@friggframework/devtools 2.0.0-next.63 → 2.0.0-next.65

package/frigg-cli/auth-command/index.js

@@ -0,0 +1,256 @@
+const chalk = require('chalk');
+const { loadModule, validateModule, getAuthType } = require('./module-loader');
+const { runOAuthFlow } = require('./oauth-flow');
+const { runApiKeyFlow } = require('./api-key-flow');
+const { CredentialStorage } = require('./credential-storage');
+const { runAuthTests } = require('./auth-tester');
+
+async function test(moduleName, options) {
+    console.log(chalk.blue.bold(`\n🔐 Frigg Authenticator\n`));
+    console.log(chalk.gray(`Testing authentication for: ${moduleName}\n`));
+
+    try {
+        // 1. Load and validate module
+        const { definition, Api } = await loadModule(moduleName);
+        validateModule(definition);
+
+        // 2. Determine auth type
+        const authType = getAuthType(Api);
+        console.log(chalk.gray(`Auth type detected: ${authType}`));
+
+        let credentials;
+
+        // 3. Run appropriate auth flow
+        if (authType === 'apiKey' || authType === 'api_key') {
+            // API key flow handles missing --api-key by checking for getAuthorizationRequirements
+            // and rendering an interactive form if available
+            credentials = await runApiKeyFlow(definition, Api, options.apiKey, options);
+        } else {
+            // OAuth2 flow
+            credentials = await runOAuthFlow(definition, Api, {
+                port: parseInt(options.port, 10) || 3333,
+                timeout: parseInt(options.timeout, 10) || 300,
+                verbose: options.verbose,
+            });
+        }
+
+        // 4. Run verification tests
+        await runAuthTests(definition, Api, credentials, {
+            verbose: options.verbose,
+        });
+
+        // 5. Save credentials using actual module name from definition
+        const actualModuleName = definition.moduleName || definition.getName?.() || moduleName;
+        const storage = new CredentialStorage();
+        const savedPath = await storage.save(actualModuleName, credentials, authType);
+
+        console.log(chalk.green(`\n✓ Authentication successful for ${actualModuleName}!`));
+        console.log(chalk.gray(`  Credentials saved to: ${savedPath}`));
+        console.log(chalk.gray(`\n  Use 'frigg auth get ${actualModuleName} --json' to retrieve credentials.\n`));
+
+    } catch (error) {
+        console.log(chalk.red(`\n✗ Authentication failed: ${error.message}`));
+        if (options.verbose && error.stack) {
+            console.log(chalk.gray('\nStack trace:'));
+            console.log(chalk.gray(error.stack));
+        }
+        process.exit(1);
+    }
+}
+
+async function list(options) {
+    const storage = new CredentialStorage();
+    const credentials = await storage.list();
+
+    if (options.json) {
+        console.log(JSON.stringify(credentials, null, 2));
+        return;
+    }
+
+    console.log(chalk.blue.bold('\n🔐 Saved Credentials\n'));
+
+    if (credentials.length === 0) {
+        console.log(chalk.gray('  No credentials saved.\n'));
+        console.log(chalk.gray('  Run `frigg auth test <module>` to authenticate a module.\n'));
+        return;
+    }
+
+    // Display as table
+    const tableData = credentials.map(c => ({
+        Module: c.module,
+        'Auth Type': c.authType,
+        Entity: c.entity,
+        'Has Access Token': c.hasAccessToken ? '✓' : '✗',
+        'Has Refresh Token': c.hasRefreshToken ? '✓' : '-',
+        'Saved At': formatDate(c.savedAt),
+    }));
+
+    console.table(tableData);
+    console.log('');
+}
+
+async function get(moduleName, options) {
+    const storage = new CredentialStorage();
+    const credentials = await storage.get(moduleName);
+
+    if (!credentials) {
+        console.log(chalk.red(`\n✗ No credentials found for: ${moduleName}`));
+        console.log(chalk.gray(`\n  Run 'frigg auth test ${moduleName}' to authenticate.\n`));
+        process.exit(1);
+    }
+
+    if (options.json) {
+        console.log(JSON.stringify(credentials, null, 2));
+        return;
+    }
+
+    if (options.export) {
+        outputAsEnvVars(moduleName, credentials);
+        return;
+    }
+
+    // Display formatted
+    console.log(chalk.blue.bold(`\n🔐 Credentials for ${moduleName}\n`));
+
+    console.log(chalk.gray('Auth Type:'), credentials.authType);
+    console.log(chalk.gray('Obtained:'), formatDate(credentials.obtainedAt));
+    console.log(chalk.gray('Saved:'), formatDate(credentials.savedAt));
+
+    if (credentials.entity?.details?.name) {
