@devicecloud.dev/dcd 4.4.9 → 5.0.0-beta.0

package/dist/commands/login.js

@@ -0,0 +1,250 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loginCommand = void 0;
+/**
+ * `dcd login` — delegates auth to the web frontend and persists the resulting
+ * Supabase session locally.
+ *
+ * Flow (PKCE S256, no loopback):
+ *  1. CLI mints:
+ *       - `state`:        32 random bytes, hex
+ *       - `code_verifier`:32 random bytes, base64url
+ *       - `code_challenge` = base64url(sha256(code_verifier))
+ *  2. CLI opens <frontend>/cli-login?state=...&code_challenge=... in the browser.
+ *  3. User signs in (OTP or SSO) and explicitly authorizes the handoff on
+ *     the frontend.
+ *  4. Frontend POSTs {state, code_challenge, session...} to the dcd api at
+ *     POST /cli-login/handoff. The api stores a short-TTL row keyed by state.
+ *  5. Meanwhile, the CLI polls POST /cli-login/claim with {state, code_verifier}.
+ *     Once the api has the row, it verifies sha256(verifier) === challenge,
+ *     deletes the row, and returns the session.
+ *  6. CLI fetches /me/orgs with the fresh Bearer token and prompts the user to
+ *     pick an org. Org selection lives here, not in the web UI — that way the
+ *     CLI login and `dcd switch-org` share one picker.
+ *
+ * Why PKCE + server rendezvous (instead of a localhost loopback): Safari
+ * blocks HTTPS → HTTP fetches to 127.0.0.1 as mixed content, and a loopback
+ * flow can't work at all over SSH / "open this URL on your phone". The
+ * rendezvous endpoint makes both cases trivial. A leaked URL is inert: it
+ * carries the challenge, not the verifier.
+ */
+const p = require("@clack/prompts");
+const citty_1 = require("citty");
+const node_child_process_1 = require("node:child_process");
+const node_crypto_1 = require("node:crypto");
+const environments_1 = require("../config/environments");
+const cli_1 = require("../utils/cli");
+const config_store_1 = require("../utils/config-store");
+const orgs_1 = require("../utils/orgs");
+const styling_1 = require("../utils/styling");
+const LOGIN_TIMEOUT_MS = 10 * 60 * 1000;
+// 1s feels snappy after the user clicks "Authorize" in the browser. The api
+// rate-limits /cli-login/claim at 60/min which is exactly this cadence.
+const POLL_INTERVAL_MS = 1000;
+exports.loginCommand = (0, citty_1.defineCommand)({
+    meta: {
+        name: 'login',
+        description: 'Authenticate with devicecloud.dev via your browser',
+    },
+    args: {
+        'api-url': {
+            type: 'string',
+            default: 'https://api.devicecloud.dev',
+            description: 'API base URL',
+        },
+        'frontend-url': {
+            type: 'string',
+            description: 'Override the frontend URL used to complete login (defaults per env)',
+        },
+        // citty treats `--no-<flag>` as negating `<flag>`, so the flag has to be
+        // named `browser` (defaulting true) for `--no-browser` to set it false.
+        browser: {
+            type: 'boolean',
+            default: true,
+            description: 'Open the login URL in a browser (pass --no-browser to just print it)',
+        },
+    },
+    async run({ args }) {
+        const apiUrl = args['api-url'].replace(/\/$/, '');
+        const frontendOverride = args['frontend-url'];
+        const noBrowser = args.browser === false;
+        // If there's an existing stored session, make the user confirm before we
+        // overwrite it. Silent clobber is fine for power users but surprising if
+        // someone runs `dcd login` by mistake while already authenticated.
+        const existing = (0, config_store_1.readConfig)();
+        if (existing?.session) {
+            const currentOrg = existing.current_org_name ?? existing.current_org_id;
+            const ok = await p.confirm({
+                message: `Already logged in as ${existing.session.user_email}` +
+                    (currentOrg ? ` (org ${currentOrg})` : '') +
+                    `. Sign out and log in again?`,
+                initialValue: false,
+            });
+            if (p.isCancel(ok) || !ok) {
+                cli_1.logger.log(`${styling_1.symbols.info} Keeping existing session.`);
+                return;
+            }
+        }
+        const env = (0, environments_1.inferEnvFromApiUrl)(apiUrl);
+        const SUPABASE_URL = environments_1.ENVIRONMENTS[env].supabase.url;
+        const frontendUrl = (frontendOverride ?? (0, environments_1.resolveFrontendUrl)(apiUrl)).replace(/\/$/, '');
+        const state = (0, node_crypto_1.randomBytes)(32).toString('hex');
+        const codeVerifier = base64url((0, node_crypto_1.randomBytes)(32));
+        const codeChallenge = base64url((0, node_crypto_1.createHash)('sha256').update(codeVerifier, 'ascii').digest());
+        const loginUrl = `${frontendUrl}/cli-login?state=${state}&code_challenge=${codeChallenge}`;
+        cli_1.logger.log((0, styling_1.sectionHeader)('Signing in to devicecloud.dev'));
+        if (noBrowser) {
+            cli_1.logger.log(`   ${styling_1.colors.dim('Open this URL in a browser to finish login:')}`);
+            cli_1.logger.log(`   ${styling_1.colors.highlight(loginUrl)}`);
+        }
+        else {
+            cli_1.logger.log(`   ${styling_1.colors.dim('Opening your browser...')}`);
+            const opened = openBrowser(loginUrl);
+            if (!opened) {
+                cli_1.logger.log(`   ${styling_1.colors.dim('Could not launch a browser. Open this URL manually:')}`);
+                cli_1.logger.log(`   ${styling_1.colors.highlight(loginUrl)}`);
+            }
+        }
+        cli_1.logger.log(`   ${styling_1.colors.dim('Waiting for login to complete...')}\n`);
+        try {
