@authrim/setup 0.1.0

package/README.md

@@ -0,0 +1,303 @@
+# @authrim/setup
+
+> CLI and Web UI for setting up Authrim OIDC Provider on Cloudflare Workers
+
+[![npm version](https://img.shields.io/npm/v/@authrim/setup.svg)](https://www.npmjs.com/package/@authrim/setup)
+[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](../../LICENSE)
+
+## Overview
+
+`@authrim/setup` is the official setup tool for deploying [Authrim](https://github.com/sgrastar/authrim) to Cloudflare Workers. It provides both an interactive CLI and a Web UI to guide you through:
+
+- Provisioning Cloudflare resources (D1 databases, KV namespaces, Queues)
+- Generating cryptographic keys and secrets
+- Configuring environment-specific settings
+- Deploying all Authrim workers in the correct order
+- Setting up the initial administrator account
+
+## Quick Start
+
+```bash
+# Using npx (recommended)
+npx @authrim/setup
+
+# Or install globally
+npm install -g @authrim/setup
+authrim-setup
+```
+
+## Usage Modes
+
+### 1. Web UI Mode (Default)
+
+Run without arguments to launch the interactive Web UI:
+
+```bash
+npx @authrim/setup
+```
+
+This opens a browser with a step-by-step wizard that guides you through the entire setup process.
+
+### 2. CLI Mode
+
+For terminal-based setup or CI/CD integration:
+
+```bash
+npx @authrim/setup --cli
+```
+
+### 3. Deploy Existing Configuration
+
+If you already have an `authrim-config.json`:
+
+```bash
+npx @authrim/setup deploy --config ./authrim-config.json --env prod
+```
+
+## Commands
+
+### `init`
+
+Initialize a new Authrim project:
+
+```bash
+authrim-setup init [options]
+
+Options:
+  -e, --env <env>      Environment name (default: "dev")
+  -d, --dir <dir>      Output directory (default: ".")
+  --keys-dir <dir>     Directory for keys (default: ".keys")
+  --skip-keys          Skip key generation
+  --skip-provision     Skip resource provisioning
+  -y, --yes            Skip confirmation prompts
+```
+
+### `deploy`
+
+Deploy Authrim to Cloudflare:
+
+```bash
+authrim-setup deploy [options]
+
+Options:
+  -c, --config <path>  Config file path (default: "authrim-config.json")
+  -e, --env <env>      Environment name
+  --component <name>   Deploy single component
+  --dry-run            Preview without deploying
+  --skip-secrets       Skip secrets upload
+  --skip-ui            Skip UI deployment
+  -y, --yes            Skip confirmation prompts
+```
+
+### `status`
+
+Check deployment status:
+
+```bash
+authrim-setup status [options]
+
+Options:
+  -c, --config <path>  Config file path
+```
+
+## Configuration Files
+
+### authrim-config.json
+
+The main configuration file containing all environment settings:
+
+```json
+{
+  "version": "1.0.0",
+  "environment": {
+    "prefix": "prod"
+  },
+  "urls": {
+    "api": {
+      "custom": "https://auth.example.com",
+      "auto": "https://prod-ar-router.workers.dev"
+    },
+    "loginUi": {
+      "custom": "https://login.example.com",
+      "auto": "https://prod-ar-ui.pages.dev"
+    },
+    "adminUi": {
+      "custom": null,
+      "auto": "https://prod-ar-ui.pages.dev/admin"
+    }
+  },
+  "components": {
+    "api": true,
+    "loginUi": true,
+    "adminUi": true,
+    "saml": false,
+    "async": false,
+    "vc": false
+  },
+  "keys": {
+    "keyId": "kid-xxxxxxxx",
+    "secretsPath": "./.keys/"
+  }
+}
+```
+
+### authrim-lock.json
+
+Records provisioned resource IDs for re-deployment:
+
+```json
+{
+  "version": "1.0.0",
+  "env": "prod",
+  "d1": {
+    "DB": { "name": "prod-authrim-core-db", "id": "..." },
+    "PII_DB": { "name": "prod-authrim-pii-db", "id": "..." }
+  },
+  "kv": {
+    "CLIENTS_CACHE": { "name": "prod-CLIENTS_CACHE", "id": "..." },
+    "SETTINGS": { "name": "prod-SETTINGS", "id": "..." }
