 -0
- package/src/auth/token-store.ts +177 -0
- package/src/auth/types.ts +159 -0
- package/src/benchmark/e2e.bench.ts +288 -0
- package/src/benchmark/evaluator.bench.ts +331 -0
- package/src/benchmark/fixtures.ts +295 -0
- package/src/benchmark/index.ts +108 -0
- package/src/benchmark/lexer.bench.ts +69 -0
- package/src/benchmark/parser.bench.ts +103 -0
- package/src/benchmark/resilience.bench.ts +193 -0
- package/src/benchmark/store.bench.ts +147 -0
- package/src/benchmark/utils.ts +230 -0
- package/src/cli.ts +313 -0
- package/src/errors/errors.test.ts +234 -0
- package/src/errors/index.ts +223 -0
- package/src/execution/execution.test.ts +307 -0
- package/src/execution/index.ts +21 -0
- package/src/execution/state.ts +207 -0
- package/src/execution/store.ts +188 -0
- package/src/index.ts +169 -0
- package/src/integration.test.ts +192 -0
- package/src/interpreter/context.ts +57 -0
- package/src/interpreter/evaluator.test.ts +796 -0
- package/src/interpreter/evaluator.ts +245 -0
- package/src/interpreter/executor.ts +946 -0
- package/src/interpreter/fetch-handler.ts +302 -0
- package/src/interpreter/http.test.ts +423 -0
- package/src/interpreter/http.ts +308 -0
- package/src/interpreter/index.ts +32 -0
- package/src/interpreter/pagination.ts +207 -0
- package/src/interpreter/progress.test.ts +276 -0
- package/src/interpreter/schema-matcher.test.ts +160 -0
- package/src/interpreter/schema-matcher.ts +168 -0
- package/src/interpreter/signals.ts +73 -0
- package/src/interpreter/step-handlers/for-handler.ts +65 -0
- package/src/interpreter/step-handlers/index.ts +17 -0
- package/src/interpreter/step-handlers/map-handler.ts +24 -0
- package/src/interpreter/step-handlers/match-handler.ts +101 -0
- package/src/interpreter/step-handlers/store-handler.ts +78 -0
- package/src/interpreter/step-handlers/types.ts +17 -0
- package/src/interpreter/step-handlers/validate-handler.ts +30 -0
- package/src/interpreter/step-handlers/webhook-handler.ts +142 -0
- package/src/lexer/index.ts +18 -0
- package/src/lexer/lexer.test.ts +316 -0
- package/src/lexer/tokens.ts +179 -0
- package/src/loader/index.ts +288 -0
- package/src/loader/loader.test.ts +360 -0
- package/src/oas/index.ts +4 -0
- package/src/oas/loader.ts +126 -0
- package/src/oas/oas.test.ts +254 -0
- package/src/oas/validator.ts +299 -0
- package/src/parser/base.ts +124 -0
- package/src/parser/expressions.test.ts +525 -0
- package/src/parser/expressions.ts +314 -0
- package/src/parser/index.ts +3 -0
- package/src/parser/match.test.ts +296 -0
- package/src/parser/parser.test.ts +739 -0
- package/src/parser/parser.ts +1469 -0
- package/src/parser/schedule.test.ts +287 -0
- package/src/parser/webhook.test.ts +248 -0
- package/src/plugin.ts +83 -0
- package/src/scheduler/cron-parser.test.ts +236 -0
- package/src/scheduler/cron-parser.ts +236 -0
- package/src/scheduler/index.ts +10 -0
- package/src/scheduler/scheduler.ts +443 -0
- package/src/scheduler/types.ts +71 -0
- package/src/stores/factory.ts +104 -0
- package/src/stores/file.test.ts +276 -0
- package/src/stores/file.ts +211 -0
- package/src/stores/index.ts +6 -0
- package/src/stores/memory.test.ts +238 -0
- package/src/stores/memory.ts +63 -0
- package/src/stores/postgrest.test.ts +488 -0
- package/src/stores/postgrest.ts +263 -0
- package/src/stores/stores.test.ts +197 -0
- package/src/stores/types.ts +58 -0
- package/src/sync/index.ts +16 -0
- package/src/sync/state.ts +126 -0
- package/src/sync/store.ts +139 -0
- package/src/sync/sync.test.ts +271 -0
- package/src/utils/async.ts +10 -0
- package/src/utils/file.ts +106 -0
- package/src/utils/index.ts +14 -0
- package/src/utils/logger.ts +53 -0
- package/src/utils/path.ts +47 -0
- package/src/webhook/index.ts +15 -0
- package/src/webhook/server.test.ts +253 -0
- package/src/webhook/server.ts +389 -0
- package/src/webhook/store.ts +239 -0
- package/src/webhook/types.ts +93 -0
- package/tsconfig.json +17 -0
- package/vitest.config.ts +39 -0
|
@@ -0,0 +1,282 @@
|
|
|
1
|
+
---
|
|
2
|
+
sidebar_position: 3
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
# Bearer Token Authentication
|
|
6
|
+
|
|
7
|
+
Bearer token authentication is the most common auth method for REST APIs. The token is sent in the `Authorization` header with each request.
