cerebras-cli 1.0.1 → 1.0.3

package/src/mcp/oauth-callback.ts

@@ -1,203 +0,0 @@
-import { Log } from "../util/log"
-import { OAUTH_CALLBACK_PORT, OAUTH_CALLBACK_PATH } from "./oauth-provider"
-
-const log = Log.create({ service: "mcp.oauth-callback" })
-
-const HTML_SUCCESS = `<!DOCTYPE html>
-<html>
-<head>
-  <title>OpenCode - Authorization Successful</title>
-  <style>
-    body { font-family: system-ui, -apple-system, sans-serif; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background: #1a1a2e; color: #eee; }
-    .container { text-align: center; padding: 2rem; }
-    h1 { color: #4ade80; margin-bottom: 1rem; }
-    p { color: #aaa; }
-  </style>
-</head>
-<body>
-  <div class="container">
-    <h1>Authorization Successful</h1>
-    <p>You can close this window and return to OpenCode.</p>
-  </div>
-  <script>setTimeout(() => window.close(), 2000);</script>
-</body>
-</html>`
-
-const HTML_ERROR = (error: string) => `<!DOCTYPE html>
-<html>
-<head>
-  <title>OpenCode - Authorization Failed</title>
-  <style>
-    body { font-family: system-ui, -apple-system, sans-serif; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background: #1a1a2e; color: #eee; }
-    .container { text-align: center; padding: 2rem; }
-    h1 { color: #f87171; margin-bottom: 1rem; }
-    p { color: #aaa; }
-    .error { color: #fca5a5; font-family: monospace; margin-top: 1rem; padding: 1rem; background: rgba(248,113,113,0.1); border-radius: 0.5rem; }
-  </style>
-</head>
-<body>
-  <div class="container">
-    <h1>Authorization Failed</h1>
-    <p>An error occurred during authorization.</p>
-    <div class="error">${error}</div>
-  </div>
-</body>
-</html>`
-
-interface PendingAuth {
-  resolve: (code: string) => void
-  reject: (error: Error) => void
-  timeout: ReturnType<typeof setTimeout>
-}
-
-export namespace McpOAuthCallback {
-  let server: ReturnType<typeof Bun.serve> | undefined
-  const pendingAuths = new Map<string, PendingAuth>()
-
-  const CALLBACK_TIMEOUT_MS = 5 * 60 * 1000 // 5 minutes
-
-  export async function ensureRunning(): Promise<void> {
-    if (server) return
-
-    const running = await isPortInUse()
-    if (running) {
-      log.info("oauth callback server already running on another instance", { port: OAUTH_CALLBACK_PORT })
-      return
-    }
-
-    server = Bun.serve({
-      port: OAUTH_CALLBACK_PORT,
-      fetch(req) {
-        const url = new URL(req.url)
-
-        if (url.pathname !== OAUTH_CALLBACK_PATH) {
-          return new Response("Not found", { status: 404 })
-        }
-
-        const code = url.searchParams.get("code")
-        const state = url.searchParams.get("state")
-        const error = url.searchParams.get("error")
-        const errorDescription = url.searchParams.get("error_description")
-
-        log.info("received oauth callback", { hasCode: !!code, state, error })
-
-        if (error) {
-          const errorMsg = errorDescription || error
-          if (state && pendingAuths.has(state)) {
-            const pending = pendingAuths.get(state)!
-            clearTimeout(pending.timeout)
-            pendingAuths.delete(state)
-            pending.reject(new Error(errorMsg))
-          }
-          return new Response(HTML_ERROR(errorMsg), {
-            headers: { "Content-Type": "text/html" },
-          })
-        }
-
-        if (!code) {
-          return new Response(HTML_ERROR("No authorization code provided"), {
-            status: 400,
-            headers: { "Content-Type": "text/html" },
-          })
-        }
-
-        // Try to find the pending auth by state parameter, or if no state, use the single pending auth
-        let pending: PendingAuth | undefined
-        let pendingKey: string | undefined
-
-        if (state && pendingAuths.has(state)) {
-          pending = pendingAuths.get(state)!
-          pendingKey = state
-        } else if (!state && pendingAuths.size === 1) {
-          // No state parameter but only one pending auth - use it
-          const [key, value] = pendingAuths.entries().next().value as [string, PendingAuth]
-          pending = value
-          pendingKey = key
-          log.info("no state parameter, using single pending auth", { key })
-        }
-
-        if (!pending || !pendingKey) {
-          const errorMsg = !state
-            ? "No state parameter provided and multiple pending authorizations"
-            : "Unknown or expired authorization request"
-          return new Response(HTML_ERROR(errorMsg), {
-            status: 400,
-            headers: { "Content-Type": "text/html" },
-          })
-        }
-
-        clearTimeout(pending.timeout)
-        pendingAuths.delete(pendingKey)
-        pending.resolve(code)
-
-        return new Response(HTML_SUCCESS, {
-          headers: { "Content-Type": "text/html" },
-        })
-      },
-    })
-
-    log.info("oauth callback server started", { port: OAUTH_CALLBACK_PORT })
-  }
-
-  export function waitForCallback(mcpName: string): Promise<string> {
-    return new Promise((resolve, reject) => {
-      const timeout = setTimeout(() => {
-        if (pendingAuths.has(mcpName)) {
-          pendingAuths.delete(mcpName)
-          reject(new Error("OAuth callback timeout - authorization took too long"))
-        }
-      }, CALLBACK_TIMEOUT_MS)
-
-      pendingAuths.set(mcpName, { resolve, reject, timeout })
-    })
-  }
-
-  export function cancelPending(mcpName: string): void {
-    const pending = pendingAuths.get(mcpName)
-    if (pending) {
-      clearTimeout(pending.timeout)
-      pendingAuths.delete(mcpName)
-      pending.reject(new Error("Authorization cancelled"))
-    }
-  }
-
-  export async function isPortInUse(): Promise<boolean> {
-    return new Promise((resolve) => {
-      Bun.connect({
-        hostname: "127.0.0.1",
-        port: OAUTH_CALLBACK_PORT,
-        socket: {
-          open(socket) {
-            socket.end()
-            resolve(true)
-          },
-          error() {
-            resolve(false)
-          },
-          data() {},
-          close() {},
-        },
-      }).catch(() => {
-        resolve(false)
-      })
-    })
-  }
-
-  export async function stop(): Promise<void> {
-    if (server) {
-      server.stop()
-      server = undefined
-      log.info("oauth callback server stopped")
-    }
-
-    for (const [name, pending] of pendingAuths) {
-      clearTimeout(pending.timeout)
-      pending.reject(new Error("OAuth callback server stopped"))
-    }
-    pendingAuths.clear()
-  }
-
-  export function isRunning(): boolean {
-    return server !== undefined
-  }
-}

