@kylewadegrove/cutline-mcp-cli 0.4.2 → 0.5.0

package/src/auth/callback.ts

@@ -1,102 +0,0 @@
-import express from 'express';
-import type { Server } from 'http';
-
-const CALLBACK_PORT = 8765;
-const TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
-
-export interface CallbackResult {
-    token: string;
-    email?: string;
-}
-
-export async function startCallbackServer(): Promise<CallbackResult> {
-    return new Promise((resolve, reject) => {
-        const app = express();
-        let server: Server;
-
-        // Timeout handler
-        const timeout = setTimeout(() => {
-            server?.close();
-            reject(new Error('Authentication timeout - no callback received'));
-        }, TIMEOUT_MS);
-
-        // Callback endpoint
-        app.get('/', (req, res) => {
-            const token = req.query.token as string;
-            const email = req.query.email as string;
-
-            if (!token) {
-                res.status(400).send('Missing token parameter');
-                return;
-            }
-
-            // Send success page
-            res.send(`
-        <!DOCTYPE html>
-        <html>
-          <head>
-            <title>Cutline MCP - Authentication Successful</title>
-            <style>
-              body {
-                font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
-                display: flex;
-                justify-content: center;
-                align-items: center;
-                height: 100vh;
-                margin: 0;
-                background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-              }
-              .container {
-                background: white;
-                padding: 3rem;
-                border-radius: 1rem;
-                box-shadow: 0 20px 60px rgba(0,0,0,0.3);
-                text-align: center;
-                max-width: 400px;
-              }
-              h1 {
-                color: #667eea;
-                margin-bottom: 1rem;
-              }
-              p {
-                color: #666;
-                line-height: 1.6;
-              }
-              .checkmark {
-                font-size: 4rem;
-                color: #4CAF50;
-              }
-            </style>
-          </head>
-          <body>
-            <div class="container">
-              <div class="checkmark">✓</div>
-              <h1>Authentication Successful!</h1>
-              <p>You can now close this window and return to your terminal.</p>
-              ${email ? `<p>Logged in as: <strong>${email}</strong></p>` : ''}
-            </div>
-          </body>
-        </html>
-      `);
-
-            // Clean up and resolve
-            clearTimeout(timeout);
-            server.close();
-            resolve({ token, email });
-        });
-
-        // Start server
-        server = app.listen(CALLBACK_PORT, () => {
-            console.log(`Callback server listening on http://localhost:${CALLBACK_PORT}`);
-        });
-
-        server.on('error', (err: any) => {
-            clearTimeout(timeout);
-            if (err.code === 'EADDRINUSE') {
-                reject(new Error(`Port ${CALLBACK_PORT} is already in use. Please close other applications and try again.`));
-            } else {
-                reject(err);
-            }
-        });
-    });
-}

package/src/auth/keychain.ts

@@ -1,16 +0,0 @@
-import keytar from 'keytar';
-
-const SERVICE_NAME = 'cutline-mcp';
-const ACCOUNT_NAME = 'refresh-token';
-
-export async function storeRefreshToken(token: string): Promise<void> {
-    await keytar.setPassword(SERVICE_NAME, ACCOUNT_NAME, token);
-}
-
-export async function getRefreshToken(): Promise<string | null> {
-    return await keytar.getPassword(SERVICE_NAME, ACCOUNT_NAME);
-}
-
-export async function deleteRefreshToken(): Promise<boolean> {
-    return await keytar.deletePassword(SERVICE_NAME, ACCOUNT_NAME);
-}

