npm - @geolonia/geonicdb-cli - Versions diffs - 0.3.0 → 0.4.0 - Mend

@geolonia/geonicdb-cli 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -584,6 +584,36 @@ function registerConfigCommand(program2) {
 // src/commands/auth.ts
 import { Command } from "commander";
+// src/oauth.ts
+async function clientCredentialsGrant(options) {
+  const url = new URL("/oauth/token", options.baseUrl).toString();
+  const credentials = Buffer.from(`${options.clientId}:${options.clientSecret}`).toString("base64");
+  const body = { grant_type: "client_credentials" };
+  if (options.scope) {
+    body.scope = options.scope;
+  }
+  const response = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Basic ${credentials}`
+    },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) {
+    const text = await response.text();
+    let message;
+    try {
+      const err = JSON.parse(text);
+      message = err.error_description ?? err.error ?? text;
+    } catch {
+      message = text || `HTTP ${response.status}`;
+    }
+    throw new Error(`OAuth token request failed: ${message}`);
+  }
+  return await response.json();
+}
 // src/client.ts
 var DryRunSignal = class extends Error {
   constructor() {
@@ -597,6 +627,8 @@ var GdbClient = class _GdbClient {
   token;
   refreshToken;
   apiKey;
+  clientId;
+  clientSecret;
   onTokenRefresh;
   verbose;
   dryRun;
@@ -607,6 +639,8 @@ var GdbClient = class _GdbClient {
     this.token = options.token;
     this.refreshToken = options.refreshToken;
     this.apiKey = options.apiKey;
+    this.clientId = options.clientId;
+    this.clientSecret = options.clientSecret;
     this.onTokenRefresh = options.onTokenRefresh;
     this.verbose = options.verbose ?? false;
     this.dryRun = options.dryRun ?? false;
@@ -713,7 +747,7 @@ var GdbClient = class _GdbClient {
     throw new DryRunSignal();
   }
   canRefresh() {
-    return !!this.refreshToken && !this.apiKey;
+    return (!!this.refreshToken || !!this.clientId && !!this.clientSecret) && !this.apiKey;
   }
   async performTokenRefresh() {
     if (this.refreshPromise) return this.refreshPromise;
@@ -725,26 +759,43 @@ var GdbClient = class _GdbClient {
     }
   }
   async doRefresh() {
-    if (!this.refreshToken) return false;
-    try {
-      const url = this.buildUrl("/auth/refresh");
-      const response = await fetch(url, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ refreshToken: this.refreshToken })
-      });
-      if (!response.ok) return false;
-      const data = await response.json();
-      const newToken = data.accessToken ?? data.token;
-      const newRefreshToken = data.refreshToken;
-      if (!newToken) return false;
-      this.token = newToken;
-      if (newRefreshToken) this.refreshToken = newRefreshToken;
-      this.onTokenRefresh?.(newToken, newRefreshToken);
-      return true;
-    } catch {
-      return false;
+    if (this.refreshToken) {
+      try {
+        const url = this.buildUrl("/auth/refresh");
+        const response = await fetch(url, {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ refreshToken: this.refreshToken })
+        });
+        if (response.ok) {
+          const data = await response.json();
+          const newToken = data.accessToken ?? data.token;
+          const newRefreshToken = data.refreshToken;
+          if (newToken) {
+            this.token = newToken;
+            if (newRefreshToken) this.refreshToken = newRefreshToken;
+            this.onTokenRefresh?.(newToken, newRefreshToken);
+            return true;
+          }
+        }
+      } catch {
+      }
     }
+    if (this.clientId && this.clientSecret) {
+      try {
+        const result = await clientCredentialsGrant({
+          baseUrl: this.baseUrl,
+          clientId: this.clientId,
+          clientSecret: this.clientSecret
+        });
+        this.token = result.access_token;
+        this.onTokenRefresh?.(result.access_token);
+        return true;
+      } catch {
+        return false;
+      }
+    }
+    return false;
   }
   async executeRequest(method, path, options) {
     const url = this.buildUrl(`${this.getBasePath()}${path}`, options?.params);
@@ -877,6 +928,8 @@ function createClient(cmd) {
     service: opts.service,
     token: opts.token,
     refreshToken: usingCliToken ? void 0 : config.refreshToken,
