@zapier/zapier-sdk-cli 0.17.3 → 0.18.0

package/dist/index.mjs

@@ -1,9 +1,9 @@
-import { createFunction, OutputPropertySchema, DEFAULT_CONFIG_PATH, ZapierError, getOsInfo, getPlatformVersions, getCiPlatform, isCi, createZapierSdkWithoutRegistry, registryPlugin, getReleaseId, getCurrentTimestamp, generateEventId, ZapierValidationError, ZapierUnknownError, batch, toSnakeCase } from '@zapier/zapier-sdk';
+import { createFunction, OutputPropertySchema, DEFAULT_CONFIG_PATH, getOsInfo, getPlatformVersions, getCiPlatform, isCi, createZapierSdkWithoutRegistry, registryPlugin, getReleaseId, getCurrentTimestamp, generateEventId, ZapierValidationError, ZapierUnknownError, batch, toSnakeCase, isCredentialsObject, ZapierError } from '@zapier/zapier-sdk';
 import open from 'open';
 import crypto from 'crypto';
 import express from 'express';
 import pkceChallenge from 'pkce-challenge';
-import { getLoggedInUser, logout, getAuthTokenUrl, getAuthAuthorizeUrl, ZAPIER_AUTH_CLIENT_ID, AUTH_MODE_HEADER, updateLogin, getConfigPath } from '@zapier/zapier-sdk-cli-login';
+import { logout, getConfigPath, getLoggedInUser, getPkceLoginConfig, AUTH_MODE_HEADER, updateLogin } from '@zapier/zapier-sdk-cli-login';
 import ora from 'ora';
 import chalk from 'chalk';
 import { z } from 'zod';
@@ -151,15 +151,22 @@ var generateRandomString = () => {
     (dec) => ("0" + dec.toString(16)).substring(-2)
   ).join("");
 };
+function ensureOfflineAccess(scope) {
+  if (scope.includes("offline_access")) {
+    return scope;
+  }
+  return `${scope} offline_access`;
+}
 var login = async ({
   timeoutMs = LOGIN_TIMEOUT_MS,
-  baseUrl,
-  authBaseUrl,
-  authClientId
+  credentials
 }) => {
-  const authOptions = { baseUrl, authBaseUrl };
-  const tokenUrl = getAuthTokenUrl(authOptions);
-  const authorizeUrl = getAuthAuthorizeUrl(authOptions);
+  const { clientId, tokenUrl, authorizeUrl } = getPkceLoginConfig({
+    credentials
+  });
+  const scope = ensureOfflineAccess(
+    credentials?.scope || "internal credentials"
+  );
   logout();
   const availablePort = await findAvailablePort();
   const redirectUri = `http://localhost:${availablePort}/oauth`;
@@ -191,9 +198,9 @@ var login = async ({
   const { code_verifier: codeVerifier, code_challenge: codeChallenge } = await pkceChallenge();
   const authUrl = `${authorizeUrl}?${new URLSearchParams({
     response_type: "code",
-    client_id: authClientId || ZAPIER_AUTH_CLIENT_ID,
+    client_id: clientId,
     redirect_uri: redirectUri,
-    scope: "internal offline_access",
+    scope,
     state: generateRandomString(),
     code_challenge: codeChallenge,
     code_challenge_method: "S256"
@@ -243,7 +250,7 @@ var login = async ({
       grant_type: "authorization_code",
       code: await promisedCode,
       redirect_uri: redirectUri,
-      client_id: authClientId || ZAPIER_AUTH_CLIENT_ID,
+      client_id: clientId,
       code_verifier: codeVerifier
     },
     {
@@ -264,7 +271,7 @@ var LoginSchema = z.object({
 
 // package.json
 var package_default = {
-  version: "0.17.3"};
+  version: "0.18.0"};
 
 // src/telemetry/builders.ts
 function createCliBaseEvent(context = {}) {
@@ -321,22 +328,17 @@ function buildCliCommandExecutedEvent({
 