+        console.log(chalk.gray('Entity:'), credentials.entity.details.name);
+    }
+    if (credentials.entity?.identifiers?.externalId) {
+        console.log(chalk.gray('External ID:'), credentials.entity.identifiers.externalId);
+    }
+
+    console.log(chalk.gray('\nTokens:'));
+    if (credentials.tokens?.access_token) {
+        console.log(chalk.gray('  access_token:'), maskToken(credentials.tokens.access_token));
+    }
+    if (credentials.tokens?.refresh_token) {
+        console.log(chalk.gray('  refresh_token:'), maskToken(credentials.tokens.refresh_token));
+    }
+    if (credentials.apiKey) {
+        console.log(chalk.gray('  api_key:'), maskToken(credentials.apiKey));
+    }
+
+    console.log(chalk.gray(`\n  Use --json for full output or --export for environment variables.\n`));
+}
+
+async function deleteCredentials(moduleName, options) {
+    const storage = new CredentialStorage();
+
+    if (options.all) {
+        if (!options.yes) {
+            const confirmed = await confirmAction('Delete ALL saved credentials?');
+            if (!confirmed) {
+                console.log(chalk.gray('Cancelled.'));
+                return;
+            }
+        }
+        await storage.deleteAll();
+        console.log(chalk.green('✓ All credentials deleted'));
+        return;
+    }
+
+    if (!moduleName) {
+        console.log(chalk.red('✗ Error: Please specify a module name or use --all'));
+        console.log(chalk.gray('\nUsage:'));
+        console.log(chalk.gray('  frigg auth delete <module>'));
+        console.log(chalk.gray('  frigg auth delete --all'));
+        process.exit(1);
+    }
+
+    const exists = await storage.get(moduleName);
+    if (!exists) {
+        console.log(chalk.yellow(`No credentials found for: ${moduleName}`));
+        return;
+    }
+
+    if (!options.yes) {
+        const confirmed = await confirmAction(`Delete credentials for ${moduleName}?`);
+        if (!confirmed) {
+            console.log(chalk.gray('Cancelled.'));
+            return;
+        }
+    }
+
+    const deleted = await storage.delete(moduleName);
+    if (deleted) {
+        console.log(chalk.green(`✓ Credentials deleted for ${moduleName}`));
+    } else {
+        console.log(chalk.yellow(`No credentials found for: ${moduleName}`));
+    }
+}
+
+// Helper functions
+
+function formatDate(dateStr) {
+    if (!dateStr) return 'Unknown';
+    try {
+        const date = new Date(dateStr);
+        return date.toLocaleString();
+    } catch {
+        return dateStr;
+    }
+}
+
+function maskToken(token) {
+    if (!token || token.length <= 8) {
+        return '***';
+    }
+    return token.slice(0, 4) + '...' + token.slice(-4);
+}
+
+function outputAsEnvVars(moduleName, credentials) {
+    const prefix = moduleName.toUpperCase().replace(/-/g, '_');
+
+    const vars = [];
+
+    if (credentials.tokens?.access_token) {
+        vars.push(`export ${prefix}_ACCESS_TOKEN="${credentials.tokens.access_token}"`);
+    }
+    if (credentials.tokens?.refresh_token) {
+        vars.push(`export ${prefix}_REFRESH_TOKEN="${credentials.tokens.refresh_token}"`);
+    }
+    if (credentials.apiKey) {
+        vars.push(`export ${prefix}_API_KEY="${credentials.apiKey}"`);
+    }
+    if (credentials.entity?.identifiers?.externalId) {
+        vars.push(`export ${prefix}_EXTERNAL_ID="${credentials.entity.identifiers.externalId}"`);
+    }
+    if (credentials.apiParams?.companyDomain) {
+        vars.push(`export ${prefix}_COMPANY_DOMAIN="${credentials.apiParams.companyDomain}"`);
+    }
+
+    if (vars.length === 0) {
+        console.log(chalk.yellow('# No credentials to export'));
+    } else {
+        console.log(vars.join('\n'));
+    }
+}
+
+async function confirmAction(message) {
+    // Simple confirmation using readline
+    const readline = require('readline');
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+
+    return new Promise((resolve) => {
+        rl.question(chalk.yellow(`${message} [y/N] `), (answer) => {
+            rl.close();
+            resolve(answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes');
+        });
+    });
+}
+
+module.exports = {
+    authCommand: {
+        test,
+        list,
+        get,
+        delete: deleteCredentials,
+    },
+};

package/frigg-cli/auth-command/json-schema-form.js

@@ -0,0 +1,67 @@
+const { input, password } = require('@inquirer/prompts');
+const chalk = require('chalk');
+
+/**
+ * Renders a JSON Schema form as interactive CLI prompts
+ *
+ * @param {Object} jsonSchema - JSON Schema object with properties, required fields, etc.
