agent-messenger 1.4.0 → 1.6.0

package/src/platforms/teams/commands/auth.ts

@@ -4,140 +4,235 @@ import { formatOutput } from '@/shared/utils/output'
 import { TeamsClient } from '../client'
 import { TeamsCredentialManager } from '../credential-manager'
 import { TeamsTokenExtractor } from '../token-extractor'
+import type { TeamsAccount, TeamsAccountType, TeamsConfig } from '../types'
 
 export async function extractAction(options: { pretty?: boolean; debug?: boolean; token?: string }): Promise<void> {
   try {
-    let token: string
-
     if (options.token) {
-      token = options.token
-      if (options.debug) {
-        console.error(`[debug] Using provided token: ${token.substring(0, 20)}...`)
-      }
-    } else {
-      const extractor = new TeamsTokenExtractor()
-
-      if (process.platform === 'darwin') {
-        console.log('')
-        console.log('  Extracting your Microsoft Teams credentials...')
-        console.log('')
-        console.log('  Your Mac may ask for your password to access Keychain.')
-        console.log('  This is required because Teams encrypts your login token')
-        console.log('  using macOS Keychain for security.')
-        console.log('')
-        console.log('  What happens:')
-        console.log("    1. We read the encrypted token from Teams' cookies")
-        console.log('    2. macOS Keychain decrypts it (requires your password)')
-        console.log('    3. The token is stored locally in ~/.config/agent-messenger/')
-        console.log('')
-        console.log('  Your password is never stored or transmitted anywhere.')
-        console.log('')
-      }
-
-      if (options.debug) {
-        console.error(`[debug] Extracting Teams token...`)
-      }
-
-      const extracted = await extractor.extract()
+      await extractManualToken(options.token, options)
+      return
+    }
 
-      if (!extracted) {
-        console.log(
-          formatOutput(
-            {
-              error: 'No Teams token found. Make sure Microsoft Teams desktop app is installed and logged in.',
-              hint: 'Run with --token <token> to manually provide a token, or --debug for more info.',
-            },
-            options.pretty,
-          ),
-        )
-        process.exit(1)
-      }
-      token = extracted.token
+    const extractor = new TeamsTokenExtractor()
+
+    if (process.platform === 'darwin') {
+      console.log('')
+      console.log('  Extracting your Microsoft Teams credentials...')
+      console.log('')
+      console.log('  Your Mac may ask for your password to access Keychain.')
+      console.log('  This is required because Teams encrypts your login token')
+      console.log('  using macOS Keychain for security.')
+      console.log('')
+      console.log('  What happens:')
+      console.log("    1. We read the encrypted token from Teams' cookies")
+      console.log('    2. macOS Keychain decrypts it (requires your password)')
+      console.log('    3. The token is stored locally in ~/.config/agent-messenger/')
+      console.log('')
+      console.log('  Your password is never stored or transmitted anywhere.')
+      console.log('')
     }
 
     if (options.debug) {
-      console.error(`[debug] Token extracted: ${token.substring(0, 20)}...`)
+      console.error('[debug] Extracting Teams tokens from all accounts...')
     }
 
-    try {
-      const client = new TeamsClient(token)
+    const extracted = await extractor.extract()
 
-      if (options.debug) {
-        console.error(`[debug] Testing token validity...`)
-      }
+    if (extracted.length === 0) {
+      console.log(
+        formatOutput(
+          {
+            error: 'No Teams token found. Make sure Microsoft Teams desktop app is installed and logged in.',
+            hint: 'Run with --token <token> to manually provide a token, or --debug for more info.',
+          },
+          options.pretty,
+        ),
+      )
+      process.exit(1)
+    }
 
-      const authInfo = await client.testAuth()
+    if (options.debug) {
+      console.error(`[debug] Found ${extracted.length} account(s)`)
+    }
 
+    const credManager = new TeamsCredentialManager()
+    const config: TeamsConfig = { current_account: null, accounts: {} }
+    const outputAccounts: Array<{
+      account_type: TeamsAccountType
+      user: string
+      teams: string[]
+    }> = []
+
+    for (const { token, accountType } of extracted) {
       if (options.debug) {
-        console.error(`[debug] ✓ Token valid for user: ${authInfo.displayName}`)
-        console.error(`[debug] Discovering teams...`)
+        console.error(`[debug] Validating ${accountType} account token...`)
       }
 
