@slates/cli 1.0.0-rc.4 → 1.0.0-rc.5

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@slates/cli",
-  "version": "1.0.0-rc.4",
+  "version": "1.0.0-rc.5",
   "publishConfig": {
     "access": "public"
   },
@@ -25,9 +25,9 @@
   },
   "dependencies": {
     "@inquirer/prompts": "^7.4.0",
-    "@slates/client": "1.0.0-rc.6",
-    "@slates/oauth-microsoft": "1.0.0-rc.1",
-    "@slates/profiles": "1.0.0-rc.4",
+    "@slates/client": "1.0.0-rc.7",
+    "@slates/oauth-microsoft": "1.0.0-rc.2",
+    "@slates/profiles": "1.0.0-rc.5",
     "sade": "^1.8.1"
   },
   "devDependencies": {

package/src/cli.ts

@@ -59,203 +59,233 @@ if (isGlobalTestCommand) {
 
   cli.parse([process.argv[0] ?? 'bun', process.argv[1] ?? 'slates', ...argv]);
 } else {
+  cli
+    .command('profiles add')
+    .option('--name', 'Profile name')
+    .option('--entry', 'Local slate entry file')
+    .option('--export-name', 'Named export for the local slate provider')
+    .option('--default', 'Use this profile as the default')
+    .action(opts =>
+      printResult(() =>
+        addProfile({
+          integration: integration!,
+          name: opts.name,
+          entry: opts.entry,
+          exportName: opts.exportName,
+          useAsDefault: Boolean(opts.default)
+        })
+      )
+    );
 
-cli
-  .command('profiles add')
-  .option('--name', 'Profile name')
-  .option('--entry', 'Local slate entry file')
-  .option('--export-name', 'Named export for the local slate provider')
-  .option('--default', 'Use this profile as the default')
-  .action(opts =>
-    printResult(() =>
-      addProfile({
-        integration: integration!,
-        name: opts.name,
-        entry: opts.entry,
-        exportName: opts.exportName,
-        useAsDefault: Boolean(opts.default)
-      })
-    )
-  );
+  cli
+    .command('profiles list')
+    .action(() => printResult(() => listProfiles({ integration: integration! })));
 
-cli
-  .command('profiles list')
-  .action(() => printResult(() => listProfiles({ integration: integration! })));
+  cli
+    .command('profiles get [profile]')
+    .action((profile: string | undefined) =>
+      printResult(() => getProfile({ integration: integration!, profile }))
+    );
 
-cli
-  .command('profiles get [profile]')
-  .action((profile: string | undefined) =>
-    printResult(() => getProfile({ integration: integration!, profile }))
-  );
+  cli
+    .command('profiles use [profile]')
+    .action((profile: string | undefined) =>
+      printResult(() => useProfile({ integration: integration!, profile }))
+    );
 
-cli
-  .command('profiles use [profile]')
-  .action((profile: string | undefined) =>
-    printResult(() => useProfile({ integration: integration!, profile }))
-  );
+  cli
+    .command('profiles remove [profile]')
+    .action((profile: string | undefined) =>
+      printResult(() => removeProfile({ integration: integration!, profile }))
+    );
 
-cli
-  .command('profiles remove [profile]')
-  .action((profile: string | undefined) =>
-    printResult(() => removeProfile({ integration: integration!, profile }))
-  );
+  cli
+    .command('setup')
+    .option('--name', 'Profile name')
+    .option('--export-name', 'Named export for the local slate provider')
+    .action(opts =>
+      printResult(() =>
+        setupIntegration({
+          integration: integration!,
+          name: opts.name,
+          exportName: opts.exportName
+        })
+      )
+    );
 
-cli
-  .command('setup')
-  .option('--name', 'Profile name')
-  .option('--export-name', 'Named export for the local slate provider')
-  .action(opts =>
-    printResult(() =>
-      setupIntegration({
-        integration: integration!,
-        name: opts.name,
-        exportName: opts.exportName
-      })
-    )
-  );
+  cli
+    .command('tools list')
+    .option('--profile', 'Profile ID or name')
+    .action(opts =>
+      printResult(() =>
+        listTools({
+          integration: integration!,
+          profile: opts.profile
+        })
+      )
+    );
 
