Platform-OS · Slashek · Mar 18, 2026 · Mar 18, 2026 · Mar 18, 2026 · Mar 18, 2026
diff --git a/bin/pos-cli-archive.js b/bin/pos-cli-archive.js
@@ -2,10 +2,10 @@
 import { program } from '../lib/program.js';
 
 import { run as auditRun } from '../lib/audit.js';
-import archive from '../lib/archive.js';
+import { makeArchive } from '../lib/archive.js';
 
 const createArchive = async (env) => {
-  const numberOfFiles = await archive.makeArchive(env, { withoutAssets: false });
+  const numberOfFiles = await makeArchive(env, { withoutAssets: false });
   if (numberOfFiles == 0) throw 'Archive failed to create.';
 };
 

diff --git a/bin/pos-cli-constants-list.js b/bin/pos-cli-constants-list.js
@@ -2,7 +2,7 @@
 
 import { program } from '../lib/program.js';
 import Gateway from '../lib/proxy.js';
-import queries from '../lib/graph/queries.js';
+import { getConstants } from '../lib/graph/queries.js';
 import { fetchSettings } from '../lib/settings.js';
 import logger from '../lib/logger.js';
 
@@ -26,7 +26,7 @@ program
     const gateway = new Gateway(authData);
 
     gateway
-      .graph({query: queries.getConstants()})
+      .graph({query: getConstants()})
       .then(success)
       .catch(console.log);
   });

diff --git a/bin/pos-cli-constants-set.js b/bin/pos-cli-constants-set.js
@@ -3,7 +3,7 @@
 import { program } from '../lib/program.js';
 import Gateway from '../lib/proxy.js';
 import { existence as validateExistence } from '../lib/validators/index.js';
-import queries from '../lib/graph/queries.js';
+import { setConstant } from '../lib/graph/queries.js';
 import { fetchSettings } from '../lib/settings.js';
 import logger from '../lib/logger.js';
 
@@ -36,7 +36,7 @@ program
     const gateway = new Gateway(authData);
 
     gateway
-      .graph({query: queries.setConstant(params.name, params.value)})
+      .graph({query: setConstant(params.name, params.value)})
       .then(success)
       .catch(error);
   });

diff --git a/bin/pos-cli-constants-unset.js b/bin/pos-cli-constants-unset.js
@@ -3,7 +3,7 @@
 import { program } from '../lib/program.js';
 import Gateway from '../lib/proxy.js';
 import { existence as validateExistence } from '../lib/validators/index.js';
-import queries from '../lib/graph/queries.js';
+import { unsetConstant } from '../lib/graph/queries.js';
 import { fetchSettings } from '../lib/settings.js';
 import logger from '../lib/logger.js';
 
@@ -37,7 +37,7 @@ program
     const gateway = new Gateway(authData);
 
     gateway
-      .graph({query: queries.unsetConstant(params.name)})
+      .graph({query: unsetConstant(params.name)})
       .then(success)
       .catch(error);
   });

diff --git a/bin/pos-cli-env-refresh-token.js b/bin/pos-cli-env-refresh-token.js
@@ -1,55 +1,23 @@
 import { program } from '../lib/program.js';
 import logger from '../lib/logger.js';
-import Portal from '../lib/portal.js';
-import { readPassword } from '../lib/utils/password.js';
 import { fetchSettings } from '../lib/settings.js';
-import { storeEnvironment, deviceAuthorizationFlow } from '../lib/environments.js';
+import refreshToken from '../lib/envs/refreshToken.js';
 import ServerError from '../lib/ServerError.js';
 
