update

Author: vegeris

cmd/sandbox/token.go cmd/sandbox/auth.gocmd/sandbox/token.go renamed to cmd/sandbox/auth.go

@@ -16,11 +16,15 @@ package sandbox
 
 import (
 	"context"
+	"fmt"
+	"slices"
 	"strings"
 
+	"github.com/slackapi/slack-cli/internal/iostreams"
 	"github.com/slackapi/slack-cli/internal/shared"
 	"github.com/slackapi/slack-cli/internal/shared/types"
 	"github.com/slackapi/slack-cli/internal/slackerror"
+	"github.com/slackapi/slack-cli/internal/style"
 )
 
 // getSandboxToken returns the token to use for sandbox API operations.
@@ -30,22 +34,26 @@ func getSandboxToken(ctx context.Context, clients *shared.ClientFactory, tokenFl
 	return token, err
 }
 
-// getSandboxTokenAndAuth returns the token and auth used for sandbox API operations.
-// When --token is provided, auth is resolved via AuthWithToken (may have limited fields).
-// Otherwise auth comes from stored credentials.
+// getSandboxTokenAndAuth returns the auth used for sandbox management.
+// The --token flag will be used if present, otherwise we prompt the user to select a team to use for authentication.
 func getSandboxTokenAndAuth(ctx context.Context, clients *shared.ClientFactory, tokenFlag string) (string, *types.SlackAuth, error) {
+	var auth *types.SlackAuth
 	if tokenFlag != "" {
-		auth, err := clients.Auth().AuthWithToken(ctx, tokenFlag)
+		a, err := clients.Auth().AuthWithToken(ctx, tokenFlag)
 		if err != nil {
 			return "", nil, err
 		}
-		return tokenFlag, &auth, nil
+		auth = &a
+	} else {
+		a, err := resolveAuthForSandbox(ctx, clients)
+		if err != nil {
+			return "", nil, err
+		}
+		auth = a
 	}
 
-	auth, err := resolveAuthForSandbox(ctx, clients)
-	if err != nil {
-		return "", nil, err
-	}
+	clients.Config.APIHostResolved = clients.Auth().ResolveAPIHost(ctx, clients.Config.APIHostFlag, auth)
+	clients.Config.LogstashHostResolved = clients.Auth().ResolveLogstashHost(ctx, clients.Config.APIHostResolved, clients.CLIVersion)
 
 	return auth.Token, auth, nil
 }
@@ -82,26 +90,55 @@ func resolveAuthForSandbox(ctx context.Context, clients *shared.ClientFactory) (
 			}
 		}
 		return nil, slackerror.New(slackerror.ErrTeamNotFound).
-			WithMessage("No auth found for team: " + clients.Config.TeamFlag).
+			WithMessage("No auth found for team: %s", clients.Config.TeamFlag).
 			WithRemediation("Run 'slack auth list' to see your authorized workspaces")
 	}
 
-	// Use first auth
-	return &auths[0], nil
-}
-
-// parseLabels parses a comma-separated key=value string into a map
-func parseLabels(labelsStr string) map[string]string {
-	if labelsStr == "" {
-		return nil
+	// Multiple auths: prompt user to select team; single auth: use it directly
+	if len(auths) == 1 {
+		return &auths[0], nil
 	}
-
-	labels := make(map[string]string)
-	for _, pair := range strings.Split(labelsStr, ",") {
-		kv := strings.SplitN(strings.TrimSpace(pair), "=", 2)
-		if len(kv) == 2 {
-			labels[strings.TrimSpace(kv[0])] = strings.TrimSpace(kv[1])
+	type authOption struct {
+		auth  types.SlackAuth
+		label string
+	}
+	options := make([]authOption, 0, len(auths))
+	for _, a := range auths {
+		options = append(options, authOption{
+			auth:  a,
+			label: fmt.Sprintf("%s %s", a.TeamDomain, style.Secondary(a.TeamID)),
+		})
+	}
+	slices.SortFunc(options, func(a, b authOption) int {
+		if c := strings.Compare(a.auth.TeamDomain, b.auth.TeamDomain); c != 0 {
+			return c
 		}
+		return strings.Compare(a.auth.TeamID, b.auth.TeamID)
+	})
+	labels := make([]string, 0, len(options))
+	for _, opt := range options {
+		labels = append(labels, opt.label)
+	}
+	selection, err := clients.IO.SelectPrompt(ctx, "Select a team for authentication", labels, iostreams.SelectPromptConfig{
+		Flag:     clients.Config.Flags.Lookup("team"),
+		Required: true,
+	})
+	if err != nil {
+		return nil, err
+	}
+	switch {
+	case selection.Flag:
+		for _, opt := range options {
+			if opt.auth.TeamID == selection.Option || opt.auth.TeamDomain == selection.Option {
+				return &opt.auth, nil
+			}
+		}
+		return nil, slackerror.New(slackerror.ErrTeamNotFound).
+			WithMessage("No auth found for team: %s", selection.Option).
+			WithRemediation("Run 'slack auth list' to see your authorized workspaces")
+	case selection.Prompt:
+		return &options[selection.Index].auth, nil
+	default:
+		return nil, slackerror.New(slackerror.ErrInvalidAuth)
 	}
-	return labels
 }

