@zapier/zapier-sdk-cli 0.1.1 → 0.2.0

package/dist/utils/schema-formatter.js

@@ -1,10 +1,4 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.formatItemsFromSchema = formatItemsFromSchema;
-const chalk_1 = __importDefault(require("chalk"));
+import chalk from "chalk";
 function getFormatMetadata(schema) {
     return schema?._def?.formatMeta;
 }
@@ -14,7 +8,7 @@ function getOutputSchema(schema) {
 // ============================================================================
 // Generic Schema-Driven Formatter
 // ============================================================================
-function formatItemsFromSchema(inputSchema, items) {
+export function formatItemsFromSchema(inputSchema, items) {
     // Get the output schema and its format metadata
     const outputSchema = getOutputSchema(inputSchema);
     if (!outputSchema) {
@@ -37,9 +31,9 @@ function formatSingleItem(item, index, formatMeta) {
     // Get the formatted item from the format function
     const formatted = formatMeta.format(item);
     // Build the main title line
-    let titleLine = `${chalk_1.default.gray(`${index + 1}.`)} ${chalk_1.default.cyan(formatted.title)}`;
+    let titleLine = `${chalk.gray(`${index + 1}.`)} ${chalk.cyan(formatted.title)}`;
     if (formatted.subtitle) {
-        titleLine += ` ${chalk_1.default.gray(formatted.subtitle)}`;
+        titleLine += ` ${chalk.gray(formatted.subtitle)}`;
     }
     console.log(titleLine);
     // Format detail lines
@@ -52,25 +46,25 @@ function formatSingleItem(item, index, formatMeta) {
 function applyStyle(value, style) {
     switch (style) {
         case "dim":
-            return chalk_1.default.dim(value);
+            return chalk.dim(value);
         case "accent":
-            return chalk_1.default.magenta(value);
+            return chalk.magenta(value);
         case "warning":
-            return chalk_1.default.red(value);
+            return chalk.red(value);
         case "success":
-            return chalk_1.default.green(value);
+            return chalk.green(value);
         case "normal":
         default:
-            return chalk_1.default.blue(value);
+            return chalk.blue(value);
     }
 }
 function formatItemsGeneric(items) {
     // Fallback formatting for items without schema metadata
     items.forEach((item, index) => {
         const name = item.name || item.key || item.id || "Item";
-        console.log(`${chalk_1.default.gray(`${index + 1}.`)} ${chalk_1.default.cyan(name)}`);
+        console.log(`${chalk.gray(`${index + 1}.`)} ${chalk.cyan(name)}`);
         if (item.description) {
-            console.log(`   ${chalk_1.default.dim(item.description)}`);
+            console.log(`   ${chalk.dim(item.description)}`);
         }
         console.log();
     });

package/dist/utils/serializeAsync.d.ts

@@ -0,0 +1,2 @@
+declare const serializeAsync: <R, A extends []>(fn: (...args: A) => Promise<R>) => ((...args: A) => Promise<R>);
+export default serializeAsync;

package/dist/utils/serializeAsync.js

@@ -0,0 +1,16 @@
+import { createHash } from "node:crypto";
+const promises = {};
+const serializeAsync = (fn) => async (...args) => {
+    const hash = createHash("sha256")
+        .update(fn.toString(), "utf8")
+        .digest()
+        .toString("hex");
+    const promise = promises[hash];
+    if (!promise) {
+        promises[hash] = fn(...args).finally(() => {
+            delete promises[hash];
+        });
+    }
+    return promises[hash];
+};
+export default serializeAsync;

package/dist/utils/spinner.d.ts

@@ -0,0 +1 @@
+export declare const spinPromise: <T>(promise: Promise<T>, text: string) => Promise<T>;

