npm - @granular-software/sdk - Versions diffs - 0.3.2 → 0.3.3 - Mend

@granular-software/sdk 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/cli/index.js +236 -29
package/package.json +1 -1

package/dist/cli/index.js CHANGED Viewed

@@ -4,10 +4,12 @@
 var fs = require('fs');
 var path = require('path');
 var readline = require('readline');
+var http = require('http');
+var child_process = require('child_process');
+var crypto = require('crypto');
 var process6 = require('process');
 var os = require('os');
 var tty = require('tty');
-var child_process = require('child_process');
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
@@ -32,6 +34,7 @@ function _interopNamespace(e) {
 var fs__namespace = /*#__PURE__*/_interopNamespace(fs);
 var path__namespace = /*#__PURE__*/_interopNamespace(path);
 var readline__namespace = /*#__PURE__*/_interopNamespace(readline);
+var http__namespace = /*#__PURE__*/_interopNamespace(http);
 var process6__default = /*#__PURE__*/_interopDefault(process6);
 var os__default = /*#__PURE__*/_interopDefault(os);
 var tty__default = /*#__PURE__*/_interopDefault(tty);
@@ -5455,6 +5458,12 @@ function loadApiUrl() {
   if (process.env.GRANULAR_API_URL) return process.env.GRANULAR_API_URL;
   return "https://cf-api-gateway.arthur6084.workers.dev/granular";
 }
+function loadAuthUrl() {
+  if (process.env.GRANULAR_AUTH_URL) {
+    return process.env.GRANULAR_AUTH_URL;
+  }
+  return "https://app.granular.software";
+}
 function saveApiKey(apiKey) {
   const envLocalPath = getEnvLocalPath();
   let content = "";
@@ -5722,6 +5731,161 @@ var ApiClient = class {
     });
   }
 };
+var CALLBACK_HOST = "127.0.0.1";
+var CALLBACK_PATH = "/callback";
+var DEFAULT_TIMEOUT_MS = 3 * 60 * 1e3;
+function normalizeAuthBaseUrl(input) {
+  const url = new URL(input);
+  if (url.protocol !== "https:" && url.protocol !== "http:") {
+    throw new Error("Auth URL must start with http:// or https://");
+  }
+  return url;
+}
+function renderHtmlPage(title, message) {
+  return `<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>${title}</title>
+  <style>
+    :root { color-scheme: light dark; }
+    body { font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif; margin: 2rem; line-height: 1.5; }
+    h1 { margin-bottom: 0.5rem; }
+    p { margin-top: 0; color: #666; }
+  </style>
+</head>
+<body>
+  <h1>${title}</h1>
+  <p>${message}</p>
+</body>
+</html>`;
+}
+function describeAuthError(code) {
+  switch (code) {
+    case "unauthorized":
+      return "You must sign in before authorizing the CLI.";
+    case "no_organization":
+      return "Your account is not associated with an organization.";
+    case "key_creation_failed":
+      return "Failed to create an API key for CLI login.";
+    case "missing_key_value":
+      return "The auth server did not return an API key value.";
+    case "auth_failed":
+      return "Authentication failed on the server.";
+    default:
+      return code;
+  }
+}
+function openExternalUrl(url) {
+  const platform = process.platform;
+  return new Promise((resolve) => {
+    let child;
+    if (platform === "darwin") {
+      child = child_process.spawn("open", [url], { stdio: "ignore" });
+    } else if (platform === "win32") {
+      child = child_process.spawn("cmd", ["/c", "start", "", url], {
+        stdio: "ignore",
+        windowsHide: true
+      });
+    } else {
+      child = child_process.spawn("xdg-open", [url], { stdio: "ignore" });
+    }
+    child.once("error", () => resolve(false));
+    child.once("spawn", () => resolve(true));
+  });
+}
+function closeServer(server) {
+  return new Promise((resolve) => {
+    server.close(() => resolve());
+  });
+}
+async function loginWithBrowser(options) {
+  const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+  const authBaseUrl = normalizeAuthBaseUrl(options.authBaseUrl);
+  const state = crypto.randomBytes(24).toString("hex");
+  const server = http__namespace.createServer();
+  await new Promise((resolve, reject) => {
+    server.once("error", reject);
+    server.listen(0, CALLBACK_HOST, () => resolve());
+  });
+  const address = server.address();
+  if (!address || typeof address === "string") {
+    await closeServer(server);
+    throw new Error("Could not start local callback server.");
+  }
+  const callbackUrl = `http://${CALLBACK_HOST}:${address.port}${CALLBACK_PATH}`;
+  const authUrl = new URL("/api/cli/auth/start", authBaseUrl);
