alpic 0.0.0-dev.ff063bb → 0.0.0-dev.ff4302e

package/dist/commands/publish.js

@@ -0,0 +1,51 @@
+import * as p from "@clack/prompts";
+import { Flags } from "@oclif/core";
+import { AlpicCommand } from "../lib/alpic-command.js";
+import { PublishWorkflow } from "../lib/publish.js";
+import { resolveProjectId } from "../lib/resolve.js";
+export class Publish extends AlpicCommand {
+    static description = "Publish your MCP server to the MCP registry";
+    static examples = [
+        "<%= config.bin %> publish",
+        "<%= config.bin %> publish --non-interactive --domain my.domain.com --title 'My Server' --description 'Does things'",
+    ];
+    static flags = {
+        "non-interactive": Flags.boolean({
+            description: "Skip all prompts",
+            required: false,
+        }),
+        domain: Flags.string({
+            description: "Domain to publish for",
+            required: false,
+        }),
+        title: Flags.string({
+            description: "Server title (1-100 chars)",
+            required: false,
+        }),
+        description: Flags.string({
+            description: "Server description (1-100 chars)",
+            required: false,
+        }),
+        "website-url": Flags.string({
+            description: "Website URL",
+            required: false,
+        }),
+        "icon-src": Flags.string({
+            description: "Icon URL",
+            required: false,
+        }),
+        "project-id": Flags.string({
+            description: "Project ID",
+            required: false,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(Publish);
+        p.intro("Publishing to MCP Registry");
+        await this.ensureAuthenticated();
+        const projectId = resolveProjectId(flags);
+        const workflow = new PublishWorkflow(flags);
+        await workflow.publish(projectId);
+    }
+}
+//# sourceMappingURL=publish.js.map

package/dist/commands/publish.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"publish.js","sourceRoot":"","sources":["../../src/commands/publish.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAEpC,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAErD,MAAM,OAAO,OAAQ,SAAQ,YAAY;IACvC,MAAM,CAAU,WAAW,GAAG,6CAA6C,CAAC;IAE5E,MAAM,CAAU,QAAQ,GAAG;QACzB,2BAA2B;QAC3B,oHAAoH;KACrH,CAAC;IAEF,MAAM,CAAU,KAAK,GAAG;QACtB,iBAAiB,EAAE,KAAK,CAAC,OAAO,CAAC;YAC/B,WAAW,EAAE,kBAAkB;YAC/B,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC;YACnB,WAAW,EAAE,uBAAuB;YACpC,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC;YAClB,WAAW,EAAE,4BAA4B;YACzC,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC;YACxB,WAAW,EAAE,kCAAkC;YAC/C,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,aAAa,EAAE,KAAK,CAAC,MAAM,CAAC;YAC1B,WAAW,EAAE,aAAa;YAC1B,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,UAAU,EAAE,KAAK,CAAC,MAAM,CAAC;YACvB,WAAW,EAAE,UAAU;YACvB,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,YAAY,EAAE,KAAK,CAAC,MAAM,CAAC;YACzB,WAAW,EAAE,YAAY;YACzB,QAAQ,EAAE,KAAK;SAChB,CAAC;KACH,CAAC;IAEF,KAAK,CAAC,GAAG;QACP,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5C,CAAC,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAEtC,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAEjC,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC,CAAC;QAC5C,MAAM,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACpC,CAAC"}

package/dist/commands/telemetry/disable.d.ts

@@ -0,0 +1,5 @@
+import { Command } from "@oclif/core";
+export default class TelemetryDisable extends Command {
+    static description: string;
+    run(): Promise<void>;
+}

package/dist/commands/telemetry/disable.js

@@ -0,0 +1,14 @@
+import { Command } from "@oclif/core";
+import chalk from "chalk";
+import { setEnabled } from "../../lib/telemetry.js";
+export default class TelemetryDisable extends Command {
+    static description = "Disable Alpic telemetry on this machine";
+    async run() {
+        await this.parse(TelemetryDisable);
+        setEnabled(false);
+        console.log(chalk.yellow("✓"), "Telemetry has been", chalk.yellow.bold("disabled"));
+        console.log(chalk.gray("Config saved to ~/.alpic/config.json"));
+        console.log(chalk.gray("Alpic never collects Personally Identifiable Information (PII). If you'd like to help us improve Alpic by allowing anonymous CLI usage data, please re-enable telemetry with: alpic telemetry enable"));
+    }
+}
+//# sourceMappingURL=disable.js.map

