@plosson/agentio 0.1.7 → 0.1.9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@plosson/agentio",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "description": "CLI for LLM agents to interact with communication and tracking services",
   "type": "module",
   "license": "MIT",
@@ -34,7 +34,7 @@
   "scripts": {
     "dev": "bun run src/index.ts",
     "build": "bun build src/index.ts --outdir dist --target node",
-    "build:native": "bun build src/index.ts --compile --outfile dist/agentio",
+    "build:native": "bun build src/index.ts --compile --minify --sourcemap --bytecode --outfile dist/agentio",
     "typecheck": "tsc --noEmit"
   },
   "engines": {

package/src/auth/jira-oauth.ts

@@ -0,0 +1,249 @@
+import { createServer, type Server } from 'http';
+import { URL } from 'url';
+import { JIRA_OAUTH_CONFIG } from '../config/credentials';
+
+const ATLASSIAN_AUTH_URL = 'https://auth.atlassian.com/authorize';
+const ATLASSIAN_TOKEN_URL = 'https://auth.atlassian.com/oauth/token';
+const ATLASSIAN_RESOURCES_URL = 'https://api.atlassian.com/oauth/token/accessible-resources';
+
+const JIRA_SCOPES = [
+  'read:jira-work',   // Read projects, issues
+  'write:jira-work',  // Add comments, change status
+  'offline_access',   // Get refresh tokens
+];
+
+const PORT_RANGE_START = 3000;
+const PORT_RANGE_END = 3010;
+
+export interface JiraOAuthResult {
+  accessToken: string;
+  refreshToken: string;
+  expiryDate: number;
+  cloudId: string;
+  siteUrl: string;
+}
+
+export interface AtlassianSite {
+  id: string;
+  url: string;
+  name: string;
+  scopes: string[];
+  avatarUrl?: string;
+}
+
+async function findAvailablePort(): Promise<number> {
+  for (let port = PORT_RANGE_START; port <= PORT_RANGE_END; port++) {
+    try {
+      await new Promise<void>((resolve, reject) => {
+        const server = createServer();
+        server.listen(port, () => {
+          server.close(() => resolve());
+        });
+        server.on('error', reject);
+      });
+      return port;
+    } catch {
+      continue;
+    }
+  }
+  throw new Error(`No available port found in range ${PORT_RANGE_START}-${PORT_RANGE_END}`);
+}
+
+async function exchangeCodeForTokens(
+  code: string,
+  clientId: string,
+  clientSecret: string,
+  redirectUri: string
+): Promise<{ accessToken: string; refreshToken: string; expiresIn: number }> {
+  const response = await fetch(ATLASSIAN_TOKEN_URL, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify({
+      grant_type: 'authorization_code',
+      client_id: clientId,
+      client_secret: clientSecret,
+      code,
+      redirect_uri: redirectUri,
+    }),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Failed to exchange code for tokens: ${error}`);
+  }
+
+  const data = await response.json();
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token,
+    expiresIn: data.expires_in,
+  };
+}
+
+async function getAccessibleResources(accessToken: string): Promise<AtlassianSite[]> {
+  const response = await fetch(ATLASSIAN_RESOURCES_URL, {
+    headers: {
+      Authorization: `Bearer ${accessToken}`,
+      Accept: 'application/json',
+    },
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Failed to get accessible resources: ${error}`);
+  }
+
+  return response.json();
+}
+
+export async function refreshJiraToken(
+  refreshToken: string
+): Promise<{ accessToken: string; refreshToken: string; expiresIn: number }> {
+  const response = await fetch(ATLASSIAN_TOKEN_URL, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify({
+      grant_type: 'refresh_token',
+      client_id: JIRA_OAUTH_CONFIG.clientId,
+      client_secret: JIRA_OAUTH_CONFIG.clientSecret,
+      refresh_token: refreshToken,
+    }),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(`Failed to refresh token: ${error}`);
+  }
+
+  const data = await response.json();
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token || refreshToken,
+    expiresIn: data.expires_in,
+  };
+}
+
+export async function performJiraOAuthFlow(
+  selectSite?: (sites: AtlassianSite[]) => Promise<AtlassianSite>
+): Promise<JiraOAuthResult> {
+  const port = await findAvailablePort();
+  const redirectUri = `http://localhost:${port}/callback`;
+
+  const state = Math.random().toString(36).substring(2);
+  const authUrl = new URL(ATLASSIAN_AUTH_URL);
+  authUrl.searchParams.set('audience', 'api.atlassian.com');
+  authUrl.searchParams.set('client_id', JIRA_OAUTH_CONFIG.clientId);
+  authUrl.searchParams.set('scope', JIRA_SCOPES.join(' '));
+  authUrl.searchParams.set('redirect_uri', redirectUri);
+  authUrl.searchParams.set('state', state);
+  authUrl.searchParams.set('response_type', 'code');
