@aifabrix/builder 2.3.6 → 2.5.0

package/lib/utils/api.js

@@ -15,24 +15,151 @@ const auditLogger = require('../audit-logger');
 
 /**
  * Logs API request performance metrics and errors to audit log
- * @param {string} url - API endpoint URL
- * @param {Object} options - Fetch options
- * @param {number} statusCode - HTTP status code
- * @param {number} duration - Request duration in milliseconds
- * @param {boolean} success - Whether the request was successful
- * @param {Object} errorInfo - Error information (if failed)
+ * @param {Object} params - Performance logging parameters
+ * @param {string} params.url - API endpoint URL
+ * @param {Object} params.options - Fetch options
+ * @param {number} params.statusCode - HTTP status code
+ * @param {number} params.duration - Request duration in milliseconds
+ * @param {boolean} params.success - Whether the request was successful
+ * @param {Object} [params.errorInfo] - Error information (if failed)
  */
-async function logApiPerformance(url, options, statusCode, duration, success, errorInfo = {}) {
+async function logApiPerformance(params) {
   // Log all API calls (both success and failure) to audit log for troubleshooting
   // This helps track what API calls were made when errors occur
   try {
-    await auditLogger.logApiCall(url, options, statusCode, duration, success, errorInfo);
+    await auditLogger.logApiCall(
+      params.url,
+      params.options,
+      params.statusCode,
+      params.duration,
+      params.success,
+      params.errorInfo || {}
+    );
   } catch (logError) {
     // Don't fail the API call if audit logging fails
     // Silently continue - audit logging should never break functionality
   }
 }
 
+/**
+ * Parses error response text into error data
+ * @param {string} errorText - Error response text
+ * @param {number} status - HTTP status code
+ * @param {string} statusText - HTTP status text
+ * @returns {Object|string} Parsed error data
+ */
+function parseErrorText(errorText, status, statusText) {
+  try {
+    return JSON.parse(errorText);
+  } catch {
+    return errorText || `HTTP ${status}: ${statusText}`;
+  }
+}
+
+/**
+ * Handles error response from API
+ * @async
+ * @function handleErrorResponse
+ * @param {Object} response - Fetch response object
+ * @param {string} url - API endpoint URL
+ * @param {Object} options - Fetch options
+ * @param {number} duration - Request duration
+ * @returns {Promise<Object>} Error response object
+ */
+async function handleErrorResponse(response, url, options, duration) {
+  const errorText = await response.text();
+  const errorData = parseErrorText(errorText, response.status, response.statusText);
+  const parsedError = parseErrorResponse(errorData, response.status, false);
+
+  await logApiPerformance({
+    url,
+    options,
+    statusCode: response.status,
+    duration,
+    success: false,
+    errorInfo: {
+      errorType: parsedError.type,
+      errorMessage: parsedError.message,
+      errorData: parsedError.data,
+      correlationId: parsedError.data?.correlationId
+    }
+  });
+
+  return {
+    success: false,
+    error: parsedError.message,
+    errorData: parsedError.data,
+    errorType: parsedError.type,
+    formattedError: parsedError.formatted,
+    status: response.status
+  };
+}
+
+/**
+ * Handles successful response from API
+ * @async
+ * @function handleSuccessResponse
+ * @param {Object} response - Fetch response object
+ * @param {string} url - API endpoint URL
+ * @param {Object} options - Fetch options
+ * @param {number} duration - Request duration
+ * @returns {Promise<Object>} Success response object
+ */
+async function handleSuccessResponse(response, url, options, duration) {
+  await logApiPerformance({
+    url,
+    options,
+    statusCode: response.status,
+    duration,
+    success: true
+  });
+
+  const contentType = response.headers.get('content-type');
+  if (contentType && contentType.includes('application/json')) {
+    const data = await response.json();
+    return { success: true, data, status: response.status };
+  }
+
+  const text = await response.text();
+  return { success: true, data: text, status: response.status };
+}
+
+/**
+ * Handles network error from API call
+ * @async
+ * @function handleNetworkError
+ * @param {Error} error - Network error
+ * @param {string} url - API endpoint URL
+ * @param {Object} options - Fetch options
+ * @param {number} duration - Request duration
+ * @returns {Promise<Object>} Error response object
+ */
+async function handleNetworkError(error, url, options, duration) {
+  const parsedError = parseErrorResponse(error.message, 0, true);
+
+  await logApiPerformance({
+    url,
+    options,
+    statusCode: 0,
+    duration,
+    success: false,
+    errorInfo: {
+      errorType: parsedError.type,
+      errorMessage: parsedError.message,
+      network: true
+    }
+  });
+
+  return {
+    success: false,
+    error: parsedError.message,
+    errorData: parsedError.data,
+    errorType: parsedError.type,
+    formattedError: parsedError.formatted,
+    network: true
+  };
+}
+
 /**
  * Make an API call with proper error handling
  * @param {string} url - API endpoint URL
@@ -47,76 +174,13 @@ async function makeApiCall(url, options = {}) {
     const duration = Date.now() - startTime;
 
