@qulib/core 0.2.0 → 0.2.2

package/README.md

@@ -8,6 +8,16 @@
 npm install @qulib/core
 ```
 
+## One-time browser setup
+
+Qulib uses Playwright. Install Chromium once on the machine that runs scans:
+
+```bash
+npx playwright install chromium
+```
+
+If browsers are missing, commands fail with a short message pointing you here.
+
 ## Scanning authenticated apps
 
 Qulib supports three auth modes: anonymous (default), form-login, and storage-state.
@@ -45,6 +55,20 @@ qulib analyze --url https://app.example.com --auth-storage-state ./qulib-storage
 
 The storage state is just a JSON file of cookies and localStorage — keep it private, treat it like a credential.
 
+### Multi-path auth exploration (`explore-auth`)
+
+For unfamiliar apps (especially enterprise SSO with several buttons), run **`qulib explore-auth --url <url>`** before `analyze`. The JSON lists every detected path (built-in OAuth names like Google/Clever, **heuristic** unknown buttons such as tenant-specific SSO labels, password forms, and magic-link copy) plus **`suggestedAgentBehavior`** for the agent.
+
+Unknown SSO buttons include **`unrecognizedButtons`** with a hint. Teach this machine to recognize a label next time:
+
+```bash
+qulib auth providers add --id scholastic-sync --label "Scholastic Sync" --pattern "scholastic sync"
+qulib auth providers list
+qulib auth providers remove --id scholastic-sync
+```
+
+Patterns live in **`~/.qulib/providers.json`** (per user, not in the repo). Built-in public platforms stay in qulib’s curated list; tenant-specific names are never shipped as built-ins.
+
 ### Auth detection
 
 To check what auth pattern a site uses before configuring anything:

package/dist/cli/index.js

@@ -6,6 +6,7 @@ import { z } from 'zod';
 import { HarnessConfigSchema } from '../schemas/config.schema.js';
 import { analyzeApp } from '../analyze.js';
 import { detectAuth } from '../tools/auth-detector.js';
+import { exploreAuth } from '../tools/auth-explorer.js';
 const program = new Command();
 const AnalyzeUrlSchema = z.string().url();
 const FormLoginCliSchema = z.object({
@@ -166,6 +167,15 @@ program
         submitSelector: options.submitSelector,
     });
 });
+program
+    .command('explore-auth')
+    .description('Explore all sign-in paths (OAuth, forms, magic link) for agent-driven setup before analyze')
+    .requiredOption('--url <url>', 'URL of the app or login page')
+    .option('--timeout <ms>', 'Navigation timeout in ms', '20000')
+    .action(async (options) => {
+    const result = await exploreAuth(options.url, parseInt(options.timeout, 10));
+    console.log(JSON.stringify(result, null, 2));
+});
 program
     .command('detect-auth')
     .description('Detect the authentication pattern used by a deployed web app')
@@ -176,6 +186,43 @@ program
     console.log(JSON.stringify(result, null, 2));
 });
 const authCmd = program.command('auth').description('Authentication helpers for scans');
+const providersCmd = authCmd
+    .command('providers')
+    .description('User-local OAuth/SSO button patterns (~/.qulib/providers.json)');
+providersCmd
+    .command('list')
+    .description('List user-local providers registered on this machine')
+    .action(async () => {
+    const { listUserProviders } = await import('../tools/user-providers.js');
+    const providers = listUserProviders();
+    console.log(JSON.stringify(providers, null, 2));
+});
+providersCmd
+    .command('add')
+    .description('Register a custom provider pattern (case-insensitive regex source)')
+    .requiredOption('--id <id>', 'Stable id (kebab-case), e.g. scholastic-sync')
+    .requiredOption('--label <label>', 'Human-readable label')
+    .requiredOption('--pattern <regex>', 'Regex source, e.g. scholastic sync')
+    .action(async (opts) => {
+    try {
+        new RegExp(opts.pattern, 'i');
+    }
+    catch {
+        throw new Error(`Invalid regex pattern: ${opts.pattern}`);
+    }
+    const { addUserProvider } = await import('../tools/user-providers.js');
+    addUserProvider({ id: opts.id, label: opts.label, pattern: opts.pattern });
+    console.log(`[qulib] Added provider "${opts.label}" (id: ${opts.id}) to ~/.qulib/providers.json`);
+});
+providersCmd
+    .command('remove')
+    .description('Remove a user-local provider by id')
