@meshxdata/fops 0.0.1

package/src/auth/login.js

@@ -0,0 +1,421 @@
+import fs from "node:fs";
+import http from "node:http";
+import chalk from "chalk";
+import { execaSync } from "execa";
+import inquirer from "inquirer";
+import { CLAUDE_DIR, CLAUDE_CREDENTIALS, resolveAnthropicApiKey } from "./resolve.js";
+
+const ANTHROPIC_KEYS_URL = "https://console.anthropic.com/settings/keys";
+
+export function authHelp() {
+  console.log(chalk.yellow("No API key found. Try one of:"));
+  console.log(chalk.gray("  • Open " + chalk.cyan(ANTHROPIC_KEYS_URL) + " in your browser to sign in and create a key"));
+  console.log(chalk.gray("  • ANTHROPIC_API_KEY or OPENAI_API_KEY environment variable"));
+  console.log(chalk.gray("  • ~/.claude/.credentials.json with anthropic_api_key or apiKey"));
+  console.log(chalk.gray("  • ~/.claude/settings.json with apiKeyHelper (script that prints the key)\n"));
+}
+
+export function openBrowser(url) {
+  const platform = process.platform;
+  const cmd = platform === "darwin" ? "open" : platform === "win32" ? "start" : "xdg-open";
+  try {
+    execaSync(cmd, [url], { reject: false });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+export function saveApiKey(apiKey) {
+  // Ensure ~/.claude directory exists
+  if (!fs.existsSync(CLAUDE_DIR)) {
+    fs.mkdirSync(CLAUDE_DIR, { mode: 0o700 });
+  }
+
+  // Read existing credentials or start fresh
+  let creds = {};
+  if (fs.existsSync(CLAUDE_CREDENTIALS)) {
+    try {
+      creds = JSON.parse(fs.readFileSync(CLAUDE_CREDENTIALS, "utf8"));
+    } catch {
+      // Start fresh if corrupted
+    }
+  }
+
+  creds.anthropic_api_key = apiKey.trim();
+  fs.writeFileSync(CLAUDE_CREDENTIALS, JSON.stringify(creds, null, 2) + "\n", { mode: 0o600 });
+
+  console.log(chalk.green("\nLogin successful"));
+  console.log(chalk.gray("Key saved to ~/.claude/.credentials.json\n"));
+  return true;
+}
+
+export async function offerClaudeLogin() {
+  const { startLogin } = await inquirer.prompt([
+    {
+      type: "confirm",
+      name: "startLogin",
+      message: "Open Anthropic Console in browser to sign in and get an API key?",
+      default: true,
+    },
+  ]);
+  if (!startLogin) return false;
+  console.log(chalk.blue("\n  Opening " + ANTHROPIC_KEYS_URL + " …\n"));
+  const opened = openBrowser(ANTHROPIC_KEYS_URL);
+  if (!opened) {
+    console.log(chalk.yellow("  Could not open browser. Visit: " + ANTHROPIC_KEYS_URL + "\n"));
+  }
+  console.log(chalk.gray("  1. Sign in and create an API key"));
+  console.log(chalk.gray("  2. Add it to ~/.claude/.credentials.json:"));
+  console.log(chalk.gray('     { "anthropic_api_key": "sk-ant-..." }'));
+  console.log(chalk.gray("  3. Or run: export ANTHROPIC_API_KEY=\"sk-ant-...\""));
+  console.log(chalk.gray("  4. Then run foundation chat again.\n"));
+  return true;
+}
+
+export const LOGIN_HTML = `<!DOCTYPE html>
+<html>
+<head>
+  <title>Foundation CLI Login</title>
+  <style>
+    * { box-sizing: border-box; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+      background: linear-gradient(135deg, #1a1a2e 0%, #16213e 100%);
+      color: #e4e4e7;
+      min-height: 100vh;
+      margin: 0;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+    }
+    .container {
+      background: #1e1e2e;
+      border-radius: 12px;
+      padding: 40px;
+      max-width: 480px;
+      width: 90%;
+      box-shadow: 0 25px 50px -12px rgba(0, 0, 0, 0.5);
+    }
+    h1 {
+      margin: 0 0 8px 0;
+      font-size: 24px;
+      color: #f4f4f5;
+    }
+    .subtitle {
+      color: #a1a1aa;
+      margin-bottom: 24px;
+      font-size: 14px;
+    }
+    .steps {
+      background: #27273a;
+      border-radius: 8px;
+      padding: 16px;
+      margin-bottom: 24px;
+    }
+    .step {
+      display: flex;
+      align-items: flex-start;
+      margin-bottom: 12px;
+    }
+    .step:last-child { margin-bottom: 0; }
+    .step-num {
+      background: #6366f1;
+      color: white;
+      width: 24px;
