npm - @base44-preview/cli - Versions diffs - 0.0.50-pr.484.8b296df → 0.0.50-pr.484.cb7ade7 - Mend

@base44-preview/cli 0.0.50-pr.484.8b296df → 0.0.50-pr.484.cb7ade7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli/index.js CHANGED Viewed

@@ -242018,9 +242018,10 @@ var SSOSecretKey;
   SSOSecretKey2["JwksUri"] = "sso_jwks_uri";
 })(SSOSecretKey ||= {});
 var ALL_SSO_SECRET_KEYS = Object.values(SSOSecretKey);
+var DEFAULT_OIDC_SCOPE = "openid email profile";
+var DEFAULT_GITHUB_SCOPE = "user:email";
 // src/core/resources/auth-config/sso/providers/custom.ts
-var DEFAULT_SCOPE = "openid email profile";
 var customProvider = {
   requiredKeys: [
     "sso_auth_endpoint" /* AuthEndpoint */,
@@ -242029,7 +242030,7 @@ var customProvider = {
     "sso_jwks_uri" /* JwksUri */
   ],
   defaults: {
-    ["sso_scope" /* Scope */]: DEFAULT_SCOPE
+    ["sso_scope" /* Scope */]: DEFAULT_OIDC_SCOPE
   }
 };
@@ -242037,7 +242038,7 @@ var customProvider = {
 var githubProvider = {
   requiredKeys: [],
   defaults: {
-    ["sso_scope" /* Scope */]: "user:email",
+    ["sso_scope" /* Scope */]: DEFAULT_GITHUB_SCOPE,
     ["sso_auth_endpoint" /* AuthEndpoint */]: "https://github.com/login/oauth/authorize",
     ["sso_token_endpoint" /* TokenEndpoint */]: "https://github.com/login/oauth/access_token",
     ["sso_userinfo_endpoint" /* UserinfoEndpoint */]: "https://api.github.com/user"
@@ -242045,21 +242046,19 @@ var githubProvider = {
 };
 // src/core/resources/auth-config/sso/providers/google.ts
-var DEFAULT_SCOPE2 = "openid email profile";
 var googleProvider = {
   requiredKeys: [],
   defaults: {
-    ["sso_scope" /* Scope */]: DEFAULT_SCOPE2,
+    ["sso_scope" /* Scope */]: DEFAULT_OIDC_SCOPE,
     ["sso_discovery_url" /* DiscoveryUrl */]: "https://accounts.google.com/.well-known/openid-configuration"
   }
 };
 // src/core/resources/auth-config/sso/providers/microsoft.ts
-var DEFAULT_SCOPE3 = "openid email profile";
 var microsoftProvider = {
   requiredKeys: ["sso_tenant_id" /* TenantId */],
   defaults: {
-    ["sso_scope" /* Scope */]: DEFAULT_SCOPE3
+    ["sso_scope" /* Scope */]: DEFAULT_OIDC_SCOPE
   },
   deriveDefaults: (secrets) => {
     const tenantId = secrets["sso_tenant_id" /* TenantId */];
@@ -242073,11 +242072,10 @@ var microsoftProvider = {
 };
 // src/core/resources/auth-config/sso/providers/okta.ts
-var DEFAULT_SCOPE4 = "openid email profile";
 var oktaProvider = {
   requiredKeys: ["sso_okta_domain" /* OktaDomain */],
   defaults: {
-    ["sso_scope" /* Scope */]: DEFAULT_SCOPE4
+    ["sso_scope" /* Scope */]: DEFAULT_OIDC_SCOPE
   },
   deriveDefaults: (secrets) => {
     const domain2 = secrets["sso_okta_domain" /* OktaDomain */];
@@ -242099,6 +242097,15 @@ var SSO_PROVIDER_SCHEMAS = {
   custom: customProvider
 };
+// src/core/resources/auth-config/sso/types.ts
+var KNOWN_SSO_PROVIDERS = {
+  google: "google",
+  microsoft: "microsoft",
+  github: "github",
+  okta: "okta",
+  custom: "custom"
+};
 // src/core/resources/auth-config/sso/operations.ts
 var OPTION_TO_SECRET_KEY = {
   scope: "sso_scope" /* Scope */,
@@ -242157,7 +242164,7 @@ function buildSSOSecrets(provider, options) {
       missing.push(key);
     }
   }
-  if (provider === "custom" && !options.ssoName) {
+  if (provider === KNOWN_SSO_PROVIDERS.custom && !options.ssoName) {
     missing.push("sso_name" /* Name */);
   }
   if (missing.length > 0) {
@@ -242171,14 +242178,6 @@ async function pushSSOSecrets(secrets) {
 async function deleteSSOSecrets() {
   await Promise.allSettled(ALL_SSO_SECRET_KEYS.map((key) => deleteSecret(key)));
 }
-// src/core/resources/auth-config/sso/types.ts
-var KNOWN_SSO_PROVIDERS = [
-  "google",
-  "microsoft",
-  "github",
-  "okta",
-  "custom"
-];
 // src/core/resources/connector/schema.ts
 var GoogleCalendarConnectorSchema = exports_external.object({
   type: exports_external.literal("googlecalendar"),
@@ -251262,23 +251261,34 @@ function mergeFileWithFlags(fileConfig, options) {
     ssoName: options.ssoName ?? fileConfig.ssoName
   };
 }
+var providerNames = Object.keys(KNOWN_SSO_PROVIDERS);
+function secretKeyToFlag(key) {
+  return `--${key.replace(/^sso_/, "").replace(/_/g, "-")}`;
+}
+function exampleCommand(provider) {
+  let cmd = `base44 auth sso enable --provider ${provider} --client-id <id> --client-secret <secret>`;
+  if (provider === KNOWN_SSO_PROVIDERS.microsoft)
+    cmd += " --tenant-id <id>";
+  if (provider === KNOWN_SSO_PROVIDERS.okta)
+    cmd += " --okta-domain <domain>";
+  if (provider === KNOWN_SSO_PROVIDERS.custom)
+    cmd += " --sso-name <name> --auth-endpoint <url> --token-endpoint <url> --userinfo-endpoint <url> --jwks-uri <url>";
+  return cmd;
+}