-cli
-  .command('tools list')
-  .option('--profile', 'Profile ID or name')
-  .action(opts => printResult(() => listTools({ integration: integration!, profile: opts.profile })));
+  cli
+    .command('tools get [toolId]')
+    .option('--profile', 'Profile ID or name')
+    .action((toolId: string | undefined, opts) =>
+      printResult(() =>
+        getTool({
+          integration: integration!,
+          profile: opts.profile,
+          toolId
+        })
+      )
+    );
 
-cli
-  .command('tools get [toolId]')
-  .option('--profile', 'Profile ID or name')
-  .action((toolId: string | undefined, opts) =>
-    printResult(() => getTool({ integration: integration!, profile: opts.profile, toolId }))
-  );
-
-cli
-  .command('tools schema [toolId]')
-  .option('--profile', 'Profile ID or name')
-  .action((toolId: string | undefined, opts) =>
-    printResult(async () => {
-      let tool = await getTool({ integration: integration!, profile: opts.profile, toolId });
-      return tool.inputSchema;
-    })
-  );
-
-cli
-  .command('tools call [toolId]')
-  .option('--profile', 'Profile ID or name')
-  .option('--input', 'JSON input object')
-  .option('--auth-method-id', 'Preferred auth method ID')
-  .action((toolId: string | undefined, opts) =>
-    printResult(() =>
-      callTool({
-        integration: integration!,
-        profile: opts.profile,
-        toolId,
-        input: opts.input,
-        authMethodId: opts.authMethodId
+  cli
+    .command('tools schema [toolId]')
+    .option('--profile', 'Profile ID or name')
+    .action((toolId: string | undefined, opts) =>
+      printResult(async () => {
+        let tool = await getTool({
+          integration: integration!,
+          profile: opts.profile,
+          toolId
+        });
+        return tool.inputSchema;
       })
-    )
-  );
+    );
 
-cli
-  .command('auth list')
-  .option('--profile', 'Profile ID or name')
-  .action(opts => printResult(() => listAuth({ integration: integration!, profile: opts.profile })));
+  cli
+    .command('tools call [toolId]')
+    .option('--profile', 'Profile ID or name')
+    .option('--input', 'JSON input object')
+    .option('--auth-method-id', 'Preferred auth method ID')
+    .action((toolId: string | undefined, opts) =>
+      printResult(() =>
+        callTool({
+          integration: integration!,
+          profile: opts.profile,
+          toolId,
+          input: opts.input,
+          authMethodId: opts.authMethodId
+        })
+      )
+    );
 
-cli
-  .command('auth get [authMethodId]')
-  .option('--profile', 'Profile ID or name')
-  .action((authMethodId: string | undefined, opts) =>
-    printResult(() => getAuth({ integration: integration!, profile: opts.profile, authMethodId }))
-  );
+  cli
+    .command('auth list')
+    .option('--profile', 'Profile ID or name')
+    .action(opts =>
+      printResult(() => listAuth({ integration: integration!, profile: opts.profile }))
+    );
 
-cli
-  .command('auth setup [authMethodId]')
-  .option('--profile', 'Profile ID or name')
-  .option('--input', 'JSON auth input object')
-  .option('--oauth-credential', 'OAuth credential ID or name')
-  .option('--client-id', 'OAuth client ID')
-  .option('--client-secret', 'OAuth client secret')
-  .option('--scopes', 'Comma-separated OAuth scopes')
-  .action((authMethodId: string | undefined, opts) =>
-    printResult(() =>
-      setupAuth({
-        integration: integration!,
-        profile: opts.profile,
-        authMethodId,
-        input: opts.input,
-        oauthCredential: opts.oauthCredential,
-        clientId: opts.clientId,
-        clientSecret: opts.clientSecret,
-        scopes: opts.scopes
-      })
-    )
-  );
+  cli
+    .command('auth get [authMethodId]')
+    .option('--profile', 'Profile ID or name')
+    .action((authMethodId: string | undefined, opts) =>
+      printResult(() =>
+        getAuth({ integration: integration!, profile: opts.profile, authMethodId })
+      )
+    );
 
