@undefineds.co/xpod 0.3.14 → 0.3.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/config/local.json +5 -5
  2. package/config/xpod.json +24 -10
  3. package/dist/cli/commands/auth.d.ts +1 -0
  4. package/dist/cli/commands/auth.js +117 -37
  5. package/dist/cli/commands/auth.js.map +1 -1
  6. package/dist/cli/commands/login.js +16 -23
  7. package/dist/cli/commands/login.js.map +1 -1
  8. package/dist/cli/commands/logs.d.ts +2 -0
  9. package/dist/cli/commands/logs.js +20 -5
  10. package/dist/cli/commands/logs.js.map +1 -1
  11. package/dist/cli/commands/obj.d.ts +44 -0
  12. package/dist/cli/commands/obj.js +1059 -0
  13. package/dist/cli/commands/obj.js.map +1 -0
  14. package/dist/cli/commands/rdf.d.ts +14 -0
  15. package/dist/cli/commands/rdf.js +235 -0
  16. package/dist/cli/commands/rdf.js.map +1 -0
  17. package/dist/cli/commands/resource.d.ts +31 -0
  18. package/dist/cli/commands/resource.js +191 -0
  19. package/dist/cli/commands/resource.js.map +1 -0
  20. package/dist/cli/commands/secret.d.ts +36 -0
  21. package/dist/cli/commands/secret.js +285 -0
  22. package/dist/cli/commands/secret.js.map +1 -0
  23. package/dist/cli/commands/server.d.ts +11 -0
  24. package/dist/cli/commands/server.js +168 -0
  25. package/dist/cli/commands/server.js.map +1 -0
  26. package/dist/cli/commands/start.d.ts +1 -0
  27. package/dist/cli/commands/start.js +5 -0
  28. package/dist/cli/commands/start.js.map +1 -1
  29. package/dist/cli/commands/status.d.ts +1 -0
  30. package/dist/cli/commands/status.js +21 -6
  31. package/dist/cli/commands/status.js.map +1 -1
  32. package/dist/cli/commands/stop.d.ts +3 -0
  33. package/dist/cli/commands/stop.js +40 -6
  34. package/dist/cli/commands/stop.js.map +1 -1
  35. package/dist/cli/index.js +23 -8
  36. package/dist/cli/index.js.map +1 -1
  37. package/dist/cli/lib/auth-context.d.ts +24 -0
  38. package/dist/cli/lib/auth-context.js +70 -0
  39. package/dist/cli/lib/auth-context.js.map +1 -0
  40. package/dist/cli/lib/output.d.ts +23 -0
  41. package/dist/cli/lib/output.js +63 -0
  42. package/dist/cli/lib/output.js.map +1 -0
  43. package/dist/cli/lib/resource.d.ts +29 -0
  44. package/dist/cli/lib/resource.js +114 -0
  45. package/dist/cli/lib/resource.js.map +1 -0
  46. package/dist/components/context.jsonld +6 -0
  47. package/dist/identity/oidc/AutoDetectIdentityProviderHandler.d.ts +11 -10
  48. package/dist/identity/oidc/AutoDetectIdentityProviderHandler.js +13 -24
  49. package/dist/identity/oidc/AutoDetectIdentityProviderHandler.js.map +1 -1
  50. package/dist/identity/oidc/AutoDetectIdentityProviderHandler.jsonld +4 -4
  51. package/dist/identity/oidc/AutoDetectOidcHandler.d.ts +8 -4
  52. package/dist/identity/oidc/AutoDetectOidcHandler.js +10 -6
  53. package/dist/identity/oidc/AutoDetectOidcHandler.js.map +1 -1
  54. package/dist/identity/oidc/AutoDetectOidcHandler.jsonld +3 -3
  55. package/dist/storage/accessors/MixDataAccessor.js +3 -0
  56. package/dist/storage/accessors/MixDataAccessor.js.map +1 -1
  57. package/dist/storage/quint/SqliteQuintStore.d.ts +26 -1
  58. package/dist/storage/quint/SqliteQuintStore.js +551 -318
  59. package/dist/storage/quint/SqliteQuintStore.js.map +1 -1
  60. package/dist/storage/quint/SqliteQuintStore.jsonld +102 -2
  61. package/dist/storage/quint/schema.d.ts +76 -0
  62. package/dist/storage/quint/schema.js +13 -7
  63. package/dist/storage/quint/schema.js.map +1 -1
  64. package/dist/storage/rdf/RdfLocalQueryEngine.d.ts +4 -1
  65. package/dist/storage/rdf/RdfLocalQueryEngine.js +77 -8
  66. package/dist/storage/rdf/RdfLocalQueryEngine.js.map +1 -1
  67. package/dist/storage/rdf/SolidRdfEngine.d.ts +5 -0
  68. package/dist/storage/rdf/SolidRdfEngine.js +31 -3
  69. package/dist/storage/rdf/SolidRdfEngine.js.map +1 -1
  70. package/dist/storage/rdf/SolidRdfEngine.jsonld +34 -0
  71. package/dist/storage/sparql/ComunicaQuintEngine.js +16 -3
  72. package/dist/storage/sparql/ComunicaQuintEngine.js.map +1 -1
  73. package/package.json +1 -1
  74. package/dist/cli/commands/config.d.ts +0 -42
  75. package/dist/cli/commands/config.js +0 -289
  76. package/dist/cli/commands/config.js.map +0 -1
package/config/local.json CHANGED
@@ -21,12 +21,12 @@
21
21
  }
22
22
  },
23
23
  {
24
- "comment": "定义 oidcIssuer 变量(外部 IdP 基础 URL),设置后启用 SP 模式",
24
+ "comment": "定义 oidcIssuer 变量(外部 OIDC issuer 基础 URL),设置后本地仍提供 account/consent/SP 页面",
25
25
  "@id": "urn:solid-server:default:variable:oidcIssuer",
26
26
  "@type": "Variable"
27
27
  },
28
28
  {
29
- "comment": "Auto-detect OIDC Handler - 有 oidcIssuer 时启用 SP 模式,代理 JWKS",
29
+ "comment": "Auto-detect OIDC Handler - 有 oidcIssuer 时代理外部 issuer JWKS,其它 OIDC 路由保持 CSS 本地处理",
30
30
  "@id": "urn:undefineds:xpod:AutoDetectOidcHandler",
31
31
  "@type": "AutoDetectOidcHandler",
32
32
  "AutoDetectOidcHandler:_options_oidcIssuer": {
@@ -35,7 +35,7 @@
35
35
  "AutoDetectOidcHandler:_options_cacheMs": 300000
36
36
  },
37
37
  {
38
- "comment": "原始 IdentityProviderHandler 实例(用于标准模式委托)",
38
+ "comment": "CSS 原生 IdentityProvider parsing handler,始终用于本地 account/consent/WebID 选择页面",
39
39
  "@id": "urn:undefineds:xpod:SourceIdentityProviderHandler",
40
40
  "@type": "RouterHandler",
41
41
  "baseUrl": {
@@ -52,7 +52,7 @@
52
52
  }
53
53
  },
54
54
  {
55
- "comment": "Auto-detect Identity Provider Handler - 有 oidcIssuer 时禁用本地账户管理",
55
+ "comment": "Auto-detect Identity Provider Handler - 有 oidcIssuer 时仍委托本地 account/consent,避免 Local 登录漏到 Cloud Pod",
56
56
  "@id": "urn:undefineds:xpod:AutoDetectIdentityProviderHandler",
57
57
  "@type": "AutoDetectIdentityProviderHandler",
58
58
  "AutoDetectIdentityProviderHandler:_options_oidcIssuer": {
@@ -313,7 +313,7 @@
313
313
  "@id": "urn:solid-server:default:StaticAssetHandler"
314
314
  },
315
315
  {
316
- "comment": "SP 模式下代理 JWKS,标准模式下透传",
316
+ "comment": "Local 模式下代理外部 issuer JWKS;其它 OIDC 路由由 CSS 默认 OIDC handler 处理",
317
317
  "@id": "urn:undefineds:xpod:AutoDetectOidcHandler"
318
318
  },
319
319
  {
package/config/xpod.json CHANGED
@@ -11,12 +11,12 @@
11
11
  ],
12
12
  "@graph": [
13
13
  {
14
- "comment": "Xpod 统一配置 - 通过环境变量切换 Cloud/SP 模式",
14
+ "comment": "Xpod 统一配置 - 通过环境变量切换 Cloud/Local/Standalone 模式",
15
15
  "@id": "urn:undefineds:xpod:Config",
16
16
  "@type": "Void"
17
17
  },
18
18
  {
19
- "comment": "定义 oidcIssuer 变量(外部 IdP 基础 URL)- SP 模式必填",
19
+ "comment": "定义 oidcIssuer 变量(外部 OIDC issuer 基础 URL);Local 模式仍由本地提供 account/consent/SP 页面",
20
20
  "@id": "urn:solid-server:default:variable:oidcIssuer",
21
21
  "@type": "Variable"
22
22
  },
@@ -52,7 +52,7 @@
52
52
  }
53
53
  },
54
54
  {
55
- "comment": "Auto-detect OIDC Handler - 有 oidcIssuer 时启用 SP 模式",
55
+ "comment": "Auto-detect OIDC Handler - 有 oidcIssuer 时代理外部 issuer 的 JWKS,其它 OIDC 路由保持 CSS 本地处理",
56
56
  "@id": "urn:undefineds:xpod:AutoDetectOidcHandler",
57
57
  "@type": "AutoDetectOidcHandler",
58
58
  "options_oidcIssuer": {
@@ -61,13 +61,20 @@
61
61
  "options_cacheMs": 300000
62
62
  },
63
63
  {
64
- "comment": "Override: 使用 AutoDetectOidcHandler 替换默认 OidcHandler",
65
- "@type": "Override",
66
- "overrideInstance": {
67
- "@id": "urn:solid-server:default:OidcHandler"
64
+ "comment": "CSS 原生 IdentityProvider parsing handler,始终用于本地 account/consent/WebID 选择页面",
65
+ "@id": "urn:undefineds:xpod:SourceIdentityProviderHandler",
66
+ "@type": "RouterHandler",
67
+ "baseUrl": {
68
+ "@id": "urn:solid-server:default:variable:baseUrl"
68
69
  },
69
- "overrideParameters": {
70
- "@id": "urn:undefineds:xpod:AutoDetectOidcHandler"
70
+ "targetExtractor": {
