@papercraneai/cli 1.4.3 → 1.5.0

package/bin/papercrane.js

@@ -4,17 +4,59 @@ import { Command } from 'commander';
 import chalk from 'chalk';
 import readline from 'readline';
 import fs from 'fs/promises';
-import { ProxyAgent, setGlobalDispatcher } from 'undici';
+import http from 'http';
+import { http as httpClient } from '../lib/axios-client.js';
 import { setApiKey, clearConfig, isLoggedIn, setDefaultWorkspace, getDefaultWorkspace } from '../lib/config.js';
 import { validateApiKey } from '../lib/cloud-client.js';
 import { listFunctions, getFunction, runFunction, formatDescribe, formatDescribeRoot, formatFlat, formatResult, formatUnconnected } from '../lib/function-client.js';
 import { listWorkspaces, resolveWorkspaceId, getFileTree, readFile, writeFile, editFile, deleteFile, getLocalWorkspacePath, pullWorkspace, pushWorkspace } from '../lib/environment-client.js';
 
-// Configure proxy support for environments like Claude's container
-// Node.js native fetch() doesn't respect HTTP_PROXY/HTTPS_PROXY env vars
-const proxyUrl = process.env.HTTPS_PROXY || process.env.HTTP_PROXY;
-if (proxyUrl) {
-  setGlobalDispatcher(new ProxyAgent(proxyUrl));
+/**
+ * Test if browser can actually open URLs by starting a local server and
+ * checking if we receive a request when we try to open it.
+ * @param {number} timeout - Max time to wait in ms
+ * @returns {Promise<boolean>} - true if browser can open URLs
+ */
+async function canOpenBrowser(timeout = 2500) {
+  return new Promise((resolve) => {
+    let resolved = false;
+    const done = (result) => {
+      if (!resolved) {
+        resolved = true;
+        resolve(result);
+      }
+    };
+
+    const server = http.createServer((req, res) => {
+      res.writeHead(200, { 'Content-Type': 'text/html' });
+      res.end('<html><body><script>window.close()</script>Checking browser... you can close this tab.</body></html>');
+      server.close();
+      done(true);
+    });
+
+    server.on('error', () => done(false));
+
+    server.listen(0, '127.0.0.1', async () => {
+      const port = server.address().port;
+      const checkUrl = `http://127.0.0.1:${port}/browser-check`;
+
+      try {
+        const open = (await import('open')).default;
+        await open(checkUrl);
+      } catch {
+        // open() threw an error
+        server.close();
+        done(false);
+        return;
+      }
+
+      // Wait for browser to hit our server
+      setTimeout(() => {
+        server.close();
+        done(false);
+      }, timeout);
+    });
+  });
 }
 
 const program = new Command();
@@ -29,8 +71,8 @@ program
   .description('Login to Papercrane. Opens browser for authentication, or use --api-key for direct login.')
   .option('--api-key <key>', 'API key for direct login (skips browser)')
   .option('--url <url>', 'API base URL (saves to config)')
-  .option('--nowait', 'Print auth URL and exit immediately (for AI assistants)')
-  .option('--check', 'Check if pending login was completed')
+  .option('--print-url', 'Print auth URL and exit (use with --complete after authorizing)')
+  .option('--complete', 'Complete a pending login started with --print-url')
   .action(async (options) => {
     try {
       const { getApiBaseUrl, setApiBaseUrl, getPendingSession, setPendingSession, clearPendingSession } = await import('../lib/config.js');
@@ -61,18 +103,20 @@ program
         return;
       }
 
-      // --check: Check if pending login was completed
-      if (options.check) {
+      // --complete: Check if pending login was completed
+      if (options.complete) {
         const pending = await getPendingSession();
         if (!pending) {
-          console.log(chalk.yellow('No pending login session. Run: papercrane login --nowait'));
+          console.log(chalk.yellow('No pending login session. Run: papercrane login --print-url'));
           process.exit(1);
         }
 
-        const statusRes = await fetch(`${pending.baseUrl}/api/cli-auth/status?session=${encodeURIComponent(pending.session)}`);
+        const statusRes = await httpClient.get(`${pending.baseUrl}/api/cli-auth/status?session=${encodeURIComponent(pending.session)}`, {
+          validateStatus: () => true
+        });
 
-        if (statusRes.ok) {
-          const data = await statusRes.json();
+        if (statusRes.status >= 200 && statusRes.status < 300) {
+          const data = statusRes.data;
           if (data.status === 'authorized') {
             await setApiKey(data.key);
             await setApiBaseUrl(pending.baseUrl);
@@ -83,7 +127,22 @@ program
           }
         }
 