+    clientId: usingCliToken ? void 0 : config.clientId,
+    clientSecret: usingCliToken ? void 0 : config.clientSecret,
     apiKey: opts.apiKey,
     onTokenRefresh: usingCliToken ? void 0 : (token, refreshToken) => {
       const cfg = loadConfig(opts.profile);
@@ -1057,35 +1110,217 @@ function formatDuration(ms) {
   return parts.join(" ");
 }
-// src/oauth.ts
-async function clientCredentialsGrant(options) {
-  const url = new URL("/oauth/token", options.baseUrl).toString();
-  const credentials = Buffer.from(`${options.clientId}:${options.clientSecret}`).toString("base64");
-  const params = new URLSearchParams();
-  params.set("grant_type", "client_credentials");
-  if (options.scope) {
-    params.set("scope", options.scope);
+// src/input.ts
+import JSON5 from "json5";
+import { readFileSync as readFileSync2 } from "fs";
+import { createInterface as createInterface2 } from "readline";
+async function parseJsonInput(input) {
+  if (input !== void 0) {
+    if (input === "-") return parseData(readFileSync2(0, "utf-8"));
+    if (input.startsWith("@")) return parseData(readFileSync2(input.slice(1), "utf-8"));
+    return parseData(input);
   }
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded",
-      Authorization: `Basic ${credentials}`
-    },
-    body: params.toString()
+  if (!process.stdin.isTTY) {
+    return parseData(readFileSync2(0, "utf-8"));
+  }
+  return readInteractiveJson();
+}
+function parseData(text) {
+  return JSON5.parse(text.trim());
+}
+async function readInteractiveJson() {
+  const rl = createInterface2({
+    input: process.stdin,
+    output: process.stderr,
+    prompt: "json> "
   });
-  if (!response.ok) {
-    const text = await response.text();
-    let message;
-    try {
-      const err = JSON.parse(text);
-      message = err.error_description ?? err.error ?? text;
-    } catch {
-      message = text || `HTTP ${response.status}`;
+  process.stderr.write("Enter JSON (auto-submits when braces close, Ctrl+C to cancel):\n");
+  rl.prompt();
+  const lines = [];
+  let depth = 0;
+  let started = false;
+  let inBlockComment = false;
+  let inString = false;
+  let stringChar = "";
+  let cancelled = false;
+  return new Promise((resolve, reject) => {
+    rl.on("SIGINT", () => {
+      cancelled = true;
+      rl.close();
+    });
+    rl.on("line", (line) => {
+      lines.push(line);
+      const result = trackDepth(line, depth, started, inBlockComment, inString, stringChar);
+      depth = result.depth;
+      started = result.started;
+      inBlockComment = result.inBlockComment;
+      inString = result.inString;
+      stringChar = result.stringChar;
+      if (started && depth <= 0 && !inBlockComment && !inString) {
+        rl.close();
+        try {
+          resolve(parseData(lines.join("\n")));
+        } catch (err) {
+          reject(err);
+        }
+      } else {
+        rl.setPrompt("...  ");
+        rl.prompt();
+      }
+    });
+    rl.on("close", () => {
+      if (cancelled) {
+        reject(new Error("Input cancelled."));
+        return;
+      }
+      if (lines.length > 0 && (!started || depth > 0 || inBlockComment || inString)) {
+        try {
+          resolve(parseData(lines.join("\n")));
+        } catch (err) {
+          reject(err);
+        }
+      } else if (lines.length === 0) {
+        reject(new Error("No input provided."));
+      }
+    });
+  });
+}
+function trackDepth(line, depth, started, inBlockComment, inString, stringChar) {
+  for (let i = 0; i < line.length; i++) {
+    const ch = line[i];
+    const next = i + 1 < line.length ? line[i + 1] : "";
+    if (inBlockComment) {
+      if (ch === "*" && next === "/") {
+        inBlockComment = false;
+        i++;
+      }
+      continue;
+    }
+    if (inString) {
+      if (ch === "\\" && i + 1 < line.length) {
+        i++;
+      } else if (ch === stringChar) {
+        inString = false;
+      }
+      continue;
+    }
+    if (ch === "/" && next === "/") break;
+    if (ch === "/" && next === "*") {
+      inBlockComment = true;
+      i++;
+      continue;
+    }
+    if (ch === '"' || ch === "'") {
+      inString = true;
+      stringChar = ch;
+    } else if (ch === "{" || ch === "[") {
+      depth++;
+      started = true;
+    } else if (ch === "}" || ch === "]") {
+      depth--;
     }
