@oauth2-cli/qui-cli-plugin 0.2.7 → 0.3.1

package/CHANGELOG.md

@@ -2,6 +2,24 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [0.3.1](https://github.com/battis/oauth2-cli/compare/qui-cli-plugin/0.3.0...qui-cli-plugin/0.3.1) (2026-01-03)
+
+
+### Features
+
+* extend @oauth2-cli/qui-cli-plugin by instantiating new versions ([14713c5](https://github.com/battis/oauth2-cli/commit/14713c5d1c884c9a1d62ca34d0e5c364ffd8f19b))
+
+## [0.3.0](https://github.com/battis/oauth2-cli/compare/qui-cli-plugin/0.2.7...qui-cli-plugin/0.3.0) (2025-12-24)
+
+
+### ⚠ BREAKING CHANGES
+
+* resolve 1Password secret references successfully
+
+### Bug Fixes
+
+* resolve 1Password secret references successfully ([c4446e1](https://github.com/battis/oauth2-cli/commit/c4446e197a66271dac3ea8d58ff44725cc6be1db))
+
 ## [0.2.7](https://github.com/battis/oauth2-cli/compare/qui-cli-plugin/0.2.6...qui-cli-plugin/0.2.7) (2025-12-23)
 
 

package/README.md

@@ -8,11 +8,13 @@
 ## Install
 
 ```sh
-npm install @battis/qui-cli @oauth2-cli/qui-cli-plugin
+npm install @qui-cli/core @oauth2-cli/qui-cli-plugin
 ```
 
 ## Usage
 
-See [@battis/qui-cli](https://www.npmjs.com/package/@battis/qui-cli) for more information about quickly building CLI apps.
+See [@qui-cli](https://github.com/battis/qui-cli#readme) for more information about quickly building CLI apps.
 
-See [examples/qui-cli-plugin](../../examples/qui-cli-plugin).
+See [examples/qui-cli-plugin](../../examples/qui-cli-plugin) for a sample use of this plugin with an arbitrary API.
+
+See [@oauth2-cli/canvas](https://github.com/groton-school/canvas-cli/tree/main/packages/oauth2-cli/canvas#readme) for an example of extending this plugin for a specific API.

package/dist/EnvironmentStorage.d.ts

@@ -3,5 +3,5 @@ export declare class EnvironmentStorage implements TokenStorage {
     private tokenEnvVar;
     constructor(tokenEnvVar?: string);
     load(): Promise<Token | undefined>;
-    save(tokens: Token): Promise<Token>;
+    save(tokens: Token): Promise<void>;
 }

package/dist/EnvironmentStorage.js

@@ -20,6 +20,5 @@ export class EnvironmentStorage {
     }
     async save(tokens) {
         await Env.set({ key: this.tokenEnvVar, value: JSON.stringify(tokens) });
-        return tokens;
     }
 }