package/dist/commands/telemetry/disable.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"disable.js","sourceRoot":"","sources":["../../../src/commands/telemetry/disable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAEpD,MAAM,CAAC,OAAO,OAAO,gBAAiB,SAAQ,OAAO;IACnD,MAAM,CAAU,WAAW,GAAG,yCAAyC,CAAC;IAExE,KAAK,CAAC,GAAG;QACP,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACnC,UAAU,CAAC,KAAK,CAAC,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,oBAAoB,EAAE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,IAAI,CACR,sMAAsM,CACvM,CACF,CAAC;IACJ,CAAC"}

package/dist/commands/telemetry/enable.d.ts

@@ -0,0 +1,5 @@
+import { Command } from "@oclif/core";
+export default class TelemetryEnable extends Command {
+    static description: string;
+    run(): Promise<void>;
+}

package/dist/commands/telemetry/enable.js

@@ -0,0 +1,13 @@
+import { Command } from "@oclif/core";
+import chalk from "chalk";
+import { setEnabled } from "../../lib/telemetry.js";
+export default class TelemetryEnable extends Command {
+    static description = "Enable Alpic telemetry on this machine";
+    async run() {
+        await this.parse(TelemetryEnable);
+        setEnabled(true);
+        console.log(chalk.green("✓"), "Telemetry has been", chalk.green.bold("enabled"));
+        console.log(chalk.gray("Config saved to ~/.alpic/config.json"));
+    }
+}
+//# sourceMappingURL=enable.js.map

package/dist/commands/telemetry/enable.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enable.js","sourceRoot":"","sources":["../../../src/commands/telemetry/enable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAEpD,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,OAAO;IAClD,MAAM,CAAU,WAAW,GAAG,wCAAwC,CAAC;IAEvE,KAAK,CAAC,GAAG;QACP,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QAClC,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,oBAAoB,EAAE,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QACjF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC,CAAC;IAClE,CAAC"}

package/dist/commands/telemetry/status.d.ts

@@ -0,0 +1,5 @@
+import { Command } from "@oclif/core";
+export default class TelemetryStatus extends Command {
+    static description: string;
+    run(): Promise<void>;
+}

package/dist/commands/telemetry/status.js

@@ -0,0 +1,19 @@
+import { Command } from "@oclif/core";
+import chalk from "chalk";
+import { getMachineId, isEnabled } from "../../lib/telemetry.js";
+export default class TelemetryStatus extends Command {
+    static description = "Show Alpic telemetry settings for this machine";
+    async run() {
+        await this.parse(TelemetryStatus);
+        const enabled = isEnabled();
+        console.log(chalk.bold.underline("Alpic Telemetry"));
+        console.log();
+        console.log("Status:", enabled ? chalk.green.bold("Enabled") : chalk.yellow.bold("Disabled"));
+        console.log(chalk.gray("Machine ID:"), getMachineId());
+        console.log();
+        console.log(chalk.gray("To opt out, run: alpic telemetry disable"));
+        console.log(chalk.gray("Or set: ALPIC_TELEMETRY_DISABLED=1"));
+        console.log(chalk.gray("Debug mode: ALPIC_TELEMETRY_DEBUG=1"));
+    }
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/telemetry/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../../src/commands/telemetry/status.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEjE,MAAM,CAAC,OAAO,OAAO,eAAgB,SAAQ,OAAO;IAClD,MAAM,CAAU,WAAW,GAAG,gDAAgD,CAAC;IAE/E,KAAK,CAAC,GAAG;QACP,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC9F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC,CAAC;QACpE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC,CAAC;IACjE,CAAC"}

package/dist/commands/tunnel.d.ts

@@ -0,0 +1,9 @@
+import { AlpicCommand } from "../lib/alpic-command.js";
+export declare class Tunnel extends AlpicCommand {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        port: import("@oclif/core/interfaces").OptionFlag<number, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/tunnel.js

