@wlfi-agent/cli 1.4.12 → 1.4.13

package/dist/wlfc/index.cjs

@@ -178,6 +178,31 @@ var getErrorMessage = (error) => {
   }
   return String(error);
 };
+var WC_STATUS_POLL_INTERVAL_MS = 1500;
+var sleep = (ms) => new Promise((resolve) => {
+  setTimeout(resolve, ms);
+});
+var waitForWcCompletionToken = async (client, requestId) => {
+  const deadline = Date.now() + DEFAULT_LOGIN_TIMEOUT_MS;
+  while (Date.now() < deadline) {
+    const status = await client.wcStatus({
+      consume: true,
+      requestId
+    });
+    const completed = status.completed === true;
+    const token = typeof status.token === "string" ? status.token.trim() : void 0;
+    if (completed && token) {
+      return token;
+    }
+    if (completed && !token) {
+      throw new Error(
+        "Backend reported wc completion without a session token payload"
+      );
+    }
+    await sleep(WC_STATUS_POLL_INTERVAL_MS);
+  }
+  throw new Error("Timed out waiting for wc completion; request expired");
+};
 var printJson = (value) => {
   console.log(JSON.stringify(value, null, 2));
 };
@@ -370,38 +395,33 @@ var getAuthedClient = async (flags) => {
     token
   });
 };
+var verifySessionToken = async (token) => {
+  const authedClient = _agentwalletsdk.createAgentWalletClient.call(void 0, {
+    baseUrl: resolveBaseUrl(),
+    token
+  });
+  try {
+    await authedClient.listProjects();
+  } catch (error) {
+    if (error instanceof _agentwalletsdk.AgentWalletSdkError && (error.status === 401 || error.status === 403)) {
+      throw new Error("Session token is not authorized");
+    }
+    console.warn(
+      `Warning: session token saved, but backend project query failed: ${getErrorMessage(error)}`
+    );
+  }
+};
+var saveSessionToken = async (token) => {
+  const config = await loadConfig();
+  await saveConfig({
+    ...config,
+    token
+  });
+  console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
+};
 var startCallbackServer = async (options) => {
   const { port } = options;
   const client = _agentwalletsdk.createAgentWalletClient.call(void 0, { baseUrl: resolveBaseUrl() });
-  let resolved = false;
-  let settle = null;
-  let rejectSettle = null;
-  let timeout;
-  const tokenPromise = new Promise((resolve, reject) => {
-    settle = resolve;
-    rejectSettle = reject;
-  });
-  const complete = (token) => {
-    if (resolved) {
-      return false;
-    }
-    resolved = true;
-    if (timeout) {
-      clearTimeout(timeout);
-    }
-    _optionalChain([settle, 'optionalCall', _3 => _3(token)]);
-    return true;
-  };
-  const fail = (error) => {
-    if (resolved) {
-      return;
-    }
-    resolved = true;
-    if (timeout) {
-      clearTimeout(timeout);
-    }
-    _optionalChain([rejectSettle, 'optionalCall', _4 => _4(error)]);
-  };
   const server = _http.createServer.call(void 0, async (request, response) => {
     const requestUrl = new URL(_nullishCoalesce(request.url, () => ( "/")), `http://127.0.0.1:${port}`);
     if (request.method === "GET" && requestUrl.pathname === "/") {
@@ -421,7 +441,7 @@ var startCallbackServer = async (options) => {
       <li><a href="/login">/login?requestId=&lt;id&gt;</a></li>
       <li><a href="/register">/register?requestId=&lt;id&gt;</a></li>
     </ul>
-    <p>This server will receive your session callback on <code>/callback</code>.</p>
+    <p>This server hosts local login/register pages while your terminal polls backend status.</p>
   </body>
 </html>`);
       return;
@@ -494,7 +514,7 @@ var startCallbackServer = async (options) => {
           if (!response.ok) {
             throw new Error(payload?.message || ("HTTP " + response.status));
           }
-          setStatus("Success. Session token has been sent to your terminal callback.");
+          setStatus("Success. Login completed. Return to terminal; it is polling for your session.");
           form.style.display = "none";
         } catch (error) {
           const message = error instanceof Error ? error.message : String(error);
