agent-relay 2.1.23-beta.0 → 2.1.23-beta.2

package/dist/src/cli/index.js

@@ -24,7 +24,7 @@ import { RelayPtyOrchestrator, getTmuxPath } from '@agent-relay/wrapper';
 import { AgentSpawner, readWorkersMetadata, getWorkerLogsDir, selectShadowCli, ensureMcpPermissions } from '@agent-relay/bridge';
 import { generateAgentName, checkForUpdatesInBackground, checkForUpdates } from '@agent-relay/utils';
 import { getShadowForAgent, getProjectPaths, loadRuntimeConfig } from '@agent-relay/config';
-import { CLI_AUTH_CONFIG } from '@agent-relay/config/cli-auth-config';
+import { CLI_AUTH_CONFIG, stripAnsiCodes } from '@agent-relay/config/cli-auth-config';
 import { createStorageAdapter } from '@agent-relay/storage/adapter';
 import { initTelemetry, track, enableTelemetry, disableTelemetry, getStatus, isDisabledByEnv, } from '@agent-relay/telemetry';
 import { installMcpConfig } from '@agent-relay/mcp';
@@ -3818,6 +3818,9 @@ program
         sshClient.end();
         process.exit(1);
     }
+    // Get success/error patterns from CLI_AUTH_CONFIG for auto-detection
+    const successPatterns = providerConfig.successPatterns || [];
+    const errorPatterns = providerConfig.errorPatterns || [];
     const execInteractive = async (cmd, timeoutMs) => {
         return await new Promise((resolve, reject) => {
             const cols = process.stdout.columns || 80;
@@ -3828,6 +3831,8 @@ program
                     return reject(err);
                 let exitCode = null;
                 let exitSignal = null;
+                let authDetected = false;
+                let outputBuffer = ''; // Rolling buffer for pattern matching
                 const stdin = process.stdin;
                 const stdout = process.stdout;
                 const stderr = process.stderr;
@@ -3843,8 +3848,50 @@ program
                     stream.write(data);
                 };
                 stdin.on('data', onStdinData);
+                const cleanup = () => {
+                    stdin.off('data', onStdinData);
+                    stdout.off('resize', onResize);
+                    try {
+                        stdin.setRawMode?.(wasRaw);
+                    }
+                    catch {
+                        // ignore
+                    }
+                    stdin.pause();
+                };
+                // Auto-close the session when auth success is detected
+                const closeOnAuthSuccess = () => {
+                    authDetected = true;
+                    // Brief delay so the user sees the success message
+                    setTimeout(() => {
+                        cleanup();
+                        clearTimeout(timer);
+                        try {
+                            stream.close();
+                        }
+                        catch {
+                            // ignore
+                        }
+                    }, 1500);
+                };
                 stream.on('data', (data) => {
                     stdout.write(data);
+                    // Accumulate output for pattern matching (keep last 2KB to avoid memory growth)
+                    const text = data.toString();
+                    outputBuffer += text;
+                    if (outputBuffer.length > 2048) {
+                        outputBuffer = outputBuffer.slice(-2048);
+                    }
+                    // Check for auth success patterns
+                    if (!authDetected && successPatterns.length > 0) {
+                        const clean = stripAnsiCodes(outputBuffer);
+                        for (const pattern of successPatterns) {
+                            if (pattern.test(clean)) {
+                                closeOnAuthSuccess();
+                                break;
+                            }
+                        }
+                    }
                 });
                 stream.stderr.on('data', (data) => {
                     stderr.write(data);
@@ -3858,16 +3905,6 @@ program
                     }
                 };
                 stdout.on('resize', onResize);
-                const cleanup = () => {
-                    stdin.off('data', onStdinData);
-                    stdout.off('resize', onResize);
-                    try {
-                        stdin.setRawMode?.(wasRaw);
-                    }
-                    catch {
-                        // ignore
-                    }
-                };
                 const timer = setTimeout(() => {
                     cleanup();
                     try {
@@ -3887,7 +3924,7 @@ program
                 stream.on('close', () => {
                     clearTimeout(timer);
                     cleanup();
-                    resolve({ exitCode, exitSignal });
+                    resolve({ exitCode, exitSignal, authDetected });
                 });
                 stream.on('error', (e) => {
                     clearTimeout(timer);
@@ -3901,7 +3938,7 @@ program
     let execError = null;
     try {
         console.log(yellow('Starting interactive authentication...'));
-        console.log(dim('Follow the prompts below. Press Ctrl+C in the remote CLI to abort.'));
+        console.log(dim('Follow the prompts below. The session will close automatically when auth completes.'));
         console.log('');
         execResult = await execInteractive(remoteCommand, TIMEOUT_MS);
     }
@@ -3918,7 +3955,8 @@ program
     // Step 2: Notify cloud completion (cloud will verify and persist credentials).