+      height: 24px;
+      border-radius: 50%;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      font-size: 12px;
+      font-weight: 600;
+      margin-right: 12px;
+      flex-shrink: 0;
+    }
+    .step-text {
+      color: #d4d4d8;
+      font-size: 14px;
+      line-height: 24px;
+    }
+    .step-text a {
+      color: #818cf8;
+      text-decoration: none;
+    }
+    .step-text a:hover { text-decoration: underline; }
+    input {
+      width: 100%;
+      padding: 12px 16px;
+      border: 2px solid #3f3f46;
+      border-radius: 8px;
+      background: #27273a;
+      color: #f4f4f5;
+      font-size: 14px;
+      font-family: monospace;
+      margin-bottom: 16px;
+      transition: border-color 0.2s;
+    }
+    input:focus {
+      outline: none;
+      border-color: #6366f1;
+    }
+    input::placeholder { color: #71717a; }
+    button {
+      width: 100%;
+      padding: 12px 24px;
+      background: #6366f1;
+      color: white;
+      border: none;
+      border-radius: 8px;
+      font-size: 14px;
+      font-weight: 600;
+      cursor: pointer;
+      transition: background 0.2s;
+    }
+    button:hover { background: #4f46e5; }
+    button:disabled {
+      background: #3f3f46;
+      cursor: not-allowed;
+    }
+    .error {
+      background: #7f1d1d;
+      color: #fecaca;
+      padding: 12px;
+      border-radius: 8px;
+      margin-bottom: 16px;
+      font-size: 14px;
+      display: none;
+    }
+    .success {
+      text-align: center;
+      padding: 40px 0;
+    }
+    .success-icon {
+      font-size: 48px;
+      margin-bottom: 16px;
+    }
+    .success h2 {
+      color: #4ade80;
+      margin: 0 0 8px 0;
+    }
+    .success p {
+      color: #a1a1aa;
+      margin: 0;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div id="form-view">
+      <h1>Foundation CLI</h1>
+      <p class="subtitle">Authenticate with your Anthropic API key</p>
+
+      <div class="steps">
+        <div class="step">
+          <span class="step-num">1</span>
+          <span class="step-text">Go to <a href="https://console.anthropic.com/settings/keys" target="_blank">console.anthropic.com/settings/keys</a></span>
+        </div>
+        <div class="step">
+          <span class="step-num">2</span>
+          <span class="step-text">Create a new API key (or copy existing)</span>
+        </div>
+        <div class="step">
+          <span class="step-num">3</span>
+          <span class="step-text">Paste it below and click Submit</span>
+        </div>
+      </div>
+
+      <div class="error" id="error"></div>
+
+      <form id="key-form">
+        <input type="password" id="api-key" name="key" placeholder="sk-ant-api03-..." autocomplete="off" autofocus />
+        <button type="submit" id="submit-btn">Submit API Key</button>
+      </form>
+    </div>
+
+    <div id="success-view" class="success" style="display: none;">
+      <div class="success-icon">✓</div>
+      <h2>Login Successful</h2>
+      <p>You can close this window and return to the terminal.</p>
+    </div>
+  </div>
+
+  <script>
+    const form = document.getElementById('key-form');
+    const input = document.getElementById('api-key');
+    const error = document.getElementById('error');
+    const btn = document.getElementById('submit-btn');
+    const formView = document.getElementById('form-view');
+    const successView = document.getElementById('success-view');
+
+    form.addEventListener('submit', async (e) => {
+      e.preventDefault();
+      const key = input.value.trim();
+
+      if (!key) {
+        error.textContent = 'Please enter your API key';
+        error.style.display = 'block';
+        return;
+      }
+
+      if (!key.startsWith('sk-ant-api')) {
+        error.textContent = 'Invalid key format. Should start with sk-ant-api (not OAuth tokens)';
+        error.style.display = 'block';
+        return;
+      }
+
+      error.style.display = 'none';
+      btn.disabled = true;
