@chrishdx/llm-dev-server 1.0.0

package/backend/dist/services/auth/GeminiAuthService.d.ts

@@ -0,0 +1,50 @@
+import { BaseAuthService } from './BaseAuthService';
+import { AuthToken } from '../../models';
+export declare class GeminiAuthService extends BaseAuthService {
+    private geminiHome;
+    constructor();
+    /**
+     * Start Gemini OAuth login flow
+     */
+    startLogin(): Promise<{
+        loginUrl: string;
+        sessionId: string;
+        state: string;
+    }>;
+    /**
+     * Complete Gemini OAuth login flow
+     */
+    completeLogin(params: {
+        sessionId: string;
+        code: string;
+        state: string;
+    }): Promise<AuthToken>;
+    /**
+     * Load credentials from file on server startup
+     */
+    loadFromFile(): Promise<AuthToken | null>;
+    /**
+     * Get current authentication status
+     */
+    getStatus(): Promise<{
+        loggedIn: boolean;
+        tokenId?: string;
+        email?: string;
+        expiresAt?: Date;
+    }>;
+    /**
+     * Start Gemini OAuth login flow with manual code redirect (for remote clients)
+     * Uses Google's special redirect URI that displays the code to the user
+     */
+    startLoginWithRedirect(_redirectUri: string): Promise<{
+        loginUrl: string;
+        state: string;
+    }>;
+    /**
+     * Complete Gemini OAuth login from manual code (for remote clients)
+     * User provides the authorization code shown by Google
+     */
+    completeLoginFromCallback(code: string, state: string): Promise<AuthToken>;
+}
+export default GeminiAuthService;
+//# sourceMappingURL=GeminiAuthService.d.ts.map

package/backend/dist/services/auth/GeminiAuthService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GeminiAuthService.d.ts","sourceRoot":"","sources":["../../../src/services/auth/GeminiAuthService.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAazC,qBAAa,iBAAkB,SAAQ,eAAe;IACpD,OAAO,CAAC,UAAU,CAAS;;IAO3B;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC;QAC1B,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IAwCF;;OAEG;IACG,aAAa,CAAC,MAAM,EAAE;QAC1B,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;KACf,GAAG,OAAO,CAAC,SAAS,CAAC;IAoFtB;;OAEG;IACG,YAAY,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IA0C/C;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC;QACzB,QAAQ,EAAE,OAAO,CAAC;QAClB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,IAAI,CAAC;KAClB,CAAC;IAeF;;;OAGG;IACG,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC;QAC1D,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IAwCF;;;OAGG;IACG,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;CAmFjF;AAED,eAAe,iBAAiB,CAAC"}