+  }
+}
+```
+
+### .keys/ Directory
+
+Contains sensitive cryptographic material (gitignored):
+
+```
+.keys/
+├── private.pem              # RSA private key for JWT signing
+├── public.jwk.json          # Public key in JWK format
+├── rp_token_encryption_key.txt
+├── admin_api_secret.txt
+├── key_manager_secret.txt
+└── setup_token.txt          # Initial admin setup token
+```
+
+## Deployment Order
+
+Authrim workers are deployed in a specific order to satisfy dependencies:
+
+```
+Level 0: ar-lib-core         # Durable Objects definitions (always first)
+Level 1: ar-discovery        # Discovery endpoint
+Level 2: ar-auth, ar-token, ar-userinfo, ar-management  # Core services (parallel)
+Level 3: ar-async, ar-saml, ar-vc, ar-bridge           # Optional (parallel)
+Level 4: ar-router           # Service bindings (always last)
+Level 5: ar-ui               # Cloudflare Pages (optional)
+```
+
+## Initial Admin Setup
+
+After deployment, the CLI displays a one-time setup URL:
+
+```
+━━━ Initial Admin Setup ━━━
+
+To create the initial administrator account, visit:
+
+  https://auth.example.com/setup?token=abc123...
+
+⚠️  Important:
+  • This link expires in 1 hour
+  • Setup can only be completed once
+  • You will need to register a Passkey (biometric/security key)
+```
+
+This URL allows you to:
+1. Register a Passkey as the system administrator
+2. Access the Admin Dashboard
+3. Create OAuth clients and configure settings
+
+## Security Features
+
+- **Session Token Authentication**: API endpoints require session tokens to prevent unauthorized access
+- **Path Traversal Prevention**: Key storage directory is validated to prevent directory traversal attacks
+- **Command Injection Prevention**: Browser launch URLs are validated to prevent shell injection
+- **Error Sanitization**: Error messages are sanitized to prevent information leakage
+- **Operation Locking**: Concurrent operations are serialized to prevent race conditions
+- **Localhost-Only Web UI**: Web UI only binds to localhost for security
+
+## Environment Variables
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| `PORT` | Web UI server port | `3456` |
+| `HOST` | Web UI server host | `localhost` |
+
+## Development
+
+### Local Testing
+
+```bash
+# From the authrim repository root
+cd packages/setup
+
+# Run in development mode
+pnpm dev
+
+# Build and run
+pnpm build
+pnpm start
+
+# Run tests
+pnpm test
+```
+
+### Using with pnpm link
+
+```bash
+# In packages/setup
+pnpm build
+pnpm link --global
+
+# In another directory
+authrim-setup --help
+```
+
+## Requirements
+
+- Node.js >= 20.0.0
+- [Wrangler CLI](https://developers.cloudflare.com/workers/wrangler/) installed and authenticated
+- Cloudflare account with Workers Paid plan (for D1, KV, Durable Objects)
+
+## Troubleshooting
+
+### "Wrangler is not installed"
+
+Install wrangler globally:
+
+```bash
+npm install -g wrangler
+wrangler login
+```
+
+### "Not logged in to Cloudflare"
+
+Authenticate with Cloudflare:
+
+```bash
+wrangler login
+```
+
+### "Lock file not found"
+
+Run the init command first to provision resources:
+
+```bash
+authrim-setup init --env prod
+```
+
+### Deployment fails with "Service Bindings"
+
+Ensure all dependent workers are deployed. The ar-router must be deployed last as it references other workers via Service Bindings.
+
+## License
+
+Apache License 2.0 - see [LICENSE](../../LICENSE) for details.
+
+## Related
+
+- [Authrim Documentation](https://github.com/sgrastar/authrim/tree/main/docs)
+- [Deployment Guide](https://github.com/sgrastar/authrim/blob/main/docs/getting-started/deployment.md)
+- [Development Guide](https://github.com/sgrastar/authrim/blob/main/docs/getting-started/development.md)

