@plosson/agentio 0.1.11 → 0.1.13

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@plosson/agentio",
-  "version": "0.1.11",
+  "version": "0.1.13",
   "description": "CLI for LLM agents to interact with communication and tracking services",
   "type": "module",
   "license": "MIT",

package/src/auth/token-store.ts

@@ -112,3 +112,11 @@ export async function hasCredentials(
   const credentials = await loadCredentials();
   return !!credentials[service]?.[profile];
 }
+
+export async function getAllCredentials(): Promise<StoredCredentials> {
+  return loadCredentials();
+}
+
+export async function setAllCredentials(credentials: StoredCredentials): Promise<void> {
+  return saveCredentials(credentials);
+}

package/src/commands/config.ts

@@ -0,0 +1,238 @@
+import { Command } from 'commander';
+import { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'crypto';
+import { readFile, writeFile } from 'fs/promises';
+import { existsSync } from 'fs';
+import { join } from 'path';
+import { loadConfig, saveConfig } from '../config/config-manager';
+import { getAllCredentials, setAllCredentials } from '../auth/token-store';
+import { CliError, handleError } from '../utils/errors';
+import type { Config } from '../types/config';
+import type { StoredCredentials } from '../types/tokens';
+
+const ALGORITHM = 'aes-256-gcm';
+const DEFAULT_EXPORT_FILE = 'agentio.config';
+
+interface ExportedData {
+  version: number;
+  config: Config;
+  credentials: StoredCredentials;
+}
+
+function deriveKeyFromPassword(password: string): Buffer {
+  return scryptSync(password, 'agentio-export-salt', 32);
+}
+
+function generateKey(): string {
+  return randomBytes(32).toString('hex');
+}
+
+function encrypt(data: string, key: Buffer): { iv: string; tag: string; data: string } {
+  const iv = randomBytes(16);
+  const cipher = createCipheriv(ALGORITHM, key, iv);
+
+  const encrypted = Buffer.concat([
+    cipher.update(data, 'utf-8'),
+    cipher.final(),
+  ]);
+
+  const tag = cipher.getAuthTag();
+
+  return {
+    iv: iv.toString('hex'),
+    tag: tag.toString('hex'),
+    data: encrypted.toString('hex'),
+  };
+}
+
+function decrypt(encrypted: { iv: string; tag: string; data: string }, key: Buffer): string {
+  const decipher = createDecipheriv(ALGORITHM, key, Buffer.from(encrypted.iv, 'hex'));
+  decipher.setAuthTag(Buffer.from(encrypted.tag, 'hex'));
+
+  const decrypted = Buffer.concat([
+    decipher.update(Buffer.from(encrypted.data, 'hex')),
+    decipher.final(),
+  ]);
+
+  return decrypted.toString('utf-8');
+}
+
+export function registerConfigCommands(program: Command): void {
+  const config = program
+    .command('config')
+    .description('Configuration management');
+
+  config
+    .command('export')
+    .description('Export configuration and credentials to an encrypted file')
+    .option('--key <key>', 'Encryption key (64 hex characters). If not provided, a random key will be generated')
+    .option('--output <file>', 'Output file path', DEFAULT_EXPORT_FILE)
+    .action(async (options) => {
+      try {
+        // Validate key if provided
+        let encryptionKey: string;
+        if (options.key) {
+          if (!/^[0-9a-fA-F]{64}$/.test(options.key)) {
+            throw new CliError(
+              'INVALID_PARAMS',
+              'Invalid encryption key format',
+              'Key must be exactly 64 hexadecimal characters'
+            );
+          }
+          encryptionKey = options.key;
+        } else {
+          encryptionKey = generateKey();
+        }
+
+        // Load config and credentials
+        const configData = await loadConfig();
+        const credentials = await getAllCredentials();
+
+        const exportData: ExportedData = {
+          version: 1,
+          config: configData,
+          credentials,
+        };
+
+        // Encrypt the data
+        const key = deriveKeyFromPassword(encryptionKey);
+        const encrypted = encrypt(JSON.stringify(exportData), key);
+
+        // Write to file
+        const outputPath = join(process.cwd(), options.output);
+        await writeFile(outputPath, JSON.stringify(encrypted, null, 2), { mode: 0o600 });
+
+        console.log(`Configuration exported to: ${outputPath}`);
+        console.log(`Encryption key: ${encryptionKey}`);
+        console.log('');
+        console.log('Keep this key safe! You will need it to import the configuration.');
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  config
+    .command('import')
+    .description('Import configuration and credentials from an encrypted file')
+    .argument('<file>', 'Path to the encrypted configuration file')
+    .option('--key <key>', 'Encryption key (64 hex characters). Falls back to AGENTIO_KEY env var')
+    .option('--merge', 'Merge with existing configuration instead of replacing')
+    .action(async (file, options) => {
+      try {
+        // Get key from option or environment variable
+        const key = options.key || process.env.AGENTIO_KEY;
+        if (!key) {
+          throw new CliError(
+            'INVALID_PARAMS',
+            'No encryption key provided',