cmd/sandbox/list.go

@@ -36,7 +36,7 @@ func NewListCommand(clients *shared.ClientFactory) *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "list [flags]",
 		Short: "List your sandboxes",
-		Long:  `List all of your active or archived sandboxes.`,
+		Long:  `List details of your sandboxes`,
 		Example: style.ExampleCommandsf([]style.ExampleCommand{
 			{Command: "sandbox list", Meaning: "List your sandboxes"},
 			{Command: "sandbox list --filter active", Meaning: "List active sandboxes only"},
@@ -91,6 +91,7 @@ func printSandboxes(cmd *cobra.Command, clients *shared.ClientFactory, token str
 		Emoji: "beach_with_umbrella",
 		Text:  " Developer Sandboxes",
 	}
+
 	if email != "" {
 		section.Secondary = []string{fmt.Sprintf("Owned by Slack developer account %s", email)}
 	}
@@ -102,28 +103,43 @@ func printSandboxes(cmd *cobra.Command, clients *shared.ClientFactory, token str
 		return nil
 	}
 
-	timeFormat := "2006-01-02 15:04"
+	timeFormat := "2006-01-02" // We only support the granularity of the day for now, rather than a more precise datetime
 	for _, s := range sandboxes {
 		cmd.Printf("  %s (%s)\n", style.Bold(s.SandboxName), s.SandboxTeamID)
+
 		if s.SandboxDomain != "" {
 			cmd.Printf("    %s\n", style.Secondary(fmt.Sprintf("URL: https://%s.slack.com", s.SandboxDomain)))
 		}
+
+		if s.DateCreated > 0 {
+			cmd.Printf("    %s\n", style.Secondary(fmt.Sprintf("Created: %s", time.Unix(s.DateCreated, 0).Format(timeFormat))))
+		}
+
 		if s.Status != "" {
 			status := style.Secondary(fmt.Sprintf("Status: %s", strings.ToTitle(s.Status)))
 			if strings.EqualFold(s.Status, "archived") {
 				cmd.Printf("    %s %s\n", style.Emoji("warning"), status)
 			} else {
-				cmd.Printf("    %s\n", status)
+				cmd.Printf("    %s%s\n", style.Emoji("green_circle"), status)
 			}
 		}
-		if s.DateCreated > 0 {
-			cmd.Printf("    %s\n", style.Secondary(fmt.Sprintf("Created: %s", time.Unix(s.DateCreated, 0).Format(timeFormat))))
-		}
+
 		if s.DateArchived > 0 {
-			cmd.Printf("    %s\n", style.Secondary(fmt.Sprintf("Archived: %s", time.Unix(s.DateArchived, 0).Format(timeFormat))))
+			archivedTime := time.Unix(s.DateArchived, 0).In(time.Local)
+			now := time.Now()
+			archivedDate := time.Date(archivedTime.Year(), archivedTime.Month(), archivedTime.Day(), 0, 0, 0, 0, time.Local)
+			todayDate := time.Date(now.Year(), now.Month(), now.Day(), 0, 0, 0, 0, time.Local)
+			label := "Active until:"
+			if archivedDate.Before(todayDate) {
+				label = "Archived:"
+			}
+			cmd.Printf("    %s\n", style.Secondary(fmt.Sprintf("%s %s", label, archivedTime.Format(timeFormat))))
 		}
+
 		cmd.Println()
 	}
 
