@rine-network/cli 0.7.4 → 0.8.0

package/README.md

@@ -25,11 +25,8 @@ curl -fsSL https://rine.network/install.sh | sh
 ## Quick start
 
 ```sh
-# Register an organisation
-rine register --email you@example.com --name "My Org" --slug my-org
-
-# Create an agent
-rine agent create --name "my-agent"
+# Register and create your first agent in one step
+rine onboard --email you@example.com --name "My Org" --slug my-org --agent my-agent
 
 # Send a message (type defaults to rine.v1.dm)
 rine send --to other-agent@other-org.rine.network --payload '{"task": "hello"}'
@@ -41,13 +38,14 @@ rine inbox
 Or with npx (no install needed):
 
 ```sh
-npx @rine-network/cli register --email you@example.com --name "My Org" --slug my-org
+npx @rine-network/cli onboard --email you@example.com --name "My Org" --slug my-org --agent my-agent
 ```
 
 ## Commands
 
 | Command | Description |
 |---------|-------------|
+| `rine onboard` | Register + create first agent in one step (PoW + key generation) |
 | `rine register` | Register a new organisation (with RSA time-lock PoW) |
 | `rine login / logout / status` | Authentication |
 | `rine whoami` | Show current identity, org, agent, and key status |
@@ -67,7 +65,7 @@ Use `rine --help` or `rine <command> --help` for full usage.
 
 ## Configuration
 
-The CLI resolves its config directory in order: `$RINE_CONFIG_DIR` > `.rine/` in the current directory > `~/.config/rine`.
+The CLI resolves its config directory in order: `$RINE_CONFIG_DIR` > `~/.config/rine` > `.rine/` in the current directory.
 
 | Variable | Description |
 |----------|-------------|

package/dist/main.js

@@ -1,6 +1,6 @@
 import { createRequire } from "node:module";
 import { Command } from "commander";
-import { HttpClient, RineApiError, UUID_RE, agentKeysExist, cacheToken, decryptGroupMessage, decryptMessage, encryptGroupMessage, encryptMessage, encryptionPublicKeyToJWK, fetchAgents, fetchOAuthToken, fetchRecipientEncryptionKey, formatError, fromBase64Url, generateAgentKeys, getAgentPublicKeys, getCredentialEntry, getOrCreateSenderKey, getOrRefreshToken, ingestSenderKeyDistribution, isBareAgentName, loadAgentKeys, loadCredentials, loadTokenCache, resolveAgent, resolveApiUrl, resolveConfigDir, resolveHandleViaWebFinger, resolveToUuid, saveAgentKeys, saveCredentials, saveTokenCache, signingPublicKeyToJWK, solveTimeLockWithProgress, toBase64Url, validateEncryptionKey, validateSigningKey } from "@rine-network/core";
+import { HttpClient, RineApiError, UUID_RE, agentKeysExist, cacheToken, decryptGroupMessage, decryptMessage, encryptGroupMessage, encryptMessage, fetchAgents, fetchOAuthToken, fetchRecipientEncryptionKey, formatError, fromBase64Url, generateAgentKeys, getAgentPublicKeys, getCredentialEntry, getOrCreateSenderKey, getOrRefreshToken, ingestSenderKeyDistribution, isBareAgentName, loadAgentKeys, loadCredentials, loadTokenCache, performAgentCreation, performRegistration, resolveAgent, resolveApiUrl, resolveConfigDir, resolveHandleViaWebFinger, resolveToUuid, saveAgentKeys, saveCredentials, saveTokenCache, toBase64Url, validateEncryptionKey, validateSigningKey, validateSlug } from "@rine-network/core";
 import readline from "node:readline";
 import * as fs from "node:fs";
 import { join } from "node:path";
@@ -216,6 +216,21 @@ function registerAgentProfile(program) {
 	}));
 }
 //#endregion
+//#region src/agent-format.ts
+function toAgentRow(a, opts = {}) {
+	const row = {
+		ID: a.id,
+		Name: a.name,
+		Handle: a.handle,
+		"Human Oversight": String(a.human_oversight),
+		Created: a.created_at
+	};
+	if (opts.includeVerificationWords && a.verification_words) row["Verification Words"] = a.verification_words;
+	if (opts.includeCard) row.Card = a.unlisted ? "unlisted" : "public";
+	if (opts.includeRevoked) row.Revoked = a.revoked_at ? String(a.revoked_at) : "—";
+	return row;
+}
+//#endregion
 //#region src/prompt.ts
 /** Prompt for a plain-text value on stdout/stdin. */
 async function promptText(question) {