+            'Provide --key option or set AGENTIO_KEY environment variable'
+          );
+        }
+
+        // Validate key
+        if (!/^[0-9a-fA-F]{64}$/.test(key)) {
+          throw new CliError(
+            'INVALID_PARAMS',
+            'Invalid encryption key format',
+            'Key must be exactly 64 hexadecimal characters'
+          );
+        }
+
+        // Check file exists
+        const filePath = file.startsWith('/') ? file : join(process.cwd(), file);
+        if (!existsSync(filePath)) {
+          throw new CliError(
+            'NOT_FOUND',
+            `File not found: ${filePath}`,
+            'Provide a valid path to the exported configuration file'
+          );
+        }
+
+        // Read and parse the encrypted file
+        const encryptedContent = await readFile(filePath, 'utf-8');
+        let encrypted: { iv: string; tag: string; data: string };
+        try {
+          encrypted = JSON.parse(encryptedContent);
+        } catch {
+          throw new CliError(
+            'INVALID_PARAMS',
+            'Invalid file format',
+            'The file does not appear to be a valid agentio export file'
+          );
+        }
+
+        // Decrypt
+        const derivedKey = deriveKeyFromPassword(key);
+        let exportData: ExportedData;
+        try {
+          const decrypted = decrypt(encrypted, derivedKey);
+          exportData = JSON.parse(decrypted);
+        } catch {
+          throw new CliError(
+            'AUTH_FAILED',
+            'Failed to decrypt configuration',
+            'Check that you are using the correct encryption key'
+          );
+        }
+
+        // Validate version
+        if (exportData.version !== 1) {
+          throw new CliError(
+            'INVALID_PARAMS',
+            `Unsupported export version: ${exportData.version}`,
+            'This version of agentio may not support this export format'
+          );
+        }
+
+        if (options.merge) {
+          // Merge with existing config
+          const currentConfig = await loadConfig();
+          const currentCredentials = await getAllCredentials();
+
+          // Merge profiles
+          for (const [service, profiles] of Object.entries(exportData.config.profiles)) {
+            if (profiles) {
+              if (!currentConfig.profiles[service as keyof typeof currentConfig.profiles]) {
+                (currentConfig.profiles as Record<string, string[]>)[service] = [];
+              }
+              for (const profile of profiles) {
+                if (!(currentConfig.profiles as Record<string, string[]>)[service].includes(profile)) {
+                  (currentConfig.profiles as Record<string, string[]>)[service].push(profile);
+                }
+              }
+            }
+          }
+
+          // Merge defaults (only if not set)
+          for (const [service, defaultProfile] of Object.entries(exportData.config.defaults)) {
+            if (defaultProfile && !(currentConfig.defaults as Record<string, string | undefined>)[service]) {
+              (currentConfig.defaults as Record<string, string>)[service] = defaultProfile;
+            }
+          }
+
+          // Merge credentials
+          for (const [service, profiles] of Object.entries(exportData.credentials)) {
+            if (!currentCredentials[service]) {
+              currentCredentials[service] = {};
+            }
+            for (const [profile, creds] of Object.entries(profiles)) {
+              // Only add if not already exists
+              if (!currentCredentials[service][profile]) {
+                currentCredentials[service][profile] = creds;
+              }
+            }
+          }
+
+          await saveConfig(currentConfig);
+          await setAllCredentials(currentCredentials);
+          console.log('Configuration merged successfully');
+        } else {
+          // Replace existing config
+          await saveConfig(exportData.config);
+          await setAllCredentials(exportData.credentials);
+          console.log('Configuration imported successfully');
+        }
+      } catch (error) {
+        handleError(error);
+      }
+    });
+}

package/src/commands/gchat.ts

@@ -1,6 +1,5 @@
 import { Command } from 'commander';
 import { google } from 'googleapis';
-import { createInterface } from 'readline';
 import { readFile } from 'fs/promises';
 import { setCredentials, removeCredentials, getCredentials } from '../auth/token-store';
 import { setProfile, removeProfile, listProfiles, getProfile } from '../config/config-manager';
@@ -8,24 +7,10 @@ import { performOAuthFlow } from '../auth/oauth';
 import { createGoogleAuth } from '../auth/token-manager';
 import { GChatClient } from '../services/gchat/client';
 import { CliError, handleError } from '../utils/errors';
-import { readStdin } from '../utils/stdin';
+import { readStdin, prompt, resolveProfileName } from '../utils/stdin';
 import { printGChatSendResult, printGChatMessageList, printGChatMessage } from '../utils/output';
 import type { GChatCredentials, GChatWebhookCredentials, GChatOAuthCredentials } from '../types/gchat';
 
