@access-tokens/cli 1.0.0

package/LICENSE

@@ -0,0 +1,15 @@
+ISC License
+
+Copyright (c) 2025, Loan Crate, Inc.
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -0,0 +1,412 @@
+# @access-tokens/cli
+
+[![npm](https://img.shields.io/npm/v/@access-tokens/cli)](https://www.npmjs.com/package/@access-tokens/cli)
+[![License: ISC](https://img.shields.io/badge/License-ISC-blue.svg)](https://opensource.org/licenses/ISC)
+
+Command-line interface for managing Personal Access Tokens (PATs).
+
+## Features
+
+- **Token Management**: Issue, list, update, revoke, and restore tokens
+- **Configuration**: Named endpoints for easy multi-environment management
+- **Bulk Operations**: Sync tokens across environments from YAML config
+- **Local Generation**: Generate tokens without server connection
+- **Flexible Output**: JSON or human-readable output formats
+- **Secure Credentials**: Config file permission validation
+
+## Installation
+
+```bash
+npm install -g @access-tokens/cli
+```
+
+Or use with npx (no installation):
+
+```bash
+npx @access-tokens/cli --help
+```
+
+## Quick Start
+
+### Issue a Token
+
+```bash
+access-tokens issue \
+  --url https://api.example.com \
+  --admin-token <your-admin-token> \
+  --owner user@example.com \
+  --admin
+```
+
+### List Tokens
+
+```bash
+access-tokens list \
+  --url https://api.example.com \
+  --admin-token <your-admin-token>
+```
+
+### Using Named Endpoints
+
+Create a config file at `~/.access-tokens-cli/config.yaml`:
+
+```yaml
+endpoints:
+  prod:
+    url: https://api.example.com
+    adminToken: pat_prod_admin_token_here
+  staging:
+    url: https://staging.example.com
+    adminToken: pat_staging_admin_token_here
+```
+
+Then use the endpoint name:
+
+```bash
+access-tokens list --endpoint prod
+access-tokens issue --endpoint staging --owner user@example.com
+```
+
+## Commands
+
+### `generate`
+
+Generate a token locally without storing in database. Useful for pre-generating tokens.
+
+```bash
+access-tokens generate
+access-tokens generate --token-prefix myapp_
+access-tokens generate --token-id specific-id-123
+access-tokens generate --json
+```
+
+**Options:**
+
+- `--token-prefix <prefix>` - Token prefix (default: `pat_`)
+- `--token-id <id>` - Use specific token ID
+- `--json` - Output as JSON
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+**Output:**
+
+```
+Token: pat_9Xj2kLm5nPqRs7tUv.a8b9c0d1e2f3g4h5i6j7k8l9m0n1o2p3q4r5s6t7u8v9w0x1y2z3
+Token ID: 9Xj2kLm5nPqRs7tUv
+Secret PHC: $scrypt$n=16384,r=8,p=1$...
+```
+
+### `list`
+
+List all tokens.
+
+```bash
+access-tokens list --endpoint prod
+access-tokens list --url https://api.example.com --admin-token <token>
+access-tokens list --endpoint prod --include-revoked --include-expired
+access-tokens list --endpoint prod --json
+```
+
+**Options:**
+
+- `--endpoint <name>` - Named endpoint from config
+- `--url <url>` - Direct endpoint URL
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--include-revoked` - Include revoked tokens
+- `--include-expired` - Include expired tokens
+- `--include-secret-phc` - Include secret PHC hashes
+- `--json` - Output as JSON
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+### `issue`
+
+Issue a new token.
