@smonn/ids 0.3.4 → 0.4.0

package/dist/cli.mjs

@@ -1,38 +1,161 @@
 #!/usr/bin/env node
-import { t as createId } from "./id-CcoPE2EX.mjs";
-import { i as encodeOpaqueKey, n as importOpaqueKey, r as decodeOpaqueKey, t as createOpaqueId } from "./opaque-B-ttBfHO.mjs";
-//#region src/cli.ts
-async function run(opts) {
-	const [subcommand, ...rest] = opts.argv;
-	if (subcommand === "generate" || subcommand === "g") return runGenerate(rest, opts);
-	if (subcommand === "inspect" || subcommand === "i") return runInspect(rest, opts);
-	if (subcommand === "keygen" || subcommand === "k") return runKeygen(rest, opts);
-	if (subcommand === void 0 || subcommand === "--help" || subcommand === "-h") {
-		opts.stdout(usage());
-		return 0;
+import { t as createTimestampId } from "./timestamp-BjdAetut.mjs";
+import { i as encodeOpaqueKey, n as importOpaqueKey, r as decodeOpaqueKey, t as createOpaqueTimestampId } from "./opaque-CX-Lc5B9.mjs";
+//#region src/cli/codec-options.ts
+function codecOpts(opts) {
+	const o = { allowDuplicateBrand: true };
+	if (opts.now !== void 0) o.now = opts.now;
+	if (opts.rng !== void 0) o.rng = opts.rng;
+	return o;
+}
+//#endregion
+//#region src/cli/constants.ts
+const maxGenerateCount = 1e4;
+//#endregion
+//#region src/cli/flags.ts
+function splitFlagToken(arg) {
+	const eq = arg.indexOf("=");
+	if (eq <= 0) return {
+		flag: arg,
+		inlineValue: void 0
+	};
+	return {
+		flag: arg.slice(0, eq),
+		inlineValue: arg.slice(eq + 1)
+	};
+}
+function splitFlags(args) {
+	const flags = /* @__PURE__ */ new Set();
+	const values = /* @__PURE__ */ new Map();
+	const positionals = [];
+	const errors = [];
+	const seenFlags = /* @__PURE__ */ new Set();
+	const valueFlags = new Set([
+		"--count",
+		"-c",
+		"--bits",
+		"--key-format"
+	]);
+	const addFlag = (flag) => {
+		const canonical = canonicalFlag(flag);
+		if (seenFlags.has(canonical)) errors.push(`duplicate flag: ${canonical}`);
+		seenFlags.add(canonical);
+		flags.add(flag);
+	};
+	for (let i = 0; i < args.length; i++) {
+		const raw = args[i];
+		const { flag, inlineValue } = splitFlagToken(raw);
+		if (flag === "--opaque") {
+			addFlag(flag);
+			if (inlineValue !== void 0) errors.push("flag does not take a value: --opaque");
+			continue;
+		}
+		if (valueFlags.has(flag)) {
+			if (inlineValue !== void 0) {
+				addFlag(flag);
+				values.set(flag, inlineValue);
+				continue;
+			}
+			const value = args[i + 1];
+			if (value === void 0 || value.startsWith("-")) {
+				addFlag(flag);
+				values.set(flag, "");
+				continue;
+			}
+			addFlag(flag);
+			values.set(flag, value);
+			i++;
+			continue;
+		}
+		if (flag.startsWith("-")) {
+			addFlag(flag);
+			continue;
+		}
+		positionals.push(raw);
 	}
-	opts.stderr(usage());
-	return 1;
+	return {
+		flags,
+		values,
+		positionals,
+		errors
+	};
 }
-function usage() {
-	return [
-		"Usage: ids <subcommand> [args]",
-		"",
-		"Subcommands:",
-		"  inspect, i <id> [--opaque] [--key-format hex|base64url]",
-		"    Decode an ID and print brand, timestamp, and canonical form.",
-		"    --opaque reads the AES key from IDS_KEY (hex by default; IDS_KEY_FORMAT or --key-format).",
-		"  generate, g <brand> [--count, -c N] [--opaque] [--key-format hex|base64url]",
-		"    Mint one or more canonical IDs for the given brand.",
