@aiam/ciba 0.8.9 → 0.9.1

package/ciba.mjs

@@ -656,7 +656,7 @@ const tokenCmd = defineCommand({
     ...outputArgs,
   },
   async run({ args }) {
-    const tokenScript = join(_dirname(_fileURLToPath(import.meta.url)), 'token.mjs');
+    const tokenScript = join(_pkgDir, "token.mjs");
     const argv = [tokenScript];
     if (args.resource) argv.push('--resource', args.resource);
     if (args.json) argv.push('--json');
@@ -677,7 +677,7 @@ const refreshCmd = defineCommand({
   async run({ args }) {
     // refresh writes to device-doc requests and returns immediately.
     // token.mjs will pick up the new token when it arrives.
-    const tokenScript = join(_dirname(_fileURLToPath(import.meta.url)), 'token.mjs');
+    const tokenScript = join(_pkgDir, "token.mjs");
     const argv = [tokenScript, '--refresh'];
     if (args.resource) argv.push('--resource', args.resource);
     if (args.json) argv.push('--json');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aiam/ciba",
-  "version": "0.8.9",
+  "version": "0.9.1",
   "description": "OAuth 2.0 Device Authorization Grant CLI with cross-device push approval (Yjs sync, ECDH-encrypted token delivery, persistent device id)",
   "type": "module",
   "bin": {

package/token.mjs

@@ -167,6 +167,31 @@ const meta = deviceDoc.getMap('meta');
 if (meta.get('public_key') !== publicKey) meta.set('public_key', publicKey);
 
 const resourcesMap = deviceDoc.getMap('resources');
+const optionsMap = deviceDoc.getMap('options');
+
+// Read server options — resolve short name or use as-is.
+// options.resources = { webagents: { default: true, ... }, a2a: { ... }, ... }
+const serverResources = optionsMap.get('resources') ?? {};
+const resourceNames = Object.keys(serverResources);
+
+// Resolve the requested resource:
+// 1. If resource matches a short name directly → use it
+// 2. If resource is a URN → use it as-is
+// 3. If no resource → use default from options
+let resolvedResource = resource;
+if (!resource.includes(':') && !resourceNames.includes(resource)) {
+  // Try to find a match case-insensitively
+  const match = resourceNames.find(n => n.toLowerCase() === resource.toLowerCase());
+  if (match) resolvedResource = match;
+}
+if (!resource) {
+  // Use default
+  const def = resourceNames.find(n => serverResources[n]?.default);
+  resolvedResource = def ?? resource;
+}
+
+log(`→ options:   ${JSON.stringify(serverResources)}`);
+log(`→ resolved:  ${resolvedResource}`);
 log(`→ resources: ${JSON.stringify([...resourcesMap.entries()])}`);
 
 // Refresh mode: write request and exit immediately.
@@ -180,7 +205,7 @@ if (isRefresh) {
 }
 
 // tryGet immediately
-const found = tryGet(resourcesMap, deviceDoc, resource);
+const found = tryGet(resourcesMap, deviceDoc, resolvedResource);
 if (found) {
   log('→ cache hit');
   const token = decrypt(found);
@@ -192,8 +217,8 @@ if (found) {
 // Cache miss — write request
 const requests = deviceDoc.getMap('requests');
 const newRid = randomBytes(8).toString('base64url');
-log(`→ cache miss — writing request ${newRid}`);
-requests.set(newRid, { resource, status: 'pending', created_at: new Date().toISOString() });
+log(`→ cache miss — writing request ${newRid} resource=${resolvedResource}`);
+requests.set(newRid, { resource: resolvedResource, status: 'pending', created_at: new Date().toISOString() });
 
 // Wait for resources to update
 log('→ waiting for token...');
@@ -205,7 +230,7 @@ const token = await new Promise((resolve, reject) => {
 
   const observer = () => {
     log(`→ resources updated: ${JSON.stringify([...resourcesMap.entries()])}`);
-    const found = tryGet(resourcesMap, deviceDoc, resource);
+    const found = tryGet(resourcesMap, deviceDoc, resolvedResource);
     if (found) {
       clearTimeout(timer);
       resourcesMap.unobserve(observer);