@@ -696,7 +716,7 @@ var startCallbackServer = async (options) => {
             throw new Error(payload?.message || ("HTTP " + response.status));
           }
 
-          setStatus("Success. Session token has been sent to your terminal callback.");
+          setStatus("Success. Registration completed. Return to terminal; it is polling for your session.");
           totpForm.style.display = "none";
         } catch (error) {
           const message = error instanceof Error ? error.message : String(error);
@@ -712,7 +732,7 @@ var startCallbackServer = async (options) => {
       try {
         const rawBody = await readRequestBody(request);
         const parsed = JSON.parse(rawBody);
-        const payload = await client.wcLoginCompleteFromOtpSignature({
+        const payload = await client.wcLoginComplete({
           otpSignature: typeof parsed.otpSignature === "string" ? parsed.otpSignature : "",
           requestId: typeof parsed.requestId === "string" ? parsed.requestId : ""
         });
@@ -754,7 +774,7 @@ var startCallbackServer = async (options) => {
       try {
         const rawBody = await readRequestBody(request);
         const parsed = JSON.parse(rawBody);
-        const payload = await client.wcRegisterCompleteTotp({
+        const payload = await client.wcRegisterComplete({
           otpCode: typeof parsed.otpCode === "string" ? parsed.otpCode : "",
           requestId: typeof parsed.requestId === "string" ? parsed.requestId : "",
           totpId: typeof parsed.totpId === "string" ? parsed.totpId : ""
@@ -770,51 +790,14 @@ var startCallbackServer = async (options) => {
       }
       return;
     }
-    if (request.method === "GET" && requestUrl.pathname === "/callback") {
-      const token = _optionalChain([requestUrl, 'access', _5 => _5.searchParams, 'access', _6 => _6.get, 'call', _7 => _7("token"), 'optionalAccess', _8 => _8.trim, 'call', _9 => _9()]);
-      if (!token) {
-        response.statusCode = 400;
-        response.setHeader("Content-Type", "application/json");
-        response.end(
-          JSON.stringify({ message: "Missing token query parameter" })
-        );
-        return;
-      }
-      const accepted = complete(token);
-      response.statusCode = accepted ? 200 : 409;
-      response.setHeader("Content-Type", "text/html; charset=utf-8");
-      response.end(`<!doctype html>
-<html>
-  <head><meta charset="utf-8" /><title>wlfc login callback</title></head>
-  <body style="font-family: ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; margin: 24px;">
-    <h1>${accepted ? "wlfc login completed" : "wlfc callback already consumed"}</h1>
-    <p>You can return to your terminal.</p>
-  </body>
-</html>`);
-      return;
-    }
-    if (request.method === "POST" && requestUrl.pathname === "/callback") {
-      try {
-        const rawBody = await readRequestBody(request);
-        const parsed = JSON.parse(rawBody);
-        const token = typeof parsed === "object" && parsed !== null && "token" in parsed && typeof parsed.token === "string" ? parsed.token.trim() : "";
-        if (!token) {
-          response.statusCode = 400;
-          response.setHeader("Content-Type", "application/json");
-          response.end(
-            JSON.stringify({ message: "Missing token in callback payload" })
-          );
-          return;
-        }
-        const accepted = complete(token);
-        response.statusCode = accepted ? 200 : 409;
-        response.setHeader("Content-Type", "application/json");
-        response.end(JSON.stringify({ ok: accepted }));
-      } catch (error) {
-        response.statusCode = 400;
-        response.setHeader("Content-Type", "application/json");
-        response.end(JSON.stringify(getErrorPayload(error)));
-      }
+    if (requestUrl.pathname === "/callback") {
+      response.statusCode = 410;
+      response.setHeader("Content-Type", "application/json");
+      response.end(
+        JSON.stringify({
+          message: "Callback endpoint is no longer used. Complete the flow in browser and wait for CLI polling."