package/backend/dist/services/auth/GeminiAuthService.js

@@ -0,0 +1,284 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GeminiAuthService = void 0;
+const path_1 = __importDefault(require("path"));
+const promises_1 = __importDefault(require("fs/promises"));
+const crypto_1 = __importDefault(require("crypto"));
+const google_auth_library_1 = require("google-auth-library");
+const BaseAuthService_1 = require("./BaseAuthService");
+const models_1 = require("../../models");
+const crypto_2 = require("../../utils/crypto");
+const environment_1 = __importDefault(require("../../config/environment"));
+const logger_1 = __importDefault(require("../../utils/logger"));
+const GEMINI_CLIENT_ID = '681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com';
+const GEMINI_CLIENT_SECRET = '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';
+const GEMINI_SCOPES = [
+    'https://www.googleapis.com/auth/cloud-platform',
+    'https://www.googleapis.com/auth/userinfo.email',
+];
+class GeminiAuthService extends BaseAuthService_1.BaseAuthService {
+    constructor() {
+        super('gemini');
+        this.geminiHome = path_1.default.join(environment_1.default.DATA_DIR, 'gemini');
+    }
+    /**
+     * Start Gemini OAuth login flow
+     */
+    async startLogin() {
+        const codeVerifier = (0, crypto_2.generateCodeVerifier)();
+        const codeChallenge = (0, crypto_2.generateCodeChallenge)(codeVerifier);
+        const state = crypto_1.default.randomUUID();
+        const redirectUri = 'http://localhost:3000/oauth/callback';
+        const oauth2Client = new google_auth_library_1.OAuth2Client({
+            clientId: GEMINI_CLIENT_ID,
+            clientSecret: GEMINI_CLIENT_SECRET,
+            redirectUri,
+        });
+        const authorizeUrl = oauth2Client.generateAuthUrl({
+            access_type: 'offline',
+            scope: GEMINI_SCOPES,
+            state,
+            code_challenge: codeChallenge,
+            code_challenge_method: google_auth_library_1.CodeChallengeMethod.S256,
+        });
+        const sessionId = crypto_1.default.randomUUID();
+        await this.storeLoginSession({
+            sessionId,
+            state,
+            codeVerifier: this.encrypt(codeVerifier),
+            provider: 'gemini',
+            redirectUri,
+            expiresAt: new Date(Date.now() + 15 * 60 * 1000),
+        });
+        logger_1.default.info('Gemini OAuth login started', { sessionId });
+        return {
+            loginUrl: authorizeUrl,
+            sessionId,
+            state,
+        };
+    }
+    /**
+     * Complete Gemini OAuth login flow
+     */
+    async completeLogin(params) {
+        // Validate session
+        const session = await this.getLoginSession(params.sessionId);
+        if (!session || session.state !== params.state) {
+            throw new Error('Invalid OAuth state');
+        }
+        const codeVerifier = this.decrypt(session.codeVerifier);
+        const oauth2Client = new google_auth_library_1.OAuth2Client({
+            clientId: GEMINI_CLIENT_ID,
+            clientSecret: GEMINI_CLIENT_SECRET,
+            redirectUri: session.redirectUri || 'http://localhost:3000/oauth/callback',
+        });
+        // Exchange code for tokens
+        const { tokens } = await oauth2Client.getToken({
+            code: params.code,
+            codeVerifier,
+        });
+        // Fetch user info
+        oauth2Client.setCredentials(tokens);
+        const userInfo = await oauth2Client.request({
+            url: 'https://www.googleapis.com/oauth2/v2/userinfo',
+        });
+        const email = userInfo.data.email;
+        // 1. Create directory structure
+        await promises_1.default.mkdir(this.geminiHome, { recursive: true, mode: 0o700 });
+        // 2. Write oauth_creds.json (like native Gemini CLI)
+        const credsPath = path_1.default.join(this.geminiHome, 'oauth_creds.json');
+        const credsData = {
+            type: 'authorized_user',
+            client_id: GEMINI_CLIENT_ID,
+            client_secret: GEMINI_CLIENT_SECRET,
+            refresh_token: tokens.refresh_token,
+            token: tokens.access_token,
+            expiry_date: tokens.expiry_date,
+        };
+        await promises_1.default.writeFile(credsPath, JSON.stringify(credsData, null, 2), { encoding: 'utf8', mode: 0o600 });
+        // 3. Write google_accounts.json
+        const accountsPath = path_1.default.join(this.geminiHome, 'google_accounts.json');
+        const accountsData = {
+            active_account: email,
+        };
+        await promises_1.default.writeFile(accountsPath, JSON.stringify(accountsData, null, 2), { encoding: 'utf8', mode: 0o600 });
+        logger_1.default.info('Gemini credentials written to file');
+        // 4. Store in database
+        const authToken = await models_1.AuthToken.create({
+            provider: 'gemini',
+            accessToken: this.encrypt(tokens.access_token),
+            refreshToken: tokens.refresh_token ? this.encrypt(tokens.refresh_token) : undefined,
+            tokenType: tokens.token_type || 'Bearer',
+            expiresAt: tokens.expiry_date ? new Date(tokens.expiry_date) : undefined,
+            issuedAt: new Date(),
+            scopes: tokens.scope?.split(' '),
+            email,
+            isActive: true,
+        });
+        // Cleanup session
+        await this.deleteLoginSession(params.sessionId);
+        logger_1.default.info('Gemini OAuth login completed', { tokenId: authToken.id });
+        return authToken;
+    }
+    /**
+     * Load credentials from file on server startup
+     */
+    async loadFromFile() {
+        const credsPath = path_1.default.join(this.geminiHome, 'oauth_creds.json');
+        try {
+            const content = await promises_1.default.readFile(credsPath, 'utf8');
+            const creds = JSON.parse(content);
+            // Check if already in database
+            let authToken = await models_1.AuthToken.findOne({
+                where: { provider: 'gemini', isActive: true },
+            });
+            if (!authToken) {
+                // Read email from google_accounts.json
+                const accountsPath = path_1.default.join(this.geminiHome, 'google_accounts.json');
+                const accountsContent = await promises_1.default.readFile(accountsPath, 'utf8');