+
+```bash
+access-tokens issue \
+  --endpoint prod \
+  --owner user@example.com \
+  --admin
+
+access-tokens issue \
+  --url https://api.example.com \
+  --admin-token <token> \
+  --owner user@example.com \
+  --expires-at 2025-12-31
+```
+
+**Options:**
+
+- `--endpoint <name>` - Named endpoint from config
+- `--url <url>` - Direct endpoint URL
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--owner <email>` - Token owner (required)
+- `--admin` - Make token an admin token
+- `--expires-at <date>` - Expiration date (ISO 8601 or Unix timestamp)
+- `--json` - Output as JSON
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+**Date Formats:**
+
+- ISO 8601: `2025-12-31`, `2025-12-31T23:59:59Z`
+- Unix timestamp: `1735689599`
+
+### `register`
+
+Register a pre-generated token (from `generate` command).
+
+```bash
+access-tokens register \
+  --endpoint prod \
+  --token-id 9Xj2kLm5nPqRs7tUv \
+  --secret-phc '$scrypt$n=16384,r=8,p=1$...' \
+  --owner user@example.com
+```
+
+**Options:**
+
+- `--endpoint <name>` - Named endpoint from config
+- `--url <url>` - Direct endpoint URL
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--token-id <id>` - Pre-generated token ID (required)
+- `--secret-phc <phc>` - Secret PHC hash (required)
+- `--owner <email>` - Token owner (required)
+- `--admin` - Make token an admin token
+- `--expires-at <date>` - Expiration date
+- `--json` - Output as JSON
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+### `update`
+
+Update an existing token's properties.
+
+```bash
+access-tokens update \
+  --endpoint prod \
+  --token-id 9Xj2kLm5nPqRs7tUv \
+  --owner newuser@example.com
+
+access-tokens update \
+  --endpoint prod \
+  --token-id 9Xj2kLm5nPqRs7tUv \
+  --admin true
+
+access-tokens update \
+  --endpoint prod \
+  --token-id 9Xj2kLm5nPqRs7tUv \
+  --expires-at null
+```
+
+**Options:**
+
+- `--endpoint <name>` - Named endpoint from config
+- `--url <url>` - Direct endpoint URL
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--token-id <id>` - Token ID to update (required)
+- `--owner <email>` - New owner
+- `--admin <boolean>` - New admin status (true/false)
+- `--secret-phc <phc>` - New secret PHC hash
+- `--expires-at <date>` - New expiration or "null" to remove
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+### `revoke`
+
+Revoke a token.
+
+```bash
+access-tokens revoke --endpoint prod --token-id 9Xj2kLm5nPqRs7tUv
+
+# Revoke with cleanup in 30 days
+access-tokens revoke \
+  --endpoint prod \
+  --token-id 9Xj2kLm5nPqRs7tUv \
+  --expires-at 2025-12-31
+```
+
+**Options:**
+
+- `--endpoint <name>` - Named endpoint from config
+- `--url <url>` - Direct endpoint URL
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--token-id <id>` - Token ID to revoke (required)
+- `--expires-at <date>` - Expiration for cleanup (optional)
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+### `restore`
+
+Restore a previously revoked token.
+
+```bash
+access-tokens restore --endpoint prod --token-id 9Xj2kLm5nPqRs7tUv
+```
+
+**Options:**
+
+- `--endpoint <name>` - Named endpoint from config
+- `--url <url>` - Direct endpoint URL
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--token-id <id>` - Token ID to restore (required)
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+### `sync`
+
+Sync tokens from YAML config to endpoints. Ensures tokens exist with correct properties.
+
+**Sync Config (`sync.yaml`):**
+
+```yaml
+tokens:
+  - tokenId: service-a-prod
+    owner: service-a@example.com
+    isAdmin: false
+    secretPhc: $scrypt$n=16384,r=8,p=1$...
+    expiresAt: 1735689599
+
+  - tokenId: admin-bot
+    owner: admin-bot@example.com
+    isAdmin: true
+    secretPhc: $scrypt$n=16384,r=8,p=1$...
