@edgedive/cli 0.2.1 → 0.3.0

package/src/auth/oauth-flow.ts

@@ -1,278 +0,0 @@
-/**
- * OAuth 2.0 authorization flow with PKCE
- */
-
-import http from 'http';
-import url from 'url';
-import axios from 'axios';
-import open from 'open';
-import { generateCodeChallenge, generateCodeVerifier } from './pkce.js';
-import { API_CONFIG, OAUTH_CONFIG, TIMEOUTS } from '../constants.js';
-import { ConfigManager } from '../config/config-manager.js';
-
-export interface OAuthTokenResponse {
-  access_token: string;
-  token_type: string;
-  expires_in: number;
-  scope: string;
-  refresh_token: string;
-}
-
-export class OAuthFlow {
-  private configManager: ConfigManager;
-
-  constructor(configManager: ConfigManager) {
-    this.configManager = configManager;
-  }
-
-  /**
-   * Initiate OAuth flow and wait for user authorization
-   */
-  async authorize(): Promise<OAuthTokenResponse> {
-    // Generate PKCE parameters
-    const codeVerifier = generateCodeVerifier();
-    const codeChallenge = generateCodeChallenge(codeVerifier);
-    const state = generateCodeVerifier(); // Use random string for state
-
-    // Build authorization URL
-    const authUrl = new URL(API_CONFIG.AUTHORIZE_PATH, API_CONFIG.BASE_URL);
-    authUrl.searchParams.set('client_id', OAUTH_CONFIG.CLIENT_ID);
-    authUrl.searchParams.set('redirect_uri', OAUTH_CONFIG.REDIRECT_URI);
-    authUrl.searchParams.set('code_challenge', codeChallenge);
-    authUrl.searchParams.set('state', state);
-    authUrl.searchParams.set('scope', 'read write');
-
-    console.log('\n🔐 Starting OAuth authorization flow...\n');
-    console.log('Opening browser for authorization...');
-    console.log(`If the browser doesn't open, visit: ${authUrl.toString()}\n`);
-
-    // Start local callback server
-    const authCode = await this.startCallbackServer(state, authUrl.toString());
-
-    // Exchange authorization code for access token
-    console.log('\n✅ Authorization successful! Exchanging code for token...\n');
-    const tokenResponse = await this.exchangeCodeForToken(authCode, codeVerifier);
-
-    // Save token to config
-    const expiresAt = Date.now() + tokenResponse.expires_in * 1000;
-    await this.configManager.save({
-      accessToken: tokenResponse.access_token,
-      tokenType: tokenResponse.token_type,
-      expiresAt,
-      scope: tokenResponse.scope,
-      refreshToken: tokenResponse.refresh_token,
-    });
-
-    return tokenResponse;
-  }
-
-  /**
-   * Start local HTTP server to receive OAuth callback
-   */
-  private async startCallbackServer(expectedState: string, authUrl: string): Promise<string> {
-    return new Promise((resolve, reject) => {
-      let resolved = false;
-      const timeout = setTimeout(() => {
-        if (!resolved) {
-          server.close();
-          reject(new Error('OAuth flow timed out'));
-        }
-      }, TIMEOUTS.CALLBACK_SERVER_MS);
-
-      const server = http.createServer((req, res) => {
-        if (!req.url) {
-          return;
-        }
-
-        const parsedUrl = url.parse(req.url, true);
-
-        if (parsedUrl.pathname === '/callback') {
-          const { code, state, error } = parsedUrl.query;
-
-          // Handle error response
-          if (error) {
-            resolved = true;
-            clearTimeout(timeout);
-            res.writeHead(400, { 'Content-Type': 'text/html; charset=utf-8' });
-            res.end(`
-              <html>
-                <body>
-                  <h1>Authorization Failed</h1>
-                  <p>Error: ${error}</p>
-                  <p>You can close this window.</p>
-                </body>
-              </html>
-            `);
-            server.close();
-            reject(new Error(`OAuth error: ${error}`));
-            return;
-          }
-
-          // Validate state
-          if (state !== expectedState) {
-            resolved = true;
-            clearTimeout(timeout);
-            res.writeHead(400, { 'Content-Type': 'text/html; charset=utf-8' });
-            res.end(`
-              <html>