     console.log('');
     console.log('Finalizing authentication with cloud...');
-    const success = execError === null && execResult?.exitCode === 0;
+    // Auth is successful if: success patterns were detected, OR the process exited cleanly (code 0)
+    const success = execError === null && (execResult?.authDetected === true || execResult?.exitCode === 0);
     const providerForComplete = (typeof start.provider === 'string' && start.provider.trim().length > 0)
         ? start.provider.trim()
         : provider;
@@ -3970,17 +4008,42 @@ program
     console.log('');
 });
 // ============================================================================
-// codex-auth - SSH tunnel helper for Codex/OpenAI authentication
+// cli-auth - SSH tunnel helper for provider authentication (Claude, Codex, Cursor, etc.)
 // ============================================================================
-program
-    .command('codex-auth')
-    .description('Connect Codex via SSH tunnel to workspace (run this when connecting Codex in Agent Relay)')
-    .option('--workspace <id>', 'Workspace ID to connect to')
-    .option('--cloud-url <url>', 'Cloud API URL', process.env.AGENT_RELAY_CLOUD_URL || 'https://agent-relay.com')
-    .option('--token <token>', 'CLI authentication token (from dashboard)')
-    .option('--session-cookie <cookie>', 'Session cookie for authentication (deprecated, use --token)')
-    .option('--timeout <seconds>', 'Timeout in seconds (default: 300)', '300')
-    .action(async (options) => {
+// Provider display names for CLI output
+const CLI_AUTH_DISPLAY_NAMES = {
+    anthropic: 'Claude',
+    openai: 'Codex',
+    google: 'Gemini',
+    cursor: 'Cursor',
+    copilot: 'GitHub Copilot',
+    opencode: 'OpenCode',
+    droid: 'Droid',
+};
+// CLI command names per provider (used in help text)
+const CLI_AUTH_COMMAND_NAMES = {
+    anthropic: 'claude',
+    openai: 'codex',
+    google: 'gemini',
+    cursor: 'cursor',
+    copilot: 'copilot',
+    opencode: 'opencode',
+    droid: 'droid',
+};
+// Provider alias mapping (CLI name → config key)
+const CLI_AUTH_PROVIDER_MAP = {
+    claude: 'anthropic',
+    codex: 'openai',
+    gemini: 'google',
+};
+/**
+ * Shared action handler for cli-auth and its provider-specific aliases.