+```
+
+**Usage:**
+
+```bash
+# Sync to configured endpoints
+access-tokens sync --config sync.yaml
+
+# Sync to specific endpoint
+access-tokens sync --config sync.yaml --endpoint prod
+
+# Sync to direct URL
+access-tokens sync --config sync.yaml --url https://api.example.com --admin-token <token>
+
+# Dry run (preview changes)
+access-tokens sync --config sync.yaml --dry-run
+```
+
+**Options:**
+
+- `--config <path>` - Path to sync config YAML (required)
+- `--endpoint <name>` - Target endpoint(s), comma-separated
+- `--url <url>` - Direct endpoint URL (overrides config)
+- `--admin-token <token>` - Admin token (required with --url)
+- `--auth-path <path>` - Auth path (default: /auth)
+- `--admin-path <path>` - Admin path (default: /admin)
+- `--config-dir <path>` - Config directory (default: ~/.access-tokens-cli)
+- `--dry-run` - Show changes without applying
+- `--verbose` - Verbose output
+- `--quiet` - Minimal output
+
+## Configuration
+
+### Config File Location
+
+Default: `~/.access-tokens-cli/config.yaml`
+
+Override: `--config-dir <path>`
+
+### Config File Format
+
+```yaml
+endpoints:
+  prod:
+    url: https://api.example.com
+    adminToken: pat_prod_admin_token
+    authPath: /auth # optional, default: /auth
+    adminPath: /admin # optional, default: /admin
+
+  staging:
+    url: https://staging.example.com
+    adminToken: pat_staging_admin_token
+```
+
+### Security
+
+The CLI validates config file permissions and warns if the file is world-readable (mode 0644 or more permissive).
+
+**Secure your config:**
+
+```bash
+chmod 600 ~/.access-tokens-cli/config.yaml
+```
+
+## Output Formats
+
+### Human-Readable (Default)
+
+```
+Token issued successfully!
+
+TOKEN (save this securely, it won't be shown again):
+pat_9Xj2kLm5nPqRs7tUv.a8b9c0d1e2f3g4h5i6j7k8l9m0n1o2p3q4r5s6t7u8v9w0x1y2z3
+
+Token ID: 9Xj2kLm5nPqRs7tUv
+Owner: user@example.com
+Admin: true
+```
+
+### JSON (--json)
+
+```json
+{
+  "token": "pat_9Xj2kLm5nPqRs7tUv.a8b9c0d1e2f3g4h5i6j7k8l9m0n1o2p3q4r5s6t7u8v9w0x1y2z3",
+  "record": {
+    "tokenId": "9Xj2kLm5nPqRs7tUv",
+    "owner": "user@example.com",
+    "isAdmin": true,
+    "isRevoked": false,
+    "createdAt": 1704067200,
+    "updatedAt": 1704067200
+  }
+}
+```
+
+## Exit Codes
+
+- `0` - Success
+- `1` - Error (invalid arguments, API error, etc.)
+
+## Requirements
+
+- Node.js 20+
+- @access-tokens/express server (except generate)
+
+## Related Packages
+
+- [@access-tokens/core](https://www.npmjs.com/package/@access-tokens/core) - Core token management library
+- [@access-tokens/express](https://www.npmjs.com/package/@access-tokens/express) - Express routes and middleware
+- [@access-tokens/client](https://www.npmjs.com/package/@access-tokens/client) - HTTP client for PAT API
+
+## License
+
+[ISC](https://opensource.org/licenses/ISC) © 2025 Loan Crate, Inc.
