@slates/cli 1.0.0-rc.2

package/package.json

@@ -0,0 +1,37 @@
+{
+  "name": "@slates/cli",
+  "version": "1.0.0-rc.2",
+  "publishConfig": {
+    "access": "public"
+  },
+  "files": [
+    "src/**",
+    "dist/**",
+    "README.md",
+    "package.json"
+  ],
+  "author": "Tobias Herber",
+  "license": "FSL 1.1",
+  "type": "module",
+  "source": "src/cli.ts",
+  "bin": "./src/cli.ts",
+  "exports": {
+    "default": "./src/cli.ts"
+  },
+  "scripts": {
+    "test": "vitest run --passWithNoTests",
+    "lint": "prettier src/**/*.ts --check",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "@inquirer/prompts": "^7.4.0",
+    "@slates/client": "1.0.0-rc.2",
+    "@slates/profiles": "1.0.0-rc.2",
+    "sade": "^1.8.1"
+  },
+  "devDependencies": {
+    "@slates/tsconfig": "1.0.0-rc.1",
+    "typescript": "5.8.2",
+    "vitest": "^3.1.2"
+  }
+}

package/src/cli.ts

@@ -0,0 +1,261 @@
+#!/usr/bin/env bun
+
+import sade from 'sade';
+import {
+  addOAuthCredentials,
+  addProfile,
+  callTool,
+  getAuth,
+  getConfig,
+  getConfigSchema,
+  getProfile,
+  getTool,
+  listAuth,
+  listOAuthCredentials,
+  listProfiles,
+  listTools,
+  refreshAuth,
+  removeProfile,
+  runAllIntegrationTests,
+  runVitestWithProfile,
+  setConfig,
+  setupAuth,
+  setupIntegration,
+  startRepl,
+  useProfile
+} from './commands';
+
+let printResult = async (cb: () => Promise<unknown>) => {
+  try {
+    let result = await cb();
+    if (result !== undefined) {
+      console.log(JSON.stringify(result, null, 2));
+    }
+  } catch (error) {
+    console.error(error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
+};
+
+let cli = sade('slates');
+let argv = process.argv.slice(2);
+let isGlobalTestCommand = argv[0] === 'test';
+let integration = isGlobalTestCommand ? null : argv[0];
+
+if (!isGlobalTestCommand && (!integration || integration.startsWith('-'))) {
+  console.error('Usage: slates <integration> <command>\n       slates test');
+  process.exit(1);
+}
+
+if (isGlobalTestCommand) {
+  cli.command('test').action(() =>
+    printResult(async () => {
+      let separatorIndex = process.argv.indexOf('--');
+      return runAllIntegrationTests({
+        vitestArgs: separatorIndex === -1 ? [] : process.argv.slice(separatorIndex + 1)
+      });
+    })
+  );
+
+  cli.parse([process.argv[0] ?? 'bun', process.argv[1] ?? 'slates', ...argv]);
+} else {
+
+cli
+  .command('profiles add')
+  .option('--name', 'Profile name')
+  .option('--entry', 'Local slate entry file')
+  .option('--export-name', 'Named export for the local slate provider')
+  .option('--default', 'Use this profile as the default')
+  .action(opts =>
+    printResult(() =>
+      addProfile({
+        integration: integration!,
+        name: opts.name,
+        entry: opts.entry,
+        exportName: opts.exportName,
+        useAsDefault: Boolean(opts.default)
+      })
+    )
+  );
+
+cli
+  .command('profiles list')
+  .action(() => printResult(() => listProfiles({ integration: integration! })));
+
+cli
+  .command('profiles get [profile]')
+  .action((profile: string | undefined) =>
+    printResult(() => getProfile({ integration: integration!, profile }))
+  );
+
+cli
+  .command('profiles use [profile]')
+  .action((profile: string | undefined) =>
+    printResult(() => useProfile({ integration: integration!, profile }))
+  );
+
+cli
+  .command('profiles remove [profile]')
+  .action((profile: string | undefined) =>
+    printResult(() => removeProfile({ integration: integration!, profile }))
+  );
+
+cli
+  .command('setup')
+  .option('--name', 'Profile name')
+  .option('--export-name', 'Named export for the local slate provider')
+  .action(opts =>
+    printResult(() =>
+      setupIntegration({
+        integration: integration!,
+        name: opts.name,
+        exportName: opts.exportName
+      })
+    )
+  );
+
+cli
+  .command('tools list')