+ * @param {Object} uiSchema - UI Schema with rendering hints (ui:widget, ui:help, ui:placeholder)
+ * @returns {Promise<Object>} - Object containing all form field values
+ */
+async function renderJsonSchemaForm(jsonSchema, uiSchema = {}) {
+    const results = {};
+    const properties = jsonSchema.properties || {};
+    const required = jsonSchema.required || [];
+
+    // Display form title
+    if (jsonSchema.title) {
+        console.log(chalk.blue(`\n📝 ${jsonSchema.title}\n`));
+    }
+
+    for (const [key, prop] of Object.entries(properties)) {
+        const ui = uiSchema[key] || {};
+        const isRequired = required.includes(key);
+        const isPassword = ui['ui:widget'] === 'password';
+
+        // Build prompt message with title
+        const fieldTitle = prop.title || key;
+
+        // Show help text before the prompt if available
+        if (ui['ui:help']) {
+            console.log(chalk.gray(`  (${ui['ui:help']})`));
+        }
+
+        let value;
+        if (isPassword) {
+            value = await password({
+                message: fieldTitle,
+                mask: '*',
+                validate: (input) => {
+                    if (isRequired && !input) {
+                        return `${fieldTitle} is required`;
+                    }
+                    return true;
+                },
+            });
+        } else {
+            value = await input({
+                message: fieldTitle,
+                default: '',
+                validate: (input) => {
+                    if (isRequired && !input) {
+                        return `${fieldTitle} is required`;
+                    }
+                    return true;
+                },
+            });
+        }
+
+        if (value) {
+            results[key] = value;
+        }
+    }
+
+    return results;
+}
+
+module.exports = { renderJsonSchemaForm };

package/frigg-cli/auth-command/module-loader.js

@@ -0,0 +1,172 @@
+const path = require('path');
+const fs = require('fs');
+const chalk = require('chalk');
+
+async function loadModule(moduleIdentifier) {
+    let modulePath;
+    let searchedPaths = [];
+
+    // 1. Check if it's a relative/absolute path
+    if (moduleIdentifier.startsWith('.') || moduleIdentifier.startsWith('/')) {
+        modulePath = path.resolve(process.cwd(), moduleIdentifier);
+        if (!fs.existsSync(modulePath)) {
+            throw new Error(`Module path not found: ${modulePath}`);
+        }
+    }
+    // 2. Check if it's a scoped package name
+    else if (moduleIdentifier.startsWith('@')) {
+        modulePath = resolveFromNodeModules(moduleIdentifier, searchedPaths);
+        if (!modulePath) {
+            throw new Error(
+                `Could not find module: ${moduleIdentifier}\nSearched paths:\n${searchedPaths.map(p => `  - ${p}`).join('\n')}`
+            );
+        }
+    }
+    // 3. Assume it's a short name like "attio" -> "@friggframework/api-module-attio"
+    else {
+        const fullName = `@friggframework/api-module-${moduleIdentifier}`;
+        modulePath = resolveFromNodeModules(fullName, searchedPaths);
+
+        // If not found, try local src/api-modules path
+        if (!modulePath) {
+            const localPath = path.join(process.cwd(), 'src', 'api-modules', moduleIdentifier);
+            searchedPaths.push(localPath);
+            if (fs.existsSync(localPath)) {
+                modulePath = localPath;
+            }
+        }
+
+        // Also try backend/src/api-modules (common Frigg structure)
+        if (!modulePath) {
+            const backendLocalPath = path.join(process.cwd(), 'backend', 'src', 'api-modules', moduleIdentifier);
+            searchedPaths.push(backendLocalPath);
+            if (fs.existsSync(backendLocalPath)) {
+                modulePath = backendLocalPath;
+            }
+        }
+
+        if (!modulePath) {
+            throw new Error(
