@wayai/cli 0.2.44 → 0.2.46
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/eval-results.js +3 -3
- package/dist/commands/login.d.ts +1 -1
- package/dist/commands/login.js +29 -67
- package/dist/commands/login.js.map +1 -1
- package/dist/commands/status.js +1 -1
- package/dist/commands/status.js.map +1 -1
- package/dist/lib/api-client.d.ts +11 -11
- package/dist/lib/api-client.js +4 -4
- package/dist/lib/auth.d.ts +24 -35
- package/dist/lib/auth.js +74 -121
- package/dist/lib/auth.js.map +1 -1
- package/dist/lib/config.d.ts +2 -6
- package/dist/lib/config.js +10 -1
- package/dist/lib/config.js.map +1 -1
- package/dist/lib/eval-format.d.ts +1 -1
- package/dist/lib/eval-format.js +1 -1
- package/dist/lib/sentry.d.ts +3 -2
- package/dist/lib/sentry.js +14 -2
- package/dist/lib/sentry.js.map +1 -1
- package/package.json +1 -1
|
@@ -82,7 +82,7 @@ async function findLatestSessionForEval(client, hubId, evalName) {
|
|
|
82
82
|
// Sessions are ordered by created_at desc, so first match is the latest
|
|
83
83
|
for (const session of completedSessions) {
|
|
84
84
|
const details = await client.getEvalSessionDetails(session.eval_session_id);
|
|
85
|
-
const hasEval = details.data.results.some((r) => r.
|
|
85
|
+
const hasEval = details.data.results.some((r) => r.eval_id === matchingEval.eval_id);
|
|
86
86
|
if (hasEval) {
|
|
87
87
|
return session.eval_session_id;
|
|
88
88
|
}
|
|
@@ -117,7 +117,7 @@ async function showRunDetails(client, sessionId, evalNameFilter, jsonOutput) {
|
|
|
117
117
|
if (evalNameFilter) {
|
|
118
118
|
const matchingResult = details.data.results.find((r) => r.eval?.eval_name?.toLowerCase() === evalNameFilter.toLowerCase());
|
|
119
119
|
if (matchingResult) {
|
|
120
|
-
evalId = matchingResult.
|
|
120
|
+
evalId = matchingResult.eval_id;
|
|
121
121
|
}
|
|
122
122
|
}
|
|
123
123
|
const runsResult = await client.getEvalSessionRuns(sessionId, { evalId });
|
|
@@ -131,7 +131,7 @@ async function showRunDetails(client, sessionId, evalNameFilter, jsonOutput) {
|
|
|
131
131
|
return;
|
|
132
132
|
}
|
|
133
133
|
for (const run of runsResult.data.runs) {
|
|
134
|
-
const evalName = run.eval?.eval_name || run.
|
|
134
|
+
const evalName = run.eval?.eval_name || run.eval_id.slice(0, 8);
|
|
135
135
|
const status = run.response_match === true ? 'PASS' : run.response_match === false ? 'FAIL' : 'PENDING';
|
|
136
136
|
const time = run.execution_time_ms != null ? `(${(run.execution_time_ms / 1000).toFixed(1)}s)` : '';
|
|
137
137
|
console.log(`${evalName} — Run #${run.run_number} [${status}] ${time}`);
|
package/dist/commands/login.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* wayai login —
|
|
2
|
+
* wayai login — WorkOS browser flow (default) or --token fallback
|
|
3
3
|
*/
|
|
4
4
|
export declare function parseApiUrl(args: string[]): string;
|
|
5
5
|
export declare function loginCommand(args: string[]): Promise<void>;
|
package/dist/commands/login.js
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* wayai login —
|
|
2
|
+
* wayai login — WorkOS browser flow (default) or --token fallback
|
|
3
3
|
*/
|
|
4
4
|
import * as readline from 'node:readline';
|
|
5
|
-
import {
|
|
6
|
-
import {
|
|
5
|
+
import { generateState, findAvailablePort, startCallbackServer, fetchLoginUrl, exchangeCodeForToken, validateToken, } from '../lib/auth.js';
|
|
6
|
+
import { writeConfig } from '../lib/config.js';
|
|
7
7
|
function prompt(question, defaultValue) {
|
|
8
8
|
const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
|
|
9
9
|
const display = defaultValue ? `${question} [${defaultValue}]: ` : `${question}: `;
|
|
@@ -29,100 +29,63 @@ export async function loginCommand(args) {
|
|
|
29
29
|
await loginWithToken(apiUrl);
|
|
30
30
|
}
|
|
31
31
|
else {
|
|
32
|
-
await
|
|
32
|
+
await loginWithBrowser(apiUrl);
|
|
33
33
|
}
|
|
34
34
|
}
|
|
35
|
-
async function
|
|
35
|
+
async function loginWithBrowser(apiUrl) {
|
|
36
36
|
console.log('\nConnecting to WayAI...');
|
|
37
|
-
|
|
37
|
+
// Find an available port for the callback server
|
|
38
|
+
const port = await findAvailablePort();
|
|
39
|
+
const redirectUri = `http://127.0.0.1:${port}/callback`;
|
|
40
|
+
const state = generateState();
|
|
41
|
+
// Get the WorkOS login URL from the backend
|
|
42
|
+
let loginUrl;
|
|
38
43
|
try {
|
|
39
|
-
|
|
40
|
-
supabaseUrl = authConfig.supabase_url;
|
|
44
|
+
loginUrl = await fetchLoginUrl(apiUrl, redirectUri, state);
|
|
41
45
|
}
|
|
42
46
|
catch (err) {
|
|
43
47
|
console.error(`Failed to connect to ${apiUrl}: ${err instanceof Error ? err.message : String(err)}`);
|
|
44
48
|
process.exit(1);
|
|
45
49
|
}
|
|
46
|
-
|
|
47
|
-
const
|
|
48
|
-
// Try to reuse the stored DCR client (same port → same redirect_uri → same client_id)
|
|
49
|
-
const { clientId, redirectUri } = await resolveOAuthClient(supabaseUrl);
|
|
50
|
-
// Build OAuth 2.1 authorize URL (Supabase as authorization server)
|
|
51
|
-
const authParams = new URLSearchParams({
|
|
52
|
-
client_id: clientId,
|
|
53
|
-
response_type: 'code',
|
|
54
|
-
redirect_uri: redirectUri,
|
|
55
|
-
code_challenge: codeChallenge,
|
|
56
|
-
code_challenge_method: 'S256',
|
|
57
|
-
scope: 'openid email profile',
|
|
58
|
-
});
|
|
59
|
-
const authUrl = `${supabaseUrl}/auth/v1/oauth/authorize?${authParams.toString()}`;
|
|
50
|
+
// Start callback server before opening browser
|
|
51
|
+
const callbackPromise = startCallbackServer(port, state);
|
|
60
52
|
// Try to open browser
|
|
61
|
-
const
|
|
62
|
-
if (!