|
|
8
|
+
|
|
9
|
+
## Configuration
|
|
10
|
+
|
|
11
|
+
### Mission File
|
|
12
|
+
|
|
13
|
+
```vague
|
|
14
|
+
source API {
|
|
15
|
+
auth: bearer,
|
|
16
|
+
base: "https://api.example.com"
|
|
17
|
+
}
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
### Credentials File
|
|
21
|
+
|
|
22
|
+
```json
|
|
23
|
+
{
|
|
24
|
+
"API": {
|
|
25
|
+
"type": "bearer",
|
|
26
|
+
"token": "your-api-token"
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
## How It Works
|
|
32
|
+
|
|
33
|
+
Reqon adds the token to every request:
|
|
34
|
+
|
|
35
|
+
```http
|
|
36
|
+
GET /api/users HTTP/1.1
|
|
37
|
+
Host: api.example.com
|
|
38
|
+
Authorization: Bearer your-api-token
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
## Credential Options
|
|
42
|
+
|
|
43
|
+
| Field | Required | Description |
|
|
44
|
+
|-------|----------|-------------|
|
|
45
|
+
| `type` | Yes | Must be `"bearer"` |
|
|
46
|
+
| `token` | Yes | The bearer token |
|
|
47
|
+
|
|
48
|
+
## Environment Variables
|
|
49
|
+
|
|
50
|
+
### In Credentials File
|
|
51
|
+
|
|
52
|
+
```json
|
|
53
|
+
{
|
|
54
|
+
"API": {
|
|
55
|
+
"type": "bearer",
|
|
56
|
+
"token": "${API_TOKEN}"
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
Then set the environment variable:
|
|
62
|
+
|
|
63
|
+
```bash
|
|
64
|
+
export API_TOKEN="your-token"
|
|
65
|
+
reqon mission.vague --auth credentials.json
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
### In Mission File
|
|
69
|
+
|
|
70
|
+
```vague
|
|
71
|
+
source API {
|
|
72
|
+
auth: bearer,
|
|
73
|
+
base: "https://api.example.com",
|
|
74
|
+
token: env("API_TOKEN")
|
|
75
|
+
}
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
## Common Use Cases
|
|
79
|
+
|
|
80
|
+
### GitHub API
|
|
81
|
+
|
|
82
|
+
```vague
|
|
83
|
+
source GitHub {
|
|
84
|
+
auth: bearer,
|
|
85
|
+
base: "https://api.github.com"
|
|
86
|
+
}
|
|
87
|
+
```
|
|
88
|
+
|
|
89
|
+
```json
|
|
90
|
+
{
|
|
91
|
+
"GitHub": {
|
|
92
|
+
"type": "bearer",
|
|
93
|
+
"token": "ghp_xxxxxxxxxxxxxxxxxxxx"
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
### Stripe API
|
|
99
|
+
|
|
100
|
+
```vague
|
|
101
|
+
source Stripe {
|
|
102
|
+
auth: bearer,
|
|
103
|
+
base: "https://api.stripe.com/v1"
|
|
104
|
+
}
|
|
105
|
+
```
|
|
106
|
+
|
|
107
|
+
```json
|
|
108
|
+
{
|
|
109
|
+
"Stripe": {
|
|
110
|
+
"type": "bearer",
|
|
111
|
+
"token": "sk_live_xxxxxxxxxxxxxxxxxxxx"
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
```
|
|
115
|
+
|
|
116
|
+
### Custom API
|
|
117
|
+
|
|
118
|
+
```vague
|
|
119
|
+
source CustomAPI {
|
|
120
|
+
auth: bearer,
|
|
121
|
+
base: "https://api.mycompany.com/v1"
|
|
122
|
+
}
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
```json
|
|
126
|
+
{
|
|
127
|
+
"CustomAPI": {
|
|
128
|
+
"type": "bearer",
|
|
129
|
+
"token": "your-custom-token"
