npm - blackboard-upc - Versions diffs - 1.0.8 → 1.0.10 - Mend

blackboard-upc 1.0.8 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,35 @@ All notable changes to `blackboard-upc` will be documented here.
 ---
+## [1.0.10] — 2026-04-24
+### Added
+- **TTL real del SSO en `whoami`, `status` y `login`** — ahora se muestran las dos ventanas: la del token de Blackboard (~3h, se auto-renueva) y la del SSO de Microsoft (~90 días, la ventana real hasta que hay que re-loguearse). Ejemplo:
+  ```
+  SSO Microsoft: 89 días · Blackboard: 173 min
+  se auto-renueva hasta que el SSO expire o hagas logout
+  ```
+- `getSsoExpiry()` helper en `src/auth/login.ts` — lee el expiry de `ESTSAUTHPERSISTENT` (la cookie de Microsoft que controla la persistencia del SSO) desde la sesión guardada, sin llamadas de red
+- `formatSessionLifetime()` helper en `src/ui/theme.ts` — centraliza el formato de las dos líneas (resumen + nota) y maneja el caso donde el SSO es session-only
+### Changed
+- `blackboard login` ya no muestra "expira en 3h" (engañoso, porque se auto-renueva); muestra la misma info que `whoami`/`status`
+---
+## [1.0.9] — 2026-04-24
+### Fixed
+- **`whoami` y `status` mostraban `unknown`** — el extractor leía `userData.userName`, campo que la API de UPC no devuelve. Ahora se arma desde `name.given + name.family` con fallback a `studentId`
+- **`logout` no permitía cambiar de cuenta** — solo borraba `session.json` pero no el browser profile de Playwright (`~/.blackboard-cli/browser-profile`), donde viven las cookies de Microsoft SSO. El siguiente `login` se auto-autenticaba con la misma cuenta. Ahora `logout` borra también el profile
+### Added
+- `blackboard logout --keep-profile` — conserva las cookies SSO (útil para renovar sesión de la misma cuenta sin re-ingresar credenciales)
+- **Self-heal de sesiones viejas** — `whoami` y `status` detectan `userName: null` en sesiones guardadas con versiones previas y rellenan el nombre llamando a `/users/me` una sola vez (sin necesidad de re-login)
+- `resolveDisplayName()` helper en `src/auth/login.ts` — centraliza la lógica de nombre desde la respuesta de `/users/me`
+---
 ## [1.0.8] — 2026-04-19
 ### Added

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "blackboard-upc",
-  "version": "1.0.8",
+  "version": "1.0.10",
   "description": "CLI no oficial para UPC Aula Virtual (Blackboard Learn) — acceso desde la terminal y MCP para Claude",
   "main": "run.js",
   "bin": {

