npm - @unifiedmemory/cli - Versions diffs - 1.3.10 → 1.3.11 - Mend

@unifiedmemory/cli 1.3.10 → 1.3.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/commands/login.js CHANGED Viewed

@@ -222,6 +222,7 @@ export async function login() {
                     );
                     // Update saved token with org-scoped version
+                    // Preserve originalSid for recovery purposes (org-scoped token won't have sid)
                     saveToken({
                       accessToken: tokenData.access_token,
                       idToken: orgToken.jwt,
@@ -230,7 +231,8 @@ export async function login() {
                       expiresIn: tokenData.expires_in,
                       receivedAt: Date.now(),
                       decoded: parseJWT(orgToken.jwt),
-                      selectedOrg: selectedOrg
+                      selectedOrg: selectedOrg,
+                      originalSid: decoded.sid  // Preserve session ID from original OAuth token
                     });
                     console.log(chalk.green(`\n✅ Using organization context: ${chalk.bold(selectedOrg.name)}`));

package/lib/token-validation.js CHANGED Viewed

@@ -2,6 +2,7 @@ import { getToken, saveToken } from './token-storage.js';
 import { isTokenExpired, refreshAccessToken } from './token-refresh.js';
 import { getOrgScopedToken } from './clerk-api.js';
 import { parseJWT } from './jwt-utils.js';
+import { config } from './config.js';
 /**
  * Load token and refresh if expired
@@ -47,28 +48,82 @@ export async function loadAndRefreshToken(requireAuth = true) {
   // Check if token has org context but lacks org claims in JWT
   // This can happen if getOrgScopedToken() failed during login
-  if (tokenData.selectedOrg?.id && tokenData.decoded?.sid && !tokenData.decoded?.o) {
+  if (tokenData.selectedOrg?.id && !tokenData.decoded?.o) {
     console.error('⚠️  Token missing org claims, attempting to fix...');
-    try {
-      const orgToken = await getOrgScopedToken(
-        tokenData.decoded.sid,
-        tokenData.selectedOrg.id,
-        tokenData.idToken || tokenData.accessToken
-      );
-      const decoded = parseJWT(orgToken.jwt);
-      const updatedToken = {
-        ...tokenData,
-        idToken: orgToken.jwt,
-        decoded: decoded,
-      };
-      saveToken(updatedToken);
-      console.error('✓ Token updated with org claims');
-      return updatedToken;
-    } catch (error) {
-      console.error(`⚠️  Could not get org-scoped token: ${error.message}`);
-      // Continue with existing token - API calls may fail
+    // Check for sid in decoded token or preserved originalSid from login
+    let sessionId = tokenData.decoded?.sid || tokenData.originalSid;
+    let currentToken = tokenData.idToken || tokenData.accessToken;
+    // If no sid, try to refresh first to get a new base token with sid
+    if (!sessionId && tokenData.refresh_token) {
+      console.error('  Refreshing to obtain session ID...');
+      try {
+        const tokenParams = {
+          client_id: config.clerkClientId,
+          refresh_token: tokenData.refresh_token,
+          grant_type: 'refresh_token',
+        };
+        if (config.clerkClientSecret) {
+          tokenParams.client_secret = config.clerkClientSecret;
+        }
+        const response = await fetch(`https://${config.clerkDomain}/oauth/token`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+          body: new URLSearchParams(tokenParams),
+        });
+        if (response.ok) {
+          const newTokenData = await response.json();
+          const refreshedToken = newTokenData.id_token || newTokenData.access_token;
+          const refreshedDecoded = parseJWT(refreshedToken);
+          sessionId = refreshedDecoded?.sid;
+          currentToken = refreshedToken;
+          // Update tokenData with refreshed values
+          tokenData.accessToken = newTokenData.access_token;
+          tokenData.idToken = newTokenData.id_token;
+          tokenData.refresh_token = newTokenData.refresh_token || tokenData.refresh_token;
+          tokenData.decoded = refreshedDecoded;
+          if (sessionId) {
+            console.error('  ✓ Obtained session ID');
+          }
+        }
+      } catch (error) {
+        console.error(`  Could not refresh token: ${error.message}`);
+      }
+    }
+    // Now try to get org-scoped token if we have sessionId
+    if (sessionId) {
+      try {
+        const orgToken = await getOrgScopedToken(
+          sessionId,
+          tokenData.selectedOrg.id,
+          currentToken
+        );
+        const decoded = parseJWT(orgToken.jwt);
+        const updatedToken = {
+          ...tokenData,
+          idToken: orgToken.jwt,
+          decoded: decoded,
+        };
+        saveToken(updatedToken);
+        console.error('✓ Token updated with org claims');
+        return updatedToken;
+      } catch (error) {
+        console.error(`⚠️  Could not get org-scoped token: ${error.message}`);
+        // Continue with existing token - API calls may fail
+      }
+    } else {
+      console.error('⚠️  Could not obtain session ID for org-scoped token');
+      console.error('   Please run: um login');
     }
   }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@unifiedmemory/cli",
-  "version": "1.3.10",
+  "version": "1.3.11",
   "description": "UnifiedMemory CLI - AI code assistant integration",
   "main": "index.js",
   "type": "module",