71
+ "@id": "urn:solid-server:default:TargetExtractor"
72
+ },
73
+ "allowedPathNames": [
74
+ "^/.account(/.*)?$"
75
+ ],
76
+ "handler": {
77
+ "@id": "urn:solid-server:default:IdentityProviderParsingHandler"
71
78
  }
72
79
  },
73
80
  {
@@ -76,6 +83,9 @@
76
83
  "@type": "AutoDetectIdentityProviderHandler",
77
84
  "options_oidcIssuer": {
78
85
  "@id": "urn:solid-server:default:variable:oidcIssuer"
86
+ },
87
+ "options_source": {
88
+ "@id": "urn:undefineds:xpod:SourceIdentityProviderHandler"
79
89
  }
80
90
  },
81
91
  {
@@ -207,7 +217,7 @@
207
217
  }
208
218
  },
209
219
  {
210
- "comment": "注册开关 - Cloud 模式启用,SP 模式禁用",
220
+ "comment": "注册开关 - Cloud/Standalone 可启用,Local 由本地 account/consent 流程决定",
211
221
  "@id": "urn:solid-server:default:variable:registration",
212
222
  "@type": "Variable"
213
223
  },
@@ -223,6 +233,10 @@
223
233
  { "@id": "urn:undefineds:xpod:TerminalHttpHandler" },
224
234
  { "@id": "urn:undefineds:xpod:AppStaticAssetHandler" },
225
235
  { "@id": "urn:solid-server:default:StaticAssetHandler" },
236
+ {
237
+ "comment": "Local 模式下代理外部 issuer JWKS;其它 OIDC 路由由 CSS 默认 OIDC handler 处理",
238
+ "@id": "urn:undefineds:xpod:AutoDetectOidcHandler"
239
+ },
226
240
  { "@id": "urn:solid-server:default:OidcHandler" },
227
241
  { "@id": "urn:solid-server:default:NotificationHttpHandler" },
228
242
  { "@id": "urn:solid-server:default:StorageDescriptionHandler" },
package/dist/cli/commands/auth.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import type { CommandModule } from 'yargs';
2
2
  interface AuthArgs {
3
3
  url: string;
4
+ json?: boolean;
4
5
  }
5
6
  export declare const authCommand: CommandModule<object, AuthArgs>;
6
7
  export {};
package/dist/cli/commands/auth.js CHANGED
@@ -4,21 +4,40 @@ exports.authCommand = void 0;
4
4
  const css_account_1 = require("../lib/css-account");
5
5
  const credentials_store_1 = require("../lib/credentials-store");
6
6
  const prompt_1 = require("../lib/prompt");
7
+ const auth_context_1 = require("../lib/auth-context");
8
+ const output_1 = require("../lib/output");
7
9
  function resolveUrl(url) {
8
10
  const raw = url || process.env.CSS_BASE_URL || 'http://localhost:3000';
9
11
  return raw.endsWith('/') ? raw : `${raw}/`;
10
12
  }
13
+ async function resolveExplicitWebId(input) {
14
+ if (input.explicitWebId) {
15
+ return input.explicitWebId;
16
+ }
17
+ const accountData = await (0, css_account_1.getAccountData)(input.token, input.baseUrl);
18
+ const webIds = accountData ? Object.keys(accountData.webIds) : [];
19
+ if (webIds.length === 1 && webIds[0]) {
20
+ return webIds[0];
21
+ }
22
+ if (webIds.length > 1) {
23
+ throw new output_1.CliCommandError('webid_ambiguous', 'Multiple WebIDs are configured. Re-run with --web-id to select the acting identity.', 2, { webIds });
24
+ }
25
+ throw new output_1.CliCommandError('webid_missing', 'No WebID found. Specify --web-id explicitly.', 2);
26
+ }
11
27
  const loginCommand = {
12
28
  command: 'login',
13
- describe: 'Login and get an account token',
29
+ describe: 'Login and store CLI client credentials',
14
30
  builder: (yargs) => yargs
31
+ .option('issuer', { type: 'string', description: 'Issuer/base URL alias for --url' })
15
32
  .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })
16
- .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' }),
33
+ .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })
34
+ .option('web-id', { type: 'string', description: 'WebID to bind credentials to when multiple identities exist' })
35
+ .option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),
17
36
  handler: async (argv) => {
18
- const baseUrl = resolveUrl(argv.url);
37
+ const baseUrl = resolveUrl(argv.issuer ?? argv.url);
19
38
  if (!(await (0, css_account_1.checkServer)(baseUrl))) {
20
- console.error(`Cannot reach server at ${baseUrl}`);
21
- process.exit(1);
39
+ const error = new Error(`Cannot reach server at ${baseUrl}`);
40
+ (0, output_1.handleCliError)(error, argv.json === true, 'server_unreachable');
22
41
  }
23
42
  // Prompt for email if not provided
24
43
  let email = argv.email;
@@ -40,11 +59,38 @@ const loginCommand = {
40
59
  }
41
60
  const token = await (0, css_account_1.login)(email, password, baseUrl);
42
61
  if (!token) {
43
- console.error('Login failed. Check email/password.');
44
- process.exit(1);
62
+ (0, output_1.handleCliError)(new Error('Login failed. Check email/password.'), argv.json === true, 'auth_failed');
63
+ }
64
+ const controls = await (0, css_account_1.getAccountControls)(token, baseUrl);
65
+ if (!controls?.clientCredentials) {
66
+ (0, output_1.handleCliError)(new Error('Cannot find client credentials endpoint.'), argv.json === true, 'credentials_endpoint_missing');
45
67
  }
46
- console.log('Login successful.');
47
- console.log(`Token: ${token}`);
68
+ const webId = await resolveExplicitWebId({
69
+ token,
70
+ baseUrl,
71
+ explicitWebId: argv['web-id'],
72
+ }).catch((error) => (0, output_1.handleCliError)(error, argv.json === true));
73
+ const cred = await (0, css_account_1.createClientCredentials)(token, controls.clientCredentials, webId, 'xpod-cli');
74
+ if (!cred) {
75
+ (0, output_1.handleCliError)(new Error('Failed to create credentials.'), argv.json === true, 'credentials_create_failed');
76
+ }
77
+ (0, credentials_store_1.saveCredentials)({
78
+ url: baseUrl,
79
+ webId,
80
+ authType: 'client_credentials',
81
+ secrets: {
82
+ clientId: cred.id,
83
+ clientSecret: cred.secret ?? '',
84
+ },
85
+ });
86
+ const data = { baseUrl, webId, configPath: (0, credentials_store_1.getConfigPath)() };
87
+ if (argv.json) {
88
+ (0, output_1.writeJsonResult)(data);
89
+ return;
90
+ }
91
+ console.log('Login successful. Credentials saved.');
92
+ console.log(` webId: ${webId}`);
93
+ console.log(` config: ${(0, credentials_store_1.getConfigPath)().replace('/config.json', '/')}`);
48
94
  },
49
95
  };
50
96
  const createCredentialsCommand = {
@@ -55,7 +101,7 @@ const createCredentialsCommand = {
55
101
  .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })
56
102
  .option('web-id', { type: 'string', description: 'WebID to bind credentials to' })
57
103
  .option('name', { type: 'string', description: 'Credential label' })
58
- .option('output', { type: 'boolean', default: false, description: 'Print credentials to terminal instead of saving to ~/.xpod/' }),
104
+ .option('output', { type: 'boolean', default: false, description: 'Do not save credentials; print non-secret metadata only' }),
59
105
  handler: async (argv) => {
60
106
  const baseUrl = resolveUrl(argv.url);
61
107
  if (!(await (0, css_account_1.checkServer)(baseUrl))) {
@@ -90,39 +136,22 @@ const createCredentialsCommand = {
90
136
  console.error('Cannot find client credentials endpoint.');
91
137
  process.exit(1);
92
138
  }
93
- // Determine WebID: explicit flag > first pod's profile
94
- let webId = argv['web-id'];
95
- if (!webId) {
96
- // Try to discover from account info
97
- const accountRes = await fetch(`${baseUrl}.account/`, {
98
- headers: {
99
- Accept: 'application/json',
100
- Authorization: `CSS-Account-Token ${token}`,
101
- },
139
+ let webId;
140
+ try {
141
+ webId = await resolveExplicitWebId({
142
+ token,
143
+ baseUrl,
144
+ explicitWebId: argv['web-id'],
102
145
  });
103
- if (accountRes.ok) {
104
- const accountData = (await accountRes.json());
105
- const webIds = accountData.webIds;
106
- if (webIds && typeof webIds === 'object') {
107
- const firstUrl = Object.keys(webIds)[0];
108