+
+## Links
+
+- [GitHub Repository](https://github.com/loancrate/access-tokens)
+- [npm Package](https://www.npmjs.com/package/@access-tokens/cli)
+- [Documentation](https://github.com/loancrate/access-tokens#readme)

package/dist/cli.d.ts

@@ -0,0 +1,9 @@
+export type RunParameters = {
+    argv: string[];
+    env: NodeJS.ProcessEnv;
+    stdin: NodeJS.ReadableStream;
+    stdout: NodeJS.WritableStream;
+    stderr: NodeJS.WritableStream;
+};
+export declare function run(params: RunParameters): Promise<number>;
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":"AAWA,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,EAAE,MAAM,CAAC,UAAU,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC,cAAc,CAAC;IAC7B,MAAM,EAAE,MAAM,CAAC,cAAc,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC,cAAc,CAAC;CAC/B,CAAC;AAEF,wBAAsB,GAAG,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAmMhE"}

package/dist/cli.js

@@ -0,0 +1,141 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.run = run;
+const commander_1 = require("commander");
+const generate_1 = require("./commands/generate");
+const issue_1 = require("./commands/issue");
+const list_1 = require("./commands/list");
+const register_1 = require("./commands/register");
+const restore_1 = require("./commands/restore");
+const revoke_1 = require("./commands/revoke");
+const sync_1 = require("./commands/sync");
+const update_1 = require("./commands/update");
+async function run(params) {
+    const endpointOptions = () => [
+        new commander_1.Option("--endpoint <name>", "Named endpoint from config"),
+        new commander_1.Option("--url <url>", "Direct endpoint URL"),
+        new commander_1.Option("--admin-token <token>", "Admin token (required with --url)"),
+        new commander_1.Option("--auth-path <path>", "Auth path (default: /auth)"),
+        new commander_1.Option("--admin-path <path>", "Admin path (default: /admin)"),
+        new commander_1.Option("--config-dir <path>", "Config directory (default: ~/.access-tokens-cli)"),
+    ];
+    const outputOptions = () => [
+        new commander_1.Option("--verbose", "Verbose output"),
+        new commander_1.Option("--quiet", "Minimal output"),
+    ];
+    const jsonOption = () => new commander_1.Option("--json", "Output as JSON");
+    let exitCode = 0;
+    // Configure output streams for testing
+    function configureCommandOutput(cmd) {
+        cmd.configureOutput({
+            writeOut: (str) => params.stdout.write(str),
+            writeErr: (str) => params.stderr.write(str),
+            outputError: (str, write) => write(str),
+        });
+    }
+    // Configure exitOverride to prevent process.exit calls during tests
+    function configureExitOverride(cmd) {
+        cmd.exitOverride((err) => {
+            exitCode = err.exitCode ?? 1;
+            throw err;
+        });
+    }
+    function addOptions(command, options) {
+        options.forEach((opt) => command.addOption(opt));
+        configureCommandOutput(command);
+        configureExitOverride(command);
+        return command;
+    }
+    const program = new commander_1.Command();
+    program
+        .name("access-tokens-cli")
+        .description("CLI for managing personal access tokens");
+    addOptions(program
+        .command("generate")
+        .description("Generate a new token locally (without storing in database)")