package/dist/utils/spinner.js

@@ -0,0 +1,13 @@
+import ora from "ora";
+export const spinPromise = async (promise, text) => {
+    const spinner = ora(text).start();
+    try {
+        const result = await promise;
+        spinner.succeed();
+        return result;
+    }
+    catch (error) {
+        spinner.fail();
+        throw error;
+    }
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zapier/zapier-sdk-cli",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "Command line interface for Zapier SDK",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -22,13 +22,20 @@
     "chalk": "^5.3.0",
     "cli-table3": "^0.6.5",
     "commander": "^12.0.0",
+    "conf": "^14.0.0",
+    "express": "^5.1.0",
     "inquirer": "^12.6.3",
+    "jsonwebtoken": "^9.0.2",
+    "open": "^10.2.0",
     "ora": "^8.2.0",
+    "pkce-challenge": "^5.0.0",
     "zod": "^3.25.67",
-    "@zapier/zapier-sdk": "0.1.1"
+    "@zapier/zapier-sdk": "0.2.0"
   },
   "devDependencies": {
+    "@types/express": "^5.0.3",
     "@types/inquirer": "^9.0.8",
+    "@types/jsonwebtoken": "^9.0.10",
     "@types/node": "^24.0.1",
     "typescript": "^5.8.3",
     "vitest": "^3.2.3"

package/src/cli.ts

@@ -3,6 +3,13 @@
 import { Command } from "commander";
 import { createZapierSdk } from "@zapier/zapier-sdk";
 import { generateCliCommands } from "./utils/cli-generator";
+import { ensureValidToken } from "./utils/auth/ensureValidToken";
+import {
+  createLoginCommand,
+  createLogoutCommand,
+  createWhoamiCommand,
+  createConfigPathCommand,
+} from "./commands";
 
 const program = new Command();
 
@@ -16,13 +23,18 @@ program
 const isDebugMode =
   process.env.DEBUG === "true" || process.argv.includes("--debug");
 
-// Create SDK instance for CLI operations
-// Auth will be resolved from environment variables or command options
+// Create SDK instance with dynamic token resolution
 const sdk = createZapierSdk({
-  // Token will be picked up from ZAPIER_TOKEN env var or provided via options
+  getToken: ensureValidToken,
   debug: isDebugMode,
 });
 
+// Add auth commands before generating SDK commands
+program.addCommand(createLoginCommand());
+program.addCommand(createLogoutCommand());
+program.addCommand(createWhoamiCommand());
+program.addCommand(createConfigPathCommand());
+
 // Generate CLI commands from SDK schemas
 generateCliCommands(program, sdk);
 

package/src/commands/configPath.ts

@@ -0,0 +1,10 @@
+import { Command } from "commander";
+import { getConfigPath } from "../utils/getConfigPath";
+
+export function createConfigPathCommand(): Command {
+  return new Command("get-config-path")
+    .description("Show the path to the configuration file")
+    .action(async () => {
+      console.log(`Configuration file: ${getConfigPath()}`);
+    });
+}

package/src/commands/index.ts

@@ -0,0 +1,4 @@
+export { createLoginCommand } from "./login";
+export { createLogoutCommand } from "./logout";
+export { createWhoamiCommand } from "./whoami";
+export { createConfigPathCommand } from "./configPath";

package/src/commands/login.ts

@@ -0,0 +1,34 @@
+import { Command } from "commander";
+import login from "../utils/auth/login";
+import getLoggedInUser from "../utils/auth/getLoggedInUser";
+
+export function createLoginCommand(): Command {
+  return new Command("login")
+    .description("Log in to Zapier to access your account")
+    .option(
+      "--timeout <seconds>",
+      "Login timeout in seconds (default: 300)",
+      "300",
+    )
+    .action(async (options) => {
+      try {
+        const timeoutSeconds = parseInt(options.timeout, 10);
+        if (isNaN(timeoutSeconds) || timeoutSeconds <= 0) {
+          throw new Error("Timeout must be a positive number");
+        }
+        await login(timeoutSeconds * 1000); // Convert to milliseconds
+        const user = await getLoggedInUser();
+
+        console.log(`✅ Successfully logged in as ${user.email}`);
+
+        // Force immediate exit to prevent hanging (especially in development with tsx)
+        setTimeout(() => process.exit(0), 100);
+      } catch (error) {
+        console.error(
+          "❌ Login failed:",
+          error instanceof Error ? error.message : "Unknown error",
+        );
+        process.exit(1);
+      }
+    });
+}

package/src/commands/logout.ts

@@ -0,0 +1,19 @@
+import { Command } from "commander";
+import logout from "../utils/auth/logout";
+
+export function createLogoutCommand(): Command {
+  return new Command("logout")
+    .description("Log out of your Zapier account")
+    .action(async () => {
+      try {
+        logout();
+        console.log("✅ Successfully logged out");
+      } catch (error) {
+        console.error(
+          "❌ Logout failed:",
+          error instanceof Error ? error.message : "Unknown error",
+        );
+        process.exit(1);
+      }
+    });
+}