- if (firstUrl)
109
- webId = firstUrl;
110
- }
111
- }
112
146
  }
113
- if (!webId) {
114
- console.error('No WebID found. Specify --web-id explicitly.');
115
- process.exit(1);
147
+ catch (error) {
148
+ (0, output_1.handleCliError)(error, false);
116
149
  }
117
150
  const cred = await (0, css_account_1.createClientCredentials)(token, controls.clientCredentials, webId, argv.name);
118
151
  if (!cred) {
119
152
  console.error('Failed to create credentials.');
120
153
  process.exit(1);
121
154
  }
122
- console.log('Credentials created:');
123
- console.log(` client_id: ${cred.id}`);
124
- console.log(` client_secret: ${cred.secret}`);
125
- console.log(` webId: ${webId}`);
126
155
  if (!argv.output) {
127
156
  (0, credentials_store_1.saveCredentials)({
128
157
  url: baseUrl,
@@ -137,6 +166,11 @@ const createCredentialsCommand = {
137
166
  console.log('\n✓ Setup complete! You can now use xpod commands without entering password.');
138
167
  console.log(' Example: xpod backup export');
139
168
  }
169
+ else {
170
+ console.log('Credentials created.');
171
+ }
172
+ console.log(` client_id: ${cred.id}`);
173
+ console.log(` webId: ${webId}`);
140
174
  },
141
175
  };
142
176
  const listCommand = {
@@ -236,12 +270,56 @@ const revokeCommand = {
236
270
  const logoutCommand = {
237
271
  command: 'logout',
238
272
  describe: 'Remove stored credentials from ~/.xpod/',
239
- builder: (yargs) => yargs,
240
- handler: async () => {
273
+ builder: (yargs) => yargs.option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),
274
+ handler: async (argv) => {
241
275
  (0, credentials_store_1.clearCredentials)();
276
+ if (argv.json) {
277
+ (0, output_1.writeJsonResult)({ authenticated: false });
278
+ return;
279
+ }
242
280
  console.log('Credentials removed.');
243
281
  },
244
282
  };
283
+ const statusCommand = {
284
+ command: 'status',
285
+ describe: 'Show stored authentication status',
286
+ builder: (yargs) => yargs.option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),
287
+ handler: async (argv) => {
288
+ const status = (0, auth_context_1.getStoredAuthStatus)(argv.url);
289
+ if (argv.json) {
290
+ (0, output_1.writeJsonResult)(status);
291
+ return;
292
+ }
293
+ if (!status.authenticated) {
294
+ console.log('Not authenticated. Run `xpod auth login`.');
295
+ return;
296
+ }
297
+ console.log('Authenticated.');
298
+ console.log(` webId: ${status.webId}`);
299
+ console.log(` podRoot: ${status.podRoot}`);
300
+ console.log(` server: ${status.baseUrl}`);
301
+ },
302
+ };
303
+ const whoamiCommand = {
304
+ command: 'whoami',
305
+ describe: 'Show acting WebID and Pod root',
306
+ builder: (yargs) => yargs.option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),
307
+ handler: async (argv) => {
308
+ const status = (0, auth_context_1.getStoredAuthStatus)(argv.url);
309
+ if (!status.authenticated) {
310
+ if (argv.json) {
311
+ (0, output_1.handleCliError)(new output_1.CliCommandError('auth_required', 'No credentials found. Run `xpod auth login` first.', 2), true);
312
+ }
313
+ console.log('Not authenticated. Run `xpod auth login`.');
314
+ return;
315
+ }
316
+ if (argv.json) {
317
+ (0, output_1.writeJsonResult)(status);
318
+ return;
319
+ }
320
+ console.log(status.webId);
321
+ },
322
+ };
245
323
  exports.authCommand = {
246
324
  command: 'auth',
247
325
  describe: 'Authentication and credential management',
@@ -252,9 +330,11 @@ exports.authCommand = {
252
330
  description: 'Server base URL',
253
331
  default: process.env.CSS_BASE_URL || 'http://localhost:3000',
254
332
  })
333
+ .command(statusCommand)
255
334
  .command(loginCommand)
256
335
  .command(createCredentialsCommand)
257
336
  .command(logoutCommand)
337
+ .command(whoamiCommand)
258
338
  .command(listCommand)
259
339
  .command(revokeCommand)
260
340
  .demandCommand(1, 'Please specify an auth subcommand'),
package/dist/cli/commands/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/cli/commands/auth.ts"],"names":[],"mappings":";;;AACA,oDAO4B;AAC5B,gEAA4F;AAC5F,0CAA2D;AA8B3D,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,GAAG,GAAG,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB,CAAC;IACvE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC;AAC7C,CAAC;AAED,MAAM,YAAY,GAAuC;IACvD,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE,gCAAgC;IAC1C,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;IACnH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,EAAE,CAAC,CAAC;IACjC,CAAC;CACF,CAAC;AAEF,MAAM,wBAAwB,GAAmD;IAC/E,OAAO,EAAE,oBAAoB;IAC7B,QAAQ,EAAE,8CAA8C;IACxD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;SACjF,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;SACnE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,6DAA6D,EAAE,CAAC;IACtI,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAA,gCAAkB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,uDAAuD;QACvD,IAAI,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,oCAAoC;YACpC,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,WAAW,EAAE;gBACpD,OAAO,EAAE;oBACP,MAAM,EAAE,kBAAkB;oBAC1B,aAAa,EAAE,qBAAqB,KAAK,EAAE;iBAC5C;aACF,CAAC,CAAC;YACH,IAAI,UAAU,CAAC,EAAE,EAAE,CAAC;gBAClB,MAAM,WAAW,GAAG,CAAC,MAAM,UAAU,CAAC,IAAI,EAAE,CAAwC,CAAC;gBACrF,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC;gBAClC,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;oBACxC,IAAI,QAAQ;wBAAE,KAAK,GAAG,QAAQ,CAAC;gBACjC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAA,qCAAuB,EAAC,KAAK,EAAE,QAAQ,CAAC,iBAAiB,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAChG,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,EAAE,CAAC,CAAC;QAEzC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAA,mCAAe,EAAC;gBACd,GAAG,EAAE,OAAO;gBACZ,KAAK;gBACL,QAAQ,EAAE,oBAAoB;gBAC9B,OAAO,EAAE;oBACP,QAAQ,EAAE,IAAI,CAAC,EAAE;oBACjB,YAAY,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE;iBAChC;aACF,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,cAAc,IAAA,iCAAa,GAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC1E,OAAO,CAAC,GAAG,CAAC,8EAA8E,CAAC,CAAC;YAC5F,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,WAAW,GAAsC;IACrD,OAAO,EAAE,MAAM;IACf,QAAQ,EAAE,yBAAyB;IACnC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;IACnH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mCAAqB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC5C,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,MAAM,mBAAmB,CAAC,CAAC;QACtD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,IAAI,CAAC,CAAC,KAAK;gBAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,aAAa,GAAwC;IACzD,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,4BAA4B;IACtC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IACpG,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,IAAA,oCAAsB,EAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC,CAAC;QAC3E,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,+BAA+B,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACnE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,aAAa,GAAsC;IACvD,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,yCAAyC;IACnD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;IACzB,OAAO,EAAE,KAAK,IAAI,EAAE;QAClB,IAAA,oCAAgB,GAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;CACF,CAAC;AAEW,QAAA,WAAW,GAAoC;IAC1D,OAAO,EAAE,MAAM;IACf,QAAQ,EAAE,0CAA0C;IACpD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,KAAK,EAAE;QACb,KAAK,EAAE,GAAG;QACV,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB;KAC7D,CAAC;SACD,OAAO,CAAC,YAAY,CAAC;SACrB,OAAO,CAAC,wBAAwB,CAAC;SACjC,OAAO,CAAC,aAAa,CAAC;SACtB,OAAO,CAAC,WAAW,CAAC;SACpB,OAAO,CAAC,aAAa,CAAC;SACtB,aAAa,CAAC,CAAC,EAAE,mCAAmC,CAAC;IAC1D,OAAO,EAAE,GAAG,EAAE;QACZ,wBAAwB;IAC1B,CAAC;CACF,CAAC","sourcesContent":["import