package/src/mcp/oauth-provider.ts

@@ -1,132 +0,0 @@
-import type { OAuthClientProvider } from "@modelcontextprotocol/sdk/client/auth.js"
-import type {
-  OAuthClientMetadata,
-  OAuthTokens,
-  OAuthClientInformation,
-  OAuthClientInformationFull,
-} from "@modelcontextprotocol/sdk/shared/auth.js"
-import { McpAuth } from "./auth"
-import { Log } from "../util/log"
-
-const log = Log.create({ service: "mcp.oauth" })
-
-const OAUTH_CALLBACK_PORT = 19876
-const OAUTH_CALLBACK_PATH = "/mcp/oauth/callback"
-
-export interface McpOAuthConfig {
-  clientId?: string
-  clientSecret?: string
-  scope?: string
-}
-
-export interface McpOAuthCallbacks {
-  onRedirect: (url: URL) => void | Promise<void>
-}
-
-export class McpOAuthProvider implements OAuthClientProvider {
-  constructor(
-    private mcpName: string,
-    private serverUrl: string,
-    private config: McpOAuthConfig,
-    private callbacks: McpOAuthCallbacks,
-  ) {}
-
-  get redirectUrl(): string {
-    return `http://127.0.0.1:${OAUTH_CALLBACK_PORT}${OAUTH_CALLBACK_PATH}`
-  }
-
-  get clientMetadata(): OAuthClientMetadata {
-    return {
-      redirect_uris: [this.redirectUrl],
-      client_name: "OpenCode",
-      client_uri: "https://opencode.ai",
-      grant_types: ["authorization_code", "refresh_token"],
-      response_types: ["code"],
-      token_endpoint_auth_method: this.config.clientSecret ? "client_secret_post" : "none",
-    }
-  }
-
-  async clientInformation(): Promise<OAuthClientInformation | undefined> {
-    // Check config first (pre-registered client)
-    if (this.config.clientId) {
-      return {
-        client_id: this.config.clientId,
-        client_secret: this.config.clientSecret,
-      }
-    }
-
-    // Check stored client info (from dynamic registration)
-    const entry = await McpAuth.get(this.mcpName)
-    if (entry?.clientInfo) {
-      // Check if client secret has expired
-      if (entry.clientInfo.clientSecretExpiresAt && entry.clientInfo.clientSecretExpiresAt < Date.now() / 1000) {
-        log.info("client secret expired, need to re-register", { mcpName: this.mcpName })
-        return undefined
-      }
-      return {
-        client_id: entry.clientInfo.clientId,
-        client_secret: entry.clientInfo.clientSecret,
-      }
-    }
-
-    // No client info - will trigger dynamic registration
-    return undefined
-  }
-
-  async saveClientInformation(info: OAuthClientInformationFull): Promise<void> {
-    await McpAuth.updateClientInfo(this.mcpName, {
-      clientId: info.client_id,
-      clientSecret: info.client_secret,
-      clientIdIssuedAt: info.client_id_issued_at,
-      clientSecretExpiresAt: info.client_secret_expires_at,
-    })
-    log.info("saved dynamically registered client", {
-      mcpName: this.mcpName,
-      clientId: info.client_id,
-    })
-  }
-
-  async tokens(): Promise<OAuthTokens | undefined> {
-    const entry = await McpAuth.get(this.mcpName)
-    if (!entry?.tokens) return undefined
-
-    return {
-      access_token: entry.tokens.accessToken,
-      token_type: "Bearer",
-      refresh_token: entry.tokens.refreshToken,
-      expires_in: entry.tokens.expiresAt
-        ? Math.max(0, Math.floor(entry.tokens.expiresAt - Date.now() / 1000))
-        : undefined,
-      scope: entry.tokens.scope,
-    }
-  }
-
-  async saveTokens(tokens: OAuthTokens): Promise<void> {
-    await McpAuth.updateTokens(this.mcpName, {
-      accessToken: tokens.access_token,
-      refreshToken: tokens.refresh_token,
-      expiresAt: tokens.expires_in ? Date.now() / 1000 + tokens.expires_in : undefined,
-      scope: tokens.scope,
-    })
-    log.info("saved oauth tokens", { mcpName: this.mcpName })
-  }
-
-  async redirectToAuthorization(authorizationUrl: URL): Promise<void> {
-    log.info("redirecting to authorization", { mcpName: this.mcpName, url: authorizationUrl.toString() })
-    await this.callbacks.onRedirect(authorizationUrl)
-  }
-
-  async saveCodeVerifier(codeVerifier: string): Promise<void> {
-    await McpAuth.updateCodeVerifier(this.mcpName, codeVerifier)
-  }
-
-  async codeVerifier(): Promise<string> {
-    const entry = await McpAuth.get(this.mcpName)
-    if (!entry?.codeVerifier) {
-      throw new Error(`No code verifier saved for MCP server: ${this.mcpName}`)
-    }
-    return entry.codeVerifier
-  }
-}
-
-export { OAUTH_CALLBACK_PORT, OAUTH_CALLBACK_PATH }