-function prompt(question: string): Promise<string> {
-  const rl = createInterface({
-    input: process.stdin,
-    output: process.stderr,
-  });
-
-  return new Promise((resolve) => {
-    rl.question(question, (answer) => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
-}
-
 async function getGChatClient(profileName?: string): Promise<{ client: GChatClient; profile: string }> {
   const profile = await getProfile('gchat', profileName);
 
@@ -195,7 +180,7 @@ export function registerGChatCommands(program: Command): void {
     .option('--profile <name>', 'Profile name', 'default')
     .action(async (options) => {
       try {
-        const profileName = options.profile;
+        const profileName = await resolveProfileName('gchat', options.profile);
 
         console.error('\nGoogle Chat Setup\n');
 

package/src/commands/gmail.ts

@@ -8,7 +8,7 @@ import { performOAuthFlow } from '../auth/oauth';
 import { GmailClient } from '../services/gmail/client';
 import { printMessageList, printMessage, printSendResult, printArchived, printMarked, raw } from '../utils/output';
 import { CliError, handleError } from '../utils/errors';
-import { readStdin } from '../utils/stdin';
+import { readStdin, resolveProfileName } from '../utils/stdin';
 import type { GmailAttachment } from '../types/gmail';
 
 async function getGmailClient(profileName?: string): Promise<{ client: GmailClient; profile: string }> {
@@ -245,7 +245,7 @@ Query Syntax Examples:
     .option('--profile <name>', 'Profile name', 'default')
     .action(async (options) => {
       try {
-        const profileName = options.profile;
+        const profileName = await resolveProfileName('gmail', options.profile);
 
         console.error(`Starting OAuth flow for Gmail profile "${profileName}"...`);
 

package/src/commands/jira.ts

@@ -1,11 +1,10 @@
 import { Command } from 'commander';
-import { createInterface } from 'readline';
 import { setCredentials, removeCredentials, getCredentials, setCredentials as updateCredentials } from '../auth/token-store';
 import { setProfile, removeProfile, listProfiles, getProfile } from '../config/config-manager';
 import { performJiraOAuthFlow, refreshJiraToken, type AtlassianSite } from '../auth/jira-oauth';
 import { JiraClient } from '../services/jira/client';
 import { CliError, handleError } from '../utils/errors';
-import { readStdin } from '../utils/stdin';
+import { readStdin, prompt, resolveProfileName } from '../utils/stdin';
 import {
   printJiraProjectList,
   printJiraIssueList,
@@ -16,20 +15,6 @@ import {
 } from '../utils/output';
 import type { JiraCredentials } from '../types/jira';
 
-function prompt(question: string): Promise<string> {
-  const rl = createInterface({
-    input: process.stdin,
-    output: process.stderr,
-  });
-
-  return new Promise((resolve) => {
-    rl.question(question, (answer) => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
-}
-
 async function ensureValidToken(credentials: JiraCredentials, profile: string): Promise<JiraCredentials> {
   // Check if token is expired or about to expire (within 5 minutes)
   const bufferTime = 5 * 60 * 1000;
@@ -228,7 +213,7 @@ export function registerJiraCommands(program: Command): void {
     .option('--profile <name>', 'Profile name', 'default')
     .action(async (options) => {
       try {
-        const profileName = options.profile;
+        const profileName = await resolveProfileName('jira', options.profile);
 
         console.error('\n🔧 JIRA OAuth Setup\n');
 

package/src/commands/slack.ts

@@ -1,28 +1,13 @@
 import { Command } from 'commander';
-import { createInterface } from 'readline';
 import { readFile } from 'fs/promises';
 import { setCredentials, removeCredentials, getCredentials } from '../auth/token-store';
 import { setProfile, removeProfile, listProfiles, getProfile } from '../config/config-manager';
 import { SlackClient } from '../services/slack/client';
 import { CliError, handleError } from '../utils/errors';
-import { readStdin } from '../utils/stdin';
+import { readStdin, prompt, resolveProfileName } from '../utils/stdin';
 import { printSlackSendResult } from '../utils/output';
 import type { SlackCredentials, SlackWebhookCredentials } from '../types/slack';
 