type { CommandModule } from 'yargs';\nimport {\n checkServer,\n login,\n getAccountControls,\n createClientCredentials,\n listClientCredentials,\n revokeClientCredential,\n} from '../lib/css-account';\nimport { saveCredentials, clearCredentials, getConfigPath } from '../lib/credentials-store';\nimport { promptPassword, promptText } from '../lib/prompt';\n\ninterface AuthArgs {\n url: string;\n}\n\ninterface LoginArgs extends AuthArgs {\n email?: string;\n password?: string;\n}\n\ninterface CreateCredentialsArgs extends AuthArgs {\n email?: string;\n password?: string;\n 'web-id'?: string;\n name?: string;\n output?: boolean;\n}\n\ninterface ListArgs extends AuthArgs {\n email?: string;\n password?: string;\n}\n\ninterface RevokeArgs extends AuthArgs {\n email?: string;\n password?: string;\n 'client-id': string;\n}\n\nfunction resolveUrl(url: string): string {\n const raw = url || process.env.CSS_BASE_URL || 'http://localhost:3000';\n return raw.endsWith('/') ? raw : `${raw}/`;\n}\n\nconst loginCommand: CommandModule<AuthArgs, LoginArgs> = {\n command: 'login',\n describe: 'Login and get an account token',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed. Check email/password.');\n process.exit(1);\n }\n\n console.log('Login successful.');\n console.log(`Token: ${token}`);\n },\n};\n\nconst createCredentialsCommand: CommandModule<AuthArgs, CreateCredentialsArgs> = {\n command: 'create-credentials',\n describe: 'Create client credentials (client_id/secret)',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('web-id', { type: 'string', description: 'WebID to bind credentials to' })\n .option('name', { type: 'string', description: 'Credential label' })\n .option('output', { type: 'boolean', default: false, description: 'Print credentials to terminal instead of saving to ~/.xpod/' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const controls = await getAccountControls(token, baseUrl);\n if (!controls?.clientCredentials) {\n console.error('Cannot find client credentials endpoint.');\n process.exit(1);\n }\n\n // Determine WebID: explicit flag > first pod's profile\n let webId = argv['web-id'];\n if (!webId) {\n // Try to discover from account info\n const accountRes = await fetch(`${baseUrl}.account/`, {\n headers: {\n Accept: 'application/json',\n Authorization: `CSS-Account-Token ${token}`,\n },\n });\n if (accountRes.ok) {\n const accountData = (await accountRes.json()) as { webIds?: Record<string, string> };\n const webIds = accountData.webIds;\n if (webIds && typeof webIds === 'object') {\n const firstUrl = Object.keys(webIds)[0];\n if (firstUrl) webId = firstUrl;\n }\n }\n }\n\n if (!webId) {\n console.error('No WebID found. Specify --web-id explicitly.');\n process.exit(1);\n }\n\n const cred = await createClientCredentials(token, controls.clientCredentials, webId, argv.name);\n if (!cred) {\n console.error('Failed to create credentials.');\n process.exit(1);\n }\n\n console.log('Credentials created:');\n console.log(` client_id: ${cred.id}`);\n console.log(` client_secret: ${cred.secret}`);\n console.log(` webId: ${webId}`);\n\n if (!argv.output) {\n saveCredentials({\n url: baseUrl,\n webId,\n authType: 'client_credentials',\n secrets: {\n clientId: cred.id,\n clientSecret: cred.secret ?? '',\n },\n });\n console.log(`\\nSaved to ${getConfigPath().replace('/config.json', '/')}`);\n console.log('\\n✓ Setup complete! You can now use xpod commands without entering password.');\n console.log(' Example: xpod backup export');\n }\n },\n};\n\nconst listCommand: CommandModule<AuthArgs, ListArgs> = {\n command: 'list',\n describe: 'List client credentials',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const creds = await listClientCredentials(token, baseUrl);\n if (creds.length === 0) {\n console.log('No client credentials found.');\n return;\n }\n\n console.log(`Found ${creds.length} credential(s):\\n`);\n for (const c of creds) {\n console.log(` ${c.id}`);\n if (c.webId) console.log(` webId: ${c.webId}`);\n }\n },\n};\n\nconst revokeCommand: CommandModule<AuthArgs, RevokeArgs> = {\n command: 'revoke',\n describe: 'Revoke a client credential',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('client-id', { type: 'string', demandOption: true, description: 'Client ID to revoke' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const ok = await revokeClientCredential(token, argv['client-id'], baseUrl);\n if (ok) {\n console.log(`Credential ${argv['client-id']} revoked.`);\n } else {\n console.error(`Failed to revoke credential ${argv['client-id']}.`);\n process.exit(1);\n }\n },\n};\n\nconst logoutCommand: CommandModule<AuthArgs, AuthArgs> = {\n command: 'logout',\n describe: 'Remove stored credentials from ~/.xpod/',\n builder: (yargs) => yargs,\n handler: async () => {\n clearCredentials();\n console.log('Credentials removed.');\n },\n};\n\nexport const authCommand: CommandModule<object, AuthArgs> = {\n command: 'auth',\n describe: 'Authentication and credential management',\n builder: (yargs) =>\n yargs\n .option('url', {\n alias: 'u',\n type: 'string',\n description: 'Server base URL',\n default: process.env.CSS_BASE_URL || 'http://localhost:3000',\n })\n .command(loginCommand)\n .command(createCredentialsCommand)\n .command(logoutCommand)\n .command(listCommand)\n .command(revokeCommand)\n .demandCommand(1, 'Please specify an auth subcommand'),\n handler: () => {\n // parent command, no-op\n },\n};\n"]}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/cli/commands/auth.ts"],"names":[],"mappings":";;;AACA,oDAQ4B;AAC5B,gEAA4F;AAC5F,0CAA2D;AAC3D,sDAA0D;AAC1D,0CAAiF;AAiCjF,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,GAAG,GAAG,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB,CAAC;IACvE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC;AAC7C,CAAC;AAED,KAAK,UAAU,oBAAoB,CAAC,KAInC;IACC,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC,aAAa,CAAC;IAC7B,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,IAAA,4BAAc,EAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACrE,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAClE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QACrC,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,wBAAe,CACvB,iBAAiB,EACjB,qFAAqF,EACrF,CAAC,EACD,EAAE,MAAM,EAAE,CACX,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,wBAAe,CAAC,eAAe,EAAE,8CAA8C,EAAE,CAAC,CAAC,CAAC;AAChG,CAAC;AAED,MAAM,YAAY,GAAuC;IACvD,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE,wCAAwC;IAClD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;SACpF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE,CAAC;SAChH,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC;IAC7F,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC;QAEpD,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YAC7D,IAAA,uBAAc,EAAC,KAAK,EAAE,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,oBAAoB,CAAC,CAAC;QAClE,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAA,uBAAc,EAAC,IAAI,KAAK,CAAC,qCAAqC,CAAC,EAAE,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,aAAa,CAAC,CAAC;QACtG,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAA,gCAAkB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;YACjC,IAAA,uBAAc,EAAC,IAAI,KAAK,CAAC,0CAA0C,CAAC,EAAE,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,8BAA8B,CAAC,CAAC;QAC5H,