release: prepare 0.2.2

[NathaelB]

Summary by CodeRabbit

• New Features

  • Added logout command to clear stored credentials and end the current session.
  • Added --force/-f flag to delete operations (realms, clients, users) to bypass confirmation prompts in non-interactive environments.

• Improvements

  • Destructive actions now require user confirmation to prevent accidental operations.
  • Enhanced token management with automatic refresh when stored tokens expire.

• Chores

  • Version bumped to 0.2.2.
  • Updated release workflow to respect cancellation conditions.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d78e0484-9078-49f5-b3b1-d82709bb1a10

📥 Commits

Reviewing files that changed from the base of the PR and between 4332568 and d5313ab.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (18)

• .github/workflows/release.yaml
• CLAUDE.md
• Cargo.toml
• libs/ferriskey-cli-client/Cargo.toml
• libs/ferriskey-cli-client/src/lib.rs
• libs/ferriskey-cli-commands/src/client.rs
• libs/ferriskey-cli-commands/src/lib.rs
• libs/ferriskey-cli-commands/src/realm.rs
• libs/ferriskey-cli-commands/src/user.rs
• libs/ferriskey-cli-core/Cargo.toml
• libs/ferriskey-cli-core/src/auth.rs
• libs/ferriskey-cli-core/src/client.rs
• libs/ferriskey-cli-core/src/confirm.rs
• libs/ferriskey-cli-core/src/credentials.rs
• libs/ferriskey-cli-core/src/lib.rs
• libs/ferriskey-cli-core/src/realm.rs
• libs/ferriskey-cli-core/src/session.rs
• libs/ferriskey-cli-core/src/user.rs

---

📝 Walkthrough

Walkthrough

The PR introduces a logout command, automatic token refresh on stored-token expiry, and confirmation prompts gating destructive delete operations (client, realm, user). A new confirm module provides force-flag and TTY-aware confirmation logic. reqwest defaults are disabled. Realm collection output now serializes consistently as arrays. Version bumped to 0.2.2 with release workflow safety guard.

Changes

Core logout and refresh flow with confirmations

Layer / File(s)	Summary
Token refresh and session validation libs/ferriskey-cli-client/Cargo.toml, libs/ferriskey-cli-core/Cargo.toml, libs/ferriskey-cli-client/src/lib.rs, libs/ferriskey-cli-core/src/session.rs	New FerriskeyClient::exchange_refresh_token() method sends OAuth2 refresh-token grant. resolve_bearer_token validates stored tokens against expiry (30s leeway); on expiry, silently refreshes and persists rotated credentials. Falls back to client-credentials flow if refresh unavailable. Unit tests cover expiry leeway boundary behavior. reqwest defaults disabled in both Cargo files to reduce CLI dependency surface.
Confirmation framework for destructive operations libs/ferriskey-cli-core/src/confirm.rs, libs/ferriskey-cli-core/src/lib.rs	New confirm() helper and ConfirmError type gate user confirmations. TTY-aware: rejects non-interactive stdin to avoid hanging scripts, accepts force-flag bypass, and reads y/N prompts from stdin in interactive mode.
Logout command and credentials cleanup libs/ferriskey-cli-commands/src/lib.rs, libs/ferriskey-cli-core/src/auth.rs, libs/ferriskey-cli-core/src/credentials.rs, libs/ferriskey-cli-core/src/lib.rs	New Commands::Logout variant triggers auth::logout() which deletes stored credentials file via CredentialsRepository::delete(). Returns success with status message indicating whether credentials were removed.
Client deletion with confirmation libs/ferriskey-cli-commands/src/client.rs, libs/ferriskey-cli-core/src/client.rs	ClientDeleteArgs adds --force/-f flag. delete_client() calls confirm() with client id before deletion, honoring force flag. ClientCommandError gains Confirm variant.
Realm deletion with confirmation libs/ferriskey-cli-commands/src/realm.rs, libs/ferriskey-cli-core/src/realm.rs	New RealmDeleteArgs struct with name and force flag replaces RealmNameArgs for delete subcommand. delete_realm() calls confirm() with realm name before deletion, honoring force flag. RealmCommandError gains Confirm variant.
User deletion with confirmation libs/ferriskey-cli-commands/src/user.rs, libs/ferriskey-cli-core/src/user.rs	UserDeleteArgs adds --force/-f flag. delete_user() calls confirm() with user name before deletion, honoring force flag. UserCommandError gains Confirm variant.
Collection output format normalization libs/ferriskey-cli-core/src/realm.rs	realm import output rendering now serializes all collections as JSON/YAML arrays, removing prior single-element object special-case for consistent automation behavior.
Version bump and release workflow safety Cargo.toml, .github/workflows/release.yaml, libs/ferriskey-cli-commands/src/realm.rs	Workspace version updated to 0.2.2. release.yaml job adds if: !cancelled() condition to skip publishing on workflow cancellation. Minor re-export formatting in realm.rs.

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant CLI as resolve_bearer_token
  participant Store as StoredCredentials
  participant Expiry as is_expired
  participant Refresh as try_refresh
  participant Client as FerriskeyClient
  participant Repo as CredentialsRepository
  
  User->>CLI: Bearer token needed
  CLI->>Expiry: Check if stored token expired (30s leeway)?
  
  alt Token valid
    Expiry-->>CLI: false
    CLI-->>User: Return StoredToken
  else Token expired
    Expiry-->>CLI: true
    CLI->>Refresh: Attempt silent refresh
    Refresh->>Client: exchange_refresh_token(refresh_token)
    Client-->>Refresh: JwtToken
    Refresh->>Repo: Save new StoredCredentials
    Repo-->>Refresh: Success
    Refresh-->>CLI: RefreshedToken
    CLI-->>User: Return RefreshedToken
  else Refresh unavailable
    Refresh-->>CLI: None (expired refresh or server error)
    CLI->>CLI: Fall back to client_credentials flow
    CLI-->>User: Return new token or NoCredentials error
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• ferriskey/ferriskey-cli#15: Adds the original delete_client handler that the main PR extends with confirmation prompts and force-flag handling via ClientCommandError::Confirm.
• ferriskey/ferriskey-cli#13: Prior modification to ClientDeleteArgs in libs/ferriskey-cli-commands/src/client.rs; main PR adds the force flag to that same struct.

Poem

🐰 Whisker-twitching tokens now refresh in silence,
Confirmations guard each delete with compliance,
--force to bypass, TTY to protect,
Logout cleans the session, just as you'd expect. ✨

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release/prepare-0.2.2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}