+      btn.textContent = 'Authenticating...';
+
+      try {
+        const res = await fetch('/callback', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ key })
+        });
+
+        if (res.ok) {
+          formView.style.display = 'none';
+          successView.style.display = 'block';
+        } else {
+          const data = await res.json();
+          error.textContent = data.error || 'Authentication failed';
+          error.style.display = 'block';
+          btn.disabled = false;
+          btn.textContent = 'Submit API Key';
+        }
+      } catch (err) {
+        error.textContent = 'Connection error. Is the CLI still running?';
+        error.style.display = 'block';
+        btn.disabled = false;
+        btn.textContent = 'Submit API Key';
+      }
+    });
+  </script>
+</body>
+</html>`;
+
+export async function runLogin(options = {}) {
+  // Check for existing API key
+  const existingKey = resolveAnthropicApiKey();
+  if (existingKey) {
+    const masked = existingKey.slice(0, 15) + "..." + existingKey.slice(-4);
+    const { overwrite } = await inquirer.prompt([
+      {
+        type: "confirm",
+        name: "overwrite",
+        message: `Already have an API key (${masked}). Replace it?`,
+        default: false,
+      },
+    ]);
+    if (!overwrite) {
+      console.log(chalk.gray("Keeping existing credentials."));
+      return true;
+    }
+  }
+
+  // Device flow with browser
+  if (options.browser !== false) {
+    return runDeviceLogin();
+  }
+
+  // Terminal-only flow
+  console.log(chalk.blue("\nGet an API key from: " + ANTHROPIC_KEYS_URL + "\n"));
+
+  const { apiKey } = await inquirer.prompt([
+    {
+      type: "password",
+      name: "apiKey",
+      message: "Paste your API key:",
+      mask: "*",
+      validate: (v) => {
+        const trimmed = v?.trim();
+        if (!trimmed) return "API key is required.";
+        if (!trimmed.startsWith("sk-ant-api")) return "Invalid key format. Should start with sk-ant-api";
+        return true;
+      },
+    },
+  ]);
+  return saveApiKey(apiKey);
+}
+
+async function runDeviceLogin() {
+  return new Promise((resolve) => {
+    const server = http.createServer(async (req, res) => {
+      if (req.method === "GET" && req.url === "/") {
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(LOGIN_HTML);
+        return;
+      }
+
+      if (req.method === "POST" && req.url === "/callback") {
+        let body = "";
+        req.on("data", (chunk) => { body += chunk; });
+        req.on("end", async () => {
+          try {
+            const { key } = JSON.parse(body);
+
+            if (!key || !key.startsWith("sk-ant-api")) {
+              res.writeHead(400, { "Content-Type": "application/json" });
+              res.end(JSON.stringify({ error: "Invalid API key format. Use an API key from console.anthropic.com (starts with sk-ant-api)" }));
+              return;
+            }
+
+            // Optionally validate key with Anthropic
+            try {
+              const Anthropic = (await import("@anthropic-ai/sdk")).default;
+              const client = new Anthropic({ apiKey: key });
+              await client.messages.create({
+                model: "claude-3-haiku-20240307",
+                max_tokens: 1,
+                messages: [{ role: "user", content: "hi" }],
+              });
+            } catch (apiErr) {
+              if (apiErr?.status === 401) {
+                res.writeHead(401, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "Invalid API key" }));
+                return;
+              }
+              // Other errors (rate limit, etc) - key might still be valid
+            }
+
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ success: true }));
+
+            // Save and close
+            saveApiKey(key);
+            server.close();
+            resolve(true);
+          } catch {
+            res.writeHead(400, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Invalid request" }));
+          }