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC;YACvC,KAAK;YACL,OAAO;YACP,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAA,uBAAc,EAAC,KAAK,EAAE,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC;QAE/D,MAAM,IAAI,GAAG,MAAM,IAAA,qCAAuB,EAAC,KAAK,EAAE,QAAQ,CAAC,iBAAiB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;QACjG,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAA,uBAAc,EAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,EAAE,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,2BAA2B,CAAC,CAAC;QAC9G,CAAC;QAED,IAAA,mCAAe,EAAC;YACd,GAAG,EAAE,OAAO;YACZ,KAAK;YACL,QAAQ,EAAE,oBAAoB;YAC9B,OAAO,EAAE;gBACP,QAAQ,EAAE,IAAI,CAAC,EAAE;gBACjB,YAAY,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE;aAChC;SACF,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,IAAA,iCAAa,GAAE,EAAE,CAAC;QAC7D,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,IAAA,wBAAe,EAAC,IAAI,CAAC,CAAC;YACtB,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,EAAE,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAA,iCAAa,GAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;IAC3E,CAAC;CACF,CAAC;AAEF,MAAM,wBAAwB,GAAmD;IAC/E,OAAO,EAAE,oBAAoB;IAC7B,QAAQ,EAAE,8CAA8C;IACxD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;SACjF,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;SACnE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;IAClI,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAA,gCAAkB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,KAAa,CAAC;QAClB,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,oBAAoB,CAAC;gBACjC,KAAK;gBACL,OAAO;gBACP,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC;aAC9B,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAA,uBAAc,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC/B,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAA,qCAAuB,EAAC,KAAK,EAAE,QAAQ,CAAC,iBAAiB,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAChG,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAA,mCAAe,EAAC;gBACd,GAAG,EAAE,OAAO;gBACZ,KAAK;gBACL,QAAQ,EAAE,oBAAoB;gBAC9B,OAAO,EAAE;oBACP,QAAQ,EAAE,IAAI,CAAC,EAAE;oBACjB,YAAY,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE;iBAChC;aACF,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,cAAc,IAAA,iCAAa,GAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC1E,OAAO,CAAC,GAAG,CAAC,8EAA8E,CAAC,CAAC;YAC5F,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC;IACvC,CAAC;CACF,CAAC;AAEF,MAAM,WAAW,GAAsC;IACrD,OAAO,EAAE,MAAM;IACf,QAAQ,EAAE,yBAAyB;IACnC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;IACnH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mCAAqB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC5C,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,MAAM,mBAAmB,CAAC,CAAC;QACtD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACzB,IAAI,CAAC,CAAC,KAAK;gBAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,aAAa,GAAwC;IACzD,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,4BAA4B;IACtC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IACpG,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,mCAAmC;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,IAAA,oCAAsB,EAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC,CAAC;QAC3E,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,+BAA+B,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACnE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,aAAa,GAAsC;IACvD,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,yCAAyC;IACnD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC;IAClH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,IAAA,oCAAgB,GAAE,CAAC;QACnB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,IAAA,wBAAe,EAAC,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC,CAAC;YAC1C,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;CACF,CAAC;AAEF,MAAM,aAAa,GAAsC;IACvD,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,mCAAmC;IAC7C,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC;IAClH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,MAAM,GAAG,IAAA,kCAAmB,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,IAAA,wBAAe,EAAC,MAAM,CAAC,CAAC;YACxB,OAAO;QACT,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;YACzD,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC9C,CAAC;CACF,CAAC;AAEF,MAAM,aAAa,GAAsC;IACvD,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,gCAAgC;IAC1C,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC;IAClH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,MAAM,GAAG,IAAA,kCAAmB,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,IAAA,uBAAc,EAAC,IAAI,wBAAe,CAAC,eAAe,EAAE,oDAAoD,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YACtH,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;YACzD,OAAO;QACT,CAAC;QACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,IAAA,wBAAe,EAAC,MAAM,CAAC,CAAC;YACxB,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;CACF,CAAC;AAEW,QAAA,WAAW,GAAoC;IAC1D,OAAO,EAAE,MAAM;IACf,QAAQ,EAAE,0CAA0C;IACpD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,KAAK,EAAE;QACb,KAAK,EAAE,GAAG;QACV,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB;KAC7D,CAAC;SACD,OAAO,CAAC,aAAa,CAAC;SACtB,OAAO,CAAC,YAAY,CAAC;SACrB,OAAO,CAAC,wBAAwB,CAAC;SACjC,OAAO,CAAC,aAAa,CAAC;SACtB,OAAO,CAAC,aAAa,CAAC;SACtB,OAAO,CAAC,WAAW,CAAC;SACpB,OAAO,CAAC,aAAa,CAAC;SACtB,aAAa,CAAC,CAAC,EAAE,mCAAmC,CAAC;IAC1D,OAAO,EAAE,GAAG,EAAE;QACZ,wBAAwB;IAC1B,CAAC;CACF,CAAC","sourcesContent":["import type { CommandModule } from 'yargs';\nimport {\n checkServer,\n login,\n getAccountControls,\n getAccountData,\n createClientCredentials,\n listClientCredentials,\n revokeClientCredential,\n} from '../lib/css-account';\nimport { saveCredentials, clearCredentials, getConfigPath } from '../lib/credentials-store';\nimport { promptPassword, promptText } from '../lib/prompt';\nimport { getStoredAuthStatus } from '../lib/auth-context';\nimport { CliCommandError, handleCliError, writeJsonResult } from '../lib/output';\n\ninterface AuthArgs {\n url: string;\n json?: boolean;\n}\n\ninterface LoginArgs extends AuthArgs {\n email?: string;\n password?: string;\n issuer?: string;\n 'web-id'?: string;\n}\n\ninterface CreateCredentialsArgs extends AuthArgs {\n email?: string;\n password?: string;\n 'web-id'?: string;\n name?: string;\n output?: boolean;\n}\n\ninterface ListArgs extends AuthArgs {\n email?: string;\n password?: string;\n}\n\ninterface RevokeArgs extends AuthArgs {\n email?: string;\n password?: string;\n 'client-id': string;\n}\n\nfunction resolveUrl(url: string): string {\n const raw = url || process.env.CSS_BASE_URL || 'http://localhost:3000';\n return raw.endsWith('/') ? raw : `${raw}/`;\n}\n\nasync function resolveExplicitWebId(input: {\n token: string;\n baseUrl: string;\n explicitWebId?: string;\n}): Promise<string> {\n if (input.explicitWebId) {\n return input.explicitWebId;\n }\n\n const accountData = await getAccountData(input.token, input.baseUrl);\n const webIds = accountData ? Object.keys(accountData.webIds) : [];\n if (webIds.length === 1 && webIds[0]) {\n return webIds[0];\n }\n if (webIds.length > 1) {\n throw new CliCommandError(\n 'webid_ambiguous',\n 'Multiple WebIDs are configured. Re-run with --web-id to select the acting identity.',\n 2,\n { webIds },\n );\n }\n throw new CliCommandError('webid_missing', 'No WebID found. Specify --web-id explicitly.', 2);\n}\n\nconst loginCommand: CommandModule<AuthArgs, LoginArgs> = {\n command: 'login',\n describe: 'Login and store CLI client credentials',\n builder: (yargs) =>\n yargs\n .option('issuer', { type: 'string', description: 'Issuer/base URL alias for --url' })\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('web-id', { type: 'string', description: 'WebID to bind credentials to when multiple identities exist' })\n .option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.issuer ?? argv.url);\n\n if (!