package/dist/{OAuth2CLI.d.ts → OAuth2.d.ts}

@@ -1,7 +1,7 @@
 import { PathString, URLString } from '@battis/descriptive-types';
 import '@qui-cli/env-1password';
 import * as Plugin from '@qui-cli/plugin';
-import * as OAuth2 from 'oauth2-cli';
+import * as OAuth2CLI from 'oauth2-cli';
 import * as OpenIDClient from 'openid-client';
 type EnvironmentVars = {
     client_id: string;
@@ -31,20 +31,29 @@ export type Configuration = Plugin.Configuration & {
     headers?: Record<string, string>;
     authorization_endpoint?: URLString;
     token_endpoint?: URLString;
-    store?: OAuth2.TokenStorage;
+    store?: OAuth2CLI.TokenStorage;
     token_path?: PathString;
     env: EnvironmentVars;
     man: Usage;
     suppress?: OptionSuppression;
 };
-export declare const name = "@oauth2-cli/qui-cli-plugin";
-export declare function configure(proposal?: Partial<Omit<Configuration, 'env' | 'suppress'>> & {
-    env?: Partial<EnvironmentVars>;
-    suppress?: Partial<OptionSuppression>;
-}): void;
-export declare function options(): Plugin.Options;
-export declare function init(args: Plugin.ExpectedArguments<typeof options>): Promise<void>;
-export declare function getToken(): Promise<OAuth2.Token | undefined>;
-export declare function request(url: URL | string, method?: string, body?: OpenIDClient.FetchBody, headers?: Record<string, string>, options?: OpenIDClient.DPoPOptions): Promise<Response>;
-export declare function requestJSON<T = unknown>(url: URL | string, method?: string, body?: OpenIDClient.FetchBody, headers?: Record<string, string>, options?: OpenIDClient.DPoPOptions): Promise<T>;
+export declare class OAuth2 {
+    readonly name: string;
+    [key: string]: unknown;
+    private static names;
+    private static ports;
+    constructor(name?: string);
+    private config;
+    private client;
+    configure(proposal?: Partial<Omit<Configuration, 'env' | 'suppress'>> & {
+        env?: Partial<EnvironmentVars>;
+        suppress?: Partial<OptionSuppression>;
+    }): void;
+    options(): Plugin.Options;
+    init(args: Plugin.ExpectedArguments<typeof this.options>): Promise<void>;
+    private getClient;
+    getToken(): Promise<OAuth2CLI.Token | undefined>;
+    request(url: URL | string, method?: string, body?: OpenIDClient.FetchBody, headers?: Record<string, string>, options?: OpenIDClient.DPoPOptions): Promise<Response>;
+    requestJSON<T = unknown>(url: URL | string, method?: string, body?: OpenIDClient.FetchBody, headers?: Record<string, string>, options?: OpenIDClient.DPoPOptions): Promise<T>;
+}
 export {};