|
|
63
|
-
console.log(`\nOpen this URL in your browser to log in:\n\n ${
|
|
53
|
+
const openedBrowser = await tryOpenBrowser(loginUrl);
|
|
54
|
+
if (!openedBrowser) {
|
|
55
|
+
console.log(`\nOpen this URL in your browser to log in:\n\n ${loginUrl}\n`);
|
|
64
56
|
}
|
|
65
57
|
else {
|
|
66
58
|
console.log('Opening browser for login...');
|
|
67
59
|
}
|
|
68
60
|
try {
|
|
69
|
-
const callbackPort = parseInt(new URL(redirectUri).port, 10);
|
|
70
|
-
const callbackPromise = startCallbackServer(callbackPort);
|
|
71
61
|
const { code } = await callbackPromise;
|
|
72
|
-
console.log('Exchanging authorization code
|
|
73
|
-
const
|
|
62
|
+
console.log('Exchanging authorization code...');
|
|
63
|
+
const result = await exchangeCodeForToken(apiUrl, code, redirectUri);
|
|
74
64
|
writeConfig({
|
|
75
65
|
api_url: apiUrl,
|
|
76
|
-
|
|
77
|
-
client_id: clientId,
|
|
78
|
-
redirect_uri: redirectUri,
|
|
79
|
-
refresh_token: refreshToken,
|
|
80
|
-
auth_method: 'oauth',
|
|
66
|
+
token: result.token,
|
|
81
67
|
});
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
console.log('\nLogin successful! Configuration saved to ~/.wayai/config.json');
|
|
68
|
+
console.log(`\nLogin successful! Logged in as ${result.email}`);
|
|
69
|
+
console.log('Configuration saved to ~/.wayai/config.json');
|
|
85
70
|
}
|
|
86
71
|
catch (err) {
|
|
87
72
|
console.error(`\nLogin failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
88
73
|
process.exit(1);
|
|
89
74
|
}
|
|
90
75
|
}
|
|
91
|
-
async function resolveOAuthClient(supabaseUrl) {
|
|
92
|
-
const existingConfig = readConfig();
|
|
93
|
-
if (existingConfig?.client_id &&
|
|
94
|
-
existingConfig?.redirect_uri &&
|
|
95
|
-
existingConfig?.supabase_url === supabaseUrl) {
|
|
96
|
-
const storedUrl = new URL(existingConfig.redirect_uri);
|
|
97
|
-
const storedPort = parseInt(storedUrl.port, 10);
|
|
98
|
-
if (storedPort && await isPortAvailable(storedPort)) {
|
|
99
|
-
return { clientId: existingConfig.client_id, redirectUri: existingConfig.redirect_uri };
|
|
100
|
-
}
|
|
101
|
-
}
|
|
102
|
-
const port = await findAvailablePort();
|
|
103
|
-
const redirectUri = `http://127.0.0.1:${port}/callback`;
|
|
104
|
-
try {
|
|
105
|
-
const clientId = await registerOAuthClient(supabaseUrl, redirectUri);
|
|
106
|
-
return { clientId, redirectUri };
|
|
107
|
-
}
|
|
108
|
-
catch (err) {
|
|
109
|
-
console.error(`Failed to register OAuth client: ${err instanceof Error ? err.message : String(err)}`);
|
|
110
|
-
process.exit(1);
|
|
111
|
-
}
|
|
112
|
-
}
|
|
113
76
|
async function loginWithToken(apiUrl) {
|
|
114
|
-
const
|
|
115
|
-
if (!
|
|
116
|
-
console.error('
|
|
77
|
+
const token = await prompt('MCP Token (way_...)');
|
|
78
|
+
if (!token) {
|
|
79
|
+
console.error('Token is required.');
|
|
117
80
|
process.exit(1);
|
|
118
81
|
}
|
|
119
|
-
if (!
|
|
120
|
-
console.error('Invalid token format.
|
|
82
|
+
if (!token.startsWith('way_')) {
|
|
83
|
+
console.error('Invalid token format. Tokens start with "way_".');
|
|
121
84
|
process.exit(1);
|
|
122
85
|
}
|
|
123
86
|
console.log('\nValidating token...');
|
|
124
87
|
try {
|
|
125
|
-
await
|
|
88
|
+
await validateToken(apiUrl, token);
|
|
126
89
|
}
|
|
127
90
|
catch (err) {
|
|
128
91
|
console.error(`Token validation failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
@@ -130,8 +93,7 @@ async function loginWithToken(apiUrl) {
|
|
|
130
93
|
}
|
|
131
94
|
writeConfig({
|
|
132
95
|
api_url: apiUrl,
|
|
133
|
-
|
|
134
|
-
auth_method: 'token',
|
|
96
|
+
token,
|
|
135
97
|
});
|
|
136
98
|
console.log('\nLogin successful! Configuration saved to ~/.wayai/config.json');
|
|
137
99
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAC1C,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAC1C,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,aAAa,GACd,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,SAAS,MAAM,CAAC,QAAgB,EAAE,YAAqB;IACrD,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACtF,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,GAAG,QAAQ,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,IAAI,CAAC;IACnF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;YAC9B,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,YAAY,IAAI,EAAE,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,eAAe,GAAG,uBAAuB,CAAC;AAEhD,MAAM,UAAU,WAAW,CAAC,IAAc;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACtC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IACvB,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAc;IAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAEjC,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,MAAM,gBAAgB,CAAC,MAAM,CAAC,CAAC;IACjC,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,MAAc;IAC5C,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAExC,iDAAiD;IACjD,MAAM,IAAI,GAAG,MAAM,iBAAiB,EAAE,CAAC;IACvC,MAAM,WAAW,GAAG,oBAAoB,IAAI,WAAW,CAAC;IACxD,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;IAE9B,4CAA4C;IAC5C,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,wBAAwB,MAAM,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,+CAA+C;IAC/C,MAAM,eAAe,GAAG,mBAAmB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAEzD,sBAAsB;IACtB,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,QAAQ,CAAC,CAAC;IACrD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,mDAAmD,QAAQ,IAAI,CAAC,CAAC;IAC/E,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,eAAe,CAAC;QAEvC,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAErE,WAAW,CAAC;YACV,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,oCAAoC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,mBAAmB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,MAAc;IAC1C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,CAAC;IAElD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,IAAI,CAAC;QACH,MAAM,aAAa,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,WAAW,CAAC;QACV,OAAO,EAAE,MAAM;QACf,KAAK;KACN,CAAC,CAAC;IAEH,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;AACjF,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,GAAW;IACvC,gCAAgC;IAChC,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACtD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QAElC,IAAI,GAAW,CAAC;QAChB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC1B,GAAG,GAAG,SAAS,GAAG,GAAG,CAAC;QACxB,CAAC;aAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YAChC,GAAG,GAAG,aAAa,GAAG,GAAG,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,aAAa,GAAG,GAAG,CAAC;QAC5B,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
package/dist/commands/status.js
CHANGED
|
@@ -19,7 +19,7 @@ export async function statusCommand() {
|
|
|
19
19
|
catch {
|
|
20
20
|
tokenStatus = 'token expired (run `wayai login` to re-authenticate)';
|
|
21
21
|
}
|
|
22
|
-
console.log(`Logged in
|
|
22
|
+
console.log(`Logged in — ${tokenStatus}`);
|
|
23
23
|
if (config.api_url !== 'https://api.wayai.pro') {
|
|
24
24
|
console.log(`API: ${config.api_url}`);
|
|
25
25
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAE5B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,WAAmB,CAAC;IACxB,IAAI,CAAC;QACH,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;QAC7B,WAAW,GAAG,aAAa,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,WAAW,GAAG,sDAAsD,CAAC;IACvE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAE5B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,WAAmB,CAAC;IACxB,IAAI,CAAC;QACH,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;QAC7B,WAAW,GAAG,aAAa,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,WAAW,GAAG,sDAAsD,CAAC;IACvE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,eAAe,WAAW,EAAE,CAAC,CAAC;IAE1C,IAAI,MAAM,CAAC,OAAO,KAAK,uBAAuB,EAAE,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACxC,CAAC;IAED,kBAAkB;IAClB,MAAM,UAAU,GAAG,cAAc,EAAE,CAAC;IACpC,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,UAAU,CAAC,iBAAiB;YAC1C,CAAC,CAAC,GAAG,UAAU,CAAC,iBAAiB,KAAK,UAAU,CAAC,eAAe,GAAG;YACnE,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC;QAC/B,MAAM,WAAW,GAAG,UAAU,CAAC,YAAY;YACzC,CAAC,CAAC,GAAG,UAAU,CAAC,YAAY,KAAK,UAAU,CAAC,UAAU,GAAG;YACzD,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC;QAC1B,MAAM,OAAO,GAAG,UAAU,CAAC,QAAQ;YACjC,CAAC,CAAC,GAAG,UAAU,CAAC,QAAQ,KAAK,UAAU,CAAC,MAAM,GAAG;YACjD,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC;QAEtB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,mBAAmB,OAAO,EAAE,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,OAAO,EAAE,CAAC,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,sEAAsE,CAAC,CAAC;IACtF,CAAC;AACH,CAAC"}
|
package/dist/lib/api-client.d.ts
CHANGED
|
@@ -75,8 +75,8 @@ export declare class ApiClient {
|
|
|
75
75
|
eval_name: string;
|
|
76
76
|
enabled: boolean;
|
|
77
77
|
number_of_runs: number;
|
|
78
|
-
|
|
79
|
-
|
|
78
|
+
responder_agent_id: string;
|
|
79
|
+
hub_id: string;
|
|
80
80
|
agent?: {
|
|
81
81
|
agent_id: string;
|
|
82
82
|
agent_name: string;
|
|
@@ -95,7 +95,7 @@ export declare class ApiClient {
|
|
|
95
95
|
eval_session_id: string;
|
|
96
96
|
session_name: string;
|
|
97
97
|
session_status: string;
|
|
98
|
-
|
|
98
|
+
hub_id: string;
|
|
99
99
|
total_evals: number;
|
|
100
100
|
total_runs: number;
|
|
101
101
|
successful_runs: number;
|
|
@@ -114,7 +114,7 @@ export declare class ApiClient {
|
|
|
114
114
|
eval_session_id: string;
|
|
115
115
|
session_name: string;
|
|
116
116
|
session_status: string;
|
|
117
|
-
|
|
117
|
+
hub_id: string;
|
|
118
118
|
};
|
|
119
119
|
};
|
|
120
120
|
message: string;
|
|
@@ -141,7 +141,7 @@ export declare class ApiClient {
|
|
|
141
141
|
};
|
|
142
142
|
results: Array<{
|
|
143
143
|
eval_session_result_id: string;
|
|
144
|
-
|
|
144
|
+
eval_id: string;
|
|
145
145
|
total_runs: number;
|
|
146
146
|
successful_runs: number;
|
|
147
147
|
failed_runs: number;
|
|
@@ -158,7 +158,7 @@ export declare class ApiClient {
|
|
|
158
158
|
eval?: {
|
|
159
159
|
eval_id: string;
|
|
160
160
|
eval_name: string;
|
|
161
|
-
|
|
161
|
+
responder_agent_id: string;
|
|
162
162
|
} | null;
|
|
163
163
|
}>;
|
|
164
164
|
};
|
|
@@ -171,7 +171,7 @@ export declare class ApiClient {
|
|
|
171
171
|
data: {
|
|
172
172
|
runs: Array<{
|
|
173
173
|
eval_session_run_id: string;
|
|
174
|
-
|
|
174
|
+
eval_id: string;
|
|
175
175
|
run_number: number;
|
|
176
176
|
eval_response: {
|
|
177
177
|
role: string;
|
|
@@ -185,7 +185,7 @@ export declare class ApiClient {
|
|
|
185
185
|
eval?: {
|
|
186
186
|
eval_id: string;
|
|
187
187
|
eval_name: string;
|
|
188
|
-
|
|
188
|
+
responder_agent_id: string;
|
|
189
189
|
} | null;
|
|
190
190
|
}>;
|
|
191
191
|
total_count: number;
|
|
@@ -333,7 +333,7 @@ export declare class ApiClient {
|
|
|
333
333
|
data: Array<{
|
|
334
334
|
project_id: string;
|
|
335
335
|
project_name: string;
|
|
336
|
-
|
|
336
|
+
organization_id: string;
|
|
337
337
|
created_at: string;
|
|
338
338
|
}>;
|
|
339
339
|
}>;
|
|
@@ -342,7 +342,7 @@ export declare class ApiClient {
|
|
|
342
342
|
hub_id: string;
|
|
343
343
|