+  authUrl.searchParams.set("callback", callbackUrl);
+  authUrl.searchParams.set("state", state);
+  const browserOpened = await openExternalUrl(authUrl.toString());
+  options.onAuthUrl?.(authUrl.toString(), browserOpened);
+  let settled = false;
+  try {
+    const apiKey = await new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => {
+        if (settled) return;
+        settled = true;
+        reject(new Error(`Timed out after ${Math.round(timeoutMs / 1e3)}s waiting for browser authentication.`));
+      }, timeoutMs);
+      server.on("request", (req, res) => {
+        const url = new URL(req.url || "/", `http://${CALLBACK_HOST}`);
+        if (url.pathname !== CALLBACK_PATH) {
+          res.statusCode = 404;
+          res.end("Not found");
+          return;
+        }
+        const returnedState = url.searchParams.get("state");
+        const apiKey2 = url.searchParams.get("api_key");
+        const error2 = url.searchParams.get("error");
+        if (!returnedState || returnedState !== state) {
+          res.statusCode = 400;
+          res.setHeader("Content-Type", "text/html; charset=utf-8");
+          res.end(renderHtmlPage("Granular login failed", "State mismatch. Please close this window and retry."));
+          if (!settled) {
+            settled = true;
+            clearTimeout(timeout);
+            reject(new Error("Browser auth state mismatch."));
+          }
+          return;
+        }
+        if (error2) {
+          res.statusCode = 400;
+          res.setHeader("Content-Type", "text/html; charset=utf-8");
+          res.end(renderHtmlPage("Granular login failed", "Authentication was canceled or failed. You can close this window."));
+          if (!settled) {
+            settled = true;
+            clearTimeout(timeout);
+            reject(new Error(describeAuthError(error2)));
+          }
+          return;
+        }
+        if (!apiKey2) {
+          res.statusCode = 400;
+          res.setHeader("Content-Type", "text/html; charset=utf-8");
+          res.end(renderHtmlPage("Granular login failed", "No API key was returned. Please retry."));
+          if (!settled) {
+            settled = true;
+            clearTimeout(timeout);
+            reject(new Error("No API key returned from browser auth."));
+          }
+          return;
+        }
+        res.statusCode = 200;
+        res.setHeader("Content-Type", "text/html; charset=utf-8");
+        res.end(renderHtmlPage("Granular login complete", "Authentication succeeded. You can close this window."));
+        if (!settled) {
+          settled = true;
+          clearTimeout(timeout);
+          resolve(apiKey2);
+        }
+      });
+    });
+    return apiKey;
+  } finally {
+    await closeServer(server);
+  }
+}
 // ../../node_modules/.bun/chalk@5.4.1/node_modules/chalk/source/vendor/ansi-styles/index.js
 var ANSI_BACKGROUND_OFFSET = 10;
@@ -7311,15 +7475,6 @@ function prompt(question, defaultValue) {
     });
   });
 }
-function promptSecret(question) {
-  const rl = readline__namespace.createInterface({ input: process.stdin, output: process.stdout });
-  return new Promise((resolve) => {
-    rl.question(`  ${question}: `, (answer) => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
-}
 function confirm(question, defaultYes = true) {
   const hint2 = defaultYes ? "Y/n" : "y/N";
   return prompt(`${question} [${hint2}]`).then((answer) => {
@@ -7339,13 +7494,25 @@ async function initCommand(projectName, options) {
   }
   let apiKey = loadApiKey();
   if (!apiKey) {
-    info("No API key found. Let's set one up.");
-    console.log();
-    dim("Get your API key at https://granular.dev/dashboard/api-keys");
-    console.log();
-    apiKey = await promptSecret("Enter your API key");
-    if (!apiKey) {
-      error("API key is required.");
+    info("No API key found. Starting browser login...");
+    const waiting = spinner("Opening browser and waiting for authentication...");
+    try {
+      apiKey = await loginWithBrowser({
+        authBaseUrl: loadAuthUrl(),
+        onAuthUrl: (authUrl, opened) => {
+          if (!opened) {
+            waiting.stop();
+            warn("Could not open your browser automatically.");
+            dim(`Open this URL to continue:
+  ${authUrl}`);
+            waiting.start();
+          }
+        }
+      });
+      waiting.succeed("  Browser authentication completed.");
+    } catch (err) {
+      waiting.fail(`  Browser authentication failed: ${err.message}`);