package/src/commands/whoami.ts

@@ -0,0 +1,20 @@
+import { Command } from "commander";
+import getLoggedInUser from "../utils/auth/getLoggedInUser";
+
+export function createWhoamiCommand(): Command {
+  return new Command("whoami")
+    .description("Show current login status and user information")
+    .action(async () => {
+      try {
+        const user = await getLoggedInUser();
+        console.log(
+          `✅ Logged in as ${user.email} (Account ID: ${user.accountId})`,
+        );
+      } catch {
+        console.log(
+          "❌ Not logged in. Use 'zapier-sdk login' to authenticate.",
+        );
+        process.exit(1);
+      }
+    });
+}

package/src/utils/api/client.ts

@@ -0,0 +1,44 @@
+// Simple HTTP client for OAuth authentication
+export interface ApiResponse<T = any> {
+  data: T;
+  status: number;
+}
+
+export const createApiClient = () => {
+  const post = async <T = any>(
+    url: string,
+    data: any,
+    options: {
+      headers?: Record<string, string>;
+    } = {},
+  ): Promise<ApiResponse<T>> => {
+    const { headers = {} } = options;
+
+    const response = await fetch(url, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Connection: "close",
+        ...headers,
+      },
+      body: new URLSearchParams(data),
+    });
+
+    if (!response.ok) {
+      throw new Error(`${response.status} ${response.statusText}`);
+    }
+
+    const responseData = await response.json();
+    return {
+      data: responseData,
+      status: response.status,
+    };
+  };
+
+  return {
+    post,
+  };
+};
+
+const api = createApiClient();
+export default api;

package/src/utils/auth/ensureValidToken.ts

@@ -0,0 +1,35 @@
+import getAuthState from "./getAuthState";
+import refreshJWT from "./refreshJWT";
+
+/**
+ * Ensures we have a valid, non-expired JWT token.
+ * Will attempt to refresh expired tokens automatically.
+ * Falls back to ZAPIER_TOKEN environment variable if no stored login.
+ * Returns undefined if no token is available or refresh fails.
+ */
+export const ensureValidToken = async (): Promise<string | undefined> => {
+  try {
+    const state = getAuthState();
+
+    if (state.status === "logged-out") {
+      // Fall back to environment variable if not logged in
+      return process.env.ZAPIER_TOKEN;
+    }
+
+    if (state.status === "expired") {
+      // Attempt to refresh the token
+      try {
+        return await refreshJWT();
+      } catch {
+        // If refresh fails, fall back to environment variable
+        return process.env.ZAPIER_TOKEN;
+      }
+    }
+
+    // Status is "logged-in", return the valid token
+    return state.jwt;
+  } catch {
+    // If any error occurs, fall back to environment variable
+    return process.env.ZAPIER_TOKEN;
+  }
+};

package/src/utils/auth/getAuthState.ts

@@ -0,0 +1,36 @@
+import { config } from "../config";
+
+type Status =
+  | {
+      status: "logged-in";
+      jwt: string;
+      refresh_token: string;
+    }
+  | {
+      status: "expired";
+      refresh_token: string;
+    }
+  | {
+      status: "logged-out";
+    };
+
+const getAuthState = (): Status => {
+  const jwt = config.get("login_jwt") as string | undefined;
+  const refreshToken = config.get("login_refresh_token") as string | undefined;
+  const expiresAt = config.get("login_expires_at") as number | undefined;
+
+  if (!jwt || !refreshToken || !expiresAt) {
+    return { status: "logged-out" };
+  }
+
+  if (expiresAt > Date.now() + 30 * 1000) {
+    return { status: "logged-in", jwt, refresh_token: refreshToken };
+  }
+
+  return {
+    status: "expired",
+    refresh_token: refreshToken,
+  };
+};
+
+export default getAuthState;