     if (!response.ok) {
-      const errorText = await response.text();
-      let errorData;
-      try {
-        errorData = JSON.parse(errorText);
-      } catch {
-        errorData = errorText || `HTTP ${response.status}: ${response.statusText}`;
-      }
-
-      // Parse error using error handler
-      const parsedError = parseErrorResponse(errorData, response.status, false);
-
-      // Log error to audit log
-      await logApiPerformance(url, options, response.status, duration, false, {
-        errorType: parsedError.type,
-        errorMessage: parsedError.message,
-        errorData: parsedError.data,
-        correlationId: parsedError.data?.correlationId
-      });
-
-      return {
-        success: false,
-        error: parsedError.message,
-        errorData: parsedError.data,
-        errorType: parsedError.type,
-        formattedError: parsedError.formatted,
-        status: response.status
-      };
-    }
-
-    // Log successful API call to audit log
-    await logApiPerformance(url, options, response.status, duration, true);
-
-    const contentType = response.headers.get('content-type');
-    if (contentType && contentType.includes('application/json')) {
-      const data = await response.json();
-      return {
-        success: true,
-        data,
-        status: response.status
-      };
+      return await handleErrorResponse(response, url, options, duration);
     }
 
-    const text = await response.text();
-    return {
-      success: true,
-      data: text,
-      status: response.status
-    };
-
+    return await handleSuccessResponse(response, url, options, duration);
   } catch (error) {
     const duration = Date.now() - startTime;
-
-    // Parse network error using error handler
-    const parsedError = parseErrorResponse(error.message, 0, true);
-
-    // Log network error to audit log
-    await logApiPerformance(url, options, 0, duration, false, {
-      errorType: parsedError.type,
-      errorMessage: parsedError.message,
-      network: true
-    });
-
-    return {
-      success: false,
-      error: parsedError.message,
-      errorData: parsedError.data,
-      errorType: parsedError.type,
-      formattedError: parsedError.formatted,
-      network: true
-    };
+    return await handleNetworkError(error, url, options, duration);
   }
 }
 
@@ -186,286 +250,12 @@ async function authenticatedApiCall(url, options = {}, token) {
   return response;
 }
 