+	clients.IO.PrintInfo(ctx, false, "Learn more at %s", style.Secondary("https://docs.slack.dev/tools/developer-sandboxes"))
+
 	return nil
 }

cmd/sandbox/list_test.go

@@ -0,0 +1,166 @@
+// Copyright 2022-2026 Salesforce, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sandbox
+
+import (
+	"context"
+	"errors"
+	"testing"
+
+	"github.com/slackapi/slack-cli/internal/experiment"
+	"github.com/slackapi/slack-cli/internal/shared"
+	"github.com/slackapi/slack-cli/internal/shared/types"
+	"github.com/slackapi/slack-cli/internal/slackcontext"
+	"github.com/slackapi/slack-cli/test/testutil"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/mock"
+	"github.com/stretchr/testify/require"
+)
+
+func TestListCommand(t *testing.T) {
+	ctx := slackcontext.MockContext(context.Background())
+	clientsMock := shared.NewClientsMock()
+	clientsMock.AddDefaultMocks()
+
+	// Enable sandboxes experiment
+	clientsMock.Config.ExperimentsFlag = []string{string(experiment.Sandboxes)}
+	clientsMock.Config.LoadExperiments(ctx, clientsMock.IO.PrintDebug)
+
+	clients := shared.NewClientFactory(clientsMock.MockClientFactory())
+	cmd := NewListCommand(clients)
+	testutil.MockCmdIO(clients.IO, cmd)
+
+	// Use --token to bypass stored credentials; mock AuthWithToken
+	testToken := "xoxb-test-token"
+	clientsMock.Auth.On("AuthWithToken", mock.Anything, testToken).Return(types.SlackAuth{Token: testToken}, nil)
+	clientsMock.Auth.On("ResolveAPIHost", mock.Anything, mock.Anything, mock.Anything).Return("https://api.slack.com")
+	clientsMock.Auth.On("ResolveLogstashHost", mock.Anything, mock.Anything, mock.Anything).Return("https://slackb.com/events/cli")
+
+	// Mock ListSandboxes to return empty list
+	clientsMock.API.On("ListSandboxes", mock.Anything, testToken, "").Return([]types.Sandbox{}, nil)
+
+	cmd.SetArgs([]string{"--token", testToken})
+	err := cmd.ExecuteContext(ctx)
+	require.NoError(t, err)
+
+	clientsMock.Auth.AssertCalled(t, "AuthWithToken", mock.Anything, testToken)
+	clientsMock.API.AssertCalled(t, "ListSandboxes", mock.Anything, testToken, "")
+	assert.Contains(t, clientsMock.GetStdoutOutput(), "No sandboxes found")
+}
+
+func TestListCommand_withSandboxes(t *testing.T) {
+	ctx := slackcontext.MockContext(context.Background())
+	clientsMock := shared.NewClientsMock()
+	clientsMock.AddDefaultMocks()
+
+	clientsMock.Config.ExperimentsFlag = []string{string(experiment.Sandboxes)}
+	clientsMock.Config.LoadExperiments(ctx, clientsMock.IO.PrintDebug)
+
+	clients := shared.NewClientFactory(clientsMock.MockClientFactory())
+	cmd := NewListCommand(clients)
+	testutil.MockCmdIO(clients.IO, cmd)
+
+	testToken := "xoxb-test-token"
+	clientsMock.Auth.On("AuthWithToken", mock.Anything, testToken).Return(types.SlackAuth{Token: testToken}, nil)
+	clientsMock.Auth.On("ResolveAPIHost", mock.Anything, mock.Anything, mock.Anything).Return("https://api.slack.com")
+	clientsMock.Auth.On("ResolveLogstashHost", mock.Anything, mock.Anything, mock.Anything).Return("https://slackb.com/events/cli")
+
+	sandboxes := []types.Sandbox{
+		{
+			SandboxTeamID: "T123",
+			SandboxName:   "my-sandbox",
+			SandboxDomain: "my-sandbox",
+			Status:        "active",
+			DateCreated:   1700000000,
+			DateArchived:  0,
+		},
+	}
+	clientsMock.API.On("ListSandboxes", mock.Anything, testToken, "").Return(sandboxes, nil)
+
+	cmd.SetArgs([]string{"--token", testToken})
+	err := cmd.ExecuteContext(ctx)
+	require.NoError(t, err)
+
+	clientsMock.API.AssertCalled(t, "ListSandboxes", mock.Anything, testToken, "")
+	assert.Contains(t, clientsMock.GetStdoutOutput(), "my-sandbox")
+	assert.Contains(t, clientsMock.GetStdoutOutput(), "T123")
+	assert.Contains(t, clientsMock.GetStdoutOutput(), "https://my-sandbox.slack.com")