+                const accounts = JSON.parse(accountsContent);
+                // Create from file
+                authToken = await models_1.AuthToken.create({
+                    provider: 'gemini',
+                    accessToken: this.encrypt(creds.token),
+                    refreshToken: creds.refresh_token ? this.encrypt(creds.refresh_token) : undefined,
+                    tokenType: 'Bearer',
+                    expiresAt: creds.expiry_date ? new Date(creds.expiry_date) : undefined,
+                    issuedAt: new Date(),
+                    email: accounts.active_account,
+                    isActive: true,
+                });
+                logger_1.default.info('Gemini credentials loaded from file and synced to database');
+            }
+            return authToken;
+        }
+        catch (error) {
+            if (error instanceof Error && error.code !== 'ENOENT') {
+                logger_1.default.warn('Failed to load Gemini credentials from file:', error.message);
+            }
+            return null;
+        }
+    }
+    /**
+     * Get current authentication status
+     */
+    async getStatus() {
+        const token = await this.getActiveToken();
+        if (!token) {
+            return { loggedIn: false };
+        }
+        return {
+            loggedIn: true,
+            tokenId: token.id,
+            email: token.email,
+            expiresAt: token.expiresAt,
+        };
+    }
+    /**
+     * Start Gemini OAuth login flow with manual code redirect (for remote clients)
+     * Uses Google's special redirect URI that displays the code to the user
+     */
+    async startLoginWithRedirect(_redirectUri) {
+        // Use Google's special manual code redirect URI
+        const manualRedirectUri = 'https://codeassist.google.com/authcode';
+        const codeVerifier = (0, crypto_2.generateCodeVerifier)();
+        const codeChallenge = (0, crypto_2.generateCodeChallenge)(codeVerifier);
+        const state = crypto_1.default.randomUUID();
+        const oauth2Client = new google_auth_library_1.OAuth2Client({
+            clientId: GEMINI_CLIENT_ID,
+            clientSecret: GEMINI_CLIENT_SECRET,
+            redirectUri: manualRedirectUri,
+        });
+        const authorizeUrl = oauth2Client.generateAuthUrl({
+            access_type: 'offline',
+            scope: GEMINI_SCOPES,
+            state,
+            code_challenge: codeChallenge,
+            code_challenge_method: google_auth_library_1.CodeChallengeMethod.S256,
+        });
+        // Store session with state as sessionId for retrieval
+        await this.storeLoginSession({
+            sessionId: state,
+            state,
+            codeVerifier: this.encrypt(codeVerifier),
+            provider: 'gemini',
+            redirectUri: manualRedirectUri,
+            expiresAt: new Date(Date.now() + 15 * 60 * 1000),
+        });
+        logger_1.default.info('Gemini OAuth manual code flow started', { state });
+        return {
+            loginUrl: authorizeUrl,
+            state,
+        };
+    }
+    /**
+     * Complete Gemini OAuth login from manual code (for remote clients)
+     * User provides the authorization code shown by Google
+     */
+    async completeLoginFromCallback(code, state) {
+        // Validate session
+        const session = await this.getLoginSession(state);
+        if (!session || session.state !== state) {
+            throw new Error('Invalid OAuth state');
+        }
+        const codeVerifier = this.decrypt(session.codeVerifier);
+        const oauth2Client = new google_auth_library_1.OAuth2Client({
+            clientId: GEMINI_CLIENT_ID,
+            clientSecret: GEMINI_CLIENT_SECRET,
+            redirectUri: session.redirectUri || 'https://codeassist.google.com/authcode',
+        });
+        // Exchange code for tokens
+        const { tokens } = await oauth2Client.getToken({
+            code,
+            codeVerifier,
+        });
+        // Fetch user info
+        oauth2Client.setCredentials(tokens);
+        const userInfo = await oauth2Client.request({
+            url: 'https://www.googleapis.com/oauth2/v2/userinfo',
+        });
+        const email = userInfo.data.email;
+        // 1. Create directory structure
+        await promises_1.default.mkdir(this.geminiHome, { recursive: true, mode: 0o700 });
+        // 2. Write oauth_creds.json (like native Gemini CLI)
+        const credsPath = path_1.default.join(this.geminiHome, 'oauth_creds.json');
+        const credsData = {
+            type: 'authorized_user',
+            client_id: GEMINI_CLIENT_ID,
+            client_secret: GEMINI_CLIENT_SECRET,
+            refresh_token: tokens.refresh_token,
+            token: tokens.access_token,
+            expiry_date: tokens.expiry_date,
+        };
+        await promises_1.default.writeFile(credsPath, JSON.stringify(credsData, null, 2), { encoding: 'utf8', mode: 0o600 });
+        // 3. Write google_accounts.json
+        const accountsPath = path_1.default.join(this.geminiHome, 'google_accounts.json');
+        const accountsData = {
+            active_account: email,
+        };
+        await promises_1.default.writeFile(accountsPath, JSON.stringify(accountsData, null, 2), { encoding: 'utf8', mode: 0o600 });
+        logger_1.default.info('Gemini credentials written to file');
+        // 4. Store in database
+        const authToken = await models_1.AuthToken.create({
+            provider: 'gemini',
+            accessToken: this.encrypt(tokens.access_token),
+            refreshToken: tokens.refresh_token ? this.encrypt(tokens.refresh_token) : undefined,
+            tokenType: tokens.token_type || 'Bearer',
+            expiresAt: tokens.expiry_date ? new Date(tokens.expiry_date) : undefined,
+            issuedAt: new Date(),
+            scopes: tokens.scope?.split(' '),
+            email,
+            isActive: true,
+        });
+        // Cleanup session
+        await this.deleteLoginSession(state);
+        logger_1.default.info('Gemini OAuth manual code flow completed', { tokenId: authToken.id });
+        return authToken;
+    }
+}
+exports.GeminiAuthService = GeminiAuthService;
+exports.default = GeminiAuthService;
+//# sourceMappingURL=GeminiAuthService.js.map