+ */
+async function runCliAuth(providerArg, options) {
+    // Resolve provider alias
+    const provider = CLI_AUTH_PROVIDER_MAP[providerArg.toLowerCase()] || providerArg.toLowerCase();
+    const displayName = CLI_AUTH_DISPLAY_NAMES[provider] || provider;
+    const cliName = CLI_AUTH_COMMAND_NAMES[provider] || provider;
     const TIMEOUT_MS = parseInt(options.timeout, 10) * 1000;
     const CLOUD_URL = options.cloudUrl.replace(/\/$/, '');
     const TUNNEL_PORT = 1455;
@@ -3992,25 +4055,26 @@ program
     const dim = (s) => `\x1b[2m${s}\x1b[0m`;
     console.log('');
     console.log(cyan('═══════════════════════════════════════════════════'));
-    console.log(cyan('       Codex Authentication Helper'));
+    console.log(cyan(`       ${displayName} Authentication Helper`));
     console.log(cyan('═══════════════════════════════════════════════════'));
     console.log('');
     if (!options.workspace) {
         console.log(red('Missing --workspace parameter.'));
         console.log('');
-        console.log('To connect Codex, follow these steps:');
+        console.log(`To connect ${displayName}, follow these steps:`);
         console.log('');
         console.log('  1. Go to the Agent Relay dashboard');
-        console.log('  2. Click "Connect with Codex" (Settings → AI Providers)');
+        console.log(`  2. Click "Connect with ${displayName}" (Settings → AI Providers)`);
         console.log('  3. Copy the command shown (it includes the workspace ID and token)');
         console.log('  4. Run the command in your terminal');
         console.log('');
         console.log('The command will look like:');
-        console.log(cyan('  npx agent-relay codex-auth --workspace=<ID> --token=<TOKEN>'));
+        console.log(cyan(`  npx agent-relay cli-auth ${cliName} --workspace=<ID> --token=<TOKEN>`));
         console.log('');
         process.exit(1);
     }
     const workspaceId = options.workspace;
+    console.log(`Provider: ${displayName}`);
     console.log(`Workspace: ${workspaceId.slice(0, 8)}...`);
     // Get tunnel info from cloud API
     console.log('Getting workspace connection info...');
@@ -4022,18 +4086,19 @@ program
     if (!options.token && !options.sessionCookie) {
         console.log(red('Missing --token parameter.'));
         console.log('');
-        console.log('The token is provided by the dashboard when you click "Connect with Codex".');
+        console.log(`The token is provided by the dashboard when you click "Connect with ${displayName}".`);
         console.log('Copy the complete command from the dashboard and paste it here.');
         console.log('');
         process.exit(1);
     }
     let tunnelInfo;
     try {
-        // Build URL with token query parameter
+        // Build URL with token and provider query parameters
         const tunnelInfoUrl = new URL(`${CLOUD_URL}/api/auth/codex-helper/tunnel-info/${workspaceId}`);
         if (options.token) {
             tunnelInfoUrl.searchParams.set('token', options.token);
         }
+        tunnelInfoUrl.searchParams.set('provider', provider);
         const response = await fetch(tunnelInfoUrl.toString(), {
             method: 'GET',
             headers,
@@ -4162,8 +4227,8 @@ program
         console.log('');
         console.log(cyan(tunnelInfo.authUrl));
         console.log('');
-        console.log(dim('The browser will redirect to localhost:1455, which tunnels to the workspace.'));
-        console.log(dim('The Codex CLI in the workspace will receive the callback and complete auth.'));
+        console.log(dim(`The browser will redirect to localhost:${TUNNEL_PORT}, which tunnels to the workspace.`));
+        console.log(dim(`The ${displayName} CLI in the workspace will receive the callback and complete auth.`));
         console.log('');
     }
     else {
@@ -4178,11 +4243,12 @@ program
     while (!authenticated && (Date.now() - startTime) < TIMEOUT_MS) {
         await new Promise(resolve => setTimeout(resolve, 3000));
         try {
-            // Build URL with token for authentication
+            // Build URL with token and provider for authentication
             const authStatusUrl = new URL(`${CLOUD_URL}/api/auth/codex-helper/auth-status/${workspaceId}`);
             if (options.token) {
                 authStatusUrl.searchParams.set('token', options.token);
             }
+            authStatusUrl.searchParams.set('provider', provider);
             const statusResponse = await fetch(authStatusUrl.toString(), { method: 'GET', headers, credentials: 'include' });
             if (statusResponse.ok) {
                 const statusData = await statusResponse.json();
@@ -4210,7 +4276,7 @@ program
         console.log(green('          Authentication Complete!'));
         console.log(green('═══════════════════════════════════════════════════'));
         console.log('');
-        console.log('Your Codex account is now connected to the workspace.');
+        console.log(`Your ${displayName} account is now connected to the workspace.`);
         console.log('You can close this terminal and return to the dashboard.');
         console.log('');
     }
@@ -4222,6 +4288,63 @@ program
         console.log('the callback. Check if the SSH tunnel was working correctly.');
         process.exit(1);
     }
+}
+// Shared options for all cli-auth commands
+const cliAuthOptions = {
+    workspace: '--workspace <id>',
+    cloudUrl: '--cloud-url <url>',
+    token: '--token <token>',
+    sessionCookie: '--session-cookie <cookie>',
+    timeout: '--timeout <seconds>',
+};
+const defaultCloudUrl = process.env.AGENT_RELAY_CLOUD_URL || 'https://agent-relay.com';
+// cli-auth <provider> - Generic command
+program
+    .command('cli-auth <provider>')
+    .description('Connect a provider via SSH tunnel to workspace (Claude, Codex, Cursor, etc.)')