 // src/plugins/login/index.ts
 var CLI_COMMAND_EXECUTED_EVENT_SUBJECT = "platform.sdk.CliCommandExecutedEvent";
-var loginWithSdk = createFunction(
-  async (options) => {
-    const timeoutSeconds = options.timeout ? parseInt(options.timeout, 10) : 300;
-    if (isNaN(timeoutSeconds) || timeoutSeconds <= 0) {
-      throw new Error("Timeout must be a positive number");
-    }
-    await login_default({
-      timeoutMs: timeoutSeconds * 1e3,
-      baseUrl: options.baseUrl,
-      authBaseUrl: options.authBaseUrl,
-      authClientId: options.authClientId
-    });
-    const user = await getLoggedInUser();
-    console.log(`\u2705 Successfully logged in as ${user.email}`);
+function toPkceCredentials(credentials) {
+  if (credentials && isCredentialsObject(credentials) && !("clientSecret" in credentials)) {
+    return {
+      type: "pkce",
+      clientId: credentials.clientId,
+      baseUrl: credentials.baseUrl,
+      scope: credentials.scope
+    };
   }
-);
+  return void 0;
+}
 var loginPlugin = ({ context }) => {
   const loginWithTelemetry = async (options) => {
     const startTime = Date.now();
@@ -345,17 +347,21 @@ var loginPlugin = ({ context }) => {
     let accountId = null;
     let customUserId = null;
     try {
-      await loginWithSdk({
-        ...options,
-        baseUrl: context.options?.baseUrl,
-        authBaseUrl: context.options?.authBaseUrl,
-        authClientId: context.options?.authClientId
+      const timeoutSeconds = options.timeout ? parseInt(options.timeout, 10) : 300;
+      if (isNaN(timeoutSeconds) || timeoutSeconds <= 0) {
+        throw new Error("Timeout must be a positive number");
+      }
+      const resolvedCredentials = await context.resolveCredentials();
+      const pkceCredentials = toPkceCredentials(resolvedCredentials);
+      await login_default({
+        timeoutMs: timeoutSeconds * 1e3,
+        credentials: pkceCredentials
       });
+      const user = await getLoggedInUser();
+      accountId = user.accountId;
+      customUserId = user.customUserId;
+      console.log(`\u2705 Successfully logged in as ${user.email}`);
       success = true;
-      try {
-        ({ accountId, customUserId } = await getLoggedInUser());
-      } catch {
-      }
     } catch (error) {
       success = false;
       errorMessage = error instanceof Error ? error.message : "Login failed";

package/dist/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@zapier/zapier-sdk-cli",
-    "version": "0.17.3",
+    "version": "0.18.0",
     "description": "Command line interface for Zapier SDK",
     "main": "dist/index.cjs",
     "module": "dist/index.mjs",

