@profoundlogic/coderflow-cli 0.2.1

package/lib/oidc.js

@@ -0,0 +1,126 @@
+/**
+ * OIDC Device Flow support for CLI SSO authentication
+ */
+
+import { getServerUrl } from './config.js';
+
+/**
+ * Check if OIDC is configured on the server
+ * @returns {Promise<{enabled: boolean, provider?: string}>}
+ */
+export async function checkOidcConfig() {
+  const serverUrl = await getServerUrl();
+  const url = `${serverUrl}/auth/oidc/config`;
+
+  const response = await fetch(url, {
+    method: 'GET',
+    headers: {
+      'Content-Type': 'application/json'
+    }
+  });
+
+  if (!response.ok) {
+    if (response.status === 404) {
+      return { enabled: false };
+    }
+    throw new Error(`Failed to check OIDC config: ${response.status} ${response.statusText}`);
+  }
+
+  const data = await response.json();
+  return {
+    enabled: data.enabled === true,
+    provider: data.provider
+  };
+}
+
+/**
+ * Initiate the OIDC device flow
+ * @returns {Promise<{deviceCode: string, userCode: string, verificationUri: string, expiresIn: number, interval: number}>}
+ */
+export async function initiateDeviceFlow() {
+  const serverUrl = await getServerUrl();
+  const url = `${serverUrl}/auth/oidc/cli-init`;
+
+  const response = await fetch(url, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json'
+    }
+  });
+
+  if (!response.ok) {
+    const errorText = await response.text();
+    let errorMessage;
+    try {
+      const errorJson = JSON.parse(errorText);
+      errorMessage = errorJson.error || errorJson.message || errorText;
+    } catch {
+      errorMessage = errorText;
+    }
+    throw new Error(`Failed to initiate device flow: ${errorMessage}`);
+  }
+
+  const data = await response.json();
+  return {
+    deviceCode: data.device_code,
+    userCode: data.user_code,
+    verificationUrl: data.verification_url,
+    expiresIn: data.expires_in || 600,
+    interval: data.interval || 5
+  };
+}
+
+/**
+ * Poll for device flow approval
+ * @param {string} deviceCode - The device code from initiateDeviceFlow
+ * @returns {Promise<{status: 'pending' | 'approved' | 'expired' | 'denied', apiKey?: string, user?: object}>}
+ */
+export async function pollDeviceFlow(deviceCode) {
+  const serverUrl = await getServerUrl();
+  const url = `${serverUrl}/auth/oidc/cli-poll`;
+
+  const response = await fetch(url, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json'
+    },
+    body: JSON.stringify({ device_code: deviceCode })
+  });
+
+  if (!response.ok) {
+    const errorText = await response.text();
+    let errorMessage;
+    try {
+      const errorJson = JSON.parse(errorText);
+      errorMessage = errorJson.error || errorJson.message || errorText;
+    } catch {
+      errorMessage = errorText;
+    }
+
+    // Handle specific error cases
+    if (response.status === 400) {
+      if (errorMessage.includes('expired')) {
+        return { status: 'expired' };
+      }
+      if (errorMessage.includes('denied')) {
+        return { status: 'denied' };
+      }
+    }
+
+    throw new Error(`Failed to poll device flow: ${errorMessage}`);
+  }
+
+  const data = await response.json();
+
+  if (data.status === 'approved' || data.apiKey) {
+    return {
+      status: 'approved',
+      apiKey: data.apiKey,
+      user: data.user
+    };
+  }
+
+  return {
+    status: data.status || 'pending'
+  };
+}