@@ -0,0 +1,96 @@
+import * as p from "@clack/prompts";
+import { Flags } from "@oclif/core";
+import { pipenet } from "pipenet";
+import { api } from "../api.js";
+import { AlpicCommand } from "../lib/alpic-command.js";
+import { oauthLogin } from "../lib/auth/auth.js";
+import { oAuthClient } from "../lib/auth/oauth/client.js";
+export class Tunnel extends AlpicCommand {
+    static description = "Expose a local server to the internet through an Alpic tunnel";
+    static examples = ["<%= config.bin %> tunnel --port 3000"];
+    static flags = {
+        port: Flags.integer({
+            description: "Local port to tunnel",
+            required: true,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(Tunnel);
+        let token = await oAuthClient.getValidAccessToken();
+        if (!token) {
+            p.log.step("You need to be logged in to use the Alpic tunnel");
+            await oauthLogin();
+            token = await oAuthClient.getValidAccessToken();
+        }
+        if (!token) {
+            throw new Error("Cannot get valid access token");
+        }
+        const spinner = p.spinner();
+        spinner.start("Opening tunnel...");
+        const { ticket, tunnelHost, subdomain } = await api.tunnels.getTicket.v1(undefined, {
+            context: {
+                request: {
+                    headers: {
+                        Authorization: `Bearer ${token?.access_token}`,
+                    },
+                },
+            },
+        });
+        // terrible ux but pipenet client retries forever on error
+        // I'll probably open an issue/pr on their repo once I'm sure about the fix
+        const tunnel = await Promise.race([
+            pipenet({
+                port: flags.port,
+                host: `https://${tunnelHost}`,
+                subdomain: subdomain,
+                headers: { Authorization: `Bearer ${ticket}` },
+            }),
+            new Promise((_, reject) => {
+                const id = setTimeout(() => reject(new Error("Failed to connect to tunnel server")), 10_000);
+                id.unref?.(); // don't keep the event loop alive just for this timer
+            }),
+        ]);
+        spinner.stop(`Forwarding: https://${subdomain}.${tunnelHost} -> http://localhost:${flags.port}`);
+        p.log.info("Press Ctrl+C to close the tunnel");
+        let activities = [];
+        let cursor = 0;
+        const pushActivity = (message) => {
+            const d = new Date();
+            const now = `${String(d.getHours()).padStart(2, "0")}:${String(d.getMinutes()).padStart(2, "0")}:${String(d.getSeconds()).padStart(2, "0")}.${String(d.getMilliseconds()).padStart(3, "0")}`;
+            const activity = `${now} ${message}`;
+            activities = [activity, ...activities].slice(0, 5);
+            if (process.stdout.isTTY) {
+                // Move cursor up and clear previous note box so the next one renders in place
+                if (cursor > 0) {
+                    process.stdout.write(`\x1b[${cursor}A\x1b[J`);
+                }
+                p.note(activities.join("\n"), "Tunnel activity:");
+                // p.note renders 5 extra lines: leading bar, title bar, padding top, padding bottom, bottom bar
+                cursor = activities.length + 5;
+            }
+            else {
+                p.log.info(activity);
+            }
+        };
+        // Keep the process alive until Ctrl+C
+        await new Promise((resolve) => {
+            process.once("SIGINT", () => {
+                tunnel.close();
+                resolve();
+            });
+            process.once("SIGTERM", () => {
+                tunnel.close();
+                resolve();
+            });
+            tunnel.on("request", (req) => {
+                pushActivity(`${req.method} ${req.path}`);
+            });
+            tunnel.on("error", (err) => {
+                pushActivity(`⚠ ${err.message}`);
+            });
+            tunnel.on("close", resolve);
+        });
+        p.outro("Tunnel closed");
+    }
+}
+//# sourceMappingURL=tunnel.js.map

package/dist/commands/tunnel.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tunnel.js","sourceRoot":"","sources":["../../src/commands/tunnel.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,OAAO,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAChC,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAE1D,MAAM,OAAO,MAAO,SAAQ,YAAY;IACtC,MAAM,CAAU,WAAW,GAAG,+DAA+D,CAAC;IAE9F,MAAM,CAAU,QAAQ,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEpE,MAAM,CAAU,KAAK,GAAG;QACtB,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC;YAClB,WAAW,EAAE,sBAAsB;YACnC,QAAQ,EAAE,IAAI;SACf,CAAC;KACH,CAAC;IAEF,KAAK,CAAC,GAAG;QACP,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAE3C,IAAI,KAAK,GAAG,MAAM,WAAW,CAAC,mBAAmB,EAAE,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;YAC/D,MAAM,UAAU,EAAE,CAAC;YACnB,KAAK,GAAG,MAAM,WAAW,CAAC,mBAAmB,EAAE,CAAC;QAClD,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAEnC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,SAAS,EAAE;YAClF,OAAO,EAAE;gBACP,OAAO,EAAE;oBACP,OAAO,EAAE;wBACP,aAAa,EAAE,UAAU,KAAK,EAAE,YAAY,EAAE;qBAC/C;iBACF;aACF;SACF,CAAC,CAAC;QAEH,0DAA0D;QAC1D,2EAA2E;QAC3E,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;YAChC,OAAO,CAAC;gBACN,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,WAAW,UAAU,EAAE;gBAC7B,SAAS,EAAE,SAAS;gBACpB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,MAAM,EAAE,EAAE;aAC/C,CAAC;YACF,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;gBAC/B,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;gBAC7F,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,sDAAsD;YACtE,CAAC,CAAC;SACH,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,uBAAuB,SAAS,IAAI,UAAU,wBAAwB,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAE/C,IAAI,UAAU,GAAa,EAAE,CAAC;QAC9B,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,MAAM,YAAY,GAAG,CAAC,OAAe,EAAE,EAAE;YACvC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC;YACrB,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;YAC7L,MAAM,QAAQ,GAAG,GAAG,GAAG,IAAI,OAAO,EAAE,CAAC;YACrC,UAAU,GAAG,CAAC,QAAQ,EAAE,GAAG,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAEnD,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACzB,8EAA8E;gBAC9E,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;oBACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,MAAM,SAAS,CAAC,CAAC;gBAChD,CAAC;gBACD,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,kBAAkB,CAAC,CAAC;gBAClD,gGAAgG;gBAChG,MAAM,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;YACjC,CAAC;iBAAM,CAAC;gBACN,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC;QAEF,sCAAsC;QACtC,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YAClC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE;gBAC1B,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE;gBAC3B,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC3B,YAAY,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5C,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAChC,YAAY,CAAC,KAAK,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IAC3B,CAAC"}