package/dist/__tests__/config.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Configuration Module Tests
+ */
+export {};
+//# sourceMappingURL=config.test.d.ts.map

package/dist/__tests__/config.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/config.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/__tests__/config.test.js

@@ -0,0 +1,115 @@
+/**
+ * Configuration Module Tests
+ */
+import { describe, it, expect } from 'vitest';
+import { AuthrimConfigSchema, createDefaultConfig, parseConfig } from '../core/config.js';
+describe('AuthrimConfigSchema', () => {
+    it('should validate a minimal config', () => {
+        const config = {
+            version: '1.0.0',
+            createdAt: new Date().toISOString(),
+            environment: { prefix: 'test' },
+            tenant: { name: 'default' },
+            components: { api: true },
+            profile: 'basic-op',
+            oidc: {},
+            sharding: {},
+            features: {},
+            keys: {},
+        };
+        const result = AuthrimConfigSchema.safeParse(config);
+        expect(result.success).toBe(true);
+    });
+    it('should reject invalid profile', () => {
+        const config = {
+            version: '1.0.0',
+            createdAt: new Date().toISOString(),
+            environment: { prefix: 'test' },
+            tenant: { name: 'default' },
+            components: { api: true },
+            profile: 'invalid-profile',
+            oidc: {},
+            sharding: {},
+            features: {},
+            keys: {},
+        };
+        const result = AuthrimConfigSchema.safeParse(config);
+        expect(result.success).toBe(false);
+    });
+    it('should validate URL configuration', () => {
+        const config = {
+            version: '1.0.0',
+            createdAt: new Date().toISOString(),
+            environment: { prefix: 'prod' },
+            tenant: { name: 'default' },
+            components: { api: true },
+            profile: 'basic-op',
+            urls: {
+                api: {
+                    custom: 'https://auth.example.com',
+                    auto: 'https://prod-ar-router.workers.dev',
+                },
+                loginUi: {
+                    custom: null,
+                    auto: 'https://prod-ar-ui.pages.dev',
+                },
+                adminUi: {
+                    custom: null,
+                    auto: 'https://prod-ar-ui.pages.dev/admin',
+                },
+            },
+            oidc: {},
+            sharding: {},
+            features: {},
+            keys: {},
+        };
+        const result = AuthrimConfigSchema.safeParse(config);
+        expect(result.success).toBe(true);
+        if (result.success) {
+            expect(result.data.urls?.api?.custom).toBe('https://auth.example.com');
+        }
+    });
+});
+describe('createDefaultConfig', () => {
+    it('should create a default config with prod prefix', () => {
+        const config = createDefaultConfig('prod');
+        expect(config.environment.prefix).toBe('prod');
+        expect(config.profile).toBe('basic-op');
+        expect(config.components.api).toBe(true);
+        expect(config.components.loginUi).toBe(true);
+        expect(config.components.adminUi).toBe(true);
+    });
+    it('should create a default config with custom prefix', () => {
+        const config = createDefaultConfig('staging');
+        expect(config.environment.prefix).toBe('staging');
+    });
+});
+describe('parseConfig', () => {
+    it('should parse and validate a config object', () => {
+        const rawConfig = {
+            version: '1.0.0',
+            createdAt: new Date().toISOString(),
+            environment: { prefix: 'dev' },
+            tenant: { name: 'test-tenant' },
+            components: { api: true, loginUi: true },
+            profile: 'fapi-rw',
+            oidc: { accessTokenTtl: 7200 },
+            sharding: { authCodeShards: 32 },
+            features: {},
+            keys: {},
+        };
+        const config = parseConfig(rawConfig);
+        expect(config.environment.prefix).toBe('dev');
+        expect(config.tenant.name).toBe('test-tenant');
+        expect(config.profile).toBe('fapi-rw');
+        expect(config.oidc.accessTokenTtl).toBe(7200);
+    });
+    it('should throw on invalid config', () => {
+        const invalidConfig = {
+            version: '1.0.0',
+            // Missing required fields
+        };
+        expect(() => parseConfig(invalidConfig)).toThrow();
+    });
+});
+//# sourceMappingURL=config.test.js.map