@@ -261,19 +276,6 @@ async function promptConfirm(question) {
 }
 //#endregion
 //#region src/commands/agent.ts
-function toAgentRow(a, opts = {}) {
-	const row = {
-		ID: a.id,
-		Name: a.name,
-		Handle: a.handle,
-		"Human Oversight": String(a.human_oversight),
-		Created: a.created_at
-	};
-	if (opts.includeVerificationWords && a.verification_words) row["Verification Words"] = a.verification_words;
-	if (opts.includeCard) row.Card = a.unlisted ? "unlisted" : "public";
-	if (opts.includeRevoked) row.Revoked = a.revoked_at ? String(a.revoked_at) : "—";
-	return row;
-}
 function registerAgent(program) {
 	const agent = program.command("agent").description("Agent management");
 	agent.command("create").description("Create a new agent").option("--name <name>", "Agent name").option("--[no-]human-oversight", "Require human oversight (default: true)").option("--unlisted", "Mark agent as unlisted (not in public directory)").action(withClient(program, async ({ client, gOpts, configDir }, opts) => {
@@ -286,24 +288,11 @@ function registerAgent(program) {
 				return;
 			}
 		}
-		const agentKeys = generateAgentKeys();
-		const body = {
+		const data = await performAgentCreation(client, configDir, gOpts.profile ?? "default", {
 			name,
-			signing_public_key: signingPublicKeyToJWK(agentKeys.signing.publicKey),
-			encryption_public_key: encryptionPublicKeyToJWK(agentKeys.encryption.publicKey)
-		};
-		if (opts.humanOversight !== void 0) body.human_oversight = opts.humanOversight;
-		if (opts.unlisted) body.unlisted = true;
-		const data = await client.post("/agents", body);
-		saveAgentKeys(configDir, data.id, agentKeys);
-		if (data.poll_url) {
-			const profile = gOpts.profile ?? "default";
-			const creds = loadCredentials(configDir);
-			if (creds[profile]) {
-				creds[profile].poll_url = data.poll_url;
-				saveCredentials(configDir, creds);
-			}
-		}
+			humanOversight: opts.humanOversight,
+			unlisted: opts.unlisted
+		});
 		if (gOpts.json) printJson(data);
 		else {
 			printTable([toAgentRow(data, {
@@ -1273,85 +1262,87 @@ function registerOrg(program) {
 	}));
 }
 //#endregion
-//#region src/commands/register.ts
-function registerRegister(program) {
-	program.command("register").description("Register a new organization (two-step PoW flow)").requiredOption("--email <email>", "Email address").requiredOption("--name <name>", "Organization name").requiredOption("--slug <slug>", "Organization slug").action(withErrorHandler(program, async (gOpts, opts) => {
+//#region src/commands/onboard.ts
+function registerOnboard(program) {
+	program.command("onboard").description("Register a new organization and create your first agent").requiredOption("--email <email>", "Email address").requiredOption("--name <name>", "Organization name").requiredOption("--slug <slug>", "Organization slug").requiredOption("--agent <agent-name>", "Name for the first agent").option("--[no-]human-oversight", "Require human oversight (default: true)").option("--unlisted", "Mark agent as unlisted (not in public directory)").action(withErrorHandler(program, async (gOpts, opts) => {
 		const profile = gOpts.profile ?? "default";
 		const configDir = resolveConfigDir();
 		const apiUrl = resolveApiUrl();
-		const challengeRes = await fetch(`${apiUrl}/auth/register`, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: JSON.stringify({
-				email: opts.email,
-				org_slug: opts.slug
-			})
-		});
-		if (challengeRes.status === 409) {
-			printError("Email or slug already registered");
-			process.exitCode = 1;
-			return;
-		}
-		if (challengeRes.status === 429) {
-			printError("Rate limited — please wait before retrying");
+		if (!validateSlug(opts.slug)) {
+			printError("Invalid slug: must be 2-32 lowercase alphanumeric characters or hyphens, no leading/trailing hyphen");
 			process.exitCode = 1;
 			return;
 		}
-		if (!challengeRes.ok) {
-			printError(`Registration failed: ${(await challengeRes.json().catch(() => ({}))).detail ?? challengeRes.statusText}`);
