@ogment-ai/cli 0.3.5 → 0.4.0

package/dist/services/account.js

@@ -1,7 +1,9 @@
 import { Result } from "better-result";
 import { readResponseText } from "../infra/http.js";
+import { ERROR_CODE } from "../shared/error-codes.js";
 import { AuthError, RemoteRequestError } from "../shared/errors.js";
 import { parseWithSchema } from "../shared/guards.js";
+import { remoteRetryConfig } from "../shared/retry.js";
 import { accountMeSchema } from "../shared/schemas.js";
 const authHeader = (apiKey) => {
     return {
@@ -9,7 +11,7 @@ const authHeader = (apiKey) => {
     };
 };
 export const createAccountService = (deps) => {
-    const fetchAccount = async (apiKey) => {
+    const fetchAccountOnce = async (apiKey) => {
         const responseResult = await deps.httpClient.request(`${deps.baseUrl}/api/v1/mcp-auth/me`, {
             headers: authHeader(apiKey),
         });
@@ -19,7 +21,9 @@ export const createAccountService = (deps) => {
         if (!responseResult.value.ok) {
             if (responseResult.value.status === 401) {
                 return Result.err(new AuthError({
-                    message: "Authentication failed. Run `ogment login` again.",
+                    code: ERROR_CODE.authInvalidCredentials,
+                    message: "Authentication failed. Run `ogment auth login` again.",
+                    suggestedCommand: "ogment auth login",
                 }));
             }
             const body = await readResponseText(responseResult.value);
@@ -45,6 +49,18 @@ export const createAccountService = (deps) => {
         }
         return Result.ok(parsed.value.data);
     };
+    const fetchAccount = async (apiKey) => {
+        return Result.tryPromise({
+            catch: (cause) => cause,
+            try: async () => {
+                const result = await fetchAccountOnce(apiKey);
+                if (Result.isError(result)) {
+                    throw result.error;
+                }
+                return result.value;
+            },
+        }, remoteRetryConfig());
+    };
     return {
         fetchAccount,
         listServers: async (apiKey) => {

package/dist/services/auth.d.ts

@@ -4,22 +4,33 @@ import type { BrowserOpener } from "../infra/browser.js";
 import type { CredentialsStore } from "../infra/credentials.js";
 import type { HttpClient } from "../infra/http.js";
 import { AuthError, RemoteRequestError, UnexpectedError, ValidationError } from "../shared/errors.js";
-import type { LoginSuccess, LogoutSuccess } from "../shared/types.js";
+import type { AuthStatusSuccess, LoginSuccess, LogoutSuccess } from "../shared/types.js";
 export interface LoginPendingInfo {
     userCode: string;
     verificationUri: string;
 }
-export interface LoginOptions {
-    device: boolean;
+interface BaseLoginOptions {
     nonInteractive: boolean;
+}
+interface DeviceLoginOptions extends BaseLoginOptions {
+    mode: "device";
     onPending?: (info: LoginPendingInfo) => void;
 }
+interface BrowserLoginOptions extends BaseLoginOptions {
+    mode: "browser";
+}
+interface ApiKeyLoginOptions extends BaseLoginOptions {
+    apiKey: string;
+    mode: "apiKey";
+}
+export type LoginOptions = ApiKeyLoginOptions | BrowserLoginOptions | DeviceLoginOptions;
 export type LoginError = AuthError | RemoteRequestError | UnexpectedError | ValidationError;
 export type ResolveApiKeyError = AuthError | UnexpectedError;
 export interface AuthService {
     login(options: LoginOptions): Promise<ResultType<LoginSuccess, LoginError>>;
     logout(): Promise<ResultType<LogoutSuccess, UnexpectedError>>;
     resolveApiKey(overrideApiKey?: string): Promise<ResultType<string, ResolveApiKeyError>>;
+    status(overrideApiKey?: string): Promise<ResultType<AuthStatusSuccess, UnexpectedError>>;
 }
 interface AuthServiceDeps {
     baseUrl: string;