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
```
|
|
133
|
+
|
|
134
|
+
## Token Rotation
|
|
135
|
+
|
|
136
|
+
### Manual Rotation
|
|
137
|
+
|
|
138
|
+
1. Generate new token in API provider
|
|
139
|
+
2. Update credentials file
|
|
140
|
+
3. Run mission
|
|
141
|
+
|
|
142
|
+
### Programmatic Rotation
|
|
143
|
+
|
|
144
|
+
```typescript
|
|
145
|
+
import { execute } from 'reqon';
|
|
146
|
+
|
|
147
|
+
const token = await fetchNewToken(); // Your logic
|
|
148
|
+
|
|
149
|
+
await execute(source, {
|
|
150
|
+
auth: {
|
|
151
|
+
API: {
|
|
152
|
+
type: 'bearer',
|
|
153
|
+
token
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
});
|
|
157
|
+
```
|
|
158
|
+
|
|
159
|
+
## Handling Expiration
|
|
160
|
+
|
|
161
|
+
Bearer tokens may expire. Handle with match:
|
|
162
|
+
|
|
163
|
+
```vague
|
|
164
|
+
action FetchData {
|
|
165
|
+
get "/data"
|
|
166
|
+
|
|
167
|
+
match response {
|
|
168
|
+
{ error: _, code: 401 } -> abort "Token expired - please update credentials",
|
|
169
|
+
_ -> continue
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
```
|
|
173
|
+
|
|
174
|
+
Or with token refresh:
|
|
175
|
+
|
|
176
|
+
```vague
|
|
177
|
+
action FetchData {
|
|
178
|
+
get "/data"
|
|
179
|
+
|
|
180
|
+
match response {
|
|
181
|
+
{ error: _, code: 401 } -> jump RefreshToken then retry,
|
|
182
|
+
_ -> continue
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
|
|
186
|
+
action RefreshToken {
|
|
187
|
+
post "/auth/token" {
|
|
188
|
+
body: { apiKey: env("API_KEY") }
|
|
189
|
+
}
|
|
190
|
+
// Response contains new token
|
|
191
|
+
}
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
## Multiple Tokens
|
|
195
|
+
|
|
196
|
+
For APIs requiring different tokens per endpoint:
|
|
197
|
+
|
|
198
|
+
```vague
|
|
199
|
+
source ReadAPI {
|
|
200
|
+
auth: bearer,
|
|
201
|
+
base: "https://api.example.com"
|
|
202
|
+
}
|
|
203
|
+
|
|
204
|
+
source WriteAPI {
|
|
205
|
+
auth: bearer,
|
|
206
|
+
base: "https://api.example.com"
|
|
207
|
+
}
|
|
208
|
+
```
|
|
209
|
+
|
|
210
|
+
```json
|
|
211
|
+
{
|
|
212
|
+
"ReadAPI": {
|
|
213
|
+
"type": "bearer",
|
|
214
|
+
"token": "read-only-token"
|
|
215
|
+
},
|
|
216
|
+
"WriteAPI": {
|
|
217
|
+
"type": "bearer",
|
|
218
|
+
"token": "write-token"
|
|
219
|
+
}
|
|
220
|
+
}
|
|
221
|
+
```
|
|
222
|
+
|
|
223
|
+
## Security Best Practices
|
|
224
|
+
|
|
225
|
+
### Store Tokens Securely
|
|
226
|
+
|
|
227
|
+
```bash
|
|
228
|
+
# Never commit tokens
|
|
229
|
+
echo "credentials.json" >> .gitignore
|
|
230
|
+
```
|
|
231
|
+
|
|
232
|
+
### Use Environment Variables
|
|
233
|
+
|
|
234
|
+
```bash
|
|
235
|
+
export API_TOKEN=$(cat ~/.secrets/api-token)
|
|
236
|
+
```
|
|
237
|
+
|
|
238
|
+
### Rotate Regularly
|
|
239
|
+
|
|
240
|
+
Set up periodic token rotation in your CI/CD pipeline.