package/backend/dist/services/auth/GeminiAuthService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"GeminiAuthService.js","sourceRoot":"","sources":["../../../src/services/auth/GeminiAuthService.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,2DAA6B;AAC7B,oDAA4B;AAC5B,6DAAwE;AACxE,uDAAoD;AACpD,yCAAyC;AACzC,+CAAiF;AACjF,2EAA8C;AAC9C,gEAAwC;AAExC,MAAM,gBAAgB,GACpB,0EAA0E,CAAC;AAC7E,MAAM,oBAAoB,GAAG,qCAAqC,CAAC;AACnE,MAAM,aAAa,GAAG;IACpB,gDAAgD;IAChD,gDAAgD;CACjD,CAAC;AAEF,MAAa,iBAAkB,SAAQ,iCAAe;IAGpD;QACE,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChB,IAAI,CAAC,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,qBAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU;QAKd,MAAM,YAAY,GAAG,IAAA,6BAAoB,GAAE,CAAC;QAC5C,MAAM,aAAa,GAAG,IAAA,8BAAqB,EAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,gBAAM,CAAC,UAAU,EAAE,CAAC;QAElC,MAAM,WAAW,GAAG,sCAAsC,CAAC;QAE3D,MAAM,YAAY,GAAG,IAAI,kCAAY,CAAC;YACpC,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,oBAAoB;YAClC,WAAW;SACZ,CAAC,CAAC;QAEH,MAAM,YAAY,GAAG,YAAY,CAAC,eAAe,CAAC;YAChD,WAAW,EAAE,SAAS;YACtB,KAAK,EAAE,aAAa;YACpB,KAAK;YACL,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,yCAAmB,CAAC,IAAI;SAChD,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,gBAAM,CAAC,UAAU,EAAE,CAAC;QACtC,MAAM,IAAI,CAAC,iBAAiB,CAAC;YAC3B,SAAS;YACT,KAAK;YACL,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC;YACxC,QAAQ,EAAE,QAAQ;YAClB,WAAW;YACX,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;SACjD,CAAC,CAAC;QAEH,gBAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;QAEzD,OAAO;YACL,QAAQ,EAAE,YAAY;YACtB,SAAS;YACT,KAAK;SACN,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,MAInB;QACC,mBAAmB;QACnB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,KAAK,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAExD,MAAM,YAAY,GAAG,IAAI,kCAAY,CAAC;YACpC,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,oBAAoB;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,sCAAsC;SAC3E,CAAC,CAAC;QAEH,2BAA2B;QAC3B,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,YAAY,CAAC,QAAQ,CAAC;YAC7C,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,YAAY;SACb,CAAC,CAAC;QAEH,kBAAkB;QAClB,YAAY,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC;YAC1C,GAAG,EAAE,+CAA+C;SACrD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAI,QAAQ,CAAC,IAAY,CAAC,KAAK,CAAC;QAE3C,gCAAgC;QAChC,MAAM,kBAAE,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAElE,qDAAqD;QACrD,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC;QACjE,MAAM,SAAS,GAAG;YAChB,IAAI,EAAE,iBAAiB;YACvB,SAAS,EAAE,gBAAgB;YAC3B,aAAa,EAAE,oBAAoB;YACnC,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK,EAAE,MAAM,CAAC,YAAY;YAC1B,WAAW,EAAE,MAAM,CAAC,WAAW;SAChC,CAAC;QAEF,MAAM,kBAAE,CAAC,SAAS,CAChB,SAAS,EACT,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,EAClC,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAClC,CAAC;QAEF,gCAAgC;QAChC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC;QACxE,MAAM,YAAY,GAAG;YACnB,cAAc,EAAE,KAAK;SACtB,CAAC;QAEF,MAAM,kBAAE,CAAC,SAAS,CAChB,YAAY,EACZ,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,EACrC,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAClC,CAAC;QAEF,gBAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;QAElD,uBAAuB;QACvB,MAAM,SAAS,GAAG,MAAM,kBAAS,CAAC,MAAM,CAAC;YACvC,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAa,CAAC;YAC/C,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;YACnF,SAAS,EAAE,MAAM,CAAC,UAAU,IAAI,QAAQ;YACxC,SAAS,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACxE,QAAQ,EAAE,IAAI,IAAI,EAAE;YACpB,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC;YAChC,KAAK;YACL,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,kBAAkB;QAClB,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEhD,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;QAEvE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACrD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAElC,+BAA+B;YAC/B,IAAI,SAAS,GAAG,MAAM,kBAAS,CAAC,OAAO,CAAC;gBACtC,KAAK,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE;aAC9C,CAAC,CAAC;YAEH,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,uCAAuC;gBACvC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC;gBACxE,MAAM,eAAe,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;gBAChE,