package/src/auth/login.ts CHANGED Viewed

@@ -43,6 +43,41 @@ function extractBbRouterExpiry(cookies: Cookie[]): number {
   return Date.now() + SESSION_TTL_FALLBACK_MS;
 }
+// UPC's /users/me omits `userName` at the root. The display name must be
+// assembled from `name.given` + `name.family`, falling back to `studentId`.
+export function resolveDisplayName(userData: any): string | undefined {
+  if (!userData) return undefined;
+  if (typeof userData.userName === 'string' && userData.userName.trim()) return userData.userName.trim();
+  const full = [userData?.name?.given, userData?.name?.family].filter(Boolean).join(' ').trim();
+  if (full) return full;
+  if (userData?.name?.preferredDisplayName && typeof userData.name.preferredDisplayName === 'string') {
+    const pdn = userData.name.preferredDisplayName.trim();
+    if (pdn && pdn !== 'GivenName' && pdn !== 'FamilyName') return pdn;
+  }
+  return userData.studentId || undefined;
+}
+// Microsoft SSO persistence is controlled specifically by ESTSAUTHPERSIST
+// (set when the user accepts "Keep me signed in"). Other cookies on
+// login.microsoftonline.com like MUID/fpc are tracking and persist ~1 year
+// but don't keep the user signed in — ignore them.
+const SSO_COOKIE_NAMES = new Set(['ESTSAUTHPERSISTENT', 'ESTSAUTHLIGHT', 'ESTSAUTH']);
+export function getSsoExpiry(cookies: Cookie[]): number | undefined {
+  const ssoCookies = cookies.filter(c =>
+    SSO_COOKIE_NAMES.has(c.name) &&
+    (c.domain.includes('login.microsoftonline.com') || c.domain.includes('login.live.com'))
+  );
+  const now = Date.now();
+  const future = ssoCookies
+    .map(c => c.expires)
+    .filter((e): e is number => typeof e === 'number' && e > 0)
+    .map(e => e * 1000)
+    .filter(ms => ms > now);
+  if (future.length === 0) return undefined;
+  return Math.max(...future);
+}
 function extractXsrf(cookies: Cookie[]): string {
   const bb = cookies.find(c => c.name === 'BbRouter');
   if (bb) {
@@ -158,16 +193,18 @@ export async function login(opts: LoginOptions = {}): Promise<Session> {
       if (resp.ok()) userData = await resp.json();
     } catch {}
+    const displayName = resolveDisplayName(userData);
     const session: Session = {
       cookies,
       xsrfToken: nonce,
       userId: userData?.id,
-      userName: userData?.userName,
+      userName: displayName,
       expiresAt: extractBbRouterExpiry(cookies),
     };
     saveSession(session);
-    console.log(`✓ Logged in as ${userData?.userName || 'unknown'}`);
+    console.log(`✓ Logged in as ${displayName || 'unknown'}`);
     return session;
   } finally {
@@ -215,11 +252,33 @@ export async function silentRelogin(previousSession?: Session | null): Promise<S
       throw new SilentLoginFailed('Redirect succeeded but session cookies are missing');
     }
+    let userId = previousSession?.userId;
+    let userName = previousSession?.userName;
+    // Self-heal: older sessions were stored with userName=null because the
+    // old extractor looked at the wrong field. Refetch once if it's missing.
+    if (!userName || !userId) {
+      try {
+        const cookieStrForApi = cookies
+          .filter(c => c.domain.includes('aulavirtual.upc.edu.pe'))
+          .map(c => `${c.name}=${c.value}`)
+          .join('; ');
+        const resp = await page.request.get(`${BASE_URL}/learn/api/public/v1/users/me`, {
+          headers: { Accept: 'application/json', Cookie: cookieStrForApi },
+        });
+        if (resp.ok()) {
+          const me = await resp.json();
+          userId = userId ?? me?.id;
+          userName = userName ?? resolveDisplayName(me);
+        }
+      } catch {}
+    }
     const session: Session = {
       cookies,
       xsrfToken: extractXsrf(cookies),
-      userId: previousSession?.userId,
-      userName: previousSession?.userName,
+      userId,
+      userName,
       expiresAt: extractBbRouterExpiry(cookies),
     };

package/src/auth/session.ts CHANGED Viewed

@@ -5,6 +5,7 @@ import type { Session } from '../types/index.js';
 const SESSION_DIR = path.join(os.homedir(), '.blackboard-cli');
 const SESSION_FILE = path.join(SESSION_DIR, 'session.json');
+const PROFILE_DIR = path.join(SESSION_DIR, 'browser-profile');
 export function saveSession(session: Session): void {
   if (!fs.existsSync(SESSION_DIR)) {
@@ -27,10 +28,20 @@ export function loadSession(): Session | null {
   }
 }
-export function clearSession(): void {
+export function clearSession(opts: { keepProfile?: boolean } = {}): void {
   try {
     if (fs.existsSync(SESSION_FILE)) fs.unlinkSync(SESSION_FILE);
   } catch {}
+  if (!opts.keepProfile) clearBrowserProfile();
+}
+// The browser profile holds Microsoft SSO cookies. Without clearing it,
+// the next `login` silently re-authenticates with the same account and
+// switching users becomes impossible.
+export function clearBrowserProfile(): void {
+  try {
+    if (fs.existsSync(PROFILE_DIR)) fs.rmSync(PROFILE_DIR, { recursive: true, force: true });
+  } catch {}
 }
 export function isSessionValid(session: Session | null): boolean {