package/src/commands/login.ts

@@ -1,202 +0,0 @@
-import open from 'open';
-import chalk from 'chalk';
-import ora from 'ora';
-import { startCallbackServer } from '../auth/callback.js';
-import { storeRefreshToken } from '../auth/keychain.js';
-import { saveConfig } from '../utils/config-store.js';
-import { getConfig, fetchFirebaseApiKey } from '../utils/config.js';
-
-interface SubscriptionInfo {
-    status: 'free' | 'active' | 'trialing' | 'past_due' | 'canceled' | 'unknown';
-    planName?: string;
-    periodEnd?: string;
-}
-
-async function getSubscriptionStatus(idToken: string, isStaging: boolean): Promise<SubscriptionInfo> {
-    try {
-        const baseUrl = isStaging 
-            ? 'https://us-central1-cutline-staging.cloudfunctions.net'
-            : 'https://us-central1-cutline-prod.cloudfunctions.net';
-        
-        const response = await fetch(`${baseUrl}/mcpSubscriptionStatus`, {
-            method: 'GET',
-            headers: {
-                'Authorization': `Bearer ${idToken}`,
-            },
-        });
-
-        if (!response.ok) {
-            return { status: 'unknown' };
-        }
-
-        return await response.json();
-    } catch (error) {
-        // Silently fail - subscription check is optional during login
-        return { status: 'unknown' };
-    }
-}
-
-async function exchangeRefreshForIdToken(refreshToken: string, apiKey: string): Promise<string> {
-    const response = await fetch(
-        `https://securetoken.googleapis.com/v1/token?key=${apiKey}`,
-        {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                grant_type: 'refresh_token',
-                refresh_token: refreshToken,
-            }),
-        }
-    );
-
-    if (!response.ok) {
-        throw new Error('Failed to get ID token');
-    }
-
-    const data = await response.json();
-    return data.id_token;
-}
-
-async function exchangeCustomToken(customToken: string, apiKey: string): Promise<{ refreshToken: string; email?: string }> {
-    const response = await fetch(
-        `https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${apiKey}`,
-        {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                token: customToken,
-                returnSecureToken: true,
-            }),
-        }
-    );
-
-    if (!response.ok) {
-        const error = await response.text();
-        throw new Error(`Failed to exchange custom token: ${error}`);
-    }
-
-    const data = await response.json();
-    return {
-        refreshToken: data.refreshToken,
-        email: data.email,
-    };
-}
-
-export async function loginCommand(options: { staging?: boolean; signup?: boolean; email?: string }) {
-    const config = getConfig(options);
-    
-    if (options.signup) {
-        console.log(chalk.bold('\n🚀 Cutline MCP - Create Account\n'));
-    } else {
-        console.log(chalk.bold('\n🔐 Cutline MCP Authentication\n'));
-    }
-
-    if (options.staging) {
-        console.log(chalk.yellow('  ⚠️  Using STAGING environment\n'));
-    }
-
-    if (options.email) {
-        console.log(chalk.gray(`  Requesting sign-in as: ${options.email}\n`));
-    }
-
-
-    const spinner = ora('Starting authentication flow...').start();
-
-    try {
-        // Fetch Firebase API key from web app endpoint
-        spinner.text = 'Fetching configuration...';
-        let firebaseApiKey: string;
-        try {
-            firebaseApiKey = await fetchFirebaseApiKey(options);
-        } catch (error) {
-            spinner.fail(chalk.red('Failed to fetch Firebase configuration'));