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;gBAE7C,mBAAmB;gBACnB,SAAS,GAAG,MAAM,kBAAS,CAAC,MAAM,CAAC;oBACjC,QAAQ,EAAE,QAAQ;oBAClB,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC;oBACtC,YAAY,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;oBACjF,SAAS,EAAE,QAAQ;oBACnB,SAAS,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;oBACtE,QAAQ,EAAE,IAAI,IAAI,EAAE;oBACpB,KAAK,EAAE,QAAQ,CAAC,cAAc;oBAC9B,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAC;gBAEH,gBAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;YAC5E,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAK,KAAa,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC/D,gBAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7E,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS;QAMb,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC7B,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,IAAI;YACd,OAAO,EAAE,KAAK,CAAC,EAAE;YACjB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,sBAAsB,CAAC,YAAoB;QAI/C,gDAAgD;QAChD,MAAM,iBAAiB,GAAG,wCAAwC,CAAC;QAEnE,MAAM,YAAY,GAAG,IAAA,6BAAoB,GAAE,CAAC;QAC5C,MAAM,aAAa,GAAG,IAAA,8BAAqB,EAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,gBAAM,CAAC,UAAU,EAAE,CAAC;QAElC,MAAM,YAAY,GAAG,IAAI,kCAAY,CAAC;YACpC,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,oBAAoB;YAClC,WAAW,EAAE,iBAAiB;SAC/B,CAAC,CAAC;QAEH,MAAM,YAAY,GAAG,YAAY,CAAC,eAAe,CAAC;YAChD,WAAW,EAAE,SAAS;YACtB,KAAK,EAAE,aAAa;YACpB,KAAK;YACL,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,yCAAmB,CAAC,IAAI;SAChD,CAAC,CAAC;QAEH,sDAAsD;QACtD,MAAM,IAAI,CAAC,iBAAiB,CAAC;YAC3B,SAAS,EAAE,KAAK;YAChB,KAAK;YACL,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC;YACxC,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,iBAAiB;YAC9B,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;SACjD,CAAC,CAAC;QAEH,gBAAM,CAAC,IAAI,CAAC,uCAAuC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAEhE,OAAO;YACL,QAAQ,EAAE,YAAY;YACtB,KAAK;SACN,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,yBAAyB,CAAC,IAAY,EAAE,KAAa;QACzD,mBAAmB;QACnB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAClD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAExD,MAAM,YAAY,GAAG,IAAI,kCAAY,CAAC;YACpC,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,oBAAoB;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,wCAAwC;SAC7E,CAAC,CAAC;QAEH,2BAA2B;QAC3B,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,YAAY,CAAC,QAAQ,CAAC;YAC7C,IAAI;YACJ,YAAY;SACb,CAAC,CAAC;QAEH,kBAAkB;QAClB,YAAY,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QACpC,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC;YAC1C,GAAG,EAAE,+CAA+C;SACrD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAI,QAAQ,CAAC,IAAY,CAAC,KAAK,CAAC;QAE3C,gCAAgC;QAChC,MAAM,kBAAE,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAElE,qDAAqD;QACrD,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC;QACjE,MAAM,SAAS,GAAG;YAChB,IAAI,EAAE,iBAAiB;YACvB,SAAS,EAAE,gBAAgB;YAC3B,aAAa,EAAE,oBAAoB;YACnC,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK,EAAE,MAAM,CAAC,YAAY;YAC1B,WAAW,EAAE,MAAM,CAAC,WAAW;SAChC,CAAC;QAEF,MAAM,kBAAE,CAAC,SAAS,CAChB,SAAS,EACT,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,EAClC,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAClC,CAAC;QAEF,gCAAgC;QAChC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC;QACxE,MAAM,YAAY,GAAG;YACnB,cAAc,EAAE,KAAK;SACtB,CAAC;QAEF,MAAM,kBAAE,CAAC,SAAS,CAChB,YAAY,EACZ,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,EACrC,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAClC,CAAC;QAEF,gBAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;QAElD,uBAAuB;QACvB,MAAM,SAAS,GAAG,MAAM,kBAAS,CAAC,MAAM,CAAC;YACvC,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAa,CAAC;YAC/C,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;YACnF,SAAS,EAAE,MAAM,CAAC,UAAU,IAAI,QAAQ;YACxC,SAAS,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACxE,QAAQ,EAAE,IAAI,IAAI,EAAE;YACpB,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC;YAChC,KAAK;YACL,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,kBAAkB;QAClB,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAErC,gBAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;QAElF,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AA5VD,8CA4VC;AAED,kBAAe,iBAAiB,CAAC"}