package/dist/commands/whoami.d.ts

@@ -0,0 +1,6 @@
+import { AlpicCommand } from "../lib/alpic-command.js";
+export declare class Whoami extends AlpicCommand {
+    static description: string;
+    static examples: string[];
+    run(): Promise<void>;
+}

package/dist/commands/whoami.js

@@ -0,0 +1,13 @@
+import * as p from "@clack/prompts";
+import { AlpicCommand } from "../lib/alpic-command.js";
+import { getWhoamiInfoMessage } from "../lib/auth/whoami.js";
+export class Whoami extends AlpicCommand {
+    static description = "Show the current Alpic identity (API key or logged-in user)";
+    static examples = ["<%= config.bin %> whoami"];
+    async run() {
+        await this.parse(Whoami);
+        p.intro("Reading authentication status…");
+        p.outro(await getWhoamiInfoMessage());
+    }
+}
+//# sourceMappingURL=whoami.js.map

package/dist/commands/whoami.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"whoami.js","sourceRoot":"","sources":["../../src/commands/whoami.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AAEpC,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAE7D,MAAM,OAAO,MAAO,SAAQ,YAAY;IACtC,MAAM,CAAU,WAAW,GAAG,6DAA6D,CAAC;IAE5F,MAAM,CAAU,QAAQ,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAExD,KAAK,CAAC,GAAG;QACP,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEzB,CAAC,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAE1C,CAAC,CAAC,KAAK,CAAC,MAAM,oBAAoB,EAAE,CAAC,CAAC;IACxC,CAAC"}

package/dist/env.d.ts

@@ -0,0 +1,4 @@
+export declare const env: Readonly<{
+    ALPIC_API_BASE_URL: string;
+    ALPIC_COGNITO_CLIENT_ID: string;
+}>;

package/dist/env.js

@@ -0,0 +1,10 @@
+import { createEnv } from "@t3-oss/env-core";
+import { z } from "zod";
+export const env = createEnv({
+    server: {
+        ALPIC_API_BASE_URL: z.string().default("https://api.alpic.ai"),
+        ALPIC_COGNITO_CLIENT_ID: z.string().default("h9nqsttp8ddb40ddi1aoni91h"),
+    },
+    runtimeEnv: process.env,
+});
+//# sourceMappingURL=env.js.map

package/dist/env.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"env.js","sourceRoot":"","sources":["../src/env.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,GAAG,GAAG,SAAS,CAAC;IAC3B,MAAM,EAAE;QACN,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,sBAAsB,CAAC;QAC9D,uBAAuB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,2BAA2B,CAAC;KACzE;IACD,UAAU,EAAE,OAAO,CAAC,GAAG;CACxB,CAAC,CAAC"}

package/dist/lib/alpic-command.d.ts

@@ -0,0 +1,6 @@
+import { Command } from "@oclif/core";
+export declare abstract class AlpicCommand extends Command {
+    catch(error: unknown): Promise<void>;
+    ensureAuthenticated(): Promise<void>;
+    protected exitWithErrorMessage(message: string): void;
+}

package/dist/lib/alpic-command.js

@@ -0,0 +1,27 @@
+import * as p from "@clack/prompts";
+import { Command } from "@oclif/core";
+import { ORPCError } from "@orpc/client";
+import { isAuthenticated } from "./auth/auth.js";
+export class AlpicCommand extends Command {
+    async catch(error) {
+        if (error instanceof ORPCError) {
+            this.exitWithErrorMessage(`An error occurred while connecting to Alpic: ${error.message}`);
+            return;
+        }
+        if (error instanceof Error) {
+            this.exitWithErrorMessage(error.message);
+            return;
+        }
+        this.exitWithErrorMessage(String(error));
+    }
+    async ensureAuthenticated() {
+        if (!(await isAuthenticated())) {
+            this.exitWithErrorMessage("Not authenticated. Run `alpic login` or set ALPIC_API_KEY. Get an API key from Team settings in the Alpic dashboard.");
+        }
+    }
+    exitWithErrorMessage(message) {
+        p.cancel(message);
+        this.exit(1);
+    }
+}
+//# sourceMappingURL=alpic-command.js.map