-        console.log(chalk.yellow('Not yet authorized. Please click the login URL, then run: papercrane login --check'));
+        console.log(chalk.yellow('Not yet authorized. Please click the login URL, then run: papercrane login --complete'));
+        process.exit(1);
+      }
+
+      // Check server connectivity before starting auth flow
+      // Extract domain from baseUrl for allowlist message
+      const urlDomain = new URL(baseUrl).hostname;
+      try {
+        await httpClient.get(`${baseUrl}/api/cli-auth/status?session=connectivity-check`, { timeout: 5000 });
+      } catch (connectError) {
+        console.log(chalk.yellow('\n⚠️  Cannot reach Papercrane server.'));
+        console.log(chalk.dim(`\nCould not connect to: ${baseUrl}`));
+        console.log(chalk.dim('\nIf you\'re using Claude Desktop or Claude app:'));
+        console.log(chalk.dim('  1. Go to Settings → Capabilities → Domain allowlist'));
+        console.log(chalk.dim(`  2. Add: ${urlDomain}`));
+        console.log(chalk.dim('  3. Try again\n'));
         process.exit(1);
       }
 
@@ -93,39 +152,52 @@ program
       const session = generateState();
 
       // Initialize session on server
-      const initRes = await fetch(`${baseUrl}/api/cli-auth/init`, {
-        method: 'POST',
+      const initRes = await httpClient.post(`${baseUrl}/api/cli-auth/init`, { session }, {
         headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ session })
+        validateStatus: () => true
       });
 
-      if (!initRes.ok) {
+      if (initRes.status < 200 || initRes.status >= 300) {
         throw new Error('Failed to initialize login session');
       }
-      // Drain response body to avoid keeping the event loop alive (undici)
-      await initRes.arrayBuffer();
 
       const authUrl = `${baseUrl}/cli-auth?session=${session}`;
 
-      // --nowait: Print URL and exit immediately (for AI assistants)
-      if (options.nowait) {
+      // --print-url: Print URL and exit immediately (for AI assistants)
+      if (options.printUrl) {
         await setPendingSession({ session, baseUrl });
         console.log(chalk.cyan('\nOpen this URL to authenticate:\n'));
         console.log(`  ${authUrl}\n`);
-        console.log(chalk.dim('After authorizing, run: papercrane login --check\n'));
+        console.log(chalk.dim('After authorizing, run: papercrane login --complete\n'));
         process.exit(0);
       }
 
+      // Test if browser can actually open URLs
+      console.log(chalk.dim('\nChecking browser availability...'));
+      const browserWorks = await canOpenBrowser();
+
       console.log(chalk.cyan('\nOpen this URL to authenticate:\n'));
       console.log(`  ${authUrl}\n`);
 
-      // Try to open browser automatically
+      if (!browserWorks) {
+        // Browser can't open - save session and exit (non-blocking)
+        await setPendingSession({ session, baseUrl });
+        console.log(chalk.yellow('Browser could not be opened automatically.'));
+        console.log(chalk.dim('\nPlease open the URL above manually, then run: papercrane login --complete\n'));
+        process.exit(0);
+      }
+
+      // Browser works - open the auth URL and poll
       try {
         const open = (await import('open')).default;
         await open(authUrl);
         console.log(chalk.dim('(Browser opened automatically)'));
       } catch {
-        console.log(chalk.yellow('Could not open browser automatically. Please click or copy the URL above.'));
+        // Shouldn't happen since canOpenBrowser passed, but handle it
+        await setPendingSession({ session, baseUrl });
+        console.log(chalk.yellow('Could not open browser.'));
+        console.log(chalk.dim('\nPlease open the URL above manually, then run: papercrane login --complete\n'));
+        process.exit(0);
       }
 
       console.log(chalk.dim('\nWaiting for authorization... (press Ctrl+C to cancel)\n'));
@@ -136,10 +208,12 @@ program
       const startTime = Date.now();
 
       while (Date.now() - startTime < timeout) {
-        const statusRes = await fetch(`${baseUrl}/api/cli-auth/status?session=${encodeURIComponent(session)}`);
+        const statusRes = await httpClient.get(`${baseUrl}/api/cli-auth/status?session=${encodeURIComponent(session)}`, {
+          validateStatus: () => true
+        });
 