-    throw new Error(`OAuth token request failed: ${message}`);
   }
-  return await response.json();
+  return { depth, started, inBlockComment, inString, stringChar };
+}
+// src/commands/me-oauth-clients.ts
+function addMeOAuthClientsSubcommand(me) {
+  const oauthClients = me.command("oauth-clients").description("Manage your OAuth clients");
+  const list = oauthClients.command("list").description("List your OAuth clients").action(
+    withErrorHandler(async (_opts, cmd) => {
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("GET", "/me/oauth-clients");
+      outputResponse(response, format);
+    })
+  );
+  addExamples(list, [
+    {
+      description: "List your OAuth clients",
+      command: "geonic me oauth-clients list"
+    }
+  ]);
+  const create = oauthClients.command("create [json]").description("Create a new OAuth client").option("--name <name>", "Client name").option("--scopes <scopes>", "Allowed scopes (comma-separated)").option("--save", "Save credentials to config for automatic re-authentication").action(
+    withErrorHandler(async (json, _opts, cmd) => {
+      const opts = cmd.opts();
+      let body;
+      if (json) {
+        body = await parseJsonInput(json);
+      } else if (opts.name || opts.scopes) {
+        const payload = {};
+        if (opts.name) payload.clientName = opts.name;
+        if (opts.scopes) payload.allowedScopes = opts.scopes.split(",").map((s) => s.trim());
+        body = payload;
+      } else {
+        body = await parseJsonInput();
+      }
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("POST", "/me/oauth-clients", { body });
+      const data = response.data;
+      if (opts.save) {
+        const globalOpts = resolveOptions(cmd);
+        const clientId = data.clientId;
+        const clientSecret = data.clientSecret;
+        if (!clientId || !clientSecret) {
+          printError("Response missing clientId or clientSecret. Cannot save credentials.");
+          outputResponse(response, format);
+          printSuccess("OAuth client created.");
+          return;
+        }
+        const baseUrl = validateUrl(globalOpts.url);
+        const tokenResult = await clientCredentialsGrant({
+          baseUrl,
+          clientId,
+          clientSecret,
+          scope: data.allowedScopes?.join(" ")
+        });
+        const config = loadConfig(globalOpts.profile);
+        config.clientId = clientId;
+        config.clientSecret = clientSecret;
+        config.token = tokenResult.access_token;
+        delete config.refreshToken;
+        saveConfig(config, globalOpts.profile);
+        printInfo("Client credentials saved to config. Auto-reauth enabled.");
+      } else {
+        printWarning(
+          "Save the clientSecret now \u2014 it will not be shown again."
+        );
+      }
+      outputResponse(response, format);
+      printSuccess("OAuth client created.");
+    })
+  );
+  addExamples(create, [
+    {
+      description: "Create an OAuth client with flags",
+      command: "geonic me oauth-clients create --name my-ci-bot --scopes read:entities,write:entities"
+    },
+    {
+      description: "Create and save credentials for auto-reauth",
+      command: "geonic me oauth-clients create --name my-ci-bot --save"
+    },
+    {
+      description: "Create an OAuth client from JSON",
+      command: `geonic me oauth-clients create '{"clientName":"my-bot","allowedScopes":["read:entities"]}'`
+    }
+  ]);
+  const del = oauthClients.command("delete <id>").description("Delete an OAuth client").action(
+    withErrorHandler(async (id, _opts, cmd) => {
+      const client = createClient(cmd);
+      await client.rawRequest(
+        "DELETE",
+        `/me/oauth-clients/${encodeURIComponent(String(id))}`
+      );
+      printSuccess("OAuth client deleted.");
+    })
+  );
+  addExamples(del, [
+    {
+      description: "Delete an OAuth client",
+      command: "geonic me oauth-clients delete <client-id>"
+    }
+  ]);
 }
 // src/commands/auth.ts
@@ -1245,13 +1480,25 @@ function registerAuthCommands(program2) {
     }
   ]);
   auth.addCommand(logout);
-  const me = program2.command("me").description("Display current authenticated user").action(createMeAction());
+  const me = program2.command("me").description("Display current authenticated user and manage user resources");
