@walkeros/cli 3.4.1-next-1776790594143 → 3.4.2

package/dist/index.js

@@ -170,6 +170,26 @@ function deleteConfig() {
   }
   return false;
 }
+function setFeedbackPreference(anonymous) {
+  const config = readConfig();
+  if (!config) return;
+  writeConfig({ ...config, anonymousFeedback: anonymous });
+}
+function getFeedbackPreference() {
+  const config = readConfig();
+  return config?.anonymousFeedback;
+}
+function setDefaultProject(projectId) {
+  const config = readConfig();
+  if (!config) {
+    throw new Error("Not authenticated. Run `walkeros login` first.");
+  }
+  writeConfig({ ...config, defaultProjectId: projectId });
+}
+function getDefaultProject() {
+  const config = readConfig();
+  return config?.defaultProjectId ?? null;
+}
 function resolveToken() {
   const envToken = process.env.WALKEROS_TOKEN;
   if (envToken) return { token: envToken, source: "env" };
@@ -579,8 +599,11 @@ function resolveRunToken() {
   return resolveDeployToken() ?? resolveToken()?.token ?? null;
 }
 function requireProjectId() {
-  const projectId = process.env.WALKEROS_PROJECT_ID;
-  if (!projectId) throw new Error("WALKEROS_PROJECT_ID not set.");
+  const projectId = process.env.WALKEROS_PROJECT_ID || getDefaultProject();
+  if (!projectId)
+    throw new Error(
+      "No project selected. Set WALKEROS_PROJECT_ID or configure a default project."
+    );
   return projectId;
 }
 var init_auth = __esm({
@@ -4595,6 +4618,37 @@ async function resolveBundle(bundleEnv) {
 
 // src/runtime/config-fetcher.ts
 init_http();
+
+// src/runtime/runner-auth-error.ts
+var RunnerAuthError = class extends Error {
+  constructor(status, reason, code, message) {
+    super(message);
+    this.status = status;
+    this.reason = reason;
+    this.code = code;
+    this.name = "RunnerAuthError";
+  }
+};
+function isAppErrorBody(value) {
+  return typeof value === "object" && value !== null && "error" in value && typeof value.error === "object";
+}
+async function throwIfRunnerAuthFailure(res) {
+  if (res.status !== 401 && res.status !== 403) return;
+  let code = null;
+  let message = res.statusText;
+  try {
+    const body = await res.clone().json();
+    if (isAppErrorBody(body) && body.error) {
+      if (typeof body.error.code === "string") code = body.error.code;
+      if (typeof body.error.message === "string") message = body.error.message;
+    }
+  } catch {
+  }
+  const reason = res.status === 401 ? "unauthorised" : code === "FORBIDDEN_FLOW" ? "flow" : code === "FORBIDDEN_SCOPE" ? "scope" : "forbidden";
+  throw new RunnerAuthError(res.status, reason, code, message);
+}
+
+// src/runtime/config-fetcher.ts
 async function fetchConfig(options) {
   const url = `${options.appUrl}/api/projects/${options.projectId}/flows/${options.flowId}`;
   const headers = mergeAuthHeaders(
@@ -4608,12 +4662,8 @@ async function fetchConfig(options) {
   if (response.status === 304) {
     return { changed: false };
   }
+  await throwIfRunnerAuthFailure(response);
   if (!response.ok) {
-    if (response.status === 401 || response.status === 403) {
-      throw new Error(
-        `Config fetch failed (${response.status}): token may have expired \u2014 redeploy to rotate`
-      );
-    }
     throw new Error(
       `Config fetch failed: ${response.status} ${response.statusText}`
     );
@@ -5069,6 +5119,7 @@ async function fetchSecrets(options) {
   const res = await fetch(url, {
     headers: mergeAuthHeaders(token, { "Content-Type": "application/json" })
   });
+  await throwIfRunnerAuthFailure(res);
   if (!res.ok) {
     throw new SecretsHttpError(res.status, res.statusText);
   }
@@ -6179,6 +6230,8 @@ init_cli_logger();
 init_config_file();
 import { hostname } from "os";
 var POLL_TIMEOUT_BUFFER_MS = 5e3;
+var DEFAULT_POLL_TIMEOUT_MS = 6e4;
+var DEFAULT_POLL_INTERVAL_MS = 5e3;
 async function openInBrowser(url) {
   const { default: open } = await import("open");
   await open(url);
@@ -6204,25 +6257,143 @@ async function loginCommand(options) {
     process.exit(1);
   }
 }
-async function login(options = {}) {
+async function requestDeviceCode(options = {}) {
   const appUrl = options.url || resolveAppUrl();
   const f2 = options.fetch ?? globalThis.fetch;
-  const codeResponse = await f2(`${appUrl}/api/auth/device/code`, {
+  const response = await f2(`${appUrl}/api/auth/device/code`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({})
   });
-  if (!codeResponse.ok) {
+  if (!response.ok) {
+    throw new Error("Failed to request device code");
+  }
+  const data = await response.json();
+  return {
+    deviceCode: data.deviceCode,
+    userCode: data.userCode,
+    verificationUri: data.verificationUri,
+    verificationUriComplete: data.verificationUriComplete,
+    expiresIn: data.expiresIn,
+    interval: data.interval
+  };