-      const teams = await client.listTeams()
+      try {
+        const client = new TeamsClient(token)
+        const authInfo = await client.testAuth()
+        const teams = await client.listTeams()
 
-      if (options.debug) {
-        console.error(`[debug] ✓ Found ${teams.length} team(s)`)
-      }
+        if (options.debug) {
+          console.error(`[debug] ✓ ${accountType}: ${authInfo.displayName} (${teams.length} team(s))`)
+        }
 
-      if (teams.length === 0) {
-        console.log(
-          formatOutput(
-            {
-              error: 'No teams found. Make sure you are a member of at least one Microsoft Teams team.',
-            },
-            options.pretty,
-          ),
-        )
-        process.exit(1)
-      }
+        const teamMap: Record<string, { team_id: string; team_name: string }> = {}
+        for (const team of teams) {
+          teamMap[team.id] = { team_id: team.id, team_name: team.name }
+        }
 
-      const credManager = new TeamsCredentialManager()
-      const teamMap: Record<string, { team_id: string; team_name: string }> = {}
+        const account: TeamsAccount = {
+          token,
+          token_expires_at: new Date(Date.now() + 60 * 60 * 1000).toISOString(),
+          account_type: accountType,
+          user_name: authInfo.displayName,
+          current_team: teams[0]?.id ?? null,
+          teams: teamMap,
+        }
 
-      for (const team of teams) {
-        teamMap[team.id] = {
-          team_id: team.id,
-          team_name: team.name,
+        config.accounts[accountType] = account
+        if (!config.current_account) {
+          config.current_account = accountType
         }
-      }
 
-      const config = {
-        token: token,
-        current_team: teams[0].id,
-        teams: teamMap,
-        token_expires_at: new Date(Date.now() + 60 * 60 * 1000).toISOString(),
+        outputAccounts.push({
+          account_type: accountType,
+          user: authInfo.displayName,
+          teams: teams.map((t) => `${t.id}/${t.name}`),
+        })
+      } catch (error) {
+        const errorMessage = (error as Error).message
+        const is401 = errorMessage.includes('401') || errorMessage.includes('Unauthorized')
+        if (options.debug) {
+          console.error(`[debug] ✗ ${accountType}: ${errorMessage}`)
+        }
+        if (extracted.length === 1) {
+          console.log(
+            formatOutput(
+              {
+                error: `Token validation failed: ${errorMessage}`,
+                hint: is401
+                  ? 'Token expired. Open Microsoft Teams, send a message to refresh your session, then run "auth extract" again.'
+                  : 'Make sure Microsoft Teams desktop app is running and you are logged in.',
+              },
+              options.pretty,
+            ),
+          )
+          process.exit(1)
+        }
       }
+    }
 
-      await credManager.saveConfig(config)
+    if (Object.keys(config.accounts).length === 0) {
+      console.log(
+        formatOutput(
+          { error: 'All extracted tokens failed validation. Make sure Microsoft Teams is running and logged in.' },
+          options.pretty,
+        ),
+      )
+      process.exit(1)
+    }
 
-      if (options.debug) {
-        console.error(`[debug] ✓ Credentials saved`)
-      }
+    await credManager.saveConfig(config)
 
-      const output = {
-        teams: teams.map((t) => `${t.id}/${t.name}`),
-        current: teams[0].id,
-      }
+    if (options.debug) {
+      console.error('[debug] ✓ Credentials saved')
+    }
 
