npm - claude-scionos - Versions diffs - 4.1.4 → 4.1.6 - Mend

claude-scionos 4.1.4 → 4.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.fr.md CHANGED Viewed

@@ -87,11 +87,13 @@ Ordre de résolution du token :
 3. stockage local sécurisé spécifique au service via `claude-scionos auth login --service llm`
 4. saisie manuelle en mode guidé
-Backends de stockage sécurisés :
-- Windows : fichier local chiffré via DPAPI, lié à l'utilisateur courant
-- macOS : Keychain
-- Linux : Secret Service via `secret-tool`
+Backends de stockage sécurisés :
+- Windows : fichier local chiffré via DPAPI, lié à l'utilisateur courant
+- macOS : Keychain
+- Linux : Secret Service via `secret-tool`
+Sous Windows, si le fichier local du token est vide ou corrompu, `claude-scionos` le traite désormais comme absent au lieu d'essayer de l'utiliser. Il faut relancer `claude-scionos auth login` pour enregistrer un nouveau token.
 Gestion du token :
@@ -130,12 +132,13 @@ Le wrapper transmet les arguments Claude Code habituels. Le proxy local n'est la
 `claude-scionos doctor` doit être la première commande à lancer quand un client signale un problème.
-Cas courants :
-- `Claude Code CLI not found` : installer `@anthropic-ai/claude-code`
-- `Git Bash is required on Windows` : installer Git for Windows
-- `ANTHROPIC_AUTH_TOKEN ... is required when using --no-prompt` : définir la variable d'environnement ou stocker le token au préalable
-- `secret-tool not found` : installer un client Secret Service sous Linux ou utiliser la variable d'environnement
+Cas courants :
+- `Claude Code CLI not found` : installer `@anthropic-ai/claude-code`
+- `Git Bash is required on Windows` : installer Git for Windows
+- `ANTHROPIC_AUTH_TOKEN ... is required when using --no-prompt` : définir la variable d'environnement ou stocker le token au préalable
+- `Stored token` est indiqué comme absent sous Windows alors qu'un login a déjà été fait : relancer `claude-scionos auth login`, car le fichier DPAPI local peut être vide ou corrompu
+- `secret-tool not found` : installer un client Secret Service sous Linux ou utiliser la variable d'environnement
 ## Développement

package/README.md CHANGED Viewed

@@ -87,11 +87,13 @@ Token resolution order:
 3. Service-specific secure local storage from `claude-scionos auth login --service llm`
 4. Manual prompt in guided mode
-Secure storage backends:
-- Windows: DPAPI-encrypted local file bound to the current user
-- macOS: Keychain
-- Linux: Secret Service via `secret-tool`
+Secure storage backends:
+- Windows: DPAPI-encrypted local file bound to the current user
+- macOS: Keychain
+- Linux: Secret Service via `secret-tool`
+On Windows, if the secure token file is empty or corrupted, `claude-scionos` now treats it as missing instead of trying to use it. Run `claude-scionos auth login` again to store a fresh token.
 Manage the token with:
@@ -130,12 +132,13 @@ The wrapper forwards regular Claude Code flags and arguments. The local proxy is
 `claude-scionos doctor` should be the first command to run when a client reports an issue.
-Common cases:
-- `Claude Code CLI not found`: install `@anthropic-ai/claude-code`
-- `Git Bash is required on Windows`: install Git for Windows
-- `ANTHROPIC_AUTH_TOKEN ... is required when using --no-prompt`: set the environment variable or store the token first
-- `secret-tool not found`: install a Secret Service client on Linux or rely on the environment variable
+Common cases:
+- `Claude Code CLI not found`: install `@anthropic-ai/claude-code`
+- `Git Bash is required on Windows`: install Git for Windows
+- `ANTHROPIC_AUTH_TOKEN ... is required when using --no-prompt`: set the environment variable or store the token first
+- `Stored token` is missing on Windows even though you already logged in: re-run `claude-scionos auth login` because the local DPAPI token file may be empty or corrupted
+- `secret-tool not found`: install a Secret Service client on Linux or rely on the environment variable
 ## Development