+}
+async function pollForToken(deviceCode, options = {}) {
+  const appUrl = options.url || resolveAppUrl();
+  const f2 = options.fetch ?? globalThis.fetch;
+  const timeoutMs = options.timeoutMs ?? DEFAULT_POLL_TIMEOUT_MS;
+  let intervalMs = options.intervalMs ?? DEFAULT_POLL_INTERVAL_MS;
+  const deadline = Date.now() + timeoutMs;
+  while (Date.now() < deadline) {
+    await new Promise((r2) => setTimeout(r2, intervalMs));
+    if (Date.now() >= deadline) break;
+    const remaining = Math.max(1, deadline - Date.now());
+    const controller = new AbortController();
+    const timeoutHandle = setTimeout(() => controller.abort(), remaining);
+    let tokenResponse;
+    try {
+      tokenResponse = await f2(`${appUrl}/api/auth/device/token`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ deviceCode, hostname: hostname() }),
+        signal: controller.signal
+      });
+    } catch (err) {
+      clearTimeout(timeoutHandle);
+      if (err instanceof Error && err.name === "AbortError") {
+        break;
+      }
+      throw err;
+    } finally {
+      clearTimeout(timeoutHandle);
+    }
+    const data = await safeJsonParse(tokenResponse);
+    if (data === MALFORMED) {
+      return {
+        success: false,
+        status: "error",
+        error: "Server returned malformed response"
+      };
+    }
+    if (tokenResponse.ok) {
+      const token = data.token;
+      const email = data.email;
+      if (typeof token === "string" && token.length > 0) {
+        if (typeof email !== "string" || email.length === 0) {
+          return {
+            success: false,
+            status: "error",
+            error: "Server returned malformed response (missing email)"
+          };
+        }
+        writeConfig({ token, email, appUrl });
+        const configPath = getConfigPath();
+        return {
+          success: true,
+          status: "authenticated",
+          email,
+          configPath
+        };
+      }
+      if (token !== void 0) {
+        return {
+          success: false,
+          status: "error",
+          error: "Server returned malformed response (invalid token type)"
+        };
+      }
+      continue;
+    }
+    if (data.error === "authorization_pending") continue;
+    if (data.error === "slow_down") {
+      intervalMs += 5e3;
+      continue;
+    }
+    const errField = data.error;
+    let errorMsg;
+    if (typeof errField === "string") {
+      errorMsg = errField;
+    } else if (errField && typeof errField === "object" && "message" in errField && typeof errField.message === "string") {
+      errorMsg = errField.message;
+    } else {
+      errorMsg = "Authorization failed";
+    }
+    return { success: false, status: "error", error: errorMsg };
+  }
+  return { success: false, status: "pending" };
+}
+var MALFORMED = /* @__PURE__ */ Symbol("malformed-json");
+async function safeJsonParse(response) {
+  try {
+    const parsed = await response.json();
+    if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+      return parsed;
+    }
+    return MALFORMED;
+  } catch {
+    return MALFORMED;
+  }
+}
+async function login(options = {}) {
+  const fetchOption = options.fetch ?? globalThis.fetch;
+  const urlOption = options.url;
+  let codeResult;
+  try {
+    codeResult = await requestDeviceCode({
+      url: urlOption,
+      fetch: fetchOption
+    });
+  } catch {
     return { success: false, error: "Failed to request device code" };
   }
   const {
-    deviceCode,
     userCode,
     verificationUri,
     verificationUriComplete,
     expiresIn,
-    interval
-  } = await codeResponse.json();
+    interval,
+    deviceCode
+  } = codeResult;
   const prompt = (msg) => process.stderr.write(msg + "\n");
   prompt(`
 ! Your one-time code: ${userCode}`);
@@ -6236,30 +6407,95 @@ async function login(options = {}) {
     prompt("  Could not open browser. Visit the URL manually.");
   }
   prompt("  Waiting for authorization... (press Ctrl+C to cancel)\n");
-  const deadline = Date.now() + expiresIn * 1e3 + POLL_TIMEOUT_BUFFER_MS;
-  let pollInterval = (interval ?? 5) * 1e3;
-  const maxAttempts = options.maxPollAttempts ?? Infinity;
-  let attempts = 0;
-  while (Date.now() < deadline && attempts < maxAttempts) {
-    attempts++;
-    await new Promise((r2) => setTimeout(r2, pollInterval));
-    const tokenResponse = await f2(`${appUrl}/api/auth/device/token`, {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({ deviceCode, hostname: hostname() })
-    });
-    const data = await tokenResponse.json();
-    if (tokenResponse.ok && data.token) {
-      writeConfig({ token: data.token, email: data.email, appUrl });
-      const configPath = getConfigPath();
-      return { success: true, email: data.email, configPath };
-    }