-                <body>
-                  <h1>Authorization Failed</h1>
-                  <p>Invalid state parameter. Possible CSRF attack.</p>
-                  <p>You can close this window.</p>
-                </body>
-              </html>
-            `);
-            server.close();
-            reject(new Error('Invalid state parameter'));
-            return;
-          }
-
-          // Success - got authorization code
-          if (code && typeof code === 'string') {
-            resolved = true;
-            clearTimeout(timeout);
-            res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
-            res.end(`
-              <html>
-                <head>
-                  <meta charset="utf-8" />
-                </head>
-                <body>
-                  <h1>✅ Authorization Successful!</h1>
-                  <p>You can close this window and return to the terminal.</p>
-                  <script>setTimeout(() => window.close(), 2000);</script>
-                </body>
-              </html>
-            `);
-            server.close();
-            resolve(code);
-            return;
-          }
-
-          // Missing code
-          resolved = true;
-          clearTimeout(timeout);
-          res.writeHead(400, { 'Content-Type': 'text/html; charset=utf-8' });
-          res.end(`
-            <html>
-              <body>
-                <h1>Authorization Failed</h1>
-                <p>Missing authorization code.</p>
-                <p>You can close this window.</p>
-              </body>
-            </html>
-          `);
-          server.close();
-          reject(new Error('Missing authorization code'));
-        }
-      });
-
-      server.listen(OAUTH_CONFIG.CALLBACK_PORT, () => {
-        // Open browser for authorization using the provided PKCE parameters
-        void open(authUrl, { wait: false })
-          .then((child) => {
-            if (child && typeof child.unref === 'function') {
-              child.unref();
-            }
-          })
-          .catch(() => {
-            // Silently fail if browser can't be opened
-          });
-      });
-
-      server.on('error', (err) => {
-        if (!resolved) {
-          resolved = true;
-          clearTimeout(timeout);
-          reject(err);
-        }
-      });
-    });
-  }
-
-  /**
-   * Exchange authorization code for access token
-   */
-  private async exchangeCodeForToken(
-    code: string,
-    codeVerifier: string
-  ): Promise<OAuthTokenResponse> {
-    try {
-      const tokenUrl = new URL(API_CONFIG.TOKEN_PATH, API_CONFIG.BASE_URL);
-
-      const response = await axios.post<OAuthTokenResponse>(
-        tokenUrl.toString(),
-        new URLSearchParams({
-          grant_type: 'authorization_code',
-          code,
-          code_verifier: codeVerifier,
-        }),
-        {
-          headers: {
-            'Content-Type': 'application/x-www-form-urlencoded',
-          },
-          timeout: TIMEOUTS.DEFAULT_REQUEST_MS,
-        }
-      );
-
-      return response.data;
-    } catch (error: any) {
-      if (error.response) {
-        throw new Error(
-          `Failed to exchange code for token: ${error.response.data?.error || error.message}`
-        );
-      }
-      throw new Error(`Failed to exchange code for token: ${error.message}`);
-    }
-  }
-
-  /**
-   * Refresh access token using refresh token
-   */
-  async refreshAccessToken(): Promise<OAuthTokenResponse | null> {
-    try {
-      const refreshToken = await this.configManager.getRefreshToken();
-      if (!refreshToken) {
-        return null;
-      }
-
-      const tokenUrl = new URL(API_CONFIG.TOKEN_PATH, API_CONFIG.BASE_URL);
-
-      const response = await axios.post<OAuthTokenResponse>(
-        tokenUrl.toString(),
-        new URLSearchParams({
-          grant_type: 'refresh_token',
-          refresh_token: refreshToken,
-        }),
-        {
-          headers: {
-            'Content-Type': 'application/x-www-form-urlencoded',
-          },