(await checkServer(baseUrl))) {\n const error = new Error(`Cannot reach server at ${baseUrl}`);\n handleCliError(error, argv.json === true, 'server_unreachable');\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n handleCliError(new Error('Login failed. Check email/password.'), argv.json === true, 'auth_failed');\n }\n\n const controls = await getAccountControls(token, baseUrl);\n if (!controls?.clientCredentials) {\n handleCliError(new Error('Cannot find client credentials endpoint.'), argv.json === true, 'credentials_endpoint_missing');\n }\n\n const webId = await resolveExplicitWebId({\n token,\n baseUrl,\n explicitWebId: argv['web-id'],\n }).catch((error) => handleCliError(error, argv.json === true));\n\n const cred = await createClientCredentials(token, controls.clientCredentials, webId, 'xpod-cli');\n if (!cred) {\n handleCliError(new Error('Failed to create credentials.'), argv.json === true, 'credentials_create_failed');\n }\n\n saveCredentials({\n url: baseUrl,\n webId,\n authType: 'client_credentials',\n secrets: {\n clientId: cred.id,\n clientSecret: cred.secret ?? '',\n },\n });\n\n const data = { baseUrl, webId, configPath: getConfigPath() };\n if (argv.json) {\n writeJsonResult(data);\n return;\n }\n console.log('Login successful. Credentials saved.');\n console.log(` webId: ${webId}`);\n console.log(` config: ${getConfigPath().replace('/config.json', '/')}`);\n },\n};\n\nconst createCredentialsCommand: CommandModule<AuthArgs, CreateCredentialsArgs> = {\n command: 'create-credentials',\n describe: 'Create client credentials (client_id/secret)',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('web-id', { type: 'string', description: 'WebID to bind credentials to' })\n .option('name', { type: 'string', description: 'Credential label' })\n .option('output', { type: 'boolean', default: false, description: 'Do not save credentials; print non-secret metadata only' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const controls = await getAccountControls(token, baseUrl);\n if (!controls?.clientCredentials) {\n console.error('Cannot find client credentials endpoint.');\n process.exit(1);\n }\n\n let webId: string;\n try {\n webId = await resolveExplicitWebId({\n token,\n baseUrl,\n explicitWebId: argv['web-id'],\n });\n } catch (error) {\n handleCliError(error, false);\n }\n\n const cred = await createClientCredentials(token, controls.clientCredentials, webId, argv.name);\n if (!cred) {\n console.error('Failed to create credentials.');\n process.exit(1);\n }\n\n if (!argv.output) {\n saveCredentials({\n url: baseUrl,\n webId,\n authType: 'client_credentials',\n secrets: {\n clientId: cred.id,\n clientSecret: cred.secret ?? '',\n },\n });\n console.log(`\\nSaved to ${getConfigPath().replace('/config.json', '/')}`);\n console.log('\\n✓ Setup complete! You can now use xpod commands without entering password.');\n console.log(' Example: xpod backup export');\n } else {\n console.log('Credentials created.');\n }\n console.log(` client_id: ${cred.id}`);\n console.log(` webId: ${webId}`);\n },\n};\n\nconst listCommand: CommandModule<AuthArgs, ListArgs> = {\n command: 'list',\n describe: 'List client credentials',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const creds = await listClientCredentials(token, baseUrl);\n if (creds.length === 0) {\n console.log('No client credentials found.');\n return;\n }\n\n console.log(`Found ${creds.length} credential(s):\\n`);\n for (const c of creds) {\n console.log(` ${c.id}`);\n if (c.webId) console.log(` webId: ${c.webId}`);\n }\n },\n};\n\nconst revokeCommand: CommandModule<AuthArgs, RevokeArgs> = {\n command: 'revoke',\n describe: 'Revoke a client credential',\n builder: (yargs) =>\n yargs\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('client-id', { type: 'string', demandOption: true, description: 'Client ID to revoke' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n // Prompt for email if not provided\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n // Prompt for password if not provided (secure input)\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const ok = await revokeClientCredential(token, argv['client-id'], baseUrl);\n if (ok) {\n console.log(`Credential ${argv['client-id']} revoked.`);\n } else {\n console.error(`Failed to revoke credential ${argv['client-id']}.`);\n process.exit(1);\n }\n },\n};\n\nconst logoutCommand: CommandModule<AuthArgs, AuthArgs> = {\n command: 'logout',\n describe: 'Remove stored credentials from ~/.xpod/',\n builder: (yargs) => yargs.option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),\n handler: async (argv) => {\n clearCredentials();\n if (argv.json) {\n writeJsonResult({ authenticated: false });\n return;\n }\n console.log('Credentials removed.');\n },\n};\n\nconst statusCommand: CommandModule<AuthArgs, AuthArgs> = {\n command: 'status',\n describe: 'Show stored authentication status',\n builder: (yargs) => yargs.option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),\n handler: async (argv) => {\n const status = getStoredAuthStatus(argv.url);\n if (argv.json) {\n writeJsonResult(status);\n return;\n }\n if (!status.authenticated) {\n console.log('Not authenticated. Run `xpod auth login`.');\n return;\n }\n console.log('Authenticated.');\n console.log(` webId: ${status.webId}`);\n console.log(` podRoot: ${status.podRoot}`);\n console.log(` server: ${status.baseUrl}`);\n },\n};\n\nconst whoamiCommand: CommandModule<AuthArgs, AuthArgs> = {\n command: 'whoami',\n describe: 'Show acting WebID and Pod root',\n builder: (yargs) => yargs.option('json', { type: 'boolean', default: false, description: 'Output JSON envelope' }),\n handler: async (argv) => {\n const status = getStoredAuthStatus(argv.url);\n if (!status.authenticated) {\n if (argv.json) {\n handleCliError(new CliCommandError('auth_required', 'No credentials found. Run `xpod auth login` first.', 2), true);\n }\n console.log('Not authenticated. Run `xpod auth login`.');\n return;\n }\n if (argv.json) {\n writeJsonResult(status);\n return;\n }\n console.log(status.webId);\n },\n};\n\nexport const authCommand: CommandModule<object, AuthArgs> = {\n command: 'auth',\n describe: 'Authentication and credential management',\n builder: (yargs) =>\n yargs\n .option('url', {\n alias: 'u',\n type: 'string',\n description: 'Server base URL',\n default: process.env.CSS_BASE_URL || 'http://localhost:3000',\n })\n .command(statusCommand)\n .command(loginCommand)\n .command(createCredentialsCommand)\n .command(logoutCommand)\n .command(whoamiCommand)\n .command(listCommand)\n .command(revokeCommand)\n .demandCommand(1, 'Please specify an auth subcommand'),\n handler: () => {\n // parent command, no-op\n },\n};\n"]}
package/dist/cli/commands/login.js CHANGED
@@ -4,6 +4,7 @@ exports.loginCommandModule = void 0;
4
4
  const css_account_1 = require("../lib/css-account");
5
5
  const credentials_store_1 = require("../lib/credentials-store");
6
6
  const prompt_1 = require("../lib/prompt");
7
+ const output_1 = require("../lib/output");
7
8
  function resolveUrl(url) {
8
9
  const raw = url || process.env.CSS_BASE_URL || 'http://localhost:3000';
9
10
  return raw.endsWith('/') ? raw : `${raw}/`;