-            if (error instanceof Error) {
-                console.error(chalk.red(`  ${error.message}`));
-            }
-            console.error(chalk.gray('\n  You can also set the FIREBASE_API_KEY environment variable manually.\n'));
-            process.exit(1);
-        }
-
-        // Start callback server
-        spinner.text = 'Waiting for authentication...';
-        const serverPromise = startCallbackServer();
-
-        // Open browser
-        let authUrl = `${config.AUTH_URL}?callback=${encodeURIComponent(config.CALLBACK_URL)}`;
-        if (options.signup) {
-            authUrl += '&mode=signup';
-        }
-        if (options.email) {
-            authUrl += `&email=${encodeURIComponent(options.email)}`;
-        }
-        await open(authUrl);
-        spinner.text = options.signup 
-            ? 'Browser opened - please create your account' 
-            : 'Browser opened - please sign in or create an account';
-
-        // Wait for callback with custom token
-        const result = await serverPromise;
-
-        // Exchange custom token for refresh token
-        spinner.text = 'Exchanging token...';
-        const { refreshToken, email } = await exchangeCustomToken(result.token, firebaseApiKey);
-
-        // Store refresh token
-        try {
-            await storeRefreshToken(refreshToken);
-        } catch (error) {
-            console.warn(chalk.yellow('  ⚠️  Could not save to Keychain (skipping)'));
-        }
-
-        // Save to file config (cross-platform)
-        try {
-            saveConfig({ 
-                refreshToken,
-                environment: options.staging ? 'staging' : 'production',
-            });
-        } catch (error) {
-            console.error(chalk.red('  ✗ Failed to save config file:'), error);
-        }
-
-        spinner.succeed(chalk.green('Successfully authenticated!'));
-
-        // Show environment indicator
-        const envLabel = options.staging ? chalk.yellow('STAGING') : chalk.green('PRODUCTION');
-        console.log(chalk.gray(`  Environment: ${envLabel}`));
-
-        if (email || result.email) {
-            console.log(chalk.gray(`  Logged in as: ${email || result.email}`));
-        }
-
-        // Check subscription status
-        try {
-            spinner.start('Checking subscription...');
-            const idToken = await exchangeRefreshForIdToken(refreshToken, firebaseApiKey);
-            const subscription = await getSubscriptionStatus(idToken, !!options.staging);
-            spinner.stop();
-            
-            if (subscription.status === 'active' || subscription.status === 'trialing') {
-                const statusLabel = subscription.status === 'trialing' ? ' (trial)' : '';
-                console.log(chalk.gray('  Plan:'), chalk.green(`✓ ${subscription.planName || 'Premium'}${statusLabel}`));
-            } else {
-                console.log(chalk.gray('  Plan:'), chalk.white('Free'));
-                console.log(chalk.dim('  Upgrade at'), chalk.cyan('https://thecutline.ai/pricing'));
-            }
-        } catch {
-            spinner.stop();
-            // Silently skip subscription check on error
-        }
-
-        console.log(chalk.gray('\n  MCP servers can now access your account\n'));
-        console.log(chalk.dim('  Run'), chalk.cyan('cutline-mcp status'), chalk.dim('to verify\n'));
-
-    } catch (error) {
-        spinner.fail(chalk.red('Authentication failed'));
-
-        if (error instanceof Error) {
-            console.error(chalk.red(`  ${error.message}\n`));
-        }
-
-        process.exit(1);
-    }
-}

