@intranefr/superbackend 1.7.7 → 1.7.9

package/autochangelog-cli/src/cli/commands/auth.js

@@ -0,0 +1,291 @@
+const { Command } = require('commander');
+const chalk = require('chalk');
+const inquirer = require('inquirer');
+const { output } = require('../utils/output');
+const { handleCliError, validateRequiredArgs, ERROR_CODES } = require('../utils/errors');
+const { loadConfig, saveConfig, getAuthToken, setAuthToken, clearAuthToken, isAuthenticated } = require('../utils/config');
+const { setupLogger } = require('../utils/logger');
+
+/**
+ * Authentication commands for AutoChangelog CLI
+ * Handles GitHub OAuth authentication and token management
+ */
+
+function setupAuthCommands(program) {
+  const auth = program
+    .command('auth')
+    .description('Authentication management');
+
+  // Login command
+  auth
+    .command('login')
+    .description('Authenticate with GitHub')
+    .option('--token <token>', 'GitHub personal access token')
+    .option('--client-id <id>', 'GitHub OAuth App client ID')
+    .option('--client-secret <secret>', 'GitHub OAuth App client secret')
+    .action(async (options) => {
+      const logger = setupLogger();
+      const config = loadConfig();
+      
+      try {
+        // Check if already authenticated
+        if (isAuthenticated()) {
+          output.success('Already authenticated');
+          return;
+        }
+
+        let token;
+
+        if (options.token) {
+          // Use provided token
+          token = options.token;
+        } else if (options.clientId && options.clientSecret) {
+          // Use OAuth flow
+          token = await performOAuthFlow(options.clientId, options.clientSecret, logger);
+        } else {
+          // Interactive mode
+          token = await interactiveLogin(logger);
+        }
+
+        if (token) {
+          // Validate token
+          const isValid = await validateToken(token, logger);
+          
+          if (isValid) {
+            setAuthToken(token);
+            output.success('Authentication successful');
+            
+            // Save additional config if provided
+            if (options.clientId) {
+              saveConfig({ github_client_id: options.clientId });
+            }
+            if (options.clientSecret) {
+              saveConfig({ github_client_secret: options.clientSecret });
+            }
+          } else {
+            output.error('Invalid GitHub token. Please check your token permissions.');
+            process.exit(ERROR_CODES.AUTHENTICATION_FAILED);
+          }
+        } else {
+          output.error('Authentication failed');
+          process.exit(ERROR_CODES.AUTHENTICATION_FAILED);
+        }
+
+      } catch (error) {
+        handleCliError(error, output);
+      }
+    });
+
+  // Logout command
+  auth
+    .command('logout')
+    .description('Logout and clear authentication')
+    .action(async () => {
+      try {
+        if (!isAuthenticated()) {
+          output.warning('Not currently authenticated');
+          return;
+        }
+
+        clearAuthToken();
+        output.success('Logged out successfully');
+      } catch (error) {
+        handleCliError(error, output);
+      }
+    });
+
+  // Status command
+  auth
+    .command('status')
+    .description('Show current authentication status')
+    .action(async () => {
+      try {
+        const token = getAuthToken();
+        
+        if (token) {
+          const config = loadConfig();
+          const isValid = await validateToken(token);
+          
+          if (isValid) {
+            output.output({
+              success: true,
+              message: 'Authenticated successfully',
+              data: {
+                authenticated: true,
+                token_preview: token.substring(0, 10) + '...',
+                client_id: config.github_client_id || 'Not set',
+              }
+            });
+          } else {
+            output.output({
+              success: false,
+              message: 'Authentication token is invalid',
+              data: {
+                authenticated: false,
+              }
+            });
+          }
+        } else {
+          output.output({
+            success: false,
+            message: 'Not authenticated',
+            data: {
+              authenticated: false,
+            }
+          });
+        }
+      } catch (error) {
+        handleCliError(error, output);
+      }
+    });
+
+  // Token command (get current token)
+  auth
+    .command('token')
+    .description('Get current authentication token')