+}
+
+func TestListCommand_withFilter(t *testing.T) {
+	ctx := slackcontext.MockContext(context.Background())
+	clientsMock := shared.NewClientsMock()
+	clientsMock.AddDefaultMocks()
+
+	clientsMock.Config.ExperimentsFlag = []string{string(experiment.Sandboxes)}
+	clientsMock.Config.LoadExperiments(ctx, clientsMock.IO.PrintDebug)
+
+	clients := shared.NewClientFactory(clientsMock.MockClientFactory())
+	cmd := NewListCommand(clients)
+	testutil.MockCmdIO(clients.IO, cmd)
+
+	testToken := "xoxb-test-token"
+	clientsMock.Auth.On("AuthWithToken", mock.Anything, testToken).Return(types.SlackAuth{Token: testToken}, nil)
+	clientsMock.Auth.On("ResolveAPIHost", mock.Anything, mock.Anything, mock.Anything).Return("https://api.slack.com")
+	clientsMock.Auth.On("ResolveLogstashHost", mock.Anything, mock.Anything, mock.Anything).Return("https://slackb.com/events/cli")
+	clientsMock.API.On("ListSandboxes", mock.Anything, testToken, "active").Return([]types.Sandbox{}, nil)
+
+	cmd.SetArgs([]string{"--token", testToken, "--filter", "active"})
+	err := cmd.ExecuteContext(ctx)
+	require.NoError(t, err)
+
+	clientsMock.API.AssertCalled(t, "ListSandboxes", mock.Anything, testToken, "active")
+}
+
+func TestListCommand_listError(t *testing.T) {
+	ctx := slackcontext.MockContext(context.Background())
+	clientsMock := shared.NewClientsMock()
+	clientsMock.AddDefaultMocks()
+
+	clientsMock.Config.ExperimentsFlag = []string{string(experiment.Sandboxes)}
+	clientsMock.Config.LoadExperiments(ctx, clientsMock.IO.PrintDebug)
+
+	clients := shared.NewClientFactory(clientsMock.MockClientFactory())
+	cmd := NewListCommand(clients)
+	testutil.MockCmdIO(clients.IO, cmd)
+
+	testToken := "xoxb-test-token"
+	clientsMock.Auth.On("AuthWithToken", mock.Anything, testToken).Return(types.SlackAuth{Token: testToken}, nil)
+	clientsMock.Auth.On("ResolveAPIHost", mock.Anything, mock.Anything, mock.Anything).Return("https://api.slack.com")
+	clientsMock.Auth.On("ResolveLogstashHost", mock.Anything, mock.Anything, mock.Anything).Return("https://slackb.com/events/cli")
+	clientsMock.API.On("ListSandboxes", mock.Anything, testToken, "").
+		Return([]types.Sandbox(nil), errors.New("api_error"))
+
+	cmd.SetArgs([]string{"--token", testToken})
+	err := cmd.ExecuteContext(ctx)
+	require.Error(t, err)
+}
+
+func TestListCommand_experimentRequired(t *testing.T) {
+	ctx := slackcontext.MockContext(context.Background())
+	clientsMock := shared.NewClientsMock()
+	clientsMock.AddDefaultMocks()
+
+	// Do NOT enable sandboxes experiment
+	clients := shared.NewClientFactory(clientsMock.MockClientFactory())
+	cmd := NewListCommand(clients)
+	testutil.MockCmdIO(clients.IO, cmd)
+
+	cmd.SetArgs([]string{"--token", "xoxb-test"})
+	err := cmd.ExecuteContext(ctx)
+	require.Error(t, err)
+	assert.Contains(t, err.Error(), "sandbox")
+	clientsMock.API.AssertNotCalled(t, "ListSandboxes", mock.Anything, mock.Anything, mock.Anything)
+}

cmd/sandbox/sandbox.go

@@ -29,9 +29,9 @@ func NewCommand(clients *shared.ClientFactory) *cobra.Command {
 		Long: `Manage your Slack developer sandboxes without leaving your terminal.
 Use the --team flag to select the authentication to use for these commands.
 
-Prefer a UI? Head over to https://api.slack.com/developer-program/sandboxes
+Prefer a UI? Head over to {{LinkText "https://api.slack.com/developer-program/sandboxes"}}
 
-New to the Developer Program? Sign up at https://api.slack.com/developer-program/join`,
+New to the Developer Program? Sign up at {{LinkText "https://api.slack.com/developer-program/join"}}`,
 		Example: style.ExampleCommandsf([]style.ExampleCommand{}),
 		PreRunE: func(cmd *cobra.Command, args []string) error {
 			return requireSandboxExperiment(clients)