-        if (statusRes.ok) {
-          const data = await statusRes.json();
+        if (statusRes.status >= 200 && statusRes.status < 300) {
+          const data = statusRes.data;
 
           if (data.status === 'authorized') {
             // Save the API key

package/lib/axios-client.js

@@ -0,0 +1,14 @@
+import axios from "axios"
+import { HttpsProxyAgent } from "https-proxy-agent"
+
+const proxyUrl = process.env.HTTPS_PROXY || process.env.HTTP_PROXY
+
+const axiosConfig = proxyUrl
+  ? {
+      httpAgent: new HttpsProxyAgent(proxyUrl),
+      httpsAgent: new HttpsProxyAgent(proxyUrl),
+      proxy: false
+    }
+  : {}
+
+export const http = axios.create(axiosConfig)

package/lib/cloud-client.js

@@ -1,4 +1,4 @@
-import axios from 'axios';
+import { http } from './axios-client.js';
 import { getApiKey, getApiBaseUrl } from './config.js';
 
 /**
@@ -16,7 +16,7 @@ export async function fetchCloudCredentials(provider, instanceName = 'Default')
   const baseUrl = await getApiBaseUrl();
 
   try {
-    const response = await axios.get(`${baseUrl}/api/sdk/credentials/${provider}/${instanceName}`, {
+    const response = await http.get(`${baseUrl}/api/sdk/credentials/${provider}/${instanceName}`, {
       headers: {
         'Authorization': `Bearer ${apiKey}`
       }
@@ -52,7 +52,7 @@ export async function listCloudCredentials() {
   const baseUrl = await getApiBaseUrl();
 
   try {
-    const response = await axios.get(`${baseUrl}/api/sdk/credentials`, {
+    const response = await http.get(`${baseUrl}/api/sdk/credentials`, {
       headers: {
         'Authorization': `Bearer ${apiKey}`
       }
@@ -84,7 +84,7 @@ export async function validateApiKey() {
     // We expect either a 404 (integration not found, but key is valid)
     // or a 200 (key is valid and integration exists)
     // A 401 means the key is invalid
-    await axios.get(`${baseUrl}/api/sdk/credentials/google/Default`, {
+    await http.get(`${baseUrl}/api/sdk/credentials/google/Default`, {
       headers: {
         'Authorization': `Bearer ${apiKey}`
       }
@@ -120,7 +120,7 @@ export async function refreshCloudCredentials(provider, instanceName = 'Default'
   const baseUrl = await getApiBaseUrl();
 
   try {
-    const response = await axios.post(`${baseUrl}/api/sdk/credentials/${provider}/${instanceName}/refresh`, {}, {
+    const response = await http.post(`${baseUrl}/api/sdk/credentials/${provider}/${instanceName}/refresh`, {}, {
       headers: {
         'Authorization': `Bearer ${apiKey}`
       }
@@ -155,7 +155,7 @@ export async function pushCredentials(provider, credentialId, credentials, scope
 
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.post(`${baseUrl}/api/sdk/credentials/push`, {
+  const response = await http.post(`${baseUrl}/api/sdk/credentials/push`, {
     provider,
     credential_id: credentialId,
     credentials,
@@ -183,11 +183,11 @@ export async function pullCredentials() {
 
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.get(`${baseUrl}/api/sdk/credentials/pull`, {
+  const response = await http.get(`${baseUrl}/api/sdk/credentials/pull`, {
     headers: {
       'Authorization': `Bearer ${apiKey}`
     }
   });
 
   return response.data.credentials || [];
-}
+}

package/lib/config.js

@@ -125,7 +125,7 @@ export async function clearDefaultWorkspace() {
 }
 
 /**
- * Get pending login session (for --nowait / --check flow)
+ * Get pending login session (for --print-url / --complete flow)
  * @returns {Promise<{session: string, baseUrl: string}|null>}
  */
 export async function getPendingSession() {

package/lib/environment-client.js

@@ -1,4 +1,4 @@
-import axios from 'axios';
+import { http } from './axios-client.js';
 import { homedir } from 'os';
 import { join } from 'path';
 import { getApiKey, getApiBaseUrl, getDefaultWorkspace, setDefaultWorkspace } from './config.js';
@@ -62,7 +62,7 @@ export async function listWorkspaces() {
   const headers = await getAuthHeaders();
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.get(`${baseUrl}/sdk/workspaces`, { headers });
+  const response = await http.get(`${baseUrl}/sdk/workspaces`, { headers });
   return response.data.workspaces;
 }
 
@@ -80,7 +80,7 @@ export async function getFileTree(workspaceId, path = '') {
     ? `${baseUrl}/sdk/workspaces/${workspaceId}/files?path=${encodeURIComponent(path)}`
     : `${baseUrl}/sdk/workspaces/${workspaceId}/files`;
 
-  const response = await axios.get(url, { headers });
+  const response = await http.get(url, { headers });
   return response.data;
 }
 