-		"    --opaque reads the AES key from IDS_KEY (hex by default; IDS_KEY_FORMAT or --key-format).",
-		"  keygen, k [--bits 128|192|256] [--key-format hex|base64url]",
-		"    Emit a random AES key for importOpaqueKey (stdout only).",
-		""
-	].join("\n");
+function canonicalFlag(flag) {
+	if (flag === "-c") return "--count";
+	return flag;
 }
-function runInspect(args, opts) {
+const knownFlags = new Set([
+	"--opaque",
+	"--key-format",
+	"--count",
+	"-c",
+	"--bits"
+]);
+function unsupportedFlagForCommand(command, flags, allowed) {
+	for (const flag of flags) if (!allowed.has(flag)) return knownFlags.has(flag) ? `unsupported flag for ${command}: ${flag}` : `unsupported flag: ${flag}`;
+}
+function parseCount(values) {
+	const raw = values.get("--count") ?? values.get("-c");
+	if (raw === void 0) return 1;
+	if (raw === "") return "--count requires a value";
+	if (!/^[1-9][0-9]*$/.test(raw)) return `--count must be a positive integer, got '${raw}'`;
+	const count = Number.parseInt(raw, 10);
+	if (!Number.isSafeInteger(count) || count > 1e4) return `--count must be at most ${maxGenerateCount}, got '${raw}'`;
+	return count;
+}
+function parseBits(values) {
+	const raw = values.get("--bits");
+	if (raw === void 0) return 256;
+	if (raw === "") return "--bits requires a value";
+	if (raw === "128") return 128;
+	if (raw === "192") return 192;
+	if (raw === "256") return 256;
+	return `--bits must be 128, 192, or 256, got '${raw}'`;
+}
+//#endregion
+//#region src/cli/opaque-key.ts
+function isKeyFormatError(result) {
+	return result !== "hex" && result !== "base64url";
+}
+function parseKeyFormatFlag(values) {
+	const fromFlag = values.get("--key-format");
+	if (fromFlag === void 0) return void 0;
+	if (fromFlag === "") return "--key-format requires a value";
+	if (fromFlag === "hex" || fromFlag === "base64url") return fromFlag;
+	return `--key-format must be hex or base64url, got '${fromFlag}'`;
+}
+function parseKeygenFormat(values) {
+	const fromFlag = parseKeyFormatFlag(values);
+	if (fromFlag === void 0) return "hex";
+	return fromFlag;
+}
+function parseOpaqueKeyFormat(values, opts) {
+	const fromFlag = parseKeyFormatFlag(values);
+	if (fromFlag !== void 0) return fromFlag;
+	const fromEnv = (opts.env ?? process.env).IDS_KEY_FORMAT;
+	if (fromEnv === void 0 || fromEnv === "") return "hex";
+	if (fromEnv === "hex" || fromEnv === "base64url") return fromEnv;
+	return `IDS_KEY_FORMAT must be hex or base64url, got '${fromEnv}'`;
+}
+async function loadOpaqueKey(opts, format) {
+	const raw = (opts.env ?? process.env).IDS_KEY;
+	if (raw === void 0 || raw === "") return "missing IDS_KEY environment variable";
+	try {
+		return importOpaqueKey(decodeOpaqueKey(raw, format));
+	} catch (err) {
+		return err.message;
+	}
+}
+//#endregion
+//#region src/cli/commands/generate.ts
+function runGenerate(args, opts) {
 	const { flags, values, positionals, errors } = splitFlags(args);
-	const unsupported = unsupportedFlagForCommand("inspect", flags, new Set(["--opaque", "--key-format"]));
+	const unsupported = unsupportedFlagForCommand("generate", flags, new Set([
+		"--count",
+		"-c",
+		"--opaque",
+		"--key-format"
+	]));
 	if (unsupported !== void 0) {
 		opts.stderr(unsupported + "\n");
 		return Promise.resolve(1);
@@ -41,57 +164,41 @@ function runInspect(args, opts) {
 		opts.stderr(errors[0] + "\n");