-/**
- * Parses device code response from API
- * Matches OpenAPI DeviceCodeResponse schema (camelCase)
- * @function parseDeviceCodeResponse
- * @param {Object} response - API response object
- * @returns {Object} Parsed device code response
- * @throws {Error} If response is invalid
- */
-function parseDeviceCodeResponse(response) {
-  // OpenAPI spec: { success: boolean, data: DeviceCodeResponse, timestamp: string }
-  const apiResponse = response.data;
-  const responseData = apiResponse.data || apiResponse;
-
-  // OpenAPI spec uses camelCase: deviceCode, userCode, verificationUri, expiresIn, interval
-  const deviceCode = responseData.deviceCode;
-  const userCode = responseData.userCode;
-  const verificationUri = responseData.verificationUri;
-  const expiresIn = responseData.expiresIn || 600;
-  const interval = responseData.interval || 5;
-
-  if (!deviceCode || !userCode || !verificationUri) {
-    throw new Error('Invalid device code response: missing required fields');
-  }
-
-  // Return in snake_case for internal consistency (used by existing code)
-  return {
-    device_code: deviceCode,
-    user_code: userCode,
-    verification_uri: verificationUri,
-    expires_in: expiresIn,
-    interval: interval
-  };
-}
-
-/**
- * Initiates OAuth2 Device Code Flow
- * Calls the device code endpoint to get device_code and user_code
- *
- * @async
- * @function initiateDeviceCodeFlow
- * @param {string} controllerUrl - Base URL of the controller
- * @param {string} environment - Environment key (e.g., 'miso', 'dev', 'tst', 'pro')
- * @returns {Promise<Object>} Device code response with device_code, user_code, verification_uri, expires_in, interval
- * @throws {Error} If initiation fails
- */
-async function initiateDeviceCodeFlow(controllerUrl, environment) {
-  if (!environment || typeof environment !== 'string') {
-    throw new Error('Environment key is required');
-  }
-
-  const url = `${controllerUrl}/api/v1/auth/login?environment=${encodeURIComponent(environment)}`;
-  const response = await makeApiCall(url, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/json'
-    }
-  });
-
-  if (!response.success) {
-    throw new Error(`Device code initiation failed: ${response.error || 'Unknown error'}`);
-  }
-
-  return parseDeviceCodeResponse(response);
-}
-
-/**
- * Checks if token has expired based on elapsed time
- * @function checkTokenExpiration
- * @param {number} startTime - Start time in milliseconds
- * @param {number} expiresIn - Expiration time in seconds
- * @throws {Error} If token has expired
- */
-function checkTokenExpiration(startTime, expiresIn) {
-  const maxWaitTime = (expiresIn + 30) * 1000;
-  if (Date.now() - startTime > maxWaitTime) {
-    throw new Error('Device code expired: Maximum polling time exceeded');
-  }
-}
-
-/**
- * Parses token response from API
- * Matches OpenAPI DeviceCodeTokenResponse schema (camelCase)
- * @function parseTokenResponse
- * @param {Object} response - API response object
- * @returns {Object|null} Parsed token response or null if pending
- */
-function parseTokenResponse(response) {
-  // OpenAPI spec: { success: boolean, data: DeviceCodeTokenResponse, timestamp: string }
-  const apiResponse = response.data;
-  const responseData = apiResponse.data || apiResponse;
-
-  const error = responseData.error || apiResponse.error;
-  if (error === 'authorization_pending' || error === 'slow_down') {
-    return null;
-  }
-
-  // OpenAPI spec uses camelCase: accessToken, refreshToken, expiresIn
-  const accessToken = responseData.accessToken;
-  const refreshToken = responseData.refreshToken;
-  const expiresIn = responseData.expiresIn || 3600;
-
-  if (!accessToken) {
-    throw new Error('Invalid token response: missing accessToken');
-  }
-
-  // Return in snake_case for internal consistency (used by existing code)
-  return {
-    access_token: accessToken,
-    refresh_token: refreshToken,
-    expires_in: expiresIn
-  };
-}
-
-/**
- * Handles polling errors
- * @function handlePollingErrors
- * @param {string} error - Error code
- * @param {number} status - HTTP status code
- * @throws {Error} For fatal errors
- * @returns {boolean} True if should continue polling
- */
-function handlePollingErrors(error, status) {
-  if (error === 'authorization_pending' || status === 202) {
-    return true;
-  }
-
-  // Check error field first, then status code
-  if (error === 'authorization_declined') {
-    throw new Error('Authorization declined: User denied the request');
-  }
-
-  if (error === 'expired_token' || status === 410) {
-    throw new Error('Device code expired: Please restart the authentication process');
-  }
-
-  if (error === 'slow_down') {
-    return true;
-  }
-
-  throw new Error(`Token polling failed: ${error}`);
-}
-
-/**
- * Waits for next polling interval
- * @async
- * @function waitForNextPoll
- * @param {number} interval - Polling interval in seconds