|
|
241
|
+
|
|
242
|
+
### Use Minimal Scopes
|
|
243
|
+
|
|
244
|
+
If the API supports scoped tokens, use the minimum required permissions.
|
|
245
|
+
|
|
246
|
+
## Troubleshooting
|
|
247
|
+
|
|
248
|
+
### "401 Unauthorized"
|
|
249
|
+
|
|
250
|
+
1. Check token is correct
|
|
251
|
+
2. Check token hasn't expired
|
|
252
|
+
3. Verify token has required permissions
|
|
253
|
+
|
|
254
|
+
### "Invalid token format"
|
|
255
|
+
|
|
256
|
+
Ensure token doesn't have extra whitespace:
|
|
257
|
+
|
|
258
|
+
```json
|
|
259
|
+
{
|
|
260
|
+
"API": {
|
|
261
|
+
"type": "bearer",
|
|
262
|
+
"token": "your-token" // No leading/trailing spaces
|
|
263
|
+
}
|
|
264
|
+
}
|
|
265
|
+
```
|
|
266
|
+
|
|
267
|
+
### Token Not Being Sent
|
|
268
|
+
|
|
269
|
+
Verify source name matches:
|
|
270
|
+
|
|
271
|
+
```vague
|
|
272
|
+
source MyAPI { auth: bearer } // Name: MyAPI
|
|
273
|
+
```
|
|
274
|
+
|
|
275
|
+
```json
|
|
276
|
+
{
|
|
277
|
+
"MyAPI": { // Must match exactly
|
|
278
|
+
"type": "bearer",
|
|
279
|
+
"token": "..."
|
|
280
|
+
}
|
|
281
|
+
}
|
|
282
|
+
```
|
|
@@ -0,0 +1,317 @@
|
|
|
1
|
+
---
|
|
2
|
+
sidebar_position: 2
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
# OAuth 2.0 Authentication
|
|
6
|
+
|
|
7
|
+
OAuth 2.0 is the industry standard for API authentication, used by most enterprise APIs. Reqon supports OAuth 2.0 with automatic token refresh.