package/dist/services/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/services/auth.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAMzC,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAGnD,OAAO,EACL,SAAS,EACT,kBAAkB,EAClB,eAAe,EACf,eAAe,EAChB,MAAM,qBAAqB,CAAC;AAY7B,OAAO,KAAK,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEtE,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,cAAc,EAAE,OAAO,CAAC;IACxB,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,gBAAgB,KAAK,IAAI,CAAC;CAC9C;AAED,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,kBAAkB,GAAG,eAAe,GAAG,eAAe,CAAC;AAE5F,MAAM,MAAM,kBAAkB,GAAG,SAAS,GAAG,eAAe,CAAC;AAE7D,MAAM,WAAW,WAAW;IAC1B,KAAK,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC;IAC5E,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC,CAAC;IAC9D,aAAa,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;CACzF;AAED,UAAU,eAAe;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,aAAa,CAAC;IAC7B,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,cAAc,CAAC,EAAE,OAAO,YAAY,CAAC;IACrC,iBAAiB,CAAC,EAAE,MAAM,MAAM,CAAC;IACjC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,MAAM,CAAC;IAC1B,UAAU,EAAE,UAAU,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACjD;AA8RD,eAAO,MAAM,iBAAiB,GAAI,MAAM,eAAe,KAAG,WA2hBzD,CAAC"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/services/auth.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAMzC,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAInD,OAAO,EACL,SAAS,EACT,kBAAkB,EAClB,eAAe,EACf,eAAe,EAChB,MAAM,qBAAqB,CAAC;AAa7B,OAAO,KAAK,EAAE,iBAAiB,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEzF,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,UAAU,gBAAgB;IACxB,cAAc,EAAE,OAAO,CAAC;CACzB;AAED,UAAU,kBAAmB,SAAQ,gBAAgB;IACnD,IAAI,EAAE,QAAQ,CAAC;IACf,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,gBAAgB,KAAK,IAAI,CAAC;CAC9C;AAED,UAAU,mBAAoB,SAAQ,gBAAgB;IACpD,IAAI,EAAE,SAAS,CAAC;CACjB;AAED,UAAU,kBAAmB,SAAQ,gBAAgB;IACnD,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,QAAQ,CAAC;CAChB;AAED,MAAM,MAAM,YAAY,GAAG,kBAAkB,GAAG,mBAAmB,GAAG,kBAAkB,CAAC;AAEzF,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,kBAAkB,GAAG,eAAe,GAAG,eAAe,CAAC;AAE5F,MAAM,MAAM,kBAAkB,GAAG,SAAS,GAAG,eAAe,CAAC;AAE7D,MAAM,WAAW,WAAW;IAC1B,KAAK,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC;IAC5E,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC,CAAC;IAC9D,aAAa,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;IACxF,MAAM,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,iBAAiB,EAAE,eAAe,CAAC,CAAC,CAAC;CAC1F;AAED,UAAU,eAAe;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,aAAa,CAAC;IAC7B,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,cAAc,CAAC,EAAE,OAAO,YAAY,CAAC;IACrC,iBAAiB,CAAC,EAAE,MAAM,MAAM,CAAC;IACjC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,MAAM,CAAC;IAC1B,UAAU,EAAE,UAAU,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACjD;AAgTD,eAAO,MAAM,iBAAiB,GAAI,MAAM,eAAe,KAAG,WAioBzD,CAAC"}

