@oauth2-cli/qui-cli 0.5.10 → 0.6.0

package/CHANGELOG.md

@@ -2,6 +2,26 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [0.6.0](https://github.com/battis/oauth2-cli/compare/qui-cli-plugin/0.5.11...qui-cli-plugin/0.6.0) (2026-02-15)
+
+
+### ⚠ BREAKING CHANGES
+
+* limit TokenStorage to storing _only_ refresh_tokens
+* rewritten from scratch to be more easily maintainable
+
+### Features
+
+* limit TokenStorage to storing _only_ refresh_tokens ([3de9c96](https://github.com/battis/oauth2-cli/commit/3de9c96510d15eebd51a0be7d8df278614541f95))
+* rewritten from scratch to be more easily maintainable ([0f764d3](https://github.com/battis/oauth2-cli/commit/0f764d333135ae70bd9b3c4433b7c4a2ef757979))
+
+## [0.5.11](https://github.com/battis/oauth2-cli/compare/qui-cli-plugin/0.5.10...qui-cli-plugin/0.5.11) (2026-01-20)
+
+
+### Bug Fixes
+
+* further token managment debugging output ([fda83da](https://github.com/battis/oauth2-cli/commit/fda83da8794d2f7b7221224619b34148ae0a8fe1))
+
 ## [0.5.10](https://github.com/battis/oauth2-cli/compare/qui-cli-plugin/0.5.9...qui-cli-plugin/0.5.10) (2026-01-18)
 
 

package/README.md

@@ -13,8 +13,24 @@ npm install @qui-cli/core @oauth2-cli/qui-cli
 
 ## Usage
 
-See [@qui-cli](https://github.com/battis/qui-cli#readme) for more information about quickly building CLI apps.
+`index.ts`
 
-See [examples/qui-cli-plugin](../../examples/qui-cli-plugin) for a sample use of this plugin with an arbitrary API.
+```ts
+import { OAuth2 } from '@oauth2-cli/qui-cli';
+import { Core } from '@qui-cli/core';
 
-See [@oauth2-cli/canvas](https://github.com/groton-school/canvas-cli/tree/main/packages/oauth2-cli/canvas#readme) for an example of extending this plugin for a specific API.
+// initialize the `qui-cli` framework, ideally loading
+await Core.run();
+
+console.log(
+  await OAuth2.requestJSON('https://api.github.com/repos/battis/oauth2-cli')
+);
+```
+
+Without additional configuration, `OAuth2` will look for `ISSUER`, `CLIENT_ID`, `CLIENT_SECRET`, `REDIRECT_URI`, `AUTHORIZATION_ENDPOINT`, and `TOKEN_ENDPOINT` values in the environment and will attempt to configure the client using whichever subset of those values are present.
+
+Refer to [`oauth2-cli`](https://www.npmjs.com/package/oauth2-cli) for more information about configuring that tool in more nuanced ways.
+
+Refer to [`qui-cli`](https://github.com/battis/qui-cli#readme) for more information about using those tools to build command line apps.
+
+Specific examples of usage of this plugin are available in the [examples](https://github.com/battis/oauth2-cli/tree/main/examples/qui-cli#readme) directory of the repo.

package/dist/Client.d.ts

@@ -1,7 +1,9 @@
-import { JSONValue } from '@battis/typescript-tricks';
 import * as OAuth2CLI from 'oauth2-cli';
-import { DPoPOptions, FetchBody } from 'openid-client';
+import type { Configuration, DPoPOptions, FetchBody, JsonValue } from 'openid-client';
 export declare class Client extends OAuth2CLI.Client {
-    request(url: URL | string, method?: string, body?: FetchBody, headers?: Headers, dPoPOptions?: DPoPOptions): Promise<Response>;
-    requestJSON<T extends JSONValue = JSONValue>(url: URL | string, method?: string, body?: FetchBody, headers?: Headers, dPoPOptions?: DPoPOptions): Promise<T>;
+    getConfiguration(): Promise<Configuration>;
+    authorize(): Promise<OAuth2CLI.Token.Response>;
+    protected refreshTokenGrant(token: OAuth2CLI.Token.Response): Promise<OAuth2CLI.Token.Response | undefined>;
+    request(url: OAuth2CLI.Request.URL.ish, method?: string, body?: FetchBody, headers?: OAuth2CLI.Request.Headers.ish, dPoPOptions?: DPoPOptions): Promise<Response>;
+    requestJSON<T extends JsonValue = JsonValue>(url: OAuth2CLI.Request.URL.ish, method?: string, body?: FetchBody, headers?: OAuth2CLI.Request.Headers.ish, dPoPOptions?: DPoPOptions): Promise<T>;
 }