package/dist/OAuth2.js

@@ -0,0 +1,184 @@
+import { Colors } from '@qui-cli/colors';
+import '@qui-cli/env-1password';
+import { Env } from '@qui-cli/env-1password';
+import { Log } from '@qui-cli/log';
+import { Root } from '@qui-cli/root';
+import path from 'node:path';
+import * as OAuth2CLI from 'oauth2-cli';
+import { EnvironmentStorage } from './EnvironmentStorage.js';
+export class OAuth2 {
+    name;
+    static names = [];
+    static ports = {};
+    constructor(name = '@oauth2-cli/qui-cli-plugin') {
+        this.name = name;
+        if (OAuth2.names.includes(name)) {
+            throw new Error(`A @qui-cli/plugin named ${Colors.value(name)} has already been instantiated.`);
+        }
+    }
+    config = {
+        env: {
+            client_id: 'CLIENT_ID',
+            client_secret: 'CLIENT_SECRET',
+            redirect_uri: 'REDIRECT_URI',
+            authorization_endpoint: 'AUTHORIZATION_ENDPOINT',
+            token_endpoint: 'TOKEN_ENDPOINT',
+            token_path: 'TOKEN_PATH',
+            access_token: 'ACCESS_TOKEN'
+        },
+        man: {
+            heading: 'OAuth 2.0 client options'
+        },
+        suppress: {
+            tokenPath: true
+        }
+    };
+    client = undefined;
+    configure(proposal = {}) {
+        for (const key in proposal) {
+            if (proposal[key] !== undefined) {
+                this.config[key] = proposal[key];
+            }
+        }
+        if (!this.config.store) {
+            if (this.config.token_path) {
+                this.config.store = new OAuth2CLI.FileStorage(path.resolve(Root.path(), this.config.token_path));
+            }
+            else {
+                this.config.store = new EnvironmentStorage(this.config.env.access_token);
+            }
+        }
+        if (this.config.redirect_uri) {
+            const url = new URL(this.config.redirect_uri);
+            if (url.hostname !== 'localhost') {
+                Log.warning(`The ${Colors.varName('redirect_uri')} value ${Colors.url(this.config.redirect_uri)} may not work: it ${Colors.keyword('must')} point to ${Colors.url('localhost')}`);
+            }
+            if (url.protocol !== 'http:') {
+                Log.warning(`The ${Colors.url(url.protocol)} protocol may not work without additional configuration. The server listening for the redirect will be running at ${Colors.url(`http://localhost:${url.port}`)}`);
+            }
+            if (OAuth2.ports[url.port] && OAuth2.ports[url.port] !== this.name) {
+                Log.warning(`The port ${Colors.value(url.port)} has already been registered to another instance of this plugin named ${Colors.value(OAuth2.ports[url.port])}. This will likely cause a failure if both instances of the plugin are listening for redirects at relatively proximate moments in time.`);
+            }
+        }
+    }
+    options() {
+        return {
+            man: [
+                { level: 1, text: this.config.man.heading },
+                ...(this.config.man.text || []).map((t) => ({ text: t }))
+            ],
+            opt: {
+                ...(this.config.suppress?.clientId
+                    ? {}
+                    : {
+                        clientId: {
+                            description: `OAuth 2.0 client ID (defaults to environment variable ${Colors.value(this.config.env.client_id)})`,
+                            secret: true,
+                            default: this.config.client_id
+                        }
+                    }),
+                ...(this.config.suppress?.clientSecret
+                    ? {}
+                    : {
+                        clientSecret: {
+                            description: `OAuth 2.0 client secret (defaults to environment variable ${Colors.value(this.config.env.client_secret)}`,
+                            secret: true,
+                            default: this.config.client_secret
+                        }
+                    }),
+                ...(this.config.suppress?.redirectUri
+                    ? {}
+                    : {
+                        redirectUri: {
+                            description: `OAuth 2.0 redirect URI (must be to host ${Colors.url('localhost')}, defaults to environment variables ${Colors.value(this.config.env.redirect_uri)})`,
+                            hint: Colors.quotedValue(`"http://localhost:XXXX/path/to/redirect"`),
+                            default: this.config.redirect_uri
+                        }
+                    }),
+                ...(this.config.suppress?.authorizationEndpoint
+                    ? {}
+                    : {
+                        authorizationEndpoint: {
+                            description: `OAuth 2.0 authorization endpoint (defaults to environment variable ${Colors.value(this.config.env.authorization_endpoint)}`,
+                            default: this.config.authorization_endpoint
+                        }
+                    }),
+                ...(this.config.suppress?.tokenEndpoint
+                    ? {}
+                    : {
+                        tokenEndpoint: {
+                            description: `OAuth 2.0 token endpoint (will fall back to authorization endpoint if not provided, defaults to environment variable ${Colors.value(this.config.env.token_endpoint)}`,
+                            default: this.config.token_endpoint
+                        }
+                    }),
+                ...(this.config.suppress?.tokenPath
+                    ? {}
+                    : {
+                        tokenPath: {
+                            description: `Path to token storage JSON file (defaults to environent variable ${Colors.value(this.config.env.token_path)}`,
+                            default: this.config.token_path
+                        }
+                    })
+            }
+        };
+    }
+    async init(args) {
+        const { values: { clientId: client_id = await Env.get({
+            key: this.config.env.client_id
+        }), clientSecret: client_secret = await Env.get({
+            key: this.config.env.client_secret
+        }), redirectUri: redirect_uri = await Env.get({
+            key: this.config.env.redirect_uri
+        }), authorizationEndpoint: authorization_endpoint = await Env.get({
+            key: this.config.env.authorization_endpoint
+        }), tokenEndpoint: token_endpoint = await Env.get({
+            key: this.config.env.token_endpoint
+        }), tokenPath: token_path = await Env.get({
+            key: this.config.env.token_path
+        }) } } = args;
+        this.configure({
+            client_id,
+            client_secret,
+            redirect_uri,
+            authorization_endpoint,
+            token_endpoint,
+            token_path
+        });
+    }
+    getClient() {
+        if (!this.client) {
+            const { client_id, client_secret, redirect_uri, authorization_endpoint, token_endpoint, headers, store } = this.config;
+            if (!client_id) {
+                throw new Error('OAuth 2.0 client ID not defined');
+            }
+            if (!client_secret) {
+                throw new Error('OAuth 2.0 client secret not defined');
+            }
+            if (!redirect_uri) {
+                throw new Error('OAuth 2.0 redirect URI not defined');
+            }
+            if (!authorization_endpoint) {
+                throw new Error('OAuth 2.0 authorization endpoint not defined');
+            }
+            this.client = new OAuth2CLI.Client({
+                client_id,
+                client_secret,
+                redirect_uri,
+                authorization_endpoint,
+                token_endpoint,
+                headers,
+                store
+            });
+        }
+        return this.client;
+    }
+    async getToken() {
+        return await this.getClient().getToken();
+    }
+    async request(url, method = 'GET', body, headers, options) {
+        return await this.getClient().request(url, method, body, headers, options);
+    }
+    async requestJSON(url, method = 'GET', body, headers, options) {
+        return (await this.getClient().requestJSON(url, method, body, headers, options));
+    }
+}