package/dist/services/auth.js

@@ -6,8 +6,10 @@ import { Result } from "better-result";
 import { detectExecutionEnvironment } from "../infra/env.js";
 import { readResponseText } from "../infra/http.js";
 import { CLI_CLIENT_NAME, CLI_REDIRECT_HOST } from "../shared/constants.js";
+import { ERROR_CODE } from "../shared/error-codes.js";
 import { AuthError, RemoteRequestError, UnexpectedError, ValidationError, } from "../shared/errors.js";
 import { parseWithSchema } from "../shared/guards.js";
+import { remoteRetryConfig } from "../shared/retry.js";
 import { browserAgentCallbackSchema, cliExchangeErrorSchema, cliExchangeRequestSchema, cliExchangeSuccessSchema, deviceCodeStartSchema, deviceTokenApprovedSchema, oauthClientRegistrationSchema, oauthTokenSchema, } from "../shared/schemas.js";
 const CALLBACK_TIMEOUT_MILLISECONDS = 5 * 60 * 1000;
 const defaultSleep = async (milliseconds) => {
@@ -123,7 +125,9 @@ const waitForOAuthCallback = async (server, port) => {
                 });
                 response.end(errorPage(`OAuth error: ${oauthError}`));
                 return Result.err(new AuthError({
+                    code: ERROR_CODE.authInvalidCredentials,
                     message: `OAuth error: ${oauthError}`,
+                    suggestedCommand: "ogment auth login --browser",
                 }));
             }
             const code = url.searchParams.get("code");
@@ -133,7 +137,9 @@ const waitForOAuthCallback = async (server, port) => {
                 });
                 response.end(errorPage("No authorization code received."));
                 return Result.err(new AuthError({
+                    code: ERROR_CODE.authInvalidCredentials,
                     message: "No authorization code in callback",
+                    suggestedCommand: "ogment auth login --browser",
                 }));
             }
             return Result.ok({
@@ -146,18 +152,24 @@ const waitForOAuthCallback = async (server, port) => {
     catch (error) {
         if (error instanceof Error && error.name === "AbortError") {
             return Result.err(new AuthError({
+                code: ERROR_CODE.authInvalidCredentials,
                 message: "Login timed out. No callback received within 5 minutes.",
+                suggestedCommand: "ogment auth login --browser",
             }));
         }
         return Result.err(new AuthError({
+            code: ERROR_CODE.authInvalidCredentials,
             message: "Failed while waiting for OAuth callback.",
+            suggestedCommand: "ogment auth login --browser",
         }));
     }
     finally {
         clearTimeout(timeout);
     }
     return Result.err(new AuthError({
+        code: ERROR_CODE.authInvalidCredentials,
         message: "Login timed out. No callback received within 5 minutes.",
+        suggestedCommand: "ogment auth login --browser",
     }));
 };
 const waitForAgentCallback = async (server, port) => {
@@ -181,7 +193,9 @@ const waitForAgentCallback = async (server, port) => {
                 });
                 response.end(errorPage("No exchange code received."));
                 return Result.err(new AuthError({
+                    code: ERROR_CODE.authInvalidCredentials,
                     message: "No exchange code in callback",
+                    suggestedCommand: "ogment auth login --browser",
                 }));
             }
             const agentName = parsedCallback.value.agent_name ?? "CLI Agent";
@@ -198,18 +212,24 @@ const waitForAgentCallback = async (server, port) => {
     catch (error) {
         if (error instanceof Error && error.name === "AbortError") {
             return Result.err(new AuthError({
+                code: ERROR_CODE.authInvalidCredentials,
                 message: "Agent selection timed out.",
+                suggestedCommand: "ogment auth login --browser",
             }));
         }
         return Result.err(new AuthError({
+            code: ERROR_CODE.authInvalidCredentials,
             message: "Failed while waiting for agent callback.",
+            suggestedCommand: "ogment auth login --browser",
         }));
     }
     finally {
         clearTimeout(timeout);
     }
     return Result.err(new AuthError({
+        code: ERROR_CODE.authInvalidCredentials,
         message: "Agent selection timed out.",
+        suggestedCommand: "ogment auth login --browser",
     }));
 };
 const deviceCodeUrl = (baseUrl) => `${baseUrl}/api/v1/mcp-auth/device/code`;
@@ -226,8 +246,21 @@ export const createAuthService = (deps) => {
     const createServerFn = deps.createServerFn ?? createServer;
     const detectEnvironment = deps.detectEnvironment ?? detectExecutionEnvironment;
     const hostnameFn = deps.hostnameFn ?? hostname;
+    const retryConfig = remoteRetryConfig();
+    const requestWithRetry = async (input, init) => {
+        return Result.tryPromise({
+            catch: (cause) => cause,
+            try: async () => {
+                const response = await deps.httpClient.request(input, init);
+                if (Result.isError(response)) {
+                    throw response.error;
+                }
+                return response.value;
+            },
+        }, retryConfig);
+    };
     const loginWithDevice = async (options) => {
-        const startFlowResponse = await deps.httpClient.request(deviceCodeUrl(deps.baseUrl), {
+        const startFlowResponse = await requestWithRetry(deviceCodeUrl(deps.baseUrl), {
             headers: {
                 "Content-Type": "application/json",
             },
@@ -266,7 +299,7 @@ export const createAuthService = (deps) => {
         const interval = parsedStartPayload.value.data.interval * 1000;
         while (now() < deadline) {
             await sleep(interval);
-            const pollResponse = await deps.httpClient.request(deviceTokenUrl(deps.baseUrl), {
+            const pollResponse = await requestWithRetry(deviceTokenUrl(deps.baseUrl), {
                 body: JSON.stringify({
                     device_code: parsedStartPayload.value.data.device_code,
                 }),
@@ -280,12 +313,16 @@ export const createAuthService = (deps) => {
             }
             if (pollResponse.value.status === 410) {
                 return Result.err(new AuthError({
-                    message: "Device login code expired. Run `ogment login --device` again.",
+                    code: ERROR_CODE.authDeviceExpired,
+                    message: "Device login code expired. Run `ogment auth login` again.",
+                    suggestedCommand: "ogment auth login",
                 }));
             }
             if (pollResponse.value.status === 404) {
                 return Result.err(new AuthError({
-                    message: "Invalid device login code. Run `ogment login --device` again.",
+                    code: ERROR_CODE.authInvalidCredentials,
+                    message: "Invalid device login code. Run `ogment auth login` again.",
+                    suggestedCommand: "ogment auth login",
                 }));
             }
             if (!pollResponse.value.ok) {
@@ -326,7 +363,9 @@ export const createAuthService = (deps) => {
             });
         }
         return Result.err(new AuthError({
-            message: "Device login code expired. Run `ogment login --device` again.",
+            code: ERROR_CODE.authDeviceExpired,
+            message: "Device login code expired. Run `ogment auth login` again.",
+            suggestedCommand: "ogment auth login",
         }));
     };
     const loginWithBrowser = async () => {
@@ -336,7 +375,7 @@ export const createAuthService = (deps) => {
         }
         const { port, server } = callbackServerResult.value;