+    .requiredOption('--id <id>', 'Provider id to remove')
+    .action(async (opts) => {
+    const { removeUserProvider } = await import('../tools/user-providers.js');
+    const removed = removeUserProvider(opts.id);
+    console.log(removed ? `[qulib] Removed "${opts.id}"` : `[qulib] No provider with id "${opts.id}" found`);
+});
 authCmd
     .command('init')
     .description('Open a browser, let the user log in manually, save the storage state to a file for reuse')

package/dist/index.d.ts

@@ -1,5 +1,7 @@
 export { analyzeApp } from './analyze.js';
 export { detectAuth } from './tools/auth-detector.js';
+export { exploreAuth } from './tools/auth-explorer.js';
+export { addUserProvider, removeUserProvider, listUserProviders } from './tools/user-providers.js';
 export type { AnalyzeOptions, AnalyzeResult } from './analyze.js';
-export type { HarnessConfig, AuthConfig, RouteInventory, GapAnalysis, RepoAnalysis, DetectedAuth, } from './schemas/index.js';
+export type { HarnessConfig, AuthConfig, RouteInventory, GapAnalysis, RepoAnalysis, DetectedAuth, AuthExploration, AuthPath, AuthPathRequirements, } from './schemas/index.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClE,YAAY,EACV,aAAa,EACb,UAAU,EACV,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,GACb,MAAM,oBAAoB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AACnG,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClE,YAAY,EACV,aAAa,EACb,UAAU,EACV,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,oBAAoB,GACrB,MAAM,oBAAoB,CAAC"}

package/dist/index.js

@@ -1,2 +1,4 @@
 export { analyzeApp } from './analyze.js';
 export { detectAuth } from './tools/auth-detector.js';
+export { exploreAuth } from './tools/auth-explorer.js';
+export { addUserProvider, removeUserProvider, listUserProviders } from './tools/user-providers.js';

package/dist/schemas/config.schema.d.ts

@@ -384,5 +384,362 @@ export declare const DetectedAuthSchema: z.ZodObject<{
     recommendation: string;
 }>;
 export type DetectedAuth = z.infer<typeof DetectedAuthSchema>;
+export declare const AuthPathRequirementsSchema: z.ZodDiscriminatedUnion<"method", [z.ZodObject<{
+    method: z.ZodLiteral<"storage-state">;
+    instruction: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    method: "storage-state";
+    instruction: string;
+}, {
+    method: "storage-state";
+    instruction: string;
+}>, z.ZodObject<{
+    method: z.ZodLiteral<"credentials">;
+    fields: z.ZodArray<z.ZodObject<{
+        name: z.ZodString;
+        label: z.ZodString;
+        type: z.ZodEnum<["text", "password", "email", "select", "checkbox"]>;
+        observedOptions: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: "password" | "text" | "email" | "select" | "checkbox";
+        name: string;
+        label: string;
+        observedOptions: string[];
+    }, {
+        type: "password" | "text" | "email" | "select" | "checkbox";
+        name: string;
+        label: string;
+        observedOptions?: string[] | undefined;
+    }>, "many">;
+}, "strip", z.ZodTypeAny, {
+    method: "credentials";
+    fields: {
+        type: "password" | "text" | "email" | "select" | "checkbox";
+        name: string;
+        label: string;
+        observedOptions: string[];
+    }[];
+}, {
+    method: "credentials";
+    fields: {
+        type: "password" | "text" | "email" | "select" | "checkbox";
+        name: string;
+        label: string;
+        observedOptions?: string[] | undefined;
+    }[];
+}>, z.ZodObject<{
+    method: z.ZodLiteral<"unknown">;
+    instruction: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    method: "unknown";
+    instruction: string;
+}, {
+    method: "unknown";
+    instruction: string;
+}>]>;
+export declare const AuthPathSchema: z.ZodObject<{
+    id: z.ZodString;
+    label: z.ZodString;
+    type: z.ZodEnum<["oauth", "oauth-unknown", "form-login", "form-multi", "magic-link", "unknown"]>;
+    provider: z.ZodNullable<z.ZodString>;
+    source: z.ZodEnum<["built-in", "user-local", "heuristic"]>;
+    automatable: z.ZodBoolean;
+    confidence: z.ZodEnum<["high", "medium", "low"]>;
+    requirements: z.ZodDiscriminatedUnion<"method", [z.ZodObject<{
+        method: z.ZodLiteral<"storage-state">;
+        instruction: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        method: "storage-state";