package/dist/Client.js

@@ -1,6 +1,21 @@
 import { Log } from '@qui-cli/log';
 import * as OAuth2CLI from 'oauth2-cli';
 export class Client extends OAuth2CLI.Client {
+    async getConfiguration() {
+        const config = await super.getConfiguration();
+        Log.debug('OAuth 2.0 configuration', config);
+        return config;
+    }
+    async authorize() {
+        Log.debug('Authorizing new access token');
+        return await super.authorize();
+    }
+    async refreshTokenGrant(token) {
+        Log.debug('Refreshing expired access token', { token });
+        const refreshed = await super.refreshTokenGrant(token);
+        Log.debug('Received refreshed access token', { token: refreshed });
+        return refreshed;
+    }
     async request(url, method, body, headers, dPoPOptions) {
         Log.debug({ request: { method, url, headers, body, dPoPOptions } });
         const response = await super.request(url, method, body, headers, dPoPOptions);

package/dist/{OAuth2.d.ts → OAuth2Plugin.d.ts}

@@ -1,42 +1,28 @@
-import { PathString, URLString } from '@battis/descriptive-types';
+import { URLString } from '@battis/descriptive-types';
 import { JSONValue } from '@battis/typescript-tricks';
 import * as Plugin from '@qui-cli/plugin';
 import * as OAuth2CLI from 'oauth2-cli';
 import { Client } from './Client.js';
-export { Credentials, FileStorage, Token, TokenStorage } from 'oauth2-cli';
-export * from './Client.js';
-export * from './EnvironmentStorage.js';
-type ParamNames = 'clientId' | 'clientSecret' | 'scope' | 'redirectUri' | 'authorizationEndpoint' | 'tokenEndpoint' | 'tokenPath' | 'accessToken';
-type EnvironmentVars = Record<ParamNames, string>;
-type SupportUrls = Record<ParamNames, URLString>;
-type Hints = Record<ParamNames, string>;
-type OptionNames = Record<ParamNames, string>;
-type OptionSuppression = Record<ParamNames, boolean>;
+type CredentialKey = 'issuer' | 'client_id' | 'client_secret' | 'redirect_uri' | 'authorization_endpoint' | 'token_endpoint' | 'scope';
+type EnvironmentVars = Record<CredentialKey, string>;
+type SupportUrls = Record<CredentialKey, URLString>;
+type Hints = Record<CredentialKey, string>;
+type OptionNames = Record<CredentialKey, string>;
+type OptionSuppression = Record<CredentialKey, boolean>;
 type Usage = {
     heading: string;
     text?: string[];
 };
 export type Configuration = Plugin.Configuration & {
-    clientId?: string;
-    clientSecret?: string;
-    scope?: string;
-    redirectUri?: URLString;
-    headers?: Record<string, string>;
-    authorizationEndpoint?: URLString;
-    tokenEndpoint?: URLString;
-    store?: OAuth2CLI.TokenStorage;
-    tokenPath?: PathString;
-    opt: OptionNames;
+    credentials?: Partial<OAuth2CLI.Credentials.Combined>;
+    inject?: OAuth2CLI.Request.Injection;
+    storage?: OAuth2CLI.Token.TokenStorage;
+    man?: Usage;
+    opt?: Partial<OptionNames>;
     url?: Partial<SupportUrls>;
     hint?: Partial<Hints>;
-    env: EnvironmentVars;
-    man: Usage;
-    suppress?: Partial<OptionSuppression>;
-};
-export type ConfigurationProposal = Partial<Omit<Configuration, 'opt' | 'env' | 'man'>> & {
-    opt?: Partial<OptionNames>;
     env?: Partial<EnvironmentVars>;
-    man?: Partial<Usage>;
+    suppress?: Partial<OptionSuppression>;
 };
 export declare class OAuth2Plugin<C extends Client = Client> {
     readonly name: string;
@@ -44,16 +30,24 @@ export declare class OAuth2Plugin<C extends Client = Client> {
     private static names;
     private static ports;
     constructor(name?: string);
-    private cliConfig;
-    private client;
-    configure(proposal?: ConfigurationProposal): void;
+    private credentials?;
+    private man;
+    private opt;
+    private url;
+    private hint;
+    private env;
+    private suppress;
+    private inject;
+    private storage?;
+    private _client;
+    configure(proposal?: Configuration): void;
     options(): Plugin.Options;
     init({ values }: Plugin.ExpectedArguments<typeof this.options>): Promise<void>;
     protected instantiateClient(...args: ConstructorParameters<typeof OAuth2CLI.Client>): C;
-    getClient(): C;
-    getToken(): Promise<OAuth2CLI.Token | undefined>;
+    get client(): C;
     request(...args: Parameters<OAuth2CLI.Client['request']>): Promise<Response>;
     requestJSON<T extends JSONValue>(...args: Parameters<OAuth2CLI.Client['requestJSON']>): Promise<T>;
     fetch(...args: Parameters<OAuth2CLI.Client['fetch']>): Promise<Response>;
     fetchJSON<T extends JSONValue>(...args: Parameters<OAuth2CLI.Client['fetchJSON']>): Promise<T>;
 }
+export {};