-cli
-  .command('auth credentials list [authMethodId]')
-  .action((authMethodId: string | undefined) =>
-    printResult(() => listOAuthCredentials({ integration: integration!, authMethodId }))
-  );
+  cli
+    .command('auth setup [authMethodId]')
+    .option('--profile', 'Profile ID or name')
+    .option('--input', 'JSON auth input object')
+    .option('--oauth-credential', 'OAuth credential ID or name')
+    .option('--client-id', 'OAuth client ID')
+    .option('--client-secret', 'OAuth client secret')
+    .option('--scopes', 'Comma-separated OAuth scopes')
+    .action((authMethodId: string | undefined, opts) =>
+      printResult(() =>
+        setupAuth({
+          integration: integration!,
+          profile: opts.profile,
+          authMethodId,
+          input: opts.input,
+          oauthCredential: opts.oauthCredential,
+          clientId: opts.clientId,
+          clientSecret: opts.clientSecret,
+          scopes: opts.scopes
+        })
+      )
+    );
 
-cli
-  .command('auth credentials add [authMethodId]')
-  .option('--name', 'Credential name')
-  .option('--client-id', 'OAuth client ID')
-  .option('--client-secret', 'OAuth client secret')
-  .action((authMethodId: string | undefined, opts) =>
-    printResult(() =>
-      addOAuthCredentials({
-        integration: integration!,
-        authMethodId,
-        name: opts.name,
-        clientId: opts.clientId,
-        clientSecret: opts.clientSecret
-      })
-    )
-  );
+  cli
+    .command('auth credentials list [authMethodId]')
+    .action((authMethodId: string | undefined) =>
+      printResult(() => listOAuthCredentials({ integration: integration!, authMethodId }))
+    );
 
-cli
-  .command('auth refresh [authMethodId]')
-  .option('--profile', 'Profile ID or name')
-  .action((authMethodId: string | undefined, opts) =>
-    printResult(() => refreshAuth({ integration: integration!, profile: opts.profile, authMethodId }))
-  );
+  cli
+    .command('auth credentials add [authMethodId]')
+    .option('--name', 'Credential name')
+    .option('--client-id', 'OAuth client ID')
+    .option('--client-secret', 'OAuth client secret')
+    .action((authMethodId: string | undefined, opts) =>
+      printResult(() =>
+        addOAuthCredentials({
+          integration: integration!,
+          authMethodId,
+          name: opts.name,
+          clientId: opts.clientId,
+          clientSecret: opts.clientSecret
+        })
+      )
+    );
 
-cli
-  .command('config get')
-  .option('--profile', 'Profile ID or name')
-  .action(opts => printResult(() => getConfig({ integration: integration!, profile: opts.profile })));
+  cli
+    .command('auth refresh [authMethodId]')
+    .option('--profile', 'Profile ID or name')
+    .action((authMethodId: string | undefined, opts) =>
+      printResult(() =>
+        refreshAuth({ integration: integration!, profile: opts.profile, authMethodId })
+      )
+    );
 
-cli
-  .command('config set')
-  .option('--profile', 'Profile ID or name')
-  .option('--input', 'JSON config object')
-  .action(opts =>
-    printResult(() => setConfig({ integration: integration!, profile: opts.profile, input: opts.input }))
-  );
+  cli
+    .command('config get')
+    .option('--profile', 'Profile ID or name')
+    .action(opts =>
+      printResult(() => getConfig({ integration: integration!, profile: opts.profile }))
+    );
 
-cli
-  .command('config schema')
-  .option('--profile', 'Profile ID or name')
-  .action(opts => printResult(() => getConfigSchema({ integration: integration!, profile: opts.profile })));
+  cli
+    .command('config set')
+    .option('--profile', 'Profile ID or name')
+    .option('--input', 'JSON config object')
+    .action(opts =>
+      printResult(() =>
+        setConfig({ integration: integration!, profile: opts.profile, input: opts.input })
+      )
+    );
 