-          timeout: TIMEOUTS.DEFAULT_REQUEST_MS,
-        }
-      );
-
-      // Save new tokens to config
-      const expiresAt = Date.now() + response.data.expires_in * 1000;
-      await this.configManager.save({
-        accessToken: response.data.access_token,
-        tokenType: response.data.token_type,
-        expiresAt,
-        scope: response.data.scope,
-        refreshToken: response.data.refresh_token,
-      });
-
-      return response.data;
-    } catch (error: any) {
-      // If refresh fails, clear the config so user needs to login again
-      await this.configManager.delete();
-
-      if (error.response) {
-        throw new Error(
-          `Failed to refresh token: ${error.response.data?.error || error.message}`
-        );
-      }
-      throw new Error(`Failed to refresh token: ${error.message}`);
-    }
-  }
-}

package/src/auth/pkce.ts

@@ -1,27 +0,0 @@
-/**
- * PKCE (Proof Key for Code Exchange) utilities for OAuth 2.0
- */
-
-import crypto from 'crypto';
-
-/**
- * Generate a cryptographically random code verifier
- */
-export function generateCodeVerifier(): string {
-  return base64URLEncode(crypto.randomBytes(32));
-}
-
-/**
- * Generate a code challenge from a code verifier using SHA256
- */
-export function generateCodeChallenge(verifier: string): string {
-  const hash = crypto.createHash('sha256').update(verifier).digest();
-  return base64URLEncode(hash);
-}
-
-/**
- * Base64 URL encode (without padding)
- */
-function base64URLEncode(buffer: Buffer): string {
-  return buffer.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
-}

package/src/commands/local.ts

@@ -1,286 +0,0 @@
-/**
- * Local command - download agent session for local development
- */
-
-import chalk from 'chalk';
-import { ConfigManager } from '../config/config-manager.js';
-import { EdgediveApiClient, type TakeoverResponse } from '../api/client.js';
-import { SessionDownloader } from '../utils/session-downloader.js';
-import { GitUtils } from '../utils/git-utils.js';
-import { launchClaudeSession } from '../utils/claude-launcher.js';
-
-interface LocalOptions {
-  prUrl?: string;
-  issueUrl?: string;
-  threadUrl?: string;
-  taskUrl?: string;
-  sessionUrl?: string;
-  worktree?: boolean;
-}
-
-export async function localCommand({
-  prUrl,
-  issueUrl,
-  threadUrl,
-  taskUrl,
-  sessionUrl,
-  worktree,
-}: LocalOptions): Promise<void> {
-  const configManager = new ConfigManager();
-  const apiClient = new EdgediveApiClient(configManager);
-  const downloader = new SessionDownloader();
-
-  try {
-    console.log(chalk.bold('\n🔧 Edgedive Local Session Setup\n'));
-
-    // Check for Windows platform
-    if (process.platform === 'win32') {
-      console.log(chalk.red('❌ Windows is not currently supported for the local command.\n'));
-      console.log(chalk.yellow('Please use macOS or Linux to work on sessions locally.\n'));
-      process.exit(1);
-    }
-
-    // Check if authenticated
-    if (!(await configManager.isAuthenticated())) {
-      console.log(chalk.red('❌ You are not logged in.\n'));
-      console.log(chalk.yellow('Please run: edgedive login\n'));
-      process.exit(1);
-    }
-
-    if (!prUrl && !issueUrl && !threadUrl && !taskUrl && !sessionUrl) {
-      console.log(chalk.red('❌ Missing session identifier.\n'));
-      console.log(
-        chalk.yellow(
-          'Provide one of:\n' +
-            '  --pr-url https://github.com/owner/repo/pull/123\n' +
-            '  --issue-url https://linear.app/...\n' +
-            '  --thread-url https://workspace.slack.com/archives/C12345/p1234567890123456\n' +
-            '  --task-url https://app.asana.com/0/PROJECT_ID/TASK_ID\n' +
-            '  --session-url https://app.edgedive.com/agent-sessions?session={session_id}\n'
-        )
-      );
-      process.exit(1);
-    }
-
-    let sessionData;
-
-    if (prUrl) {
-      // Validate PR URL format
-      const prUrlPattern = /^https?:\/\/github\.com\/([^\/]+)\/([^\/]+)\/pull\/(\d+)/;
-      if (!prUrlPattern.test(prUrl)) {