+        })
+      );
       return;
     }
     response.statusCode = 404;
@@ -829,13 +812,6 @@ var startCallbackServer = async (options) => {
       resolve();
     });
   });
-  timeout = setTimeout(() => {
-    fail(
-      new Error(
-        `Timed out waiting for callback on http://127.0.0.1:${port}/callback`
-      )
-    );
-  }, DEFAULT_LOGIN_TIMEOUT_MS);
   const close = async () => {
     await new Promise((resolve) => {
       server.close(() => resolve());
@@ -843,30 +819,14 @@ var startCallbackServer = async (options) => {
   };
   return {
     callbackUrl: `http://127.0.0.1:${port}/callback`,
-    close,
-    waitForToken: async () => {
-      try {
-        return await tokenPromise;
-      } finally {
-        await close();
-      }
-    }
+    close
   };
 };
 var login = async (args, flags) => {
   const token = (_nullishCoalesce(flags.token, () => ( ""))).trim();
   if (token) {
-    const client2 = _agentwalletsdk.createAgentWalletClient.call(void 0, {
-      baseUrl: resolveBaseUrl(),
-      token
-    });
-    await client2.listProjects();
-    const config2 = await loadConfig();
-    await saveConfig({
-      ...config2,
-      token
-    });
-    console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
+    await verifySessionToken(token);
+    await saveSessionToken(token);
     return;
   }
   const email = (_nullishCoalesce(_nullishCoalesce(flags.email, () => ( args[0])), () => ( ""))).trim().toLowerCase();
@@ -907,20 +867,11 @@ var login = async (args, flags) => {
   if (!loginResult.token) {
     throw new Error("Login response did not include a session token");
   }
-  const authedClient = _agentwalletsdk.createAgentWalletClient.call(void 0, {
-    baseUrl: resolveBaseUrl(),
-    token: loginResult.token
-  });
-  await authedClient.listProjects();
-  const config = await loadConfig();
-  await saveConfig({
-    ...config,
-    token: loginResult.token
-  });
-  console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
+  await verifySessionToken(loginResult.token);
+  await saveSessionToken(loginResult.token);
 };
 var register = async (args, flags) => {
-  const email = _optionalChain([args, 'access', _10 => _10[0], 'optionalAccess', _11 => _11.trim, 'call', _12 => _12(), 'access', _13 => _13.toLowerCase, 'call', _14 => _14()]);
+  const email = _optionalChain([args, 'access', _3 => _3[0], 'optionalAccess', _4 => _4.trim, 'call', _5 => _5(), 'access', _6 => _6.toLowerCase, 'call', _7 => _7()]);
   if (!email) {
     throw new Error("register requires an email argument");
   }
@@ -946,21 +897,15 @@ var register = async (args, flags) => {
 ${start.setupUrl}`
       );
     }
-    const callbackToken = await callback.waitForToken();
-    const authedClient = _agentwalletsdk.createAgentWalletClient.call(void 0, {
-      baseUrl: resolveBaseUrl(),
-      token: callbackToken
-    });
-    await authedClient.listProjects();
-    const config = await loadConfig();
-    await saveConfig({
-      ...config,
-      token: callbackToken
-    });
-    console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
-  } catch (error) {
+    console.log("Waiting for registration completion...");
+    const callbackToken = await waitForWcCompletionToken(
+      client,
+      start.requestId
+    );
+    await verifySessionToken(callbackToken);
+    await saveSessionToken(callbackToken);
+  } finally {
     await callback.close();
-    throw error;
   }
 };
 var logout = async () => {
@@ -1046,7 +991,7 @@ var doctor = async (flags) => {
         return count;
       }
       const secret = new URL(content).searchParams.get("secret");
-      return _optionalChain([secret, 'optionalAccess', _15 => _15.trim, 'call', _16 => _16()]) ? count + 1 : count;
+      return _optionalChain([secret, 'optionalAccess', _8 => _8.trim, 'call', _9 => _9()]) ? count + 1 : count;
     }, 0);
     checks.push({
       detail: otpSecrets > 0 ? `${otpSecrets} OTP secret file(s) found in ${OTP_DIR}` : `No valid OTP secret found in ${OTP_DIR}`,
@@ -1096,7 +1041,7 @@ var doctor = async (flags) => {
     try {
       const configs = await client.listWalletConfigs();
