Feat/cli deploy (#1240)

* feat: set basic structure deploy commands

* feat: add first iteration of CLI Deploy

* feat: some minor refactor

* feat: Add api, Deploy command and update cli

* feat: Remove test token

* feat: add auth0 lib, update cli and improve code

* feat: update code and decouple auth

* fix: parts of the code

* feat: Add token manager to encrypt access token and get and save tokens

* feat: add audience to costants

* feat: add subsystem saving credentials and remove comment of type hinting

* feat: add get crew version to send on header of request

* feat: add docstrings

* feat: add tests for authentication module

* feat: add tests for utils

* feat: add unit tests for cl

* feat: add tests

* feat: add deploy man tests

* feat: fix type checking issue

* feat: rename tests to pass ci

* feat: fix pr issues

* feat: fix get crewai versoin

* fix: add timeout for tests.yml

tests/cli/authentication/test_auth_main.py

@@ -0,0 +1,94 @@
+import unittest
+from unittest.mock import MagicMock, patch
+
+import requests
+from crewai.cli.authentication.main import AuthenticationCommand
+
+
+class TestAuthenticationCommand(unittest.TestCase):
+    def setUp(self):
+        self.auth_command = AuthenticationCommand()
+
+    @patch("crewai.cli.authentication.main.requests.post")
+    def test_get_device_code(self, mock_post):
+        mock_response = MagicMock()
+        mock_response.json.return_value = {
+            "device_code": "123456",
+            "user_code": "ABCDEF",
+            "verification_uri_complete": "https://example.com",
+            "interval": 5,
+        }
+        mock_post.return_value = mock_response
+
+        device_code_data = self.auth_command._get_device_code()
+
+        self.assertEqual(device_code_data["device_code"], "123456")
+        self.assertEqual(device_code_data["user_code"], "ABCDEF")
+        self.assertEqual(
+            device_code_data["verification_uri_complete"], "https://example.com"
+        )
+        self.assertEqual(device_code_data["interval"], 5)
+
+    @patch("crewai.cli.authentication.main.console.print")
+    @patch("crewai.cli.authentication.main.webbrowser.open")
+    def test_display_auth_instructions(self, mock_open, mock_print):
+        device_code_data = {
+            "verification_uri_complete": "https://example.com",
+            "user_code": "ABCDEF",
+        }
+
+        self.auth_command._display_auth_instructions(device_code_data)
+
+        mock_print.assert_any_call("1. Navigate to: ", "https://example.com")
+        mock_print.assert_any_call("2. Enter the following code: ", "ABCDEF")
+        mock_open.assert_called_once_with("https://example.com")
+
+    @patch("crewai.cli.authentication.main.requests.post")
+    @patch("crewai.cli.authentication.main.validate_token")
+    @patch("crewai.cli.authentication.main.console.print")
+    def test_poll_for_token_success(self, mock_print, mock_validate_token, mock_post):
+        mock_response = MagicMock()
+        mock_response.status_code = 200
+        mock_response.json.return_value = {
+            "id_token": "TOKEN",
+            "access_token": "ACCESS_TOKEN",
+        }
+        mock_post.return_value = mock_response
+
+        self.auth_command._poll_for_token({"device_code": "123456"})
+
+        mock_validate_token.assert_called_once_with("TOKEN")
+        mock_print.assert_called_once_with("\nWelcome to CrewAI+ !!", style="green")
+
+    @patch("crewai.cli.authentication.main.requests.post")
+    @patch("crewai.cli.authentication.main.console.print")
+    def test_poll_for_token_error(self, mock_print, mock_post):
+        mock_response = MagicMock()
+        mock_response.status_code = 400
+        mock_response.json.return_value = {
+            "error": "invalid_request",
+            "error_description": "Invalid request",
+        }
+        mock_post.return_value = mock_response
+
+        with self.assertRaises(requests.HTTPError):
+            self.auth_command._poll_for_token({"device_code": "123456"})
+
+        mock_print.assert_not_called()
+
+    @patch("crewai.cli.authentication.main.requests.post")
+    @patch("crewai.cli.authentication.main.console.print")
+    def test_poll_for_token_timeout(self, mock_print, mock_post):
+        mock_response = MagicMock()
+        mock_response.status_code = 400
+        mock_response.json.return_value = {
+            "error": "authorization_pending",
+            "error_description": "Authorization pending",
+        }
+        mock_post.return_value = mock_response
+
+        self.auth_command._poll_for_token({"device_code": "123456", "interval": 0.01})
+
+        mock_print.assert_called_once_with(
+            "Timeout: Failed to get the token. Please try again.", style="bold red"
+        )