 		return Promise.resolve(1);
 	}
-	const [input] = positionals;
-	if (input === void 0) {
-		opts.stderr(usage());
-		return Promise.resolve(1);
-	}
 	const extra = positionals[1];
 	if (extra !== void 0) {
 		opts.stderr(`unexpected argument: ${extra}\n`);
 		return Promise.resolve(1);
 	}
+	const [brand] = positionals;
+	const count = parseCount(values);
+	if (typeof count === "string") {
+		opts.stderr(count + "\n");
+		return Promise.resolve(1);
+	}
 	const opaque = flags.has("--opaque");
 	if (!opaque && flags.has("--key-format")) {
 		opts.stderr("--key-format requires --opaque\n");
 		return Promise.resolve(1);
 	}
-	const brand = input.slice(0, 3).toLowerCase();
 	if (opaque) {
 		const format = parseOpaqueKeyFormat(values, opts);
 		if (isKeyFormatError(format)) {
 			opts.stderr(format + "\n");
 			return Promise.resolve(1);
 		}
-		return runOpaqueInspect(brand, input, format, opts);
+		return runOpaqueGenerate(brand ?? "", count, format, opts);
 	}
 	let codec;
 	try {
-		codec = createId(brand, codecOpts(opts));
+		codec = createTimestampId(brand ?? "", codecOpts(opts));
 	} catch (err) {
 		opts.stderr(err.message + "\n");
 		return Promise.resolve(1);
 	}
-	const validation = codec["~standard"].validate(input);
-	if (validation.issues) {
-		opts.stderr(validation.issues[0].message + "\n");
-		return Promise.resolve(1);
-	}
-	const canonical = validation.value;
-	const timestamp = codec.extractTimestamp(canonical);
-	const nowMs = (opts.now ?? Date.now)();
-	const relative = formatRelative(timestamp.getTime(), nowMs);
-	const inputLine = describeInputForm(input, canonical);
-	opts.stdout([
-		`brand:     ${brand}`,
-		`timestamp: ${timestamp.toISOString()} (${relative})`,
-		`canonical: ${canonical}`,
-		`input:     ${inputLine}`,
-		""
-	].join("\n"));
+	for (let i = 0; i < count; i++) opts.stdout(codec.generate() + "\n");
 	return Promise.resolve(0);
 }
-async function runOpaqueInspect(brand, input, format, opts) {
+async function runOpaqueGenerate(brand, count, format, opts) {
 	const keyResult = await loadOpaqueKey(opts, format);
 	if (typeof keyResult === "string") {
 		opts.stderr(keyResult + "\n");
@@ -99,7 +206,7 @@ async function runOpaqueInspect(brand, input, format, opts) {
 	}
 	let codec;
 	try {
-		codec = createOpaqueId(brand, {
+		codec = createOpaqueTimestampId(brand, {
 			key: keyResult,
 			...codecOpts(opts)
 		});
@@ -107,25 +214,21 @@ async function runOpaqueInspect(brand, input, format, opts) {
 		opts.stderr(err.message + "\n");
 		return 1;
 	}
-	const validation = codec["~standard"].validate(input);
-	if (validation.issues) {
-		opts.stderr(validation.issues[0].message + "\n");
-		return 1;
-	}
-	const canonical = validation.value;
-	const timestamp = await codec.extractTimestamp(canonical);
-	const nowMs = (opts.now ?? Date.now)();
-	const relative = formatRelative(timestamp.getTime(), nowMs);
-	const inputLine = describeInputForm(input, canonical);
-	opts.stderr("note: timestamp assumes IDS_KEY matches the key used at generation; a wrong key yields a plausible but incorrect timestamp\n");
-	opts.stdout([
-		`brand:     ${brand}`,
-		`timestamp: ${timestamp.toISOString()} (${relative})`,
-		`canonical: ${canonical}`,
+	for (let i = 0; i < count; i++) opts.stdout(await codec.generate() + "\n");
+	return 0;
+}
+//#endregion
+//#region src/cli/format.ts