@@ -12,21 +13,15 @@ async function resolveWebId(baseUrl, token, explicitWebId) {
12
13
  if (explicitWebId) {
13
14
  return explicitWebId;
14
15
  }
15
- const accountRes = await fetch(`${baseUrl}.account/`, {
16
- headers: {
17
- Accept: 'application/json',
18
- Authorization: `CSS-Account-Token ${token}`,
19
- },
20
- });
21
- if (!accountRes.ok) {
22
- return undefined;
16
+ const accountData = await (0, css_account_1.getAccountData)(token, baseUrl);
17
+ const webIds = accountData ? Object.keys(accountData.webIds) : [];
18
+ if (webIds.length === 1 && webIds[0]) {
19
+ return webIds[0];
23
20
  }
24
- const accountData = await accountRes.json();
25
- const webIds = accountData.webIds;
26
- if (!webIds || typeof webIds !== 'object') {
27
- return undefined;
21
+ if (webIds.length > 1) {
22
+ throw new output_1.CliCommandError('webid_ambiguous', 'Multiple WebIDs are configured. Re-run with --web-id to select the acting identity.', 2, { webIds });
28
23
  }
29
- return Object.keys(webIds)[0];
24
+ throw new output_1.CliCommandError('webid_missing', 'No WebID found. Specify --web-id explicitly.', 2);
30
25
  }
31
26
  exports.loginCommandModule = {
32
27
  command: 'login',
@@ -42,7 +37,7 @@ exports.loginCommandModule = {
42
37
  .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })
43
38
  .option('web-id', { type: 'string', description: 'WebID to bind credentials to' })
44
39
  .option('name', { type: 'string', description: 'Credential label' })
45
- .option('output', { type: 'boolean', default: false, description: 'Print credentials instead of saving to ~/.xpod/' }),
40
+ .option('output', { type: 'boolean', default: false, description: 'Do not save credentials; print non-secret metadata only' }),
46
41
  handler: async (argv) => {
47
42
  const baseUrl = resolveUrl(argv.url);
48
43
  if (!(await (0, css_account_1.checkServer)(baseUrl))) {
@@ -75,20 +70,13 @@ exports.loginCommandModule = {
75
70
  console.error('Cannot find client credentials endpoint.');
76
71
  process.exit(1);
77
72
  }
78
- const webId = await resolveWebId(baseUrl, token, argv['web-id']);
79
- if (!webId) {
80
- console.error('No WebID found. Specify --web-id explicitly.');
81
- process.exit(1);
82
- }
73
+ const webId = await resolveWebId(baseUrl, token, argv['web-id'])
74
+ .catch((error) => (0, output_1.handleCliError)(error, false));
83
75
  const credential = await (0, css_account_1.createClientCredentials)(token, controls.clientCredentials, webId, argv.name);
84
76
  if (!credential) {
85
77
  console.error('Failed to create client credentials.');
86
78
  process.exit(1);
87
79
  }
88
- console.log('Credentials created:');
89
- console.log(` client_id: ${credential.id}`);
90
- console.log(` client_secret: ${credential.secret}`);
91
- console.log(` webId: ${webId}`);
92
80
  if (!argv.output) {
93
81
  (0, credentials_store_1.saveCredentials)({
94
82
  url: baseUrl,
@@ -101,6 +89,11 @@ exports.loginCommandModule = {
101
89
  });
102
90
  console.log(`\nSaved to ${(0, credentials_store_1.getConfigPath)().replace('/config.json', '/')}`);
103
91
  }
92
+ else {
93
+ console.log('Credentials created.');
94
+ }
95
+ console.log(` client_id: ${credential.id}`);
96
+ console.log(` webId: ${webId}`);
104
97
  },
105
98
  };
106
99
  //# sourceMappingURL=login.js.map
package/dist/cli/commands/login.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/cli/commands/login.ts"],"names":[],"mappings":";;;AACA,oDAK4B;AAC5B,gEAA0E;AAC1E,0CAA2D;AAW3D,SAAS,UAAU,CAAC,GAAY;IAC9B,MAAM,GAAG,GAAG,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB,CAAC;IACvE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC;AAC7C,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,OAAe,EAAE,KAAa,EAAE,aAAsB;IAChF,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,WAAW,EAAE;QACpD,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,aAAa,EAAE,qBAAqB,KAAK,EAAE;SAC5C;KACF,CAAC,CAAC;IACH,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;QACnB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,IAAI,EAAyC,CAAC;IACnF,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC;IAClC,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC1C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;AAChC,CAAC;AAEY,QAAA,kBAAkB,GAAqC;IAClE,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE,sDAAsD;IAChE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,KAAK,EAAE;QACb,KAAK,EAAE,GAAG;QACV,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB;KAC7D,CAAC;SACD,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;SACjF,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;SACnE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,iDAAiD,EAAE,CAAC;IAC1H,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAA,gCAAkB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QACjE,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAA,qCAAuB,EAAC,KAAK,EAAE,QAAQ,CAAC,iBAAiB,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QACtG,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,oBAAoB,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,oBAAoB,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,EAAE,CAAC,CAAC;QAEzC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAA,mCAAe,EAAC;gBACd,GAAG,EAAE,OAAO;gBACZ,KAAK;gBACL,QAAQ,EAAE,oBAAoB;gBAC9B,OAAO,EAAE;oBACP,QAAQ,EAAE,UAAU,CAAC,EAAE;oBACvB,YAAY,EAAE,UAAU,CAAC,MAAM,IAAI,EAAE;iBACtC;aACF,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,cAAc,IAAA,iCAAa,GAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;CACF,CAAC","sourcesContent":["import type { CommandModule } from 'yargs';\nimport {\n checkServer,\n login,\n getAccountControls,\n createClientCredentials,\n} from '../lib/css-account';\nimport { saveCredentials, getConfigPath } from '../lib/credentials-store';\nimport { promptPassword, promptText } from '../lib/prompt';\n\ninterface LoginArgs {\n url?: string;\n email?: string;\n password?: string;\n 'web-id'?: string;\n name?: string;\n output?: boolean;\n}\n\nfunction resolveUrl(url?: string): string {\n const raw = url || process.env.CSS_BASE_URL || 'http://localhost:3000';\n return raw.endsWith('/') ? raw : `${raw}/`;\n}\n\nasync function resolveWebId(baseUrl: string, token: string, explicitWebId?: string): Promise<string | undefined> {\n if (explicitWebId) {\n return explicitWebId;\n }\n\n const accountRes = await fetch(`${baseUrl}.account/`, {\n headers: {\n Accept: 'application/json',\n Authorization: `CSS-Account-Token ${token}`,\n },\n });\n if (!accountRes.ok) {\n return undefined;\n }\n\n const accountData = await accountRes.json() as { webIds?: Record<string, string> };\n const webIds = accountData.webIds;\n if (!webIds || typeof webIds !== 'object') {\n return undefined;\n }\n\n return Object.keys(webIds)[0];\n}\n\nexport const loginCommandModule: CommandModule<object, LoginArgs> = {\n command: 'login',\n describe: 'Login to xpod/Solid and store CLI client credentials',\n builder: (yargs) =>\n yargs\n .option('url', {\n alias: 'u',\n type: 'string',\n description: 'Server base URL',\n default: process.env.CSS_BASE_URL || 'http://localhost:3000',\n })\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('web-id', { type: 'string', description: 'WebID to bind credentials to' })\n .option('name', { type: 'string', description: 'Credential label' })\n .option('output', { type: 'boolean', default: false, description: 'Print credentials instead of saving to ~/.xpod/' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const controls = await getAccountControls(token, baseUrl);\n if (!controls?.clientCredentials) {\n console.error('Cannot find client credentials endpoint.');\n process.exit(1);\n }\n\n const webId = await resolveWebId(baseUrl, token, argv['web-id']);\n if (!webId) {\n console.error('No WebID found. Specify --web-id explicitly.');\n process.exit(1);\n }\n\n const credential = await createClientCredentials(token, controls.clientCredentials, webId, argv.name);\n if (!credential) {\n console.error('Failed to create client credentials.');\n process.exit(1);\n }\n\n console.log('Credentials created:');\n console.log(` client_id: ${credential.id}`);\n console.log(` client_secret: ${credential.secret}`);\n console.log(` webId: ${webId}`);\n\n if (!argv.output) {\n saveCredentials({\n url: baseUrl,\n webId,\n authType: 'client_credentials',\n secrets: {\n clientId: credential.id,\n clientSecret: credential.secret ?? '',\n },\n });\n console.log(`\\nSaved to ${getConfigPath().replace('/config.json', '/')}`);\n }\n },\n};\n"]}