hub_name: string;
|
|
344
344
|
hub_environment: string;
|
|
345
|
-
|
|
345
|
+
project_id: string;
|
|
346
346
|
hub_type: string;
|
|
347
347
|
[key: string]: unknown;
|
|
348
348
|
}>;
|
|
@@ -351,7 +351,7 @@ export declare class ApiClient {
|
|
|
351
351
|
data: Array<{
|
|
352
352
|
project_id: string;
|
|
353
353
|
project_name: string;
|
|
354
|
-
|
|
354
|
+
organization_id: string;
|
|
355
355
|
created_at: string;
|
|
356
356
|
}>;
|
|
357
357
|
}>;
|
package/dist/lib/api-client.js
CHANGED
|
@@ -63,7 +63,7 @@ export class ApiClient {
|
|
|
63
63
|
}
|
|
64
64
|
async syncSkills(hubId, connectionId) {
|
|
65
65
|
return this.request('POST', '/api/setup/resources/sync-skills', {
|
|
66
|
-
|
|
66
|
+
hub_id: hubId,
|
|
67
67
|
...(connectionId && { connection_id: connectionId }),
|
|
68
68
|
});
|
|
69
69
|
}
|
|
@@ -113,7 +113,7 @@ export class ApiClient {
|
|
|
113
113
|
}
|
|
114
114
|
async createEvalSession(hubId, sessionName) {
|
|
115
115
|
return this.request('POST', '/api/evals/sessions', {
|
|
116
|
-
session: {
|
|
116
|
+
session: { hub_id: hubId, session_name: sessionName },
|
|
117
117
|
});
|
|
118
118
|
}
|
|
119
119
|
async runEvalSession(sessionId) {
|
|
@@ -159,13 +159,13 @@ export class ApiClient {
|
|
|
159
159
|
}
|
|
160
160
|
async createProject(organizationId, projectName) {
|
|
161
161
|
return this.request('POST', '/api/setup/projects', {
|
|
162
|
-
|
|
162
|
+
organization_id: organizationId,
|
|
163
163
|
project_name: projectName,
|
|
164
164
|
});
|
|
165
165
|
}
|
|
166
166
|
async createHub(projectId, hubName, hubType, hubDescription) {
|
|
167
167
|
return this.request('POST', '/api/setup/hubs', {
|
|
168
|
-
|
|
168
|
+
project_id: projectId,
|
|
169
169
|
hub_name: hubName,
|
|
170
170
|
...(hubType && { hub_type: hubType }),
|
|
171
171
|
...(hubDescription && { hub_description: hubDescription }),
|
package/dist/lib/auth.d.ts
CHANGED
|
@@ -1,25 +1,37 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Authentication —
|
|
2
|
+
* Authentication — WorkOS browser login (default) + way_ token fallback
|
|
3
|
+
*
|
|
4
|
+
* The CLI uses way_ tokens directly for all API calls. Two login paths:
|
|
5
|
+
* 1. Browser login (default): Opens WorkOS login → receives auth code → exchanges for way_ token
|
|
6
|
+
* 2. Token login (--token): User pastes a way_ token directly
|
|
3
7
|
*/
|
|
4
8
|
import type { CliConfig } from './config.js';
|
|
5
9
|
/**
|
|
6
|
-
*
|
|
10
|
+
* Generate a random state parameter for CSRF protection
|
|
7
11
|
*/
|
|
8
|
-
export declare function
|
|
9
|
-
|
|
12
|
+
export declare function generateState(): string;
|
|
13
|
+
/**
|
|
14
|
+
* Fetch the WorkOS login URL from the backend
|
|
15
|
+
*/
|
|
16
|
+
export declare function fetchLoginUrl(apiUrl: string, redirectUri: string, state: string): Promise<string>;
|
|
17
|
+
/**
|
|
18
|
+
* Exchange a WorkOS authorization code for a way_ token via the backend
|
|
19
|
+
*/
|
|
20
|
+
export declare function exchangeCodeForToken(apiUrl: string, code: string, redirectUri: string): Promise<{
|
|
21
|
+
token: string;
|
|
22
|
+
orgId: string;
|
|
23
|
+
userId: string;
|
|
24
|
+
email: string;
|
|
10
25
|
}>;
|
|
11
26
|
/**
|
|
12
|
-
*
|
|
27
|
+
* Validate a way_ token by making a lightweight API call
|
|
13
28
|
*/
|
|
14
|
-
export declare function
|
|
15
|
-
codeVerifier: string;
|
|
16
|
-
codeChallenge: string;
|
|
17
|
-
};
|
|
29
|
+
export declare function validateToken(apiUrl: string, token: string): Promise<void>;
|
|
18
30
|
/**
|
|
19
31
|
* Start a local HTTP server that waits for the OAuth callback.
|
|
20
|
-
* Returns the authorization code received.
|
|
32
|
+
* Returns the authorization code and state received.
|
|
21
33
|
*/
|
|
22
|
-
export declare function startCallbackServer(port: number, timeoutMs?: number): Promise<{
|
|
34
|
+
export declare function startCallbackServer(port: number, expectedState: string, timeoutMs?: number): Promise<{
|
|
23
35
|
code: string;
|
|
24
36
|
port: number;
|
|
25
37
|
}>;
|
|
@@ -31,32 +43,9 @@ export declare function isPortAvailable(port: number): Promise<boolean>;
|
|
|
31
43
|
* Find an available port by trying to listen on port 0
|
|
32
44
|
*/
|
|
33
45
|
export declare function findAvailablePort(): Promise<number>;
|
|
34
|
-
/**
|
|
35
|
-
* Register the CLI as an OAuth client via Dynamic Client Registration (RFC 7591).
|
|
36
|
-
* Returns the client_id for subsequent authorize/token requests.
|
|
37
|
-
*/
|
|
38
|
-
export declare function registerOAuthClient(supabaseUrl: string, redirectUri: string): Promise<string>;
|
|
39
|
-
/**
|
|
40
|
-
* Exchange OAuth 2.1 authorization code for tokens (PKCE)
|
|
41
|
-
*/
|
|
42
|
-
export declare function exchangeCodeForTokens(supabaseUrl: string, code: string, codeVerifier: string, clientId: string, redirectUri: string): Promise<{
|
|
43
|
-
accessToken: string;
|
|
44
|
-
refreshToken: string;
|
|
45
|
-
}>;
|
|
46
|
-
/**
|
|
47
|
-
* Refresh an OAuth access token using a refresh token (OAuth 2.1)
|
|
48
|
-
*/
|
|
49
|
-
export declare function refreshAccessToken(supabaseUrl: string, refreshToken: string, clientId: string): Promise<{
|
|
50
|
-
accessToken: string;
|
|
51
|
-
refreshToken: string;
|
|
52
|
-
}>;
|
|
53
|
-
/**
|
|
54
|
-
* Exchange MCP token for a JWT via the backend
|
|
55
|
-
*/
|
|
56
|
-
export declare function exchangeMcpToken(apiUrl: string, mcpToken: string): Promise<string>;
|
|
57
46
|
/**
|
|
58
47
|
* Get a valid access token from the current config.
