@openbkn/bkn-sdk 0.1.1-alpha.2 → 0.1.1-alpha.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/{chunk-5MOIXIMJ.js → chunk-APJNRHLS.js} +27 -5
  2. package/dist/chunk-APJNRHLS.js.map +1 -0
  3. package/dist/cli.js +54 -27
  4. package/dist/cli.js.map +1 -1
  5. package/dist/index.d.ts +11 -1
  6. package/dist/index.js +1 -1
  7. package/package.json +1 -1
  8. package/dist/chunk-5MOIXIMJ.js.map +0 -1
package/dist/cli.js CHANGED
@@ -6,6 +6,7 @@ import {
6
6
  HttpError,
7
7
  InputError,
8
8
  activePlatform,
9
+ attachNoAuth,
9
10
  attachToken,
10
11
  createClient,
11
12
  credentialDeviceLogin,
@@ -14,6 +15,7 @@ import {
14
15
  deletePlatform,
15
16
  deviceLogin,
16
17
  exportCreds,
18
+ fetchAuthStatus,
17
19
  formatError,
18
20
  getUserSafe,
19
21
  listPlatforms,
@@ -33,7 +35,7 @@ import {
33
35
  use,
34
36
  whoami,
35
37
  writePlatformConfig
36
- } from "./chunk-5MOIXIMJ.js";
38
+ } from "./chunk-APJNRHLS.js";
37
39
 
38
40
  // src/cli.ts
39
41
  import { Command as Command16 } from "commander";
@@ -41,7 +43,7 @@ import { Command as Command16 } from "commander";
41
43
  // package.json
42
44
  var package_default = {
43
45
  name: "@openbkn/bkn-sdk",
44
- version: "0.1.1-alpha.2",
46
+ version: "0.1.1-alpha.3",
45
47
  description: "Unified TypeScript SDK + CLI for the BKN (Business Knowledge Network) platform.",
46
48
  type: "module",
47
49
  license: "Apache-2.0",
@@ -400,13 +402,16 @@ function registerAuthLeaves(cmd) {
400
402
  "device-login wait before timing out",
401
403
  (v) => Number.parseInt(v, 10),
402
404
  120
403
- ).option("--no-browser", "(legacy) print the URL instead of opening a browser").option("--product <name>", "(legacy) ISF OAuth product query").option("--signin-public-key-file <path>", "(legacy) RSA public key for ISF /oauth2/signin").action(async (url, opts, cmd2) => {
405
+ ).option("--no-browser", "(legacy) print the URL instead of opening a browser").option("--product <name>", "(legacy) ISF OAuth product query").option("--signin-public-key-file <path>", "(legacy) RSA public key for ISF /oauth2/signin").option("--no-auth", "register the platform with no authentication (no bkn-safe)").action(async (url, opts, cmd2) => {
404
406
  const g = cmd2.optsWithGlobals();
405
407
  if (g.insecure) process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
406
408
  const out = outputOptions(cmd2);
407
409
  const report = (r) => {
408
410
  if (out.json || out.compact) {
409
411
  printJson({ loggedIn: true, ...r }, out);
412
+ } else if (r.noAuth) {
413
+ process.stdout.write(`Registered ${r.baseUrl ?? url} (no authentication)
414
+ `);
410
415
  } else {
411
416
  process.stdout.write(`Logged in to ${r.baseUrl ?? url} as ${r.username ?? r.userId}
412
417
  `);
@@ -417,36 +422,58 @@ function registerAuthLeaves(cmd) {
417
422
  report(attachToken(url, token, { insecure: g.insecure }));
418
423
  return;
419
424
  }
425
+ if (opts.auth === false) {
426
+ report(attachNoAuth(url, { insecure: g.insecure }));
427
+ return;
428
+ }
429
+ const authStatus = await fetchAuthStatus(url);
430
+ if (authStatus && !authStatus.enabled) {
431
+ process.stderr.write(
432
+ `Platform auth is disabled (stack: ${authStatus.stack ?? "none"}) \u2014 registering without auth.
433
+ `
434
+ );
435
+ report(attachNoAuth(url, { insecure: g.insecure }));
436
+ return;
437
+ }
420
438
  let tokens;
421
439
  let account;
422
- if (opts.username || opts.password) {
423
- const username = opts.username ?? await promptLine("Username: ");
424
- account = username;
425
- const password = opts.password ?? await promptLine("Password: ", true);
426
- tokens = await credentialDeviceLogin(url, username, password, {
427
- clientId: opts.clientId,
428
- audience: opts.audience,
429
- timeoutMs: opts.timeout * 1e3
430
- });
431
- } else {
432
- const openInBrowser = !opts.device && opts.browser !== false;
433
- tokens = await deviceLogin(url, {
434
- clientId: opts.clientId,
435
- audience: opts.audience,
436
- timeoutMs: opts.timeout * 1e3,
437
- onPrompt: ({ userCode, verificationUri, verificationUriComplete }) => {
438
- const target = verificationUriComplete ?? verificationUri;
439
- process.stderr.write(
440
- `
440
+ try {
441
+ if (opts.username || opts.password) {
442
+ const username = opts.username ?? await promptLine("Username: ");
443
+ account = username;
444
+ const password = opts.password ?? await promptLine("Password: ", true);
445
+ tokens = await credentialDeviceLogin(url, username, password, {
446
+ clientId: opts.clientId,
447
+ audience: opts.audience,
448
+ timeoutMs: opts.timeout * 1e3
449
+ });
450
+ } else {
451
+ const openInBrowser = !opts.device && opts.browser !== false;
452
+ tokens = await deviceLogin(url, {
453
+ clientId: opts.clientId,
454
+ audience: opts.audience,
455
+ timeoutMs: opts.timeout * 1e3,
456
+ onPrompt: ({ userCode, verificationUri, verificationUriComplete }) => {
457
+ const target = verificationUriComplete ?? verificationUri;
458
+ process.stderr.write(
459
+ `
441
460
  Open this URL to sign in and authorize:
442
461
  ${target}
443
462
  User code: ${userCode}
444
463
  `
445
- );
446
- if (openInBrowser) openBrowser(target);
447
- process.stderr.write("Waiting for authorization\u2026\n");
448
- }
449
- });
464
+ );
465
+ if (openInBrowser) openBrowser(target);
466
+ process.stderr.write("Waiting for authorization\u2026\n");
467
+ }
468
+ });
469
+ }
470
+ } catch (e) {
471
+ if (e instanceof Error && /Device auth failed \(404\)/.test(e.message)) {
472
+ process.stderr.write("No auth endpoint found \u2014 registering platform without auth.\n");
473
+ report(attachNoAuth(url, { insecure: g.insecure }));
474
+ return;
475
+ }
476
+ throw e;
450
477
  }
451
478
  if (!account) {
452
479
  account = await resolveAccount(