|
|
8
|
+
|
|
9
|
+
## Configuration
|
|
10
|
+
|
|
11
|
+
### Mission File
|
|
12
|
+
|
|
13
|
+
```vague
|
|
14
|
+
source Xero {
|
|
15
|
+
auth: oauth2,
|
|
16
|
+
base: "https://api.xero.com/api.xro/2.0"
|
|
17
|
+
}
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
### Credentials File
|
|
21
|
+
|
|
22
|
+
```json
|
|
23
|
+
{
|
|
24
|
+
"Xero": {
|
|
25
|
+
"type": "oauth2",
|
|
26
|
+
"clientId": "your-client-id",
|
|
27
|
+
"clientSecret": "your-client-secret",
|
|
28
|
+
"accessToken": "current-access-token",
|
|
29
|
+
"refreshToken": "current-refresh-token",
|
|
30
|
+
"tokenUrl": "https://identity.xero.com/connect/token",
|
|
31
|
+
"scopes": ["accounting.transactions.read", "accounting.contacts.read"],
|
|
32
|
+
"expiresAt": "2024-01-20T10:30:00Z"
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
## Credential Options
|
|
38
|
+
|
|
39
|
+
| Field | Required | Description |
|
|
40
|
+
|-------|----------|-------------|
|
|
41
|
+
| `type` | Yes | Must be `"oauth2"` |
|
|
42
|
+
| `clientId` | Yes | OAuth client ID |
|
|
43
|
+
| `clientSecret` | Yes | OAuth client secret |
|
|
44
|
+
| `accessToken` | Yes | Current access token |
|
|
45
|
+
| `refreshToken` | Yes | Token used to get new access tokens |
|
|
46
|
+
| `tokenUrl` | Yes | Token endpoint URL |
|
|
47
|
+
| `scopes` | No | Requested scopes |
|
|
48
|
+
| `expiresAt` | No | When current token expires |
|
|
49
|
+
|
|
50
|
+
## Token Refresh
|
|
51
|
+
|
|
52
|
+
### Automatic Refresh
|
|
53
|
+
|
|
54
|
+
When `expiresAt` is set and token expires, Reqon automatically:
|
|
55
|
+
|
|
56
|
+
1. Calls `tokenUrl` with refresh token
|
|
57
|
+
2. Updates access token
|
|
58
|
+
3. Retries the failed request
|
|
59
|
+
|
|
60
|
+
```json
|
|
61
|
+
{
|
|
62
|
+
"Xero": {
|
|
63
|
+
"type": "oauth2",
|
|
64
|
+
"clientId": "...",
|
|
65
|
+
"clientSecret": "...",
|
|
66
|
+
"accessToken": "old-token",
|
|
67
|
+
"refreshToken": "refresh-token",
|
|
68
|
+
"tokenUrl": "https://identity.xero.com/connect/token",
|
|
69
|
+
"expiresAt": "2024-01-20T10:30:00Z"
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
```
|
|
73
|
+
|
|
74
|
+
### On 401 Response
|
|
75
|
+
|
|
76
|
+
Even without `expiresAt`, Reqon refreshes on 401:
|
|
77
|
+
|
|
78
|
+
```vague
|
|
79
|
+
action FetchData {
|
|
80
|
+
get "/data"
|
|
81
|
+
// If 401, automatic refresh attempt
|
|
82
|
+
}
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
### Manual Refresh Pattern
|
|
86
|
+
|
|
87
|
+
For non-standard APIs:
|
|
88
|
+
|
|
89
|
+
```vague
|
|
90
|
+
action FetchData {
|
|
91
|
+
get "/data"
|
|
92
|
+
|
|
93
|
+
match response {
|
|
94
|
+
{ error: _, code: 401 } -> jump RefreshToken then retry,
|
|
95
|
+
_ -> continue
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
action RefreshToken {
|
|
100
|
+
post "/oauth/token" {
|
|
101
|
+
headers: {
|
|
102
|
+
"Content-Type": "application/x-www-form-urlencoded"
