feat: v2 token support in client + comprehensive tests

API client: - NewClient now accepts tokenVersion (0 = auto-detect from token prefix) - tokenVersion stored on Client, used for 403 error hints - All callers pass cfg.NetBox.TokenVersion Tests added: - netbox: TokenVersion, NewClient auto-detect, explicit version, 403 v1 hint, 403 v2 no-hint, Authorization header verification - config: token_version preserved/auto-detected, defaults, missing file, invalid YAML, Path() - setup: save roundtrip, file permissions (0600), empty fields omitted, dir creation, full save→load roundtrip Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-23 13:17:34 +02:00
parent 8ae28b3474
commit a4fa33d224
6 changed files with 435 additions and 26 deletions
@@ -11,16 +11,23 @@ import (
 )

 type Client struct {
-	baseURL    string
-	token      string
-	httpClient *http.Client
+	baseURL      string
+	token        string
+	tokenVersion int
+	httpClient   *http.Client
 }

-func NewClient(baseURL, token string) *Client {
+// NewClient creates a NetBox API client. Pass tokenVersion=0 to auto-detect
+// from the token string (1 for legacy, 2 for nbt_-prefixed tokens).
+func NewClient(baseURL, token string, tokenVersion int) *Client {
+	if tokenVersion == 0 {
+		tokenVersion = TokenVersion(token)
+	}
 	return &Client{
-		baseURL:    strings.TrimRight(baseURL, "/"),
-		token:      token,
-		httpClient: &http.Client{},
+		baseURL:      strings.TrimRight(baseURL, "/"),
+		token:        token,
+		tokenVersion: tokenVersion,
+		httpClient:   &http.Client{},
 	}
 }

@@ -157,7 +164,7 @@ func (c *Client) get(ctx context.Context, apiURL string, out any) error {

 	if resp.StatusCode == http.StatusForbidden {
 		hint := "check token permissions in NetBox"
-		if TokenVersion(c.token) == 1 {
+		if c.tokenVersion == 1 {
 			hint += " — legacy v1 token detected, consider upgrading to a v2 token (starts with nbt_)"
 		}
 		return fmt.Errorf("%s: %s", apiURL, hint)