-        console.log(chalk.red('❌ Invalid PR URL format.\n'));
-        console.log(chalk.yellow('Expected format: https://github.com/owner/repo/pull/123\n'));
-        process.exit(1);
-      }
-
-      console.log(chalk.dim(`PR URL: ${prUrl}\n`));
-      console.log('🔍 Fetching session information...\n');
-      sessionData = await apiClient.getTakeoverByPrUrl(prUrl);
-    } else if (issueUrl) {
-      console.log(chalk.dim(`Linear Issue URL: ${issueUrl}\n`));
-      console.log('🔍 Fetching session information...\n');
-      sessionData = await apiClient.getTakeoverByLinearIssueUrl(issueUrl);
-    } else if (taskUrl) {
-      // Validate it's an Asana URL — let the server handle detailed format parsing
-      const asanaTaskPattern = /^https?:\/\/app\.asana\.com\//;
-      if (!asanaTaskPattern.test(taskUrl)) {
-        console.log(
-          chalk.red(
-            '❌ Invalid Asana task URL. Expected a URL starting with https://app.asana.com/\n'
-          )
-        );
-        process.exit(1);
-      }
-
-      console.log(chalk.dim(`Asana Task URL: ${taskUrl}\n`));
-      console.log('🔍 Fetching session information...\n');
-      sessionData = await apiClient.getTakeoverByAsanaTaskUrl(taskUrl);
-    } else if (sessionUrl) {
-      // Validate session URL format
-      const sessionUrlPattern = /^https?:\/\/[^\/]+\/agent-sessions\?session=([a-f0-9-]+)/i;
-      if (!sessionUrlPattern.test(sessionUrl)) {
-        console.log(chalk.red('❌ Invalid session URL format.\n'));
-        console.log(
-          chalk.yellow(
-            'Expected format: https://app.edgedive.com/agent-sessions?session={session_id}\n'
-          )
-        );
-        process.exit(1);
-      }
-
-      console.log(chalk.dim(`Session URL: ${sessionUrl}\n`));
-      console.log('🔍 Fetching session information...\n');
-      sessionData = await apiClient.getTakeoverBySessionUrl(sessionUrl);
-    } else {
-      // Validate Slack thread URL format
-      const slackThreadPattern = /^https?:\/\/[^\/]+\.slack\.com\/archives\/([A-Z0-9]+)\/p(\d{16})/;
-      if (!slackThreadPattern.test(threadUrl!)) {
-        console.log(chalk.red('❌ Invalid Slack thread URL format.\n'));
-        console.log(
-          chalk.yellow(
-            'Expected format: https://workspace.slack.com/archives/C12345/p1234567890123456\n'
-          )
-        );
-        process.exit(1);
-      }
-
-      console.log(chalk.dim(`Slack Thread URL: ${threadUrl}\n`));
-      console.log('🔍 Fetching session information...\n');
-      sessionData = await apiClient.getTakeoverBySlackThreadUrl(threadUrl!);
-    }
-
-    console.log(chalk.green('✅ Found agent session!\n'));
-    if (sessionData.github_pr?.url) {
-      console.log(chalk.dim(`PR URL: ${sessionData.github_pr.url}`));
-    }
-    console.log(chalk.bold('Session Information:'));
-    console.log(chalk.dim(`  Session ID: ${sessionData.session_id}`));
-    console.log(chalk.dim(`  Agent Type: ${sessionData.agent_type}`));
-    console.log(chalk.dim(`  Status: ${sessionData.status}`));
-    console.log(
-      chalk.dim(`  Repository: ${sessionData.repository.owner}/${sessionData.repository.name}`)
-    );
-    console.log(chalk.dim(`  Branch: ${sessionData.repository.branch}`));
-
-    if (sessionData.linear_issue) {
-      console.log(chalk.dim(`  Linear Issue: ${sessionData.linear_issue.identifier}`));
-      console.log(chalk.dim(`  Linear URL: ${sessionData.linear_issue.url}`));
-    }
-
-    if (sessionData.asana_task) {
-      console.log(chalk.dim(`  Asana Task: ${sessionData.asana_task.url}`));
-    }
-
-    // Verify current repository matches PR source
-    const cwd = process.cwd();
-    let repoInfo;
-
-    try {
-      repoInfo = await GitUtils.verifyRepoMatches(
-        sessionData.repository.owner,
-        sessionData.repository.name,
-        cwd
-      );
-    } catch (error: any) {
-      console.error(chalk.red(`\n❌ ${error.message}\n`));
-      console.log(
-        chalk.yellow('Run this command from within the target repository checked out locally.')