@@ -94,7 +94,7 @@ export async function readFile(workspaceId, path) {
   const headers = await getAuthHeaders();
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.get(
+  const response = await http.get(
     `${baseUrl}/sdk/workspaces/${workspaceId}/files/read?path=${encodeURIComponent(path)}`,
     { headers }
   );
@@ -112,7 +112,7 @@ export async function writeFile(workspaceId, path, content) {
   const headers = await getAuthHeaders();
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.post(
+  const response = await http.post(
     `${baseUrl}/sdk/workspaces/${workspaceId}/files/write`,
     { path, content },
     { headers }
@@ -133,7 +133,7 @@ export async function editFile(workspaceId, path, oldString, newString, replaceA
   const headers = await getAuthHeaders();
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.post(
+  const response = await http.post(
     `${baseUrl}/sdk/workspaces/${workspaceId}/files/edit`,
     { path, old_string: oldString, new_string: newString, replace_all: replaceAll },
     { headers }
@@ -151,7 +151,7 @@ export async function deleteFile(workspaceId, path) {
   const headers = await getAuthHeaders();
   const baseUrl = await getApiBaseUrl();
 
-  const response = await axios.delete(
+  const response = await http.delete(
     `${baseUrl}/sdk/workspaces/${workspaceId}/files?path=${encodeURIComponent(path)}`,
     { headers }
   );

package/lib/facebook-auth.js

@@ -1,4 +1,4 @@
-import axios from 'axios';
+import { http } from './axios-client.js';
 import chalk from 'chalk';
 import { saveFacebookCredentials } from './storage.js';
 
@@ -46,7 +46,7 @@ export async function handleFacebookAuth(scopes, appId, clientToken) {
 
     // Step 1: Request device code
     console.log(chalk.cyan('📱 Requesting device code...'));
-    const deviceResponse = await axios.post(DEVICE_LOGIN_URL, null, {
+    const deviceResponse = await http.post(DEVICE_LOGIN_URL, null, {
       params: {
         access_token: accessToken,
         scope: scopeString
@@ -80,7 +80,7 @@ export async function handleFacebookAuth(scopes, appId, clientToken) {
       await new Promise(resolve => setTimeout(resolve, pollInterval));
 
       try {
-        const statusResponse = await axios.post(DEVICE_STATUS_URL, null, {
+        const statusResponse = await http.post(DEVICE_STATUS_URL, null, {
           params: {
             access_token: accessToken,
             code: code
@@ -145,4 +145,4 @@ export async function handleFacebookAuth(scopes, appId, clientToken) {
       throw error;
     }
   }
-}
+}

package/lib/function-client.js

@@ -1,4 +1,4 @@
-import axios from "axios"
+import { http } from "./axios-client.js"
 import chalk from "chalk"
 import { getApiKey, getApiBaseUrl } from "./config.js"
 
@@ -55,7 +55,7 @@ async function functionRequest(
 
     // For POST requests, use streaming to handle large/streaming responses
     if (method === "POST") {
-      const response = await axios({
+      const response = await http({
         method,
         url,
         headers: {
@@ -125,7 +125,7 @@ async function functionRequest(
     }
 
     // GET requests - use regular axios behavior
-    const response = await axios({
+    const response = await http({
       method,
       url,
       headers: {

package/lib/google-auth.js

@@ -1,4 +1,4 @@
-import axios from 'axios';
+import { http } from './axios-client.js';
 import chalk from 'chalk';
 import open from 'open';
 import { generatePKCE } from './pkce.js';
@@ -88,7 +88,7 @@ export async function handleGoogleAuth(scopes, clientId, clientSecret) {
     // Exchange authorization code for tokens
     console.log(chalk.cyan('🔄 Exchanging authorization code for tokens...'));
 
-    const tokenResponse = await axios.post(
+    const tokenResponse = await http.post(
       GOOGLE_TOKEN_URL,
       new URLSearchParams({
         code,
@@ -131,4 +131,4 @@ export async function handleGoogleAuth(scopes, clientId, clientSecret) {
       throw error;
     }
   }
-}
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@papercraneai/cli",
-  "version": "1.4.3",
+  "version": "1.5.0",
   "description": "CLI tool for managing OAuth credentials for LLM integrations",
   "main": "index.js",
   "type": "module",
@@ -29,8 +29,8 @@
     "commander": "^12.0.0",
     "axios": "^1.6.0",
     "chalk": "^4.1.2",
+    "https-proxy-agent": "^7.0.4",
     "inquirer": "^8.2.6",
-    "open": "^8.4.2",
-    "undici": "^6.0.0"
+    "open": "^8.4.2"
   }
 }