package/src/utils/auth/getJWT.ts

@@ -0,0 +1,20 @@
+import getAuthState from "./getAuthState";
+import refreshJWT from "./refreshJWT";
+
+const getJWT = async (): Promise<string> => {
+  const state = getAuthState();
+
+  if (state.status === "logged-out") {
+    throw new Error(
+      "Expected getJWT to only be called when user has logged in.",
+    );
+  }
+
+  if (state.status === "expired") {
+    return await refreshJWT();
+  }
+
+  return state.jwt;
+};
+
+export default getJWT;

package/src/utils/auth/getLoggedInUser.ts

@@ -0,0 +1,68 @@
+import jsonwebtoken, { JwtPayload } from "jsonwebtoken";
+import getJWT from "./getJWT";
+
+const decodeJWTOrThrow = (jwt: unknown): JwtPayload => {
+  if (typeof jwt !== "string") {
+    throw new Error("Expected JWT to be a string");
+  }
+
+  const decodedJWT = jsonwebtoken.decode(jwt, { complete: true });
+
+  if (!decodedJWT) {
+    throw new Error("Could not decode JWT");
+  }
+
+  if (typeof decodedJWT.payload === "string") {
+    throw new Error("Did not expect JWT payload to be a string");
+  }
+
+  return decodedJWT;
+};
+
+const getLoggedInUser = async (): Promise<{
+  accountId: number;
+  customUserId: number;
+  email: string;
+}> => {
+  const jwt = await getJWT();
+
+  let decodedJwt = decodeJWTOrThrow(jwt);
+
+  if (decodedJwt.payload["sub_type"] == "service") {
+    decodedJwt = decodeJWTOrThrow(decodedJwt.payload["njwt"]);
+  }
+
+  if (typeof decodedJwt.payload["zap:acc"] !== "string") {
+    throw new Error("JWT payload does not contain accountId");
+  }
+
+  const accountId = parseInt(decodedJwt.payload["zap:acc"], 10);
+  if (isNaN(accountId)) {
+    throw new Error("JWT accountId is not a number");
+  }
+
+  if (
+    decodedJwt.payload["sub_type"] !== "customuser" ||
+    typeof decodedJwt.payload["sub"] !== "string"
+  ) {
+    throw new Error("JWT payload does not contain customUserId");
+  }
+
+  const customUserId = parseInt(decodedJwt.payload["sub"], 10);
+  if (isNaN(customUserId)) {
+    throw new Error("JWT customUserId is not a number");
+  }
+
+  const email = decodedJwt.payload["zap:uname"];
+  if (typeof email !== "string") {
+    throw new Error("JWT payload does not contain email");
+  }
+
+  return {
+    accountId,
+    customUserId,
+    email,
+  };
+};
+
+export default getLoggedInUser;