-      );
-      process.exit(1);
-    }
-
-    console.log(chalk.green(`✅ Using repository at ${repoInfo.rootPath}`));
-
-    // Ensure PR branch is checked out locally or in a worktree
-    let workingPath = repoInfo.rootPath;
-    try {
-      if (worktree) {
-        workingPath = await GitUtils.ensureBranchInWorktree(
-          sessionData.repository.branch,
-          repoInfo.rootPath
-        );
-        console.log(
-          chalk.green(
-            `✅ Created worktree for branch ${sessionData.repository.branch} at ${workingPath}`
-          )
-        );
-      } else {
-        await GitUtils.ensureBranchCheckedOut(sessionData.repository.branch, repoInfo.rootPath);
-        console.log(chalk.green(`✅ Checked out branch ${sessionData.repository.branch}`));
-      }
-    } catch (error: any) {
-      console.error(
-        chalk.red(
-          `\n❌ Failed to ${worktree ? 'create worktree for' : 'checkout'} branch ${sessionData.repository.branch}: ${error.message}\n`
-        )
-      );
-      console.log(chalk.yellow('Resolve the git issue above and rerun the local command.'));
-      process.exit(1);
-    }
-
-    // Download session files into Claude projects directory
-    // Use workingPath so the session goes to the correct directory (worktree path if --worktree is used)
-    const { claudeSessionId, claudeSessionPath } = await downloader.downloadSession(
-      sessionData,
-      workingPath
-    );
-
-    console.log(chalk.blue(`\n🚀 Launching Claude session ${claudeSessionId}...\n`));
-
-    try {
-      const sessionEndInfo = await launchClaudeSession(claudeSessionId, workingPath);
-      console.log(chalk.green('\n✅ Claude session closed. Happy debugging!\n'));
-
-      // Upload Claude session file back to server
-      // Use the session info from the SessionEnd hook if available, otherwise fall back to original path
-      await uploadClaudeSessionFile(
-        apiClient,
-        sessionData,
-        sessionEndInfo || { claudeSessionPath }
-      );
-    } catch (error: any) {
-      console.error(chalk.red(`\n❌ Failed to start Claude automatically: ${error.message}\n`));
-      console.log(
-        chalk.yellow(
-          `You can resume manually with: claude -r ${claudeSessionId} (from ${workingPath})`
-        )
-      );
-      process.exit(1);
-    }
-  } catch (error: any) {
-    console.error(chalk.red(`\n❌ Local command failed: ${error.message}\n`));
-
-    if (error.message.includes('401') || error.message.includes('Unauthorized')) {
-      console.log(chalk.yellow('Your session may have expired. Please run: edgedive login\n'));
-    }
-
-    process.exit(1);
-  }
-}
-
-/**
- * Upload Claude session file back to Edgedive after local development
- */
-async function uploadClaudeSessionFile(
-  apiClient: EdgediveApiClient,
-  sessionData: TakeoverResponse,
-  sessionInfo: { transcript_path?: string; claudeSessionPath?: string }
-): Promise<void> {
-  try {
-    const fs = (await import('fs/promises')).default;
-
-    // Use transcript_path from SessionEnd hook if available, otherwise fall back to original path
-    const sessionFilePath = sessionInfo.transcript_path || sessionInfo.claudeSessionPath;
-
-    if (!sessionFilePath) {
-      console.log(chalk.yellow('⚠️  No Claude session file path available, skipping upload'));
-      return;
-    }
-