package/src/notification/index.ts

@@ -1,101 +0,0 @@
-import { Log } from "@/util/log"
-import { Global } from "@/global"
-import path from "path"
-
-const log = Log.create({ service: "notification" })
-
-const NOTIFICATION_ENDPOINT = "https://cerebras-code-cli-notifs.kevin-taylor-d8d.workers.dev"
-const SEEN_KEY = "notification.seen"
-
-export interface Notification {
-  id: string
-  type: "info" | "warning" | "critical"
-  title: string
-  message: string
-  display: "toast" | "fullscreen" | "banner"
-  expires?: string
-}
-
-// Simple KV storage for notifications (outside TUI context)
-async function getKV(): Promise<Record<string, any>> {
-  try {
-    const file = Bun.file(path.join(Global.Path.state, "kv.json"))
-    return await file.json()
-  } catch {
-    return {}
-  }
-}
-
-async function setKV(key: string, value: any): Promise<void> {
-  const kv = await getKV()
-  kv[key] = value
-  await Bun.write(path.join(Global.Path.state, "kv.json"), JSON.stringify(kv, null, 2))
-}
-
-export namespace Notification {
-  /**
-   * Fetch the current notification from the server.
-   * Returns null if no notification or already seen.
-   */
-  export async function check(): Promise<Notification | null> {
-    try {
-      const res = await fetch(NOTIFICATION_ENDPOINT, {
-        signal: AbortSignal.timeout(3000), // 3s timeout
-      })
-
-      if (!res.ok) {
-        log.debug("notification fetch failed", { status: res.status })
-        return null
-      }
-
-      const notification = (await res.json()) as Notification | null
-      if (!notification) return null
-
-      // Check if expired
-      if (notification.expires) {
-        const expiresAt = new Date(notification.expires)
-        if (expiresAt < new Date()) {
-          log.debug("notification expired", { id: notification.id })
-          return null
-        }
-      }
-
-      // Check if already seen
-      const seen = await getSeenIds()
-      if (seen.includes(notification.id)) {
-        log.debug("notification already seen", { id: notification.id })
-        return null
-      }
-
-      return notification
-    } catch (e) {
-      log.debug("notification check error", { error: e })
-      return null
-    }
-  }
-
-  /**
-   * Mark a notification as seen so it won't show again.
-   */
-  export async function markSeen(id: string): Promise<void> {
-    const seen = await getSeenIds()
-    if (!seen.includes(id)) {
-      seen.push(id)
-      const trimmed = seen.slice(-50)
-      await setKV(SEEN_KEY, trimmed)
-    }
-  }
-
-  async function getSeenIds(): Promise<string[]> {
-    const kv = await getKV()
-    const raw = kv[SEEN_KEY]
-    if (!raw) return []
-    if (Array.isArray(raw)) return raw
-    try {
-      return JSON.parse(raw) as string[]
-    } catch {
-      return []
-    }
-  }
-}
-