@alchemy/cli 0.6.2 → 0.7.0-alpha.11

package/dist/{chunk-UMKDYHMO.js → chunk-KJ5VM7FE.js}

@@ -1,26 +1,17 @@
 #!/usr/bin/env node
 if(process.argv.includes("--no-color"))process.env.NO_COLOR="1";
 import {
-  AUTH_PORT,
-  exchangeCodeForToken,
-  openBrowser,
-  prepareBrowserLogin,
-  revokeToken,
-  waitForCallback
-} from "./chunk-FFMNT74F.js";
+  completeLogin,
+  prepareLogin,
+  revokeToken
+} from "./chunk-EKBSQAEG.js";
 import {
   isInteractiveAllowed
-} from "./chunk-KDMIWPZH.js";
+} from "./chunk-JMDBEC5L.js";
 import {
   AdminClient,
   resolveAuthToken
-} from "./chunk-ATX65U7J.js";
-import {
-  deleteCredentials,
-  getCredentials,
-  getStorageBackend,
-  saveCredentials
-} from "./chunk-JQRGILIS.js";
+} from "./chunk-A6BWLRFV.js";
 import {
   bold,
   brand,
@@ -29,12 +20,13 @@ import {
   promptAutocomplete,
   promptText,
   withSpinner
-} from "./chunk-NBDWF4ZQ.js";
+} from "./chunk-AFD4Y42F.js";
 import {
+  configPath,
   load,
   maskIf,
   save
-} from "./chunk-BAAQ7ELR.js";
+} from "./chunk-HGZTGSXO.js";
 import {
   CLIError,
   ErrorCode,
@@ -42,7 +34,7 @@ import {
   exitWithError,
   isJSONMode,
   printHuman
-} from "./chunk-56ZVYB4G.js";
+} from "./chunk-OLVYWGY6.js";
 