1
+ {"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/cli/commands/login.ts"],"names":[],"mappings":";;;AACA,oDAM4B;AAC5B,gEAA0E;AAC1E,0CAA2D;AAC3D,0CAAgE;AAWhE,SAAS,UAAU,CAAC,GAAY;IAC9B,MAAM,GAAG,GAAG,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB,CAAC;IACvE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC;AAC7C,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,OAAe,EAAE,KAAa,EAAE,aAAsB;IAChF,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,IAAA,4BAAc,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACzD,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAClE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QACrC,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,wBAAe,CACvB,iBAAiB,EACjB,qFAAqF,EACrF,CAAC,EACD,EAAE,MAAM,EAAE,CACX,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,wBAAe,CAAC,eAAe,EAAE,8CAA8C,EAAE,CAAC,CAAC,CAAC;AAChG,CAAC;AAEY,QAAA,kBAAkB,GAAqC;IAClE,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE,sDAAsD;IAChE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,KAAK;SACF,MAAM,CAAC,KAAK,EAAE;QACb,KAAK,EAAE,GAAG;QACV,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAuB;KAC7D,CAAC;SACD,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;SAC/F,MAAM,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;SAC9G,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;SACjF,MAAM,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;SACnE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,yDAAyD,EAAE,CAAC;IAClI,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,MAAM,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,MAAM,IAAA,uBAAc,EAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAA,gCAAkB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;aAC7D,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAA,uBAAc,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAElD,MAAM,UAAU,GAAG,MAAM,IAAA,qCAAuB,EAAC,KAAK,EAAE,QAAQ,CAAC,iBAAiB,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QACtG,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAA,mCAAe,EAAC;gBACd,GAAG,EAAE,OAAO;gBACZ,KAAK;gBACL,QAAQ,EAAE,oBAAoB;gBAC9B,OAAO,EAAE;oBACP,QAAQ,EAAE,UAAU,CAAC,EAAE;oBACvB,YAAY,EAAE,UAAU,CAAC,MAAM,IAAI,EAAE;iBACtC;aACF,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,cAAc,IAAA,iCAAa,GAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,gBAAgB,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC;IACvC,CAAC;CACF,CAAC","sourcesContent":["import type { CommandModule } from 'yargs';\nimport {\n checkServer,\n login,\n getAccountControls,\n createClientCredentials,\n getAccountData,\n} from '../lib/css-account';\nimport { saveCredentials, getConfigPath } from '../lib/credentials-store';\nimport { promptPassword, promptText } from '../lib/prompt';\nimport { CliCommandError, handleCliError } from '../lib/output';\n\ninterface LoginArgs {\n url?: string;\n email?: string;\n password?: string;\n 'web-id'?: string;\n name?: string;\n output?: boolean;\n}\n\nfunction resolveUrl(url?: string): string {\n const raw = url || process.env.CSS_BASE_URL || 'http://localhost:3000';\n return raw.endsWith('/') ? raw : `${raw}/`;\n}\n\nasync function resolveWebId(baseUrl: string, token: string, explicitWebId?: string): Promise<string> {\n if (explicitWebId) {\n return explicitWebId;\n }\n\n const accountData = await getAccountData(token, baseUrl);\n const webIds = accountData ? Object.keys(accountData.webIds) : [];\n if (webIds.length === 1 && webIds[0]) {\n return webIds[0];\n }\n if (webIds.length > 1) {\n throw new CliCommandError(\n 'webid_ambiguous',\n 'Multiple WebIDs are configured. Re-run with --web-id to select the acting identity.',\n 2,\n { webIds },\n );\n }\n throw new CliCommandError('webid_missing', 'No WebID found. Specify --web-id explicitly.', 2);\n}\n\nexport const loginCommandModule: CommandModule<object, LoginArgs> = {\n command: 'login',\n describe: 'Login to xpod/Solid and store CLI client credentials',\n builder: (yargs) =>\n yargs\n .option('url', {\n alias: 'u',\n type: 'string',\n description: 'Server base URL',\n default: process.env.CSS_BASE_URL || 'http://localhost:3000',\n })\n .option('email', { type: 'string', description: 'Account email (will prompt if not provided)' })\n .option('password', { type: 'string', description: 'Account password (will prompt securely if not provided)' })\n .option('web-id', { type: 'string', description: 'WebID to bind credentials to' })\n .option('name', { type: 'string', description: 'Credential label' })\n .option('output', { type: 'boolean', default: false, description: 'Do not save credentials; print non-secret metadata only' }),\n handler: async (argv) => {\n const baseUrl = resolveUrl(argv.url);\n\n if (!(await checkServer(baseUrl))) {\n console.error(`Cannot reach server at ${baseUrl}`);\n process.exit(1);\n }\n\n let email = argv.email;\n if (!email) {\n email = await promptText('Email: ');\n if (!email) {\n console.error('Email is required');\n process.exit(1);\n }\n }\n\n let password = argv.password;\n if (!password) {\n password = await promptPassword('Password: ');\n if (!password) {\n console.error('Password is required');\n process.exit(1);\n }\n }\n\n const token = await login(email, password, baseUrl);\n if (!token) {\n console.error('Login failed.');\n process.exit(1);\n }\n\n const controls = await getAccountControls(token, baseUrl);\n if (!controls?.clientCredentials) {\n console.error('Cannot find client credentials endpoint.');\n process.exit(1);\n }\n\n const webId = await resolveWebId(baseUrl, token, argv['web-id'])\n .catch((error) => handleCliError(error, false));\n\n const credential = await createClientCredentials(token, controls.clientCredentials, webId, argv.name);\n if (!credential) {\n console.error('Failed to create client credentials.');\n process.exit(1);\n }\n\n if (!argv.output) {\n saveCredentials({\n url: baseUrl,\n webId,\n authType: 'client_credentials',\n secrets: {\n clientId: credential.id,\n clientSecret: credential.secret ?? '',\n },\n });\n console.log(`\\nSaved to ${getConfigPath().replace('/config.json', '/')}`);\n } else {\n console.log('Credentials created.');\n }\n console.log(` client_id: ${credential.id}`);\n console.log(` webId: ${webId}`);\n },\n};\n"]}
package/dist/cli/commands/logs.d.ts CHANGED
@@ -5,6 +5,8 @@ interface LogsArgs {
5
5
  service?: string;
6
6
  level?: string;
7
7
  limit: number;
8
+ env?: string;
9
+ json: boolean;
8
10
  }
9
11
  export declare const logsCommand: CommandModule<object, LogsArgs>;
10
12
  export {};