- * @param {boolean} slowDown - Whether to slow down
- */
-async function waitForNextPoll(interval, slowDown) {
-  const waitInterval = slowDown ? interval * 2 : interval;
-  await new Promise(resolve => setTimeout(resolve, waitInterval * 1000));
-}
-
-/**
- * Polls for token during Device Code Flow
- * Continuously polls the token endpoint until user approves or flow expires
- *
- * @async
- * @function pollDeviceCodeToken
- * @param {string} controllerUrl - Base URL of the controller
- * @param {string} deviceCode - Device code from initiation
- * @param {number} interval - Polling interval in seconds
- * @param {number} expiresIn - Expiration time in seconds
- * @param {Function} [onPoll] - Optional callback called on each poll attempt
- * @returns {Promise<Object>} Token response with access_token, refresh_token, expires_in
- * @throws {Error} If polling fails or token is expired/declined
- */
-async function pollDeviceCodeToken(controllerUrl, deviceCode, interval, expiresIn, onPoll) {
-  if (!deviceCode || typeof deviceCode !== 'string') {
-    throw new Error('Device code is required');
-  }
-
-  const url = `${controllerUrl}/api/v1/auth/login/device/token`;
-  const startTime = Date.now();
-
-  // eslint-disable-next-line no-constant-condition
-  while (true) {
-    checkTokenExpiration(startTime, expiresIn);
-
-    if (onPoll) {
-      onPoll();
-    }
-
-    const response = await makeApiCall(url, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({
-        deviceCode: deviceCode
-      })
-    });
-
-    if (response.success) {
-      const tokenResponse = parseTokenResponse(response);
-      if (tokenResponse) {
-        return tokenResponse;
-      }
-
-      const apiResponse = response.data;
-      const responseData = apiResponse.data || apiResponse;
-      const error = responseData.error || apiResponse.error;
-      const slowDown = error === 'slow_down';
-      await waitForNextPoll(interval, slowDown);
-      continue;
-    }
-
-    const apiResponse = response.data || {};
-    const errorData = typeof apiResponse === 'object' ? apiResponse : {};
-    const error = errorData.error || response.error || 'Unknown error';
-    const shouldContinue = handlePollingErrors(error, response.status);
-
-    if (shouldContinue) {
-      const slowDown = error === 'slow_down';
-      await waitForNextPoll(interval, slowDown);
-      continue;
-    }
-  }
-}
-
-/**
- * Displays device code information to the user
- * Formats user code and verification URL for easy reading
- *
- * @function displayDeviceCodeInfo
- * @param {string} userCode - User code to display
- * @param {string} verificationUri - Verification URL
- * @param {Object} logger - Logger instance with log method
- * @param {Object} chalk - Chalk instance for colored output
- */
-function displayDeviceCodeInfo(userCode, verificationUri, logger, chalk) {
-  logger.log(chalk.cyan('\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━'));
-  logger.log(chalk.cyan('  Device Code Flow Authentication'));
-  logger.log(chalk.cyan('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n'));
-  logger.log(chalk.yellow('To complete authentication:'));
-  logger.log(chalk.gray('  1. Visit: ') + chalk.blue.underline(verificationUri));
-  logger.log(chalk.gray('  2. Enter code: ') + chalk.bold.cyan(userCode));
-  logger.log(chalk.gray('  3. Approve the request\n'));
-  logger.log(chalk.gray('Waiting for approval...'));
-}
-
-/**
- * Refresh device code access token using refresh token
- * Uses OpenAPI /api/v1/auth/login/device/refresh endpoint
- *
- * @async
- * @function refreshDeviceToken
- * @param {string} controllerUrl - Base URL of the controller
- * @param {string} refreshToken - Refresh token from previous authentication
- * @returns {Promise<Object>} Token response with access_token, refresh_token, expires_in
- * @throws {Error} If refresh fails or refresh token is invalid/expired
- */
-async function refreshDeviceToken(controllerUrl, refreshToken) {
-  if (!refreshToken || typeof refreshToken !== 'string') {
-    throw new Error('Refresh token is required');
-  }
-
-  const url = `${controllerUrl}/api/v1/auth/login/device/refresh`;
-  const response = await makeApiCall(url, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/json'
-    },
-    body: JSON.stringify({ refreshToken })
-  });
-
-  if (!response.success) {
-    const errorMsg = response.error || 'Unknown error';
-    throw new Error(`Failed to refresh token: ${errorMsg}`);
-  }
-
-  // Parse response using existing parseTokenResponse function
-  const tokenResponse = parseTokenResponse(response);
-  if (!tokenResponse) {
-    throw new Error('Invalid refresh token response');
-  }
-
-  return tokenResponse;
-}
+const {
+  initiateDeviceCodeFlow,
+  pollDeviceCodeToken,
+  displayDeviceCodeInfo,
+  refreshDeviceToken
+} = require('./device-code');
 