+                `Could not find module: ${moduleIdentifier}\nTried:\n` +
+                `  - ${fullName}\n` +
+                `Searched paths:\n${searchedPaths.map(p => `  - ${p}`).join('\n')}`
+            );
+        }
+    }
+
+    console.log(chalk.gray(`Loading module from: ${modulePath}`));
+
+    // Load the module
+    let moduleExports;
+    try {
+        moduleExports = require(modulePath);
+    } catch (err) {
+        throw new Error(`Failed to load module from ${modulePath}: ${err.message}`);
+    }
+
+    // Extract Definition and Api
+    const definition = moduleExports.Definition || moduleExports.definition;
+    const Api = definition?.API || moduleExports.Api || moduleExports.API;
+
+    if (!definition) {
+        throw new Error(
+            `Module ${moduleIdentifier} does not export a Definition.\n` +
+            `Expected exports: { Definition } or { definition }`
+        );
+    }
+
+    if (!Api) {
+        throw new Error(
+            `Module ${moduleIdentifier} does not export an API class.\n` +
+            `Expected Definition.API or exports.Api`
+        );
+    }
+
+    return { definition, Api, modulePath };
+}
+
+function resolveFromNodeModules(packageName, searchedPaths = []) {
+    const pathsToCheck = [
+        // Current working directory
+        path.join(process.cwd(), 'node_modules', packageName),
+        // Backend subdirectory (common Frigg structure)
+        path.join(process.cwd(), 'backend', 'node_modules', packageName),
+        // Parent directory (for monorepos)
+        path.join(process.cwd(), '..', 'node_modules', packageName),
+        // Global installation location (via npm root -g)
+        path.join(process.execPath, '..', '..', 'lib', 'node_modules', packageName),
+    ];
+
+    for (const checkPath of pathsToCheck) {
+        searchedPaths.push(checkPath);
+        if (fs.existsSync(checkPath)) {
+            return checkPath;
+        }
+    }
+
+    return null;
+}
+
+function validateModule(definition) {
+    const errors = [];
+
+    // Check required fields
+    const requiredFields = ['moduleName', 'API'];
+    for (const field of requiredFields) {
+        if (!definition[field]) {
+            errors.push(`Missing required field: ${field}`);
+        }
+    }
+
+    // Check requiredAuthMethods
+    if (!definition.requiredAuthMethods) {
+        errors.push('Missing requiredAuthMethods object');
+    } else {
+        const requiredMethods = ['getEntityDetails', 'testAuthRequest', 'apiPropertiesToPersist'];
+        for (const method of requiredMethods) {
+            if (!definition.requiredAuthMethods[method]) {
+                errors.push(`Missing required auth method: ${method}`);
+            }
+        }
+
+        // getToken is required for OAuth2, optional for API-Key
+        // getCredentialDetails is recommended but not strictly required
+    }
+
+    if (errors.length > 0) {
+        throw new Error(
+            `Module validation failed:\n${errors.map(e => `  - ${e}`).join('\n')}`
+        );
+    }
+
+    console.log(chalk.green(`✓ Module validation passed: ${definition.moduleName}`));
+}
+
+function getAuthType(Api) {
+    // Check the requesterType static property
+    if (Api.requesterType) {
+        return Api.requesterType;
+    }
+
+    // Check prototype chain for OAuth2Requester or ApiKeyRequester
+    const className = Api.name;
+    const protoChain = [];
+    let proto = Api;
+    while (proto && proto.name) {
+        protoChain.push(proto.name);
+        proto = Object.getPrototypeOf(proto);
+    }
+
+    if (protoChain.some(name => name.includes('OAuth2') || name.includes('Oauth2'))) {
+        return 'oauth2';
+    }
+
+    if (protoChain.some(name => name.includes('ApiKey') || name.includes('APIKey'))) {
+        return 'apiKey';
+    }
+
+    // Default to oauth2
+    return 'oauth2';
+}
+
+module.exports = { loadModule, validateModule, getAuthType };