+  authUrl.searchParams.set('prompt', 'consent');
+
+  return new Promise((resolve, reject) => {
+    let server: Server;
+
+    const timeout = setTimeout(() => {
+      server?.close();
+      reject(new Error('OAuth flow timed out after 5 minutes'));
+    }, 5 * 60 * 1000);
+
+    server = createServer(async (req, res) => {
+      const url = new URL(req.url || '', `http://localhost:${port}`);
+
+      if (url.pathname !== '/callback') {
+        res.writeHead(404);
+        res.end('Not found');
+        return;
+      }
+
+      const code = url.searchParams.get('code');
+      const error = url.searchParams.get('error');
+      const returnedState = url.searchParams.get('state');
+
+      if (error) {
+        res.writeHead(200, { 'Content-Type': 'text/html' });
+        res.end('<html><body><h1>Authorization Failed</h1><p>You can close this window.</p></body></html>');
+        clearTimeout(timeout);
+        server.close();
+        reject(new Error(`OAuth error: ${error}`));
+        return;
+      }
+
+      if (returnedState !== state) {
+        res.writeHead(400, { 'Content-Type': 'text/html' });
+        res.end('<html><body><h1>State Mismatch</h1><p>You can close this window.</p></body></html>');
+        clearTimeout(timeout);
+        server.close();
+        reject(new Error('OAuth state mismatch - possible CSRF attack'));
+        return;
+      }
+
+      if (!code) {
+        res.writeHead(400, { 'Content-Type': 'text/html' });
+        res.end('<html><body><h1>Missing Authorization Code</h1><p>You can close this window.</p></body></html>');
+        clearTimeout(timeout);
+        server.close();
+        reject(new Error('Missing authorization code in OAuth callback'));
+        return;
+      }
+
+      try {
+        res.writeHead(200, { 'Content-Type': 'text/html' });
+        res.end('<html><body><h1>Authorization Successful!</h1><p>You can close this window and return to the terminal.</p></body></html>');
+
+        clearTimeout(timeout);
+        server.close();
+
+        // Exchange code for tokens
+        const tokens = await exchangeCodeForTokens(code, JIRA_OAUTH_CONFIG.clientId, JIRA_OAUTH_CONFIG.clientSecret, redirectUri);
+
+        // Get accessible resources to find cloud ID
+        const sites = await getAccessibleResources(tokens.accessToken);
+
+        if (sites.length === 0) {
+          throw new Error('No accessible Jira sites found. Make sure your app has the correct permissions.');
+        }
+
+        // Let user select site if multiple, otherwise use the first one
+        let selectedSite: AtlassianSite;
+        if (sites.length === 1) {
+          selectedSite = sites[0];
+        } else if (selectSite) {
+          selectedSite = await selectSite(sites);
+        } else {
+          selectedSite = sites[0];
+        }
+
+        resolve({
+          accessToken: tokens.accessToken,
+          refreshToken: tokens.refreshToken,
+          expiryDate: Date.now() + tokens.expiresIn * 1000,
+          cloudId: selectedSite.id,
+          siteUrl: selectedSite.url,
+        });
+      } catch (err) {
+        reject(err);
+      }
+    });
+
+    server.listen(port, () => {
+      console.error(`\nOpening browser for Atlassian authorization...`);
+      console.error(`If browser doesn't open, visit:\n${authUrl.toString()}\n`);
+
+      // Open browser
+      const open = process.platform === 'darwin' ? 'open' :
+                   process.platform === 'win32' ? 'start' : 'xdg-open';
+      Bun.spawn([open, authUrl.toString()], { stdout: 'ignore', stderr: 'ignore' });
+    });
+
+    server.on('error', (err) => {
+      clearTimeout(timeout);
+      server?.close();
+      reject(err);
+    });
+  });
+}

package/src/commands/jira.ts

@@ -0,0 +1,319 @@
+import { Command } from 'commander';
+import { createInterface } from 'readline';
+import { setCredentials, removeCredentials, getCredentials, setCredentials as updateCredentials } from '../auth/token-store';
+import { setProfile, removeProfile, listProfiles, getProfile } from '../config/config-manager';
+import { performJiraOAuthFlow, refreshJiraToken, type AtlassianSite } from '../auth/jira-oauth';
+import { JiraClient } from '../services/jira/client';
+import { CliError, handleError } from '../utils/errors';
+import { readStdin } from '../utils/stdin';
+import {
+  printJiraProjectList,
+  printJiraIssueList,
+  printJiraIssue,
+  printJiraTransitions,
+  printJiraCommentResult,
+  printJiraTransitionResult,
+} from '../utils/output';
+import type { JiraCredentials } from '../types/jira';
+
+function prompt(question: string): Promise<string> {
+  const rl = createInterface({
+    input: process.stdin,
+    output: process.stderr,