 module.exports = {
   makeApiCall,

package/lib/utils/build-copy.js

@@ -28,7 +28,7 @@ const paths = require('./paths');
  *
  * @example
  * const devPath = await copyBuilderToDevDirectory('myapp', 1);
- * // Returns: '~/.aifabrix/applications-dev-1/myapp-dev-1'
+ * // Returns: '~/.aifabrix/applications-dev-1'
  */
 async function copyBuilderToDevDirectory(appName, developerId) {
   const builderPath = path.join(process.cwd(), 'builder', appName);
@@ -38,9 +38,8 @@ async function copyBuilderToDevDirectory(appName, developerId) {
     throw new Error(`Builder directory not found: ${builderPath}\nRun 'aifabrix create ${appName}' first`);
   }
 
-  // Get base directory (applications or applications-dev-{id})
-  const idNum = typeof developerId === 'string' ? parseInt(developerId, 10) : developerId;
-  const baseDir = paths.getApplicationsBaseDir(idNum);
+  // Get base directory (applications or applications-dev-{id}) using raw developerId text
+  const baseDir = paths.getApplicationsBaseDir(developerId);
 
   // Clear base directory before copying (delete all files)
   if (fsSync.existsSync(baseDir)) {
@@ -56,20 +55,14 @@ async function copyBuilderToDevDirectory(appName, developerId) {
     }
   }
 
-  // Get target directory using getDevDirectory()
+  // Get target directory using getDevDirectory() (root of applications folder)
   const devDir = getDevDirectory(appName, developerId);
 
   // Create target directory
   await fs.mkdir(devDir, { recursive: true });
 
-  // Copy files based on developer ID
-  if (idNum === 0) {
-    // Dev 0: Copy contents from builder/{appName}/ directly to applications/
-    await copyDirectory(builderPath, devDir);
-  } else {
-    // Dev > 0: Copy builder/{appName}/ to applications-dev-{id}/{appName}-dev-{id}/
-    await copyDirectory(builderPath, devDir);
-  }
+  // Copy files to root of applications folder (same behavior for all dev IDs)
+  await copyDirectory(builderPath, devDir);
 
   return devDir;
 }

package/lib/utils/compose-generator.js

@@ -349,7 +349,8 @@ async function generateDockerCompose(appName, appConfig, options) {
     ...networksConfig,
     envFile: envFileAbsolutePath,
     databasePasswords: databasePasswords,
-    devId: devId,
+    // IMPORTANT: pass numeric devId to templates so (eq devId 0) works correctly
+    devId: idNum,
     networkName: networkName,
     containerName: containerName
   };