@unifiedmemory/cli 1.3.9 → 1.3.11

package/commands/init.js

@@ -69,17 +69,58 @@ export async function init(options = {}) {
     console.log(chalk.green(`✓ Organization: ${authData.org_id}`));
   }
 
-  // Step 2: Select/create project
-  const projectData = await selectOrCreateProject(authData, options);
-  if (!projectData) {
-    console.error(chalk.red('❌ Project setup failed'));
-    process.exit(1);
+  // Step 1.5: Check for existing config
+  const umDir = path.join(process.cwd(), '.um');
+  const configPath = path.join(umDir, 'config.json');
+  let projectData = null;
+  let skipProjectSetup = false;
+
+  if (fs.existsSync(configPath)) {
+    try {
+      const existingConfig = fs.readJSONSync(configPath);
+
+      console.log(chalk.cyan('\n📋 Existing configuration found:\n'));
+      console.log(chalk.gray(`  Project: ${existingConfig.project_name}`));
+      console.log(chalk.gray(`  Project ID: ${existingConfig.project_id}`));
+      console.log(chalk.gray(`  Organization: ${existingConfig.org_id}`));
+      console.log('');
+
+      const { override } = await inquirer.prompt([{
+        type: 'confirm',
+        name: 'override',
+        message: 'Override existing configuration?',
+        default: false,
+      }]);
+
+      if (!override) {
+        // Use existing config - skip project selection
+        projectData = {
+          project_id: existingConfig.project_id,
+          project_name: existingConfig.project_name,
+          project_slug: existingConfig.project_slug,
+        };
+        skipProjectSetup = true;
+        console.log(chalk.green(`\n✓ Using existing project: ${projectData.project_name}`));
+      }
+    } catch (error) {
+      console.log(chalk.yellow(`\n⚠ Could not read existing config: ${error.message}`));
+      console.log(chalk.gray('Continuing with new project setup...\n'));
+    }
   }
 
-  console.log(chalk.green(`✓ Project: ${projectData.project_name} (${projectData.project_id})`));
+  // Step 2: Select/create project (skip if using existing config)
+  if (!skipProjectSetup) {
+    projectData = await selectOrCreateProject(authData, options);
+    if (!projectData) {
+      console.error(chalk.red('❌ Project setup failed'));
+      process.exit(1);
+    }
+
+    console.log(chalk.green(`✓ Project: ${projectData.project_name} (${projectData.project_id})`));
 
-  // Step 3: Save project config
-  await saveProjectConfig(authData, projectData);
+    // Step 3: Save project config (only if we selected a new project)
+    await saveProjectConfig(authData, projectData);
+  }
 
   // Step 3.5: Fetch available MCP tools for permissions
   let mcpToolPermissions = null;

package/commands/login.js

@@ -222,6 +222,7 @@ export async function login() {
                     );
 
                     // Update saved token with org-scoped version
+                    // Preserve originalSid for recovery purposes (org-scoped token won't have sid)
                     saveToken({
                       accessToken: tokenData.access_token,
                       idToken: orgToken.jwt,
@@ -230,7 +231,8 @@ export async function login() {
                       expiresIn: tokenData.expires_in,
                       receivedAt: Date.now(),
                       decoded: parseJWT(orgToken.jwt),
-                      selectedOrg: selectedOrg
+                      selectedOrg: selectedOrg,
+                      originalSid: decoded.sid  // Preserve session ID from original OAuth token
                     });
 
                     console.log(chalk.green(`\n✅ Using organization context: ${chalk.bold(selectedOrg.name)}`));

package/index.js

@@ -206,7 +206,7 @@ noteCommand
 // Show welcome splash if no command provided
 if (process.argv.length === 2) {
   await showWelcome();
-  program.help();
+  process.exit(0);
 }
 
 program.parse();

package/lib/token-refresh.js

@@ -77,10 +77,6 @@ export async function refreshAccessToken(tokenData) {
     let finalIdToken = newTokenData.id_token;
     let decoded = parseJWT(refreshedToken);
 