+  .option('--profile', 'Profile ID or name')
+  .action(opts => printResult(() => listTools({ integration: integration!, profile: opts.profile })));
+
+cli
+  .command('tools get [toolId]')
+  .option('--profile', 'Profile ID or name')
+  .action((toolId: string | undefined, opts) =>
+    printResult(() => getTool({ integration: integration!, profile: opts.profile, toolId }))
+  );
+
+cli
+  .command('tools schema [toolId]')
+  .option('--profile', 'Profile ID or name')
+  .action((toolId: string | undefined, opts) =>
+    printResult(async () => {
+      let tool = await getTool({ integration: integration!, profile: opts.profile, toolId });
+      return tool.inputSchema;
+    })
+  );
+
+cli
+  .command('tools call [toolId]')
+  .option('--profile', 'Profile ID or name')
+  .option('--input', 'JSON input object')
+  .option('--auth-method-id', 'Preferred auth method ID')
+  .action((toolId: string | undefined, opts) =>
+    printResult(() =>
+      callTool({
+        integration: integration!,
+        profile: opts.profile,
+        toolId,
+        input: opts.input,
+        authMethodId: opts.authMethodId
+      })
+    )
+  );
+
+cli
+  .command('auth list')
+  .option('--profile', 'Profile ID or name')
+  .action(opts => printResult(() => listAuth({ integration: integration!, profile: opts.profile })));
+
+cli
+  .command('auth get [authMethodId]')
+  .option('--profile', 'Profile ID or name')
+  .action((authMethodId: string | undefined, opts) =>
+    printResult(() => getAuth({ integration: integration!, profile: opts.profile, authMethodId }))
+  );
+
+cli
+  .command('auth setup [authMethodId]')
+  .option('--profile', 'Profile ID or name')
+  .option('--input', 'JSON auth input object')
+  .option('--oauth-credential', 'OAuth credential ID or name')
+  .option('--client-id', 'OAuth client ID')
+  .option('--client-secret', 'OAuth client secret')
+  .option('--scopes', 'Comma-separated OAuth scopes')
+  .action((authMethodId: string | undefined, opts) =>
+    printResult(() =>
+      setupAuth({
+        integration: integration!,
+        profile: opts.profile,
+        authMethodId,
+        input: opts.input,
+        oauthCredential: opts.oauthCredential,
+        clientId: opts.clientId,
+        clientSecret: opts.clientSecret,
+        scopes: opts.scopes
+      })
+    )
+  );
+
+cli
+  .command('auth credentials list [authMethodId]')
+  .action((authMethodId: string | undefined) =>
+    printResult(() => listOAuthCredentials({ integration: integration!, authMethodId }))
+  );
+
+cli
+  .command('auth credentials add [authMethodId]')
+  .option('--name', 'Credential name')
+  .option('--client-id', 'OAuth client ID')
+  .option('--client-secret', 'OAuth client secret')
+  .action((authMethodId: string | undefined, opts) =>
+    printResult(() =>
+      addOAuthCredentials({
+        integration: integration!,
+        authMethodId,
+        name: opts.name,
+        clientId: opts.clientId,
+        clientSecret: opts.clientSecret
+      })
+    )
+  );
+
+cli
+  .command('auth refresh [authMethodId]')
+  .option('--profile', 'Profile ID or name')
+  .action((authMethodId: string | undefined, opts) =>
+    printResult(() => refreshAuth({ integration: integration!, profile: opts.profile, authMethodId }))
+  );
+
+cli
+  .command('config get')
+  .option('--profile', 'Profile ID or name')
+  .action(opts => printResult(() => getConfig({ integration: integration!, profile: opts.profile })));
+
+cli
+  .command('config set')
+  .option('--profile', 'Profile ID or name')
+  .option('--input', 'JSON config object')
+  .action(opts =>
+    printResult(() => setConfig({ integration: integration!, profile: opts.profile, input: opts.input }))
+  );
+
+cli
+  .command('config schema')
+  .option('--profile', 'Profile ID or name')
+  .action(opts => printResult(() => getConfigSchema({ integration: integration!, profile: opts.profile })));
