@positronic/cli 0.0.58 → 0.0.60

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/src/commands/helpers.js +47 -36
  2. package/dist/src/components/auth-login.js +3 -3
  3. package/dist/src/components/auth-logout.js +3 -3
  4. package/dist/src/lib/jwt-auth.js +579 -0
  5. package/dist/src/lib/ssh-agent-signer.js +296 -0
  6. package/dist/src/lib/ssh-key-utils.js +7 -7
  7. package/dist/src/types/sshpk-agent.d.js +0 -0
  8. package/dist/types/commands/helpers.d.ts.map +1 -1
  9. package/dist/types/lib/jwt-auth.d.ts +86 -0
  10. package/dist/types/lib/jwt-auth.d.ts.map +1 -0
  11. package/dist/types/lib/ssh-agent-signer.d.ts +31 -0
  12. package/dist/types/lib/ssh-agent-signer.d.ts.map +1 -0
  13. package/dist/types/lib/ssh-key-utils.d.ts +4 -2
  14. package/dist/types/lib/ssh-key-utils.d.ts.map +1 -1
  15. package/package.json +6 -4
  16. package/dist/src/lib/request-signer.js +0 -208
  17. package/dist/types/lib/request-signer.d.ts +0 -51
  18. package/dist/types/lib/request-signer.d.ts.map +0 -1
package/dist/src/lib/ssh-agent-signer.js ADDED
@@ -0,0 +1,296 @@
1
+ function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
2
+ try {
3
+ var info = gen[key](arg);
4
+ var value = info.value;
5
+ } catch (error) {
6
+ reject(error);
7
+ return;
8
+ }
9
+ if (info.done) {
10
+ resolve(value);
11
+ } else {
12
+ Promise.resolve(value).then(_next, _throw);
13
+ }
14
+ }
15
+ function _async_to_generator(fn) {
16
+ return function() {
17
+ var self = this, args = arguments;
18
+ return new Promise(function(resolve, reject) {
19
+ var gen = fn.apply(self, args);
20
+ function _next(value) {
21
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
22
+ }
23
+ function _throw(err) {
24
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
25
+ }
26
+ _next(undefined);
27
+ });
28
+ };
29
+ }
30
+ function _class_call_check(instance, Constructor) {
31
+ if (!(instance instanceof Constructor)) {
32
+ throw new TypeError("Cannot call a class as a function");
33
+ }
34
+ }
35
+ function _defineProperties(target, props) {
36
+ for(var i = 0; i < props.length; i++){
37
+ var descriptor = props[i];
38
+ descriptor.enumerable = descriptor.enumerable || false;
39
+ descriptor.configurable = true;
40
+ if ("value" in descriptor) descriptor.writable = true;
41
+ Object.defineProperty(target, descriptor.key, descriptor);
42
+ }
43
+ }
44
+ function _create_class(Constructor, protoProps, staticProps) {
45
+ if (protoProps) _defineProperties(Constructor.prototype, protoProps);
46
+ if (staticProps) _defineProperties(Constructor, staticProps);
47
+ return Constructor;
48
+ }
49
+ function _define_property(obj, key, value) {
50
+ if (key in obj) {
51
+ Object.defineProperty(obj, key, {
52
+ value: value,
53
+ enumerable: true,
54
+ configurable: true,
55
+ writable: true
56
+ });
57
+ } else {
58
+ obj[key] = value;
59
+ }
60
+ return obj;
61
+ }
62
+ function _ts_generator(thisArg, body) {
63
+ var f, y, t, _ = {
64
+ label: 0,
65
+ sent: function() {
66
+ if (t[0] & 1) throw t[1];
67
+ return t[1];
68
+ },
69
+ trys: [],
70
+ ops: []
71
+ }, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
72
+ return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() {
73
+ return this;
74
+ }), g;
75
+ function verb(n) {
76
+ return function(v) {
77
+ return step([
78
+ n,
79
+ v
80
+ ]);
81
+ };
82
+ }
83
+ function step(op) {
84
+ if (f) throw new TypeError("Generator is already executing.");
85
+ while(g && (g = 0, op[0] && (_ = 0)), _)try {
86
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
87
+ if (y = 0, t) op = [
88
+ op[0] & 2,
89
+ t.value
90
+ ];
91
+ switch(op[0]){