+        .option("--token-prefix <prefix>", "Token prefix (default: pat_)")
+        .option("--token-id <id>", "Pre-generate with specific token ID"), [...outputOptions(), jsonOption()]).action(async (options) => {
+        await (0, generate_1.generateCommand)(options);
+    });
+    addOptions(program
+        .command("list")
+        .description("List tokens")
+        .option("--include-revoked", "Include revoked tokens")
+        .option("--include-expired", "Include expired tokens")
+        .option("--include-secret-phc", "Include secret PHC hashes"), [...endpointOptions(), ...outputOptions(), jsonOption()]).action(async (options) => {
+        await (0, list_1.listCommand)(options);
+    });
+    addOptions(program
+        .command("issue")
+        .description("Issue a new token")
+        .requiredOption("--owner <email>", "Token owner (usually email)")
+        .option("--admin", "Make token an admin token")
+        .option("--expires-at <date>", "Expiration date (ISO 8601 or Unix timestamp)"), [...endpointOptions(), ...outputOptions(), jsonOption()]).action(async (options) => {
+        await (0, issue_1.issueCommand)(options);
+    });
+    addOptions(program
+        .command("register")
+        .description("Register a token with pre-generated ID and secret hash")
+        .requiredOption("--token-id <id>", "Token ID")
+        .requiredOption("--secret-phc <phc>", "Secret PHC hash")
+        .requiredOption("--owner <email>", "Token owner (usually email)")
+        .option("--admin", "Make token an admin token")
+        .option("--expires-at <date>", "Expiration date (ISO 8601 or Unix timestamp)"), [...endpointOptions(), ...outputOptions(), jsonOption()]).action(async (options) => {
+        await (0, register_1.registerCommand)(options);
+    });
+    addOptions(program
+        .command("update")
+        .description("Update token properties")
+        .requiredOption("--token-id <id>", "Token ID")
+        .option("--owner <email>", "Update owner")
+        .option("--admin <boolean>", "Update admin status (true/false)", (val) => val === "true")
+        .option("--secret-phc <phc>", "Update secret PHC hash")
+        .option("--expires-at <date>", "Update expiration (ISO 8601, Unix timestamp, or 'null')"), [...endpointOptions(), ...outputOptions()]).action(async (options) => {
+        await (0, update_1.updateCommand)(options);
+    });
+    addOptions(program
+        .command("revoke")
+        .description("Revoke a token")
+        .requiredOption("--token-id <id>", "Token ID")
+        .option("--expires-at <date>", "Expiration date for revocation (ISO 8601 or Unix timestamp)"), [...endpointOptions(), ...outputOptions()]).action(async (options) => {
+        await (0, revoke_1.revokeCommand)(options);
+    });
+    addOptions(program
+        .command("restore")
+        .description("Restore a revoked token")
+        .requiredOption("--token-id <id>", "Token ID"), [...endpointOptions(), ...outputOptions()]).action(async (options) => {
+        await (0, restore_1.restoreCommand)(options);
+    });
+    addOptions(program
+        .command("sync")
+        .description("Sync tokens from YAML config to endpoints")
+        .requiredOption("--config <path>", "Path to sync config YAML file")