package/dist/OAuth2Plugin.js

@@ -0,0 +1,198 @@
+import { Colors } from '@qui-cli/colors';
+import { Env } from '@qui-cli/env';
+import { Log } from '@qui-cli/log';
+import * as Plugin from '@qui-cli/plugin';
+import * as OAuth2CLI from 'oauth2-cli';
+export class OAuth2Plugin {
+    name;
+    static names = [];
+    static ports = {};
+    constructor(name = '@oauth2-cli/qui-cli') {
+        this.name = name;
+        if (OAuth2Plugin.names.includes(name)) {
+            throw new Error(`A @qui-cli/plugin named ${Colors.value(name)} has already been instantiated.`);
+        }
+    }
+    credentials;
+    man = {
+        heading: 'OAuth 2.0 client options'
+    };
+    opt = {
+        issuer: 'issuer',
+        client_id: 'clientId',
+        client_secret: 'clientSecret',
+        scope: 'scope',
+        redirect_uri: 'redirectUri',
+        authorization_endpoint: 'authorizationEndpoint',
+        token_endpoint: 'tokenEndpoint'
+    };
+    url = undefined;
+    hint = {
+        redirect_uri: Colors.quotedValue(`"http://localhost:3000/redirect"`)
+    };
+    env = {
+        issuer: 'ISSUER',
+        client_id: 'CLIENT_ID',
+        client_secret: 'CLIENT_SECRET',
+        scope: 'SCOPE',
+        redirect_uri: 'REDIRECT_URI',
+        authorization_endpoint: 'AUTHORIZATION_ENDPOINT',
+        token_endpoint: 'TOKEN_ENDPOINT'
+    };
+    suppress = undefined;
+    inject = undefined;
+    storage = undefined;
+    _client = undefined;
+    configure(proposal = {}) {
+        function hydrate(p, c) {
+            if (p) {
+                for (const k of Object.keys(p)) {
+                    if (p[k] !== undefined) {
+                        if (!c) {
+                            c = {};
+                        }
+                        c[k] = p[k];
+                    }
+                }
+            }
+            return c;
+        }
+        this.credentials = hydrate(proposal.credentials, this.credentials);
+        this.storage = Plugin.hydrate(proposal.storage, this.storage);
+        this.inject = hydrate(proposal.inject, this.inject);
+        this.man = Plugin.hydrate(proposal.man, this.man);
+        this.opt = hydrate(proposal.opt, this.opt);
+        this.url = hydrate(proposal.url, this.url);
+        this.hint = hydrate(proposal.hint, this.hint);
+        this.env = hydrate(proposal.env, this.env);
+        this.suppress = hydrate(proposal.suppress, this.suppress);
+        if (this.credentials?.redirect_uri) {
+            const url = OAuth2CLI.Request.URL.from(this.credentials.redirect_uri);
+            if (url.hostname !== 'localhost' &&
+                !/^\/https?\/localhost(:\d+)?\//.test(url.pathname)) {
+                Log.warning(`The ${Colors.optionArg(this.opt.redirect_uri)} value ${Colors.url(this.credentials.redirect_uri)} may not work: it ${Colors.keyword('must')} redirect to ${Colors.url('localhost')}`);
+            }
+            if (url.protocol !== 'http:' &&
+                !/^\/http\/localhost(:\d+)?\//.test(url.pathname)) {
+                Log.warning(`The ${Colors.url(url.protocol)} protocol may not work without additional configuration. The ` +
+                    `server listening for the redirect is not automatically ` +
+                    `provisioned with an SSL certificate`);
+            }
+            if (OAuth2Plugin.ports[url.port] &&
+                OAuth2Plugin.ports[url.port] !== this.name) {
+                Log.warning(`The port ${Colors.value(url.port)} has already been registered to another instance of this plugin ` +
+                    `named ${Colors.value(OAuth2Plugin.ports[url.port])}. This will likely cause a failure if both instances of the ` +
+                    `plugin are listening for redirects at relatively proximate ` +
+                    `moments in time.`);
+            }
+        }
+    }
+    options() {
+        const descriptions = {
+            issuer: `OpenID issuer URL. Defaults to environment variable ` +
+                `${Colors.varName(this.env.issuer)}, if present.`,
+            client_id: `OAuth 2.0 client ID. Defaults to environment variable ` +
+                `${Colors.varName(this.env.client_id)}, if present.`,
+            client_secret: `OAuth 2.0 client secret. Defaults to environment variable ` +
+                `${Colors.varName(this.env.client_secret)}, if present.`,
+            scope: `OAuth 2.0 scope. Defaults to environment variable ` +