-    if (data.error === "authorization_pending") continue;
-    if (data.error === "slow_down") {
-      pollInterval += 5e3;
-      continue;
+  const timeoutMs = expiresIn * 1e3 + POLL_TIMEOUT_BUFFER_MS;
+  const intervalMs = (interval ?? 5) * 1e3;
+  if (options.maxPollAttempts !== void 0) {
+    const appUrl = urlOption || resolveAppUrl();
+    const f2 = fetchOption;
+    let pollInterval = intervalMs;
+    let attempts = 0;
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline && attempts < options.maxPollAttempts) {
+      attempts++;
+      await new Promise((r2) => setTimeout(r2, pollInterval));
+      const remaining = Math.max(1, deadline - Date.now());
+      const controller = new AbortController();
+      const timeoutHandle = setTimeout(() => controller.abort(), remaining);
+      let tokenResponse;
+      try {
+        tokenResponse = await f2(`${appUrl}/api/auth/device/token`, {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ deviceCode, hostname: hostname() }),
+          signal: controller.signal
+        });
+      } catch (err) {
+        clearTimeout(timeoutHandle);
+        if (err instanceof Error && err.name === "AbortError") {
+          break;
+        }
+        throw err;
+      } finally {
+        clearTimeout(timeoutHandle);
+      }
+      const data = await safeJsonParse(tokenResponse);
+      if (data === MALFORMED) {
+        return {
+          success: false,
+          error: "Server returned malformed response"
+        };
+      }
+      if (tokenResponse.ok) {
+        const token = data.token;
+        const email = data.email;
+        if (typeof token === "string" && token.length > 0) {
+          if (typeof email !== "string" || email.length === 0) {
+            return {
+              success: false,
+              error: "Server returned malformed response (missing email)"
+            };
+          }
+          writeConfig({ token, email, appUrl });
+          const configPath = getConfigPath();
+          return { success: true, email, configPath };
+        }
+        if (token !== void 0) {
+          return {
+            success: false,
+            error: "Server returned malformed response (invalid token type)"
+          };
+        }
+        continue;
+      }
+      if (data.error === "authorization_pending") continue;
+      if (data.error === "slow_down") {
+        pollInterval += 5e3;
+        continue;
+      }
+      const errField = data.error;
+      const errorMsg = typeof errField === "string" ? errField : "Authorization failed";
+      return { success: false, error: errorMsg };
     }
-    return { success: false, error: data.error || "Authorization failed" };
+    return {
+      success: false,
+      error: "Authorization timed out. Please try again."
+    };
+  }
+  const pollResult = await pollForToken(deviceCode, {
+    url: urlOption,
+    fetch: fetchOption,
+    timeoutMs,
+    intervalMs
+  });
+  if (pollResult.success) {
+    return {
+      success: true,
+      email: pollResult.email,
+      configPath: pollResult.configPath
+    };
+  }
+  if (pollResult.status === "error") {
+    return { success: false, error: pollResult.error };
   }
   return {
     success: false,
@@ -6478,6 +6714,18 @@ async function listFlows(options = {}) {
   if (error) throwApiError(error, "Failed to list flows");
   return data;
 }
+async function listAllFlows(options) {
+  const { projects } = await listProjects();
+  const results = [];
+  for (const project of projects) {
+    const data = await listFlows({ ...options, projectId: project.id });
+    results.push({
+      project: { id: project.id, name: project.name },
+      flows: data.flows
+    });
+  }
+  return results;
+}
 async function getFlow(options) {
   const id = options.projectId ?? requireProjectId();
   const client = createApiClient();
@@ -7378,6 +7626,7 @@ export {
   createPreview,
   createProject,
   createProjectCommand,
+  deleteConfig,
   deleteDeployment,
   deleteDeploymentCommand,
   deleteFlow,
@@ -7395,16 +7644,19 @@ export {
   findExample,
   getAuthHeaders,
   getClientContext,
+  getDefaultProject,
   getDeployment,
   getDeploymentBySlug,
   getDeploymentBySlugCommand,
   getDeploymentCommand,
+  getFeedbackPreference,
   getFlow,
   getFlowCommand,
   getPreview,
   getProject,
   getProjectCommand,
   getToken,
+  listAllFlows,
   listDeployments,
   listDeploymentsCommand,
   listFlows,
@@ -7418,15 +7670,20 @@ export {
   logoutCommand,
   mergeAuthHeaders,
   parseSSEEvents,
+  pollForToken,
   publicFetch,
   push,
   pushCommand,
   readConfig,
+  requestDeviceCode,
   requireProjectId,
   resetClientContext,
+  resolveToken,
   run,
   runCommand,
   setClientContext,
+  setDefaultProject,
+  setFeedbackPreference,
   simulateDestination,
   simulateSource,
   simulateTransformer,