+        .option("--endpoint <name>", "Target specific endpoint(s) (comma-separated or multiple flags)")
+        .option("--url <url>", "Direct endpoint URL (overrides config endpoints)")
+        .option("--admin-token <token>", "Admin token (required with --url)")
+        .option("--auth-path <path>", "Auth path (default: /auth)")
+        .option("--admin-path <path>", "Admin path (default: /admin)")
+        .option("--dry-run", "Show what would be done without making changes")
+        .option("--config-dir <path>", "Config directory (default: ~/.access-tokens-cli)"), outputOptions()).action(async (options) => {
+        await (0, sync_1.syncCommand)(options);
+    });
+    // Configure output and exit override on the main program too
+    configureCommandOutput(program);
+    configureExitOverride(program);
+    try {
+        await program.parseAsync(params.argv, { from: "user" });
+    }
+    catch (err) {
+        if (err instanceof commander_1.CommanderError) {
+            // Commander errors are already handled by exitOverride
+            // exitCode is already set
+        }
+        else {
+            // Handle errors from command actions
+            params.stderr.write(`Error: ${err instanceof Error ? err.message : String(err)}\n`);
+            exitCode = 1;
+        }
+    }
+    return exitCode;
+}
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;AAmBA,kBAmMC;AAtND,yCAA4D;AAE5D,kDAAsD;AACtD,4CAAgD;AAChD,0CAA8C;AAC9C,kDAAsD;AACtD,gDAAoD;AACpD,8CAAkD;AAClD,0CAA8C;AAC9C,8CAAkD;AAU3C,KAAK,UAAU,GAAG,CAAC,MAAqB;IAC7C,MAAM,eAAe,GAAG,GAAG,EAAE,CAAC;QAC5B,IAAI,kBAAM,CAAC,mBAAmB,EAAE,4BAA4B,CAAC;QAC7D,IAAI,kBAAM,CAAC,aAAa,EAAE,qBAAqB,CAAC;QAChD,IAAI,kBAAM,CAAC,uBAAuB,EAAE,mCAAmC,CAAC;QACxE,IAAI,kBAAM,CAAC,oBAAoB,EAAE,4BAA4B,CAAC;QAC9D,IAAI,kBAAM,CAAC,qBAAqB,EAAE,8BAA8B,CAAC;QACjE,IAAI,kBAAM,CACR,qBAAqB,EACrB,kDAAkD,CACnD;KACF,CAAC;IAEF,MAAM,aAAa,GAAG,GAAG,EAAE,CAAC;QAC1B,IAAI,kBAAM,CAAC,WAAW,EAAE,gBAAgB,CAAC;QACzC,IAAI,kBAAM,CAAC,SAAS,EAAE,gBAAgB,CAAC;KACxC,CAAC;IAEF,MAAM,UAAU,GAAG,GAAG,EAAE,CAAC,IAAI,kBAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;IAEhE,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,uCAAuC;IACvC,SAAS,sBAAsB,CAAC,GAAY;QAC1C,GAAG,CAAC,eAAe,CAAC;YAClB,QAAQ,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC;YAC3C,QAAQ,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC;YAC3C,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC;SACxC,CAAC,CAAC;IACL,CAAC;IAED,oEAAoE;IACpE,SAAS,qBAAqB,CAAC,GAAY;QACzC,GAAG,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,EAAE;YACvB,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;YAC7B,MAAM,GAAG,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,SAAS,UAAU,CAAC,OAAgB,EAAE,OAAiB;QACrD,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;QACjD,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAChC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QAC/B,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;IAE9B,OAAO;SACJ,IAAI,CAAC,mBAAmB,CAAC;SACzB,WAAW,CAAC,yCAAyC,CAAC,CAAC;IAE1D,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,4DAA4D,CAAC;SACzE,MAAM,CAAC,yBAAyB,EAAE,8BAA8B,CAAC;SACjE,MAAM,CAAC,iBAAiB,EAAE,qCAAqC,CAAC,EACnE,CAAC,GAAG,aAAa,EAAE,EAAE,UAAU,EAAE,CAAC,CACnC,CAAC,MAAM,CAAC,KAAK,EAAE,OAA8C,EAAE,EAAE;QAChE,MAAM,IAAA,0BAAe,EAAC,OAAO,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,aAAa,CAAC;SAC1B,MAAM,CAAC,mBAAmB,EAAE,wBAAwB,CAAC;SACrD,MAAM,CAAC,mBAAmB,EAAE,wBAAwB,CAAC;SACrD,MAAM,CAAC,sBAAsB,EAAE,2BAA2B,CAAC,EAC9D,CAAC,GAAG,eAAe,EAAE,EAAE,GAAG,aAAa,EAAE,EAAE,UAAU,EAAE,CAAC,CACzD,CAAC,MAAM,CAAC,KAAK,EAAE,OAA0C,EAAE,EAAE;QAC5D,MAAM,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,mBAAmB,CAAC;SAChC,cAAc,CAAC,iBAAiB,EAAE,6BAA6B,CAAC;SAChE,MAAM,CAAC,SAAS,EAAE,2BAA2B,CAAC;SAC9C,MAAM,CACL,qBAAqB,EACrB,8CAA8C,CAC/C,EACH,CAAC,GAAG,eAAe,EAAE,EAAE,GAAG,aAAa,EAAE,EAAE,UAAU,EAAE,CAAC,CACzD,CAAC,MAAM,CAAC,KAAK,EAAE,OAA2C,EAAE,EAAE;QAC7D,MAAM,IAAA,oBAAY,EAAC,OAAO,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,wDAAwD,CAAC;SACrE,cAAc,CAAC,iBAAiB,EAAE,UAAU,CAAC;SAC7C,cAAc,CAAC,oBAAoB,EAAE,iBAAiB,CAAC;SACvD,cAAc,CAAC,iBAAiB,EAAE,6BAA6B,CAAC;SAChE,MAAM,CAAC,SAAS,EAAE,2BAA2B,CAAC;SAC9C,MAAM,CACL,qBAAqB,EACrB,8CAA8C,CAC/C,EACH,CAAC,GAAG,eAAe,EAAE,EAAE,GAAG,aAAa,EAAE,EAAE,UAAU,EAAE,CAAC,CACzD,CAAC,MAAM,CAAC,KAAK,EAAE,OAA8C,EAAE,EAAE;QAChE,MAAM,IAAA,0BAAe,EAAC,OAAO,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,yBAAyB,CAAC;SACtC,cAAc,CAAC,iBAAiB,EAAE,UAAU,CAAC;SAC7C,MAAM,CAAC,iBAAiB,EAAE,cAAc,CAAC;SACzC,MAAM,CACL,mBAAmB,EACnB,kCAAkC,EAClC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,MAAM,CACxB;SACA,MAAM,CAAC,oBAAoB,EAAE,wBAAwB,CAAC;SACtD,MAAM,CACL,qBAAqB,EACrB,yDAAyD,CAC1D,EACH,CAAC,GAAG,eAAe,EAAE,EAAE,GAAG,aAAa,EAAE,CAAC,CAC3C,CAAC,MAAM,CAAC,KAAK,EAAE,OAA4C,EAAE,EAAE;QAC9D,MAAM,IAAA,sBAAa,EAAC,OAAO,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,gBAAgB,CAAC;SAC7B,cAAc,CAAC,iBAAiB,EAAE,UAAU,CAAC;SAC7C,MAAM,CACL,qBAAqB,EACrB,6DAA6D,CAC9D,EACH,CAAC,GAAG,eAAe,EAAE,EAAE,GAAG,aAAa,EAAE,CAAC,CAC3C,CAAC,MAAM,CAAC,KAAK,EAAE,OAA4C,EAAE,EAAE;QAC9D,MAAM,IAAA,sBAAa,EAAC,OAAO,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,SAAS,CAAC;SAClB,WAAW,CAAC,yBAAyB,CAAC;SACtC,cAAc,CAAC,iBAAiB,EAAE,UAAU,CAAC,EAChD,CAAC,GAAG,eAAe,EAAE,EAAE,GAAG,aAAa,EAAE,CAAC,CAC3C,CAAC,MAAM,CAAC,KAAK,EAAE,OAA6C,EAAE,EAAE;QAC/D,MAAM,IAAA,wBAAc,EAAC,OAAO,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,UAAU,CACR,OAAO;SACJ,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,2CAA2C,CAAC;SACxD,cAAc,CAAC,iBAAiB,EAAE,+BAA+B,CAAC;SAClE,MAAM,CACL,mBAAmB,EACnB,iEAAiE,CAClE;SACA,MAAM,CAAC,aAAa,EAAE,kDAAkD,CAAC;SACzE,MAAM,CAAC,uBAAuB,EAAE,mCAAmC,CAAC;SACpE,MAAM,CAAC,oBAAoB,EAAE,4BAA4B,CAAC;SAC1D,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,CAAC;SAC7D,MAAM,CAAC,WAAW,EAAE,gDAAgD,CAAC;SACrE,MAAM,CACL,qBAAqB,EACrB,kDAAkD,CACnD,EACH,aAAa,EAAE,CAChB,CAAC,MAAM,CAAC,KAAK,EAAE,OAA0C,EAAE,EAAE;QAC5D,MAAM,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,6DAA6D;IAC7D,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAChC,qBAAqB,CAAC,OAAO,CAAC,CAAC;IAE/B,IAAI,CAAC;QACH,MAAM,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,0BAAc,EAAE,CAAC;YAClC,uDAAuD;YACvD,0BAA0B;QAC5B,CAAC;aAAM,CAAC;YACN,qCAAqC;YACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CACjB,UAAU,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAC/D,CAAC;YACF,QAAQ,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/commands/generate.d.ts

@@ -0,0 +1,9 @@
+export type GenerateOptions = {
+    tokenPrefix?: string;
+    tokenId?: string;
+    json?: boolean;
+    verbose?: boolean;
+    quiet?: boolean;
+};
+export declare function generateCommand(options: GenerateOptions): Promise<void>;
+//# sourceMappingURL=generate.d.ts.map