|
|
59
|
-
*
|
|
48
|
+
* With way_ tokens, no refresh is needed — the token is used directly.
|
|
60
49
|
*/
|
|
61
50
|
export declare function getAccessToken(config: CliConfig): Promise<string>;
|
|
62
51
|
/**
|
package/dist/lib/auth.js
CHANGED
|
@@ -1,41 +1,93 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Authentication —
|
|
2
|
+
* Authentication — WorkOS browser login (default) + way_ token fallback
|
|
3
|
+
*
|
|
4
|
+
* The CLI uses way_ tokens directly for all API calls. Two login paths:
|
|
5
|
+
* 1. Browser login (default): Opens WorkOS login → receives auth code → exchanges for way_ token
|
|
6
|
+
* 2. Token login (--token): User pastes a way_ token directly
|
|
3
7
|
*/
|
|
4
8
|
import * as crypto from 'node:crypto';
|
|
5
9
|
import * as http from 'node:http';
|
|
6
10
|
import { readConfig } from './config.js';
|
|
7
11
|
import { setSentryUser } from './sentry.js';
|
|
8
12
|
/**
|
|
9
|
-
*
|
|
13
|
+
* Generate a random state parameter for CSRF protection
|
|
10
14
|
*/
|
|
11
|
-
export
|
|
12
|
-
|
|
15
|
+
export function generateState() {
|
|
16
|
+
return crypto.randomBytes(16).toString('base64url');
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Fetch the WorkOS login URL from the backend
|
|
20
|
+
*/
|
|
21
|
+
export async function fetchLoginUrl(apiUrl, redirectUri, state) {
|
|
22
|
+
const params = new URLSearchParams({ redirect_uri: redirectUri, state });
|
|
23
|
+
const response = await fetch(`${apiUrl}/auth/cli/login-url?${params.toString()}`);
|
|
24
|
+
if (!response.ok) {
|
|
25
|
+
const body = await response.text();
|
|
26
|
+
throw new Error(`Failed to get login URL from ${apiUrl} (${response.status}): ${body}`);
|
|
27
|
+
}
|
|
28
|
+
const data = await response.json();
|
|
29
|
+
return data.url;
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Exchange a WorkOS authorization code for a way_ token via the backend
|
|
33
|
+
*/
|
|
34
|
+
export async function exchangeCodeForToken(apiUrl, code, redirectUri) {
|
|
35
|
+
const response = await fetch(`${apiUrl}/auth/cli/callback`, {
|
|
36
|
+
method: 'POST',
|
|
37
|
+
headers: { 'Content-Type': 'application/json' },
|
|
38
|
+
body: JSON.stringify({ code, redirect_uri: redirectUri }),
|
|
39
|
+
});
|
|
13
40
|
if (!response.ok) {
|
|
14
|
-
|
|
41
|
+
const body = await response.text();
|
|
42
|
+
throw new Error(`Token exchange failed (${response.status}): ${body}`);
|
|
15
43
|
}
|
|
16
|
-
|
|
44
|
+
const data = await response.json();
|
|
45
|
+
return {
|
|
46
|
+
token: data.data.token,
|
|
47
|
+
orgId: data.data.org_id,
|
|
48
|
+
userId: data.data.user_id,
|
|
49
|
+
email: data.data.email,
|
|
50
|
+
};
|
|
17
51
|
}
|
|
18
52
|
/**
|
|
19
|
-
*
|
|
53
|
+
* Validate a way_ token by making a lightweight API call
|
|
20
54
|
*/
|
|
21
|
-
export function
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
.
|
|
27
|
-
|
|
55
|
+
export async function validateToken(apiUrl, token) {
|
|
56
|
+
const response = await fetch(`${apiUrl}/api/ci/organizations`, {
|
|
57
|
+
headers: { Authorization: `Bearer ${token}` },
|
|
58
|
+
});
|
|
59
|
+
if (!response.ok) {
|
|
60
|
+
throw new Error(`Token validation failed (${response.status})`);
|
|
61
|
+
}
|
|
28
62
|
}
|
|
29
63
|
/**
|
|
30
64
|
* Start a local HTTP server that waits for the OAuth callback.
|
|
31
|
-
* Returns the authorization code received.
|
|
65
|
+
* Returns the authorization code and state received.
|
|
32
66
|
*/
|
|
33
|
-
export function startCallbackServer(port, timeoutMs = 120_000) {
|
|
67
|
+
export function startCallbackServer(port, expectedState, timeoutMs = 120_000) {
|
|
34
68
|
return new Promise((resolve, reject) => {
|
|
35
69
|
const server = http.createServer((req, res) => {
|
|
36
70
|
const url = new URL(req.url || '/', `http://127.0.0.1:${port}`);
|
|
37
71
|
if (url.pathname === '/callback') {
|
|
38
72
|
const code = url.searchParams.get('code');
|
|
73
|
+
const state = url.searchParams.get('state');
|
|
74
|
+
const error = url.searchParams.get('error');
|
|
75
|
+
const errorDescription = url.searchParams.get('error_description');
|
|
76
|
+
if (error) {
|
|
77
|
+
res.writeHead(400, { 'Content-Type': 'text/html' });
|
|
78
|
+
res.end(`<html><body><h2>Login failed</h2><p>${errorDescription || error}</p></body></html>`);
|
|
79
|
+
server.close();
|
|
80
|
+
reject(new Error(`OAuth callback error: ${errorDescription || error}`));
|
|
81
|
+
return;
|
|
82
|
+
}
|
|
83
|
+
// Validate state to prevent CSRF
|
|
84
|
+
if (state !== expectedState) {
|
|
85
|
+
res.writeHead(400, { 'Content-Type': 'text/html' });
|
|
86
|
+
res.end('<html><body><h2>Login failed</h2><p>Invalid state parameter</p></body></html>');
|
|
87
|
+
server.close();
|
|
88
|
+
reject(new Error('OAuth state mismatch — possible CSRF attack'));
|
|
89
|
+
return;
|
|
90
|
+
}
|
|
39
91
|
if (code) {
|
|
40
92
|
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
41
93
|
res.end('<html><body><h2>Login successful!</h2><p>You can close this tab and return to your terminal.</p></body></html>');
|
|
@@ -43,11 +95,10 @@ export function startCallbackServer(port, timeoutMs = 120_000) {
|
|
|
43
95
|
resolve({ code, port });
|
|
44
96
|
}
|
|
45
97
|
else {
|
|
46
|
-
const error = url.searchParams.get('error_description') || url.searchParams.get('error') || 'Unknown error';
|
|
47
98
|
res.writeHead(400, { 'Content-Type': 'text/html' });
|
|
48
|
-
res.end(
|
|
99
|
+
res.end('<html><body><h2>Login failed</h2><p>No authorization code received</p></body></html>');
|
|
49
100
|
server.close();
|
|
50
|
-
reject(new Error(
|
|
101
|
+
reject(new Error('No authorization code received'));
|
|
51
102
|
}
|
|
52
103
|
}
|
|
53
104
|
else {
|
|
@@ -102,113 +153,15 @@ export async function findAvailablePort() {
|
|
|
102
153
|
server.on('error', reject);
|
|
103
154
|
});
|
|
104
155
|
}
|
|
105
|
-
/**
|
|
106
|
-
* Register the CLI as an OAuth client via Dynamic Client Registration (RFC 7591).
