@leeguoo/yapi-mcp 0.3.21 → 0.3.23

package/dist/yapi-cli.js

@@ -5,6 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const crypto_1 = __importDefault(require("crypto"));
+const child_process_1 = require("child_process");
 const fs_1 = __importDefault(require("fs"));
 const os_1 = __importDefault(require("os"));
 const path_1 = __importDefault(require("path"));
@@ -12,6 +13,7 @@ const readline_1 = __importDefault(require("readline"));
 const markdown_1 = require("./docs/markdown");
 const install_1 = require("./skill/install");
 const auth_1 = require("./services/yapi/auth");
+const authCache_1 = require("./services/yapi/authCache");
 function parseKeyValue(raw) {
     if (!raw || !raw.includes("="))
         throw new Error("expected key=value");
@@ -122,6 +124,162 @@ function resolveToken(tokenValue, projectId) {
     }
     return tokenValue;
 }
+function resolveLocalBin(binName) {
+    const baseName = process.platform === "win32" ? `${binName}.cmd` : binName;
+    const localBin = path_1.default.resolve(__dirname, "..", "node_modules", ".bin", baseName);
+    if (fs_1.default.existsSync(localBin))
+        return localBin;
+    return binName;
+}
+function parseJsonLoose(text) {
+    const raw = String(text || "").trim();
+    if (!raw)
+        return null;
+    const direct = parseJsonMaybe(raw);
+    if (direct !== null)
+        return direct;
+    const lines = raw
+        .split(/\r?\n/)
+        .map((line) => line.trim())
+        .filter(Boolean);
+    for (let i = lines.length - 1; i >= 0; i -= 1) {
+        const parsed = parseJsonMaybe(lines[i]);
+        if (parsed !== null)
+            return parsed;
+    }
+    const firstBrace = raw.indexOf("{");
+    const firstBracket = raw.indexOf("[");
+    const starts = [firstBrace, firstBracket].filter((n) => n >= 0);
+    if (!starts.length)
+        return null;
+    const start = Math.min(...starts);
+    const lastBrace = raw.lastIndexOf("}");
+    const lastBracket = raw.lastIndexOf("]");
+    const end = Math.max(lastBrace, lastBracket);
+    if (end <= start)
+        return null;
+    const sliced = raw.slice(start, end + 1);
+    return parseJsonMaybe(sliced);
+}
+function extractCookiesFromPayload(payload) {
+    const queue = [payload];
+    const visited = new Set();
+    while (queue.length) {
+        const current = queue.shift();
+        if (current === null || current === undefined)
+            continue;
+        if (visited.has(current))
+            continue;
+        visited.add(current);
+        if (Array.isArray(current)) {
+            if (current.every((item) => item && typeof item === "object")) {
+                return current;
+            }
+            continue;
+        }
+        if (typeof current !== "object")
+            continue;
+        const obj = current;
+        if (Array.isArray(obj.cookies))
+            return obj.cookies;
+        if (Array.isArray(obj.data))
+            return obj.data;
+        if (obj.data && typeof obj.data === "object")
+            queue.push(obj.data);
+        if (obj.result && typeof obj.result === "object")
+            queue.push(obj.result);
+        if (obj.payload && typeof obj.payload === "object")
+            queue.push(obj.payload);
+    }
+    return [];
+}
+function normalizeCookieExpiresMs(raw) {
+    const n = Number(raw);
+    if (!Number.isFinite(n) || n <= 0)
+        return undefined;
+    return n > 1_000_000_000_000 ? n : n * 1000;
+}
+function runAgentBrowser(args, options = {}) {
+    const bins = [
+        resolveLocalBin("agent-browser-stealth"),
+        resolveLocalBin("agent-browser"),
+        "agent-browser-stealth",
+        "agent-browser",
+    ];
+    const uniq = Array.from(new Set(bins));
+    let lastError = null;
+    for (const bin of uniq) {
+        try {
+            if (options.captureOutput) {
+                const output = (0, child_process_1.execFileSync)(bin, args, {
+                    encoding: "utf8",
+                    stdio: ["pipe", "pipe", "pipe"],
+                });
+                return String(output || "");
+            }
+            (0, child_process_1.execFileSync)(bin, args, { stdio: "inherit" });
+            return "";
+        }
+        catch (error) {
+            const code = error.code;
+            if (code === "ENOENT") {
+                lastError = error;
+                continue;
+            }
+            if (options.ignoreError)
+                return "";
+            throw error;
+        }
+    }
+    if (lastError?.code === "ENOENT") {
+        throw new Error("未找到 agent-browser-stealth。请先执行: pnpm -C packages/yapi-mcp add agent-browser-stealth && pnpm -C packages/yapi-mcp exec agent-browser-stealth install");
+    }