-      console.log(formatOutput(output, options.pretty))
-    } catch (error) {
-      const errorMessage = (error as Error).message
-      const is401 = errorMessage.includes('401') || errorMessage.includes('Unauthorized')
+    console.log(
+      formatOutput(
+        {
+          accounts: outputAccounts,
+          current_account: config.current_account,
+        },
+        options.pretty,
+      ),
+    )
+  } catch (error) {
+    handleError(error as Error)
+  }
+}
+
+async function extractManualToken(token: string, options: { pretty?: boolean; debug?: boolean }): Promise<void> {
+  if (options.debug) {
+    console.error(`[debug] Using provided token: ${token.substring(0, 20)}...`)
+  }
+
+  try {
+    const client = new TeamsClient(token)
+    const authInfo = await client.testAuth()
+    const teams = await client.listTeams()
+
+    if (teams.length === 0) {
       console.log(
         formatOutput(
-          {
-            error: `Token validation failed: ${errorMessage}`,
-            hint: is401
-              ? 'Token expired. Open Microsoft Teams, send a message to refresh your session, then run "auth extract" again.'
-              : 'Make sure Microsoft Teams desktop app is running and you are logged in.',
-          },
+          { error: 'No teams found. Make sure you are a member of at least one Microsoft Teams team.' },
           options.pretty,
         ),
       )
       process.exit(1)
     }
+
+    const credManager = new TeamsCredentialManager()
+    const accountType: TeamsAccountType = 'work'
+
+    const teamMap: Record<string, { team_id: string; team_name: string }> = {}
+    for (const team of teams) {
+      teamMap[team.id] = { team_id: team.id, team_name: team.name }
+    }
+
+    const account: TeamsAccount = {
+      token,
+      token_expires_at: new Date(Date.now() + 60 * 60 * 1000).toISOString(),
+      account_type: accountType,
+      user_name: authInfo.displayName,
+      current_team: teams[0].id,
+      teams: teamMap,
+    }
+
+    const existingConfig = await credManager.loadConfig()
+    const config: TeamsConfig = existingConfig ?? { current_account: accountType, accounts: {} }
+    config.accounts[accountType] = account
+    if (!config.current_account) {
+      config.current_account = accountType
+    }
+    await credManager.saveConfig(config)
+
+    if (options.debug) {
+      console.error('[debug] ✓ Credentials saved')
+    }
+
+    console.log(
+      formatOutput(
+        {
+          accounts: [
+            {
+              account_type: accountType,
+              user: authInfo.displayName,
+              teams: teams.map((t) => `${t.id}/${t.name}`),
+            },
+          ],
+          current_account: accountType,
+        },
+        options.pretty,
+      ),
+    )
   } catch (error) {
-    handleError(error as Error)
+    const errorMessage = (error as Error).message
+    const is401 = errorMessage.includes('401') || errorMessage.includes('Unauthorized')
+    console.log(
+      formatOutput(
+        {
+          error: `Token validation failed: ${errorMessage}`,
+          hint: is401
+            ? 'Token expired. Open Microsoft Teams, send a message to refresh your session, then run "auth extract" again.'
+            : 'Make sure Microsoft Teams desktop app is running and you are logged in.',
+        },
+        options.pretty,
+      ),
+    )
+    process.exit(1)
   }
 }
 
@@ -146,7 +241,7 @@ export async function logoutAction(options: { pretty?: boolean }): Promise<void>
     const credManager = new TeamsCredentialManager()
     const config = await credManager.loadConfig()
 
-    if (!config?.token) {
+    if (!config || Object.keys(config.accounts).length === 0) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
@@ -164,35 +259,96 @@ export async function statusAction(options: { pretty?: boolean }): Promise<void>
     const credManager = new TeamsCredentialManager()
     const config = await credManager.loadConfig()
 
-    if (!config?.token) {
+    if (!config || Object.keys(config.accounts).length === 0) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    let authInfo: { id: string; displayName: string } | null = null
-    let valid = false
-    const isExpired = await credManager.isTokenExpired()
-
-    if (!isExpired) {
-      try {
-        const client = new TeamsClient(config.token, config.token_expires_at)
-        authInfo = await client.testAuth()
-        valid = true
-      } catch {
-        valid = false
+    const accountStatuses: Array<{
+      account_type: string
+      authenticated: boolean
+      user: string | null
+      teams_count: number
+      token_expires_at: string | null
+      token_expired: boolean
+      current: boolean
+    }> = []
+
+    for (const [key, account] of Object.entries(config.accounts)) {
+      const isExpired = account.token_expires_at ? new Date(account.token_expires_at).getTime() <= Date.now() : true
+
+      let displayName: string | null = account.user_name ?? null
+      let valid = false
+
+      if (!isExpired) {
+        try {
+          const client = new TeamsClient(account.token, account.token_expires_at)
+          const authInfo = await client.testAuth()
+          displayName = authInfo.displayName
+          valid = true
+        } catch {
+          valid = false
+        }
       }
+
+      accountStatuses.push({
+        account_type: key,
+        authenticated: valid,
+        user: displayName,
+        teams_count: Object.keys(account.teams).length,
+        token_expires_at: account.token_expires_at ?? null,
+        token_expired: isExpired,
+        current: key === config.current_account,
+      })
     }
 