-function prompt(question: string): Promise<string> {
-  const rl = createInterface({
-    input: process.stdin,
-    output: process.stderr,
-  });
-
-  return new Promise((resolve) => {
-    rl.question(question, (answer) => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
-}
-
 async function getSlackClient(profileName?: string): Promise<{ client: SlackClient; profile: string }> {
   const profile = await getProfile('slack', profileName);
 
@@ -149,7 +134,7 @@ export function registerSlackCommands(program: Command): void {
     .option('--profile <name>', 'Profile name', 'default')
     .action(async (options) => {
       try {
-        const profileName = options.profile;
+        const profileName = await resolveProfileName('slack', options.profile);
         await setupWebhookProfile(profileName);
       } catch (error) {
         handleError(error);

package/src/commands/telegram.ts

@@ -1,26 +1,11 @@
 import { Command } from 'commander';
-import { createInterface } from 'readline';
 import { setCredentials, removeCredentials, getCredentials } from '../auth/token-store';
 import { setProfile, removeProfile, listProfiles, getProfile } from '../config/config-manager';
 import { TelegramClient } from '../services/telegram/client';
 import { CliError, handleError } from '../utils/errors';
-import { readStdin } from '../utils/stdin';
+import { readStdin, prompt, resolveProfileName } from '../utils/stdin';
 import type { TelegramCredentials, TelegramSendOptions } from '../types/telegram';
 
-function prompt(question: string): Promise<string> {
-  const rl = createInterface({
-    input: process.stdin,
-    output: process.stderr,
-  });
-
-  return new Promise((resolve) => {
-    rl.question(question, (answer) => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
-}
-
 async function getTelegramClient(profileName?: string): Promise<{ client: TelegramClient; profile: string }> {
   const profile = await getProfile('telegram', profileName);
 
@@ -107,7 +92,7 @@ export function registerTelegramCommands(program: Command): void {
     .option('--profile <name>', 'Profile name', 'default')
     .action(async (options) => {
       try {
-        const profileName = options.profile;
+        const profileName = await resolveProfileName('telegram', options.profile);
 
         console.error('\n📱 Telegram Bot Setup\n');
 

package/src/index.ts

@@ -6,6 +6,7 @@ import { registerGChatCommands } from './commands/gchat';
 import { registerJiraCommands } from './commands/jira';
 import { registerSlackCommands } from './commands/slack';
 import { registerUpdateCommand } from './commands/update';
+import { registerConfigCommands } from './commands/config';
 
 declare const BUILD_VERSION: string | undefined;
 
@@ -30,5 +31,6 @@ registerGChatCommands(program);
 registerJiraCommands(program);
 registerSlackCommands(program);
 registerUpdateCommand(program);
+registerConfigCommands(program);
 
 program.parse();

package/src/utils/stdin.ts

@@ -1,3 +1,66 @@
+import { createInterface } from 'readline';
+import { getProfile } from '../config/config-manager';
+import type { ServiceName } from '../types/config';
+
+/**
+ * Prompt the user for input with a question.
+ */
+export function prompt(question: string): Promise<string> {
+  const rl = createInterface({
+    input: process.stdin,
+    output: process.stderr,
+  });
+
+  return new Promise((resolve) => {
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve(answer.trim());
+    });
+  });
+}
+
+/**
+ * Prompt for yes/no confirmation.
+ */
+export async function confirm(question: string): Promise<boolean> {
+  const answer = await prompt(`${question} (y/n): `);
+  return answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes';
+}
+
+/**
+ * Resolve profile name, checking for existing profiles and prompting for override.
+ * If the profile already exists, asks the user whether to override or choose a new name.
+ */
+export async function resolveProfileName(
+  service: ServiceName,
+  requestedName: string
+): Promise<string> {
+  const existingProfile = await getProfile(service, requestedName);
+
+  if (!existingProfile) {
+    // Profile doesn't exist, use the requested name
+    return requestedName;
+  }
+
+  // Profile exists, ask if user wants to override
+  console.error(`\nProfile "${requestedName}" already exists for ${service}.`);
+  const shouldOverride = await confirm('Do you want to override it?');
+
+  if (shouldOverride) {
+    return requestedName;
+  }
+
+  // Ask for a new profile name
+  const newName = await prompt('Enter a new profile name: ');
+
+  if (!newName) {
+    throw new Error('Profile name is required');
+  }
+
+  // Recursively check if the new name also exists
+  return resolveProfileName(service, newName);
+}
+
 export async function readStdin(): Promise<string | null> {
   // Check if stdin is a TTY (interactive terminal)
   if (process.stdin.isTTY) {