92
+ case 0:
93
+ case 1:
94
+ t = op;
95
+ break;
96
+ case 4:
97
+ _.label++;
98
+ return {
99
+ value: op[1],
100
+ done: false
101
+ };
102
+ case 5:
103
+ _.label++;
104
+ y = op[1];
105
+ op = [
106
+ 0
107
+ ];
108
+ continue;
109
+ case 7:
110
+ op = _.ops.pop();
111
+ _.trys.pop();
112
+ continue;
113
+ default:
114
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
115
+ _ = 0;
116
+ continue;
117
+ }
118
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
119
+ _.label = op[1];
120
+ break;
121
+ }
122
+ if (op[0] === 6 && _.label < t[1]) {
123
+ _.label = t[1];
124
+ t = op;
125
+ break;
126
+ }
127
+ if (t && _.label < t[2]) {
128
+ _.label = t[2];
129
+ _.ops.push(op);
130
+ break;
131
+ }
132
+ if (t[2]) _.ops.pop();
133
+ _.trys.pop();
134
+ continue;
135
+ }
136
+ op = body.call(thisArg, _);
137
+ } catch (e) {
138
+ op = [
139
+ 6,
140
+ e
141
+ ];
142
+ y = 0;
143
+ } finally{
144
+ f = t = 0;
145
+ }
146
+ if (op[0] & 5) throw op[1];
147
+ return {
148
+ value: op[0] ? op[1] : void 0,
149
+ done: true
150
+ };
151
+ }
152
+ }
153
+ import { Client as AgentClient } from 'sshpk-agent';
154
+ /**
155
+ * Wrapper for ssh-agent operations using sshpk-agent
156
+ */ export var AgentSigner = /*#__PURE__*/ function() {
157
+ "use strict";
158
+ function AgentSigner() {
159
+ _class_call_check(this, AgentSigner);
160
+ _define_property(this, "client", null);
161
+ _define_property(this, "keys", null);
162
+ }
163
+ _create_class(AgentSigner, [
164
+ {
165
+ /**
166
+ * Check if ssh-agent is available (SSH_AUTH_SOCK environment variable exists)
167
+ */ key: "isAvailable",
168
+ value: function isAvailable() {
169
+ return !!process.env.SSH_AUTH_SOCK;
170
+ }
171
+ },
172
+ {
173
+ key: "getClient",
174
+ value: /**
175
+ * Get the agent client, creating it lazily
176
+ */ function getClient() {
177
+ if (!this.client) {
178
+ this.client = new AgentClient();
179
+ }
180
+ return this.client;
181
+ }
182
+ },
183
+ {
184
+ key: "getKeys",
185
+ value: /**
186
+ * List all keys available in the ssh-agent
187
+ */ function getKeys() {
188
+ return _async_to_generator(function() {
189
+ var _this, client;
190
+ return _ts_generator(this, function(_state) {
191
+ _this = this;
192
+ if (this.keys) {
193
+ return [
194
+ 2,
195
+ this.keys
196
+ ];
197
+ }
198
+ client = this.getClient();
199
+ return [
200
+ 2,
201
+ new Promise(function(resolve, reject) {
202
+ client.listKeys(function(err, keys) {
203
+ if (err) {
204
+ reject(err);
205
+ return;
206
+ }
207
+ _this.keys = keys;
208
+ resolve(keys);
209
+ });
210
+ })
211
+ ];
212
+ });
213
+ }).call(this);
214
+ }
215
+ },
216
+ {
217
+ key: "hasKey",
218
+ value: /**
219
+ * Check if the agent has a key with the given fingerprint
220
+ * Returns the key if found, null otherwise
221
+ */ function hasKey(fingerprint) {
222
+ return _async_to_generator(function() {
223
+ var keys, _iteratorNormalCompletion, _didIteratorError, _iteratorError, _iterator, _step, key, keyFingerprint;
224
+ return _ts_generator(this, function(_state) {
225
+ switch(_state.label){
226
+ case 0:
227
+ return [
228
+ 4,
229
+ this.getKeys()
230
+ ];
231
+ case 1:
232
+ keys = _state.sent();
233
+ _iteratorNormalCompletion = true, _didIteratorError = false, _iteratorError = undefined;
234
+ try {
235
+ for(_iterator = keys[Symbol.iterator](); !(_iteratorNormalCompletion = (_step = _iterator.next()).done); _iteratorNormalCompletion = true){
236
+ key = _step.value;
237
+ keyFingerprint = key.fingerprint('sha256').toString();
238
+ if (keyFingerprint === fingerprint) {
239
+ return [
240
+ 2,
241
+ key
242
+ ];
243
+ }
244