+    throw new Error("启动 agent-browser-stealth 失败");
+}
+async function loginByBrowserAndReadCookie(baseUrl, loginUrlOption) {
+    const normalizedBase = String(baseUrl || "").replace(/\/+$/, "");
+    const defaultLoginUrl = normalizedBase;
+    let loginUrl = String(loginUrlOption || "").trim();
+    if (!loginUrl) {
+        const answer = await promptText(`YApi page URL [${defaultLoginUrl}]: `);
+        loginUrl = answer.trim() || defaultLoginUrl;
+    }
+    try {
+        const parsed = new URL(loginUrl);
+        loginUrl = parsed.toString();
+    }
+    catch {
+        throw new Error(`invalid login url: ${loginUrl}`);
+    }
+    const sessionName = `yapi-login-${Date.now()}-${crypto_1.default.randomBytes(4).toString("hex")}`;
+    console.log(`opening browser for login: ${loginUrl}`);
+    console.log(`browser session name: ${sessionName}`);
+    runAgentBrowser(["open", loginUrl, "--headed", "--session-name", sessionName]);
+    await promptText("请在浏览器完成登录，然后按回车继续...");
+    let cookies = [];
+    try {
+        const output = runAgentBrowser(["cookies", "--json", "--session-name", sessionName], {
+            captureOutput: true,
+        });
+        const payload = parseJsonLoose(output);
+        cookies = extractCookiesFromPayload(payload);
+    }
+    finally {
+        runAgentBrowser(["close", "--session-name", sessionName], { ignoreError: true });
+    }
+    if (!cookies.length) {
+        throw new Error(`未读取到浏览器 cookie。请确认登录完成后再回车；如果仍失败，请先自检:\nagent-browser-stealth cookies --json --session-name ${sessionName}`);
+    }
+    const tokenCookie = cookies.find((item) => String(item?.name || "") === "_yapi_token");
+    const uidCookie = cookies.find((item) => String(item?.name || "") === "_yapi_uid");
+    const yapiToken = String(tokenCookie?.value || "").trim();
+    if (!yapiToken) {
+        throw new Error("未找到 _yapi_token，请确认登录站点是目标 YApi 域名");
+    }
+    const yapiUid = String(uidCookie?.value || "").trim() || undefined;
+    const expiresAt = normalizeCookieExpiresMs(tokenCookie?.expiresAt) ?? normalizeCookieExpiresMs(tokenCookie?.expires);
+    return { yapiToken, yapiUid, expiresAt };
+}
 async function fetchWithTimeout(url, options, timeoutMs) {
     const controller = new AbortController();
     const timer = setTimeout(() => controller.abort(), timeoutMs);
@@ -184,6 +342,14 @@ function parseArgs(argv) {
             options.baseUrl = arg.slice(11);
             continue;
         }
+        if (arg === "--login-url") {
+            options.loginUrl = argv[++i];
+            continue;
+        }
+        if (arg.startsWith("--login-url=")) {
+            options.loginUrl = arg.slice(12);
+            continue;
+        }
         if (arg === "--token") {
             options.token = argv[++i];
             continue;
@@ -208,6 +374,10 @@ function parseArgs(argv) {
             options.authMode = arg.slice(12);
             continue;
         }
+        if (arg === "--browser") {
+            options.browser = true;
+            continue;
+        }
         if (arg === "--email") {
             options.email = argv[++i];
             continue;
@@ -640,6 +810,7 @@ function usage() {
         "  yapi docs-sync [options] [dir...]",
         "  yapi docs-sync bind <action> [options]",
         "  yapi login [options]",
+        "  yapi logout [options]",
         "  yapi whoami [options]",
         "  yapi search [options]",
         "  yapi install-skill [options]",
@@ -740,12 +911,24 @@ function loginUsage() {
         "Options:",
         "  --config <path>        config file path (default: ~/.yapi/config.toml)",
         "  --base-url <url>       YApi base URL",
+        "  --login-url <url>      page URL for browser login (default: <base-url>)",
+        "  --browser              force browser login and cookie sync",
         "  --email <email>        login email for global mode",
         "  --password <pwd>       login password for global mode",
         "  --timeout <ms>         request timeout in ms",
         "  -h, --help             show help",
     ].join("\n");
 }
+function logoutUsage() {
+    return [
+        "Usage:",
+        "  yapi logout [options]",
+        "Options:",
+        "  --config <path>        config file path (default: ~/.yapi/config.toml)",
+        "  --base-url <url>       YApi base URL",
+        "  -h, --help             show help",
+    ].join("\n");
+}
 function whoamiUsage() {
     return [
         "Usage:",
@@ -1141,6 +1324,8 @@ async function runLogin(rawArgs) {
     let baseUrl = options.baseUrl || config.base_url || "";
     let email = options.email || config.email || "";
     let password = options.password || config.password || "";
+    const projectId = options.projectId || config.project_id || "";