+        instruction: string;
+    }, {
+        method: "storage-state";
+        instruction: string;
+    }>, z.ZodObject<{
+        method: z.ZodLiteral<"credentials">;
+        fields: z.ZodArray<z.ZodObject<{
+            name: z.ZodString;
+            label: z.ZodString;
+            type: z.ZodEnum<["text", "password", "email", "select", "checkbox"]>;
+            observedOptions: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
+        }, "strip", z.ZodTypeAny, {
+            type: "password" | "text" | "email" | "select" | "checkbox";
+            name: string;
+            label: string;
+            observedOptions: string[];
+        }, {
+            type: "password" | "text" | "email" | "select" | "checkbox";
+            name: string;
+            label: string;
+            observedOptions?: string[] | undefined;
+        }>, "many">;
+    }, "strip", z.ZodTypeAny, {
+        method: "credentials";
+        fields: {
+            type: "password" | "text" | "email" | "select" | "checkbox";
+            name: string;
+            label: string;
+            observedOptions: string[];
+        }[];
+    }, {
+        method: "credentials";
+        fields: {
+            type: "password" | "text" | "email" | "select" | "checkbox";
+            name: string;
+            label: string;
+            observedOptions?: string[] | undefined;
+        }[];
+    }>, z.ZodObject<{
+        method: z.ZodLiteral<"unknown">;
+        instruction: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        method: "unknown";
+        instruction: string;
+    }, {
+        method: "unknown";
+        instruction: string;
+    }>]>;
+}, "strip", z.ZodTypeAny, {
+    type: "unknown" | "form-login" | "oauth" | "magic-link" | "oauth-unknown" | "form-multi";
+    provider: string | null;
+    label: string;
+    id: string;
+    source: "built-in" | "user-local" | "heuristic";
+    automatable: boolean;
+    confidence: "high" | "medium" | "low";
+    requirements: {
+        method: "storage-state";
+        instruction: string;
+    } | {
+        method: "credentials";
+        fields: {
+            type: "password" | "text" | "email" | "select" | "checkbox";
+            name: string;
+            label: string;
+            observedOptions: string[];
+        }[];
+    } | {
+        method: "unknown";
+        instruction: string;
+    };
+}, {
+    type: "unknown" | "form-login" | "oauth" | "magic-link" | "oauth-unknown" | "form-multi";
+    provider: string | null;
+    label: string;
+    id: string;
+    source: "built-in" | "user-local" | "heuristic";
+    automatable: boolean;
+    confidence: "high" | "medium" | "low";
+    requirements: {
+        method: "storage-state";
+        instruction: string;
+    } | {
+        method: "credentials";
+        fields: {
+            type: "password" | "text" | "email" | "select" | "checkbox";
+            name: string;
+            label: string;
+            observedOptions?: string[] | undefined;
+        }[];
+    } | {
+        method: "unknown";
+        instruction: string;
+    };
+}>;
+export declare const AuthExplorationSchema: z.ZodObject<{
+    url: z.ZodString;
+    authRequired: z.ZodBoolean;
+    authScope: z.ZodEnum<["site-wide", "section-only", "optional", "none"]>;
+    authPaths: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        label: z.ZodString;
+        type: z.ZodEnum<["oauth", "oauth-unknown", "form-login", "form-multi", "magic-link", "unknown"]>;
+        provider: z.ZodNullable<z.ZodString>;
+        source: z.ZodEnum<["built-in", "user-local", "heuristic"]>;
+        automatable: z.ZodBoolean;
+        confidence: z.ZodEnum<["high", "medium", "low"]>;
+        requirements: z.ZodDiscriminatedUnion<"method", [z.ZodObject<{
+            method: z.ZodLiteral<"storage-state">;
+            instruction: z.ZodString;
+        }, "strip", z.ZodTypeAny, {
+            method: "storage-state";
+            instruction: string;
+        }, {
+            method: "storage-state";
+            instruction: string;
+        }>, z.ZodObject<{
+            method: z.ZodLiteral<"credentials">;
+            fields: z.ZodArray<z.ZodObject<{
+                name: z.ZodString;
+                label: z.ZodString;