package/dist/lib/alpic-command.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"alpic-command.js","sourceRoot":"","sources":["../../src/lib/alpic-command.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAEjD,MAAM,OAAgB,YAAa,SAAQ,OAAO;IACvC,KAAK,CAAC,KAAK,CAAC,KAAc;QACjC,IAAI,KAAK,YAAY,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,oBAAoB,CAAC,gDAAgD,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3F,OAAO;QACT,CAAC;QACD,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACzC,OAAO;QACT,CAAC;QACD,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC,CAAC,MAAM,eAAe,EAAE,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,oBAAoB,CACvB,sHAAsH,CACvH,CAAC;QACJ,CAAC;IACH,CAAC;IAES,oBAAoB,CAAC,OAAe;QAC5C,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAClB,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACf,CAAC;CACF"}

package/dist/lib/archive.d.ts

@@ -1,7 +1,7 @@
 export declare function ensureGitAvailable(): void;
-export declare function getGitFiles(deployDir: string): string[];
-export declare function getFilesToPack(deployDir: string): string[];
-export declare function createTarArchive(files: string[], deployDir: string): Promise<{
+export declare function getGitFiles(): string[];
+export declare function getFilesToPack(): string[];
+export declare function createTarArchive(files: string[]): Promise<{
     tmpDir: string;
     archivePath: string;
 }>;

package/dist/lib/archive.js

@@ -1,11 +1,11 @@
 import { execSync } from "node:child_process";
 import { existsSync, mkdtempSync, rmSync } from "node:fs";
 import { tmpdir } from "node:os";
-import { join, resolve } from "node:path";
+import { join } from "node:path";
 import { create as tarCreate } from "tar";
 const GIT_FILES_MAX_BUFFER = 10 * 1024 * 1024;
-function isGitRepository(dir) {
-    return existsSync(join(resolve(dir), ".git"));
+function isGitRepository() {
+    return existsSync(join(process.cwd(), ".git"));
 }
 export function ensureGitAvailable() {
     try {
@@ -15,10 +15,8 @@ export function ensureGitAvailable() {
         throw new Error("Git is required to deploy. Please install git and ensure it is available in your PATH.");
     }
 }
-export function getGitFiles(deployDir) {
-    const dir = resolve(deployDir);
+export function getGitFiles() {
     const output = execSync("git ls-files -z --cached --others --exclude-standard -- .", {
-        cwd: dir,
         encoding: "utf8",
         maxBuffer: GIT_FILES_MAX_BUFFER,
     });
@@ -28,27 +26,25 @@ export function getGitFiles(deployDir) {
     }
     return files;
 }
-export function getFilesToPack(deployDir) {
-    const dir = resolve(deployDir);
-    if (isGitRepository(dir)) {
-        return getGitFiles(deployDir);
+export function getFilesToPack() {
+    if (isGitRepository()) {
+        return getGitFiles();
     }
     ensureGitAvailable();
-    execSync("git init", { cwd: dir });
+    execSync("git init", { stdio: "ignore" });
     try {
-        return getGitFiles(deployDir);
+        return getGitFiles();
     }
     finally {
-        rmSync(join(dir, ".git"), { recursive: true });
+        rmSync(join(process.cwd(), ".git"), { recursive: true, force: true });
     }
 }
-export async function createTarArchive(files, deployDir) {
+export async function createTarArchive(files) {
     const tmpDir = mkdtempSync(join(tmpdir(), "alpic-deploy-"));
     const archivePath = join(tmpDir, "source.tar.gz");
     await tarCreate({
         gzip: true,
         file: archivePath,
-        cwd: deployDir,
     }, files);
     return { tmpDir, archivePath };
 }