+                `${Colors.varName(this.env.scope)}, if present.`,
+            redirect_uri: `OAuth 2.0 redirect URI, must be to host ${Colors.url('localhost')}. ` +
+                `Defaults to environment variable ` +
+                `${Colors.varName(this.env.redirect_uri)}, if present.`,
+            authorization_endpoint: `OAuth 2.0 authorization endpoint. Defaults to environment variable ` +
+                `${Colors.varName(this.env.authorization_endpoint)}, if present.`,
+            token_endpoint: `OAuth 2.0 token endpoint, will fall back to ` +
+                `${Colors.optionArg(`--${this.opt.authorization_endpoint}`)} if ` +
+                `not provided. Defaults to environment variable ` +
+                `${Colors.varName(this.env.token_endpoint)}, if present.`
+        };
+        const opt = {};
+        for (const paramName of Object.keys(descriptions)) {
+            if (!this.suppress || !this.suppress[paramName]) {
+                const option = { description: descriptions[paramName] };
+                if (this.url && this.url[paramName]) {
+                    option.description = `${option.description} See ${Colors.url(this.url[paramName])} for more information.`;
+                }
+                if (this.hint[paramName]) {
+                    option.hint = this.hint[paramName];
+                }
+                switch (paramName) {
+                    case 'client_id':
+                    case 'client_secret':
+                        option.secret = true;
+                }
+                const param = this.credentials
+                    ? this.credentials[paramName]
+                    : undefined;
+                if (typeof param === 'string') {
+                    option.default = param;
+                }
+                opt[this.opt[paramName]] = option;
+            }
+        }
+        return {
+            man: [
+                { level: 1, text: this.man.heading },
+                ...(this.man.text || []).map((t) => ({ text: t }))
+            ],
+            opt
+        };
+    }
+    async init({ values }) {
+        const credentials = {};
+        for (const key of Object.keys(this.opt)) {
+            credentials[key] =
+                values[this.opt[key]] ||
+                    (this.credentials ? this.credentials[key] : undefined) ||
+                    (await Env.get({ key: this.env[key] }));
+        }
+        this.configure({ credentials });
+    }
+    instantiateClient(...args) {
+        return new OAuth2CLI.Client(...args);
+    }
+    get client() {
+        if (!this._client) {
+            if (!this.credentials?.client_id) {
+                throw new Error(`A ${Colors.optionArg(this.opt.client_id)} ${Colors.keyword('must')} be configured.`);
+            }
+            if (!this.credentials?.client_secret) {
+                throw new Error(`A ${Colors.optionArg(this.opt.client_secret)} ${Colors.keyword('must')} be configured.`);
+            }
+            if (!this.credentials?.redirect_uri) {
+                throw new Error(`A ${Colors.optionArg(this.opt.redirect_uri)} ${Colors.keyword('must')} be configured.`);
+            }
+            if (!this.credentials?.issuer) {
+                if (!this.credentials?.authorization_endpoint) {
+                    throw new Error(`Either an ${Colors.optionArg(this.opt.issuer)} or ` +
+                        `${Colors.optionArg(this.opt.authorization_endpoint)} ` +
+                        `${Colors.keyword('must')} be configured.`);
+                }
+                if (!this.credentials?.token_endpoint) {
+                    throw new Error(`Either an ${Colors.optionArg(this.opt.issuer)} or ` +
+                        `${Colors.optionArg(this.opt.token_endpoint)} ` +
+                        `${Colors.keyword('must')} be configured.`);
+                }
+            }
+            this._client = this.instantiateClient({
+                credentials: this.credentials,
+                headers: this.inject?.headers,
+                storage: this.storage
+            });
+        }
+        return this._client;
+    }
+    request(...args) {
+        return this.client.request(...args);
+    }
+    requestJSON(...args) {
+        return this.client.requestJSON(...args);
+    }
+    fetch(...args) {
+        return this.client.fetch(...args);
+    }
+    fetchJSON(...args) {
+        return this.client.fetchJSON(...args);
+    }
+}