+            const payload = await pollForClaim(apiUrl, state, codeVerifier);
+            if (!payload.access_token || typeof payload.access_token !== 'string') {
+                throw new cli_1.CliError('Claim response did not include an access_token.');
+            }
+            // Fetch orgs with the just-minted Bearer token. We don't write the
+            // config until the user has picked an org — half-completed state isn't
+            // useful and the handoff row is already single-use consumed.
+            const bearerHeaders = {
+                authorization: `Bearer ${payload.access_token}`,
+            };
+            let orgs;
+            try {
+                orgs = await (0, orgs_1.fetchOrgs)(apiUrl, bearerHeaders);
+            }
+            catch (err) {
+                // The api rejected the JWT. Before blaming the api, hit Supabase's
+                // own /auth/v1/user directly with the same token — if Supabase also
+                // rejects it, the token itself is bad; if Supabase accepts, the
+                // api's JwtService is misconfigured.
+                const iss = decodeJwtIssuer(payload.access_token);
+                const supabaseUser = await probeSupabaseUser(iss, environments_1.ENVIRONMENTS[env].supabase.anonKey, payload.access_token);
+                const parts = [
+                    iss ? `token iss: ${iss}` : null,
+                    `supabase /auth/v1/user: ${supabaseUser}`,
+                ].filter(Boolean);
+                throw new cli_1.CliError(`${err.message} [${parts.join(' | ')}]`);
+            }
+            const chosen = await (0, orgs_1.pickOrg)(orgs);
+            (0, config_store_1.writeConfig)({
+                version: 1,
+                env,
+                api_url: apiUrl,
+                supabase_url: SUPABASE_URL,
+                session: {
+                    access_token: payload.access_token,
+                    refresh_token: payload.refresh_token,
+                    expires_at: payload.expires_at,
+                    user_email: payload.user_email,
+                    user_id: payload.user_id,
+                },
+                current_org_id: chosen.id,
+                current_org_name: chosen.name,
+            });
+            cli_1.logger.log(`${styling_1.symbols.success} ${styling_1.colors.bold('Logged in')} as ${styling_1.colors.highlight(payload.user_email)}`);
+            cli_1.logger.log(`   ${styling_1.colors.dim('Organization:')} ${styling_1.colors.highlight(chosen.name)}`);
+            if (orgs.length > 1) {
+                cli_1.logger.log(`   ${styling_1.colors.dim('Switch orgs later with')} ${styling_1.colors.highlight('dcd switch-org')}`);
+            }
+        }
+        catch (error) {
+            cli_1.logger.error(error, { exit: 1 });
+        }
+    },
+});
+function openBrowser(url) {
+    const cmd = process.platform === 'darwin'
+        ? { bin: 'open', args: [url] }
+        : process.platform === 'win32'
+            ? { bin: 'cmd', args: ['/c', 'start', '""', url] }
+            : { bin: 'xdg-open', args: [url] };
+    try {
+        const child = (0, node_child_process_1.spawn)(cmd.bin, cmd.args, { detached: true, stdio: 'ignore' });
+        child.unref();
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+async function pollForClaim(apiUrl, state, codeVerifier) {
+    const claimUrl = `${apiUrl}/cli-login/claim`;
+    const deadline = Date.now() + LOGIN_TIMEOUT_MS;
+    while (Date.now() < deadline) {
+        let res;
+        try {
+            res = await fetch(claimUrl, {
+                method: 'POST',
+                headers: { 'content-type': 'application/json' },
+                body: JSON.stringify({ state, code_verifier: codeVerifier }),
+            });
+        }
+        catch {
+            // Network blip — don't kill the login, just back off and try again.
+            await sleep(POLL_INTERVAL_MS);
+            continue;
+        }
+        if (res.ok) {
+            return (await res.json());
+        }
+        if (res.status === 404) {
+            // Not yet handed off (or already claimed elsewhere, or expired).
+            await sleep(POLL_INTERVAL_MS);
+            continue;
+        }
+        if (res.status === 429) {
+            // Polled too fast — back off more aggressively before retrying.
+            await sleep(POLL_INTERVAL_MS * 3);
+            continue;
+        }
+        const body = await res.text().catch(() => '');
+        throw new cli_1.CliError(`Login failed: ${res.status} ${res.statusText}${body ? ` — ${body}` : ''}`);
+    }
+    throw new cli_1.CliError('Login timed out. Please run `dcd login` again.');
+}
+function base64url(buf) {
+    return buf.toString('base64').replaceAll('+', '-').replaceAll('/', '_').replace(/=+$/, '');
+}
+async function probeSupabaseUser(iss, anonKey, token) {
+    if (!iss)
+        return 'skipped (no iss)';
+    try {
+        const res = await fetch(`${iss}/user`, {
+            headers: {
+                authorization: `Bearer ${token}`,
+                apikey: anonKey,
+            },
+        });
+        const bodyText = await res.text().catch(() => '');
+        return `HTTP ${res.status}${bodyText ? ` — ${bodyText.slice(0, 200)}` : ''}`;
+    }
+    catch (err) {
+        return `network error: ${err.message}`;
+    }
+}
+function decodeJwtIssuer(token) {
+    try {
+        const [, payloadB64] = token.split('.');
+        if (!payloadB64)
+            return null;
+        const json = Buffer.from(payloadB64.replaceAll('-', '+').replaceAll('_', '/'), 'base64').toString('utf8');
+        const parsed = JSON.parse(json);
+        return parsed.iss ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+exports.default = exports.loginCommand;