         const redirectUri = `http://${CLI_REDIRECT_HOST}:${port}/callback`;
-        const registerResponse = await deps.httpClient.request(oauthRegisterUrl(deps.baseUrl), {
+        const registerResponse = await requestWithRetry(oauthRegisterUrl(deps.baseUrl), {
             body: JSON.stringify({
                 client_name: CLI_CLIENT_NAME,
                 grant_types: ["authorization_code"],
@@ -406,7 +445,9 @@ export const createAuthService = (deps) => {
             oauthCallbackResult.value.response.end();
             await closeServer(server);
             return Result.err(new AuthError({
+                code: ERROR_CODE.authInvalidCredentials,
                 message: "OAuth state mismatch - possible CSRF attack.",
+                suggestedCommand: "ogment auth login --browser",
             }));
         }
         const tokenBody = new URLSearchParams({
@@ -420,7 +461,7 @@ export const createAuthService = (deps) => {
             parsedClient.value.client_secret.length > 0) {
             tokenBody.set("client_secret", parsedClient.value.client_secret);
         }
-        const tokenResponse = await deps.httpClient.request(oauthTokenUrl(deps.baseUrl), {
+        const tokenResponse = await requestWithRetry(oauthTokenUrl(deps.baseUrl), {
             body: tokenBody.toString(),
             headers: {
                 "Content-Type": "application/x-www-form-urlencoded",
@@ -477,7 +518,7 @@ export const createAuthService = (deps) => {
         if (Result.isError(parsedExchangeRequestPayload)) {
             return parsedExchangeRequestPayload;
         }
-        const exchangeResponse = await deps.httpClient.request(cliExchangeUrl(deps.baseUrl), {
+        const exchangeResponse = await requestWithRetry(cliExchangeUrl(deps.baseUrl), {
             body: JSON.stringify(parsedExchangeRequestPayload.value),
             headers: {
                 "Content-Type": "application/json",
@@ -499,17 +540,24 @@ export const createAuthService = (deps) => {
                     const exchangeErrorCode = parsedExchangeError.value.error;
                     if (exchangeErrorCode === "expired_exchange_code") {
                         return Result.err(new AuthError({
-                            message: "Browser login code expired. Run `ogment login` again.",
+                            code: ERROR_CODE.authDeviceExpired,
+                            message: "Browser login code expired. Run `ogment auth login --browser` again.",
+                            suggestedCommand: "ogment auth login --browser",
                         }));
                     }
                     if (exchangeErrorCode === "invalid_exchange_code") {
                         return Result.err(new AuthError({
-                            message: "Invalid browser login code. Run `ogment login` again.",
+                            code: ERROR_CODE.authInvalidCredentials,
+                            message: "Invalid browser login code. Run `ogment auth login --browser` again.",
+                            suggestedCommand: "ogment auth login --browser",
                         }));
                     }
                     if (exchangeErrorCode === "authorization_pending") {
                         return Result.err(new AuthError({
+                            code: ERROR_CODE.authDevicePending,
                             message: "Browser login authorization is still pending.",
+                            retryable: true,
+                            suggestedCommand: "ogment auth login --browser",
                         }));
                     }
                 }
@@ -548,9 +596,31 @@ export const createAuthService = (deps) => {
     };
     return {
         login: async (options) => {
-            if (options.nonInteractive && !options.device) {
+            if (options.mode === "apiKey" && options.apiKey.length > 0) {
+                const saveResult = deps.credentialsStore.save({
+                    agentName: "CLI Agent",
+                    apiKey: options.apiKey,
+                });
+                if (Result.isError(saveResult)) {
+                    return saveResult;
+                }
+                return Result.ok({
+                    agentName: "CLI Agent",
+                    alreadyLoggedIn: false,
+                });
+            }
+            if (options.mode === "apiKey") {
                 return Result.err(new ValidationError({
-                    message: "Use `ogment login --device` in non-interactive mode.",
+                    code: ERROR_CODE.validationInvalidInput,
+                    message: "Missing API key value. Provide a non-empty API key.",
+                    suggestedCommand: "ogment auth login --api-key <key>",
+                }));
+            }
+            if (options.nonInteractive && options.mode === "browser") {
+                return Result.err(new ValidationError({
+                    code: ERROR_CODE.validationInvalidInput,
+                    message: "Use `ogment auth login` in non-interactive mode.",
+                    suggestedCommand: "ogment auth login",
                 }));
             }
             const stored = deps.credentialsStore.load();
@@ -563,7 +633,7 @@ export const createAuthService = (deps) => {
                     alreadyLoggedIn: true,
                 });
             }
-            if (options.device) {
+            if (options.mode === "device") {
                 return loginWithDevice(options);
             }
             return loginWithBrowser();
@@ -579,7 +649,7 @@ export const createAuthService = (deps) => {
                     revoked: false,
                 });
             }
-            const revokeResult = await deps.httpClient.request(revokeUrl(deps.baseUrl), {
+            const revokeResult = await requestWithRetry(revokeUrl(deps.baseUrl), {
                 headers: {
                     Authorization: `Bearer ${stored.value.apiKey}`,
                 },
@@ -610,8 +680,42 @@ export const createAuthService = (deps) => {
                 return Result.ok(stored.value.apiKey);
             }
             return Result.err(new AuthError({
-                message: "Not logged in. Run `ogment login` or set OGMENT_API_KEY.",
+                code: ERROR_CODE.authRequired,
+                message: "Not logged in. Run `ogment auth login` or set OGMENT_API_KEY.",
+                suggestedCommand: "ogment auth login",
             }));
         },
+        status: async (overrideApiKey) => {
+            if (typeof overrideApiKey === "string" && overrideApiKey.length > 0) {
+                return Result.ok({
+                    agentName: null,
+                    apiKeySource: "apiKeyOption",
+                    loggedIn: true,
+                });
+            }
+            if (typeof deps.envApiKey === "string" && deps.envApiKey.length > 0) {
+                return Result.ok({
+                    agentName: null,
+                    apiKeySource: "env",
+                    loggedIn: true,
+                });
+            }
+            const stored = deps.credentialsStore.load();
+            if (Result.isError(stored)) {
+                return stored;
+            }
+            if (stored.value === null) {
+                return Result.ok({
+                    agentName: null,
+                    apiKeySource: "none",
+                    loggedIn: false,
+                });
+            }
+            return Result.ok({
+                agentName: stored.value.agentName ?? null,
+                apiKeySource: "credentialsFile",
+                loggedIn: true,
+            });
+        },
     };
 };