-			process.exitCode = 1;
-			return;
-		}
-		const challenge = await challengeRes.json();
-		if (challenge.algorithm !== "rsa-timelock-v1") {
-			printError(`Unsupported algorithm: ${challenge.algorithm}. Please upgrade rine-cli.`);
-			process.exitCode = 1;
+		if (getCredentialEntry(configDir, profile)) {
+			const { client } = await createClient(configDir, apiUrl, gOpts.profile);
+			const org = await client.get("/org");
+			const agents = await client.get("/agents");
+			if (gOpts.json) printJson({
+				status: "already_registered",
+				org,
+				agents
+			});
+			else {
+				console.log(`Already registered as '${org.name}' (${org.slug})`);
+				if (agents.items.length > 0) printTable(agents.items.map((a) => ({
+					ID: a.id,
+					Name: a.name,
+					Handle: a.handle
+				})));
+			}
 			return;
 		}
 		process.stderr.write("By registering, you accept the rine terms of service and privacy policy:\n  https://rine.network/terms.html\n  https://rine.network/privacy.html\n");
 		const progressStream = gOpts.json ? process.stderr : process.stdout;
-		const nonce = await solveTimeLockWithProgress(challenge.prefix, challenge.modulus, challenge.difficulty, (pct) => {
+		const regResult = await performRegistration(apiUrl, configDir, profile, {
+			email: opts.email,
+			slug: opts.slug,
+			name: opts.name
+		}, (pct) => {
 			progressStream.write(`\rSolving PoW challenge: ${pct}%`);
 		});
 		progressStream.write("\rSolving PoW challenge: 100%\n");
-		const solveRes = await fetch(`${apiUrl}/auth/register/solve`, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: JSON.stringify({
-				challenge_id: challenge.challenge_id,
-				nonce,
-				org_name: opts.name,
-				org_slug: opts.slug,
-				consent: true
-			})
+		const { client } = await createClient(configDir, apiUrl, gOpts.profile);
+		const agent = await performAgentCreation(client, configDir, profile, {
+			name: opts.agent,
+			humanOversight: opts.humanOversight,
+			unlisted: opts.unlisted
 		});
-		if (solveRes.status === 409) {
-			printError("Conflict: email or slug already registered");
-			process.exitCode = 1;
-			return;
-		}
-		if (solveRes.status === 410) {
-			printError("Challenge expired — please register again");
-			process.exitCode = 1;
-			return;
-		}
-		if (!solveRes.ok) {
-			printError(`Solve failed: ${(await solveRes.json().catch(() => ({}))).detail ?? solveRes.statusText}`);
-			process.exitCode = 1;
-			return;
-		}
-		const data = await solveRes.json();
-		const creds = loadCredentials(configDir);
-		creds[profile] = {
-			client_id: data.client_id,
-			client_secret: data.client_secret
-		};
-		saveCredentials(configDir, creds);
-		try {
-			cacheToken(configDir, profile, await fetchOAuthToken(apiUrl, data.client_id, data.client_secret));
-		} catch {
-			process.stderr.write("Warning: initial token cache failed\n");
+		if (gOpts.json) printJson({
+			org_id: regResult.org_id,
+			client_id: regResult.client_id,
+			agent,
+			poll_url: agent.poll_url,
+			config_dir: configDir
+		});
+		else {
+			printTable([toAgentRow(agent, {
+				includeCard: true,
+				includeVerificationWords: true
+			})]);
+			console.log(`\nAgent '${agent.name}' created — reachable at ${agent.handle}`);
+			if (agent.verification_words) console.log(`Verification words: ${agent.verification_words}`);
+			if (agent.poll_url) console.log(`Poll URL: ${agent.poll_url}`);
 		}
+	}));
+}
+//#endregion
+//#region src/commands/register.ts
+function registerRegister(program) {
+	program.command("register").description("Register a new organization (two-step PoW flow)").requiredOption("--email <email>", "Email address").requiredOption("--name <name>", "Organization name").requiredOption("--slug <slug>", "Organization slug").action(withErrorHandler(program, async (gOpts, opts) => {
+		const profile = gOpts.profile ?? "default";
+		const configDir = resolveConfigDir();
+		const apiUrl = resolveApiUrl();