package/dist/index.d.ts

@@ -1,3 +1,3 @@
-import * as OAuth2 from './OAuth2CLI.js';
+import { OAuth2 as Plugin } from './OAuth2.js';
 export * from './EnvironmentStorage.js';
-export { OAuth2 };
+export declare const OAuth2: Plugin;

package/dist/index.js

@@ -1,5 +1,5 @@
 import { register } from '@qui-cli/plugin';
-import * as OAuth2 from './OAuth2CLI.js';
+import { OAuth2 as Plugin } from './OAuth2.js';
 export * from './EnvironmentStorage.js';
-export { OAuth2 };
+export const OAuth2 = new Plugin();
 await register(OAuth2);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oauth2-cli/qui-cli-plugin",
-  "version": "0.2.7",
+  "version": "0.3.1",
   "description": "@battis/qui-cli.plugin wrapper for oauth2-cli",
   "homepage": "https://github.com/battis/oauth2-cli/tree/main/packages/qui-cli-plugin#readme",
   "repository": {
@@ -16,15 +16,16 @@
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "dependencies": {
+    "@qui-cli/log": "^4.0.2",
     "openid-client": "^6.8.1",
-    "oauth2-cli": "0.2.3"
+    "oauth2-cli": "0.3.0"
   },
   "devDependencies": {
     "@battis/descriptive-types": "^0.2.6",
-    "@qui-cli/colors": "^3.1.1",
-    "@qui-cli/env-1password": "^1.2.0",
+    "@qui-cli/colors": "^3.2.1",
+    "@qui-cli/env-1password": "^1.2.5",
     "@qui-cli/plugin": "^4.0.0",
-    "@qui-cli/root": "^3.0.4",
+    "@qui-cli/root": "^3.0.6",
     "@tsconfig/node20": "^20.1.8",
     "commit-and-tag-version": "^12.6.1",
     "del-cli": "^6.0.0",