package/dist/commands/generate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate.d.ts","sourceRoot":"","sources":["../../src/commands/generate.ts"],"names":[],"mappings":"AAIA,MAAM,MAAM,eAAe,GAAG;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,wBAAsB,eAAe,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CAiC7E"}

package/dist/commands/generate.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateCommand = generateCommand;
+const core_1 = require("@access-tokens/core");
+const logger_1 = require("../utils/logger");
+async function generateCommand(options) {
+    const logger = new logger_1.Logger(options);
+    // Create a DynamoDBPat instance with minimal configuration
+    // Table name is not used by generate()
+    const pat = new core_1.DynamoDBPat({
+        tableName: "unused-table-name",
+        tokenPrefix: options.tokenPrefix,
+    });
+    logger.verbose("Generating new token...");
+    // Generate a new token
+    const { token, tokenId, secretPhc } = await pat.generate({
+        tokenId: options.tokenId,
+    });
+    if (options.json) {
+        logger.json({ token, tokenId, secretPhc });
+    }
+    else {
+        logger.success("Here is your new personal access token. Don't share it with anyone!");
+        logger.info("");
+        logger.info(token);
+        logger.info("");
+        logger.info("Provide the following information to your administrator to register the token:");
+        logger.info("");
+        logger.info(`Token ID: ${tokenId}`);
+        logger.info(`Secret hash: ${secretPhc}`);
+    }
+}
+//# sourceMappingURL=generate.js.map

package/dist/commands/generate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate.js","sourceRoot":"","sources":["../../src/commands/generate.ts"],"names":[],"mappings":";;AAYA,0CAiCC;AA7CD,8CAAkD;AAElD,4CAAyC;AAUlC,KAAK,UAAU,eAAe,CAAC,OAAwB;IAC5D,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,OAAO,CAAC,CAAC;IAEnC,2DAA2D;IAC3D,uCAAuC;IACvC,MAAM,GAAG,GAAG,IAAI,kBAAW,CAAC;QAC1B,SAAS,EAAE,mBAAmB;QAC9B,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC,CAAC;IAEH,MAAM,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;IAE1C,uBAAuB;IACvB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC;QACvD,OAAO,EAAE,OAAO,CAAC,OAAO;KACzB,CAAC,CAAC;IAEH,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,OAAO,CACZ,qEAAqE,CACtE,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChB,MAAM,CAAC,IAAI,CACT,gFAAgF,CACjF,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,aAAa,OAAO,EAAE,CAAC,CAAC;QACpC,MAAM,CAAC,IAAI,CAAC,gBAAgB,SAAS,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC"}

package/dist/commands/issue.d.ts

@@ -0,0 +1,16 @@
+export type IssueOptions = {
+    endpoint?: string;
+    url?: string;
+    adminToken?: string;
+    authPath?: string;
+    adminPath?: string;
+    owner: string;
+    admin?: boolean;
+    expiresAt?: string;
+    configDir?: string;
+    json?: boolean;
+    verbose?: boolean;
+    quiet?: boolean;
+};
+export declare function issueCommand(options: IssueOptions): Promise<void>;
+//# sourceMappingURL=issue.d.ts.map

package/dist/commands/issue.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"issue.d.ts","sourceRoot":"","sources":["../../src/commands/issue.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,wBAAsB,YAAY,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAgCvE"}