+    .action(async () => {
+      try {
+        const token = getAuthToken();
+        
+        if (token) {
+          const isValid = await validateToken(token);
+          
+          if (isValid) {
+            if (output.isJsonMode()) {
+              output.output({
+                success: true,
+                data: {
+                  token,
+                  preview: token.substring(0, 10) + '...',
+                }
+              });
+            } else {
+              console.log(chalk.green('Current token:'));
+              console.log(chalk.gray(token));
+            }
+          } else {
+            output.error('Current token is invalid');
+            process.exit(ERROR_CODES.AUTHENTICATION_FAILED);
+          }
+        } else {
+          output.error('No authentication token found');
+          process.exit(ERROR_CODES.AUTHENTICATION_FAILED);
+        }
+      } catch (error) {
+        handleCliError(error, output);
+      }
+    });
+}
+
+/**
+ * Perform OAuth flow for authentication
+ * @param {string} clientId - GitHub OAuth App client ID
+ * @param {string} clientSecret - GitHub OAuth App client secret
+ * @param {Object} logger - Logger instance
+ * @returns {Promise<string>} GitHub token
+ */
+async function performOAuthFlow(clientId, clientSecret, logger) {
+  const { Octokit } = require('@octokit/rest');
+  
+  logger.info('Starting OAuth flow...');
+  
+  // This is a simplified OAuth flow for CLI
+  // In a real implementation, you'd need to handle the full OAuth redirect flow
+  console.log(chalk.yellow('Please visit the following URL to authorize AutoChangelog:'));
+  console.log(chalk.cyan(`https://github.com/login/oauth/authorize?client_id=${clientId}`));
+  console.log('');
+  console.log(chalk.gray('After authorization, you will receive an authorization code.'));
+  
+  const answers = await inquirer.prompt([
+    {
+      type: 'input',
+      name: 'code',
+      message: 'Enter the authorization code:',
+      validate: (input) => input.length > 0 || 'Authorization code is required',
+    }
+  ]);
+
+  try {
+    // Exchange code for token
+    const response = await fetch('https://github.com/login/oauth/access_token', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Accept': 'application/json',
+      },
+      body: JSON.stringify({
+        client_id: clientId,
+        client_secret: clientSecret,
+        code: answers.code,
+      }),
+    });
+
+    const data = await response.json();
+    
+    if (data.access_token) {
+      return data.access_token;
+    } else {
+      throw new Error(data.error || 'Failed to exchange code for token');
+    }
+  } catch (error) {
+    throw new Error(`OAuth flow failed: ${error.message}`);
+  }
+}
+
+/**
+ * Interactive login prompt
+ * @param {Object} logger - Logger instance
+ * @returns {Promise<string>} GitHub token
+ */
+async function interactiveLogin(logger) {
+  logger.info('Starting interactive login...');
+  
+  console.log(chalk.blue('To authenticate with GitHub, you need a personal access token.'));
+  console.log(chalk.gray('1. Go to https://github.com/settings/tokens'));
+  console.log(chalk.gray('2. Click "Generate new token (classic)"'));
+  console.log(chalk.gray('3. Select the following scopes:'));
+  console.log(chalk.gray('   - repo (Full control of private repositories)'));
+  console.log(chalk.gray('   - read:org (Read org and team membership, read org projects)'));
+  console.log(chalk.gray('4. Copy the generated token'));
+  console.log('');
+
+  const answers = await inquirer.prompt([
+    {
+      type: 'password',
+      name: 'token',
+      message: 'Enter your GitHub personal access token:',
+      validate: (input) => input.length > 0 || 'Token is required',
+    }
+  ]);
+
+  return answers.token;
+}
+
+/**
+ * Validate GitHub token
+ * @param {string} token - GitHub token to validate
+ * @param {Object} logger - Logger instance
+ * @returns {Promise<boolean>} True if token is valid
+ */
+async function validateToken(token, logger = null) {
+  try {
+    const { Octokit } = require('@octokit/rest');
+    const octokit = new Octokit({ auth: token });
+    
+    // Test the token by making a simple API call
+    const { data } = await octokit.rest.users.getAuthenticated();
+    
+    if (logger) {
+      logger.info(`Token validated for user: ${data.login}`);
+    }
+    
+    return true;
+  } catch (error) {
+    if (logger) {
+      logger.error('Token validation failed:', error.message);
+    }
+    return false;
+  }
+}
+
+module.exports = setupAuthCommands;