       const activePolicies = configs.filter(
-        (configItem) => Boolean(configItem.policy) && _optionalChain([configItem, 'access', _17 => _17.policy, 'optionalAccess', _18 => _18.status]) !== "deleted"
+        (configItem) => Boolean(configItem.policy) && _optionalChain([configItem, 'access', _10 => _10.policy, 'optionalAccess', _11 => _11.status]) !== "deleted"
       ).length;
       checks.push({
         detail: `${activePolicies} wallet policy config(s) visible`,

package/dist/wlfc/index.js

@@ -178,6 +178,31 @@ var getErrorMessage = (error) => {
   }
   return String(error);
 };
+var WC_STATUS_POLL_INTERVAL_MS = 1500;
+var sleep = (ms) => new Promise((resolve) => {
+  setTimeout(resolve, ms);
+});
+var waitForWcCompletionToken = async (client, requestId) => {
+  const deadline = Date.now() + DEFAULT_LOGIN_TIMEOUT_MS;
+  while (Date.now() < deadline) {
+    const status = await client.wcStatus({
+      consume: true,
+      requestId
+    });
+    const completed = status.completed === true;
+    const token = typeof status.token === "string" ? status.token.trim() : void 0;
+    if (completed && token) {
+      return token;
+    }
+    if (completed && !token) {
+      throw new Error(
+        "Backend reported wc completion without a session token payload"
+      );
+    }
+    await sleep(WC_STATUS_POLL_INTERVAL_MS);
+  }
+  throw new Error("Timed out waiting for wc completion; request expired");
+};
 var printJson = (value) => {
   console.log(JSON.stringify(value, null, 2));
 };
@@ -370,38 +395,33 @@ var getAuthedClient = async (flags) => {
     token
   });
 };
+var verifySessionToken = async (token) => {
+  const authedClient = createAgentWalletClient({
+    baseUrl: resolveBaseUrl(),
+    token
+  });
+  try {
+    await authedClient.listProjects();
+  } catch (error) {
+    if (error instanceof AgentWalletSdkError && (error.status === 401 || error.status === 403)) {
+      throw new Error("Session token is not authorized");
+    }
+    console.warn(
+      `Warning: session token saved, but backend project query failed: ${getErrorMessage(error)}`
+    );
+  }
+};
+var saveSessionToken = async (token) => {
+  const config = await loadConfig();
+  await saveConfig({
+    ...config,
+    token
+  });
+  console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
+};
 var startCallbackServer = async (options) => {
   const { port } = options;
   const client = createAgentWalletClient({ baseUrl: resolveBaseUrl() });
-  let resolved = false;
-  let settle = null;
-  let rejectSettle = null;
-  let timeout;
-  const tokenPromise = new Promise((resolve, reject) => {
-    settle = resolve;
-    rejectSettle = reject;
-  });
-  const complete = (token) => {
-    if (resolved) {
-      return false;
-    }
-    resolved = true;
-    if (timeout) {
-      clearTimeout(timeout);
-    }
-    settle?.(token);
-    return true;
-  };
-  const fail = (error) => {
-    if (resolved) {
-      return;
-    }
-    resolved = true;
-    if (timeout) {
-      clearTimeout(timeout);
-    }
-    rejectSettle?.(error);
-  };
   const server = createServer(async (request, response) => {
     const requestUrl = new URL(request.url ?? "/", `http://127.0.0.1:${port}`);
     if (request.method === "GET" && requestUrl.pathname === "/") {
@@ -421,7 +441,7 @@ var startCallbackServer = async (options) => {
       <li><a href="/login">/login?requestId=&lt;id&gt;</a></li>
       <li><a href="/register">/register?requestId=&lt;id&gt;</a></li>
     </ul>
-    <p>This server will receive your session callback on <code>/callback</code>.</p>
+    <p>This server hosts local login/register pages while your terminal polls backend status.</p>
   </body>
 </html>`);
       return;
@@ -494,7 +514,7 @@ var startCallbackServer = async (options) => {
           if (!response.ok) {
             throw new Error(payload?.message || ("HTTP " + response.status));
           }
-          setStatus("Success. Session token has been sent to your terminal callback.");
+          setStatus("Success. Login completed. Return to terminal; it is polling for your session.");