+        });
+        return;
+      }
+
+      res.writeHead(404);
+      res.end();
+    });
+
+    // Find available port
+    server.listen(0, "127.0.0.1", () => {
+      const { port } = server.address();
+      const url = `http://127.0.0.1:${port}`;
+
+      console.log(chalk.blue("\nOpening browser for authentication...\n"));
+      console.log(chalk.gray(`  If browser doesn't open, visit: ${chalk.cyan(url)}\n`));
+      console.log(chalk.gray("  Waiting for authentication..."));
+
+      openBrowser(url);
+    });
+
+    // Timeout after 5 minutes
+    setTimeout(() => {
+      console.log(chalk.yellow("\n  Login timed out. Run foundation login again.\n"));
+      server.close();
+      resolve(false);
+    }, 5 * 60 * 1000);
+  });
+}

package/src/auth/login.test.js

@@ -0,0 +1,192 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+
+vi.mock("execa", () => ({
+  execaSync: vi.fn(),
+}));
+
+vi.mock("inquirer", () => ({
+  default: { prompt: vi.fn() },
+}));
+
+vi.mock("./resolve.js", () => ({
+  CLAUDE_DIR: path.join(os.tmpdir(), ".claude-test-login"),
+  CLAUDE_CREDENTIALS: path.join(os.tmpdir(), ".claude-test-login", ".credentials.json"),
+  CLAUDE_JSON: path.join(os.tmpdir(), ".claude-test-login", ".claude.json"),
+  resolveAnthropicApiKey: vi.fn(() => null),
+  readJsonKey: vi.fn(),
+}));
+
+const { CLAUDE_DIR, CLAUDE_CREDENTIALS } = await import("./resolve.js");
+const { execaSync } = await import("execa");
+const { authHelp, openBrowser, saveApiKey, LOGIN_HTML } = await import("./login.js");
+
+describe("auth/login", () => {
+  beforeEach(() => {
+    if (fs.existsSync(CLAUDE_DIR)) fs.rmSync(CLAUDE_DIR, { recursive: true, force: true });
+  });
+
+  afterEach(() => {
+    if (fs.existsSync(CLAUDE_DIR)) fs.rmSync(CLAUDE_DIR, { recursive: true, force: true });
+  });
+
+  describe("authHelp", () => {
+    it("prints help text about API keys", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      authHelp();
+      expect(spy).toHaveBeenCalled();
+      const output = spy.mock.calls.map((c) => c[0]).join("\n");
+      expect(output).toContain("API key");
+    });
+
+    it("mentions environment variables", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      authHelp();
+      const output = spy.mock.calls.map((c) => c[0]).join("\n");
+      expect(output).toContain("ANTHROPIC_API_KEY");
+      expect(output).toContain("OPENAI_API_KEY");
+    });
+
+    it("mentions credentials file", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      authHelp();
+      const output = spy.mock.calls.map((c) => c[0]).join("\n");
+      expect(output).toContain(".credentials.json");
+    });
+
+    it("mentions apiKeyHelper", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      authHelp();
+      const output = spy.mock.calls.map((c) => c[0]).join("\n");
+      expect(output).toContain("apiKeyHelper");
+    });
+  });
+
+  describe("openBrowser", () => {
+    it("calls open on darwin", () => {
+      const original = process.platform;
+      Object.defineProperty(process, "platform", { value: "darwin" });
+      execaSync.mockReturnValue({});
+      const result = openBrowser("https://example.com");
+      expect(execaSync).toHaveBeenCalledWith("open", ["https://example.com"], { reject: false });
+      expect(result).toBe(true);
+      Object.defineProperty(process, "platform", { value: original });
+    });
+
+    it("calls xdg-open on linux", () => {
+      const original = process.platform;
+      Object.defineProperty(process, "platform", { value: "linux" });
+      execaSync.mockReturnValue({});
+      openBrowser("https://example.com");
+      expect(execaSync).toHaveBeenCalledWith("xdg-open", ["https://example.com"], { reject: false });
+      Object.defineProperty(process, "platform", { value: original });
+    });
+
+    it("calls start on win32", () => {
+      const original = process.platform;
+      Object.defineProperty(process, "platform", { value: "win32" });