package/backend/dist/services/auth/JwtService.d.ts

@@ -0,0 +1,27 @@
+import { User } from '../../models';
+export interface JwtPayload {
+    userId: string;
+    username: string;
+    role: 'admin' | 'user';
+}
+export declare class JwtService {
+    private static readonly EXPIRES_IN;
+    /**
+     * Generate JWT token for a user
+     */
+    static generateToken(user: User): string;
+    /**
+     * Verify and decode JWT token
+     */
+    static verifyToken(token: string): JwtPayload;
+    /**
+     * Decode token without verification (for debugging)
+     */
+    static decodeToken(token: string): JwtPayload | null;
+    /**
+     * Get token expiration time in seconds
+     */
+    static getExpiresIn(): number;
+}
+export default JwtService;
+//# sourceMappingURL=JwtService.d.ts.map

package/backend/dist/services/auth/JwtService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"JwtService.d.ts","sourceRoot":"","sources":["../../../src/services/auth/JwtService.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAEpC,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,OAAO,GAAG,MAAM,CAAC;CACxB;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAS;IAE3C;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM;IAYxC;;OAEG;IACH,MAAM,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU;IAe7C;;OAEG;IACH,MAAM,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI;IAQpD;;OAEG;IACH,MAAM,CAAC,YAAY,IAAI,MAAM;CAK9B;AAED,eAAe,UAAU,CAAC"}