package/dist/__tests__/config.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.test.js","sourceRoot":"","sources":["../../src/__tests__/config.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAE1F,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG;YACb,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;YAC/B,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;YAC3B,UAAU,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;YACzB,OAAO,EAAE,UAAU;YACnB,IAAI,EAAE,EAAE;YACR,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,EAAE;SACT,CAAC;QAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACrD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG;YACb,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;YAC/B,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;YAC3B,UAAU,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;YACzB,OAAO,EAAE,iBAAiB;YAC1B,IAAI,EAAE,EAAE;YACR,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,EAAE;SACT,CAAC;QAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACrD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,MAAM,GAAG;YACb,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;YAC/B,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;YAC3B,UAAU,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;YACzB,OAAO,EAAE,UAAU;YACnB,IAAI,EAAE;gBACJ,GAAG,EAAE;oBACH,MAAM,EAAE,0BAA0B;oBAClC,IAAI,EAAE,oCAAoC;iBAC3C;gBACD,OAAO,EAAE;oBACP,MAAM,EAAE,IAAI;oBACZ,IAAI,EAAE,8BAA8B;iBACrC;gBACD,OAAO,EAAE;oBACP,MAAM,EAAE,IAAI;oBACZ,IAAI,EAAE,oCAAoC;iBAC3C;aACF;YACD,IAAI,EAAE,EAAE;YACR,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,EAAE;SACT,CAAC;QAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACrD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACzE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAE3C,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAE9C,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,SAAS,GAAG;YAChB,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE;YAC9B,MAAM,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE;YAC/B,UAAU,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;YACxC,OAAO,EAAE,SAAS;YAClB,IAAI,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE;YAC9B,QAAQ,EAAE,EAAE,cAAc,EAAE,EAAE,EAAE;YAChC,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,EAAE;SACT,CAAC;QAEF,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;QAEtC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC/C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,aAAa,GAAG;YACpB,OAAO,EAAE,OAAO;YAChB,0BAA0B;SAC3B,CAAC;QAEF,MAAM,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/keys.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Keys Module Tests
+ */
+export {};
+//# sourceMappingURL=keys.test.d.ts.map

package/dist/__tests__/keys.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"keys.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/keys.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/__tests__/keys.test.js

@@ -0,0 +1,87 @@
+/**
+ * Keys Module Tests
+ */
+import { describe, it, expect } from 'vitest';
+import { generateKeyId, generateRsaKeyPair, generateHexSecret, generateBase64Secret, generateAllSecrets, validatePrivateKey, validatePublicKeyJwk, } from '../core/keys.js';
+describe('generateKeyId', () => {
+    it('should generate a key ID with default prefix', () => {
+        const keyId = generateKeyId();
+        expect(keyId).toMatch(/^dev-key-\d+-[a-zA-Z0-9_-]+$/);
+    });
+    it('should generate a key ID with custom prefix', () => {
+        const keyId = generateKeyId('prod');
+        expect(keyId).toMatch(/^prod-key-\d+-[a-zA-Z0-9_-]+$/);
+    });
+    it('should generate unique key IDs', () => {
+        const keyId1 = generateKeyId('test');
+        const keyId2 = generateKeyId('test');
+        expect(keyId1).not.toBe(keyId2);
+    });
+});
+describe('generateRsaKeyPair', () => {
+    it('should generate a valid RSA key pair', () => {
+        const keyPair = generateRsaKeyPair('test-key');
+        expect(keyPair.keyId).toBe('test-key');
+        expect(keyPair.privateKeyPem).toContain('-----BEGIN PRIVATE KEY-----');
+        expect(keyPair.publicKeyJwk.kty).toBe('RSA');
+        expect(keyPair.publicKeyJwk.kid).toBe('test-key');
+        expect(keyPair.publicKeyJwk.use).toBe('sig');
+        expect(keyPair.publicKeyJwk.alg).toBe('RS256');
+        expect(keyPair.createdAt).toBeDefined();
+    });
+    it('should generate key with auto-generated ID', () => {
+        const keyPair = generateRsaKeyPair();
+        expect(keyPair.keyId).toMatch(/^dev-key-\d+-[a-zA-Z0-9_-]+$/);
+    });
+});
+describe('generateHexSecret', () => {
+    it('should generate 32-byte hex secret by default', () => {
+        const secret = generateHexSecret();
+        expect(secret).toMatch(/^[a-f0-9]{64}$/);
+    });
+    it('should generate custom size hex secret', () => {
+        const secret = generateHexSecret(16);
+        expect(secret).toMatch(/^[a-f0-9]{32}$/);
+    });
+});
+describe('generateBase64Secret', () => {
+    it('should generate base64url secret', () => {
+        const secret = generateBase64Secret();
+        expect(secret).toMatch(/^[a-zA-Z0-9_-]+$/);
+        expect(secret.length).toBeGreaterThan(0);
+    });
+});
+describe('generateAllSecrets', () => {
+    it('should generate all required secrets', () => {
+        const secrets = generateAllSecrets('test-key');
+        expect(secrets.keyPair).toBeDefined();
+        expect(secrets.keyPair.keyId).toBe('test-key');
+        expect(secrets.rpTokenEncryptionKey).toMatch(/^[a-f0-9]{64}$/);
+        expect(secrets.adminApiSecret).toBeDefined();
+        expect(secrets.keyManagerSecret).toBeDefined();
+        expect(secrets.setupToken).toBeDefined();
+    });
+});
+describe('validatePrivateKey', () => {
+    it('should validate a valid RSA private key', () => {
+        const keyPair = generateRsaKeyPair();
+        expect(validatePrivateKey(keyPair.privateKeyPem)).toBe(true);
+    });
+    it('should reject invalid private key', () => {
+        expect(validatePrivateKey('invalid-key')).toBe(false);
+    });
+});
+describe('validatePublicKeyJwk', () => {
+    it('should validate a valid JWK', () => {
+        const keyPair = generateRsaKeyPair('test-key');
+        expect(validatePublicKeyJwk(keyPair.publicKeyJwk)).toBe(true);
+    });
+    it('should reject JWK without required fields', () => {
+        expect(validatePublicKeyJwk({ kty: 'RSA' })).toBe(false);
+        expect(validatePublicKeyJwk({ kty: 'RSA', n: 'xxx', e: 'xxx' })).toBe(false);
+    });
+    it('should reject non-RSA JWK', () => {
+        expect(validatePublicKeyJwk({ kty: 'EC', kid: 'test' })).toBe(false);
+    });
+});
+//# sourceMappingURL=keys.test.js.map