package/src/utils/auth/login.ts

@@ -0,0 +1,191 @@
+import open from "open";
+import crypto from "node:crypto";
+import express from "express";
+import pkceChallenge from "pkce-challenge";
+
+import {
+  AUTH_MODE_HEADER,
+  LOGIN_CLIENT_ID,
+  LOGIN_PORTS,
+  LOGIN_TIMEOUT_MS,
+  ZAPIER_BASE,
+} from "../constants";
+import { spinPromise } from "../spinner";
+import log from "../log";
+import api from "../api/client";
+import getCallablePromise from "../getCallablePromise";
+import updateLogin from "./updateLogin";
+import logout from "./logout";
+
+const findAvailablePort = (): Promise<number> => {
+  return new Promise((resolve, reject) => {
+    let portIndex = 0;
+
+    const tryPort = (port: number) => {
+      const server = express().listen(port, () => {
+        server.close();
+        resolve(port);
+      });
+
+      server.on("error", (err: NodeJS.ErrnoException) => {
+        if (err.code === "EADDRINUSE") {
+          if (portIndex < LOGIN_PORTS.length) {
+            // Try next predefined port
+            tryPort(LOGIN_PORTS[portIndex++]);
+          } else {
+            // All configured ports are busy
+            reject(
+              new Error(
+                `All configured OAuth callback ports are busy: ${LOGIN_PORTS.join(", ")}. Please try again later or close applications using these ports.`,
+              ),
+            );
+          }
+        } else {
+          reject(err);
+        }
+      });
+    };
+
+    if (LOGIN_PORTS.length > 0) {
+      tryPort(LOGIN_PORTS[portIndex++]);
+    } else {
+      reject(new Error("No OAuth callback ports configured"));
+    }
+  });
+};
+
+const generateRandomString = () => {
+  const array = new Uint32Array(28);
+  crypto.getRandomValues(array);
+  return Array.from(array, (dec) =>
+    ("0" + dec.toString(16)).substring(-2),
+  ).join("");
+};
+
+const login = async (timeoutMs: number = LOGIN_TIMEOUT_MS): Promise<string> => {
+  // Force logout
+  logout();
+
+  // Find an available port
+  const availablePort = await findAvailablePort();
+  const redirectUri = `http://localhost:${availablePort}/oauth`;
+
+  log.info(`Using port ${availablePort} for OAuth callback`);
+
+  const { promise: promisedCode, resolve: setCode } =
+    getCallablePromise<string>();
+
+  const app = express();
+
+  app.get("/oauth", (req, res) => {
+    setCode(String(req.query.code));
+    // Set headers to prevent keep-alive
+    res.setHeader("Connection", "close");
+    res.end("You can now close this tab and return to the CLI.");
+  });
+
+  const server = app.listen(availablePort);
+
+  // Track connections to force close them if needed
+  const connections = new Set<any>();
+  server.on("connection", (conn) => {
+    connections.add(conn);
+    conn.on("close", () => connections.delete(conn));
+  });
+
+  // Set up signal handlers for graceful shutdown
+  const cleanup = () => {
+    server.close();
+    log.info("\n❌ Login cancelled by user");
+    process.exit(0);
+  };
+
+  process.on("SIGINT", cleanup);
+  process.on("SIGTERM", cleanup);
+
+  const { code_verifier: codeVerifier, code_challenge: codeChallenge } =
+    await pkceChallenge();
+
+  const authUrl = `${ZAPIER_BASE}/oauth/authorize/?${new URLSearchParams({
+    response_type: "code",
+    client_id: LOGIN_CLIENT_ID,
+    redirect_uri: redirectUri,
+    scope: "internal offline_access",
+    state: generateRandomString(),
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256",
+  }).toString()}`;
+
+  log.info("Opening your browser to log in.");
+  log.info("If it doesn't open, visit:", authUrl);
+
+  open(authUrl);
+
+  try {
+    await spinPromise(
+      Promise.race([
+        promisedCode,
+        new Promise<string>((_resolve, reject) =>
+          setTimeout(() => {
+            reject(
+              new Error(
+                `Login timed out after ${Math.round(timeoutMs / 1000)} seconds.`,
+              ),
+            );
+          }, timeoutMs),
+        ),
+      ]),
+      "Waiting for you to login and authorize",
+    );
+  } finally {
+    // Remove signal handlers
+    process.off("SIGINT", cleanup);
+    process.off("SIGTERM", cleanup);
+
+    // Close server with timeout and force-close connections if needed
+    await new Promise<void>((resolve) => {
+      const timeout = setTimeout(() => {
+        log.info("Server close timed out, forcing connection shutdown...");
+        // Force close all connections
+        connections.forEach((conn) => conn.destroy());
+        resolve();
+      }, 1000); // 1 second timeout
+
+      server.close(() => {
+        clearTimeout(timeout);
+        resolve();
+      });
+    });
+  }
+
+  log.info("Exchanging authorization code for tokens...");
+
+  const { data } = await api.post<{
+    access_token: string;
+    refresh_token: string;
+    expires_in: number;
+  }>(
+    `${ZAPIER_BASE}/oauth/token/`,
+    {
+      grant_type: "authorization_code",
+      code: await promisedCode,
+      redirect_uri: redirectUri,
+      client_id: LOGIN_CLIENT_ID,
+      code_verifier: codeVerifier,
+    },
+    {
+      headers: {
+        [AUTH_MODE_HEADER]: "no",
+        "Content-Type": "application/x-www-form-urlencoded",
+      },
+    },
+  );
+
+  updateLogin(data);
+
+  log.info("Token exchange completed successfully");
+
+  return data.access_token;
+};
+
+export default login;

package/src/utils/auth/logout.ts

@@ -0,0 +1,9 @@
+import { config } from "../config";
+
+const logout = () => {
+  config.delete("login_jwt");
+  config.delete("login_refresh_token");
+  config.delete("login_expires_at");
+};
+
+export default logout;