+                type: z.ZodEnum<["text", "password", "email", "select", "checkbox"]>;
+                observedOptions: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
+            }, "strip", z.ZodTypeAny, {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions: string[];
+            }, {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions?: string[] | undefined;
+            }>, "many">;
+        }, "strip", z.ZodTypeAny, {
+            method: "credentials";
+            fields: {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions: string[];
+            }[];
+        }, {
+            method: "credentials";
+            fields: {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions?: string[] | undefined;
+            }[];
+        }>, z.ZodObject<{
+            method: z.ZodLiteral<"unknown">;
+            instruction: z.ZodString;
+        }, "strip", z.ZodTypeAny, {
+            method: "unknown";
+            instruction: string;
+        }, {
+            method: "unknown";
+            instruction: string;
+        }>]>;
+    }, "strip", z.ZodTypeAny, {
+        type: "unknown" | "form-login" | "oauth" | "magic-link" | "oauth-unknown" | "form-multi";
+        provider: string | null;
+        label: string;
+        id: string;
+        source: "built-in" | "user-local" | "heuristic";
+        automatable: boolean;
+        confidence: "high" | "medium" | "low";
+        requirements: {
+            method: "storage-state";
+            instruction: string;
+        } | {
+            method: "credentials";
+            fields: {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions: string[];
+            }[];
+        } | {
+            method: "unknown";
+            instruction: string;
+        };
+    }, {
+        type: "unknown" | "form-login" | "oauth" | "magic-link" | "oauth-unknown" | "form-multi";
+        provider: string | null;
+        label: string;
+        id: string;
+        source: "built-in" | "user-local" | "heuristic";
+        automatable: boolean;
+        confidence: "high" | "medium" | "low";
+        requirements: {
+            method: "storage-state";
+            instruction: string;
+        } | {
+            method: "credentials";
+            fields: {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions?: string[] | undefined;
+            }[];
+        } | {
+            method: "unknown";
+            instruction: string;
+        };
+    }>, "many">;
+    observedAt: z.ZodString;
+    suggestedAgentBehavior: z.ZodString;
+    unrecognizedButtons: z.ZodDefault<z.ZodArray<z.ZodObject<{
+        label: z.ZodString;
+        hint: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        label: string;
+        hint: string;
+    }, {
+        label: string;
+        hint: string;
+    }>, "many">>;
+}, "strip", z.ZodTypeAny, {
+    url: string;
+    authRequired: boolean;
+    authScope: "none" | "site-wide" | "section-only" | "optional";
+    authPaths: {
+        type: "unknown" | "form-login" | "oauth" | "magic-link" | "oauth-unknown" | "form-multi";
+        provider: string | null;
+        label: string;
+        id: string;
+        source: "built-in" | "user-local" | "heuristic";
+        automatable: boolean;
+        confidence: "high" | "medium" | "low";
+        requirements: {
+            method: "storage-state";
+            instruction: string;
+        } | {
+            method: "credentials";
+            fields: {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions: string[];
+            }[];
+        } | {
+            method: "unknown";
+            instruction: string;
+        };
+    }[];
+    observedAt: string;
+    suggestedAgentBehavior: string;
+    unrecognizedButtons: {
+        label: string;
+        hint: string;
+    }[];
+}, {
+    url: string;
+    authRequired: boolean;
+    authScope: "none" | "site-wide" | "section-only" | "optional";
+    authPaths: {
+        type: "unknown" | "form-login" | "oauth" | "magic-link" | "oauth-unknown" | "form-multi";
+        provider: string | null;
+        label: string;
+        id: string;
+        source: "built-in" | "user-local" | "heuristic";
+        automatable: boolean;
+        confidence: "high" | "medium" | "low";
+        requirements: {
+            method: "storage-state";