+function formatInspectOutput(result) {
+	const relative = formatRelative(result.timestamp.getTime(), result.nowMs);
+	const inputLine = describeInputForm(result.input, result.canonical);
+	return [
+		`brand:     ${result.brand}`,
+		`timestamp: ${result.timestamp.toISOString()} (${relative})`,
+		`canonical: ${result.canonical}`,
 		`input:     ${inputLine}`,
 		""
-	].join("\n"));
-	return 0;
+	].join("\n");
 }
 function describeInputForm(input, canonical) {
 	if (input === canonical) return "canonical";
@@ -160,14 +263,29 @@ function headUnits(abs) {
 function unit(n, name) {
 	return `${n} ${n === 1 ? name : `${name}s`}`;
 }
-function runGenerate(args, opts) {
+//#endregion
+//#region src/cli/usage.ts
+function usage() {
+	return [
+		"Usage: ids <subcommand> [args]",
+		"",
+		"Subcommands:",
+		"  inspect, i <id> [--opaque] [--key-format hex|base64url]",
+		"    Decode an ID and print brand, timestamp, and canonical form.",
+		"    --opaque reads the AES key from IDS_KEY (hex by default; IDS_KEY_FORMAT or --key-format).",
+		"  generate, g <brand> [--count, -c N] [--opaque] [--key-format hex|base64url]",
+		`    Mint 1..${maxGenerateCount} canonical IDs for the given brand.`,
+		"    --opaque reads the AES key from IDS_KEY (hex by default; IDS_KEY_FORMAT or --key-format).",
+		"  keygen, k [--bits 128|192|256] [--key-format hex|base64url]",
+		"    Emit a random AES key for importOpaqueKey (stdout only).",
+		""
+	].join("\n");
+}
+//#endregion
+//#region src/cli/commands/inspect.ts
+function runInspect(args, opts) {
 	const { flags, values, positionals, errors } = splitFlags(args);
-	const unsupported = unsupportedFlagForCommand("generate", flags, new Set([
-		"--count",
-		"-c",
-		"--opaque",
-		"--key-format"
-	]));
+	const unsupported = unsupportedFlagForCommand("inspect", flags, new Set(["--opaque", "--key-format"]));
 	if (unsupported !== void 0) {
 		opts.stderr(unsupported + "\n");
 		return Promise.resolve(1);
@@ -176,41 +294,55 @@ function runGenerate(args, opts) {
 		opts.stderr(errors[0] + "\n");
 		return Promise.resolve(1);
 	}
+	const [input] = positionals;
+	if (input === void 0) {
+		opts.stderr(usage());
+		return Promise.resolve(1);
+	}
 	const extra = positionals[1];
 	if (extra !== void 0) {
 		opts.stderr(`unexpected argument: ${extra}\n`);
 		return Promise.resolve(1);
 	}
-	const [brand] = positionals;
-	const count = parseCount(values);
-	if (typeof count === "string") {
-		opts.stderr(count + "\n");
-		return Promise.resolve(1);
-	}
 	const opaque = flags.has("--opaque");
 	if (!opaque && flags.has("--key-format")) {
 		opts.stderr("--key-format requires --opaque\n");
 		return Promise.resolve(1);
 	}
+	const brand = input.slice(0, 3).toLowerCase();
 	if (opaque) {
 		const format = parseOpaqueKeyFormat(values, opts);
 		if (isKeyFormatError(format)) {
 			opts.stderr(format + "\n");
 			return Promise.resolve(1);
 		}
-		return runOpaqueGenerate(brand ?? "", count, format, opts);
+		return runOpaqueInspect(brand, input, format, opts);
 	}
 	let codec;
 	try {
-		codec = createId(brand ?? "", codecOpts(opts));
+		codec = createTimestampId(brand, codecOpts(opts));
 	} catch (err) {
 		opts.stderr(err.message + "\n");
 		return Promise.resolve(1);
 	}
-	for (let i = 0; i < count; i++) opts.stdout(codec.generate() + "\n");