package/src/commands/logout.ts

@@ -1,30 +0,0 @@
-import chalk from 'chalk';
-import ora from 'ora';
-import { deleteRefreshToken } from '../auth/keychain.js';
-
-export async function logoutCommand() {
-    console.log(chalk.bold('\n👋 Logging out of Cutline MCP\n'));
-
-    const spinner = ora('Removing stored credentials...').start();
-
-    try {
-        const deleted = await deleteRefreshToken();
-
-        if (deleted) {
-            spinner.succeed(chalk.green('Successfully logged out'));
-            console.log(chalk.gray('  Credentials removed from keychain\n'));
-        } else {
-            spinner.info(chalk.yellow('No credentials found'));
-            console.log(chalk.gray('  You were not logged in\n'));
-        }
-
-    } catch (error) {
-        spinner.fail(chalk.red('Logout failed'));
-
-        if (error instanceof Error) {
-            console.error(chalk.red(`  ${error.message}\n`));
-        }
-
-        process.exit(1);
-    }
-}

package/src/commands/status.ts

@@ -1,153 +0,0 @@
-import chalk from 'chalk';
-import ora from 'ora';
-import { getRefreshToken } from '../auth/keychain.js';
-import { fetchFirebaseApiKey } from '../utils/config.js';
-
-interface SubscriptionInfo {
-    status: 'free' | 'active' | 'trialing' | 'past_due' | 'canceled' | 'unknown';
-    planName?: string;
-    periodEnd?: string;
-}
-
-async function getSubscriptionStatus(idToken: string, isStaging: boolean): Promise<SubscriptionInfo> {
-    try {
-        const baseUrl = isStaging 
-            ? 'https://us-central1-cutline-staging.cloudfunctions.net'
-            : 'https://us-central1-cutline-prod.cloudfunctions.net';
-        
-        const response = await fetch(`${baseUrl}/mcpSubscriptionStatus`, {
-            method: 'GET',
-            headers: {
-                'Authorization': `Bearer ${idToken}`,
-            },
-        });
-
-        if (!response.ok) {
-            return { status: 'unknown' };
-        }
-
-        return await response.json();
-    } catch (error) {
-        console.error('Error fetching subscription:', error);
-        return { status: 'unknown' };
-    }
-}
-
-async function exchangeRefreshToken(refreshToken: string, apiKey: string): Promise<string> {
-    const response = await fetch(
-        `https://securetoken.googleapis.com/v1/token?key=${apiKey}`,
-        {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                grant_type: 'refresh_token',
-                refresh_token: refreshToken,
-            }),
-        }
-    );
-
-    if (!response.ok) {
-        const errorText = await response.text();
-        let errorMessage = 'Failed to refresh token';
-        try {
-            const errorData = JSON.parse(errorText);
-            errorMessage = errorData.error?.message || errorText;
-        } catch {
-            errorMessage = errorText;
-        }
-        throw new Error(errorMessage);
-    }
-
-    const data = await response.json();
-    return data.id_token;
-}
-
-export async function statusCommand(options: { staging?: boolean }) {
-    console.log(chalk.bold('\n📊 Cutline MCP Status\n'));
-
-    const spinner = ora('Checking authentication...').start();
-
-    try {
-        // Check for stored refresh token
-        const refreshToken = await getRefreshToken();
-
-        if (!refreshToken) {
-            spinner.info(chalk.yellow('Not authenticated'));
-            console.log(chalk.gray('  Run'), chalk.cyan('cutline-mcp login'), chalk.gray('to authenticate\n'));
-            return;
-        }
-
-        // Get Firebase API key