|
|
107
|
-
* Returns the client_id for subsequent authorize/token requests.
|
|
108
|
-
*/
|
|
109
|
-
export async function registerOAuthClient(supabaseUrl, redirectUri) {
|
|
110
|
-
const response = await fetch(`${supabaseUrl}/auth/v1/oauth/clients/register`, {
|
|
111
|
-
method: 'POST',
|
|
112
|
-
headers: { 'Content-Type': 'application/json' },
|
|
113
|
-
body: JSON.stringify({
|
|
114
|
-
client_name: 'WayAI CLI',
|
|
115
|
-
redirect_uris: [redirectUri],
|
|
116
|
-
token_endpoint_auth_method: 'none',
|
|
117
|
-
}),
|
|
118
|
-
});
|
|
119
|
-
if (!response.ok) {
|
|
120
|
-
const body = await response.text();
|
|
121
|
-
throw new Error(`OAuth client registration failed (${response.status}): ${body}`);
|
|
122
|
-
}
|
|
123
|
-
const data = await response.json();
|
|
124
|
-
return data.client_id;
|
|
125
|
-
}
|
|
126
|
-
/**
|
|
127
|
-
* Exchange OAuth 2.1 authorization code for tokens (PKCE)
|
|
128
|
-
*/
|
|
129
|
-
export async function exchangeCodeForTokens(supabaseUrl, code, codeVerifier, clientId, redirectUri) {
|
|
130
|
-
const response = await fetch(`${supabaseUrl}/auth/v1/oauth/token`, {
|
|
131
|
-
method: 'POST',
|
|
132
|
-
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
133
|
-
body: new URLSearchParams({
|
|
134
|
-
grant_type: 'authorization_code',
|
|
135
|
-
code,
|
|
136
|
-
code_verifier: codeVerifier,
|
|
137
|
-
client_id: clientId,
|
|
138
|
-
redirect_uri: redirectUri,
|
|
139
|
-
}).toString(),
|
|
140
|
-
});
|
|
141
|
-
if (!response.ok) {
|
|
142
|
-
const body = await response.text();
|
|
143
|
-
throw new Error(`Token exchange failed (${response.status}): ${body}`);
|
|
144
|
-
}
|
|
145
|
-
const data = await response.json();
|
|
146
|
-
return {
|
|
147
|
-
accessToken: data.access_token,
|
|
148
|
-
refreshToken: data.refresh_token,
|
|
149
|
-
};
|
|
150
|
-
}
|
|
151
|
-
/**
|
|
152
|
-
* Refresh an OAuth access token using a refresh token (OAuth 2.1)
|
|
153
|
-
*/
|
|
154
|
-
export async function refreshAccessToken(supabaseUrl, refreshToken, clientId) {
|
|
155
|
-
const response = await fetch(`${supabaseUrl}/auth/v1/oauth/token`, {
|
|
156
|
-
method: 'POST',
|
|
157
|
-
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
158
|
-
body: new URLSearchParams({
|
|
159
|
-
grant_type: 'refresh_token',
|
|
160
|
-
refresh_token: refreshToken,
|
|
161
|
-
client_id: clientId,
|
|
162
|
-
}).toString(),
|
|
163
|
-
});
|
|
164
|
-
if (!response.ok) {
|
|
165
|
-
const body = await response.text();
|
|
166
|
-
throw new Error(`Token refresh failed (${response.status}): ${body}`);
|
|
167
|
-
}
|
|
168
|
-
const data = await response.json();
|
|
169
|
-
return {
|
|
170
|
-
accessToken: data.access_token,
|
|
171
|
-
refreshToken: data.refresh_token,
|
|
172
|
-
};
|
|
173
|
-
}
|
|
174
|
-
/**
|
|
175
|
-
* Exchange MCP token for a JWT via the backend
|
|
176
|
-
*/
|
|
177
|
-
export async function exchangeMcpToken(apiUrl, mcpToken) {
|
|
178
|
-
const response = await fetch(`${apiUrl}/auth/mcp/exchange`, {
|
|
179
|
-
method: 'POST',
|
|
180
|
-
headers: { 'Content-Type': 'application/json' },
|
|
181
|
-
body: JSON.stringify({ token: mcpToken }),
|
|
182
|
-
});
|
|
183
|
-
if (!response.ok) {
|
|
184
|
-
const body = await response.text();
|
|
185
|
-
throw new Error(`MCP token exchange failed (${response.status}): ${body}`);
|
|
186
|
-
}
|
|
187
|
-
const data = await response.json();
|
|
188
|
-
return data.access_token;
|
|
189
|
-
}
|
|
190
156
|
/**
|
|
191
157
|
* Get a valid access token from the current config.
|
|
192
|
-
*
|
|
158
|
+
* With way_ tokens, no refresh is needed — the token is used directly.
|
|
193
159
|
*/
|
|
194
160
|
export async function getAccessToken(config) {
|
|
195
|
-
if (config.
|
|
196
|
-
|
|
197
|
-
throw new Error('Invalid OAuth config. Run `wayai login` again.');
|
|
198
|
-
}
|
|
199
|
-
const result = await refreshAccessToken(config.supabase_url, config.refresh_token, config.client_id);
|
|
200
|
-
// Update stored refresh token (it rotates)
|
|
201
|
-
const { writeConfig } = await import('./config.js');
|
|
202
|
-
writeConfig({ ...config, refresh_token: result.refreshToken });
|
|
203
|
-
return result.accessToken;
|
|
204
|
-
}
|
|
205
|
-
if (config.auth_method === 'token') {
|
|
206
|
-
if (!config.mcp_token) {
|
|
207
|
-
throw new Error('Invalid token config. Run `wayai login --token` again.');
|
|
208
|
-
}
|
|
209
|
-
return exchangeMcpToken(config.api_url, config.mcp_token);
|
|
161
|
+
if (!config.token) {
|
|
162
|
+
throw new Error('No token found. Run `wayai login` to authenticate.');
|
|
210
163
|
}
|
|
211
|
-
|
|
164
|
+
return config.token;
|
|
212
165
|
}
|
|
213
166
|
/**
|
|
214
167
|
* Read config and get access token, or exit with error.