package/dist/lib/archive.js.map

@@ -1 +1 @@
-{"version":3,"file":"archive.js","sourceRoot":"","sources":["../../src/lib/archive.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,KAAK,CAAC;AAE1C,MAAM,oBAAoB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AAE9C,SAAS,eAAe,CAAC,GAAW;IAClC,OAAO,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,IAAI,CAAC;QACH,QAAQ,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,wFAAwF,CAAC,CAAC;IAC5G,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,SAAiB;IAC3C,MAAM,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,QAAQ,CAAC,2DAA2D,EAAE;QACnF,GAAG,EAAE,GAAG;QACR,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,oBAAoB;KAChC,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,+FAA+F,CAAC,CAAC;IACnH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,SAAiB;IAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/B,IAAI,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,WAAW,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC;IACD,kBAAkB,EAAE,CAAC;IACrB,QAAQ,CAAC,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC;QACH,OAAO,WAAW,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC;YAAS,CAAC;QACT,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAe,EAAE,SAAiB;IACvE,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAClD,MAAM,SAAS,CACb;QACE,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,WAAW;QACjB,GAAG,EAAE,SAAS;KACf,EACD,KAAK,CACN,CAAC;IACF,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC"}
+{"version":3,"file":"archive.js","sourceRoot":"","sources":["../../src/lib/archive.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,KAAK,CAAC;AAE1C,MAAM,oBAAoB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AAE9C,SAAS,eAAe;IACtB,OAAO,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,IAAI,CAAC;QACH,QAAQ,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,wFAAwF,CAAC,CAAC;IAC5G,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,MAAM,MAAM,GAAG,QAAQ,CAAC,2DAA2D,EAAE;QACnF,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,oBAAoB;KAChC,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,+FAA+F,CAAC,CAAC;IACnH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,IAAI,eAAe,EAAE,EAAE,CAAC;QACtB,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC;IACD,kBAAkB,EAAE,CAAC;IACrB,QAAQ,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1C,IAAI,CAAC;QACH,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC;YAAS,CAAC;QACT,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACxE,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAe;IACpD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAClD,MAAM,SAAS,CACb;QACE,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,WAAW;KAClB,EACD,KAAK,CACN,CAAC;IACF,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC"}

package/dist/lib/auth/auth.d.ts

@@ -0,0 +1,3 @@
+export declare function getApiToken(): Promise<string | undefined>;
+export declare function isAuthenticated(): Promise<boolean>;
+export declare function oauthLogin(): Promise<void>;

package/dist/lib/auth/auth.js

@@ -0,0 +1,39 @@
+import * as p from "@clack/prompts";
+import chalk from "chalk";
+import open from "open";
+import { globalStore } from "../global-store.js";
+import { oAuthClient } from "./oauth/client.js";
+import { getLoginPageUrl, listenToOAuthCallback } from "./oauth/server/index.js";
+export async function getApiToken() {
+    const token = process.env.ALPIC_API_KEY ?? (await oAuthClient.getValidAccessToken())?.access_token;
+    return token;
+}
+export async function isAuthenticated() {
+    const isAuthenticatedViaApiKey = hasApiKey();
+    if (isAuthenticatedViaApiKey)
+        return true;
+    const isAuthenticatedViaOAuth = await hasValidAccessToken();
+    if (isAuthenticatedViaOAuth)
+        return true;
+    return false;
+}
+function hasApiKey() {
+    return process.env.ALPIC_API_KEY !== undefined;
+}
+async function hasValidAccessToken() {
+    return (await oAuthClient.getValidAccessToken()) !== null;
+}
+export async function oauthLogin() {
+    const { authorizeUrl, state, nonce, codeVerifier } = await oAuthClient.prepareOAuthConfig();
+    const loginUrl = getLoginPageUrl();
+    p.log.message(`Opening browser to log in…\n\nIf the browser does not open, copy this URL: ${chalk.cyan(loginUrl)}`);
+    await open(loginUrl);
+    const storedToken = await listenToOAuthCallback({
+        state,
+        nonce,
+        codeVerifier,
+        authorizeUrl: authorizeUrl.toString(),
+    });
+    globalStore.saveCredentials(storedToken);
+}
+//# sourceMappingURL=auth.js.map

package/dist/lib/auth/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/lib/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,gBAAgB,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAEjF,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,MAAM,WAAW,CAAC,mBAAmB,EAAE,CAAC,EAAE,YAAY,CAAC;IAEnG,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,wBAAwB,GAAG,SAAS,EAAE,CAAC;IAC7C,IAAI,wBAAwB;QAAE,OAAO,IAAI,CAAC;IAC1C,MAAM,uBAAuB,GAAG,MAAM,mBAAmB,EAAE,CAAC;IAC5D,IAAI,uBAAuB;QAAE,OAAO,IAAI,CAAC;IAEzC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,SAAS;IAChB,OAAO,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,SAAS,CAAC;AACjD,CAAC;AAED,KAAK,UAAU,mBAAmB;IAChC,OAAO,CAAC,MAAM,WAAW,CAAC,mBAAmB,EAAE,CAAC,KAAK,IAAI,CAAC;AAC5D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU;IAC9B,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,MAAM,WAAW,CAAC,kBAAkB,EAAE,CAAC;IAE5F,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;IACnC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,8EAA8E,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACpH,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC;IAErB,MAAM,WAAW,GAAG,MAAM,qBAAqB,CAAC;QAC9C,KAAK;QACL,KAAK;QACL,YAAY;QACZ,YAAY,EAAE,YAAY,CAAC,QAAQ,EAAE;KACtC,CAAC,CAAC;IAEH,WAAW,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;AAC3C,CAAC"}