+	const validation = codec["~standard"].validate(input);
+	if (validation.issues) {
+		opts.stderr(validation.issues[0].message + "\n");
+		return Promise.resolve(1);
+	}
+	const canonical = validation.value;
+	const timestamp = codec.extractTimestamp(canonical);
+	const nowMs = (opts.now ?? Date.now)();
+	opts.stdout(formatInspectOutput({
+		brand,
+		timestamp,
+		canonical,
+		input,
+		nowMs
+	}));
 	return Promise.resolve(0);
 }
-async function runOpaqueGenerate(brand, count, format, opts) {
+async function runOpaqueInspect(brand, input, format, opts) {
 	const keyResult = await loadOpaqueKey(opts, format);
 	if (typeof keyResult === "string") {
 		opts.stderr(keyResult + "\n");
@@ -218,7 +350,7 @@ async function runOpaqueGenerate(brand, count, format, opts) {
 	}
 	let codec;
 	try {
-		codec = createOpaqueId(brand, {
+		codec = createOpaqueTimestampId(brand, {
 			key: keyResult,
 			...codecOpts(opts)
 		});
@@ -226,9 +358,26 @@ async function runOpaqueGenerate(brand, count, format, opts) {
 		opts.stderr(err.message + "\n");
 		return 1;
 	}
-	for (let i = 0; i < count; i++) opts.stdout(await codec.generate() + "\n");
+	const validation = codec["~standard"].validate(input);
+	if (validation.issues) {
+		opts.stderr(validation.issues[0].message + "\n");
+		return 1;
+	}
+	const canonical = validation.value;
+	const timestamp = await codec.extractTimestamp(canonical);
+	const nowMs = (opts.now ?? Date.now)();
+	opts.stderr("note: timestamp assumes IDS_KEY matches the key used at generation; a wrong key yields a plausible but incorrect timestamp\n");
+	opts.stdout(formatInspectOutput({
+		brand,
+		timestamp,
+		canonical,
+		input,
+		nowMs
+	}));
 	return 0;
 }
+//#endregion
+//#region src/cli/commands/keygen.ts
 function runKeygen(args, opts) {
 	const { flags, values, positionals, errors } = splitFlags(args);
 	const unsupported = unsupportedFlagForCommand("keygen", flags, new Set(["--bits", "--key-format"]));
@@ -260,140 +409,32 @@ function runKeygen(args, opts) {
 	opts.stdout(encodeOpaqueKey(bytes, format) + "\n");
 	return Promise.resolve(0);
 }
-async function loadOpaqueKey(opts, format) {
-	const raw = (opts.env ?? process.env).IDS_KEY;
-	if (raw === void 0 || raw === "") return "missing IDS_KEY environment variable";
-	try {
-		return importOpaqueKey(decodeOpaqueKey(raw, format));
-	} catch (err) {
-		return err.message;
+//#endregion
+//#region src/cli.ts
+const commands = [
+	{
+		names: ["generate", "g"],
+		run: runGenerate
+	},
+	{
+		names: ["inspect", "i"],
+		run: runInspect
+	},
+	{
+		names: ["keygen", "k"],
+		run: runKeygen
 	}
-}
-function parseCount(values) {
-	const raw = values.get("--count") ?? values.get("-c");
-	if (raw === void 0) return 1;
-	if (raw === "") return "--count requires a value";
-	if (!/^[1-9][0-9]*$/.test(raw)) return `--count must be a positive integer, got '${raw}'`;
-	return Number(raw);
-}
-function parseBits(values) {
-	const raw = values.get("--bits");
-	if (raw === void 0) return 256;
-	if (raw === "") return "--bits requires a value";
-	if (raw === "128") return 128;
-	if (raw === "192") return 192;
-	if (raw === "256") return 256;
-	return `--bits must be 128, 192, or 256, got '${raw}'`;
-}
-function isKeyFormatError(result) {
-	return result !== "hex" && result !== "base64url";
-}
-function parseKeyFormatFlag(values) {
-	const fromFlag = values.get("--key-format");