+  });
+
+  return new Promise((resolve) => {
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve(answer.trim());
+    });
+  });
+}
+
+async function ensureValidToken(credentials: JiraCredentials, profile: string): Promise<JiraCredentials> {
+  // Check if token is expired or about to expire (within 5 minutes)
+  const bufferTime = 5 * 60 * 1000;
+  if (credentials.expiryDate && Date.now() + bufferTime >= credentials.expiryDate) {
+    console.error('Access token expired, refreshing...');
+
+    try {
+      const refreshed = await refreshJiraToken(credentials.refreshToken);
+
+      const newCredentials: JiraCredentials = {
+        ...credentials,
+        accessToken: refreshed.accessToken,
+        refreshToken: refreshed.refreshToken,
+        expiryDate: Date.now() + refreshed.expiresIn * 1000,
+      };
+
+      await updateCredentials('jira', profile, newCredentials);
+      return newCredentials;
+    } catch (error) {
+      throw new CliError(
+        'AUTH_FAILED',
+        'Failed to refresh access token. Please re-authenticate.',
+        `Run: agentio jira profile add --profile ${profile}`
+      );
+    }
+  }
+
+  return credentials;
+}
+
+async function getJiraClient(profileName?: string): Promise<{ client: JiraClient; profile: string }> {
+  const profile = await getProfile('jira', profileName);
+
+  if (!profile) {
+    throw new CliError(
+      'PROFILE_NOT_FOUND',
+      profileName
+        ? `Profile "${profileName}" not found for jira`
+        : 'No default profile configured for jira',
+      'Run: agentio jira profile add'
+    );
+  }
+
+  let credentials = await getCredentials<JiraCredentials>('jira', profile);
+
+  if (!credentials) {
+    throw new CliError(
+      'AUTH_FAILED',
+      `No credentials found for jira profile "${profile}"`,
+      `Run: agentio jira profile add --profile ${profile}`
+    );
+  }
+
+  // Ensure token is valid
+  credentials = await ensureValidToken(credentials, profile);
+
+  return {
+    client: new JiraClient(credentials),
+    profile,
+  };
+}
+
+export function registerJiraCommands(program: Command): void {
+  const jira = program
+    .command('jira')
+    .description('JIRA operations');
+
+  // List projects
+  jira
+    .command('projects')
+    .description('List JIRA projects')
+    .option('--profile <name>', 'Profile name')
+    .option('--limit <number>', 'Maximum number of projects', '50')
+    .action(async (options) => {
+      try {
+        const { client } = await getJiraClient(options.profile);
+        const projects = await client.listProjects({
+          maxResults: parseInt(options.limit, 10),
+        });
+        printJiraProjectList(projects);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  // Search issues
+  jira
+    .command('search')
+    .description('Search JIRA issues')
+    .option('--profile <name>', 'Profile name')
+    .option('--jql <query>', 'JQL query')
+    .option('--project <key>', 'Project key')
+    .option('--status <status>', 'Issue status')
+    .option('--assignee <name>', 'Assignee name')
+    .option('--limit <number>', 'Maximum number of issues', '50')
+    .action(async (options) => {
+      try {
+        const { client } = await getJiraClient(options.profile);
+        const issues = await client.searchIssues({
+          jql: options.jql,
+          project: options.project,
+          status: options.status,
+          assignee: options.assignee,
+          maxResults: parseInt(options.limit, 10),
+        });
+        printJiraIssueList(issues);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  // Get issue details
+  jira
+    .command('get')
+    .description('Get JIRA issue details')
+    .argument('<issue-key>', 'Issue key (e.g., PROJ-123)')
+    .option('--profile <name>', 'Profile name')
+    .action(async (issueKey: string, options) => {
+      try {
+        const { client } = await getJiraClient(options.profile);
+        const issue = await client.getIssue(issueKey);
+        printJiraIssue(issue);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  // Add comment
+  jira
+    .command('comment')
+    .description('Add a comment to an issue')
+    .argument('<issue-key>', 'Issue key (e.g., PROJ-123)')
+    .argument('[body]', 'Comment body (or pipe via stdin)')
+    .option('--profile <name>', 'Profile name')
+    .action(async (issueKey: string, body: string | undefined, options) => {
+      try {
+        let text = body;
+
+        if (!text) {
+          text = await readStdin() || undefined;
+        }
+
+        if (!text) {
+          throw new CliError('INVALID_PARAMS', 'Comment body is required. Provide as argument or pipe via stdin.');