package/dist/lib/auth/oauth/client.d.ts

@@ -0,0 +1,28 @@
+import * as openid from "openid-client";
+import { type Credentials } from "../../global-store.js";
+export declare class OAuthClient {
+    private config;
+    initialize: Promise<void>;
+    constructor();
+    getValidAccessToken(): Promise<Credentials | null>;
+    fetchUserInfo(credentials: Credentials): Promise<openid.UserInfoResponse>;
+    refreshAccessToken(credentials: Credentials): Promise<Credentials>;
+    prepareOAuthConfig(): Promise<{
+        authorizeUrl: URL;
+        state: string;
+        nonce: string;
+        codeVerifier: string;
+    }>;
+    exchangeAuthorizationCode({ url, codeVerifier, state, nonce, }: {
+        url: URL;
+        codeVerifier: string;
+        state: string;
+        nonce: string;
+    }): Promise<openid.TokenEndpointResponse & openid.TokenEndpointResponseHelpers>;
+    getExpiresAt(expires_in: number): number;
+    private loadConfig;
+    private fetchOAuthProtectedResourceConfig;
+    private getConfig;
+    private isAccessTokenExpired;
+}
+export declare const oAuthClient: OAuthClient;

package/dist/lib/auth/oauth/client.js

@@ -0,0 +1,110 @@
+import * as openid from "openid-client";
+import { env } from "../../../env.js";
+import { globalStore } from "../../global-store.js";
+import { LOOPBACK_HOST, LOOPBACK_PORT } from "./constants.js";
+const SCOPES = ["openid", "email", "profile"];
+export class OAuthClient {
+    config = null;
+    initialize;
+    constructor() {
+        this.initialize = this.loadConfig();
+    }
+    async getValidAccessToken() {
+        await this.initialize;
+        const stored = globalStore.getCredentials();
+        if (!stored) {
+            return null;
+        }
+        if (this.isAccessTokenExpired(stored)) {
+            try {
+                return await this.refreshAccessToken(stored);
+            }
+            catch {
+                return null;
+            }
+        }
+        return stored;
+    }
+    async fetchUserInfo(credentials) {
+        return openid.fetchUserInfo(await this.getConfig(), credentials.access_token, credentials.sub);
+    }
+    async refreshAccessToken(credentials) {
+        if (!credentials.refresh_token) {
+            throw new Error("No refresh token available");
+        }
+        const response = await openid.refreshTokenGrant(await this.getConfig(), credentials.refresh_token);
+        const refreshed = {
+            access_token: response.access_token,
+            refresh_token: response.refresh_token ?? credentials.refresh_token,
+            expires_at: this.getExpiresAt(response.expires_in ?? 0),
+            sub: credentials.sub,
+        };
+        globalStore.saveCredentials(refreshed);
+        return refreshed;
+    }
+    async prepareOAuthConfig() {
+        await this.initialize;
+        if (!this.config) {
+            throw new Error("Config not loaded");
+        }
+        const codeVerifier = openid.randomPKCECodeVerifier();
+        const codeChallenge = await openid.calculatePKCECodeChallenge(codeVerifier);
+        const state = openid.randomState();
+        const nonce = openid.randomNonce();
+        const callbackUrl = new URL(`http://${LOOPBACK_HOST}:${LOOPBACK_PORT}/callback`);
+        const authorizeUrl = openid.buildAuthorizationUrl(this.config, {
+            redirect_uri: callbackUrl.toString(),
+            scope: SCOPES.join(" "),
+            code_challenge: codeChallenge,
+            code_challenge_method: "S256",
+            state,
+            nonce,
+        });
+        return { authorizeUrl, state, nonce, codeVerifier };
+    }
+    async exchangeAuthorizationCode({ url, codeVerifier, state, nonce, }) {
+        return await openid.authorizationCodeGrant(await this.getConfig(), url, {
+            pkceCodeVerifier: codeVerifier,
+            expectedState: state,
+            expectedNonce: nonce,
+        });
+    }
+    getExpiresAt(expires_in) {
+        return expires_in !== undefined ? Math.floor(Date.now() / 1000) + expires_in : Date.now() / 1000 + 3600;
+    }
+    async loadConfig() {
+        const protectedResourceConfig = await this.fetchOAuthProtectedResourceConfig();
+        const issuer = protectedResourceConfig.authorization_servers[0];
+        if (!issuer) {
+            throw new Error("No authorization server in OAuth protected resource config");
+        }
+        const issuerUrl = new URL(issuer);
+        try {
+            this.config = await openid.discovery(issuerUrl, env.ALPIC_COGNITO_CLIENT_ID);
+        }
+        catch {
+            throw new Error("Failed to discover OAuth config");
+        }
+    }
+    async fetchOAuthProtectedResourceConfig() {
+        const baseUrl = env.ALPIC_API_BASE_URL;
+        const response = await fetch(`${baseUrl}/.well-known/oauth-protected-resource`);
+        if (!response.ok) {
+            throw new Error(`Failed to load service config from ${baseUrl} (${response.status} ${response.statusText})`);
+        }
+        return (await response.json());
+    }
+    async getConfig() {
+        await this.initialize;
+        if (!this.config) {
+            throw new Error("Config not loaded");
+        }
+        return this.config;
+    }
+    isAccessTokenExpired(credentials) {
+        const EXPIRATION_WINDOW_IN_SECONDS = 300;
+        return Date.now() / 1000 + EXPIRATION_WINDOW_IN_SECONDS >= credentials.expires_at;
+    }
+}
+export const oAuthClient = new OAuthClient();
+//# sourceMappingURL=client.js.map