|
package/dist/lib/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAc,EACd,WAAmB,EACnB,KAAa;IAEb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,YAAY,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAC;IACzE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,uBAAuB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAElF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,KAAK,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAqB,CAAC;IACtD,OAAO,IAAI,CAAC,GAAG,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAAc,EACd,IAAY,EACZ,WAAmB;IAEnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,oBAAoB,EAAE;QAC1D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;KAC1D,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAE/B,CAAC;IAEF,OAAO;QACL,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;QACtB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;QACvB,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;QACzB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;KACvB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,MAAc,EAAE,KAAa;IAC/D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,uBAAuB,EAAE;QAC7D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE;KAC9C,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IAClE,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,IAAY,EACZ,aAAqB,EACrB,YAAoB,OAAO;IAE3B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YAC5C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,oBAAoB,IAAI,EAAE,CAAC,CAAC;YAEhE,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;gBACjC,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC5C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC5C,MAAM,gBAAgB,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;gBAEnE,IAAI,KAAK,EAAE,CAAC;oBACV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC,uCAAuC,gBAAgB,IAAI,KAAK,oBAAoB,CAAC,CAAC;oBAC9F,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,gBAAgB,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC;oBACxE,OAAO;gBACT,CAAC;gBAED,iCAAiC;gBACjC,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;oBAC5B,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC,+EAA+E,CAAC,CAAC;oBACzF,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC,CAAC;oBACjE,OAAO;gBACT,CAAC;gBAED,IAAI,IAAI,EAAE,CAAC;oBACT,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC,gHAAgH,CAAC,CAAC;oBAC1H,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC,sFAAsF,CAAC,CAAC;oBAChG,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC,CAAC;QAC7E,CAAC,EAAE,SAAS,CAAC,CAAC;QAEd,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;QAEhD,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAEjC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;YAChD,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC9B,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,IAAI,wBAAwB,CAAC,CAAC,CAAC;YAC1D,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAY;IAChD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;YACpC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;YACjC,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;YAC9B,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;gBACvB,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAC,CAAC;YACzE,CAAC;QACH,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,MAAiB;IACpD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;QACjD,aAAa,CAAC,WAAW,CAAC,CAAC;QAC3B,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IACjC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,0BAA0B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5F,OAAO,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}
|
package/dist/lib/config.d.ts
CHANGED
|
@@ -3,12 +3,8 @@
|
|
|
3
3
|
*/
|
|
4
4
|
export interface CliConfig {
|
|
5
5
|
api_url: string;
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
client_id?: string;
|
|
9
|
-
redirect_uri?: string;
|
|
10
|
-
refresh_token?: string;
|
|
11
|
-
mcp_token?: string;
|
|
6
|
+
/** The way_ API token */
|
|
7
|
+
token: string;
|
|
12
8
|
}
|
|
13
9
|
export declare function getConfigPath(): string;
|
|
14
10
|
export declare function readConfig(): CliConfig | null;
|
package/dist/lib/config.js
CHANGED
|
@@ -15,7 +15,16 @@ export function readConfig() {
|
|
|
15
15
|
}
|
|
16
16
|
try {
|
|
17
17
|
const content = fs.readFileSync(CONFIG_PATH, 'utf-8');
|
|
18
|
-
|
|
18
|
+
const parsed = JSON.parse(content);
|
|
19
|
+
// Handle legacy config format migration
|
|
20
|
+
if (parsed.mcp_token && !parsed.token) {
|
|
21
|
+
return { api_url: parsed.api_url, token: parsed.mcp_token };
|
|
22
|
+
}
|
|
23
|
+
if (parsed.auth_method === 'oauth' && !parsed.token) {
|
|
24
|
+
// Legacy OAuth config — user needs to re-login
|
|
25
|
+
return null;
|
|
26
|
+
}
|
|
27
|
+
return parsed;
|
|
19
28
|
}
|
|
20
29
|
catch {
|
|
21
30
|
return null;
|
package/dist/lib/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAQ9B,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,CAAC;AACrD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AAEzD,MAAM,UAAU,aAAa;IAC3B,OAAO,WAAW,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACtD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEnC,wCAAwC;QACxC,IAAI,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACtC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC;QAC9D,CAAC;QACD,IAAI,MAAM,CAAC,WAAW,KAAK,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACpD,+CAA+C;YAC/C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,MAAmB,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAiB;IAC3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE;QACpE,IAAI,EAAE,KAAK,EAAE,wBAAwB;KACtC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC"}
|
package/dist/lib/eval-format.js
CHANGED
|
@@ -11,7 +11,7 @@ export function printResultsTable(results, mode) {
|
|
|
11
11
|
let totalPassed = 0;
|
|
12
12
|
let totalRuns = 0;
|
|
13
13
|
for (const r of results) {
|
|
14
|
-
const evalName = r.eval?.eval_name || r.
|
|
14
|
+
const evalName = r.eval?.eval_name || r.eval_id.slice(0, 8);
|
|
15
15
|
const passed = `${r.successful_runs}/${r.total_runs} passed`;
|
|
16
16
|
const avgTime = r.avg_execution_time_ms != null ? `avg ${(r.avg_execution_time_ms / 1000).toFixed(1)}s` : '';
|
|
17
17
|
let scoresStr = '';
|
package/dist/lib/sentry.d.ts
CHANGED
|
@@ -27,8 +27,9 @@ export declare function captureException(error: unknown, context?: {
|
|
|
27
27
|
*/
|
|
28
28
|
export declare function addApiBreadcrumb(method: string, path: string): void;
|
|
29
29
|
/**
|
|
30
|
-
* Set the Sentry user from a JWT access token.
|
|
31
|
-
*
|
|
30
|
+
* Set the Sentry user from a way_ token or JWT access token.
|
|
31
|
+
* For way_ tokens, uses a hash prefix as the user identifier.
|
|
32
|
+
* For JWTs (legacy), decodes the payload to extract the `sub` claim.
|
|
32
33
|
*/
|
|
33
34
|
export declare function setSentryUser(accessToken: string): void;
|
|
34
35
|
/**
|
package/dist/lib/sentry.js
CHANGED
|
@@ -125,13 +125,25 @@ export function addApiBreadcrumb(method, path) {
|
|
|
125
125
|
});
|
|
126
126
|
}
|
|
127
127
|
/**
|
|
128
|
-
* Set the Sentry user from a JWT access token.
