Created init command to configure the script

Signed-off-by: Kevin Stanley <stanleyk@objectcomputing.com>

Author: stanleykc

unityauth-cli/docs/user-guide.md

@@ -5,6 +5,8 @@ Complete command reference for the UnityAuth command-line interface.
 ## Table of Contents
 
 - [Global Options](#global-options)
+- [Setup Commands](#setup-commands)
+  - [init](#init)
 - [Authentication Commands](#authentication-commands)
   - [login](#login)
   - [logout](#logout)
@@ -60,6 +62,79 @@ unityauth --verbose login
 
 ---
 
+## Setup Commands
+
+### init
+
+Initialize UnityAuth CLI with a guided setup wizard. This is the recommended first command for new users.
+
+```
+unityauth init [OPTIONS]
+```
+
+**Options:**
+
+| Option | Description |
+|--------|-------------|
+| `--api-url TEXT` | UnityAuth API endpoint URL (skips prompt if provided) |
+| `--skip-login` | Skip the login step after configuration |
+| `--allow-http` | Allow insecure HTTP URLs (not recommended for production) |
+
+**Behavior:**
+
+1. Prompts for API URL (or accepts via `--api-url`)
+2. Tests connection to the UnityAuth server
+3. Saves configuration to `~/.config/unityauth-cli/config.yml`
+4. Optionally prompts to log in (in interactive mode)
+5. Displays helpful next steps
+
+**Examples:**
+
+```bash
+# Interactive setup (recommended for first-time users)
+unityauth init
+
+# Non-interactive setup with API URL
+unityauth init --api-url https://auth.example.com --skip-login
+
+# Setup for local development (allows HTTP)
+unityauth init --api-url http://localhost:8081 --allow-http --skip-login
+```
+
+**Sample Output:**
+
+```
+Welcome to UnityAuth CLI!
+Let's get you set up.
+
+API URL: https://auth.example.com
+Testing connection to https://auth.example.com...
+✓ Connection successful
+✓ Configuration saved to ~/.config/unityauth-cli/config.yml
+
+Would you like to log in now? [Y/n]: y
+Email: admin@example.com
+Password: ********
+✓ Logged in as admin@example.com
+
+Setup complete!
+
+Next steps:
+  $ unityauth tenant list              # List your tenants
+  $ unityauth user list --tenant-id 1  # List users in tenant 1
+  $ unityauth role list                # List available roles
+  $ unityauth --help                   # See all commands
+```
+
+**Exit Codes:**
+
+| Code | Meaning |
+|------|---------|
+| 0 | Setup successful |
+| 4 | Configuration error (invalid URL, connection failed) |
+
+---
+
 ## Authentication Commands
 
 ### login
@@ -728,11 +803,14 @@ unityauth logout
 ### "API URL not configured"
 
 ```bash
-# Check current configuration
-unityauth config show
+# First-time setup (recommended)
+unityauth init
 
-# Set API URL
+# Or manually set API URL
 unityauth config set api_url https://auth.example.com
+
+# Check current configuration
+unityauth config show
 ```
 
 ### "Not authenticated"

unityauth-cli/src/unityauth_cli/cli.py

@@ -235,11 +235,15 @@ def register_commands() -> None:
     """Register all CLI commands with the main group."""
     from unityauth_cli.commands.login import login, logout, token_info
     from unityauth_cli.commands.config import config
+    from unityauth_cli.commands.init import init
     from unityauth_cli.commands.users import create, update, update_profile, list_users
     from unityauth_cli.commands.tenants import list_tenants, tenant_users
     from unityauth_cli.commands.roles import list_roles
     from unityauth_cli.commands.permissions import list_permissions
 
+    # Register setup command
+    cli.add_command(init)
+
     # Register authentication commands
     cli.add_command(login)
     cli.add_command(logout)