-        spinner.text = 'Fetching configuration...';
-        let firebaseApiKey: string;
-        try {
-            firebaseApiKey = await fetchFirebaseApiKey(options);
-        } catch (error) {
-            spinner.fail(chalk.red('Configuration error'));
-            console.error(chalk.red(`  ${error instanceof Error ? error.message : 'Failed to get Firebase API key'}`));
-            process.exit(1);
-        }
-
-        // Exchange refresh token for ID token
-        spinner.text = 'Verifying credentials...';
-        const idToken = await exchangeRefreshToken(refreshToken, firebaseApiKey);
-
-        // Decode JWT payload (base64) to get user info - no verification needed, just display
-        const payloadBase64 = idToken.split('.')[1];
-        const decoded = JSON.parse(Buffer.from(payloadBase64, 'base64').toString());
-
-        spinner.succeed(chalk.green('Authenticated'));
-
-        console.log(chalk.gray('  User:'), chalk.white(decoded.email || decoded.user_id || decoded.sub));
-        console.log(chalk.gray('  UID:'), chalk.dim(decoded.user_id || decoded.sub));
-
-        // Calculate token expiry
-        const expiresIn = Math.floor((decoded.exp * 1000 - Date.now()) / 1000 / 60);
-        console.log(chalk.gray('  Token expires in:'), chalk.white(`${expiresIn} minutes`));
-
-        // Show custom claims if present
-        if (decoded.mcp) {
-            console.log(chalk.gray('  MCP enabled:'), chalk.green('✓'));
-        }
-        if (decoded.deviceId) {
-            console.log(chalk.gray('  Device ID:'), chalk.dim(decoded.deviceId));
-        }
-
-        // Check subscription status via Cloud Function
-        spinner.start('Checking subscription...');
-        const subscription = await getSubscriptionStatus(idToken, !!options.staging);
-        spinner.stop();
-        
-        if (subscription.status === 'active' || subscription.status === 'trialing') {
-            const statusLabel = subscription.status === 'trialing' ? ' (trial)' : '';
-            console.log(chalk.gray('  Plan:'), chalk.green(`✓ ${subscription.planName || 'Premium'}${statusLabel}`));
-            if (subscription.periodEnd) {
-                const periodEndDate = new Date(subscription.periodEnd);
-                const daysLeft = Math.ceil((periodEndDate.getTime() - Date.now()) / (1000 * 60 * 60 * 24));
-                console.log(chalk.gray('  Renews:'), chalk.white(`${periodEndDate.toLocaleDateString()} (${daysLeft} days)`));
-            }
-        } else if (subscription.status === 'past_due') {
-            console.log(chalk.gray('  Plan:'), chalk.yellow('⚠ Premium (payment past due)'));
-        } else if (subscription.status === 'canceled') {
-            console.log(chalk.gray('  Plan:'), chalk.yellow('Premium (canceled)'));
-            if (subscription.periodEnd) {
-                console.log(chalk.gray('  Access until:'), chalk.white(new Date(subscription.periodEnd).toLocaleDateString()));
-            }
-        } else {
-            console.log(chalk.gray('  Plan:'), chalk.white('Free'));
-            console.log(chalk.dim('  Upgrade at'), chalk.cyan('https://thecutline.ai/pricing'));
-        }
-
-        console.log();
-
-    } catch (error) {
-        spinner.fail(chalk.red('Status check failed'));
-
-        if (error instanceof Error) {
-            console.error(chalk.red(`  ${error.message}`));
-            console.log(chalk.gray('  Try running'), chalk.cyan('cutline-mcp login'), chalk.gray('again\n'));
-        }
-
-        process.exit(1);
-    }
-}