package/dist/services/info.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"info.d.ts","sourceRoot":"","sources":["../../src/services/info.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EACV,aAAa,EAGb,WAAW,EAEZ,MAAM,oBAAoB,CAAC;AAsB5B,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CACxD;AAED,UAAU,eAAe;IACvB,cAAc,EAAE,cAAc,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,4BAA4B,CAAC,EAAE,MAAM,MAAM,CAAC;IAC5C,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;IACzC,UAAU,EAAE,UAAU,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACjB;AAqFD,eAAO,MAAM,iBAAiB,GAAI,MAAM,eAAe,KAAG,WA+MzD,CAAC"}
+{"version":3,"file":"info.d.ts","sourceRoot":"","sources":["../../src/services/info.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EACV,aAAa,EAGb,WAAW,EAEZ,MAAM,oBAAoB,CAAC;AAsB5B,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CACxD;AAED,UAAU,eAAe;IACvB,cAAc,EAAE,cAAc,CAAC;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,4BAA4B,CAAC,EAAE,MAAM,MAAM,CAAC;IAC5C,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;IACzC,UAAU,EAAE,UAAU,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACjB;AAqFD,eAAO,MAAM,iBAAiB,GAAI,MAAM,eAAe,KAAG,WAgNzD,CAAC"}