unityauth-cli/src/unityauth_cli/commands/init.py

@@ -0,0 +1,197 @@
+"""Init command: First-time setup wizard for UnityAuth CLI.
+
+Guides users through initial configuration and authentication.
+"""
+
+import sys
+
+import click
+import requests
+
+from unityauth_cli.cli import CLIContext, console, error, info, pass_context, success, warning
+from unityauth_cli.config import Configuration
+from unityauth_cli.utils.validation import validate_url, validate_email
+
+
+@click.command()
+@click.option(
+    '--api-url',
+    help='UnityAuth API endpoint URL (skip prompt)',
+)
+@click.option(
+    '--skip-login',
+    is_flag=True,
+    help='Skip the login step after configuration',
+)
+@click.option(
+    '--allow-http',
+    is_flag=True,
+    help='Allow insecure HTTP URLs (not recommended)',
+)
+@pass_context
+def init(ctx: CLIContext, api_url: str | None, skip_login: bool, allow_http: bool) -> None:
+    """Initialize UnityAuth CLI with first-time setup wizard.
+
+    Guides you through configuring the API endpoint and optionally
+    authenticating with your credentials.
+
+    \b
+    Examples:
+      unityauth init                                    # Interactive setup
+      unityauth init --api-url https://auth.example.com # Skip URL prompt
+      unityauth init --skip-login                       # Configure only, no login
+    """
+    console.print()
+    console.print("[bold cyan]Welcome to UnityAuth CLI![/bold cyan]")
+    console.print("Let's get you set up.\n")
+
+    # Step 1: Get API URL
+    if not api_url:
+        if not sys.stdin.isatty():
+            error(
+                "API URL required in non-interactive mode",
+                "Use --api-url option to specify the UnityAuth API endpoint"
+            )
+            sys.exit(4)
+
+        # Show current value if configured
+        current_url = ctx.config.get('api_url') if ctx.config else None
+        if current_url:
+            info(f"Current API URL: {current_url}")
+
+        api_url = click.prompt(
+            'API URL',
+            default=current_url or 'https://auth.example.com',
+            type=str
+        )
+
+    # Validate URL format
+    api_url = api_url.strip().rstrip('/')
+
+    if not validate_url(api_url, require_https=not allow_http):
+        if not allow_http and api_url.startswith('http://'):
+            error(
+                "HTTP URLs are not allowed by default (insecure)",
+                "Use HTTPS or add --allow-http flag if this is intentional"
+            )
+        else:
+            error(
+                "Invalid URL format",
+                "URL must start with https:// (e.g., https://auth.example.com)"
+            )
+        sys.exit(4)
+
+    # Step 2: Test connection
+    info(f"Testing connection to {api_url}...")
+
+    try:
+        # Try to reach the /keys endpoint (public, no auth required)
+        response = requests.get(f"{api_url}/keys", timeout=10)
+
+        if response.ok:
+            success("Connection successful")
+            if ctx.verbose:
+                info(f"Server responded with status {response.status_code}")
+        else:
+            # Server responded but with error
+            warning(f"Server responded with status {response.status_code}")
+            if not click.confirm("Continue anyway?", default=False):
+                info("Setup cancelled")
+                sys.exit(0)
+
+    except requests.ConnectionError:
+        error(
+            f"Could not connect to {api_url}",
+            "Check that the URL is correct and the server is running"
+        )
+        if not click.confirm("Save configuration anyway?", default=False):
+            info("Setup cancelled")
+            sys.exit(0)
+    except requests.Timeout:
+        warning("Connection timed out")
+        if not click.confirm("Save configuration anyway?", default=False):
+            info("Setup cancelled")
+            sys.exit(0)
+    except requests.RequestException as e:
+        warning(f"Connection test failed: {e}")
+        if not click.confirm("Save configuration anyway?", default=False):
+            info("Setup cancelled")
+            sys.exit(0)
+
+    # Step 3: Save configuration
+    try:
+        config = ctx.config or Configuration()
+        config.set('api_url', api_url)
+        config.save()
+        success(f"Configuration saved to {config.config_path}")
+    except Exception as e:
+        error(f"Failed to save configuration: {e}")
+        sys.exit(4)
+
+    # Step 4: Optionally login
+    if not skip_login:
+        console.print()
+        if sys.stdin.isatty() and click.confirm("Would you like to log in now?", default=True):
+            console.print()
+            _do_login(api_url, config, ctx.verbose)
+        else:
+            info("Skipping login. Run 'unityauth login' when ready.")
+
+    # Step 5: Show next steps
+    console.print()
+    console.print("[bold green]Setup complete![/bold green]")
+    console.print()
+    console.print("Next steps:")
+    console.print("  [dim]$[/dim] unityauth tenant list              [dim]# List your tenants[/dim]")
+    console.print("  [dim]$[/dim] unityauth user list --tenant-id 1  [dim]# List users in tenant 1[/dim]")
+    console.print("  [dim]$[/dim] unityauth role list                [dim]# List available roles[/dim]")
+    console.print("  [dim]$[/dim] unityauth --help                   [dim]# See all commands[/dim]")
+    console.print()
+
+
+def _do_login(api_url: str, config: Configuration, verbose: bool) -> None:
+    """Perform login as part of init wizard.
+
+    Args:
+        api_url: API endpoint URL
+        config: Configuration instance
+        verbose: Whether to show verbose output
+    """
+    from unityauth_cli import auth
+    from unityauth_cli.client import UnityAuthAPIClient
+
+    # Get email
+    email = click.prompt('Email', type=str)
+
+    if not validate_email(email):
+        error("Invalid email format")
+        return
+
+    # Get password
+    password = click.prompt('Password', hide_input=True, type=str)
+
+    # Attempt login
+    if verbose:
+        info(f"Authenticating with {api_url}...")
+
+    try:
+        timeout = config.get('timeout', 30)
+        client = UnityAuthAPIClient(api_url, timeout=timeout)
+        response = client.post('/api/login', data={
+            'username': email,
+            'password': password
+        })
+
+        # Extract token from response
+        token = response.get('access_token') or response.get('accessToken')
+        if not token:
+            error("Login failed: No token in response")
+            return
+
+        # Store token in keyring
+        auth.store_token(api_url, token)
+        success(f"Logged in as {email}")
+
+    except Exception as e:
+        error(f"Login failed: {e}")
+        info("You can try again later with 'unityauth login'")