+ }
245
+ } catch (err) {
246
+ _didIteratorError = true;
247
+ _iteratorError = err;
248
+ } finally{
249
+ try {
250
+ if (!_iteratorNormalCompletion && _iterator.return != null) {
251
+ _iterator.return();
252
+ }
253
+ } finally{
254
+ if (_didIteratorError) {
255
+ throw _iteratorError;
256
+ }
257
+ }
258
+ }
259
+ return [
260
+ 2,
261
+ null
262
+ ];
263
+ }
264
+ });
265
+ }).call(this);
266
+ }
267
+ },
268
+ {
269
+ key: "sign",
270
+ value: /**
271
+ * Sign data with a key from the agent
272
+ * Returns the sshpk.Signature object
273
+ */ function sign(key, data) {
274
+ return _async_to_generator(function() {
275
+ var client;
276
+ return _ts_generator(this, function(_state) {
277
+ client = this.getClient();
278
+ return [
279
+ 2,
280
+ new Promise(function(resolve, reject) {
281
+ client.sign(key, data, function(err, signature) {
282
+ if (err) {
283
+ reject(err);
284
+ return;
285
+ }
286
+ resolve(signature);
287
+ });
288
+ })
289
+ ];
290
+ });
291
+ }).call(this);
292
+ }
293
+ }
294
+ ]);
295
+ return AgentSigner;
296
+ }();
package/dist/src/lib/ssh-key-utils.js CHANGED
@@ -172,13 +172,13 @@ import { createPublicKey } from 'crypto';
172
172
  return publicKey.fingerprint('sha256').toString();
173
173
  }
174
174
  /**
175
- * Sign data with an SSH private key
176
- */ export function signWithPrivateKey(privateKey, data) {
177
- var dataBuffer = typeof data === 'string' ? Buffer.from(data) : data;
178
- var signer = privateKey.createSign('sha256');
179
- signer.update(dataBuffer);
180
- var signature = signer.sign();
181
- return signature.toBuffer('raw');
175
+ * Get the fingerprint from a public key file (.pub file)
176
+ * This is useful when the private key is encrypted but we need the fingerprint
177
+ * to look up the key in ssh-agent
178
+ */ export function getPublicKeyFingerprint(pubKeyPath) {
179
+ var content = readFileSync(pubKeyPath, 'utf-8').trim();
180
+ var sshKey = sshpk.parseKey(content, 'auto');
181
+ return sshKey.fingerprint('sha256').toString();
182
182
  }
183
183
  /**
184
184
  * Resolve the private key path from environment, config, or default
package/dist/src/types/sshpk-agent.d.js ADDED
File without changes
package/dist/types/commands/helpers.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/commands/helpers.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAUtD,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,MAAM,gBAAgB,GAAG,CAAC,QAAQ,EAAE,YAAY,KAAK,IAAI,CAAC;AAGhE,MAAM,MAAM,SAAS,GAAG,OAAO,SAAS,CAAC;AAMzC;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,GAAE,OAAc,GAAG,IAAI,CAGtF;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C;AAED;;;GAGG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAOtC;AAGD,eAAO,MAAM,SAAS;qBACG,MAAM,YAAY,WAAW,KAAG,OAAO,CAAC,QAAQ,CAAC;IAiDxE;;OAEG;oCACmC,MAAM,YAAY,WAAW,KAAG,OAAO,CAAC,QAAQ,CAAC;CAkBxF,CAAC;AAEF,wBAAsB,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,iBAsF5E;AAED,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,aAAa,EAAE,CAsCxE;AAeD,UAAU,UAAU;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAClD;AAED,MAAM,MAAM,oBAAoB,GAAG,CAAC,QAAQ,EAAE;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,UAAU,GAAG,WAAW,GAAG,UAAU,CAAC;IAC9C,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;CAC5B,KAAK,IAAI,CAAC;AAEX;;GAEG;AACH,wBAAsB,aAAa,CACjC,eAAe,EAAE,MAAM,EACvB,MAAM,GAAE,SAAqB,EAC7B,UAAU,CAAC,EAAE,oBAAoB,GAChC,OAAO,CAAC,UAAU,CAAC,CA+KrB;AAqKD;;GAEG;AACH,wBAAsB,aAAa,CACjC,eAAe,EAAE,MAAM,EACvB,MAAM,GAAE,SAAqB,mBAoB9B;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAwCnE;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAO3E;AAsCD;;GAEG;AACH,wBAAsB,cAAc,CAClC,IAAI,CAAC,EAAE,MAAM,EACb,SAAS,SAAO,GACf,OAAO,CAAC,OAAO,CAAC,CAsBlB;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,0BAA0B,CAC9C,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,MAAM,GAAE,SAAqB,EAC7B,UAAU,CAAC,EAAE,gBAAgB,EAC7B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CA2If"}