package/dist/__tests__/keys.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"keys.test.js","sourceRoot":"","sources":["../../src/__tests__/keys.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,iBAAiB,CAAC;AAEzB,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;QAE9B,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,8BAA8B,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,KAAK,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QAEpC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QAErC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAE/C,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvC,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;QACvE,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7C,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7C,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;QAErC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,8BAA8B,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;QAEnC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,iBAAiB,CAAC,EAAE,CAAC,CAAC;QAErC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,oBAAoB,EAAE,CAAC;QAEtC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAE/C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACtC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAC/D,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;QAC7C,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;QAErC,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAE/C,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,CAAC,oBAAoB,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzD,MAAM,CAAC,oBAAoB,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,CAAC,oBAAoB,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/naming.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Naming Module Tests
+ */
+export {};
+//# sourceMappingURL=naming.test.d.ts.map

package/dist/__tests__/naming.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"naming.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/naming.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/__tests__/naming.test.js

@@ -0,0 +1,84 @@
+/**
+ * Naming Module Tests
+ */
+import { describe, it, expect } from 'vitest';
+import { getWorkerName, getD1DatabaseName, getKVNamespaceName, getDeploymentOrder, getEnabledComponents, CORE_WORKER_COMPONENTS, WORKER_COMPONENTS, } from '../core/naming.js';
+describe('Worker Naming', () => {
+    it('should generate correct worker name', () => {
+        expect(getWorkerName('prod', 'ar-auth')).toBe('prod-ar-auth');
+        expect(getWorkerName('staging', 'ar-token')).toBe('staging-ar-token');
+        expect(getWorkerName('dev', 'ar-lib-core')).toBe('dev-ar-lib-core');
+    });
+});
+describe('D1 Database Naming', () => {
+    it('should generate correct database name', () => {
+        // dbType includes the '-db' suffix as defined in D1_DATABASES
+        expect(getD1DatabaseName('prod', 'core-db')).toBe('prod-authrim-core-db');
+        expect(getD1DatabaseName('staging', 'pii-db')).toBe('staging-authrim-pii-db');
+    });
+});
+describe('KV Namespace Naming', () => {
+    it('should generate correct KV namespace name', () => {
+        expect(getKVNamespaceName('prod', 'CLIENTS_CACHE')).toBe('PROD-CLIENTS_CACHE');
+        expect(getKVNamespaceName('staging', 'SETTINGS')).toBe('STAGING-SETTINGS');
+    });
+});
+describe('Component Lists', () => {
+    it('should have all core components', () => {
+        expect(CORE_WORKER_COMPONENTS).toContain('ar-lib-core');
+        expect(CORE_WORKER_COMPONENTS).toContain('ar-auth');
+        expect(CORE_WORKER_COMPONENTS).toContain('ar-token');
+        expect(CORE_WORKER_COMPONENTS).toContain('ar-router');
+    });
+    it('should have more components in full list', () => {
+        expect(WORKER_COMPONENTS.length).toBeGreaterThanOrEqual(CORE_WORKER_COMPONENTS.length);
+    });
+});
+describe('getEnabledComponents', () => {
+    it('should return core components by default', () => {
+        const components = getEnabledComponents({});
+        expect(components.has('ar-lib-core')).toBe(true);
+        expect(components.has('ar-auth')).toBe(true);
+        expect(components.has('ar-token')).toBe(true);
+        expect(components.has('ar-router')).toBe(true);
+    });
+    it('should add optional components when enabled', () => {
+        const components = getEnabledComponents({
+            saml: true,
+            vc: true,
+        });