package/dist/services/info.js

@@ -48,9 +48,9 @@ const resolveApiKey = (apiKeyOverride, envApiKey, credentialsStore) => {
     };
 };
 const nextActionByIssueCode = {
-    auth_failed: "Run `ogment login` to refresh credentials.",
+    auth_failed: "Run `ogment auth login` to refresh credentials.",
     credentials_load_failed: "Check file permissions and contents of `~/.config/ogment/credentials.json`.",
-    no_api_key: "Run `ogment login` or set `OGMENT_API_KEY`.",
+    no_api_key: "Run `ogment auth login` or set `OGMENT_API_KEY`.",
     unreachable: "Verify `OGMENT_BASE_URL` and network connectivity.",
 };
 const toSummary = (issues) => {
@@ -61,7 +61,7 @@ const toSummary = (issues) => {
             nextActions.add(nextAction);
         }
     }
-    nextActions.add("Run `ogment servers` to inspect available servers.");
+    nextActions.add("Run `ogment catalog` to inspect available servers.");
     return {
         issues: issues.map((issue) => issue.message),
         nextActions: [...nextActions],
@@ -172,7 +172,7 @@ export const createInfoService = (deps) => {
             if (apiKeyResolution.source === "none") {
                 issues.push({
                     code: "no_api_key",
-                    message: "No API key found in --apiKey, OGMENT_API_KEY, or credentials file.",
+                    message: "No API key found in --api-key, OGMENT_API_KEY, or credentials file.",
                 });
             }
             if (apiKeyResolution.source === "credentialsError" && apiKeyResolution.loadError !== null) {
@@ -221,17 +221,18 @@ export const createInfoService = (deps) => {
                 },
                 documentation: {
                     configPrecedence: [
-                        "--apiKey option",
+                        "--api-key option",
                         "OGMENT_API_KEY environment variable",
                         "~/.config/ogment/credentials.json",
                         "default base URL when OGMENT_BASE_URL is unset",
                     ],
                     quickCommands: [
-                        "ogment info",
-                        "ogment login --device --non-interactive",
-                        "ogment servers",
-                        "ogment servers <path>",
-                        'ogment call <serverPath> <toolName> \'{"key":"value"}\'',
+                        "ogment status",
+                        "ogment auth login",
+                        "ogment catalog",
+                        "ogment catalog tools <server-id>",
+                        "ogment catalog tool <server-id> <tool-name>",
+                        "ogment invoke <server-id>/<tool-name> --input '{}'",
                     ],
                 },
                 generatedAt: new Date(now()).toISOString(),

package/dist/services/mcp.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"mcp.d.ts","sourceRoot":"","sources":["../../src/services/mcp.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AAEnG,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,EAAE,kBAAkB,EAAE,KAAK,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAG/E,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEzE,UAAU,SAAS;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,UAAU,aAAa;IACrB,QAAQ,CAAC,MAAM,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzF,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,OAAO,CAAC,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3C,SAAS,IAAI,OAAO,CAAC;QACnB,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;KACvC,CAAC,CAAC;CACJ;AAED,UAAU,cAAc;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,aAAa,CAAC;IACnC,eAAe,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,KAAK,6BAA6B,CAAC;IAC9E,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,eAAe,GAAG,kBAAkB,GAAG,eAAe,CAAC;AAEnE,MAAM,WAAW,UAAU;IACzB,QAAQ,CACN,MAAM,EAAE,SAAS,EACjB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,OAAO,CAAC,UAAU,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC,CAAC;IACxD,SAAS,CACP,MAAM,EAAE,SAAS,EACjB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,UAAU,CAAC,cAAc,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC;CAC3D;AAkFD,eAAO,MAAM,gBAAgB,GAAI,MAAM,cAAc,KAAG,UA2GvD,CAAC"}
+{"version":3,"file":"mcp.d.ts","sourceRoot":"","sources":["../../src/services/mcp.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AAEnG,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,eAAe,CAAC;AAG1D,OAAO,EAAE,kBAAkB,EAAE,KAAK,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAI/E,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEzE,UAAU,SAAS;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,UAAU,aAAa;IACrB,QAAQ,CAAC,MAAM,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzF,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,OAAO,CAAC,SAAS,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3C,SAAS,IAAI,OAAO,CAAC;QACnB,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;KACvC,CAAC,CAAC;CACJ;AAED,UAAU,cAAc;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,aAAa,CAAC;IACnC,eAAe,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,KAAK,6BAA6B,CAAC;IAC9E,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,eAAe,GAAG,kBAAkB,GAAG,eAAe,CAAC;AAEnE,MAAM,WAAW,UAAU;IACzB,QAAQ,CACN,MAAM,EAAE,SAAS,EACjB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,OAAO,CAAC,UAAU,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC,CAAC;IACxD,SAAS,CACP,MAAM,EAAE,SAAS,EACjB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,UAAU,CAAC,cAAc,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC;CAC3D;AAkFD,eAAO,MAAM,gBAAgB,GAAI,MAAM,cAAc,KAAG,UAsHvD,CAAC"}