package/backend/dist/services/auth/JwtService.js

@@ -0,0 +1,65 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtService = void 0;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const environment_1 = __importDefault(require("../../config/environment"));
+class JwtService {
+    /**
+     * Generate JWT token for a user
+     */
+    static generateToken(user) {
+        const payload = {
+            userId: user.id,
+            username: user.username,
+            role: user.role,
+        };
+        return jsonwebtoken_1.default.sign(payload, environment_1.default.JWT_SECRET, {
+            expiresIn: this.EXPIRES_IN,
+        });
+    }
+    /**
+     * Verify and decode JWT token
+     */
+    static verifyToken(token) {
+        try {
+            return jsonwebtoken_1.default.verify(token, environment_1.default.JWT_SECRET);
+        }
+        catch (error) {
+            if (error instanceof Error) {
+                if (error.name === 'TokenExpiredError') {
+                    throw new Error('Token has expired');
+                }
+                else if (error.name === 'JsonWebTokenError') {
+                    throw new Error('Invalid token');
+                }
+            }
+            throw error;
+        }
+    }
+    /**
+     * Decode token without verification (for debugging)
+     */
+    static decodeToken(token) {
+        try {
+            return jsonwebtoken_1.default.decode(token);
+        }
+        catch (error) {
+            return null;
+        }
+    }
+    /**
+     * Get token expiration time in seconds
+     */
+    static getExpiresIn() {
+        // Convert '24h' to seconds
+        const hours = parseInt(this.EXPIRES_IN.replace('h', ''));
+        return hours * 60 * 60;
+    }
+}
+exports.JwtService = JwtService;
+JwtService.EXPIRES_IN = '24h';
+exports.default = JwtService;
+//# sourceMappingURL=JwtService.js.map

package/backend/dist/services/auth/JwtService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"JwtService.js","sourceRoot":"","sources":["../../../src/services/auth/JwtService.ts"],"names":[],"mappings":";;;;;;AAAA,gEAA+B;AAC/B,2EAA8C;AAS9C,MAAa,UAAU;IAGrB;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,IAAU;QAC7B,MAAM,OAAO,GAAe;YAC1B,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC;QAEF,OAAO,sBAAG,CAAC,IAAI,CAAC,OAAO,EAAE,qBAAM,CAAC,UAAU,EAAE;YAC1C,SAAS,EAAE,IAAI,CAAC,UAAU;SAC3B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,WAAW,CAAC,KAAa;QAC9B,IAAI,CAAC;YACH,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,qBAAM,CAAC,UAAU,CAAe,CAAC;QAC5D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACvC,CAAC;qBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,WAAW,CAAC,KAAa;QAC9B,IAAI,CAAC;YACH,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAe,CAAC;QACzC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,YAAY;QACjB,2BAA2B;QAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;QACzD,OAAO,KAAK,GAAG,EAAE,GAAG,EAAE,CAAC;IACzB,CAAC;;AAtDH,gCAuDC;AAtDyB,qBAAU,GAAG,KAAK,CAAC;AAwD7C,kBAAe,UAAU,CAAC"}

package/backend/dist/services/auth/TokenRefreshService.d.ts

@@ -0,0 +1,36 @@
+export declare class TokenRefreshService {
+    private static instance;
+    private refreshIntervals;
+    private constructor();
+    static getInstance(): TokenRefreshService;
+    /**
+     * Start monitoring a token for refresh
+     */
+    start(tokenId: string): void;
+    /**
+     * Stop monitoring a token
+     */
+    stop(tokenId: string): void;
+    /**
+     * Stop all token monitoring
+     */
+    stopAll(): void;
+    /**
+     * Check if token needs refresh and refresh if needed
+     */
+    private checkAndRefresh;
+    /**
+     * Determine if token should be refreshed
+     */
+    private shouldRefresh;
+    /**
+     * Refresh token using provider-specific service
+     */
+    private refreshToken;
+    /**
+     * Update credential file with refreshed tokens
+     */
+    private updateCredentialFile;
+}
+export default TokenRefreshService;
+//# sourceMappingURL=TokenRefreshService.d.ts.map

package/backend/dist/services/auth/TokenRefreshService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenRefreshService.d.ts","sourceRoot":"","sources":["../../../src/services/auth/TokenRefreshService.ts"],"names":[],"mappings":"AAWA,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAsB;IAC7C,OAAO,CAAC,gBAAgB,CAAqC;IAE7D,OAAO;IAEP,MAAM,CAAC,WAAW,IAAI,mBAAmB;IAOzC;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAsB5B;;OAEG;IACH,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAS3B;;OAEG;IACH,OAAO,IAAI,IAAI;IAMf;;OAEG;YACW,eAAe;IA0C7B;;OAEG;IACH,OAAO,CAAC,aAAa;IAarB;;OAEG;YACW,YAAY;IAmB1B;;OAEG;YACW,oBAAoB;CAkDnC;AAED,eAAe,mBAAmB,CAAC"}