package/dist/commands/logout.d.ts

@@ -0,0 +1,2 @@
+export declare const logoutCommand: import("citty").CommandDef<import("citty").ArgsDef>;
+export default logoutCommand;

package/dist/commands/logout.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logoutCommand = void 0;
+/**
+ * `dcd logout` — clears the stored Supabase session and best-effort revokes
+ * it on Supabase. Leaves DEVICE_CLOUD_API_KEY (env/flag) untouched.
+ */
+const citty_1 = require("citty");
+const environments_1 = require("../config/environments");
+const cli_auth_gateway_1 = require("../gateways/cli-auth-gateway");
+const cli_1 = require("../utils/cli");
+const config_store_1 = require("../utils/config-store");
+const styling_1 = require("../utils/styling");
+exports.logoutCommand = (0, citty_1.defineCommand)({
+    meta: {
+        name: 'logout',
+        description: 'Clear the stored devicecloud.dev session',
+    },
+    async run() {
+        const config = (0, config_store_1.readConfig)();
+        if (!config?.session) {
+            cli_1.logger.log(`${styling_1.symbols.info} No active session found (${styling_1.colors.dim((0, config_store_1.getConfigPath)())}).`);
+            (0, config_store_1.clearConfig)();
+            return;
+        }
+        const { anonKey } = environments_1.ENVIRONMENTS[config.env].supabase;
+        await cli_auth_gateway_1.CliAuthGateway.signOut(config.supabase_url, anonKey, config.session);
+        (0, config_store_1.clearConfig)();
+        cli_1.logger.log(`${styling_1.symbols.success} Logged out ${styling_1.colors.dim(`(${config.session.user_email})`)}.`);
+    },
+});
+exports.default = exports.logoutCommand;

package/dist/commands/status.d.ts

@@ -1,44 +1,25 @@
-import { Command } from '@oclif/core';
-import { ConnectivityCheckResult } from '../utils/connectivity';
-type StatusResponse = {
-    appBinaryId?: string;
-    attempts?: number;
-    connectivityCheck?: {
-        connected: boolean;
-        endpointResults: ConnectivityCheckResult['endpointResults'];
-        message: string;
+export declare const statusCommand: import("citty").CommandDef<{
+    json: {
+        type: "boolean";
+        description: string;
     };
-    consoleUrl?: string;
-    createdAt?: string;
-    error?: string;
-    name?: string;
-    status: 'CANCELLED' | 'FAILED' | 'PASSED' | 'PENDING' | 'QUEUED' | 'RUNNING';
-    tests: {
-        createdAt?: string;
-        durationSeconds?: number;
-        failReason?: string;
-        name: string;
-        status: 'CANCELLED' | 'FAILED' | 'PASSED' | 'PENDING' | 'QUEUED' | 'RUNNING';
-    }[];
-    uploadId?: string;
-};
-export default class Status extends Command {
-    static description: string;
-    static enableJsonFlag: boolean;
-    static examples: string[];
-    static flags: {
-        apiKey: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
-        apiUrl: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
-        json: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
-        name: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
-        'upload-id': import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
+    name: {
+        type: "string";
+        description: string;
     };
-    run(): Promise<StatusResponse | void>;
-    /**
-     * Format an ISO date string to a human-readable local date/time
-     * @param isoString - ISO 8601 date string
-     * @returns Formatted local date/time string
-     */
-    private formatDateTime;
-}
-export {};
+    'upload-id': {
+        type: "string";
+        description: string;
+    };
+    'api-key': {
+        readonly type: "string";
+        readonly alias: ["apiKey"];
+        readonly description: "API key for devicecloud.dev (find this in the console UI). You can also set the DEVICE_CLOUD_API_KEY environment variable.";
+    };
+    'api-url': {
+        readonly type: "string";
+        readonly alias: ["apiURL", "apiUrl"];
+        readonly description: "API base URL (defaults to the URL stored by `dcd login`, else prod)";
+    };
+}>;
+export default statusCommand;