-    const output = {
-      authenticated: valid,
-      user: authInfo?.displayName,
-      current_team: config.current_team,
-      teams_count: Object.keys(config.teams).length,
-      token_expires_at: config.token_expires_at ?? null,
-      token_expired: isExpired,
+    console.log(
+      formatOutput(
+        {
+          current_account: config.current_account,
+          accounts: accountStatuses,
+        },
+        options.pretty,
+      ),
+    )
+  } catch (error) {
+    handleError(error as Error)
+  }
+}
+
+export async function switchAccountAction(accountType: string, options: { pretty?: boolean }): Promise<void> {
+  try {
+    const credManager = new TeamsCredentialManager()
+    const config = await credManager.loadConfig()
+
+    if (!config || !config.accounts[accountType]) {
+      const available = config ? Object.keys(config.accounts).join(', ') : 'none'
+      console.log(
+        formatOutput(
+          {
+            error: `Account not found: ${accountType}`,
+            available,
+            hint: 'Run "auth extract" to discover all accounts.',
+          },
+          options.pretty,
+        ),
+      )
+      process.exit(1)
     }
 
-    console.log(formatOutput(output, options.pretty))
+    await credManager.setCurrentAccount(accountType as TeamsAccountType)
+    const account = config.accounts[accountType]
+
+    console.log(
+      formatOutput(
+        {
+          current_account: accountType,
+          user: account.user_name,
+          teams_count: Object.keys(account.teams).length,
+        },
+        options.pretty,
+      ),
+    )
   } catch (error) {
     handleError(error as Error)
   }
@@ -220,3 +376,10 @@ export const authCommand = new Command('auth')
       .option('--pretty', 'Pretty print JSON output')
       .action(statusAction),
   )
+  .addCommand(
+    new Command('switch-account')
+      .description('Switch active account (work or personal)')
+      .argument('<account-type>', 'Account type: work or personal')
+      .option('--pretty', 'Pretty print JSON output')
+      .action(switchAccountAction),
+  )

package/src/platforms/teams/commands/channel.test.ts

@@ -43,10 +43,16 @@ beforeEach(() => {
   ])
 
   credManagerLoadConfigSpy = spyOn(TeamsCredentialManager.prototype, 'loadConfig').mockResolvedValue({
-    token: 'test-token',
-    current_team: 'team-1',
-    teams: {
-      'team-1': { team_id: 'team-1', team_name: 'Team One' },
+    current_account: 'work',
+    accounts: {
+      work: {
+        token: 'test-token',
+        account_type: 'work' as const,
+        current_team: 'team-1',
+        teams: {
+          'team-1': { team_id: 'team-1', team_name: 'Team One' },
+        },
+      },
     },
   })
 })

package/src/platforms/teams/commands/channel.ts

@@ -7,14 +7,14 @@ import { TeamsCredentialManager } from '../credential-manager'
 export async function listAction(teamId: string, options: { pretty?: boolean }): Promise<void> {
   try {
     const credManager = new TeamsCredentialManager()
-    const config = await credManager.loadConfig()
+    const cred = await credManager.getTokenWithExpiry()
 
-    if (!config?.token) {
+    if (!cred) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    const client = new TeamsClient(config.token, config.token_expires_at)
+    const client = new TeamsClient(cred.token, cred.tokenExpiresAt)
     const channels = await client.listChannels(teamId)
 
     const output = channels.map((ch) => ({
@@ -33,14 +33,14 @@ export async function listAction(teamId: string, options: { pretty?: boolean }):
 export async function infoAction(teamId: string, channelId: string, options: { pretty?: boolean }): Promise<void> {
   try {
     const credManager = new TeamsCredentialManager()
-    const config = await credManager.loadConfig()
+    const cred = await credManager.getTokenWithExpiry()
 
-    if (!config?.token) {
+    if (!cred) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    const client = new TeamsClient(config.token, config.token_expires_at)
+    const client = new TeamsClient(cred.token, cred.tokenExpiresAt)
     const channel = await client.getChannel(teamId, channelId)
 
     const output = {
@@ -63,14 +63,14 @@ export async function historyAction(
 ): Promise<void> {
   try {
     const credManager = new TeamsCredentialManager()
-    const config = await credManager.loadConfig()
+    const cred = await credManager.getTokenWithExpiry()
 