+        expect(components.has('ar-saml')).toBe(true);
+        expect(components.has('ar-vc')).toBe(true);
+    });
+    it('should not include optional components when disabled', () => {
+        const components = getEnabledComponents({
+            saml: false,
+            vc: false,
+        });
+        expect(components.has('ar-saml')).toBe(false);
+        expect(components.has('ar-vc')).toBe(false);
+    });
+});
+describe('getDeploymentOrder', () => {
+    it('should return deployment levels for core components', () => {
+        const components = getEnabledComponents({});
+        const levels = getDeploymentOrder(components);
+        expect(levels.length).toBeGreaterThan(0);
+        // First level should contain ar-lib-core (DO definition source)
+        expect(levels[0]).toContain('ar-lib-core');
+        // Last level should contain ar-router
+        expect(levels[levels.length - 1]).toContain('ar-router');
+    });
+    it('should include SAML in correct level', () => {
+        const components = getEnabledComponents({ saml: true });
+        const levels = getDeploymentOrder(components);
+        // Flatten levels to check SAML is included
+        const allComponents = levels.flat();
+        expect(allComponents).toContain('ar-saml');
+        // SAML should come before router
+        const samlIndex = allComponents.indexOf('ar-saml');
+        const routerIndex = allComponents.indexOf('ar-router');
+        expect(samlIndex).toBeLessThan(routerIndex);
+    });
+});
+//# sourceMappingURL=naming.test.js.map

package/dist/__tests__/naming.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"naming.test.js","sourceRoot":"","sources":["../../src/__tests__/naming.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,sBAAsB,EACtB,iBAAiB,GAClB,MAAM,mBAAmB,CAAC;AAE3B,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,CAAC,aAAa,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC9D,MAAM,CAAC,aAAa,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACtE,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,8DAA8D;QAC9D,MAAM,CAAC,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAC1E,MAAM,CAAC,iBAAiB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IAChF,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,CAAC,kBAAkB,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC/E,MAAM,CAAC,kBAAkB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC7E,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAC/B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,CAAC,sBAAsB,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACxD,MAAM,CAAC,sBAAsB,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACpD,MAAM,CAAC,sBAAsB,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACrD,MAAM,CAAC,sBAAsB,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;IACzF,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,UAAU,GAAG,oBAAoB,CAAC,EAAE,CAAC,CAAC;QAE5C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,UAAU,GAAG,oBAAoB,CAAC;YACtC,IAAI,EAAE,IAAI;YACV,EAAE,EAAE,IAAI;SACT,CAAC,CAAC;QAEH,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,UAAU,GAAG,oBAAoB,CAAC;YACtC,IAAI,EAAE,KAAK;YACX,EAAE,EAAE,KAAK;SACV,CAAC,CAAC;QAEH,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,UAAU,GAAG,oBAAoB,CAAC,EAAE,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAE9C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAEzC,gEAAgE;QAChE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QAE3C,sCAAsC;QACtC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,UAAU,GAAG,oBAAoB,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAE9C,2CAA2C;QAC3C,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QACpC,MAAM,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE3C,iCAAiC;QACjC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/cli/commands/config.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Config Command - Manage Authrim configuration
+ *
+ * Provides options to show, validate, and modify Authrim configuration.
+ */
+export interface ConfigCommandOptions {
+    show?: boolean;
+    validate?: boolean;
+    json?: boolean;
+    config?: string;
+}
+export declare function configCommand(options: ConfigCommandOptions): Promise<void>;
+//# sourceMappingURL=config.d.ts.map

package/dist/cli/commands/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAaH,MAAM,WAAW,oBAAoB;IACnC,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAMD,wBAAsB,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC,CAahF"}