package/dist/services/mcp.js

@@ -1,8 +1,10 @@
 import { Client } from "@modelcontextprotocol/sdk/client";
 import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
 import { Result } from "better-result";
+import { ERROR_CODE } from "../shared/error-codes.js";
 import { RemoteRequestError } from "../shared/errors.js";
 import { parseWithSchema } from "../shared/guards.js";
+import { remoteRetryConfig } from "../shared/retry.js";
 import { toolDefinitionSchema } from "../shared/schemas.js";
 const defaultCreateClient = (version) => {
     return new Client({
@@ -71,6 +73,7 @@ const parseToolCallContent = (result) => {
 export const createMcpService = (deps) => {
     const createClient = deps.createClient ?? (() => defaultCreateClient(deps.version));
     const createTransport = deps.createTransport ?? defaultCreateTransport;
+    const retryConfig = remoteRetryConfig();
     const withClient = async (target, apiKey, handler) => {
         const endpoint = `${deps.baseUrl}/api/v1/mcp/${target.orgSlug}/${target.serverPath}`;
         const url = new URL(endpoint);
@@ -84,7 +87,7 @@ export const createMcpService = (deps) => {
             try: async () => {
                 await client.connect(transport);
             },
-        });
+        }, retryConfig);
         if (Result.isError(connectResult)) {
             return connectResult;
         }
@@ -100,21 +103,24 @@ export const createMcpService = (deps) => {
             });
         }
     };
+    const withRemoteRetry = async (action, message) => {
+        return Result.tryPromise({
+            catch: (cause) => new RemoteRequestError({
+                body: JSON.stringify({ cause }),
+                message,
+            }),
+            try: action,
+        }, retryConfig);
+    };
     return {
         callTool: async (target, apiKey, toolName, args) => {
             return withClient(target, apiKey, async (client) => {
-                const toolCallResult = await Result.tryPromise({
-                    catch: (cause) => new RemoteRequestError({
-                        body: JSON.stringify({ cause }),
-                        message: "MCP tool call failed",
-                    }),
-                    try: async () => {
-                        return client.callTool({
-                            arguments: args,
-                            name: toolName,
-                        });
-                    },
-                });
+                const toolCallResult = await withRemoteRetry(async () => {
+                    return client.callTool({
+                        arguments: args,
+                        name: toolName,
+                    });
+                }, "MCP tool call failed");
                 if (Result.isError(toolCallResult)) {
                     return toolCallResult;
                 }
@@ -123,21 +129,16 @@ export const createMcpService = (deps) => {
         },
         listTools: async (target, apiKey) => {
             return withClient(target, apiKey, async (client) => {
-                const toolsResult = await Result.tryPromise({
-                    catch: (cause) => new RemoteRequestError({
-                        body: JSON.stringify({ cause }),
-                        message: "MCP tools/list failed",
-                    }),
-                    try: async () => {
-                        return client.listTools();
-                    },
-                });
+                const toolsResult = await withRemoteRetry(async () => client.listTools(), "MCP tools/list failed");
                 if (Result.isError(toolsResult)) {
                     return toolsResult;
                 }
                 const parsedTools = [];
                 for (const tool of toolsResult.value.tools) {
-                    const parsed = parseWithSchema(toolDefinitionSchema, tool, "MCP tool definition");
+                    const parsed = parseWithSchema(toolDefinitionSchema, tool, "MCP tool definition", {
+                        code: ERROR_CODE.toolInputSchemaViolation,
+                        suggestedCommand: "ogment catalog",
+                    });
                     if (Result.isError(parsed)) {
                         return parsed;
                     }

package/dist/shared/constants.d.ts

@@ -4,5 +4,4 @@ export declare const DEFAULT_OGMENT_BASE_URL = "https://dashboard.ogment.ai";
 export declare const CLI_CLIENT_NAME = "Ogment CLI";
 export declare const CLI_REDIRECT_HOST = "127.0.0.1";
 export declare const VERSION: string;
-export declare const AGENT_SUCCESS_HINT = "Use `ogment servers` to list available servers.";
 //# sourceMappingURL=constants.d.ts.map

package/dist/shared/constants.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/shared/constants.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,QAAQ,WAAW,CAAC;AACjC,eAAO,MAAM,eAAe,yDAAyD,CAAC;AAEtF,eAAO,MAAM,uBAAuB,gCAAgC,CAAC;AACrE,eAAO,MAAM,eAAe,eAAe,CAAC;AAC5C,eAAO,MAAM,iBAAiB,cAAc,CAAC;AAM7C,eAAO,MAAM,OAAO,QAAsB,CAAC;AAE3C,eAAO,MAAM,kBAAkB,oDAAoD,CAAC"}
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/shared/constants.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,QAAQ,WAAW,CAAC;AACjC,eAAO,MAAM,eAAe,yDAAyD,CAAC;AAEtF,eAAO,MAAM,uBAAuB,gCAAgC,CAAC;AACrE,eAAO,MAAM,eAAe,eAAe,CAAC;AAC5C,eAAO,MAAM,iBAAiB,cAAc,CAAC;AAQ7C,eAAO,MAAM,OAAO,QAAsB,CAAC"}