+
+cli
+  .command('test')
+  .option('--profile', 'Profile ID or name')
+  .action(opts =>
+    printResult(async () => {
+      let separatorIndex = process.argv.indexOf('--');
+      await runVitestWithProfile({
+        integration: integration!,
+        profile: opts.profile,
+        vitestArgs: separatorIndex === -1 ? [] : process.argv.slice(separatorIndex + 1)
+      });
+
+      return { success: true };
+    })
+  );
+
+cli
+  .command('repl')
+  .option('--profile', 'Profile ID or name')
+  .action(opts => printResult(() => startRepl({ integration: integration!, profile: opts.profile })));
+
+  cli.parse([process.argv[0] ?? 'bun', process.argv[1] ?? 'slates', ...argv.slice(1)]);
+}

package/src/commands/auth.ts

@@ -0,0 +1,405 @@
+import { confirm, select } from '@inquirer/prompts';
+import { SlatesOAuthCredentialRecord, SlatesStoredAuth } from '@slates/profiles';
+import {
+  chooseAuthMethod,
+  createClientContext,
+  createIntegrationClientContext,
+  openIntegrationStore
+} from '../lib/context';
+import { chooseScopes, createOAuthCallbackListener, openBrowser } from '../lib/oauth';
+import {
+  parseJsonObject,
+  parseList,
+  promptForObjectSchema,
+  promptForString
+} from '../lib/prompts';
+import { JsonInput, WithProfile } from '../lib/types';
+
+type JsonObject = Record<string, any>;
+
+type AuthSetupOptions = WithProfile &
+  JsonInput & {
+    authMethodId?: string;
+    clientId?: string;
+    clientSecret?: string;
+    oauthCredential?: string;
+    scopes?: string;
+  };
+
+export let listAuth = async (opts: WithProfile) => {
+  let { store, profile } = await createClientContext(opts);
+  return store.listAuth(profile.id);
+};
+
+export let getAuth = async (opts: WithProfile & { authMethodId?: string }) => {
+  let { store, profile } = await createClientContext(opts);
+  return store.getAuth(profile.id, opts.authMethodId);
+};
+
+export let listOAuthCredentials = async (
+  opts: Pick<WithProfile, 'integration'> & { authMethodId?: string }
+) => {
+  let { store } = await openIntegrationStore(opts.integration);
+  return store.listOAuthCredentials(opts.authMethodId).map(credential => ({
+    id: credential.id,
+    name: credential.name,
+    authMethodId: credential.authMethodId,
+    clientId: credential.clientId
+  }));
+};
+
+export let addOAuthCredentials = async (
+  opts: Pick<WithProfile, 'integration'> & {
+    authMethodId?: string;
+    name?: string;
+    clientId?: string;
+    clientSecret?: string;
+  }
+): Promise<SlatesOAuthCredentialRecord> => {
+  let { store, client } = await createIntegrationClientContext({
+    integration: opts.integration
+  });
+  let authMethod = await chooseAuthMethod({
+    client,
+    authMethodId: opts.authMethodId,
+    forcePrompt: !opts.authMethodId
+  });
+
+  if (authMethod.type !== 'auth.oauth') {
+    throw new Error(`Authentication method ${authMethod.id} is not OAuth.`);
+  }
+
+  let clientId = opts.clientId ?? (await promptForString({ message: 'OAuth client ID' }));
+  let clientSecret =
+    opts.clientSecret ??
+    (await promptForString({ message: 'OAuth client secret', secret: true }));
+  let name =
+    opts.name ??
+    (await promptForString({
+      message: 'Credential name',
+      defaultValue: `${authMethod.name} credentials`
+    }));
+
+  let credential = store.upsertOAuthCredential({
+    name,
+    authMethodId: authMethod.id,
+    clientId,
+    clientSecret
+  });
+  await store.save();
+  return credential;
+};
+
+let createOAuthCredentialInteractive = async (opts: {
+  store: Awaited<ReturnType<typeof createClientContext>>['store'];
+  authMethod: { id: string; name: string; type: string };
+  clientId?: string;
+  clientSecret?: string;
+}) => {
+  let clientId = opts.clientId ?? (await promptForString({ message: 'OAuth client ID' }));
+  let clientSecret =
+    opts.clientSecret ??