package/dist/OAuth2CLI.js

@@ -1,159 +0,0 @@
-import { Colors } from '@qui-cli/colors';
-import '@qui-cli/env-1password';
-import { Env } from '@qui-cli/env-1password';
-import { Root } from '@qui-cli/root';
-import path from 'node:path';
-import * as OAuth2 from 'oauth2-cli';
-import { EnvironmentStorage } from './EnvironmentStorage.js';
-export const name = '@oauth2-cli/qui-cli-plugin';
-const config = {
-    env: {
-        client_id: 'CLIENT_ID',
-        client_secret: 'CLIENT_SECRET',
-        redirect_uri: 'REDIRECT_URI',
-        authorization_endpoint: 'AUTHORIZATION_ENDPOINT',
-        token_endpoint: 'TOKEN_ENDPOINT',
-        token_path: 'TOKEN_PATH',
-        access_token: 'ACCESS_TOKEN'
-    },
-    man: {
-        heading: 'OAuth 2.0 client options'
-    },
-    suppress: {
-        tokenPath: true
-    }
-};
-let client = undefined;
-export function configure(proposal = {}) {
-    for (const key in proposal) {
-        if (proposal[key] !== undefined) {
-            config[key] = proposal[key];
-        }
-    }
-    if (!config.store) {
-        if (config.token_path) {
-            config.store = new OAuth2.FileStorage(path.resolve(Root.path(), config.token_path));
-        }
-        else {
-            config.store = new EnvironmentStorage(config.env.access_token);
-        }
-    }
-}
-export function options() {
-    return {
-        man: [
-            { level: 1, text: config.man.heading },
-            ...(config.man.text || []).map((t) => ({ text: t }))
-        ],
-        opt: {
-            ...(config.suppress?.clientId
-                ? {}
-                : {
-                    clientId: {
-                        description: `OAuth 2.0 client ID (defaults to environment variable ${Colors.value(config.env.client_id)})`,
-                        secret: true,
-                        default: config.client_id
-                    }
-                }),
-            ...(config.suppress?.clientSecret
-                ? {}
-                : {
-                    clientSecret: {
-                        description: `OAuth 2.0 client secret (defaults to environment variable ${Colors.value(config.env.client_secret)}`,
-                        secret: true,
-                        default: config.client_secret
-                    }
-                }),
-            ...(config.suppress?.redirectUri
-                ? {}
-                : {
-                    redirectUri: {
-                        description: `OAuth 2.0 redirect URI (must be to host ${Colors.url('localhost')}, defaults to environment variables ${Colors.value(config.env.redirect_uri)})`,
-                        hint: Colors.quotedValue(`"http://localhost:XXXX/path/to/redirect"`),
-                        default: config.redirect_uri
-                    }
-                }),
-            ...(config.suppress?.authorizationEndpoint
-                ? {}
-                : {
-                    authorizationEndpoint: {
-                        description: `OAuth 2.0 authorization endpoint (defaults to environment variable ${Colors.value(config.env.authorization_endpoint)}`,
-                        default: config.authorization_endpoint
-                    }
-                }),
-            ...(config.suppress?.tokenEndpoint
-                ? {}
-                : {
-                    tokenEndpoint: {
-                        description: `OAuth 2.0 token endpoint (will fall back to authorization endpoint if not provided, defaults to environment variable ${Colors.value(config.env.token_endpoint)}`,
-                        default: config.token_endpoint
-                    }
-                }),
-            ...(config.suppress?.tokenPath
-                ? {}
-                : {
-                    tokenPath: {
-                        description: `Path to token storage JSON file (defaults to environent variable ${Colors.value(config.env.token_path)}`,
-                        default: config.token_path
-                    }
-                })
-        }
-    };
-}
-export async function init(args) {
-    const { values: { clientId: client_id = await Env.get({
-        key: config.env.client_id
-    }), clientSecret: client_secret = await Env.get({
-        key: config.env.client_secret
-    }), redirectUri: redirect_uri = await Env.get({
-        key: config.env.redirect_uri
-    }), authorizationEndpoint: authorization_endpoint = await Env.get({
-        key: config.env.authorization_endpoint
-    }), tokenEndpoint: token_endpoint = await Env.get({
-        key: config.env.token_endpoint
-    }), tokenPath: token_path = await Env.get({ key: config.env.token_path }) } } = args;
-    configure({
-        client_id,
-        client_secret,
-        redirect_uri,
-        authorization_endpoint,
-        token_endpoint,
-        token_path
-    });
-}
-function getClient() {
-    if (!client) {
-        const { client_id, client_secret, redirect_uri, authorization_endpoint, token_endpoint, headers, store } = config;
-        if (!client_id) {
-            throw new Error('OAuth 2.0 client ID not defined');
-        }
-        if (!client_secret) {
-            throw new Error('OAuth 2.0 client secret not defined');
-        }
-        if (!redirect_uri) {
-            throw new Error('OAuth 2.0 redirect URI not defined');
-        }
-        if (!authorization_endpoint) {
-            throw new Error('OAuth 2.0 authorization endpoint not defined');
-        }
-        client = new OAuth2.Client({
-            client_id,
-            client_secret,
-            redirect_uri,
-            authorization_endpoint,
-            token_endpoint,
-            headers,
-            store
-        });
-    }
-    return client;
-}
-export async function getToken() {
-    return await getClient().getToken();
-}
-export async function request(url, method = 'GET', body, headers, options) {
-    return await getClient().request(url, method, body, headers, options);
-}
-export async function requestJSON(url, method = 'GET', body, headers, options) {
-    return (await getClient().requestJSON(url, method, body, headers, options));
-}