|
|
129
|
-
*
|
|
128
|
+
* Set the Sentry user from a way_ token or JWT access token.
|
|
129
|
+
* For way_ tokens, uses a hash prefix as the user identifier.
|
|
130
|
+
* For JWTs (legacy), decodes the payload to extract the `sub` claim.
|
|
130
131
|
*/
|
|
131
132
|
export function setSentryUser(accessToken) {
|
|
132
133
|
if (!initialized)
|
|
133
134
|
return;
|
|
134
135
|
try {
|
|
136
|
+
if (accessToken.startsWith('way_')) {
|
|
137
|
+
// way_ tokens are opaque — use a truncated hash as user identifier
|
|
138
|
+
const hash = require('node:crypto')
|
|
139
|
+
.createHash('sha256')
|
|
140
|
+
.update(accessToken)
|
|
141
|
+
.digest('hex')
|
|
142
|
+
.slice(0, 16);
|
|
143
|
+
Sentry.setUser({ id: `token:${hash}` });
|
|
144
|
+
return;
|
|
145
|
+
}
|
|
146
|
+
// Legacy JWT path
|
|
135
147
|
const payloadBase64 = accessToken.split('.')[1];
|
|
136
148
|
if (!payloadBase64)
|
|
137
149
|
return;
|
package/dist/lib/sentry.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sentry.js","sourceRoot":"","sources":["../../src/lib/sentry.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAElD,MAAM,aAAa,GAAG,iGAAiG,CAAC;AAExH,IAAI,WAAW,GAAG,KAAK,CAAC;AAExB,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC3F,OAAO,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,OAAgB;IACzC,IAAI,WAAW;QAAE,OAAO;IAExB,UAAU;IACV,IAAI,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,GAAG;QAAE,OAAO;IAEzD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,aAAa,CAAC;IAEpD,2EAA2E;IAC3E,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC,kBAAkB,EAAE;QAAE,OAAO;IAE7D,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAE7B,MAAM,CAAC,IAAI,CAAC;QACV,GAAG;QACH,gBAAgB,EAAE,CAAC;QACnB,OAAO,EAAE,aAAa,OAAO,EAAE;QAC/B,WAAW,EAAE,YAAY;QACzB,mBAAmB,EAAE,KAAK;QAC1B,UAAU,CAAC,KAAK;YACd,gDAAgD;YAChD,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,IAAI,IAAI,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC;gBACpC,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;oBAC3C,IAAI,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;wBAC7B,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;4BAC5C,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gCACpD,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;4BACrD,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC,CAAC;IAEH,mBAAmB;IACnB,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,SAAS,CAAC,CAAC;IAC/C,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC/C,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,EAAE,CAAC,CAAC;IACzC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEjC,WAAW,GAAG,IAAI,CAAC;AACrB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAc;IACjD,IACE,KAAK,YAAY,KAAK;QACtB,YAAY,IAAI,KAAK;QACpB,KAAiC,CAAC,UAAU,EAC7C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,KAAc,EACd,OAA4E;IAE5E,IAAI,CAAC,WAAW;QAAE,OAAO;IAEzB,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE;QACzB,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;YAClB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxD,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QACD,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;YACnB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzD,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QACD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAc,EAAE,IAAY;IAC3D,IAAI,CAAC,WAAW;QAAE,OAAO;IAEzB,MAAM,CAAC,aAAa,CAAC;QACnB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,GAAG,MAAM,IAAI,IAAI,EAAE;QAC5B,KAAK,EAAE,MAAM;KACd,CAAC,CAAC;AACL,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"sentry.js","sourceRoot":"","sources":["../../src/lib/sentry.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAElD,MAAM,aAAa,GAAG,iGAAiG,CAAC;AAExH,IAAI,WAAW,GAAG,KAAK,CAAC;AAExB,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC3F,OAAO,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,OAAgB;IACzC,IAAI,WAAW;QAAE,OAAO;IAExB,UAAU;IACV,IAAI,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,GAAG;QAAE,OAAO;IAEzD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,aAAa,CAAC;IAEpD,2EAA2E;IAC3E,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC,kBAAkB,EAAE;QAAE,OAAO;IAE7D,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAE7B,MAAM,CAAC,IAAI,CAAC;QACV,GAAG;QACH,gBAAgB,EAAE,CAAC;QACnB,OAAO,EAAE,aAAa,OAAO,EAAE;QAC/B,WAAW,EAAE,YAAY;QACzB,mBAAmB,EAAE,KAAK;QAC1B,UAAU,CAAC,KAAK;YACd,gDAAgD;YAChD,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,IAAI,IAAI,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC;gBACpC,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;oBAC3C,IAAI,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;wBAC7B,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;4BAC5C,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gCACpD,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;4BACrD,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC,CAAC;IAEH,mBAAmB;IACnB,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,SAAS,CAAC,CAAC;IAC/C,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC/C,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,EAAE,CAAC,CAAC;IACzC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEjC,WAAW,GAAG,IAAI,CAAC;AACrB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAc;IACjD,IACE,KAAK,YAAY,KAAK;QACtB,YAAY,IAAI,KAAK;QACpB,KAAiC,CAAC,UAAU,EAC7C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,KAAc,EACd,OAA4E;IAE5E,IAAI,CAAC,WAAW;QAAE,OAAO;IAEzB,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE;QACzB,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;YAClB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxD,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QACD,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;YACnB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzD,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QACD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAc,EAAE,IAAY;IAC3D,IAAI,CAAC,WAAW;QAAE,OAAO;IAEzB,MAAM,CAAC,aAAa,CAAC;QACnB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,GAAG,MAAM,IAAI,IAAI,EAAE;QAC5B,KAAK,EAAE,MAAM;KACd,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,WAAmB;IAC/C,IAAI,CAAC,WAAW;QAAE,OAAO;IAEzB,IAAI,CAAC;QACH,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,mEAAmE;YACnE,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC;iBAChC,UAAU,CAAC,QAAQ,CAAC;iBACpB,MAAM,CAAC,WAAW,CAAC;iBACnB,MAAM,CAAC,KAAK,CAAC;iBACb,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChB,MAAM,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,SAAS,IAAI,EAAE,EAAE,CAAC,CAAC;YACxC,OAAO;QACT,CAAC;QAED,kBAAkB;QAClB,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChD,IAAI,CAAC,aAAa;YAAE,OAAO;QAE3B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC/E,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,MAAM,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;IACnE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,IAAI,CAAC,WAAW;QAAE,OAAO;IACzB,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACzB,WAAW,GAAG,KAAK,CAAC;AACtB,CAAC"}
|