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "claude-scionos",
-    "version": "4.1.4",
+    "version": "4.1.6",
     "description": "RouterLab launcher, strategy proxy and secure token wrapper for Claude Code CLI",
     "type": "module",
     "main": "index.js",

package/src/routerlab.js CHANGED Viewed

@@ -199,6 +199,14 @@ function getWindowsTokenFile(serviceValue = DEFAULT_SERVICE) {
   return path.join(os.homedir(), '.claude-scionos', service.secureStorageFileName);
 }
+function hasNonEmptyWindowsTokenFile(tokenFile) {
+  try {
+    return fs.statSync(tokenFile).size > 0;
+  } catch {
+    return false;
+  }
+}
 function getServiceStrategies(serviceValue = DEFAULT_SERVICE) {
   const service = getServiceConfig(serviceValue);
   if (!service?.strategyValues?.length) {
@@ -378,16 +386,21 @@ function commandExists(command) {
   return !result.error;
 }
-function runPowerShell(command, env = {}) {
-  const powershell = process.env.SystemRoot
-    ? path.join(process.env.SystemRoot, 'System32', 'WindowsPowerShell', 'v1.0', 'powershell.exe')
-    : 'powershell.exe';
-  const result = spawnSync(powershell, ['-NoProfile', '-NonInteractive', '-Command', command], {
-    encoding: 'utf8',
-    env: {
-      ...process.env,
-      ...env,
+function runPowerShell(command, options = {}) {
+  const {
+    env = {},
+    input,
+  } = options;
+  const powershell = process.env.SystemRoot
+    ? path.join(process.env.SystemRoot, 'System32', 'WindowsPowerShell', 'v1.0', 'powershell.exe')
+    : 'powershell.exe';
+  const result = spawnSync(powershell, ['-NoProfile', '-NonInteractive', '-Command', command], {
+    encoding: 'utf8',
+    input,
+    env: {
+      ...process.env,
+      ...env,
     },
   });
@@ -431,14 +444,21 @@ function storeToken(token, serviceValue = DEFAULT_SERVICE) {
     const tokenFile = getWindowsTokenFile(service.value);
     fs.mkdirSync(path.dirname(tokenFile), {recursive: true});
     runPowerShell(
-      '$secure = ConvertTo-SecureString $env:SCIONOS_TOKEN -AsPlainText -Force; $encrypted = ConvertFrom-SecureString $secure; Set-Content -Path $env:SCIONOS_TOKEN_FILE -Value $encrypted -NoNewline',
+      '$token = [Console]::In.ReadToEnd(); if ([string]::IsNullOrEmpty($token)) { throw "Token input is empty" }; $secure = ConvertTo-SecureString $token -AsPlainText -Force; $encrypted = ConvertFrom-SecureString $secure; Set-Content -Path $env:SCIONOS_TOKEN_FILE -Value $encrypted -NoNewline',
       {
-        SCIONOS_TOKEN: token,
-        SCIONOS_TOKEN_FILE: tokenFile,
+        env: {
+          SCIONOS_TOKEN_FILE: tokenFile,
+        },
+        input: token,
       },
     );
+    if (!hasNonEmptyWindowsTokenFile(tokenFile)) {
+      throw new Error('Secure token file was created but no encrypted content was written');
+    }
     return storage;
-  }
+  }
   if (process.platform === 'darwin') {
     const result = runCommand('security', [
@@ -494,10 +514,16 @@ function getStoredToken(serviceValue = DEFAULT_SERVICE) {
       return null;
     }
+    if (!hasNonEmptyWindowsTokenFile(tokenFile)) {
+      return null;
+    }
     const token = runPowerShell(
       '$secure = Get-Content -Path $env:SCIONOS_TOKEN_FILE -Raw | ConvertTo-SecureString; $ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secure); try { [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ptr) } finally { [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ptr) }',
       {
-        SCIONOS_TOKEN_FILE: tokenFile,
+        env: {
+          SCIONOS_TOKEN_FILE: tokenFile,
+        },
       },
     );
     return token || null;