+      dim("Run `granular login --manual` to paste an API key directly.");
       process.exit(1);
     }
   } else {
@@ -7439,7 +7606,7 @@ async function initCommand(projectName, options) {
   hint("granular simulate", "opens app.granular.software/simulator for this sandbox");
   console.log();
 }
-function promptSecret2(question) {
+function promptSecret(question) {
   const rl = readline__namespace.createInterface({ input: process.stdin, output: process.stdout });
   return new Promise((resolve) => {
     rl.question(`  ${question}: `, (answer) => {
@@ -7448,26 +7615,59 @@ function promptSecret2(question) {
     });
   });
 }
-async function loginCommand() {
+function maskApiKey(apiKey) {
+  if (apiKey.length < 10) return `${apiKey}...`;
+  return `${apiKey.substring(0, 10)}...`;
+}
+async function loginCommand(options = {}) {
   printHeader();
   const existing = loadApiKey();
   if (existing) {
     info("An API key is already configured.");
-    dim(`Current: ${existing.substring(0, 10)}...`);
+    dim(`Current: ${maskApiKey(existing)}`);
     console.log();
   }
-  dim("Get your API key at https://granular.dev/dashboard/api-keys");
-  console.log();
-  const apiKey = await promptSecret2("Enter your API key");
+  const apiUrl = loadApiUrl();
+  let apiKey = options.apiKey?.trim();
+  if (!apiKey) {
+    if (options.manual) {
+      dim("Get your API key at https://app.granular.software/w/default/api-keys");
+      console.log();
+      apiKey = await promptSecret("Enter your API key");
+    } else {
+      const timeoutMs = options.timeout && options.timeout > 0 ? options.timeout * 1e3 : void 0;
+      const waiting = spinner("Opening browser and waiting for authentication...");
+      try {
+        apiKey = await loginWithBrowser({
+          authBaseUrl: loadAuthUrl(),
+          timeoutMs,
+          onAuthUrl: (authUrl, opened) => {
+            if (!opened) {
+              waiting.stop();
+              warn("Could not open your browser automatically.");
+              dim(`Open this URL to continue:
+  ${authUrl}`);
+              waiting.start();
+            }
+          }
+        });
+        waiting.succeed("  Browser authentication completed.");
+      } catch (err) {
+        waiting.fail(`  Browser authentication failed: ${err.message}`);
+        dim("Retry with `granular login --manual` to paste an API key directly.");
+        process.exit(1);
+      }
+    }
+  }
   if (!apiKey) {
     error("API key is required.");
     process.exit(1);
   }
-  if (!apiKey.startsWith("sk_")) {
-    warn('API key should start with "sk_". Continuing anyway...');
+  if (!apiKey.startsWith("sk_") && !apiKey.startsWith("gn_sk_")) {
+    warn("API key does not look like a recognized Granular/WorkOS key. Continuing anyway...");
   }
   const spinner2 = spinner("Validating...");
-  const api = new ApiClient(apiKey, loadApiUrl());
+  const api = new ApiClient(apiKey, apiUrl);
   const valid = await api.validateKey();
   if (!valid) {
     spinner2.fail("  Invalid API key.");
@@ -7475,7 +7675,7 @@ async function loginCommand() {
   }
   saveApiKey(apiKey);
   spinner2.succeed("  Authenticated successfully.");
-  dim("API key saved to .env.local");
+  dim("API key saved to .env.local (used by CLI and SDK examples)");
   console.log();
 }
@@ -8217,9 +8417,16 @@ program2.command("init [project-name]").description("Initialize a new Granular p
     process.exit(1);
   }
 });
-program2.command("login").description("Authenticate with your Granular API key").action(async () => {
+program2.command("login").description("Authenticate with Granular (browser by default)").option("--manual", "Prompt for API key instead of browser login").option("--api-key <key>", "Use a provided API key directly").option("--timeout <seconds>", "Browser auth timeout in seconds", (value) => {
+  const n = Number.parseInt(value, 10);
+  return Number.isFinite(n) ? n : 180;
+}).action(async (opts) => {
   try {
-    await loginCommand();
+    await loginCommand({
+      manual: opts.manual,
+      apiKey: opts.apiKey,
+      timeout: opts.timeout
+    });
   } catch (err) {
     error(err.message);
     process.exit(1);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@granular-software/sdk",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "TypeScript SDK and CLI for Granular - define, build, and deploy AI sandboxes",
   "main": "dist/index.js",
   "module": "dist/index.mjs",