-cli
-  .command('test')
-  .option('--profile', 'Profile ID or name')
-  .action(opts =>
-    printResult(async () => {
-      let separatorIndex = process.argv.indexOf('--');
-      await runVitestWithProfile({
-        integration: integration!,
-        profile: opts.profile,
-        vitestArgs: separatorIndex === -1 ? [] : process.argv.slice(separatorIndex + 1)
-      });
+  cli
+    .command('config schema')
+    .option('--profile', 'Profile ID or name')
+    .action(opts =>
+      printResult(() => getConfigSchema({ integration: integration!, profile: opts.profile }))
+    );
 
-      return { success: true };
-    })
-  );
+  cli
+    .command('test')
+    .option('--profile', 'Profile ID or name')
+    .action(opts =>
+      printResult(async () => {
+        let separatorIndex = process.argv.indexOf('--');
+        await runVitestWithProfile({
+          integration: integration!,
+          profile: opts.profile,
+          vitestArgs: separatorIndex === -1 ? [] : process.argv.slice(separatorIndex + 1)
+        });
+
+        return { success: true };
+      })
+    );
 
-cli
-  .command('repl')
-  .option('--profile', 'Profile ID or name')
-  .action(opts => printResult(() => startRepl({ integration: integration!, profile: opts.profile })));
+  cli
+    .command('repl')
+    .option('--profile', 'Profile ID or name')
+    .action(opts =>
+      printResult(() => startRepl({ integration: integration!, profile: opts.profile }))
+    );
 
   cli.parse([process.argv[0] ?? 'bun', process.argv[1] ?? 'slates', ...argv.slice(1)]);
 }

package/src/commands/auth.test.ts

@@ -0,0 +1,36 @@
+import { describe, expect, it } from 'vitest';
+import { normalizeCallbackRedirectUriForIntegration } from './auth';
+
+describe('normalizeCallbackRedirectUriForIntegration', () => {
+  it('normalizes Notion loopback redirects to localhost', () => {
+    expect(
+      normalizeCallbackRedirectUriForIntegration('notion', 'http://127.0.0.1:45873/callback')
+    ).toBe('http://localhost:45873/callback');
+  });
+
+  it('leaves unrelated integration redirects unchanged', () => {
+    expect(
+      normalizeCallbackRedirectUriForIntegration('attio', 'http://127.0.0.1:45873/callback')
+    ).toBe('http://127.0.0.1:45873/callback');
+  });
+
+  it('normalizes HubSpot developer platform OAuth redirects to localhost', () => {
+    expect(
+      normalizeCallbackRedirectUriForIntegration(
+        'hubspot',
+        'http://127.0.0.1:45873/callback',
+        'developer_platform_oauth'
+      )
+    ).toBe('http://localhost:45873/callback');
+  });
+
+  it('leaves HubSpot legacy OAuth redirects unchanged', () => {
+    expect(
+      normalizeCallbackRedirectUriForIntegration(
+        'hubspot',
+        'http://127.0.0.1:45873/callback',
+        'oauth'
+      )
+    ).toBe('http://127.0.0.1:45873/callback');
+  });
+});

package/src/commands/auth.ts

@@ -1,5 +1,8 @@
 import { confirm, select } from '@inquirer/prompts';
-import { normalizeMicrosoftRedirectUriForIntegration } from '@slates/oauth-microsoft';
+import {
+  normalizeMicrosoftRedirectUri,
+  normalizeMicrosoftRedirectUriForIntegration
+} from '@slates/oauth-microsoft';
 import { SlatesOAuthCredentialRecord, SlatesStoredAuth } from '@slates/profiles';
 import {
   chooseAuthMethod,
@@ -17,6 +20,14 @@ import {
 import { JsonInput, WithProfile } from '../lib/types';
 
 type JsonObject = Record<string, any>;
+let NOTION_INTEGRATION_KEY = 'notion';
+let SALESFORCE_INTEGRATION_KEY = 'salesforce';
+let HUBSPOT_INTEGRATION_KEY = 'hubspot';
+let HUBSPOT_DEVELOPER_PLATFORM_OAUTH_METHOD_ID = 'developer_platform_oauth';
+let LOOPBACK_REDIRECT_NORMALIZED_INTEGRATIONS = new Set([
+  NOTION_INTEGRATION_KEY,
+  SALESFORCE_INTEGRATION_KEY
+]);
 
 type AuthSetupOptions = WithProfile &
   JsonInput & {
@@ -27,6 +38,22 @@ type AuthSetupOptions = WithProfile &
     scopes?: string;
   };
 