+            instruction: string;
+        } | {
+            method: "credentials";
+            fields: {
+                type: "password" | "text" | "email" | "select" | "checkbox";
+                name: string;
+                label: string;
+                observedOptions?: string[] | undefined;
+            }[];
+        } | {
+            method: "unknown";
+            instruction: string;
+        };
+    }[];
+    observedAt: string;
+    suggestedAgentBehavior: string;
+    unrecognizedButtons?: {
+        label: string;
+        hint: string;
+    }[] | undefined;
+}>;
+export type AuthPathRequirements = z.infer<typeof AuthPathRequirementsSchema>;
+export type AuthPath = z.infer<typeof AuthPathSchema>;
+export type AuthExploration = z.infer<typeof AuthExplorationSchema>;
 export {};
 //# sourceMappingURL=config.schema.d.ts.map

package/dist/schemas/config.schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/config.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,SAAS,CAAC;AACpD,MAAM,MAAM,WAAW,GAAG,YAAY,GAAG,aAAa,GAAG,mBAAmB,GAAG,KAAK,GAAG,eAAe,CAAC;AAEvG,QAAA,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBvB,CAAC;AAEH,QAAA,MAAM,sBAAsB;;;;;;;;;EAG1B,CAAC;AAEH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAA8E,CAAC;AAE5G,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC5E,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE1D,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAe9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEhE,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAmB7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC"}
+{"version":3,"file":"config.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/config.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,SAAS,CAAC;AACpD,MAAM,MAAM,WAAW,GAAG,YAAY,GAAG,aAAa,GAAG,mBAAmB,GAAG,KAAK,GAAG,eAAe,CAAC;AAEvG,QAAA,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBvB,CAAC;AAEH,QAAA,MAAM,sBAAsB;;;;;;;;;EAG1B,CAAC;AAEH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAA8E,CAAC;AAE5G,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC5E,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE1D,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAe9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEhE,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAmB7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE9D,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAcrC,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EASzB,CAAC;AAEH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAehC,CAAC;AAEH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAC9E,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AACtD,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC"}

package/dist/schemas/config.schema.js

@@ -55,3 +55,40 @@ export const DetectedAuthSchema = z.object({
     })),
     recommendation: z.string(),
 });
+export const AuthPathRequirementsSchema = z.discriminatedUnion('method', [
+    z.object({ method: z.literal('storage-state'), instruction: z.string() }),
+    z.object({
+        method: z.literal('credentials'),
+        fields: z.array(z.object({
+            name: z.string(),
+            label: z.string(),
+            type: z.enum(['text', 'password', 'email', 'select', 'checkbox']),
+            observedOptions: z.array(z.string()).default([]),
+        })),
+    }),
+    z.object({ method: z.literal('unknown'), instruction: z.string() }),
+]);
+export const AuthPathSchema = z.object({
+    id: z.string(),
+    label: z.string(),
+    type: z.enum(['oauth', 'oauth-unknown', 'form-login', 'form-multi', 'magic-link', 'unknown']),
+    provider: z.string().nullable(),
+    source: z.enum(['built-in', 'user-local', 'heuristic']),
+    automatable: z.boolean(),
+    confidence: z.enum(['high', 'medium', 'low']),
+    requirements: AuthPathRequirementsSchema,
+});
+export const AuthExplorationSchema = z.object({
+    url: z.string(),
+    authRequired: z.boolean(),
+    authScope: z.enum(['site-wide', 'section-only', 'optional', 'none']),
+    authPaths: z.array(AuthPathSchema),
+    observedAt: z.string(),
+    suggestedAgentBehavior: z.string(),
+    unrecognizedButtons: z
+        .array(z.object({
+        label: z.string(),
+        hint: z.string(),
+    }))
+        .default([]),
+});