package/src/commands/upgrade.ts

@@ -1,121 +0,0 @@
-import open from 'open';
-import chalk from 'chalk';
-import ora from 'ora';
-import { startCallbackServer } from '../auth/callback.js';
-import { storeRefreshToken } from '../auth/keychain.js';
-import { saveConfig } from '../utils/config-store.js';
-import { getConfig, fetchFirebaseApiKey } from '../utils/config.js';
-
-async function exchangeCustomToken(customToken: string, apiKey: string): Promise<{ refreshToken: string; email?: string }> {
-    const response = await fetch(
-        `https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${apiKey}`,
-        {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                token: customToken,
-                returnSecureToken: true,
-            }),
-        }
-    );
-
-    if (!response.ok) {
-        const error = await response.text();
-        throw new Error(`Failed to exchange custom token: ${error}`);
-    }
-
-    const data = await response.json();
-    return {
-        refreshToken: data.refreshToken,
-        email: data.email,
-    };
-}
-
-export async function upgradeCommand(options: { staging?: boolean }) {
-    const config = getConfig(options);
-    
-    console.log(chalk.bold('\n⬆️  Cutline MCP - Upgrade to Premium\n'));
-
-    if (options.staging) {
-        console.log(chalk.yellow('  ⚠️  Using STAGING environment\n'));
-    }
-
-    // Fetch Firebase API key
-    let firebaseApiKey: string;
-    try {
-        firebaseApiKey = await fetchFirebaseApiKey(options);
-    } catch (error) {
-        console.error(chalk.red(`Error: ${error instanceof Error ? error.message : 'Failed to get Firebase API key'}`));
-        process.exit(1);
-    }
-
-    // Determine upgrade URL based on environment
-    const baseUrl = options.staging 
-        ? 'https://cutline-staging.web.app' 
-        : 'https://thecutline.ai';
-    
-    console.log(chalk.gray('  Opening upgrade page in your browser...\n'));
-    console.log(chalk.dim('  After upgrading, your MCP session will be refreshed automatically.\n'));
-
-    const spinner = ora('Waiting for upgrade and re-authentication...').start();
-
-    try {
-        // Start callback server for re-auth after upgrade
-        const serverPromise = startCallbackServer();
-
-        // Open upgrade page with callback for re-auth
-        // The upgrade page will redirect to mcp-auth after successful upgrade
-        const upgradeUrl = `${baseUrl}/upgrade?mcp_callback=${encodeURIComponent(config.CALLBACK_URL)}`;
-        await open(upgradeUrl);
-        
-        spinner.text = 'Browser opened - complete your upgrade, then re-authenticate';
-
-        // Wait for callback with new token (after upgrade + re-auth)
-        const result = await serverPromise;
-
-        // Exchange custom token for refresh token
-        spinner.text = 'Refreshing your session...';
-        const { refreshToken, email } = await exchangeCustomToken(result.token, firebaseApiKey);
-
-        // Store refresh token
-        try {
-            await storeRefreshToken(refreshToken);
-        } catch (error) {
-            console.warn(chalk.yellow('  ⚠️  Could not save to Keychain (skipping)'));
-        }
-
-        // Save to file config (API key is fetched at runtime, not stored)
-        try {
-            saveConfig({ 
-                refreshToken,
-                environment: options.staging ? 'staging' : 'production',
-            });
-        } catch (error) {
-            console.error(chalk.red('  ✗ Failed to save config file:'), error);
-        }
-
-        spinner.succeed(chalk.green('Upgrade complete! Session refreshed.'));
-
-        const envLabel = options.staging ? chalk.yellow('STAGING') : chalk.green('PRODUCTION');
-        console.log(chalk.gray(`  Environment: ${envLabel}`));
-
-        if (email || result.email) {
-            console.log(chalk.gray(`  Account: ${email || result.email}`));
-        }
-
-        console.log(chalk.green('\n  ✨ Premium features are now available!\n'));
-        console.log(chalk.dim('  Try:'), chalk.cyan('exploration_graduate'), chalk.dim('to run a full Deep Dive\n'));
-
-    } catch (error) {
-        spinner.fail(chalk.red('Upgrade flow failed'));
-
-        if (error instanceof Error) {
-            console.error(chalk.red(`  ${error.message}`));
-        }
-
-        console.log(chalk.gray('\n  You can also upgrade at:'), chalk.cyan(`${baseUrl}/upgrade`));
-        console.log(chalk.gray('  Then run:'), chalk.cyan('cutline-mcp login'), chalk.gray('to refresh your session\n'));
-
-        process.exit(1);
-    }
-}

package/src/index.ts

@@ -1,40 +0,0 @@
-#!/usr/bin/env node
-import { Command } from 'commander';
-import { loginCommand } from './commands/login.js';
-import { logoutCommand } from './commands/logout.js';
-import { statusCommand } from './commands/status.js';
-import { upgradeCommand } from './commands/upgrade.js';
-
-const program = new Command();
-
-program
-    .name('cutline-mcp')
-    .description('CLI tool for authenticating with Cutline MCP servers')
-    .version('0.1.0');
-
-program
-    .command('login')
-    .description('Authenticate with Cutline and store credentials')
-    .option('--staging', 'Use staging environment')
-    .option('--signup', 'Open sign-up page instead of sign-in')
-    .option('--email <address>', 'Request sign-in with specific email address')
-    .action(loginCommand);
-
-program
-    .command('logout')
-    .description('Remove stored credentials')
-    .action(logoutCommand);
-
-program
-    .command('status')
-    .description('Show current authentication status')
-    .option('--staging', 'Use staging environment')
-    .action(statusCommand);
-
-program
-    .command('upgrade')
-    .description('Upgrade to Premium and refresh your session')
-    .option('--staging', 'Use staging environment')
-    .action(upgradeCommand);
-
-program.parse();