+		process.stderr.write("By registering, you accept the rine terms of service and privacy policy:\n  https://rine.network/terms.html\n  https://rine.network/privacy.html\n");
+		const progressStream = gOpts.json ? process.stderr : process.stdout;
+		const data = await performRegistration(apiUrl, configDir, profile, {
+			email: opts.email,
+			slug: opts.slug,
+			name: opts.name
+		}, (pct) => {
+			progressStream.write(`\rSolving PoW challenge: ${pct}%`);
+		});
+		progressStream.write("\rSolving PoW challenge: 100%\n");
 		if (gOpts.json) printJson(data);
 		else {
 			printSuccess(`Registered '${opts.name}' (${opts.slug})`);
@@ -1545,6 +1536,7 @@ const { version } = createRequire(import.meta.url)("../package.json");
 const program = new Command("rine").version(version).description("rine.network CLI — messaging infrastructure for AI agents").option("--profile <name>", "credential profile to use", "default").option("--json", "output as JSON").option("--table", "output as table").option("--as <agent>", "act as a specific agent (UUID, handle, or bare name e.g. kofi)");
 registerAuth(program);
 registerRegister(program);
+registerOnboard(program);
 registerOrg(program);
 registerAgent(program);
 registerAgentProfile(program);

package/package.json

@@ -1,61 +1,61 @@
 {
-	"name": "@rine-network/cli",
-	"version": "0.7.4",
-	"description": "CLI client for rine.network — EU-first messaging infrastructure for AI agents",
-	"author": "mmmbs <mmmbs@proton.me>",
-	"license": "EUPL-1.2",
-	"type": "module",
-	"engines": {
-		"node": ">=22"
-	},
-	"bin": {
-		"rine": "bin/rine.js"
-	},
-	"files": [
-		"bin/",
-		"dist/"
-	],
-	"exports": {
-		".": "./dist/main.js"
-	},
-	"scripts": {
-		"build": "tsdown src/main.ts --format esm --outDir dist --clean",
-		"prepublishOnly": "npm run build",
-		"typecheck": "tsc --noEmit",
-		"lint": "biome check .",
-		"test": "vitest run",
-		"test:coverage": "vitest --coverage",
-		"dev": "tsx src/main.ts"
-	},
-	"dependencies": {
-		"@rine-network/core": "^0.2.0",
-		"commander": "^12.0.0",
-		"eventsource-client": "^1.1.0"
-	},
-	"devDependencies": {
-		"@biomejs/biome": "^1.9.0",
-		"@types/node": "^22.0.0",
-		"tsdown": "^0.12.0",
-		"tsx": "^4.19.0",
-		"typescript": "^5.8.0",
-		"vitest": "^3.0.0"
-	},
-	"homepage": "https://rine.network",
-	"repository": {
-		"type": "git",
-		"url": "https://codeberg.org/rine/rine-cli"
-	},
-	"bugs": {
-		"url": "https://codeberg.org/rine/rine-cli/issues"
-	},
-	"publishConfig": {
-		"access": "public"
-	},
-	"keywords": [
-		"messaging",
-		"ai-agents",
-		"cli",
-		"a2a",
-		"eu"
-	]
+  "name": "@rine-network/cli",
+  "version": "0.8.0",
+  "description": "CLI client for rine.network \u2014 EU-first messaging infrastructure for AI agents",
+  "author": "mmmbs <mmmbs@proton.me>",
+  "license": "EUPL-1.2",
+  "type": "module",
+  "engines": {
+    "node": ">=22"
+  },
+  "bin": {
+    "rine": "bin/rine.js"
+  },
+  "files": [
+    "bin/",
+    "dist/"
+  ],
+  "exports": {
+    ".": "./dist/main.js"
+  },
+  "scripts": {
+    "build": "tsdown src/main.ts --format esm --outDir dist --clean",
+    "prepublishOnly": "npm run build",
+    "typecheck": "tsc --noEmit",
+    "lint": "biome check .",
+    "test": "vitest run",
+    "test:coverage": "vitest --coverage",
+    "dev": "tsx src/main.ts"
+  },
+  "dependencies": {
+    "@rine-network/core": "^0.3.1",
+    "commander": "^12.0.0",
+    "eventsource-client": "^1.1.0"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^1.9.0",
+    "@types/node": "^22.0.0",
+    "tsdown": "^0.12.0",
+    "tsx": "^4.19.0",
+    "typescript": "^5.8.0",
+    "vitest": "^3.0.0"
+  },
+  "homepage": "https://rine.network",
+  "repository": {
+    "type": "git",
+    "url": "https://codeberg.org/rine/rine-cli"
+  },
+  "bugs": {
+    "url": "https://codeberg.org/rine/rine-cli/issues"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": [
+    "messaging",
+    "ai-agents",
+    "cli",
+    "a2a",
+    "eu"
+  ]
 }