+    const token = options.token || config.token || "";
     let updated = false;
     if (!baseUrl) {
         if (!process.stdin.isTTY || !process.stdout.isTTY) {
@@ -1150,21 +1335,50 @@ async function runLogin(rawArgs) {
         baseUrl = await promptRequired("YApi base URL: ", false);
         updated = true;
     }
-    if (!email) {
+    const useBrowserLogin = Boolean(options.browser) || !email || !password;
+    if (useBrowserLogin) {
         if (!process.stdin.isTTY || !process.stdout.isTTY) {
-            console.error("missing --email or config email");
+            console.error("browser login requires interactive terminal");
             return 2;
         }
-        email = await promptRequired("YApi email: ", false);
-        updated = true;
-    }
-    if (!password) {
-        if (!process.stdin.isTTY || !process.stdout.isTTY) {
-            console.error("missing --password or config password");
+        try {
+            const session = await loginByBrowserAndReadCookie(baseUrl, options.loginUrl);
+            const cache = new authCache_1.YApiAuthCache(baseUrl, "warn");
+            cache.saveSession({
+                yapiToken: session.yapiToken,
+                yapiUid: session.yapiUid,
+                expiresAt: session.expiresAt,
+                updatedAt: Date.now(),
+            });
+        }
+        catch (error) {
+            console.error(error instanceof Error ? error.message : String(error));
             return 2;
         }
-        password = await promptRequired("YApi password: ", true);
-        updated = true;
+        const shouldWriteConfig = updated || !fs_1.default.existsSync(configPath) || config.auth_mode !== "global";
+        if (shouldWriteConfig) {
+            const mergedConfig = {
+                base_url: baseUrl,
+                auth_mode: "global",
+                email,
+                password,
+                token,
+                project_id: projectId,
+            };
+            writeConfig(configPath, mergedConfig);
+        }
+        console.log("login success (cookie synced from browser to ~/.yapi-mcp/auth-*.json)");
+        return 0;
+    }
+    try {
+        const authService = new auth_1.YApiAuthService(baseUrl, email, password, "warn", {
+            timeoutMs: options.timeout || 30000,
+        });
+        await authService.getCookieHeaderWithLogin({ forceLogin: true });
+    }
+    catch (error) {
+        console.error(error instanceof Error ? error.message : String(error));
+        return 2;
     }
     const shouldWriteConfig = updated || !fs_1.default.existsSync(configPath) || config.auth_mode !== "global";
     if (shouldWriteConfig) {
@@ -1173,22 +1387,36 @@ async function runLogin(rawArgs) {
             auth_mode: "global",
             email,
             password,
-            token: options.token || config.token || "",
-            project_id: options.projectId || config.project_id || "",
+            token,
+            project_id: projectId,
         };
         writeConfig(configPath, mergedConfig);
     }
-    try {
-        const authService = new auth_1.YApiAuthService(baseUrl, email, password, "warn", {
-            timeoutMs: options.timeout || 30000,
-        });
-        await authService.getCookieHeaderWithLogin({ forceLogin: true });
+    console.log("login success (cookie cached in ~/.yapi-mcp/auth-*.json)");
+    return 0;
+}
+async function runLogout(rawArgs) {
+    const options = parseArgs(rawArgs);
+    if (options.help) {
+        console.log(logoutUsage());
+        return 0;
     }
-    catch (error) {
-        console.error(error instanceof Error ? error.message : String(error));
+    if (options.version) {
+        console.log(readVersion());
+        return 0;
+    }
+    const configPath = options.config || globalConfigPath();
+    const config = fs_1.default.existsSync(configPath)
+        ? parseSimpleToml(fs_1.default.readFileSync(configPath, "utf8"))
+        : {};
+    const baseUrl = options.baseUrl || config.base_url || "";
+    if (!baseUrl) {
+        console.error("missing --base-url or config base_url");
         return 2;
     }
-    console.log("login success (cookie cached in ~/.yapi-mcp/auth-*.json)");
+    const cache = new authCache_1.YApiAuthCache(baseUrl, "warn");
+    cache.clearSession();
+    console.log("logout success (session cleared from ~/.yapi-mcp/auth-*.json)");
     return 0;
 }
 async function runWhoami(rawArgs) {
@@ -2489,6 +2717,9 @@ async function main() {
     if (rawArgs[0] === "login") {
         return await runLogin(rawArgs.slice(1));
     }
+    if (rawArgs[0] === "logout") {
+        return await runLogout(rawArgs.slice(1));
+    }
     if (rawArgs[0] === "whoami") {
         return await runWhoami(rawArgs.slice(1));
     }