|
|
103
|
+
},
|
|
104
|
+
body: {
|
|
105
|
+
grant_type: "refresh_token",
|
|
106
|
+
refresh_token: env("REFRESH_TOKEN"),
|
|
107
|
+
client_id: env("CLIENT_ID"),
|
|
108
|
+
client_secret: env("CLIENT_SECRET")
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
// Store new tokens
|
|
113
|
+
store {
|
|
114
|
+
accessToken: response.access_token,
|
|
115
|
+
refreshToken: response.refresh_token
|
|
116
|
+
} -> tokens
|
|
117
|
+
}
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
## Common OAuth2 Providers
|
|
121
|
+
|
|
122
|
+
### Xero
|
|
123
|
+
|
|
124
|
+
```json
|
|
125
|
+
{
|
|
126
|
+
"Xero": {
|
|
127
|
+
"type": "oauth2",
|
|
128
|
+
"clientId": "your-client-id",
|
|
129
|
+
"clientSecret": "your-client-secret",
|
|
130
|
+
"accessToken": "...",
|
|
131
|
+
"refreshToken": "...",
|
|
132
|
+
"tokenUrl": "https://identity.xero.com/connect/token"
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
```
|
|
136
|
+
|
|
137
|
+
### QuickBooks
|
|
138
|
+
|
|
139
|
+
```json
|
|
140
|
+
{
|
|
141
|
+
"QuickBooks": {
|
|
142
|
+
"type": "oauth2",
|
|
143
|
+
"clientId": "your-client-id",
|
|
144
|
+
"clientSecret": "your-client-secret",
|
|
145
|
+
"accessToken": "...",
|
|
146
|
+
"refreshToken": "...",
|
|
147
|
+
"tokenUrl": "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer"
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
```
|
|
151
|
+
|
|
152
|
+
### Salesforce
|
|
153
|
+
|
|
154
|
+
```json
|
|
155
|
+
{
|
|
156
|
+
"Salesforce": {
|
|
157
|
+
"type": "oauth2",
|
|
158
|
+
"clientId": "your-client-id",
|
|
159
|
+
"clientSecret": "your-client-secret",
|
|
160
|
+
"accessToken": "...",
|
|
161
|
+
"refreshToken": "...",
|
|
162
|
+
"tokenUrl": "https://login.salesforce.com/services/oauth2/token"
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
```
|
|
166
|
+
|
|
167
|
+
### Google APIs
|
|
168
|
+
|
|
169
|
+
```json
|
|
170
|
+
{
|
|
171
|
+
"Google": {
|
|
172
|
+
"type": "oauth2",
|
|
173
|
+
"clientId": "your-client-id.apps.googleusercontent.com",
|
|
174
|
+
"clientSecret": "your-client-secret",
|
|
175
|
+
"accessToken": "...",
|
|
176
|
+
"refreshToken": "...",
|
|
177
|
+
"tokenUrl": "https://oauth2.googleapis.com/token"
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
```
|
|
181
|
+
|
|
182
|
+
### Microsoft Graph
|
|
183
|
+
|
|
184
|
+
```json
|
|
185
|
+
{
|
|
186
|
+
"Microsoft": {
|
|
187
|
+
"type": "oauth2",
|
|
188
|
+
"clientId": "your-client-id",
|
|
189
|
+
"clientSecret": "your-client-secret",
|
|
190
|
+
"accessToken": "...",
|
|
191
|
+
"refreshToken": "...",
|
|
192
|
+
"tokenUrl": "https://login.microsoftonline.com/common/oauth2/v2.0/token"
|
|
193
|
+
}
|
|
194
|
+
}
|
|
195
|
+
```
|
|
196
|
+
|
|
197
|
+
## Token Storage
|
|
198
|
+
|
|
199
|
+
### File-Based (Development)
|
|
200
|
+
|
|
201
|
+
Tokens are stored in the credentials file. Reqon updates them after refresh.