package/dist/lib/auth/oauth/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../../src/lib/auth/oauth/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AAExC,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AACtC,OAAO,EAAoB,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAE9D,MAAM,MAAM,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;AAU9C,MAAM,OAAO,WAAW;IACd,MAAM,GAAgC,IAAI,CAAC;IACnD,UAAU,CAAgB;IAE1B;QACE,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,mBAAmB;QACvB,MAAM,IAAI,CAAC,UAAU,CAAC;QACtB,MAAM,MAAM,GAAG,WAAW,CAAC,cAAc,EAAE,CAAC;QAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;YAC/C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,WAAwB;QAC1C,OAAO,MAAM,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,SAAS,EAAE,EAAE,WAAW,CAAC,YAAY,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC;IACjG,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,WAAwB;QAC/C,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,MAAM,IAAI,CAAC,SAAS,EAAE,EAAE,WAAW,CAAC,aAAa,CAAC,CAAC;QAEnG,MAAM,SAAS,GAAgB;YAC7B,YAAY,EAAE,QAAQ,CAAC,YAAY;YACnC,aAAa,EAAE,QAAQ,CAAC,aAAa,IAAI,WAAW,CAAC,aAAa;YAClE,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,UAAU,IAAI,CAAC,CAAC;YACvD,GAAG,EAAE,WAAW,CAAC,GAAG;SACrB,CAAC;QAEF,WAAW,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;QACvC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,kBAAkB;QACtB,MAAM,IAAI,CAAC,UAAU,CAAC;QACtB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,CAAC,sBAAsB,EAAE,CAAC;QACrD,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,YAAY,CAAC,CAAC;QAC5E,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,UAAU,aAAa,IAAI,aAAa,WAAW,CAAC,CAAC;QAEjF,MAAM,YAAY,GAAG,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,MAAM,EAAE;YAC7D,YAAY,EAAE,WAAW,CAAC,QAAQ,EAAE;YACpC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACvB,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,MAAM;YAC7B,KAAK;YACL,KAAK;SACN,CAAC,CAAC;QAEH,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,EAC9B,GAAG,EACH,YAAY,EACZ,KAAK,EACL,KAAK,GAMN;QACC,OAAO,MAAM,MAAM,CAAC,sBAAsB,CAAC,MAAM,IAAI,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE;YACtE,gBAAgB,EAAE,YAAY;YAC9B,aAAa,EAAE,KAAK;YACpB,aAAa,EAAE,KAAK;SACrB,CAAC,CAAC;IACL,CAAC;IAED,YAAY,CAAC,UAAkB;QAC7B,OAAO,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;IAC1G,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,iCAAiC,EAAE,CAAC;QAC/E,MAAM,MAAM,GAAG,uBAAuB,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAChE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;QAChF,CAAC;QACD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,CAAC,uBAAuB,CAAC,CAAC;QAC/E,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,iCAAiC;QAC7C,MAAM,OAAO,GAAG,GAAG,CAAC,kBAAkB,CAAC;QACvC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,uCAAuC,CAAC,CAAC;QAChF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,sCAAsC,OAAO,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,GAAG,CAAC,CAAC;QAC/G,CAAC;QACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiC,CAAC;IACjE,CAAC;IAEO,KAAK,CAAC,SAAS;QACrB,MAAM,IAAI,CAAC,UAAU,CAAC;QACtB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAEO,oBAAoB,CAAC,WAAwB;QACnD,MAAM,4BAA4B,GAAG,GAAG,CAAC;QACzC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,4BAA4B,IAAI,WAAW,CAAC,UAAU,CAAC;IACpF,CAAC;CACF;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC"}

package/dist/lib/auth/oauth/constants.d.ts

@@ -0,0 +1,2 @@
+export declare const LOOPBACK_HOST = "127.0.0.1";
+export declare const LOOPBACK_PORT = 38472;