           form.style.display = "none";
         } catch (error) {
           const message = error instanceof Error ? error.message : String(error);
@@ -696,7 +716,7 @@ var startCallbackServer = async (options) => {
             throw new Error(payload?.message || ("HTTP " + response.status));
           }
 
-          setStatus("Success. Session token has been sent to your terminal callback.");
+          setStatus("Success. Registration completed. Return to terminal; it is polling for your session.");
           totpForm.style.display = "none";
         } catch (error) {
           const message = error instanceof Error ? error.message : String(error);
@@ -712,7 +732,7 @@ var startCallbackServer = async (options) => {
       try {
         const rawBody = await readRequestBody(request);
         const parsed = JSON.parse(rawBody);
-        const payload = await client.wcLoginCompleteFromOtpSignature({
+        const payload = await client.wcLoginComplete({
           otpSignature: typeof parsed.otpSignature === "string" ? parsed.otpSignature : "",
           requestId: typeof parsed.requestId === "string" ? parsed.requestId : ""
         });
@@ -754,7 +774,7 @@ var startCallbackServer = async (options) => {
       try {
         const rawBody = await readRequestBody(request);
         const parsed = JSON.parse(rawBody);
-        const payload = await client.wcRegisterCompleteTotp({
+        const payload = await client.wcRegisterComplete({
           otpCode: typeof parsed.otpCode === "string" ? parsed.otpCode : "",
           requestId: typeof parsed.requestId === "string" ? parsed.requestId : "",
           totpId: typeof parsed.totpId === "string" ? parsed.totpId : ""
@@ -770,51 +790,14 @@ var startCallbackServer = async (options) => {
       }
       return;
     }
-    if (request.method === "GET" && requestUrl.pathname === "/callback") {
-      const token = requestUrl.searchParams.get("token")?.trim();
-      if (!token) {
-        response.statusCode = 400;
-        response.setHeader("Content-Type", "application/json");
-        response.end(
-          JSON.stringify({ message: "Missing token query parameter" })
-        );
-        return;
-      }
-      const accepted = complete(token);
-      response.statusCode = accepted ? 200 : 409;
-      response.setHeader("Content-Type", "text/html; charset=utf-8");
-      response.end(`<!doctype html>
-<html>
-  <head><meta charset="utf-8" /><title>wlfc login callback</title></head>
-  <body style="font-family: ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; margin: 24px;">
-    <h1>${accepted ? "wlfc login completed" : "wlfc callback already consumed"}</h1>
-    <p>You can return to your terminal.</p>
-  </body>
-</html>`);
-      return;
-    }
-    if (request.method === "POST" && requestUrl.pathname === "/callback") {
-      try {
-        const rawBody = await readRequestBody(request);
-        const parsed = JSON.parse(rawBody);
-        const token = typeof parsed === "object" && parsed !== null && "token" in parsed && typeof parsed.token === "string" ? parsed.token.trim() : "";
-        if (!token) {
-          response.statusCode = 400;
-          response.setHeader("Content-Type", "application/json");
-          response.end(
-            JSON.stringify({ message: "Missing token in callback payload" })
-          );
-          return;
-        }
-        const accepted = complete(token);
-        response.statusCode = accepted ? 200 : 409;
-        response.setHeader("Content-Type", "application/json");
-        response.end(JSON.stringify({ ok: accepted }));
-      } catch (error) {
-        response.statusCode = 400;
-        response.setHeader("Content-Type", "application/json");
-        response.end(JSON.stringify(getErrorPayload(error)));
-      }
+    if (requestUrl.pathname === "/callback") {
+      response.statusCode = 410;
+      response.setHeader("Content-Type", "application/json");
+      response.end(
+        JSON.stringify({
+          message: "Callback endpoint is no longer used. Complete the flow in browser and wait for CLI polling."