+    .option(cliAuthOptions.workspace, 'Workspace ID to connect to')
+    .option(cliAuthOptions.cloudUrl, 'Cloud API URL', defaultCloudUrl)
+    .option(cliAuthOptions.token, 'CLI authentication token (from dashboard)')
+    .option(cliAuthOptions.sessionCookie, 'Session cookie for authentication (deprecated, use --token)')
+    .option(cliAuthOptions.timeout, 'Timeout in seconds (default: 300)', '300')
+    .action(async (providerArg, options) => {
+    await runCliAuth(providerArg, options);
+});
+// codex-auth - Backward-compatible alias
+program
+    .command('codex-auth')
+    .description('Connect Codex via SSH tunnel to workspace (alias for cli-auth codex)')
+    .option(cliAuthOptions.workspace, 'Workspace ID to connect to')
+    .option(cliAuthOptions.cloudUrl, 'Cloud API URL', defaultCloudUrl)
+    .option(cliAuthOptions.token, 'CLI authentication token (from dashboard)')
+    .option(cliAuthOptions.sessionCookie, 'Session cookie for authentication (deprecated, use --token)')
+    .option(cliAuthOptions.timeout, 'Timeout in seconds (default: 300)', '300')
+    .action(async (options) => {
+    await runCliAuth('codex', options);
+});
+// claude-auth - Alias for Claude/Anthropic
+program
+    .command('claude-auth')
+    .description('Connect Claude via SSH tunnel to workspace (alias for cli-auth claude)')
+    .option(cliAuthOptions.workspace, 'Workspace ID to connect to')
+    .option(cliAuthOptions.cloudUrl, 'Cloud API URL', defaultCloudUrl)
+    .option(cliAuthOptions.token, 'CLI authentication token (from dashboard)')
+    .option(cliAuthOptions.sessionCookie, 'Session cookie for authentication (deprecated, use --token)')
+    .option(cliAuthOptions.timeout, 'Timeout in seconds (default: 300)', '300')
+    .action(async (options) => {
+    await runCliAuth('claude', options);
+});
+// cursor-auth - Alias for Cursor
+program
+    .command('cursor-auth')
+    .description('Connect Cursor via SSH tunnel to workspace (alias for cli-auth cursor)')
+    .option(cliAuthOptions.workspace, 'Workspace ID to connect to')
+    .option(cliAuthOptions.cloudUrl, 'Cloud API URL', defaultCloudUrl)
+    .option(cliAuthOptions.token, 'CLI authentication token (from dashboard)')
+    .option(cliAuthOptions.sessionCookie, 'Session cookie for authentication (deprecated, use --token)')
+    .option(cliAuthOptions.timeout, 'Timeout in seconds (default: 300)', '300')
+    .action(async (options) => {
+    await runCliAuth('cursor', options);
 });
 // init - First-time setup wizard for Agent Relay
 async function runInit(options) {