package/dist/src/cli.js

@@ -12,29 +12,61 @@ program
     .version(packageJson.version, "-v, --version", "display version number")
     .option("--debug", "Enable debug logging")
     .option("--base-url <url>", "Base URL for Zapier API endpoints")
-    .option("--auth-base-url <url>", "Base URL for Zapier authentication endpoints")
-    .option("--auth-client-id <id>", "OAuth client ID for Zapier authentication")
+    .option("--credentials <token>", "Authentication token")
+    .option("--credentials-client-id <id>", "OAuth client ID for authentication")
+    .option("--credentials-client-secret <secret>", "OAuth client secret for authentication")
+    .option("--credentials-base-url <url>", "Base URL for authentication endpoints")
     .option("--tracking-base-url <url>", "Base URL for Zapier tracking endpoints");
 // Check for debug flag early (support both flag and env var)
 const isDebugMode = process.env.DEBUG === "true" || process.argv.includes("--debug");
-// Extract URL options from process.argv for early SDK creation
+// Helper to get flag value from argv
+function getFlagValue(flagName) {
+    const index = process.argv.indexOf(flagName);
+    return index !== -1 ? process.argv[index + 1] : undefined;
+}
+// Extract options from process.argv for early SDK creation
 // We need to create the SDK before parsing to generate commands from schemas
-const baseUrlIndex = process.argv.indexOf("--base-url");
-const authBaseUrlIndex = process.argv.indexOf("--auth-base-url");
-const authClientIdIndex = process.argv.indexOf("--auth-client-id");
-const trackingBaseUrlIndex = process.argv.indexOf("--tracking-base-url");
-const baseUrl = baseUrlIndex !== -1 ? process.argv[baseUrlIndex + 1] : undefined;
-const authBaseUrl = authBaseUrlIndex !== -1 ? process.argv[authBaseUrlIndex + 1] : undefined;
-const authClientId = authClientIdIndex !== -1 ? process.argv[authClientIdIndex + 1] : undefined;
-const trackingBaseUrl = trackingBaseUrlIndex !== -1
-    ? process.argv[trackingBaseUrlIndex + 1]
-    : undefined;
+const baseUrl = getFlagValue("--base-url");
+const credentialsToken = getFlagValue("--credentials");
+const credentialsClientId = getFlagValue("--credentials-client-id");
+const credentialsClientSecret = getFlagValue("--credentials-client-secret");
+const credentialsBaseUrl = getFlagValue("--credentials-base-url");
+const trackingBaseUrl = getFlagValue("--tracking-base-url");
+// Build credentials object from flags
+function buildCredentialsFromFlags() {
+    // If a direct token is provided, use it
+    if (credentialsToken) {
+        return credentialsToken;
+    }
+    // If client ID is provided, build a credentials object
+    if (credentialsClientId) {
+        if (credentialsClientSecret) {
+            // Client credentials flow
+            return {
+                type: "client_credentials",
+                clientId: credentialsClientId,
+                clientSecret: credentialsClientSecret,
+                baseUrl: credentialsBaseUrl,
+            };
+        }
+        else {
+            // PKCE flow (no secret)
+            return {
+                type: "pkce",
+                clientId: credentialsClientId,
+                baseUrl: credentialsBaseUrl,
+            };
+        }
+    }
+    // No credentials from flags - will fall back to env vars or stored login
+    return undefined;
+}
+const credentials = buildCredentialsFromFlags();
 // Create CLI SDK instance with all plugins and URL options
 const sdk = createZapierCliSdk({
     debug: isDebugMode,
+    credentials,
     baseUrl,
-    authBaseUrl,
-    authClientId,
     trackingBaseUrl,
 });
 // Auth commands now handled by plugins

package/dist/src/plugins/login/index.d.ts

@@ -1,4 +1,4 @@
-import type { Plugin } from "@zapier/zapier-sdk";
+import type { Plugin, ResolvedCredentials } from "@zapier/zapier-sdk";
 import type { EventEmissionContext } from "@zapier/zapier-sdk";
 import { LoginSchema, type LoginOptions } from "./schemas";
 interface CliContext {
@@ -6,6 +6,7 @@ interface CliContext {
     selected_api?: string | null;
     app_id?: number | null;
     app_version_id?: number | null;
+    resolveCredentials: () => Promise<ResolvedCredentials | undefined>;
 }
 interface LoginPluginProvides {
     login: (options: LoginOptions) => Promise<void>;