|
|
202
|
+
|
|
203
|
+
### Secure Storage (Production)
|
|
204
|
+
|
|
205
|
+
For production, use secure storage:
|
|
206
|
+
|
|
207
|
+
```typescript
|
|
208
|
+
import { execute } from 'reqon';
|
|
209
|
+
import { getSecureTokens, saveSecureTokens } from './secure-storage';
|
|
210
|
+
|
|
211
|
+
const tokens = await getSecureTokens('Xero');
|
|
212
|
+
|
|
213
|
+
const result = await execute(source, {
|
|
214
|
+
auth: {
|
|
215
|
+
Xero: {
|
|
216
|
+
type: 'oauth2',
|
|
217
|
+
...tokens
|
|
218
|
+
}
|
|
219
|
+
},
|
|
220
|
+
onTokenRefresh: async (source, newTokens) => {
|
|
221
|
+
await saveSecureTokens(source, newTokens);
|
|
222
|
+
}
|
|
223
|
+
});
|
|
224
|
+
```
|
|
225
|
+
|
|
226
|
+
## Scopes
|
|
227
|
+
|
|
228
|
+
Request specific scopes:
|
|
229
|
+
|
|
230
|
+
```json
|
|
231
|
+
{
|
|
232
|
+
"API": {
|
|
233
|
+
"type": "oauth2",
|
|
234
|
+
"scopes": [
|
|
235
|
+
"read:users",
|
|
236
|
+
"write:users",
|
|
237
|
+
"read:orders"
|
|
238
|
+
]
|
|
239
|
+
}
|
|
240
|
+
}
|
|
241
|
+
```
|
|
242
|
+
|
|
243
|
+
## Additional Headers
|
|
244
|
+
|
|
245
|
+
Some APIs require extra headers:
|
|
246
|
+
|
|
247
|
+
```vague
|
|
248
|
+
source API {
|
|
249
|
+
auth: oauth2,
|
|
250
|
+
base: "https://api.example.com",
|
|
251
|
+
headers: {
|
|
252
|
+
"Xero-Tenant-Id": env("XERO_TENANT_ID")
|
|
253
|
+
}
|
|
254
|
+
}
|
|
255
|
+
```
|
|
256
|
+
|
|
257
|
+
## Handling Multi-Tenant
|
|
258
|
+
|
|
259
|
+
For APIs like Xero with multiple organizations:
|
|
260
|
+
|
|
261
|
+
```vague
|
|
262
|
+
mission XeroSync {
|
|
263
|
+
source Xero {
|
|
264
|
+
auth: oauth2,
|
|
265
|
+
base: "https://api.xero.com/api.xro/2.0",
|
|
266
|
+
headers: {
|
|
267
|
+
"Xero-Tenant-Id": env("XERO_TENANT_ID")
|
|
268
|
+
}
|
|
269
|
+
}
|
|
270
|
+
}
|
|
271
|
+
```
|
|
272
|
+
|
|
273
|
+
Or iterate over tenants:
|
|
274
|
+
|
|
275
|
+
```vague
|
|
276
|
+
action SyncAllTenants {
|
|
277
|
+
get "/connections"
|
|
278
|
+
|
|
279
|
+
for tenant in response {
|
|
280
|
+
// Each tenant request
|
|
281
|
+
get concat("/", tenant.tenantId, "/invoices") {
|
|
282
|
+
headers: { "Xero-Tenant-Id": tenant.tenantId }
|
|
283
|
+
}
|
|
284
|
+
}
|
|
285
|
+
}
|
|
286
|
+
```
|
|
287
|
+
|
|
288
|
+
## Troubleshooting
|
|
289
|
+
|
|
290
|
+
### "invalid_grant" Error
|
|
291
|
+
|
|
292
|
+
Refresh token is invalid or expired. Re-authenticate:
|
|
293
|
+
|
|
294
|
+
1. Go through OAuth flow again
|
|
295
|
+
2. Get new access and refresh tokens
|
|
296
|
+
3. Update credentials file
|
|
297
|
+
|
|
298
|
+
### "Token expired" but No Refresh
|
|
299
|
+
|
|
300
|
+
Ensure `refreshToken` and `tokenUrl` are set:
|
|
301
|
+
|
|
302
|
+
```json
|
|
303
|
+
{
|
|
304
|
+
"API": {
|
|
305
|
+
"refreshToken": "must-be-present",
|
|
306
|
+
"tokenUrl": "must-be-present"
|
|
307
|
+
}
|
|
308
|
+
}
|
|
309
|
+
```
|
|
310
|
+
|
|
311
|
+
### "Invalid client" Error
|
|
312
|
+
|
|
313
|
+
Check `clientId` and `clientSecret` are correct.
|
|
314
|
+
|
|
315
|
+
### Scope Issues
|
|
316
|
+
|
|
317
|
+
Ensure requested scopes are authorized for your app.
|