package/dist/shared/constants.js

@@ -6,4 +6,3 @@ export const CLI_CLIENT_NAME = "Ogment CLI";
 export const CLI_REDIRECT_HOST = "127.0.0.1";
 const packageJson = JSON.parse(readFileSync(new URL("../../package.json", import.meta.url), "utf8"));
 export const VERSION = packageJson.version;
-export const AGENT_SUCCESS_HINT = "Use `ogment servers` to list available servers.";

package/dist/shared/error-codes.d.ts

@@ -0,0 +1,28 @@
+export declare const ERROR_CATEGORY: {
+    readonly auth: "auth";
+    readonly authorization: "authorization";
+    readonly contractMismatch: "contract_mismatch";
+    readonly internal: "internal";
+    readonly notFound: "not_found";
+    readonly rateLimit: "rate_limit";
+    readonly remote: "remote";
+    readonly transport: "transport";
+    readonly validation: "validation";
+};
+export type ErrorCategory = (typeof ERROR_CATEGORY)[keyof typeof ERROR_CATEGORY];
+export declare const ERROR_CODE: {
+    readonly authDeviceExpired: "AUTH_DEVICE_EXPIRED";
+    readonly authDevicePending: "AUTH_DEVICE_PENDING";
+    readonly authInvalidCredentials: "AUTH_INVALID_CREDENTIALS";
+    readonly authRequired: "AUTH_REQUIRED";
+    readonly contractVersionUnsupported: "CONTRACT_VERSION_UNSUPPORTED";
+    readonly internalUnexpected: "INTERNAL_UNEXPECTED";
+    readonly remoteRateLimited: "REMOTE_RATE_LIMITED";
+    readonly remoteUnavailable: "REMOTE_UNAVAILABLE";
+    readonly toolInputSchemaViolation: "TOOL_INPUT_SCHEMA_VIOLATION";
+    readonly toolNotFound: "TOOL_NOT_FOUND";
+    readonly transportRequestFailed: "TRANSPORT_REQUEST_FAILED";
+    readonly validationInvalidInput: "VALIDATION_INVALID_INPUT";
+};
+export type ErrorCode = (typeof ERROR_CODE)[keyof typeof ERROR_CODE];
+//# sourceMappingURL=error-codes.d.ts.map

package/dist/shared/error-codes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-codes.d.ts","sourceRoot":"","sources":["../../src/shared/error-codes.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,cAAc;;;;;;;;;;CAUjB,CAAC;AAEX,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,OAAO,cAAc,CAAC,CAAC;AAEjF,eAAO,MAAM,UAAU;;;;;;;;;;;;;CAab,CAAC;AAEX,MAAM,MAAM,SAAS,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,OAAO,UAAU,CAAC,CAAC"}

package/dist/shared/error-codes.js

@@ -0,0 +1,25 @@
+export const ERROR_CATEGORY = {
+    auth: "auth",
+    authorization: "authorization",
+    contractMismatch: "contract_mismatch",
+    internal: "internal",
+    notFound: "not_found",
+    rateLimit: "rate_limit",
+    remote: "remote",
+    transport: "transport",
+    validation: "validation",
+};
+export const ERROR_CODE = {
+    authDeviceExpired: "AUTH_DEVICE_EXPIRED",
+    authDevicePending: "AUTH_DEVICE_PENDING",
+    authInvalidCredentials: "AUTH_INVALID_CREDENTIALS",
+    authRequired: "AUTH_REQUIRED",
+    contractVersionUnsupported: "CONTRACT_VERSION_UNSUPPORTED",
+    internalUnexpected: "INTERNAL_UNEXPECTED",
+    remoteRateLimited: "REMOTE_RATE_LIMITED",
+    remoteUnavailable: "REMOTE_UNAVAILABLE",
+    toolInputSchemaViolation: "TOOL_INPUT_SCHEMA_VIOLATION",
+    toolNotFound: "TOOL_NOT_FOUND",
+    transportRequestFailed: "TRANSPORT_REQUEST_FAILED",
+    validationInvalidInput: "VALIDATION_INVALID_INPUT",
+};