+    (await promptForString({ message: 'OAuth client secret', secret: true }));
+  let name = await promptForString({
+    message: 'Credential name',
+    defaultValue: `${opts.authMethod.name} credentials`
+  });
+
+  let credential = opts.store.upsertOAuthCredential({
+    name,
+    authMethodId: opts.authMethod.id,
+    clientId,
+    clientSecret
+  });
+  await opts.store.save();
+  return credential;
+};
+
+let chooseOAuthCredentialsForSetup = async (opts: {
+  store: Awaited<ReturnType<typeof createClientContext>>['store'];
+  authMethod: { id: string; name: string; type: string };
+  clientId?: string;
+  clientSecret?: string;
+  oauthCredential?: string;
+}) => {
+  if (opts.authMethod.type !== 'auth.oauth') {
+    return null;
+  }
+
+  if (opts.clientId || opts.clientSecret) {
+    let credential = await createOAuthCredentialInteractive({
+      store: opts.store,
+      authMethod: opts.authMethod,
+      clientId: opts.clientId,
+      clientSecret: opts.clientSecret
+    });
+    return {
+      credential,
+      clientId: credential.clientId,
+      clientSecret: credential.clientSecret
+    };
+  }
+
+  if (opts.oauthCredential) {
+    let credential = opts.store.getOAuthCredential(opts.oauthCredential, opts.authMethod.id);
+    if (!credential) {
+      throw new Error(`Unknown OAuth credentials: ${opts.oauthCredential}`);
+    }
+
+    return {
+      credential,
+      clientId: credential.clientId,
+      clientSecret: credential.clientSecret
+    };
+  }
+
+  let credentials = opts.store.listOAuthCredentials(opts.authMethod.id);
+  if (credentials.length === 0) {
+    let credential = await createOAuthCredentialInteractive({
+      store: opts.store,
+      authMethod: opts.authMethod
+    });
+    return {
+      credential,
+      clientId: credential.clientId,
+      clientSecret: credential.clientSecret
+    };
+  }
+
+  if (credentials.length === 1) {
+    let useExisting = await confirm({
+      message: `Use saved OAuth credentials "${credentials[0]!.name}"?`,
+      default: true
+    });
+
+    if (useExisting) {
+      let credential = credentials[0]!;
+      return {
+        credential,
+        clientId: credential.clientId,
+        clientSecret: credential.clientSecret
+      };
+    }
+
+    let credential = await createOAuthCredentialInteractive({
+      store: opts.store,
+      authMethod: opts.authMethod
+    });
+    return {
+      credential,
+      clientId: credential.clientId,
+      clientSecret: credential.clientSecret
+    };
+  }
+
+  let selected = await select({
+    message: 'Choose OAuth credentials',
+    choices: [
+      ...credentials.map(credential => ({
+        name: `${credential.name} (${credential.clientId})`,
+        value: credential.id
+      })),
+      {
+        name: 'Create new OAuth credentials',
+        value: '__new__'
+      }
+    ]
+  });
+
+  if (selected === '__new__') {
+    let credential = await createOAuthCredentialInteractive({
+      store: opts.store,
+      authMethod: opts.authMethod
+    });
+    return {
+      credential,
+      clientId: credential.clientId,
+      clientSecret: credential.clientSecret
+    };
+  }
+
+  let credential = opts.store.getOAuthCredential(selected, opts.authMethod.id);
+  if (!credential) {
+    throw new Error(`Unknown OAuth credentials: ${selected}`);
+  }
+
+  return {
+    credential,
+    clientId: credential.clientId,
+    clientSecret: credential.clientSecret
+  };
+};
+
+let runAuthSetup = async (opts: AuthSetupOptions): Promise<SlatesStoredAuth> => {
+  let { store, profile, client } = await createClientContext(opts);
+  let authMethod = await chooseAuthMethod({
+    client,
+    authMethodId: opts.authMethodId,
+    forcePrompt: !opts.authMethodId
+  });
+
+  let defaultInput = authMethod.capabilities.getDefaultInput?.enabled
+    ? ((await client.getDefaultAuthInput(authMethod.id)).input ?? {})
+    : {};
+  let authInput =
+    parseJsonObject(opts.input, 'auth input') ??