1
+ {"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/commands/helpers.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAUtD,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,MAAM,gBAAgB,GAAG,CAAC,QAAQ,EAAE,YAAY,KAAK,IAAI,CAAC;AAGhE,MAAM,MAAM,SAAS,GAAG,OAAO,SAAS,CAAC;AAMzC;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,GAAE,OAAc,GAAG,IAAI,CAGtF;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C;AAED;;;GAGG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAOtC;AAGD,eAAO,MAAM,SAAS;qBACG,MAAM,YAAY,WAAW,KAAG,OAAO,CAAC,QAAQ,CAAC;IAgDxE;;OAEG;oCACmC,MAAM,YAAY,WAAW,KAAG,OAAO,CAAC,QAAQ,CAAC;CAkBxF,CAAC;AAEF,wBAAsB,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,iBAsF5E;AAED,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,aAAa,EAAE,CAsCxE;AAeD,UAAU,UAAU;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAClD;AAED,MAAM,MAAM,oBAAoB,GAAG,CAAC,QAAQ,EAAE;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,UAAU,GAAG,WAAW,GAAG,UAAU,CAAC;IAC9C,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;CAC5B,KAAK,IAAI,CAAC;AAEX;;GAEG;AACH,wBAAsB,aAAa,CACjC,eAAe,EAAE,MAAM,EACvB,MAAM,GAAE,SAAqB,EAC7B,UAAU,CAAC,EAAE,oBAAoB,GAChC,OAAO,CAAC,UAAU,CAAC,CA+KrB;AAqKD;;GAEG;AACH,wBAAsB,aAAa,CACjC,eAAe,EAAE,MAAM,EACvB,MAAM,GAAE,SAAqB,mBAoB9B;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAwCnE;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAO3E;AAsCD;;GAEG;AACH,wBAAsB,cAAc,CAClC,IAAI,CAAC,EAAE,MAAM,EACb,SAAS,SAAO,GACf,OAAO,CAAC,OAAO,CAAC,CAsBlB;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,0BAA0B,CAC9C,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,MAAM,GAAE,SAAqB,EAC7B,UAAU,CAAC,EAAE,gBAAgB,EAC7B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CA2If"}
package/dist/types/lib/jwt-auth.d.ts ADDED
@@ -0,0 +1,86 @@
1
+ /**
2
+ * JWT Auth Provider for authenticating API requests
3
+ * Uses SSH private keys to sign short-lived JWTs
4
+ * Falls back to ssh-agent for encrypted keys
5
+ */
6
+ export declare class JwtAuthProvider {
7
+ private privateKey;
8
+ private fingerprint;
9
+ private initialized;
10
+ private initError;
11
+ private encryptedKeyPath;
12
+ private agentSigner;
13
+ private agentKey;
14
+ private useAgent;
15
+ constructor();
16
+ private initialize;
17
+ /**
18
+ * Check if the provider is ready to create JWTs
19
+ * Returns true if we have a direct key OR if we have an encrypted key
20
+ * that might work with agent fallback
21
+ */
22
+ isReady(): boolean;
23
+ /**
24
+ * Check if we have an encrypted key that requires agent fallback
25
+ */
26
+ hasEncryptedKey(): boolean;
27
+ /**
28
+ * Get the error that occurred during initialization, if any
29
+ */
30
+ getError(): Error | null;
31
+ /**
32
+ * Get the fingerprint of the loaded private key
33
+ */
34
+ getFingerprint(): string | null;
35
+ /**
36
+ * Map SSH key type to JWT algorithm
37
+ */
38
+ private getAlgorithm;
39
+ /**
40
+ * Map SSH key type string to JWT algorithm
41
+ */
42
+ private getAlgorithmForKeyType;
43
+ /**
44
+ * Convert the SSH private key to PKCS8 PEM format
45
+ * Ed25519 keys need special handling because sshpk's PKCS8 output
46
+ * is not compatible with Node.js/OpenSSL
47
+ */
48
+ private getPkcs8Pem;
49
+ /**
50
+ * Create a short-lived JWT for authentication
51
+ */
52
+ createToken(): Promise<string>;
