feat: add new custom resolver to fetch the reference from private repo

.changeset/1810.md

@@ -0,0 +1,33 @@
+---
+'@asyncapi/cli': minor
+---
+
+feat:  add new custom resolver to fetch the reference from private repo
+
+- 0213926: Add new custom resolver to fetch the reference from private template and add new command auth add
+- 26037eb: Merge remote-tracking branch 'remote/master' into 1796-b
+- 6473326: chore: separate cli and api
+
+Signed-off-by: Shurtu-gal <[email protected]>
+- d484f2f: update
+- ab58365: remove invalid changes
+- 932c09c: update package-lock.json
+- ec5eb66: update package-lock.json
+- 7e4b523: fix github jobs
+- c7501a1: Fix elint issue
+- 925b90a: remove uncessary files
+- 5d651f7: remove invalid file
+- 5d76066: update-changeset
+- 5d89ce7: update-doc
+- 3461288: update-suggestions
+- 4f63af9: add new testcase
+- 5d83ac7: add new testcases
+- f1a4d39: add new test case for the validationService
+- af11ce4: update test case
+- 824bdb9: update changeset
+- cf4d070: Update src/domains/services/validation.service.ts
+
+Co-authored-by: Fran Méndez <[email protected]>
+- 150865c: update validation service for the github
+
+

docs/usage.md

@@ -42,6 +42,7 @@ USAGE
 * [`asyncapi bundle`](#asyncapi-bundle)
 * [`asyncapi config`](#asyncapi-config)
 * [`asyncapi config analytics`](#asyncapi-config-analytics)
+* [`asyncapi config auth add PATTERN TOKEN`](#asyncapi-config-auth-add-pattern-token)
 * [`asyncapi config context`](#asyncapi-config-context)
 * [`asyncapi config context add CONTEXT-NAME SPEC-FILE-PATH`](#asyncapi-config-context-add-context-name-spec-file-path)
 * [`asyncapi config context current`](#asyncapi-config-context-current)
@@ -170,6 +171,37 @@ DESCRIPTION
 
 _See code: [src/commands/config/analytics.ts](https://github.com/asyncapi/cli/blob/v3.2.0/src/commands/config/analytics.ts)_
 
+## `asyncapi config auth add PATTERN TOKEN`
+
+Add an authentication config for resolving $ref files requiring HTTP Authorization.
+
+```
+USAGE
+  $ asyncapi config auth add PATTERN TOKEN [-a <value>] [-h <value>...]
+
+ARGUMENTS
+  PATTERN  Glob pattern for matching protected URLs (e.g. github.com/org/repo/**/*.*)
+  TOKEN    Authentication token or environment variable reference (prefix with $, e.g. $GITHUB_TOKEN)
+
+FLAGS
+  -a, --auth-type=<value>  Authentication type (default is "Bearer")
+  -h, --header=<value>...  Additional headers in key=value format
+
+DESCRIPTION
+  Add an authentication config for resolving $ref files requiring HTTP Authorization.
+
+EXAMPLES
+  $ asyncapi config auth add "https://github.com/org/repo/**/*" "ghp_XuYi7ZWQWjmrJpY2Kz3ET"
+
+  $ asyncapi config auth add "https://api.github.com/repos/org/repo/**/*" "$GITHUB_TOKEN"
+
+  $ asyncapi config auth add "https://private-registry.com/**/*" "my-token" --auth-type="Token"
+
+  $ asyncapi config auth add "https://api.example.com/**/*" "token123" --header="X-API-Key=abc123" --header="User-Agent=MyApp/1.0"
+```
+
+_See code: [src/commands/config/auth/add.ts](https://github.com/asyncapi/cli/blob/v3.2.0/src/commands/config/auth/add.ts)_
+
 ## `asyncapi config context`
 
 Manage short aliases for full paths to AsyncAPI documents

scripts/enableAutoComplete.js

@@ -61,6 +61,7 @@ function getShellConfig(shell) {
   if (!allowedShells.includes(shell)) {
     throw new Error(`Unsupported shell: ${shell}. Autocomplete only supports zsh and bash.`);
   }
+  // eslint-disable-next-line security/detect-object-injection
   return shellConfigs[shell];
 }
 

src/apps/api/middlewares/validation.middleware.ts

@@ -166,7 +166,7 @@
     req: Request,
     res: Response,
     next: NextFunction,
   ): Promise<void> => {
     // Check if the condition is met
     if (options.condition && !options.condition(req)) {
       return next();
@@ -203,6 +203,7 @@
       __unstable: {
         resolver: {
           resolvers: [
+            // GitHub resolver for private repositories is automatically included by ValidationService
             // @TODO: Add Cookie Based Resolvers after migration and understanding some
             // details about how to use them in the new parser-js version.
           ],