package/src/commands/login.ts CHANGED Viewed

@@ -2,9 +2,11 @@ import { Command } from 'commander';
 import inquirer from 'inquirer';
 import chalk from 'chalk';
 import ora from 'ora';
-import { login } from '../auth/login.js';
-import { loadSession, loadOrRefreshSession, clearSession, isSessionValid } from '../auth/session.js';
-import { ok, fail, warn, whatNext } from '../ui/theme.js';
+import { login, resolveDisplayName, getSsoExpiry } from '../auth/login.js';
+import { loadSession, loadOrRefreshSession, saveSession, clearSession, isSessionValid } from '../auth/session.js';
+import { createClient } from '../api/client.js';
+import { getMe } from '../api/courses.js';
+import { ok, fail, warn, whatNext, formatSessionLifetime } from '../ui/theme.js';
 export function loginCommand(program: Command) {
   program
@@ -34,9 +36,11 @@ export function loginCommand(program: Command) {
           password: opts.password,
         });
-        const remainingMin = Math.round((session.expiresAt - Date.now()) / 60_000);
-        const remainingHr  = (remainingMin / 60).toFixed(1);
-        console.log(ok(`Sesión guardada — expira en ${remainingHr}h`));
+        const ssoExpiresAt = getSsoExpiry(session.cookies);
+        const { summary, note } = formatSessionLifetime(session.expiresAt, ssoExpiresAt);
+        console.log(ok(`Sesión guardada`));
+        console.log(chalk.gray(`  ${summary}`));
+        console.log(chalk.gray(`  ${note}`));
         if (session.userName) console.log(chalk.gray(`  Usuario: ${session.userName}`));
         if (session.userId)   console.log(chalk.gray(`  ID:      ${session.userId}`));
         whatNext();
@@ -48,23 +52,44 @@ export function loginCommand(program: Command) {
   program
     .command('logout')
-    .description('Clear the saved session')
-    .action(() => {
-      clearSession();
-      console.log(chalk.green('✓ Session cleared'));
+    .description('Borra la sesión y las cookies SSO para poder cambiar de cuenta')
+    .option('--keep-profile', 'Conservar las cookies SSO del navegador (no permite cambiar de cuenta)')
+    .action((opts) => {
+      clearSession({ keepProfile: !!opts.keepProfile });
+      if (opts.keepProfile) {
+        console.log(chalk.green('✓ Sesión borrada') + chalk.gray(' (profile SSO conservado)'));
+      } else {
+        console.log(chalk.green('✓ Sesión y profile SSO borrados'));
+        console.log(chalk.gray('  El próximo `blackboard login` te pedirá credenciales de nuevo.'));
+      }
     });
   program
     .command('whoami')
     .description('Show current logged-in user')
     .action(async () => {
-      const session = await loadOrRefreshSession();
+      let session = await loadOrRefreshSession();
       if (!isSessionValid(session)) {
         console.log(chalk.red('Not logged in. Run: blackboard login'));
         process.exit(1);
       }
+      // Self-heal old sessions that were stored with userName=null.
+      if (!session!.userName) {
+        try {
+          const me = await getMe(createClient(session!));
+          const name = resolveDisplayName(me);
+          if (name) {
+            session = { ...session!, userId: session!.userId ?? me?.id, userName: name };
+            saveSession(session!);
+          }
+        } catch {}
+      }
       console.log(chalk.green(`Logged in as: ${chalk.bold(session!.userName || session!.userId || 'unknown')}`));
-      const remaining = Math.round((session!.expiresAt - Date.now()) / 60_000);
-      console.log(chalk.gray(`Session expires in: ${remaining} minutes`));
+      const ssoExpiresAt = getSsoExpiry(session!.cookies);
+      const { summary, note } = formatSessionLifetime(session!.expiresAt, ssoExpiresAt);
+      console.log(chalk.gray(summary));
+      console.log(chalk.gray(note));
     });
 }