53
+ /**
54
+ * Create JWT using direct private key (jose library)
55
+ */
56
+ private createTokenDirect;
57
+ /**
58
+ * Try to use ssh-agent for signing when private key is encrypted
59
+ */
60
+ private tryAgentFallback;
61
+ /**
62
+ * Create JWT using ssh-agent for signing
63
+ * Manually constructs the JWT since jose expects to do signing itself
64
+ */
65
+ private createTokenWithAgent;
66
+ }
67
+ /**
68
+ * Get the singleton JWT auth provider instance
69
+ */
70
+ export declare function getJwtAuthProvider(): JwtAuthProvider;
71
+ /**
72
+ * Reset the JWT auth provider singleton
73
+ * Call this after auth config changes to force reinitialization with new key
74
+ */
75
+ export declare function resetJwtAuthProvider(): void;
76
+ /**
77
+ * Check if JWT auth is available
78
+ */
79
+ export declare function isAuthAvailable(): boolean;
80
+ /**
81
+ * Get the Authorization header if auth is available
82
+ * Throws if there's an auth configuration error
83
+ * Returns empty object with warning if no key is configured
84
+ */
85
+ export declare function getAuthHeader(): Promise<Record<string, string>>;
86
+ //# sourceMappingURL=jwt-auth.d.ts.map
package/dist/types/lib/jwt-auth.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"jwt-auth.d.ts","sourceRoot":"","sources":["../../../src/lib/jwt-auth.ts"],"names":[],"mappings":"AAuBA;;;;GAIG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,UAAU,CAAiC;IACnD,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,SAAS,CAAsB;IAGvC,OAAO,CAAC,gBAAgB,CAAuB;IAC/C,OAAO,CAAC,WAAW,CAA4B;IAC/C,OAAO,CAAC,QAAQ,CAA0B;IAC1C,OAAO,CAAC,QAAQ,CAAS;;IAMzB,OAAO,CAAC,UAAU;IAqClB;;;;OAIG;IACH,OAAO,IAAI,OAAO;IAYlB;;OAEG;IACH,eAAe,IAAI,OAAO;IAI1B;;OAEG;IACH,QAAQ,IAAI,KAAK,GAAG,IAAI;IAIxB;;OAEG;IACH,cAAc,IAAI,MAAM,GAAG,IAAI;IAI/B;;OAEG;IACH,OAAO,CAAC,YAAY;IAQpB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAqB9B;;;;OAIG;IACH,OAAO,CAAC,WAAW;IAiCnB;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC;IAoBpC;;OAEG;YACW,iBAAiB;IAwB/B;;OAEG;YACW,gBAAgB;IAwC9B;;;OAGG;YACW,oBAAoB;CAuCnC;AAKD;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,eAAe,CAKpD;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,IAAI,IAAI,CAE3C;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED;;;;GAIG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAgBrE"}
package/dist/types/lib/ssh-agent-signer.d.ts ADDED
@@ -0,0 +1,31 @@
1
+ import sshpk from 'sshpk';
2
+ /**
3
+ * Wrapper for ssh-agent operations using sshpk-agent
4
+ */
5
+ export declare class AgentSigner {
6
+ private client;
7
+ private keys;
8
+ /**
9
+ * Check if ssh-agent is available (SSH_AUTH_SOCK environment variable exists)
10
+ */
11
+ isAvailable(): boolean;
12
+ /**
13
+ * Get the agent client, creating it lazily
14
+ */
15
+ private getClient;
16
+ /**
17
+ * List all keys available in the ssh-agent
18
+ */
19
+ getKeys(): Promise<sshpk.Key[]>;
20
+ /**
21
+ * Check if the agent has a key with the given fingerprint
22
+ * Returns the key if found, null otherwise
23
+ */
24
+ hasKey(fingerprint: string): Promise<sshpk.Key | null>;
25
+ /**
26
+ * Sign data with a key from the agent
27
+ * Returns the sshpk.Signature object
28
+ */
29
+ sign(key: sshpk.Key, data: Buffer): Promise<sshpk.Signature>;
30
+ }
31
+ //# sourceMappingURL=ssh-agent-signer.d.ts.map
package/dist/types/lib/ssh-agent-signer.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ssh-agent-signer.d.ts","sourceRoot":"","sources":["../../../src/lib/ssh-agent-signer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,IAAI,CAA4B;IAExC;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,OAAO,CAAC,SAAS;IAOjB;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;IAmBrC;;;OAGG;IACG,MAAM,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC;IAa5D;;;OAGG;IACG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC;CAanE"}