package/dist/src/plugins/login/index.js

@@ -1,26 +1,23 @@
-import { createFunction } from "@zapier/zapier-sdk";
+import { isCredentialsObject } from "@zapier/zapier-sdk";
 import login from "../../utils/auth/login";
-import { getLoggedInUser } from "@zapier/zapier-sdk-cli-login";
+import { getLoggedInUser, } from "@zapier/zapier-sdk-cli-login";
 import { LoginSchema } from "./schemas";
 import { buildCliCommandExecutedEvent } from "../../telemetry/builders";
 import cliPackageJson from "../../../package.json";
 const CLI_COMMAND_EXECUTED_EVENT_SUBJECT = "platform.sdk.CliCommandExecutedEvent";
-const loginWithSdk = createFunction(async (options) => {
-    const timeoutSeconds = options.timeout
-        ? parseInt(options.timeout, 10)
-        : 300;
-    if (isNaN(timeoutSeconds) || timeoutSeconds <= 0) {
-        throw new Error("Timeout must be a positive number");
+function toPkceCredentials(credentials) {
+    if (credentials &&
+        isCredentialsObject(credentials) &&
+        !("clientSecret" in credentials)) {
+        return {
+            type: "pkce",
+            clientId: credentials.clientId,
+            baseUrl: credentials.baseUrl,
+            scope: credentials.scope,
+        };
     }
-    await login({
-        timeoutMs: timeoutSeconds * 1000,
-        baseUrl: options.baseUrl,
-        authBaseUrl: options.authBaseUrl,
-        authClientId: options.authClientId,
-    });
-    const user = await getLoggedInUser();
-    console.log(`✅ Successfully logged in as ${user.email}`);
-});
+    return undefined;
+}
 export const loginPlugin = ({ context }) => {
     // Wrap the login function to emit telemetry events
     const loginWithTelemetry = async (options) => {
@@ -30,20 +27,25 @@ export const loginPlugin = ({ context }) => {
         let accountId = null;
         let customUserId = null;
         try {
-            await loginWithSdk({
-                ...options,
-                baseUrl: context.options?.baseUrl,
-                authBaseUrl: context.options?.authBaseUrl,
-                authClientId: context.options?.authClientId,
+            const timeoutSeconds = options.timeout
+                ? parseInt(options.timeout, 10)
+                : 300;
+            if (isNaN(timeoutSeconds) || timeoutSeconds <= 0) {
+                throw new Error("Timeout must be a positive number");
+            }
+            // Resolve credentials from options and env vars
+            const resolvedCredentials = await context.resolveCredentials();
+            const pkceCredentials = toPkceCredentials(resolvedCredentials);
+            await login({
+                timeoutMs: timeoutSeconds * 1000,
+                credentials: pkceCredentials,
             });
+            // Get user info after successful login
+            const user = await getLoggedInUser();
+            accountId = user.accountId;
+            customUserId = user.customUserId;
+            console.log(`✅ Successfully logged in as ${user.email}`);
             success = true;
-            // Extract user IDs after successful login
-            try {
-                ({ accountId, customUserId } = await getLoggedInUser());
-            }
-            catch {
-                // If we can't get user info, continue without it
-            }
         }
         catch (error) {
             success = false;

package/dist/src/utils/auth/login.d.ts

@@ -1,8 +1,7 @@
+import { type PkceCredentials } from "@zapier/zapier-sdk-cli-login";
 interface LoginOptions {
     timeoutMs?: number;
-    baseUrl?: string;
-    authBaseUrl?: string;
-    authClientId?: string;
+    credentials?: PkceCredentials;
 }
-declare const login: ({ timeoutMs, baseUrl, authBaseUrl, authClientId, }: LoginOptions) => Promise<string>;
+declare const login: ({ timeoutMs, credentials, }: LoginOptions) => Promise<string>;
 export default login;

