npm - @workjournal/shared - Versions diffs - 0.1.0 → 0.2.0 - Mend

@workjournal/shared 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/auth.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+export interface PkceParams {
+    verifier: string;
+    challenge: string;
+}
+export declare function generatePkce(): PkceParams;
+export declare function buildAuthorizeUrl(challenge: string, opts?: {
+    appUrl?: string;
+}): string;
+export interface ExchangeResult {
+    access_token: string;
+    refresh_token: string | null;
+    expires_in: number;
+}
+/**
+ * Exchange a CLI-flow code (and its PKCE verifier) for Supabase session
+ * tokens. Throws on transport failure, request timeout (15s), or non-2xx
+ * upstream response. Caller is responsible for persisting the result.
+ */
+export declare function exchangeLoginCode(code: string, verifier: string, opts?: {
+    apiUrl?: string;
+}): Promise<ExchangeResult>;
+//# sourceMappingURL=auth.d.ts.map

package/dist/auth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,UAAU;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,YAAY,IAAI,UAAU,CAIzC;AAMD,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAUvF;AAED,MAAM,WAAW,cAAc;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACnB;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CACtC,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GACxB,OAAO,CAAC,cAAc,CAAC,CA4CzB"}

package/dist/auth.js ADDED Viewed

@@ -0,0 +1,72 @@
+import { createHash, randomBytes } from 'node:crypto';
+const APP_URL = process.env['WORKJOURNAL_APP_URL'] ?? 'https://app.workjournal.pro';
+const API_URL = process.env['WORKJOURNAL_API_URL'] ?? 'https://api.workjournal.pro';
+const OOB_REDIRECT_URI = 'urn:ietf:wg:oauth:2.0:oob';
+export function generatePkce() {
+    const verifier = randomBytes(32).toString('base64url');
+    const challenge = createHash('sha256').update(verifier).digest('base64url');
+    return { verifier, challenge };
+}
+function generateState() {
+    return randomBytes(16).toString('hex');
+}
+export function buildAuthorizeUrl(challenge, opts) {
+    const base = opts?.appUrl ?? APP_URL;
+    const state = generateState();
+    return (`${base}/authorize?client_id=workjournal-cli` +
+        `&redirect_uri=${encodeURIComponent(OOB_REDIRECT_URI)}` +
+        `&state=${state}` +
+        `&code_challenge=${challenge}` +
+        `&code_challenge_method=S256`);
+}
+/**
+ * Exchange a CLI-flow code (and its PKCE verifier) for Supabase session
+ * tokens. Throws on transport failure, request timeout (15s), or non-2xx
+ * upstream response. Caller is responsible for persisting the result.
+ */
+export async function exchangeLoginCode(code, verifier, opts) {
+    const apiUrl = opts?.apiUrl ?? API_URL;
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), 15_000);
+    let res;
+    try {
+        res = await fetch(`${apiUrl}/v1/auth/cli/exchange`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ code, code_verifier: verifier }),
+            signal: controller.signal,
+        });
+    }
+    catch (error) {
+        clearTimeout(timeout);
+        const message = error instanceof Error && error.name === 'AbortError'
+            ? 'Request timed out after 15s'
+            : error instanceof Error
+                ? error.message
+                : String(error);
+        throw new Error(`Failed to exchange code: ${message}`);
+    }
+    // Keep the AbortController active across body-read so a hung-mid-stream
+    // upstream still trips the 15s timeout. clearTimeout fires only after the
+    // body is fully consumed (or the read itself throws).
+    try {
+        if (!res.ok) {
+            const text = await res.text();
+            let message = text;
+            try {
+                const parsed = JSON.parse(text);
+                if (parsed.error?.message)
+                    message = parsed.error.message;
+            }
+            catch {
+                // keep raw text
+            }
+            throw new Error(`Failed to exchange code (${res.status}): ${message}`);
+        }
+        return (await res.json());
+    }
+    finally {
+        clearTimeout(timeout);
+    }
+}
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,6BAA6B,CAAC;AACpF,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,6BAA6B,CAAC;AACpF,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAOrD,MAAM,UAAU,YAAY;IAC3B,MAAM,QAAQ,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC5E,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AAChC,CAAC;AAED,SAAS,aAAa;IACrB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,SAAiB,EAAE,IAA0B;IAC9E,MAAM,IAAI,GAAG,IAAI,EAAE,MAAM,IAAI,OAAO,CAAC;IACrC,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;IAC9B,OAAO,CACN,GAAG,IAAI,sCAAsC;QAC7C,iBAAiB,kBAAkB,CAAC,gBAAgB,CAAC,EAAE;QACvD,UAAU,KAAK,EAAE;QACjB,mBAAmB,SAAS,EAAE;QAC9B,6BAA6B,CAC7B,CAAC;AACH,CAAC;AAQD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACtC,IAAY,EACZ,QAAgB,EAChB,IAA0B;IAE1B,MAAM,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,OAAO,CAAC;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,MAAM,CAAC,CAAC;IAE7D,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACJ,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,uBAAuB,EAAE;YACnD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;YACvD,MAAM,EAAE,UAAU,CAAC,MAAM;SACzB,CAAC,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QAChB,YAAY,CAAC,OAAO,CAAC,CAAC;QACtB,MAAM,OAAO,GACZ,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY;YACpD,CAAC,CAAC,6BAA6B;YAC/B,CAAC,CAAC,KAAK,YAAY,KAAK;gBACvB,CAAC,CAAC,KAAK,CAAC,OAAO;gBACf,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,wEAAwE;IACxE,0EAA0E;IAC1E,sDAAsD;IACtD,IAAI,CAAC;QACJ,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC9B,IAAI,OAAO,GAAG,IAAI,CAAC;YACnB,IAAI,CAAC;gBACJ,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAqC,CAAC;gBACpE,IAAI,MAAM,CAAC,KAAK,EAAE,OAAO;oBAAE,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC;YAC3D,CAAC;YAAC,MAAM,CAAC;gBACR,gBAAgB;YACjB,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,CAAC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAmB,CAAC;IAC7C,CAAC;YAAS,CAAC;QACV,YAAY,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC;AACF,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@workjournal/shared",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Shared types, constants, and credential helpers for the Workjournal CLI and MCP server.",
   "license": "MIT",
   "type": "module",
@@ -12,6 +12,10 @@
     "./credentials": {
       "types": "./dist/credentials.d.ts",
       "import": "./dist/credentials.js"
+    },
+    "./auth": {
+      "types": "./dist/auth.d.ts",
+      "import": "./dist/auth.js"
     }
   },
   "files": [