package/dist/Token/EnvironmentStorage.d.ts

@@ -0,0 +1,7 @@
+import { Token } from 'oauth2-cli';
+export declare class EnvironmentStorage implements Token.TokenStorage {
+    private tokenEnvVar;
+    constructor(tokenEnvVar?: string);
+    load(): Promise<string | undefined>;
+    save(refresh_token: string): Promise<void>;
+}

package/dist/Token/EnvironmentStorage.js

@@ -0,0 +1,13 @@
+import { Env } from '@qui-cli/env';
+export class EnvironmentStorage {
+    tokenEnvVar;
+    constructor(tokenEnvVar = 'REFRESH_TOKEN') {
+        this.tokenEnvVar = tokenEnvVar;
+    }
+    async load() {
+        return await Env.get({ key: this.tokenEnvVar });
+    }
+    async save(refresh_token) {
+        await Env.set({ key: this.tokenEnvVar, value: refresh_token });
+    }
+}

package/dist/Token/index.d.ts

@@ -0,0 +1,2 @@
+export * from 'oauth2-cli/dist/Token/index.js';
+export * from './EnvironmentStorage.js';

package/dist/Token/index.js

@@ -0,0 +1,2 @@
+export * from 'oauth2-cli/dist/Token/index.js';
+export * from './EnvironmentStorage.js';

package/dist/index.d.ts

@@ -1,2 +1,6 @@
-import * as OAuth2 from './Module.js';
-export { OAuth2 };
+import { OAuth2Plugin } from './OAuth2Plugin.js';
+export declare const OAuth2: OAuth2Plugin<import("./Client.js").Client>;
+export { Credentials, Errors, WebServer } from 'oauth2-cli';
+export * from './Client.js';
+export * from './OAuth2Plugin.js';
+export * as Token from './Token/index.js';

package/dist/index.js

@@ -1,4 +1,8 @@
 import { register } from '@qui-cli/plugin';
-import * as OAuth2 from './Module.js';
-export { OAuth2 };
+import { OAuth2Plugin } from './OAuth2Plugin.js';
+export const OAuth2 = new OAuth2Plugin();
+export { Credentials, Errors, WebServer } from 'oauth2-cli';
+export * from './Client.js';
+export * from './OAuth2Plugin.js';
+export * as Token from './Token/index.js';
 await register(OAuth2);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oauth2-cli/qui-cli",
-  "version": "0.5.10",
+  "version": "0.6.0",
   "description": "@qui-cli/plugin wrapper for oauth2-cli",
   "homepage": "https://github.com/battis/oauth2-cli/tree/main/packages/qui-cli#readme",
   "repository": {
@@ -16,28 +16,26 @@
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "dependencies": {
-    "@qui-cli/colors": "^3.2.1",
-    "openid-client": "^6.8.1",
-    "oauth2-cli": "0.5.0"
+    "@qui-cli/colors": "^3.2.3",
+    "oauth2-cli": "0.6.0"
   },
   "devDependencies": {
     "@battis/descriptive-types": "^0.2.6",
-    "@battis/typescript-tricks": "^0.7.6",
-    "@qui-cli/env-1password": "^1.2.6",
-    "@qui-cli/log": "^4.0.2",
-    "@qui-cli/plugin": "^4.0.0",
-    "@qui-cli/root": "^3.0.6",
-    "@tsconfig/node24": "^24.0.3",
+    "@battis/typescript-tricks": "^0.7.7",
+    "@qui-cli/env": "^5.1.1",
+    "@qui-cli/log": "^4.0.3",
+    "@qui-cli/plugin": "^4.1.0",
+    "@tsconfig/node24": "^24.0.4",
     "commit-and-tag-version": "^12.6.1",
     "del-cli": "^7.0.0",
     "npm-run-all": "^4.1.5",
+    "openid-client": "^6.8.2",
     "typescript": "^5.9.3"
   },
   "peerDependencies": {
     "@qui-cli/env-1password": ">=1",
     "@qui-cli/log": ">=3",
-    "@qui-cli/plugin": ">=3",
-    "@qui-cli/root": ">=3"
+    "@qui-cli/plugin": ">=3"
   },
   "scripts": {
     "clean": "del ./dist",