-    // Debug: log what we got from refresh
-    console.error(`  Refreshed token has sid: ${decoded?.sid ? 'yes' : 'no'}`);
-    console.error(`  selectedOrg: ${tokenData.selectedOrg?.id || 'none'}`);
-
     // If we have org context, get org-scoped token to ensure JWT has org claims
     if (tokenData.selectedOrg?.id && decoded?.sid) {
       try {

package/lib/token-validation.js

@@ -1,5 +1,8 @@
-import { getToken } from './token-storage.js';
+import { getToken, saveToken } from './token-storage.js';
 import { isTokenExpired, refreshAccessToken } from './token-refresh.js';
+import { getOrgScopedToken } from './clerk-api.js';
+import { parseJWT } from './jwt-utils.js';
+import { config } from './config.js';
 
 /**
  * Load token and refresh if expired
@@ -43,5 +46,86 @@ export async function loadAndRefreshToken(requireAuth = true) {
     }
   }
 
+  // Check if token has org context but lacks org claims in JWT
+  // This can happen if getOrgScopedToken() failed during login
+  if (tokenData.selectedOrg?.id && !tokenData.decoded?.o) {
+    console.error('⚠️  Token missing org claims, attempting to fix...');
+
+    // Check for sid in decoded token or preserved originalSid from login
+    let sessionId = tokenData.decoded?.sid || tokenData.originalSid;
+    let currentToken = tokenData.idToken || tokenData.accessToken;
+
+    // If no sid, try to refresh first to get a new base token with sid
+    if (!sessionId && tokenData.refresh_token) {
+      console.error('  Refreshing to obtain session ID...');
+      try {
+        const tokenParams = {
+          client_id: config.clerkClientId,
+          refresh_token: tokenData.refresh_token,
+          grant_type: 'refresh_token',
+        };
+
+        if (config.clerkClientSecret) {
+          tokenParams.client_secret = config.clerkClientSecret;
+        }
+
+        const response = await fetch(`https://${config.clerkDomain}/oauth/token`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+          body: new URLSearchParams(tokenParams),
+        });
+
+        if (response.ok) {
+          const newTokenData = await response.json();
+          const refreshedToken = newTokenData.id_token || newTokenData.access_token;
+          const refreshedDecoded = parseJWT(refreshedToken);
+
+          sessionId = refreshedDecoded?.sid;
+          currentToken = refreshedToken;
+
+          // Update tokenData with refreshed values
+          tokenData.accessToken = newTokenData.access_token;
+          tokenData.idToken = newTokenData.id_token;
+          tokenData.refresh_token = newTokenData.refresh_token || tokenData.refresh_token;
+          tokenData.decoded = refreshedDecoded;
+
+          if (sessionId) {
+            console.error('  ✓ Obtained session ID');
+          }
+        }
+      } catch (error) {
+        console.error(`  Could not refresh token: ${error.message}`);
+      }
+    }
+
+    // Now try to get org-scoped token if we have sessionId
+    if (sessionId) {
+      try {
+        const orgToken = await getOrgScopedToken(
+          sessionId,
+          tokenData.selectedOrg.id,
+          currentToken
+        );
+
+        const decoded = parseJWT(orgToken.jwt);
+        const updatedToken = {
+          ...tokenData,
+          idToken: orgToken.jwt,
+          decoded: decoded,
+        };
+
+        saveToken(updatedToken);
+        console.error('✓ Token updated with org claims');
+        return updatedToken;
+      } catch (error) {
+        console.error(`⚠️  Could not get org-scoped token: ${error.message}`);
+        // Continue with existing token - API calls may fail
+      }
+    } else {
+      console.error('⚠️  Could not obtain session ID for org-scoped token');
+      console.error('   Please run: um login');
+    }
+  }
+
   return tokenData;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@unifiedmemory/cli",
-  "version": "1.3.9",
+  "version": "1.3.11",
   "description": "UnifiedMemory CLI - AI code assistant integration",
   "main": "index.js",
   "type": "module",