src/apps/cli/commands/config/auth/add.ts

@@ -0,0 +1,76 @@
+import { Args, Flags } from '@oclif/core';
+import Command from '@cli/internal/base';
+import { blueBright } from 'picocolors';
+import { ConfigService, AuthEntry } from '@/domains/services/config.service';
+
+export default class AuthAdd extends Command {
+  static description =
+    'Add an authentication config for resolving $ref files requiring HTTP Authorization.';
+
+  static args = {
+    pattern: Args.string({
+      required: true,
+      description:
+        'Glob pattern for matching protected URLs (e.g. github.com/org/repo/**/*.*)',
+    }),
+    token: Args.string({
+      required: true,
+      description:
+        'Authentication token or environment variable reference (prefix with $, e.g. $GITHUB_TOKEN)',
+    }),
+  };
+
+  static flags = {
+    'auth-type': Flags.string({
+      char: 'a',
+      description: 'Authentication type (default is "Bearer")',
+    }),
+    header: Flags.string({
+      char: 'h',
+      description:
+        'Additional header in key=value format; can be used multiple times',
+      multiple: true,
+    }),
+  };
+
+  async run() {
+    const { args, flags } = await this.parse(AuthAdd);
+
+    const isEnvVar = args.token.startsWith('$');
+    const tokenValue = isEnvVar ? args.token.slice(1) : args.token;
+
+    // Parse headers into an object
+    const headers: Record<string, string> = {};
+    if (flags.header) {
+      for (const headerEntry of flags.header) {
+        const [key, value] = headerEntry.split('=');
+        if (key && value) {
+          headers[key.trim()] = value.trim();
+        } else {
+          this.warn(`⚠️ Ignored invalid header format: ${headerEntry}`);
+        }
+      }
+    }
+
+    const entry: AuthEntry = {
+      pattern: args.pattern,
+      token: tokenValue,
+      authType: flags['auth-type'] || 'Bearer',
+      headers: Object.keys(headers).length ? headers : undefined,
+    };
+
+    try {
+      await ConfigService.addAuthEntry(entry);
+      this.log(
+        `✅ Auth config added for ${blueBright(args.pattern)} using ${
+          isEnvVar ? `env var (${tokenValue})` : 'raw token'
+        } with auth type ${blueBright(entry.authType || 'Bearer')}`
+      );
+      if (entry.headers) {
+        this.log(`Headers: ${JSON.stringify(entry.headers, null, 2)}`);
+      }
+    } catch (err) {
+      this.error(`❌ Failed to add auth config: ${(err as Error).message}`);
+    }
+  }
+}

src/apps/cli/commands/validate.ts

@@ -17,7 +17,7 @@ import {
 export default class Validate extends Command {
   static description = 'validate asyncapi file';
   private validationService = new ValidationService();
-
+  
   static flags = {
     ...validateFlags(),
     ...proxyFlags(), // Merge proxyFlags with validateFlags

src/domains/services/config.service.ts

@@ -0,0 +1,104 @@
+import path from 'path';
+import os from 'os';
+import { promises as fs } from 'fs';
+import minimatch from 'minimatch';
+
+const CONFIG_DIR = path.join(os.homedir(), '.asyncapi');
+const CONFIG_FILE = path.join(CONFIG_DIR, 'config.json');
+
+export interface AuthEntry {
+  pattern: string;
+  token: string;
+  authType?: string;
+  headers?: Record<string, string>;
+}
+
+export interface AuthResult {
+  token: string;
+  authType: string;
+  headers: Record<string, string>;
+}
+
+interface Config {
+  auth?: AuthEntry[];
+}
+
+export class ConfigService {
+  /**
+   * Load config file (~/.asyncapi/config.json)
+   */
+  static async loadConfig(): Promise<Config> {
+    try {
+      const content = await fs.readFile(CONFIG_FILE, 'utf8');
+      return JSON.parse(content) as Config;
+    } catch (err: any) {
+      if (err.code === 'ENOENT') {
+        return {}; // no config yet
+      }
+      throw new Error(`Error reading config file: ${err.message}`);
+    }
+  }
+
+  /**
+   * Save config back to file
+   */
+  static async saveConfig(config: Config): Promise<void> {
+    await fs.mkdir(CONFIG_DIR, { recursive: true });
+    await fs.writeFile(CONFIG_FILE, JSON.stringify(config, null, 2), 'utf8');
+  }
+
+  /**
+ * Add or update an auth entry by merging with existing entry if present
+ */
+  static async addAuthEntry(entry: AuthEntry): Promise<void> {
+    const config = await this.loadConfig();
+
+    // Ensure config.auth is initialized as an array
+    config.auth ??= [];
+
+    // Find existing entry by pattern
+    const existingEntry = config.auth.find(e => e.pattern === entry.pattern);
+
+    if (existingEntry) {
+    // Merge new entry into existing one
+      Object.assign(existingEntry, entry);
+    } else {
+    // No existing entry, add new one
+      config.auth.push(entry);
+    }
+
+    await this.saveConfig(config);
+  }
+
+  /**
+   * Reads auth config from ~/.asyncapi/config.json and
+   * returns auth info matching the given URL, or null if no match.
+   * 
+   * @param url - URL to match against auth patterns
+   * @returns Auth info or null if no match found
+   */
+  static async getAuthForUrl(url: string): Promise<AuthResult | null> {
+    const config = await this.loadConfig();
+
+    if (!config.auth || !Array.isArray(config.auth)) {
+      console.warn('⚠️ No valid "auth" array found in config');
+      return null;
+    }
+
+    for (const entry of config.auth) {
+      try {
+        if (minimatch(url, entry.pattern)) {
+          return {
+            token: entry.token,
+            authType: entry.authType || 'Bearer',
+            headers: entry.headers || {}
+          };
+        }
+      } catch (err: any) {
+        console.warn(`⚠️ Invalid pattern "${entry.pattern}": ${err.message}`);
+      }
+    }
+
+    return null;
+  }
+}