package/src/index.ts CHANGED Viewed

@@ -6,17 +6,18 @@ import { coursesCommand } from './commands/courses.js';
 import { apiDocsCommand } from './commands/api-docs.js';
 import { downloadCommand } from './commands/download.js';
 import { assignmentsCommand } from './commands/assignments.js';
-import { loadSession, loadOrRefreshSession, isSessionValid } from './auth/session.js';
+import { loadSession, loadOrRefreshSession, saveSession, isSessionValid } from './auth/session.js';
 import { createClient } from './api/client.js';
 import { getMe, getSystemVersion } from './api/courses.js';
-import { BANNER, ok, fail, hint } from './ui/theme.js';
+import { resolveDisplayName, getSsoExpiry } from './auth/login.js';
+import { BANNER, ok, fail, hint, formatSessionLifetime } from './ui/theme.js';
 const program = new Command();
 program
   .name('blackboard')
   .description('CLI no oficial para UPC Aula Virtual (Blackboard Learn)')
-  .version('1.0.7')
+  .version('1.0.10')
   .addHelpText('beforeAll', BANNER);
 // Auth commands
@@ -31,17 +32,31 @@ program
   .description('Estado de sesión y versión del servidor')
   .option('--json', 'Output raw JSON')
   .action(async (opts) => {
-    const session = await loadOrRefreshSession();
+    let session = await loadOrRefreshSession();
     const valid = isSessionValid(session);
-    const sysVersion = await getSystemVersion(
-      createClient(session ?? { cookies: [], xsrfToken: '', expiresAt: 0 })
-    ).catch(() => null);
+    const client = createClient(session ?? { cookies: [], xsrfToken: '', expiresAt: 0 });
+    const sysVersion = await getSystemVersion(client).catch(() => null);
+    // Self-heal old sessions with userName=null.
+    if (valid && !session!.userName) {
+      try {
+        const me = await getMe(client);
+        const name = resolveDisplayName(me);
+        if (name) {
+          session = { ...session!, userId: session!.userId ?? me?.id, userName: name };
+          saveSession(session!);
+        }
+      } catch {}
+    }
+    const ssoExpiresAt = valid ? getSsoExpiry(session!.cookies) : undefined;
     const result = {
       loggedIn: valid,
       user: valid ? { id: session!.userId, name: session!.userName } : null,
       sessionExpiresAt: valid ? new Date(session!.expiresAt).toISOString() : null,
+      ssoExpiresAt: ssoExpiresAt ? new Date(ssoExpiresAt).toISOString() : null,
       server: sysVersion?.learn ?? null,
     };
@@ -50,9 +65,10 @@ program
     const v = sysVersion?.learn;
     console.log(`\n  Servidor: ${chalk.cyan(`Blackboard Learn ${v?.major}.${v?.minor}.${v?.patch} (${v?.build})`)}`);
     if (valid) {
-      const remaining = Math.round((session!.expiresAt - Date.now()) / 60_000);
+      const { summary, note } = formatSessionLifetime(session!.expiresAt, ssoExpiresAt);
       console.log(`  Sesión:   ${ok(`autenticado como ${chalk.bold(session!.userName || session!.userId || 'unknown')}`)}`);
-      console.log(`            ${chalk.gray(`expira en ${remaining} min`)}`);
+      console.log(`            ${chalk.gray(summary)}`);
+      console.log(`            ${chalk.gray(note)}`);
     } else {
       console.log(`  Sesión:   ${fail('no autenticado')} — ejecuta: ${hint('blackboard login')}`);
     }

package/src/ui/theme.ts CHANGED Viewed

@@ -21,6 +21,32 @@ ${upcRed('  ██████  ███████ ██   ██  ███
   ${chalk.dim('CLI no oficial para UPC Aula Virtual · Blackboard Learn')}
 `;
+export function formatSessionLifetime(bbExpiresAt: number, ssoExpiresAt?: number): {
+  summary: string;
+  note: string;
+} {
+  const now = Date.now();
+  const bbMin = Math.max(0, Math.round((bbExpiresAt - now) / 60_000));
+  if (!ssoExpiresAt || ssoExpiresAt <= now) {
+    return {
+      summary: `Blackboard: ${bbMin} min`,
+      note: 'SSO sin "mantener sesión" — deberás reloguearte cuando expire',
+    };
+  }
+  const ssoMs = ssoExpiresAt - now;
+  const ssoDays = Math.floor(ssoMs / 86_400_000);
+  const ssoStr = ssoDays >= 1
+    ? `${ssoDays} día${ssoDays === 1 ? '' : 's'}`
+    : `${Math.round(ssoMs / 3_600_000)} h`;
+  return {
+    summary: `SSO Microsoft: ${ssoStr} · Blackboard: ${bbMin} min`,
+    note: 'se auto-renueva hasta que el SSO expire o hagas logout',
+  };
+}
 export function whatNext() {
   console.log(`
   ${chalk.bold('¿Qué puedo hacer ahora?')}