npm - @vibecodr/cli - Versions diffs - 0.2.0 → 0.2.1 - Mend

@vibecodr/cli 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/CHANGELOG.md +5 -0
package/dist/auth/token-manager.js +16 -3
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,10 @@
 # Changelog
+## 0.2.1
+- preserve encrypted offline sessions when refresh fails because the authorization server is temporarily unavailable
+- continue clearing stored auth on OAuth `invalid_grant` so revoked or expired refresh tokens fail closed
 ## 0.2.0
 - rename the npm package to `@vibecodr/cli` while keeping `vibecodr` as the primary executable and `vibecodr-mcp` as a compatibility alias

package/dist/auth/token-manager.js CHANGED Viewed

@@ -23,6 +23,12 @@ function computeExpiresAt(expiresIn) {
         return undefined;
     return new Date(Date.now() + expiresIn * 1000).toISOString();
 }
+function oauthErrorCode(error) {
+    if (!error || typeof error !== "object")
+        return undefined;
+    const code = error.errorCode;
+    return typeof code === "string" ? code : undefined;
+}
 function normalizeServerUrlForSessionMatch(value) {
     if (!value)
         return undefined;
@@ -285,10 +291,17 @@ export class TokenManager {
             resource,
             ...(discovery.authorizationServerMetadata ? { metadata: discovery.authorizationServerMetadata } : {})
         }).catch(async (error) => {
-            await this.secretStore.delete(profileName).catch(() => undefined);
-            throw new CliError("auth.refresh_failed", "Failed to refresh the stored session.", EXIT_CODES.authFailed, {
+            const invalidGrant = oauthErrorCode(error) === "invalid_grant";
+            if (invalidGrant) {
+                await this.secretStore.delete(profileName).catch(() => undefined);
+            }
+            throw new CliError("auth.refresh_failed", invalidGrant
+                ? "The stored refresh token is invalid or expired."
+                : "Failed to refresh the stored session.", EXIT_CODES.authFailed, {
                 cause: error,
-                nextStep: "Run vibecodr login to re-authenticate."
+                nextStep: invalidGrant
+                    ? "Run vibecodr login to re-authenticate."
+                    : "Retry after the authorization server recovers. The stored offline session was preserved."
             });
         });
         const updated = {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@vibecodr/cli",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Vibecodr CLI for login, live MCP tool discovery, and live tool invocation.",
   "license": "Apache-2.0",
   "type": "module",