 function validateProvider(provider) {
   if (!provider) {
     throw new InvalidInputError("Missing --provider.", {
       hints: [
         {
-          message: `Valid providers: ${KNOWN_SSO_PROVIDERS.join(", ")}`,
+          message: `Valid providers: ${providerNames.join(", ")}`,
           command: "base44 auth sso enable --provider <provider> --client-id <id> --client-secret <secret>"
         }
       ]
     });
   }
-  if (!KNOWN_SSO_PROVIDERS.includes(provider)) {
-    throw new InvalidInputError(`Unknown provider "${provider}". Valid providers: ${KNOWN_SSO_PROVIDERS.join(", ")}`);
-  }
   return provider;
 }
-async function ssoEnableAction({ isNonInteractive, log, runTask: runTask2 }, options) {
+async function ssoEnableAction({ isNonInteractive, runTask: runTask2 }, options) {
   let merged = options;
   if (options.file) {
     const fileConfig = await loadSSOConfigFile(options.file);
@@ -251338,7 +251348,23 @@ async function ssoEnableAction({ isNonInteractive, log, runTask: runTask2 }, opt
     jwksUri: merged.jwksUri,
     ssoName: merged.ssoName
   };
-  const secrets = buildSSOSecrets(provider, secretOptions);
+  let secrets;
+  try {
+    secrets = buildSSOSecrets(provider, secretOptions);
+  } catch (error48) {
+    if (error48 instanceof InvalidInputError) {
+      const flagMessage = error48.message.replace(/sso_[a-z_]+/g, (key) => secretKeyToFlag(key));
+      throw new InvalidInputError(flagMessage, {
+        hints: [
+          {
+            message: `Example: ${exampleCommand(provider)}`,
+            command: exampleCommand(provider)
+          }
+        ]
+      });
+    }
+    throw error48;
+  }
   const { project: project2 } = await readProjectConfig();
   const configDir = dirname11(project2.configPath);
   const authDir = join16(configDir, project2.authDir);
@@ -251349,7 +251375,6 @@ async function ssoEnableAction({ isNonInteractive, log, runTask: runTask2 }, opt
   };
 }
 async function ssoDisableAction({
-  log,
   runTask: runTask2
 }) {
   const { project: project2 } = await readProjectConfig();
@@ -251371,7 +251396,7 @@ function getSSOCommand() {
   return new Base44Command("sso").description("Configure SSO identity provider (google, microsoft, github, okta, custom)").addArgument(new Argument("<action>", "enable or disable SSO").choices([
     "enable",
     "disable"
-  ])).option("--provider <provider>", "SSO provider: google, microsoft, github, okta, custom").option("--client-id <id>", "OAuth client ID").option("--client-secret <secret>", "OAuth client secret").option("--client-secret-stdin", "Read client secret from stdin").option("--env-file <path>", "Read client secret from a .env file (key: sso_client_secret)").option("--file <path>", "JSON config file with all SSO settings").option("--scope <scope>", "OAuth scope (defaults per provider)").option("--discovery-url <url>", "OIDC discovery URL").option("--tenant-id <id>", "Microsoft tenant ID (required for microsoft)").option("--okta-domain <domain>", "Okta domain (required for okta)").option("--auth-endpoint <url>", "Authorization endpoint (required for custom)").option("--token-endpoint <url>", "Token endpoint (required for custom)").option("--userinfo-endpoint <url>", "Userinfo endpoint (required for custom)").option("--jwks-uri <url>", "JWKS URI (required for custom)").option("--sso-name <name>", "Provider display name (required for custom)").action(ssoAction);
+  ])).addOption(new Option("--provider <provider>", "SSO provider").choices(Object.values(KNOWN_SSO_PROVIDERS))).option("--client-id <id>", "OAuth client ID").option("--client-secret <secret>", "OAuth client secret").option("--client-secret-stdin", "Read client secret from stdin").option("--env-file <path>", "Read client secret from a .env file (key: sso_client_secret)").option("--file <path>", "JSON config file with all SSO settings").option("--scope <scope>", "OAuth scope (defaults per provider)").option("--discovery-url <url>", "OIDC discovery URL").option("--tenant-id <id>", "Microsoft tenant ID (required for microsoft)").option("--okta-domain <domain>", "Okta domain (required for okta)").option("--auth-endpoint <url>", "Authorization endpoint (required for custom)").option("--token-endpoint <url>", "Token endpoint (required for custom)").option("--userinfo-endpoint <url>", "Userinfo endpoint (required for custom)").option("--jwks-uri <url>", "JWKS URI (required for custom)").option("--sso-name <name>", "Provider display name (required for custom)").action(ssoAction);
 }
 // src/cli/commands/auth/index.ts
@@ -261006,4 +261031,4 @@ export {
   CLIExitError
 };
-//# debugId=2639C9D09C44A37C64756E2164756E21
+//# debugId=CDE136D996499A7364756E2164756E21