package/dist/types/lib/ssh-key-utils.d.ts CHANGED
@@ -30,9 +30,11 @@ export declare function loadPrivateKey(pathOrEnv?: string): sshpk.PrivateKey;
30
30
  */
31
31
  export declare function getPrivateKeyFingerprint(privateKey: sshpk.PrivateKey): string;
32
32
  /**
33
- * Sign data with an SSH private key
33
+ * Get the fingerprint from a public key file (.pub file)
34
+ * This is useful when the private key is encrypted but we need the fingerprint
35
+ * to look up the key in ssh-agent
34
36
  */
35
- export declare function signWithPrivateKey(privateKey: sshpk.PrivateKey, data: Buffer | string): Buffer;
37
+ export declare function getPublicKeyFingerprint(pubKeyPath: string): string;
36
38
  /**
37
39
  * Resolve the private key path from environment, config, or default
38
40
  * @param configuredPath - Optional configured path from ProjectConfigManager
package/dist/types/lib/ssh-key-utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ssh-key-utils.d.ts","sourceRoot":"","sources":["../../../src/lib/ssh-key-utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,EAAmB,UAAU,EAAE,MAAM,QAAQ,CAAC;AAErD,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,UAAU,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,wBAAgB,eAAe,IAAI,aAAa,EAAE,CAkDjD;AA0CD;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,CAiBpE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,UAAU,CAyBnE;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,GAAG,MAAM,CAG7E;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,KAAK,CAAC,UAAU,EAC5B,IAAI,EAAE,MAAM,GAAG,MAAM,GACpB,MAAM,CAMR;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAoB5E;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAKlD"}
1
+ {"version":3,"file":"ssh-key-utils.d.ts","sourceRoot":"","sources":["../../../src/lib/ssh-key-utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,EAAmB,UAAU,EAAE,MAAM,QAAQ,CAAC;AAErD,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,UAAU,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,wBAAgB,eAAe,IAAI,aAAa,EAAE,CAkDjD;AA0CD;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,CAiBpE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,UAAU,CAyBnE;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,GAAG,MAAM,CAG7E;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAIlE;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAoB5E;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAKlD"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@positronic/cli",
3
- "version": "0.0.58",
3
+ "version": "0.0.60",
4
4
  "publishConfig": {
5
5
  "access": "public"
6
6
  },
@@ -23,9 +23,9 @@
23
23
  "clean": "rm -rf tsconfig.tsbuildinfo dist node_modules"
24
24
  },
25
25
  "dependencies": {
26
- "@positronic/core": "^0.0.58",
27
- "@positronic/spec": "^0.0.58",
28
- "@positronic/template-new-project": "^0.0.58",
26
+ "@positronic/core": "^0.0.60",
27
+ "@positronic/spec": "^0.0.60",
28
+ "@positronic/template-new-project": "^0.0.60",
29
29
  "caz": "^2.0.0",
30
30
  "chokidar": "^3.6.0",
31
31
  "dotenv": "^16.4.7",
@@ -33,10 +33,12 @@
33
33
  "ink": "^5.2.1",
34
34
  "ink-text-input": "^6.0.0",
35
35
  "istextorbinary": "^9.5.0",
36
+ "jose": "^5.2.0",
36
37
  "node-fetch": "^3.3.2",
37
38
  "react": "^18.3.1",
38
39
  "react-robot": "^1.2.1",
39
40
  "sshpk": "^1.18.0",
41
+ "sshpk-agent": "^1.8.1",
40
42
  "yargs": "^17.7.2"
41
43
  },
42
44
  "devDependencies": {