 // src/commands/auth.ts
 function registerAuth(program) {
@@ -51,7 +43,7 @@ function registerAuth(program) {
     const yes = opts.yes || cmd.opts().yes;
     try {
       if (!opts.force) {
-        const existing = await resolveAuthToken();
+        const existing = resolveAuthToken();
         if (existing) {
           printHuman(
             `  ${green("\u2713")} Already authenticated
@@ -64,108 +56,79 @@ function registerAuth(program) {
         }
       }
       if (opts.force) {
-        const existingCreds = await getCredentials();
-        const tokenToRevoke = existingCreds?.auth_token;
-        if (!tokenToRevoke) {
-          const cfg2 = load();
-          if (cfg2.auth_token) {
-            await revokeToken(cfg2.auth_token);
-            save({ ...cfg2, auth_token: void 0, auth_token_expires_at: void 0 });
-          }
-        } else {
-          await revokeToken(tokenToRevoke);
+        const cfg2 = load();
+        if (cfg2.auth_token) {
+          await revokeToken(cfg2.auth_token);
+          save({ ...cfg2, auth_token: void 0, auth_token_expires_at: void 0 });
         }
-        await deleteCredentials();
       }
-      const prepared = prepareBrowserLogin();
-      const callbackPromise = waitForCallback(AUTH_PORT);
+      const prepared = prepareLogin();
       if (!isJSONMode()) {
         console.log("");
         console.log(`  ${brand("\u25C6")} ${bold("Alchemy Authentication")}`);
         console.log(`  ${dim("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500")}`);
         console.log("");
-        console.log(`  ${dim(prepared.authorizeUrl)}`);
+        console.log(`  ${dim(prepared.loginUrl)}`);
         console.log("");
       }
-      let browserOpened = false;
+      const promptAbort = new AbortController();
+      let earlyAuth = false;
+      prepared.callbackPromise.then(() => {
+        earlyAuth = true;
+        promptAbort.abort();
+      }).catch(() => {
+      });
       if (!yes && !isJSONMode() && isInteractiveAllowed(program)) {
-        const promptResult = await Promise.race([
-          promptText({
-            message: "Press Enter to open browser, or paste the URL above to log in manually",
-            cancelMessage: "Login cancelled."
-          }),
-          callbackPromise.then(() => "callback_received")
-        ]);
-        if (promptResult === null) return;
-        if (promptResult !== "callback_received") {
-          if (!isJSONMode()) {
-            console.log(`  Opening browser to log in...`);
-            console.log(`  ${dim("Waiting for authentication...")}`);
-          }
-          openBrowser(prepared.authorizeUrl);
-          browserOpened = true;
-        }
-      }
-      if (!browserOpened && yes) {
-        if (!isJSONMode()) {
-          console.log(`  Opening browser to log in...`);
-          console.log(`  ${dim("Waiting for authentication...")}`);
+        const answer = await promptText({
+          message: "Press Enter to open browser, or paste the link above to authenticate",
+          cancelMessage: "Login cancelled.",
+          abortSignal: promptAbort.signal
+        });
+        if (answer === null) {
+          prepared.cancel();
+          return;
         }
-        openBrowser(prepared.authorizeUrl);
       }
-      const callback = await callbackPromise;
-      if (callback.state !== prepared.state) {
-        callback.sendError("State mismatch \u2014 possible CSRF attack.");
-        throw new Error("OAuth state mismatch. Authentication aborted.");
-      }
-      let result;
-      try {
-        result = await exchangeCodeForToken(callback.code, AUTH_PORT, {
-          codeVerifier: prepared.codeVerifier
-        });
-        callback.sendSuccess();
-      } catch (err) {
-        callback.sendError("Failed to complete authentication. Please try again.");
-        throw err;
+      if (!earlyAuth && !isJSONMode()) {
+        console.log(`  Opening browser to log in...`);
+        console.log(`  ${dim("Waiting for authentication...")}`);
       }
-      await saveCredentials({
+      const result = await completeLogin(prepared, {
+        skipBrowserOpen: earlyAuth
+      });
+      const cfg = load();
+      const hasConfiguredApp = Boolean(cfg.app);
+      save({
+        ...cfg,
         auth_token: result.token,
         auth_token_expires_at: result.expiresAt
       });
-      const cfg = load();
-      if (cfg.auth_token) {
-        save({ ...cfg, auth_token: void 0, auth_token_expires_at: void 0 });
-      }
       const expiresAt = result.expiresAt;
-      const backend = await getStorageBackend();
       printHuman(
         `  ${green("\u2713")} Logged in successfully
-  ${dim("Credentials stored in")} ${backend}
+  ${dim("Token saved to")} ${configPath()}
   ${dim("Expires:")} ${expiresAt}
 `,
         {
           status: "authenticated",
           expiresAt,
-          storageBackend: backend
+          configPath: configPath()
         }
       );
-      if (isInteractiveAllowed(program)) {
+      if (isInteractiveAllowed(program) && !hasConfiguredApp) {
         await selectAppAfterAuth(result.token);
       }
-      process.exit(0);
     } catch (err) {
       exitWithError(
         err instanceof CLIError ? err : new CLIError(ErrorCode.AUTH_REQUIRED, String(err.message))
       );
     }
   });
-  cmd.command("status").description("Show current authentication status").action(async () => {
+  cmd.command("status").description("Show current authentication status").action(() => {
     try {
-      const creds = await getCredentials();
       const cfg = load();
-      const validToken = await resolveAuthToken(cfg);
-      const hasToken = creds?.auth_token || cfg.auth_token;
-      if (!hasToken) {
+      const validToken = resolveAuthToken(cfg);
+      if (!cfg.auth_token) {
         printHuman(
           `  ${dim("Not authenticated. Run")} alchemy auth ${dim("to log in.")}
 `,
@@ -181,20 +144,15 @@ function registerAuth(program) {
         );
         return;
       }
-      const expiresAt = creds?.auth_token_expires_at || cfg.auth_token_expires_at || "unknown";
-      const backend = await getStorageBackend();
-      const storedIn = creds?.auth_token ? backend : "config file (legacy)";
       printHuman(
         `  ${green("\u2713")} Authenticated
   ${dim("Token:")} ${maskIf(validToken)}
-  ${dim("Storage:")} ${storedIn}
-  ${dim("Expires:")} ${expiresAt}
+  ${dim("Expires:")} ${cfg.auth_token_expires_at || "unknown"}
 `,
         {
           authenticated: true,
           expired: false,
-          expiresAt,
-          storageBackend: storedIn
+          expiresAt: cfg.auth_token_expires_at
         }
       );
     } catch (err) {
@@ -203,17 +161,14 @@ function registerAuth(program) {
   });
   cmd.command("logout").description("Clear saved authentication token").action(async () => {
     try {
-      const creds = await getCredentials();
       const cfg = load();
-      const activeToken = creds?.auth_token || cfg.auth_token;
       let revokeResult;
-      if (activeToken) {
-        revokeResult = await revokeToken(activeToken);
+      if (cfg.auth_token) {
+        revokeResult = await revokeToken(cfg.auth_token);
       }
-      await deleteCredentials();
-      const { auth_token: _, auth_token_expires_at: __, app: ___, ...rest } = cfg;
+      const { auth_token: _, auth_token_expires_at: __, ...rest } = cfg;
       save(rest);
-      if (!activeToken) {
+      if (!cfg.auth_token) {
         printHuman(
           `  ${dim("No active session.")}
 `,