package/dist/EnvironmentStorage.d.ts

@@ -1,7 +0,0 @@
-import { Token, TokenStorage } from 'oauth2-cli';
-export declare class EnvironmentStorage implements TokenStorage {
-    private tokenEnvVar;
-    constructor(tokenEnvVar?: string);
-    load(): Promise<Token | undefined>;
-    save(tokens: Token): Promise<void>;
-}

package/dist/EnvironmentStorage.js

@@ -1,24 +0,0 @@
-import { Env } from '@qui-cli/env-1password';
-import { Token } from 'oauth2-cli';
-export class EnvironmentStorage {
-    tokenEnvVar;
-    constructor(tokenEnvVar = 'ACCESS_TOKEN') {
-        this.tokenEnvVar = tokenEnvVar;
-    }
-    async load() {
-        try {
-            const data = JSON.parse(await Env.get({ key: this.tokenEnvVar }));
-            if (!data.access_token) {
-                throw new Error('No access token');
-            }
-            return Token.fromResponse(data);
-            // eslint-disable-next-line @typescript-eslint/no-unused-vars
-        }
-        catch (_) {
-            return undefined;
-        }
-    }
-    async save(tokens) {
-        await Env.set({ key: this.tokenEnvVar, value: JSON.stringify(tokens) });
-    }
-}

package/dist/Module.d.ts

@@ -1,11 +0,0 @@
-export * from './OAuth2.js';
-export declare const name: string;
-export declare const configure: (proposal?: import("./OAuth2.js").ConfigurationProposal) => void;
-export declare const options: () => import("@qui-cli/plugin").Options;
-export declare const init: ({ values }: import("@qui-cli/plugin").ExpectedArguments<typeof this.options>) => Promise<void>;
-export declare const getToken: () => Promise<import("oauth2-cli/dist/Token.js").Token | undefined>;
-export declare const getClient: () => import("./Client.js").Client;
-export declare const request: (url: string | URL, method?: string | undefined, body?: import("openid-client").FetchBody, headers?: Headers | undefined, dPoPOptions?: import("openid-client").DPoPOptions | undefined) => Promise<Response>;
-export declare const requestJSON: <T extends import("@battis/typescript-tricks").JSONValue>(url: string | URL, method?: string | undefined, body?: import("openid-client").FetchBody, headers?: Headers | undefined, dPoPOptions?: import("openid-client").DPoPOptions | undefined) => Promise<T>;
-export declare const fetch: (endpoint: string | URL | Request, init?: RequestInit | undefined) => Promise<Response>;
-export declare const fetchJSON: <T extends import("@battis/typescript-tricks").JSONValue>(endpoint: string | URL | Request, init?: RequestInit | undefined) => Promise<T>;

package/dist/Module.js

@@ -1,13 +0,0 @@
-import { OAuth2Plugin } from './OAuth2.js';
-export * from './OAuth2.js';
-const oauth2 = new OAuth2Plugin();
-export const name = oauth2.name;
-export const configure = oauth2.configure.bind(oauth2);
-export const options = oauth2.options.bind(oauth2);
-export const init = oauth2.init.bind(oauth2);
-export const getToken = oauth2.getToken.bind(oauth2);
-export const getClient = oauth2.getClient.bind(oauth2);
-export const request = oauth2.request.bind(oauth2);
-export const requestJSON = oauth2.requestJSON.bind(oauth2);
-export const fetch = oauth2.fetch.bind(oauth2);
-export const fetchJSON = oauth2.fetchJSON.bind(oauth2);