+        })
+      );
       return;
     }
     response.statusCode = 404;
@@ -829,13 +812,6 @@ var startCallbackServer = async (options) => {
       resolve();
     });
   });
-  timeout = setTimeout(() => {
-    fail(
-      new Error(
-        `Timed out waiting for callback on http://127.0.0.1:${port}/callback`
-      )
-    );
-  }, DEFAULT_LOGIN_TIMEOUT_MS);
   const close = async () => {
     await new Promise((resolve) => {
       server.close(() => resolve());
@@ -843,30 +819,14 @@ var startCallbackServer = async (options) => {
   };
   return {
     callbackUrl: `http://127.0.0.1:${port}/callback`,
-    close,
-    waitForToken: async () => {
-      try {
-        return await tokenPromise;
-      } finally {
-        await close();
-      }
-    }
+    close
   };
 };
 var login = async (args, flags) => {
   const token = (flags.token ?? "").trim();
   if (token) {
-    const client2 = createAgentWalletClient({
-      baseUrl: resolveBaseUrl(),
-      token
-    });
-    await client2.listProjects();
-    const config2 = await loadConfig();
-    await saveConfig({
-      ...config2,
-      token
-    });
-    console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
+    await verifySessionToken(token);
+    await saveSessionToken(token);
     return;
   }
   const email = (flags.email ?? args[0] ?? "").trim().toLowerCase();
@@ -907,17 +867,8 @@ var login = async (args, flags) => {
   if (!loginResult.token) {
     throw new Error("Login response did not include a session token");
   }
-  const authedClient = createAgentWalletClient({
-    baseUrl: resolveBaseUrl(),
-    token: loginResult.token
-  });
-  await authedClient.listProjects();
-  const config = await loadConfig();
-  await saveConfig({
-    ...config,
-    token: loginResult.token
-  });
-  console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
+  await verifySessionToken(loginResult.token);
+  await saveSessionToken(loginResult.token);
 };
 var register = async (args, flags) => {
   const email = args[0]?.trim().toLowerCase();
@@ -946,21 +897,15 @@ var register = async (args, flags) => {
 ${start.setupUrl}`
       );
     }
-    const callbackToken = await callback.waitForToken();
-    const authedClient = createAgentWalletClient({
-      baseUrl: resolveBaseUrl(),
-      token: callbackToken
-    });
-    await authedClient.listProjects();
-    const config = await loadConfig();
-    await saveConfig({
-      ...config,
-      token: callbackToken
-    });
-    console.log("Saved credentials to ~/.config/wlfc-agent/config.json");
-  } catch (error) {
+    console.log("Waiting for registration completion...");
+    const callbackToken = await waitForWcCompletionToken(
+      client,
+      start.requestId
+    );
+    await verifySessionToken(callbackToken);
+    await saveSessionToken(callbackToken);
+  } finally {
     await callback.close();
-    throw error;
   }
 };
 var logout = async () => {

package/package.json

@@ -34,7 +34,7 @@
   "name": "@wlfi-agent/cli",
   "private": false,
   "type": "module",
-  "version": "1.4.12",
+  "version": "1.4.13",
   "scripts": {
     "build": "tsup",
     "clean": "rm -rf .turbo node_modules dist",