-    // Check if file exists
-    try {
-      await fs.access(sessionFilePath);
-    } catch {
-      console.log(
-        chalk.yellow(`⚠️  Claude session file not found at ${sessionFilePath}, skipping upload`)
-      );
-      return;
-    }
-
-    console.log(chalk.blue('📤 Uploading Claude session...'));
-
-    // Read file content
-    const fileContent = await fs.readFile(sessionFilePath);
-
-    // Upload to server
-    await apiClient.uploadClaudeSession(sessionData.session_id, fileContent);
-
-    console.log(chalk.green('✅ Claude session uploaded successfully\n'));
-  } catch (error: any) {
-    // Don't fail the whole command if upload fails
-    console.error(chalk.yellow(`⚠️  Failed to upload Claude session: ${error.message}`));
-    console.error(
-      chalk.yellow('   Your local changes are safe, but were not synced to the server.\n')
-    );
-  }
-}

package/src/commands/login.ts

@@ -1,48 +0,0 @@
-/**
- * Login command - initiates OAuth flow
- */
-
-import chalk from 'chalk';
-import { ConfigManager } from '../config/config-manager.js';
-import { OAuthFlow } from '../auth/oauth-flow.js';
-
-export async function loginCommand(): Promise<void> {
-  const configManager = new ConfigManager();
-  const oauthFlow = new OAuthFlow(configManager);
-
-  try {
-    console.log(chalk.bold('\n🚀 Edgedive CLI Login\n'));
-
-    // Check if already authenticated
-    if (await configManager.isAuthenticated()) {
-      console.log(chalk.yellow('✓ You are already logged in!'));
-      console.log(chalk.dim(`Config: ${configManager.getConfigPath()}\n`));
-
-      const { default: inquirer } = await import('inquirer');
-      const { reauth } = await inquirer.prompt([
-        {
-          type: 'confirm',
-          name: 'reauth',
-          message: 'Do you want to re-authenticate?',
-          default: false,
-        },
-      ]);
-
-      if (!reauth) {
-        process.exit(0);
-      }
-    }
-
-    // Start OAuth flow
-    const tokenResponse = await oauthFlow.authorize();
-
-    console.log(chalk.green.bold('✅ Successfully logged in!\n'));
-    console.log(chalk.dim(`Token type: ${tokenResponse.token_type}`));
-    console.log(chalk.dim(`Expires in: ${Math.floor(tokenResponse.expires_in / 86400)} days`));
-    console.log(chalk.dim(`Config saved to: ${configManager.getConfigPath()}\n`));
-    process.exit(0);
-  } catch (error: any) {
-    console.error(chalk.red(`\n❌ Login failed: ${error.message}\n`));
-    process.exit(1);
-  }
-}

package/src/commands/logout.ts

@@ -1,29 +0,0 @@
-/**
- * Logout command - removes stored credentials
- */
-
-import chalk from 'chalk';
-import { ConfigManager } from '../config/config-manager.js';
-
-export async function logoutCommand(): Promise<void> {
-  const configManager = new ConfigManager();
-
-  try {
-    console.log(chalk.bold('\n👋 Edgedive CLI Logout\n'));
-
-    // Check if authenticated
-    if (!(await configManager.isAuthenticated())) {
-      console.log(chalk.yellow('You are not logged in.\n'));
-      return;
-    }
-
-    // Delete config
-    await configManager.delete();
-
-    console.log(chalk.green('✅ Successfully logged out!\n'));
-    console.log(chalk.dim(`Removed config from: ${configManager.getConfigPath()}\n`));
-  } catch (error: any) {
-    console.error(chalk.red(`\n❌ Logout failed: ${error.message}\n`));
-    process.exit(1);
-  }
-}