package/dist/OAuth2.js

@@ -1,196 +0,0 @@
-import { Colors } from '@qui-cli/colors';
-import { Env } from '@qui-cli/env-1password';
-import { Log } from '@qui-cli/log';
-import { Root } from '@qui-cli/root';
-import path from 'node:path';
-import * as OAuth2CLI from 'oauth2-cli';
-import { EnvironmentStorage } from './EnvironmentStorage.js';
-export { FileStorage, Token } from 'oauth2-cli';
-export * from './Client.js';
-export * from './EnvironmentStorage.js';
-export class OAuth2Plugin {
-    name;
-    static names = [];
-    static ports = {};
-    constructor(name = '@oauth2-cli/qui-cli') {
-        this.name = name;
-        if (OAuth2Plugin.names.includes(name)) {
-            throw new Error(`A @qui-cli/plugin named ${Colors.value(name)} has already been instantiated.`);
-        }
-    }
-    cliConfig = {
-        opt: {
-            clientId: 'clientId',
-            clientSecret: 'clientSecret',
-            scope: 'scope',
-            redirectUri: 'redirectUri',
-            authorizationEndpoint: 'authorizationEndpoint',
-            tokenEndpoint: 'tokenEndpoint',
-            tokenPath: 'tokenPath',
-            accessToken: 'accessToken'
-        },
-        hint: {
-            redirectUri: Colors.quotedValue(`"https://localhost:3000/redirect"`)
-        },
-        env: {
-            clientId: 'CLIENT_ID',
-            clientSecret: 'CLIENT_SECRET',
-            scope: 'SCOPE',
-            redirectUri: 'REDIRECT_URI',
-            authorizationEndpoint: 'AUTHORIZATION_ENDPOINT',
-            tokenEndpoint: 'TOKEN_ENDPOINT',
-            tokenPath: 'TOKEN_PATH',
-            accessToken: 'ACCESS_TOKEN'
-        },
-        man: {
-            heading: 'OAuth 2.0 client options'
-        },
-        suppress: {
-            tokenPath: true,
-            accessToken: true
-        }
-    };
-    client = undefined;
-    configure(proposal = {}) {
-        for (const key in proposal) {
-            if (proposal[key] !== undefined) {
-                this.cliConfig[key] = proposal[key];
-            }
-        }
-        if (!this.cliConfig.store) {
-            if (this.cliConfig.tokenPath) {
-                this.cliConfig.store = new OAuth2CLI.FileStorage(path.resolve(Root.path(), this.cliConfig.tokenPath));
-            }
-            else {
-                this.cliConfig.store = new EnvironmentStorage(this.cliConfig.env.accessToken);
-            }
-        }
-        if (this.cliConfig.redirectUri) {
-            const url = new URL(this.cliConfig.redirectUri);
-            if (url.hostname !== 'localhost') {
-                Log.warning(`The ${Colors.varName('redirect_uri')} value ${Colors.url(this.cliConfig.redirect_uri)} may not work: it ${Colors.keyword('must')} point to ${Colors.url('localhost')}`);
-            }
-            if (url.protocol !== 'http:') {
-                Log.warning(`The ${Colors.url(url.protocol)} protocol may not work without additional configuration. The ` +
-                    `server listening for the redirect will be running at ${Colors.url(`http://localhost:${url.port}`)}`);
-            }
-            if (OAuth2Plugin.ports[url.port] &&
-                OAuth2Plugin.ports[url.port] !== this.name) {
-                Log.warning(`The port ${Colors.value(url.port)} has already been registered to another instance of this plugin ` +
-                    `named ${Colors.value(OAuth2Plugin.ports[url.port])}. This will likely cause a failure if both instances of the ` +
-                    `plugin are listening for redirects at relatively proximate ` +
-                    `moments in time.`);
-            }
-        }
-    }
-    options() {
-        const descriptions = {
-            clientId: `OAuth 2.0 client ID. Defaults to environment variable ` +
-                `${Colors.value(this.cliConfig.env.clientId)}, if present.`,
-            clientSecret: `OAuth 2.0 client secret. Defaults to environment variable ` +
-                `${Colors.value(this.cliConfig.env.clientSecret)}, if present.`,
-            scope: `OAuth 2.0 scope. Defaults to environment variable ` +
-                `${Colors.varName(this.cliConfig.env.scope)}, if present.`,
-            redirectUri: `OAuth 2.0 redirect URI, must be to host ${Colors.url('localhost')}. ` +
-                `Defaults to environment variable ` +