-	if (fromFlag === void 0) return void 0;
-	if (fromFlag === "") return "--key-format requires a value";
-	if (fromFlag === "hex" || fromFlag === "base64url") return fromFlag;
-	return `--key-format must be hex or base64url, got '${fromFlag}'`;
-}
-function parseKeygenFormat(values) {
-	const fromFlag = parseKeyFormatFlag(values);
-	if (fromFlag === void 0) return "hex";
-	return fromFlag;
-}
-function parseOpaqueKeyFormat(values, opts) {
-	const fromFlag = parseKeyFormatFlag(values);
-	if (fromFlag !== void 0) return fromFlag;
-	const fromEnv = (opts.env ?? process.env).IDS_KEY_FORMAT;
-	if (fromEnv === void 0 || fromEnv === "") return "hex";
-	if (fromEnv === "hex" || fromEnv === "base64url") return fromEnv;
-	return `IDS_KEY_FORMAT must be hex or base64url, got '${fromEnv}'`;
-}
-function splitFlagToken(arg) {
-	const eq = arg.indexOf("=");
-	if (eq <= 0) return {
-		flag: arg,
-		inlineValue: void 0
-	};
-	return {
-		flag: arg.slice(0, eq),
-		inlineValue: arg.slice(eq + 1)
-	};
-}
-function splitFlags(args) {
-	const flags = /* @__PURE__ */ new Set();
-	const values = /* @__PURE__ */ new Map();
-	const positionals = [];
-	const errors = [];
-	const seenFlags = /* @__PURE__ */ new Set();
-	const valueFlags = new Set([
-		"--count",
-		"-c",
-		"--bits",
-		"--key-format"
-	]);
-	const addFlag = (flag) => {
-		const canonical = canonicalFlag(flag);
-		if (seenFlags.has(canonical)) errors.push(`duplicate flag: ${canonical}`);
-		seenFlags.add(canonical);
-		flags.add(flag);
-	};
-	for (let i = 0; i < args.length; i++) {
-		const raw = args[i];
-		const { flag, inlineValue } = splitFlagToken(raw);
-		if (flag === "--opaque") {
-			addFlag(flag);
-			if (inlineValue !== void 0) errors.push("flag does not take a value: --opaque");
-			continue;
-		}
-		if (valueFlags.has(flag)) {
-			if (inlineValue !== void 0) {
-				addFlag(flag);
-				values.set(flag, inlineValue);
-				continue;
-			}
-			const value = args[i + 1];
-			if (value === void 0 || value.startsWith("-")) {
-				addFlag(flag);
-				values.set(flag, "");
-				continue;
-			}
-			addFlag(flag);
-			values.set(flag, value);
-			i++;
-			continue;
-		}
-		if (flag.startsWith("-")) {
-			addFlag(flag);
-			continue;
-		}
-		positionals.push(raw);
+];
+async function run(opts) {
+	const [subcommand, ...rest] = opts.argv;
+	const command = commands.find((candidate) => candidate.names.includes(subcommand ?? ""));
+	if (command !== void 0) return command.run(rest, opts);
+	if (subcommand === void 0 || subcommand === "--help" || subcommand === "-h") {
+		opts.stdout(usage());
+		return 0;
 	}
-	return {
-		flags,
-		values,
-		positionals,
-		errors
-	};
-}
-function canonicalFlag(flag) {
-	if (flag === "-c") return "--count";
-	return flag;
-}
-const knownFlags = new Set([
-	"--opaque",
-	"--key-format",
-	"--count",
-	"-c",
-	"--bits"
-]);
-function unsupportedFlagForCommand(command, flags, allowed) {
-	for (const flag of flags) if (!allowed.has(flag)) return knownFlags.has(flag) ? `unsupported flag for ${command}: ${flag}` : `unsupported flag: ${flag}`;
-}
-function codecOpts(opts) {
-	const o = { allowDuplicateBrand: true };
-	if (opts.now !== void 0) o.now = opts.now;
-	if (opts.rng !== void 0) o.rng = opts.rng;
-	return o;
+	opts.stderr(usage());
+	return 1;
 }
 //#endregion
 //#region bin/cli.ts