Allow cb open redirect to be modified by CB_REDIRECT_URL

Here, let `cb open` redirect to a non-standard Dashboard URL (or other
internal component) by respecting the `CB_REDIRECT_URL` env var. If the
var's empty, it continues to have the same behavior as before.

Author: brandur

CHANGELOG.md

@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+- `cb open` can now take a non-default redirect URL using `CB_REDIRECT_URL`.
+
 ## [3.6.3] - 2025-04-03
 ### Fixed
 - Missing values from cluster state enum.

spec/cb/open_spec.cr

@@ -17,6 +17,7 @@ Spectator.describe CB::Open do
 
     it "creates a session and executes open" do
       ENV["CB_API_KEY"] = nil
+      ENV["CB_REDIRECT_URL"] = nil
 
       open_args : Array(String)? = nil
 
@@ -27,7 +28,38 @@ Spectator.describe CB::Open do
 
       expect(client).to receive(:create_session)
         .with(
-          Client::SessionCreateParams.new(generate_one_time_token: true)
+          Client::SessionCreateParams.new(
+            generate_one_time_token: true,
+            redirect_url: nil
+          )
+        )
+        .and_return(
+          CB::Model::Session.new(id: session_id, one_time_token: session_one_time_token)
+        )
+
+      action.call
+
+      expected_login_url = "https://#{client_host}/sessions/#{session_id}/actions/login?one_time_token=#{session_one_time_token}"
+      expect(open_args).to eq([expected_login_url])
+    end
+
+    it "redirects to a URL based on env var" do
+      ENV["CB_API_KEY"] = nil
+      ENV["CB_REDIRECT_URL"] = "https://my-custom-url.crunchybridge.com"
+
+      open_args : Array(String)? = nil
+
+      action.open = ->(args : Array(String), _env : Process::Env) do
+        open_args = args
+        nil
+      end
+
+      expect(client).to receive(:create_session)
+        .with(
+          Client::SessionCreateParams.new(
+            generate_one_time_token: true,
+            redirect_url: "https://my-custom-url.crunchybridge.com"
+          )
         )
         .and_return(
           CB::Model::Session.new(id: session_id, one_time_token: session_one_time_token)

src/cb/open.cr

@@ -14,7 +14,10 @@ module CB
     def run
       raise Error.new "Cannot open browser session with #{"CB_API_KEY".colorize.red.bold} set." if ENV["CB_API_KEY"]?
 
-      session = client.create_session Client::SessionCreateParams.new(generate_one_time_token: true)
+      session = client.create_session Client::SessionCreateParams.new(
+        redirect_url: ENV["CB_REDIRECT_URL"]?,
+        generate_one_time_token: true,
+      )
       # A one-time token is sent via query string since we don't have any choice
       # while using an executable like `open`, which means that there is some
       # potential danger of it leaking to logs. To protect against this, tokens

src/client/session.cr

@@ -1,7 +1,8 @@
 module CB
   class Client
     jrecord SessionCreateParams,
-      generate_one_time_token : Bool
+      generate_one_time_token : Bool,
+      redirect_url : String?
 
     # https://crunchybridgeapiinternal.docs.apiary.io/#reference/0/sessions/create-session
     def create_session(params : SessionCreateParams)