+    (await promptForObjectSchema(authMethod.inputSchema, defaultInput));
+
+  if (authMethod.capabilities.handleChangedInput?.enabled) {
+    authInput =
+      (
+        await client.updateAuthInput({
+          authenticationMethodId: authMethod.id,
+          previousInput: null,
+          newInput: authInput
+        })
+      ).input ?? authInput;
+  }
+
+  let output: JsonObject;
+  let finalInput = authInput;
+  let callbackState: JsonObject | null = null;
+  let scopes = parseList(opts.scopes);
+
+  if (authMethod.type === 'auth.oauth') {
+    let callback = await createOAuthCallbackListener();
+    console.log(`OAuth redirect URL: ${callback.redirectUri}`);
+
+    let resolvedOAuthCredentials = await chooseOAuthCredentialsForSetup({
+      store,
+      authMethod,
+      clientId: opts.clientId,
+      clientSecret: opts.clientSecret,
+      oauthCredential: opts.oauthCredential
+    });
+    if (!resolvedOAuthCredentials) {
+      throw new Error(`Authentication method ${authMethod.id} is not OAuth.`);
+    }
+
+    let clientId = resolvedOAuthCredentials.clientId;
+    let clientSecret = resolvedOAuthCredentials.clientSecret;
+    scopes = await chooseScopes(authMethod, scopes);
+
+    let authorizationUrl = await client.getAuthorizationUrl({
+      authenticationMethodId: authMethod.id,
+      redirectUri: callback.redirectUri,
+      state: callback.state,
+      input: authInput,
+      clientId,
+      clientSecret,
+      scopes
+    });
+
+    callbackState = authorizationUrl.callbackState ?? null;
+    finalInput = authorizationUrl.input ?? authInput;
+
+    await openBrowser(authorizationUrl.authorizationUrl);
+    let callbackResult = await callback.wait();
+    if (callbackResult.state !== callback.state) {
+      throw new Error('OAuth state mismatch.');
+    }
+
+    let authOutput = await client.handleAuthorizationCallback({
+      authenticationMethodId: authMethod.id,
+      code: callbackResult.code,
+      state: callbackResult.state,
+      redirectUri: callback.redirectUri,
+      input: finalInput,
+      clientId,
+      clientSecret,
+      scopes,
+      callbackState: callbackState ?? undefined
+    });
+
+    output = authOutput.output;
+    finalInput = authOutput.input ?? finalInput;
+    scopes = authOutput.scopes ?? scopes;
+
+    let profileInfo = authMethod.capabilities.getProfile?.enabled
+      ? await client.getAuthProfile({
+          authenticationMethodId: authMethod.id,
+          output,
+          input: finalInput,
+          scopes
+        })
+      : null;
+
+    let stored = store.upsertAuth(profile.id, {
+      authMethodId: authMethod.id,
+      authMethodName: authMethod.name,
+      authType: authMethod.type,
+      input: finalInput,
+      output,
+      oauthCredentialId: resolvedOAuthCredentials.credential?.id,
+      scopes,
+      clientId,
+      clientSecret,
+      callbackState,
+      profile: profileInfo?.profile ?? null
+    });
+
+    await store.save();
+    return stored;
+  }
+
+  output = (
+    await client.getAuthOutput({
+      authenticationMethodId: authMethod.id,
+      input: authInput
+    })
+  ).output;
+
+  let profileInfo = authMethod.capabilities.getProfile?.enabled
+    ? await client.getAuthProfile({
+        authenticationMethodId: authMethod.id,
+        output,
+        input: finalInput,
+        scopes
+      })
+    : null;
+
+  let stored = store.upsertAuth(profile.id, {
+    authMethodId: authMethod.id,
+    authMethodName: authMethod.name,
+    authType: authMethod.type,
+    input: finalInput,
+    output,
+    scopes,
+    profile: profileInfo?.profile ?? null
+  });
+
+  await store.save();
+  return stored;
+};
+
+export let setupAuth = async (opts: AuthSetupOptions) => runAuthSetup(opts);
+
+export let refreshAuth = async (opts: WithProfile & { authMethodId?: string }) => {
+  let { store, profile, client } = await createClientContext(opts);
+  let storedAuth = store.getAuth(profile.id, opts.authMethodId);
+  if (!storedAuth) {
+    throw new Error('No stored authentication was found for this profile.');
+  }
+
+  let authMethod = await client.getAuthMethod(storedAuth.authMethodId);
+  if (!authMethod.authenticationMethod.capabilities.handleTokenRefresh?.enabled) {
+    throw new Error('This authentication method does not support token refresh.');
+  }
+
+  let refreshed = await client.refreshToken({
+    authenticationMethodId: storedAuth.authMethodId,
+    output: storedAuth.output,
+    input: storedAuth.input,
+    clientId: storedAuth.clientId ?? '',
+    clientSecret: storedAuth.clientSecret ?? '',
+    scopes: storedAuth.scopes
+  });
+
+  let updated = store.upsertAuth(profile.id, {
+    ...storedAuth,
+    input: refreshed.input ?? storedAuth.input,
+    output: refreshed.output
+  });
+  await store.save();
+  return updated;
+};