package/lib/profile.js

@@ -0,0 +1,296 @@
+/**
+ * Profile management for Coder CLI
+ *
+ * Profiles allow users to maintain multiple CLI configurations
+ * for different CoderFlow servers and switch between them easily.
+ *
+ * Profile structure:
+ * ~/.coder/
+ * ├── config.json          # Global config + activeProfile pointer
+ * └── profiles/
+ *     ├── my-server.json
+ *     ├── team-name.json
+ *     └── project-x.json
+ */
+
+import { promises as fs } from 'fs';
+import os from 'os';
+import path from 'path';
+
+// Profile-specific configuration keys
+const PROFILE_CONFIG_KEYS = [
+  'server',
+  'apiKey',
+  'default_environment',
+  'coder_setup_path',
+  'server_port',
+  'profound_coder_path'
+];
+
+/**
+ * Get the base coder config directory
+ */
+export function getCoderConfigDir() {
+  return process.env.CODER_CONFIG_PATH
+    ? path.dirname(process.env.CODER_CONFIG_PATH)
+    : path.join(os.homedir(), '.coder');
+}
+
+/**
+ * Get the profiles directory path
+ */
+export function getProfilesDir() {
+  return path.join(getCoderConfigDir(), 'profiles');
+}
+
+/**
+ * Get path to a specific profile file
+ */
+export function getProfilePath(profileName) {
+  return path.join(getProfilesDir(), `${profileName}.json`);
+}
+
+/**
+ * Get the main config.json path
+ */
+export function getMainConfigPath() {
+  return process.env.CODER_CONFIG_PATH || path.join(getCoderConfigDir(), 'config.json');
+}
+
+/**
+ * Ensure the profiles directory exists
+ */
+export async function ensureProfilesDir() {
+  const profilesDir = getProfilesDir();
+  await fs.mkdir(profilesDir, { recursive: true });
+}
+
+/**
+ * Load the main config.json (contains activeProfile and legacy settings)
+ */
+export async function loadMainConfig() {
+  const configPath = getMainConfigPath();
+  try {
+    const content = await fs.readFile(configPath, 'utf-8');
+    return JSON.parse(content);
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      return null;
+    }
+    throw new Error(`Failed to read config at ${configPath}: ${error.message}`);
+  }
+}
+
+/**
+ * Save the main config.json
+ */
+export async function saveMainConfig(config) {
+  const configPath = getMainConfigPath();
+  const configDir = path.dirname(configPath);
+  await fs.mkdir(configDir, { recursive: true });
+  await fs.writeFile(configPath, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+}
+
+/**
+ * Get the active profile name
+ * Priority: CODER_PROFILE env var > config.json activeProfile > null
+ */
+export async function getActiveProfileName() {
+  // Check environment variable first
+  if (process.env.CODER_PROFILE) {
+    return process.env.CODER_PROFILE;
+  }
+
+  // Check main config
+  const mainConfig = await loadMainConfig();
+  return mainConfig?.activeProfile || null;
+}
+
+/**
+ * Set the active profile in config.json
+ */
+export async function setActiveProfile(profileName) {
+  const mainConfig = await loadMainConfig() || {};
+  mainConfig.activeProfile = profileName;
+  await saveMainConfig(mainConfig);
+}
+
+/**
+ * Load a specific profile by name
+ */
+export async function loadProfile(profileName) {
+  const profilePath = getProfilePath(profileName);
+  try {
+    const content = await fs.readFile(profilePath, 'utf-8');
+    return JSON.parse(content);
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      return null;
+    }
+    throw new Error(`Failed to read profile '${profileName}': ${error.message}`);
+  }
+}
+
+/**
+ * Save a profile
+ */
+export async function saveProfile(profileName, profileData) {
+  await ensureProfilesDir();
+  const profilePath = getProfilePath(profileName);
+
+  // Ensure name is set
+  profileData.name = profileName;
+
+  await fs.writeFile(profilePath, JSON.stringify(profileData, null, 2) + '\n', 'utf-8');
+}
+
+/**
+ * Delete a profile
+ */
+export async function deleteProfile(profileName) {
+  const profilePath = getProfilePath(profileName);
+  try {
+    await fs.unlink(profilePath);
+    return true;
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      return false;
+    }
+    throw error;
+  }
+}
+
+/**
+ * List all available profiles
+ */
+export async function listProfiles() {
+  const profilesDir = getProfilesDir();
+  try {
+    const files = await fs.readdir(profilesDir);
+    return files
+      .filter(f => f.endsWith('.json'))
+      .map(f => f.replace('.json', ''));
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      return [];
+    }
+    throw error;
+  }
+}
+
+/**
+ * Check if a profile exists
+ */
+export async function profileExists(profileName) {
+  const profilePath = getProfilePath(profileName);
+  try {
+    await fs.access(profilePath);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Get the effective configuration by merging:
+ * 1. Environment variables (highest priority)
+ * 2. CLI --profile flag (if provided)
+ * 3. Active profile
+ * 4. Legacy config.json values (backwards compatibility)
+ * 5. Defaults (lowest priority)
+ *
+ * @param {string|null} cliProfileOverride - Profile name from --profile flag
+ */
+export async function getEffectiveConfig(cliProfileOverride = null) {
+  const config = {
+    server: 'http://localhost:3000',
+    apiKey: null,
+    default_environment: null,
+    coder_setup_path: null,
+    server_port: 3000,
+    profound_coder_path: null
+  };
+
+  // Load legacy/main config (lowest priority after defaults)
+  const mainConfig = await loadMainConfig();
+  if (mainConfig) {
+    for (const key of PROFILE_CONFIG_KEYS) {
+      if (mainConfig[key] !== undefined) {
+        config[key] = mainConfig[key];
+      }
+    }
+  }
+
+  // Load active profile (overrides legacy config)
+  const profileName = cliProfileOverride || await getActiveProfileName();
+  if (profileName) {
+    const profile = await loadProfile(profileName);
+    if (profile) {
+      for (const key of PROFILE_CONFIG_KEYS) {
+        if (profile[key] !== undefined) {
+          config[key] = profile[key];
+        }
+      }
+    }
+  }
+
+  // Apply environment variables (highest priority)
+  if (process.env.CODER_SERVER_URL) {
+    config.server = process.env.CODER_SERVER_URL;
+  }
+  if (process.env.CODER_API_KEY) {
+    config.apiKey = process.env.CODER_API_KEY;
+  }
+  if (process.env.CODER_SETUP_PATH) {
+    config.coder_setup_path = process.env.CODER_SETUP_PATH;
+  }
+  if (process.env.PORT) {
+    config.server_port = parseInt(process.env.PORT, 10);
+  }
+  if (process.env.PROFOUND_CODER_PATH) {
+    config.profound_coder_path = process.env.PROFOUND_CODER_PATH;
+  }
+
+  // Sanitize server URL
+  if (config.server && config.server.endsWith('/')) {
+    config.server = config.server.slice(0, -1);
+  }
+
+  return config;
+}
+
+/**
+ * Create a profile from the current legacy config (migration helper)
+ */
+export async function createProfileFromLegacyConfig(profileName) {
+  const mainConfig = await loadMainConfig();
+  if (!mainConfig) {
+    return null;
+  }
+
+  const profileData = { name: profileName };
+
+  for (const key of PROFILE_CONFIG_KEYS) {
+    if (mainConfig[key] !== undefined) {
+      profileData[key] = mainConfig[key];
+    }
+  }
+
+  await saveProfile(profileName, profileData);
+  return profileData;
+}
+
+/**
+ * Validate profile name
+ */
+export function isValidProfileName(name) {
+  // Allow alphanumeric, hyphens, underscores
+  return /^[a-zA-Z0-9_-]+$/.test(name);
+}
+
+/**
+ * Get profile keys that can be configured
+ */
+export function getProfileConfigKeys() {
+  return [...PROFILE_CONFIG_KEYS];
+}