tests/cli/authentication/test_utils.py

@@ -0,0 +1,147 @@
+import json
+import unittest
+from datetime import datetime, timedelta
+from unittest.mock import MagicMock, patch
+
+from crewai.cli.authentication.utils import TokenManager, validate_token
+from cryptography.fernet import Fernet
+
+
+class TestValidateToken(unittest.TestCase):
+    @patch("crewai.cli.authentication.utils.AsymmetricSignatureVerifier")
+    @patch("crewai.cli.authentication.utils.TokenVerifier")
+    def test_validate_token(self, mock_token_verifier, mock_asymmetric_verifier):
+        mock_verifier_instance = mock_token_verifier.return_value
+        mock_id_token = "mock_id_token"
+
+        validate_token(mock_id_token)
+
+        mock_asymmetric_verifier.assert_called_once_with(
+            "https://dev-jzsr0j8zs0atl5ha.us.auth0.com/.well-known/jwks.json"
+        )
+        mock_token_verifier.assert_called_once_with(
+            signature_verifier=mock_asymmetric_verifier.return_value,
+            issuer="https://dev-jzsr0j8zs0atl5ha.us.auth0.com/",
+            audience="CZtyRHuVW80HbLSjk4ggXNzjg4KAt7Oe",
+        )
+        mock_verifier_instance.verify.assert_called_once_with(mock_id_token)
+
+
+class TestTokenManager(unittest.TestCase):
+    def setUp(self):
+        self.token_manager = TokenManager()
+
+    @patch("crewai.cli.authentication.utils.TokenManager.read_secure_file")
+    @patch("crewai.cli.authentication.utils.TokenManager.save_secure_file")
+    @patch("crewai.cli.authentication.utils.TokenManager._get_or_create_key")
+    def test_get_or_create_key_existing(self, mock_get_or_create, mock_save, mock_read):
+        mock_key = Fernet.generate_key()
+        mock_get_or_create.return_value = mock_key
+
+        token_manager = TokenManager()
+        result = token_manager.key
+
+        self.assertEqual(result, mock_key)
+
+    @patch("crewai.cli.authentication.utils.Fernet.generate_key")
+    @patch("crewai.cli.authentication.utils.TokenManager.read_secure_file")
+    @patch("crewai.cli.authentication.utils.TokenManager.save_secure_file")
+    def test_get_or_create_key_new(self, mock_save, mock_read, mock_generate):
+        mock_key = b"new_key"
+        mock_read.return_value = None
+        mock_generate.return_value = mock_key
+
+        result = self.token_manager._get_or_create_key()
+
+        self.assertEqual(result, mock_key)
+        mock_read.assert_called_once_with("secret.key")
+        mock_generate.assert_called_once()
+        mock_save.assert_called_once_with("secret.key", mock_key)
+
+    @patch("crewai.cli.authentication.utils.TokenManager.save_secure_file")
+    def test_save_tokens(self, mock_save):
+        access_token = "test_token"
+        expires_in = 3600
+
+        self.token_manager.save_tokens(access_token, expires_in)
+
+        mock_save.assert_called_once()
+        args = mock_save.call_args[0]
+        self.assertEqual(args[0], "tokens.enc")
+        decrypted_data = self.token_manager.fernet.decrypt(args[1])
+        data = json.loads(decrypted_data)
+        self.assertEqual(data["access_token"], access_token)
+        expiration = datetime.fromisoformat(data["expiration"])
+        self.assertAlmostEqual(
+            expiration,
+            datetime.now() + timedelta(seconds=expires_in),
+            delta=timedelta(seconds=1),
+        )
+
+    @patch("crewai.cli.authentication.utils.TokenManager.read_secure_file")
+    def test_get_token_valid(self, mock_read):
+        access_token = "test_token"
+        expiration = (datetime.now() + timedelta(hours=1)).isoformat()
+        data = {"access_token": access_token, "expiration": expiration}
+        encrypted_data = self.token_manager.fernet.encrypt(json.dumps(data).encode())
+        mock_read.return_value = encrypted_data
+
+        result = self.token_manager.get_token()
+
+        self.assertEqual(result, access_token)
+
+    @patch("crewai.cli.authentication.utils.TokenManager.read_secure_file")
+    def test_get_token_expired(self, mock_read):
+        access_token = "test_token"
+        expiration = (datetime.now() - timedelta(hours=1)).isoformat()
+        data = {"access_token": access_token, "expiration": expiration}
+        encrypted_data = self.token_manager.fernet.encrypt(json.dumps(data).encode())
+        mock_read.return_value = encrypted_data
+
+        result = self.token_manager.get_token()
+
+        self.assertIsNone(result)
+
+    @patch("crewai.cli.authentication.utils.TokenManager.get_secure_storage_path")
+    @patch("builtins.open", new_callable=unittest.mock.mock_open)
+    @patch("crewai.cli.authentication.utils.os.chmod")
+    def test_save_secure_file(self, mock_chmod, mock_open, mock_get_path):
+        mock_path = MagicMock()
+        mock_get_path.return_value = mock_path
+        filename = "test_file.txt"
+        content = b"test_content"
+
+        self.token_manager.save_secure_file(filename, content)
+
+        mock_path.__truediv__.assert_called_once_with(filename)
+        mock_open.assert_called_once_with(mock_path.__truediv__.return_value, "wb")
+        mock_open().write.assert_called_once_with(content)
+        mock_chmod.assert_called_once_with(mock_path.__truediv__.return_value, 0o600)
+
+    @patch("crewai.cli.authentication.utils.TokenManager.get_secure_storage_path")
+    @patch(
+        "builtins.open", new_callable=unittest.mock.mock_open, read_data=b"test_content"
+    )
+    def test_read_secure_file_exists(self, mock_open, mock_get_path):
+        mock_path = MagicMock()
+        mock_get_path.return_value = mock_path
+        mock_path.__truediv__.return_value.exists.return_value = True
+        filename = "test_file.txt"
+
+        result = self.token_manager.read_secure_file(filename)
+
+        self.assertEqual(result, b"test_content")
+        mock_path.__truediv__.assert_called_once_with(filename)
+        mock_open.assert_called_once_with(mock_path.__truediv__.return_value, "rb")
+
+    @patch("crewai.cli.authentication.utils.TokenManager.get_secure_storage_path")
+    def test_read_secure_file_not_exists(self, mock_get_path):
+        mock_path = MagicMock()
+        mock_get_path.return_value = mock_path
+        mock_path.__truediv__.return_value.exists.return_value = False
+        filename = "test_file.txt"
+
+        result = self.token_manager.read_secure_file(filename)
+
+        self.assertIsNone(result)
+        mock_path.__truediv__.assert_called_once_with(filename)