+      execaSync.mockReturnValue({});
+      openBrowser("https://example.com");
+      expect(execaSync).toHaveBeenCalledWith("start", ["https://example.com"], { reject: false });
+      Object.defineProperty(process, "platform", { value: original });
+    });
+
+    it("returns false on error", () => {
+      execaSync.mockImplementation(() => { throw new Error("fail"); });
+      expect(openBrowser("https://example.com")).toBe(false);
+    });
+
+    it("returns true on success", () => {
+      execaSync.mockReturnValue({});
+      expect(openBrowser("https://example.com")).toBe(true);
+    });
+  });
+
+  describe("saveApiKey", () => {
+    it("creates directory and saves key", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      saveApiKey("sk-ant-api03-test123");
+      expect(fs.existsSync(CLAUDE_CREDENTIALS)).toBe(true);
+      const creds = JSON.parse(fs.readFileSync(CLAUDE_CREDENTIALS, "utf8"));
+      expect(creds.anthropic_api_key).toBe("sk-ant-api03-test123");
+    });
+
+    it("preserves existing keys", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      fs.mkdirSync(CLAUDE_DIR, { recursive: true });
+      fs.writeFileSync(CLAUDE_CREDENTIALS, JSON.stringify({ openai_api_key: "sk-openai" }));
+      saveApiKey("sk-ant-api03-new");
+      const creds = JSON.parse(fs.readFileSync(CLAUDE_CREDENTIALS, "utf8"));
+      expect(creds.anthropic_api_key).toBe("sk-ant-api03-new");
+      expect(creds.openai_api_key).toBe("sk-openai");
+    });
+
+    it("trims the API key", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      saveApiKey("  sk-ant-api03-trimme  ");
+      const creds = JSON.parse(fs.readFileSync(CLAUDE_CREDENTIALS, "utf8"));
+      expect(creds.anthropic_api_key).toBe("sk-ant-api03-trimme");
+    });
+
+    it("overwrites existing anthropic key", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      fs.mkdirSync(CLAUDE_DIR, { recursive: true });
+      fs.writeFileSync(CLAUDE_CREDENTIALS, JSON.stringify({ anthropic_api_key: "old-key" }));
+      saveApiKey("new-key");
+      const creds = JSON.parse(fs.readFileSync(CLAUDE_CREDENTIALS, "utf8"));
+      expect(creds.anthropic_api_key).toBe("new-key");
+    });
+
+    it("handles corrupted existing credentials", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      fs.mkdirSync(CLAUDE_DIR, { recursive: true });
+      fs.writeFileSync(CLAUDE_CREDENTIALS, "not valid json{{{");
+      saveApiKey("sk-ant-api03-fresh");
+      const creds = JSON.parse(fs.readFileSync(CLAUDE_CREDENTIALS, "utf8"));
+      expect(creds.anthropic_api_key).toBe("sk-ant-api03-fresh");
+    });
+
+    it("returns true", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      expect(saveApiKey("sk-ant-api03-x")).toBe(true);
+    });
+
+    it("prints success message", () => {
+      const spy = vi.spyOn(console, "log").mockImplementation(() => {});
+      saveApiKey("sk-ant-api03-x");
+      const output = spy.mock.calls.map((c) => c[0]).join("\n");
+      expect(output).toContain("Login successful");
+    });
+  });
+
+  describe("LOGIN_HTML", () => {
+    it("contains expected HTML structure", () => {
+      expect(LOGIN_HTML).toContain("<!DOCTYPE html>");
+      expect(LOGIN_HTML).toContain("Foundation CLI Login");
+      expect(LOGIN_HTML).toContain("sk-ant-api");
+    });
+
+    it("contains form elements", () => {
+      expect(LOGIN_HTML).toContain("<form");
+      expect(LOGIN_HTML).toContain("api-key");
+      expect(LOGIN_HTML).toContain("submit-btn");
+    });
+
+    it("contains validation logic", () => {
+      expect(LOGIN_HTML).toContain("sk-ant-api");
+      expect(LOGIN_HTML).toContain("/callback");
+    });
+
+    it("contains success view", () => {
+      expect(LOGIN_HTML).toContain("success-view");
+      expect(LOGIN_HTML).toContain("Login Successful");
+    });
+
+    it("has step-by-step instructions", () => {
+      expect(LOGIN_HTML).toContain("step-num");
+      expect(LOGIN_HTML).toContain("console.anthropic.com");
+    });
+  });
+});