package/dist/src/utils/auth/login.js

@@ -2,12 +2,12 @@ import open from "open";
 import crypto from "node:crypto";
 import express from "express";
 import pkceChallenge from "pkce-challenge";
-import { AUTH_MODE_HEADER, ZAPIER_AUTH_CLIENT_ID, LOGIN_PORTS, LOGIN_TIMEOUT_MS, } from "../constants";
+import { AUTH_MODE_HEADER, LOGIN_PORTS, LOGIN_TIMEOUT_MS } from "../constants";
 import { spinPromise } from "../spinner";
 import log from "../log";
 import api from "../api/client";
 import getCallablePromise from "../getCallablePromise";
-import { updateLogin, logout, getAuthTokenUrl, getAuthAuthorizeUrl, } from "@zapier/zapier-sdk-cli-login";
+import { updateLogin, logout, getPkceLoginConfig, } from "@zapier/zapier-sdk-cli-login";
 import { ZapierCliUserCancellationError } from "../errors";
 const findAvailablePort = () => {
     return new Promise((resolve, reject) => {
@@ -46,10 +46,18 @@ const generateRandomString = () => {
     crypto.getRandomValues(array);
     return Array.from(array, (dec) => ("0" + dec.toString(16)).substring(-2)).join("");
 };
-const login = async ({ timeoutMs = LOGIN_TIMEOUT_MS, baseUrl, authBaseUrl, authClientId, }) => {
-    const authOptions = { baseUrl, authBaseUrl };
-    const tokenUrl = getAuthTokenUrl(authOptions);
-    const authorizeUrl = getAuthAuthorizeUrl(authOptions);
+// Ensure offline_access is included in scope for PKCE (needed for refresh tokens)
+function ensureOfflineAccess(scope) {
+    if (scope.includes("offline_access")) {
+        return scope;
+    }
+    return `${scope} offline_access`;
+}
+const login = async ({ timeoutMs = LOGIN_TIMEOUT_MS, credentials, }) => {
+    const { clientId, tokenUrl, authorizeUrl } = getPkceLoginConfig({
+        credentials,
+    });
+    const scope = ensureOfflineAccess(credentials?.scope || "internal credentials");
     // Force logout
     logout();
     // Find an available port
@@ -82,9 +90,9 @@ const login = async ({ timeoutMs = LOGIN_TIMEOUT_MS, baseUrl, authBaseUrl, authC
     const { code_verifier: codeVerifier, code_challenge: codeChallenge } = await pkceChallenge();
     const authUrl = `${authorizeUrl}?${new URLSearchParams({
         response_type: "code",
-        client_id: authClientId || ZAPIER_AUTH_CLIENT_ID,
+        client_id: clientId,
         redirect_uri: redirectUri,
-        scope: "internal offline_access",
+        scope,
         state: generateRandomString(),
         code_challenge: codeChallenge,
         code_challenge_method: "S256",
@@ -131,7 +139,7 @@ const login = async ({ timeoutMs = LOGIN_TIMEOUT_MS, baseUrl, authBaseUrl, authC
         grant_type: "authorization_code",
         code: await promisedCode,
         redirect_uri: redirectUri,
-        client_id: authClientId || ZAPIER_AUTH_CLIENT_ID,
+        client_id: clientId,
         code_verifier: codeVerifier,
     }, {
         headers: {

package/dist/src/utils/constants.d.ts

@@ -1,3 +1,3 @@
-export { ZAPIER_AUTH_CLIENT_ID, AUTH_MODE_HEADER, } from "@zapier/zapier-sdk-cli-login";
+export { AUTH_MODE_HEADER } from "@zapier/zapier-sdk-cli-login";
 export declare const LOGIN_PORTS: number[];
 export declare const LOGIN_TIMEOUT_MS = 300000;

package/dist/src/utils/constants.js

@@ -1,5 +1,5 @@
 // Import shared OAuth constants from login package
-export { ZAPIER_AUTH_CLIENT_ID, AUTH_MODE_HEADER, } from "@zapier/zapier-sdk-cli-login";
+export { AUTH_MODE_HEADER } from "@zapier/zapier-sdk-cli-login";
 // CLI-specific constants
 export const LOGIN_PORTS = [49505, 50575, 52804, 55981, 61010, 63851];
 export const LOGIN_TIMEOUT_MS = 300000; // 5 minutes