-    if (!config?.token) {
+    if (!cred) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    const client = new TeamsClient(config.token, config.token_expires_at)
+    const client = new TeamsClient(cred.token, cred.tokenExpiresAt)
     const messages = await client.getMessages(teamId, channelId, options.limit || 50)
 
     const output = messages.map((msg) => ({

package/src/platforms/teams/commands/file.test.ts

@@ -35,9 +35,15 @@ beforeEach(() => {
   ])
 
   credManagerLoadConfigSpy = spyOn(TeamsCredentialManager.prototype, 'loadConfig').mockResolvedValue({
-    token: 'test_token',
-    current_team: 'team_123',
-    teams: { team_123: { team_id: 'team_123', team_name: 'Test Team' } },
+    current_account: 'work',
+    accounts: {
+      work: {
+        token: 'test_token',
+        account_type: 'work' as const,
+        current_team: 'team_123',
+        teams: { team_123: { team_id: 'team_123', team_name: 'Test Team' } },
+      },
+    },
   })
 })
 

package/src/platforms/teams/commands/file.ts

@@ -14,14 +14,14 @@ export async function uploadAction(
 ): Promise<void> {
   try {
     const credManager = new TeamsCredentialManager()
-    const config = await credManager.loadConfig()
+    const cred = await credManager.getTokenWithExpiry()
 
-    if (!config?.token) {
+    if (!cred) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    const client = new TeamsClient(config.token, config.token_expires_at)
+    const client = new TeamsClient(cred.token, cred.tokenExpiresAt)
     const filePath = resolve(path)
     const file = await client.uploadFile(teamId, channelId, filePath)
 
@@ -42,14 +42,14 @@ export async function uploadAction(
 export async function listAction(teamId: string, channelId: string, options: { pretty?: boolean }): Promise<void> {
   try {
     const credManager = new TeamsCredentialManager()
-    const config = await credManager.loadConfig()
+    const cred = await credManager.getTokenWithExpiry()
 
-    if (!config?.token) {
+    if (!cred) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    const client = new TeamsClient(config.token, config.token_expires_at)
+    const client = new TeamsClient(cred.token, cred.tokenExpiresAt)
     const files = await client.listFiles(teamId, channelId)
 
     const output = files.map((file: TeamsFile) => ({
@@ -74,14 +74,14 @@ export async function infoAction(
 ): Promise<void> {
   try {
     const credManager = new TeamsCredentialManager()
-    const config = await credManager.loadConfig()
+    const cred = await credManager.getTokenWithExpiry()
 
-    if (!config?.token) {
+    if (!cred) {
       console.log(formatOutput({ error: 'Not authenticated. Run "auth extract" first.' }, options.pretty))
       process.exit(1)
     }
 
-    const client = new TeamsClient(config.token, config.token_expires_at)
+    const client = new TeamsClient(cred.token, cred.tokenExpiresAt)
     const files = await client.listFiles(teamId, channelId)
     const fileData = files.find((f) => f.id === fileId)
 
@@ -105,30 +105,30 @@ export async function infoAction(
 }
 
 export const fileCommand = new Command('file')
-  .description('file commands')
+  .description('File commands')
   .addCommand(
     new Command('upload')
-      .description('upload file to channel')
-      .argument('<team>', 'team ID')
-      .argument('<channel>', 'channel ID')
-      .argument('<path>', 'file path')
+      .description('Upload file to channel')
+      .argument('<team-id>', 'Team ID')
+      .argument('<channel-id>', 'Channel ID')
+      .argument('<path>', 'File path')
       .option('--pretty', 'Pretty print JSON output')
       .action(uploadAction),
   )
   .addCommand(
     new Command('list')
-      .description('list files in channel')
-      .argument('<team>', 'team ID')
-      .argument('<channel>', 'channel ID')
+      .description('List files in channel')
+      .argument('<team-id>', 'Team ID')
+      .argument('<channel-id>', 'Channel ID')
       .option('--pretty', 'Pretty print JSON output')
       .action(listAction),
   )
   .addCommand(
     new Command('info')
-      .description('show file details')
-      .argument('<team>', 'team ID')
-      .argument('<channel>', 'channel ID')
-      .argument('<file>', 'file ID')
+      .description('Show file details')
+      .argument('<team-id>', 'Team ID')
+      .argument('<channel-id>', 'Channel ID')
+      .argument('<file-id>', 'File ID')
       .option('--pretty', 'Pretty print JSON output')
       .action(infoAction),
   )