-                `${Colors.value(this.cliConfig.env.redirectUri)}, if present.`,
-            authorizationEndpoint: `OAuth 2.0 authorization endpoint. Defaults to environment variable ` +
-                `${Colors.value(this.cliConfig.env.authorizationEndpoint)}, if present.`,
-            tokenEndpoint: `OAuth 2.0 token endpoint, will fall back to ` +
-                `${Colors.optionArg(`--${this.cliConfig.opt['authorizationEndpoint']}`)} if ` +
-                `not provided. Defaults to environment ariable ` +
-                `${Colors.value(this.cliConfig.env.tokenEndpoint)}, if present.`,
-            tokenPath: `Path to token storage JSON file. Defaults to environent variable ` +
-                `${Colors.value(this.cliConfig.env.tokenPath)}, if present.`,
-            accessToken: `Access token JSON object value. Defaults to environment variable ` +
-                `${Colors.value(this.cliConfig.env.accessToken)}, if present.`
-        };
-        const opt = {};
-        for (const paramName of Object.keys(descriptions)) {
-            if (!this.cliConfig.suppress || !this.cliConfig.suppress[paramName]) {
-                const option = { description: descriptions[paramName] };
-                if (this.cliConfig.url && this.cliConfig.url[paramName]) {
-                    option.description = `${option.description} See ${Colors.url(this.cliConfig.url[paramName])} for more information.`;
-                }
-                if (this.cliConfig.hint && this.cliConfig.hint[paramName]) {
-                    option.hint = this.cliConfig.hint[paramName];
-                }
-                switch (paramName) {
-                    case 'clientId':
-                    case 'clientSecret':
-                    case 'accessToken':
-                        option.secret = true;
-                }
-                const param = this.cliConfig[paramName];
-                if (typeof param === 'string') {
-                    option.default = param;
-                }
-                opt[this.cliConfig.opt[paramName]] = option;
-            }
-        }
-        return {
-            man: [
-                { level: 1, text: this.cliConfig.man.heading },
-                ...(this.cliConfig.man.text || []).map((t) => ({ text: t }))
-            ],
-            opt
-        };
-    }
-    async init({ values }) {
-        const proposal = {};
-        let paramName;
-        for (paramName of Object.keys(this.cliConfig.opt)) {
-            proposal[paramName] =
-                values[this.cliConfig.opt[paramName]] ||
-                    this.cliConfig[paramName] ||
-                    (await Env.get({ key: this.cliConfig.env[paramName] }));
-        }
-        this.configure(proposal);
-    }
-    instantiateClient(...args) {
-        return new OAuth2CLI.Client(...args);
-    }
-    getClient() {
-        if (!this.client) {
-            const { clientId: client_id, clientSecret: client_secret, scope, redirectUri: redirect_uri, authorizationEndpoint: authorization_endpoint, tokenEndpoint: token_endpoint, headers, store } = this.cliConfig;
-            if (!client_id) {
-                throw new Error('OAuth 2.0 client ID not defined');
-            }
-            if (!client_secret) {
-                throw new Error('OAuth 2.0 client secret not defined');
-            }
-            if (!redirect_uri) {
-                throw new Error('OAuth 2.0 redirect URI not defined');
-            }
-            if (!authorization_endpoint) {
-                throw new Error('OAuth 2.0 authorization endpoint not defined');
-            }
-            this.client = this.instantiateClient({
-                client_id,
-                client_secret,
-                scope,
-                redirect_uri,
-                authorization_endpoint,
-                token_endpoint,
-                headers,
-                store
-            });
-        }
-        return this.client;
-    }
-    getToken() {
-        return this.getClient().getToken();
-    }
-    request(...args) {
-        return this.getClient().request(...args);
-    }
-    requestJSON(...args) {
-        return this.getClient().requestJSON(...args);
-    }
-    fetch(...args) {
-        return this.getClient().fetch(...args);
-    }
-    fetchJSON(...args) {
-        return this.getClient().fetchJSON(...args);
-    }
-}