-const saveToken = (settings, token) => {
-  storeEnvironment(Object.assign(settings, { token: token }));
-  logger.Success(`Environment ${settings.url} as ${settings.environment} has been added successfully.`);
-};
-
-const login = async (email, password, url) => {
-  return Portal.login(email, password, url)
-    .then(response => {
-      if (response) return Promise.resolve(response[0].token);
-    });
-};
-
 program
   .name('pos-cli env refresh-token')
   .arguments('[environment]', 'name of environment. Example: staging')
   .action(async (environment, _params) => {
     try {
-
       const authData = await fetchSettings(environment);
-
-      if (!authData.email){
-        token = await deviceAuthorizationFlow(authData.url);
-      } else {
-        logger.Info(
-          `Please make sure that you have a permission to deploy. \n You can verify it here: ${Portal.url()}/me/permissions`,
-          { hideTimestamp: true }
-        );
-
-        const password = await readPassword();
-        logger.Info(`Asking ${Portal.url()} for access token...`);
-
-        token = await login(authData.email, password, authData.url);
-      }
-
-      if (token) saveToken({...authData, environment}, token);
-
+      await refreshToken(environment, authData);
     } catch (e) {
       if (ServerError.isNetworkError(e))
         await ServerError.handler(e);
       else
         await logger.Error(e);
       process.exit(1);
     }
-
   });
 
 program.parse(process.argv);
diff --git a/lib/ServerError.js b/lib/ServerError.js
@@ -146,7 +146,7 @@ const ServerError = {
 
   unauthorized: async request => {
     logger.Debug(`Unauthorized: ${JSON.stringify(request, null, 2)}`);
-    await logger.Error('You are unauthorized to do this operation. Check if your Token/URL or email/password are correct.', {
+    await logger.Error('You are unauthorized to do this operation. Check if your Token/URL or email/password are correct.\nTo refresh your token, run: pos-cli env refresh-token <environment>', {
       hideTimestamp: true,
       exit: shouldExit(request)
     });

diff --git a/lib/envs/refreshToken.js b/lib/envs/refreshToken.js
@@ -0,0 +1,40 @@
+import Portal from '../portal.js';
+import logger from '../logger.js';
+import { readPassword } from '../utils/password.js';
+import { storeEnvironment, deviceAuthorizationFlow } from '../environments.js';
+
+const login = async (email, password, url) => {
+  return Portal.login(email, password, url)
+    .then(response => {
+      if (response) return Promise.resolve(response[0].token);
+    });
+};
+
+const refreshToken = async (environment, authData) => {
+  let token;
+
+  if (!authData.email) {
+    token = await deviceAuthorizationFlow(authData.url);
+  } else {
+    logger.Info(
+      `Please make sure that you have a permission to deploy. \n You can verify it here: ${Portal.url()}/me/permissions`,
+      { hideTimestamp: true }
+    );
+
+    const password = await readPassword();
+    logger.Info(`Asking ${Portal.url()} for access token...`);
+
+    token = await login(authData.email, password, authData.url);
+  }
+
+  if (token) {
+    storeEnvironment({ ...authData, environment, token });
+    logger.Success(`Token for ${authData.url} as ${environment} has been refreshed successfully.`);
+  } else {
+    logger.Warn('Could not obtain a new token. Your existing token has not been changed.');
+  }
+
+  return token;
+};
+
+export default refreshToken;
diff --git a/test/unit/ServerError.test.js b/test/unit/ServerError.test.js
@@ -201,7 +201,7 @@ describe('ServerError', () => {
       expect(logger.Error).toHaveBeenCalledWith('NotFound: https://example.com/api/nonexistent');
     });
 
-    test('handles 401 unauthorized', () => {
+    test('handles 401 unauthorized with refresh-token hint', () => {
       const request = {
         statusCode: 401,
         options: { uri: 'https://example.com/api/deploy' }
@@ -210,7 +210,11 @@ describe('ServerError', () => {
       ServerError.responseHandler(request);
 
       expect(logger.Error).toHaveBeenCalledWith(
-        'You are unauthorized to do this operation. Check if your Token/URL or email/password are correct.',
+        expect.stringContaining('You are unauthorized to do this operation.'),
+        expect.objectContaining({ hideTimestamp: true })
+      );
+      expect(logger.Error).toHaveBeenCalledWith(
+        expect.stringContaining('pos-cli env refresh-token'),
         expect.objectContaining({ hideTimestamp: true })
       );
     });