+export let normalizeCallbackRedirectUriForIntegration = (
+  integration: string,
+  redirectUri: string,
+  authMethodId?: string
+) => {
+  if (
+    LOOPBACK_REDIRECT_NORMALIZED_INTEGRATIONS.has(integration) ||
+    (integration === HUBSPOT_INTEGRATION_KEY &&
+      authMethodId === HUBSPOT_DEVELOPER_PLATFORM_OAUTH_METHOD_ID)
+  ) {
+    return normalizeMicrosoftRedirectUri(redirectUri);
+  }
+
+  return normalizeMicrosoftRedirectUriForIntegration(integration, redirectUri);
+};
+
 export let listAuth = async (opts: WithProfile) => {
   let { store, profile } = await createClientContext(opts);
   return store.listAuth(profile.id);
@@ -232,7 +259,11 @@ let chooseOAuthCredentialsForSetup = async (opts: {
 };
 
 let runAuthSetup = async (opts: AuthSetupOptions): Promise<SlatesStoredAuth> => {
-  let { store, profile, client } = await createClientContext(opts);
+  let { store, profile, client } = await createClientContext({
+    ...opts,
+    autoRefresh: false
+  });
+  client.clearAuth();
   let authMethod = await chooseAuthMethod({
     client,
     authMethodId: opts.authMethodId,
@@ -264,9 +295,10 @@ let runAuthSetup = async (opts: AuthSetupOptions): Promise<SlatesStoredAuth> =>
 
   if (authMethod.type === 'auth.oauth') {
     let callback = await createOAuthCallbackListener();
-    let redirectUri = normalizeMicrosoftRedirectUriForIntegration(
+    let redirectUri = normalizeCallbackRedirectUriForIntegration(
       opts.integration,
-      callback.redirectUri
+      callback.redirectUri,
+      authMethod.id
     );
     console.log(`OAuth redirect URL: ${redirectUri}`);
 

package/src/lib/context.ts

@@ -71,9 +71,16 @@ export let chooseProfile = async (d: {
   };
 };
 
-export let createClientContext = async (opts: { integration: string; profile?: string }) => {
+export let createClientContext = async (opts: {
+  integration: string;
+  profile?: string;
+  autoRefresh?: boolean;
+}) => {
   let { integration, store, profile } = await chooseProfile(opts);
-  let client = await createSlatesClientFromProfile(profile, { store });
+  let client = await createSlatesClientFromProfile(profile, {
+    store,
+    autoRefresh: opts.autoRefresh
+  });
   return { integration, store, profile, client };
 };
 

package/src/lib/oauth.ts

@@ -21,7 +21,7 @@ export let chooseScopes = async (
       checked:
         initialScopes.length > 0
           ? initialScopes.includes(scope.id)
-          : scope.defaultChecked ?? true
+          : (scope.defaultChecked ?? true)
     }))
   })) as string[];
 };
@@ -45,10 +45,34 @@ export let createOAuthCallbackListener = async () => {
         let url = new URL(req.url ?? '/', 'http://127.0.0.1');
         let code = url.searchParams.get('code');
         let state = url.searchParams.get('state');
+        let oauthError = url.searchParams.get('error');
+        let oauthErrorDescription = url.searchParams.get('error_description');
+        let oauthErrorUri = url.searchParams.get('error_uri');
+
+        if (oauthError) {
+          let description = oauthErrorDescription ?? 'No error description was provided.';
+          let errorMessage = `OAuth callback returned "${oauthError}": ${description}${
+            oauthErrorUri ? ` (${oauthErrorUri})` : ''
+          }`;
+
+          res.statusCode = 400;
+          res.end(errorMessage);
+          server.close();
+          settled = true;
+          waiter.reject(new Error(errorMessage));
+          return;
+        }
 
         if (!code || !state) {
           res.statusCode = 400;
           res.end('Missing code or state.');
+          server.close();
+          settled = true;
+          waiter.reject(
+            new Error(
+              `OAuth callback did not include the required query parameters. Received path: ${url.pathname}${url.search}`
+            )
+          );
           return;
         }