+  const meInfo = me.command("info", { isDefault: true, hidden: true }).description("Display current authenticated user").action(createMeAction());
   addExamples(me, [
     {
       description: "Show current user info",
       command: "geonic me"
+    },
+    {
+      description: "List your OAuth clients",
+      command: "geonic me oauth-clients list"
     }
   ]);
+  addExamples(meInfo, [
+    {
+      description: "Show current user info",
+      command: "geonic me"
+    }
+  ]);
+  addMeOAuthClientsSubcommand(me);
   program2.addCommand(createLoginCommand(), { hidden: true });
   program2.addCommand(createLogoutCommand(), { hidden: true });
   const hiddenWhoami = new Command("whoami").description("Display current authenticated user").action(createMeAction());
@@ -1347,119 +1594,6 @@ function registerProfileCommands(program2) {
   ]);
 }
-// src/input.ts
-import JSON5 from "json5";
-import { readFileSync as readFileSync2 } from "fs";
-import { createInterface as createInterface2 } from "readline";
-async function parseJsonInput(input) {
-  if (input !== void 0) {
-    if (input === "-") return parseData(readFileSync2(0, "utf-8"));
-    if (input.startsWith("@")) return parseData(readFileSync2(input.slice(1), "utf-8"));
-    return parseData(input);
-  }
-  if (!process.stdin.isTTY) {
-    return parseData(readFileSync2(0, "utf-8"));
-  }
-  return readInteractiveJson();
-}
-function parseData(text) {
-  return JSON5.parse(text.trim());
-}
-async function readInteractiveJson() {
-  const rl = createInterface2({
-    input: process.stdin,
-    output: process.stderr,
-    prompt: "json> "
-  });
-  process.stderr.write("Enter JSON (auto-submits when braces close, Ctrl+C to cancel):\n");
-  rl.prompt();
-  const lines = [];
-  let depth = 0;
-  let started = false;
-  let inBlockComment = false;
-  let inString = false;
-  let stringChar = "";
-  let cancelled = false;
-  return new Promise((resolve, reject) => {
-    rl.on("SIGINT", () => {
-      cancelled = true;
-      rl.close();
-    });
-    rl.on("line", (line) => {
-      lines.push(line);
-      const result = trackDepth(line, depth, started, inBlockComment, inString, stringChar);
-      depth = result.depth;
-      started = result.started;
-      inBlockComment = result.inBlockComment;
-      inString = result.inString;
-      stringChar = result.stringChar;
-      if (started && depth <= 0 && !inBlockComment && !inString) {
-        rl.close();
-        try {
-          resolve(parseData(lines.join("\n")));
-        } catch (err) {
-          reject(err);
-        }
-      } else {
-        rl.setPrompt("...  ");
-        rl.prompt();
-      }
-    });
-    rl.on("close", () => {
-      if (cancelled) {
-        reject(new Error("Input cancelled."));
-        return;
-      }
-      if (lines.length > 0 && (!started || depth > 0 || inBlockComment || inString)) {
-        try {
-          resolve(parseData(lines.join("\n")));
-        } catch (err) {
-          reject(err);
-        }
-      } else if (lines.length === 0) {
-        reject(new Error("No input provided."));
-      }
-    });
-  });
-}
-function trackDepth(line, depth, started, inBlockComment, inString, stringChar) {
-  for (let i = 0; i < line.length; i++) {
-    const ch = line[i];
-    const next = i + 1 < line.length ? line[i + 1] : "";
-    if (inBlockComment) {
-      if (ch === "*" && next === "/") {
-        inBlockComment = false;
-        i++;
-      }
-      continue;
-    }
-    if (inString) {
-      if (ch === "\\" && i + 1 < line.length) {
-        i++;
-      } else if (ch === stringChar) {
-        inString = false;
-      }
-      continue;
-    }
-    if (ch === "/" && next === "/") break;
-    if (ch === "/" && next === "*") {
-      inBlockComment = true;
-      i++;
-      continue;
-    }
-    if (ch === '"' || ch === "'") {
-      inString = true;
-      stringChar = ch;
-    } else if (ch === "{" || ch === "[") {
-      depth++;
-      started = true;
-    } else if (ch === "}" || ch === "]") {
-      depth--;
-    }
-  }
-  return { depth, started, inBlockComment, inString, stringChar };
-}
 // src/commands/attrs.ts
 function addAttrsSubcommands(attrs) {
   const list = attrs.command("list").description("List all attributes of an entity").argument("<entityId>", "Entity ID").action(