+        }
+
+        const { client } = await getJiraClient(options.profile);
+        const result = await client.addComment(issueKey, text);
+        printJiraCommentResult(result);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  // List transitions
+  jira
+    .command('transitions')
+    .description('List available transitions for an issue')
+    .argument('<issue-key>', 'Issue key (e.g., PROJ-123)')
+    .option('--profile <name>', 'Profile name')
+    .action(async (issueKey: string, options) => {
+      try {
+        const { client } = await getJiraClient(options.profile);
+        const transitions = await client.getTransitions(issueKey);
+        printJiraTransitions(issueKey, transitions);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  // Transition issue (change status)
+  jira
+    .command('transition')
+    .description('Transition an issue to a new status')
+    .argument('<issue-key>', 'Issue key (e.g., PROJ-123)')
+    .argument('<transition-id>', 'Transition ID (use "transitions" command to see available)')
+    .option('--profile <name>', 'Profile name')
+    .action(async (issueKey: string, transitionId: string, options) => {
+      try {
+        const { client } = await getJiraClient(options.profile);
+        const result = await client.transitionIssue(issueKey, transitionId);
+        printJiraTransitionResult(result);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  // Profile management
+  const profile = jira
+    .command('profile')
+    .description('Manage JIRA profiles');
+
+  profile
+    .command('add')
+    .description('Add a new JIRA profile with OAuth authentication')
+    .option('--profile <name>', 'Profile name', 'default')
+    .action(async (options) => {
+      try {
+        const profileName = options.profile;
+
+        console.error('\n🔧 JIRA OAuth Setup\n');
+
+        // Site selection callback
+        const selectSite = async (sites: AtlassianSite[]): Promise<AtlassianSite> => {
+          console.error('\nMultiple JIRA sites found:\n');
+          sites.forEach((site, index) => {
+            console.error(`  [${index + 1}] ${site.name} (${site.url})`);
+          });
+          console.error('');
+
+          const choice = await prompt(`? Select a site (1-${sites.length}): `);
+          const index = parseInt(choice, 10) - 1;
+
+          if (isNaN(index) || index < 0 || index >= sites.length) {
+            throw new CliError('INVALID_PARAMS', 'Invalid selection');
+          }
+
+          return sites[index];
+        };
+
+        const result = await performJiraOAuthFlow(selectSite);
+
+        console.error(`\n✓ Authorized for site: ${result.siteUrl}\n`);
+
+        // Save credentials
+        const credentials: JiraCredentials = {
+          accessToken: result.accessToken,
+          refreshToken: result.refreshToken,
+          expiryDate: result.expiryDate,
+          cloudId: result.cloudId,
+          siteUrl: result.siteUrl,
+        };
+
+        await setProfile('jira', profileName);
+        await setCredentials('jira', profileName, credentials);
+
+        console.log(`\n✅ Profile "${profileName}" configured!`);
+        console.log(`   Test with: agentio jira projects --profile ${profileName}`);
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  profile
+    .command('list')
+    .description('List JIRA profiles')
+    .action(async () => {
+      try {
+        const result = await listProfiles('jira');
+        const { profiles, default: defaultProfile } = result[0];
+
+        if (profiles.length === 0) {
+          console.log('No profiles configured');
+        } else {
+          for (const name of profiles) {
+            const marker = name === defaultProfile ? ' (default)' : '';
+            const credentials = await getCredentials<JiraCredentials>('jira', name);
+            const siteInfo = credentials?.siteUrl ? ` - ${credentials.siteUrl}` : '';
+            console.log(`${name}${marker}${siteInfo}`);
+          }
+        }
+      } catch (error) {
+        handleError(error);
+      }
+    });
+
+  profile
+    .command('remove')
+    .description('Remove a JIRA profile')
+    .requiredOption('--profile <name>', 'Profile name')
+    .action(async (options) => {
+      try {
+        const profileName = options.profile;
+
+        const removed = await removeProfile('jira', profileName);
+        await removeCredentials('jira', profileName);
+
+        if (removed) {
+          console.error(`Removed profile "${profileName}"`);
+        } else {
+          console.error(`Profile "${profileName}" not found`);
+        }
+      } catch (error) {
+        handleError(error);
+      }
+    });
+}