clawborrator-cli 0.2.6 → 0.2.8

package/dist-bundled/claw.cjs

@@ -63999,13 +63999,14 @@ var {
 
 // src/commands/login.ts
 var import_node_http = require("node:http");
-var import_node_crypto = require("node:crypto");
+var import_node_crypto2 = require("node:crypto");
 var import_node_child_process = require("node:child_process");
 
 // src/config.ts
 var import_node_os = require("node:os");
 var import_node_path = require("node:path");
 var import_node_fs = require("node:fs");
+var import_node_crypto = require("node:crypto");
 var CONFIG_DIR = (0, import_node_path.resolve)((0, import_node_os.homedir)(), ".clawborrator");
 var CONFIG_PATH = (0, import_node_path.resolve)(CONFIG_DIR, "cli_v1.json");
 var DEFAULTS = {
@@ -64013,24 +64014,37 @@ var DEFAULTS = {
   // CLAWBORRATOR_HUB=http://localhost:8787 or `claw login --hub <url>`,
   // which persists into ~/.clawborrator/cli_v1.json.
   hubUrl: process.env.CLAWBORRATOR_HUB ?? "https://next.clawborrator.com",
-  sessionToken: null
+  sessionToken: null,
+  machineId: ""
+  // populated on first loadConfig()
 };
 function loadConfig() {
-  if (!(0, import_node_fs.existsSync)(CONFIG_PATH)) return { ...DEFAULTS };
-  try {
-    const raw = (0, import_node_fs.readFileSync)(CONFIG_PATH, "utf8");
-    const parsed = JSON.parse(raw);
-    return {
+  let parsed = {};
+  if ((0, import_node_fs.existsSync)(CONFIG_PATH)) {
+    try {
+      const raw = (0, import_node_fs.readFileSync)(CONFIG_PATH, "utf8");
+      parsed = JSON.parse(raw);
+    } catch {
+    }
+  }
+  let machineId = parsed.machineId?.trim() || "";
+  if (!machineId) {
+    machineId = (0, import_node_crypto.randomUUID)();
+    saveConfig({
       hubUrl: parsed.hubUrl?.trim() || DEFAULTS.hubUrl,
-      // Forward-migrate a legacy `pat` field. The token itself is now
-      // dead on the server side, but carrying it forward avoids loud
-      // "config corrupt" errors — the next API call will 401 cleanly
-      // and prompt re-login.
-      sessionToken: parsed.sessionToken ?? parsed.pat ?? null
-    };
-  } catch {
-    return { ...DEFAULTS };
+      sessionToken: parsed.sessionToken ?? parsed.pat ?? null,
+      machineId
+    });
   }
+  return {
+    hubUrl: parsed.hubUrl?.trim() || DEFAULTS.hubUrl,
+    // Forward-migrate a legacy `pat` field. The token itself is now
+    // dead on the server side, but carrying it forward avoids loud
+    // "config corrupt" errors — the next API call will 401 cleanly
+    // and prompt re-login.
+    sessionToken: parsed.sessionToken ?? parsed.pat ?? null,
+    machineId
+  };
 }
 function saveConfig(cfg) {
   if (!(0, import_node_fs.existsSync)(CONFIG_DIR)) {
@@ -64149,10 +64163,10 @@ function awaitCallback(server) {
     server.on("error", reject);
   });
 }
-async function browserOAuthFlow(hubUrl) {
-  const verifier = base64url((0, import_node_crypto.randomBytes)(32));
-  const challenge = base64url((0, import_node_crypto.createHash)("sha256").update(verifier).digest());
-  const state = base64url((0, import_node_crypto.randomBytes)(16));
+async function browserOAuthFlow(hubUrl, machineId) {
+  const verifier = base64url((0, import_node_crypto2.randomBytes)(32));
+  const challenge = base64url((0, import_node_crypto2.createHash)("sha256").update(verifier).digest());
+  const state = base64url((0, import_node_crypto2.randomBytes)(16));
   const server = (0, import_node_http.createServer)();
   await new Promise((resolve3, reject) => {
     server.once("error", reject);
@@ -64165,6 +64179,7 @@ async function browserOAuthFlow(hubUrl) {
   startUrl.searchParams.set("state", state);
   startUrl.searchParams.set("code_challenge", challenge);
   startUrl.searchParams.set("code_challenge_method", "S256");
+  startUrl.searchParams.set("machine_id", machineId);
   console.log("opening browser to authenticate with GitHub\u2026");
   console.log(`  if it doesn't open automatically, paste this URL into a browser:`);
   console.log(`    ${startUrl}`);
@@ -64209,8 +64224,8 @@ var loginCmd = new Command("login").description("authenticate against a hub_v1 i
   const hubUrl = (opts.hub ?? cfg.hubUrl).replace(/\/+$/, "");
   console.log(`hub: ${hubUrl}`);
   try {
-    const { user, session } = await browserOAuthFlow(hubUrl);
-    saveConfig({ hubUrl, sessionToken: session.token });
+    const { user, session } = await browserOAuthFlow(hubUrl, cfg.machineId);
+    saveConfig({ hubUrl, sessionToken: session.token, machineId: cfg.machineId });
     console.log(`logged in as @${user.githubLogin}`);
     console.log(`hub:        ${hubUrl}`);
     console.log(`session:    ${session.token.slice(0, 16)}\u2026  (stored in ~/.clawborrator/cli_v1.json)`);
@@ -68865,22 +68880,25 @@ var tokenMint = new Command("mint").description("create a new channel token").re
     prose("    claude --dangerously-load-development-channels server:clawborrator");
   }
 });
-var tokenList = new Command("list").alias("ls").description("list channel tokens for the current user").action(async () => {
-  const data = await api.get("/api/v1/tokens");
+var tokenList = new Command("list").alias("ls").description("list this user's active tokens \u2014 both channel (ck_live_\u2026) and app (cw_app_\u2026). Pass --all to include revoked rows.").option("--all", "include revoked tokens").action(async (opts) => {
+  const qs = opts.all ? "?includeRevoked=true" : "";
+  const data = await api.get("/api/v1/tokens" + qs);
   if (data.items.length === 0) {
-    console.log("no active channel tokens");
+    console.log("no active tokens");
     return;
   }
   for (const t of data.items) {
     const used = t.lastUsedAt ? `last used ${fmtAgo2(t.lastUsedAt)}` : "never used";
-    console.log(`${t.id.toString().padStart(3)}  ${t.prefix}\u2026  ${t.name.padEnd(28)} ${used}`);
+    const status = t.revokedAt ? " REVOKED" : "";
+    const mach = t.machineId ? ` mach=${t.machineId.slice(0, 12)}\u2026` : "";
+    console.log(`${t.id.toString().padStart(3)}  ${t.kind.padEnd(7)} ${t.prefix}\u2026  ${t.name.padEnd(28)} ${used}${mach}${status}`);
   }
 });
-var tokenRevoke = new Command("revoke").description("revoke a channel token by id").argument("<id>", "token id (from `claw token list`)").action(async (id) => {
+var tokenRevoke = new Command("revoke").description("revoke a token by id (channel or app)").argument("<id>", "token id (from `claw token list`)").action(async (id) => {
   await api.delete(`/api/v1/tokens/${encodeURIComponent(id)}`);
   console.log(`\u2713 token ${id} revoked`);
 });
-var tokenCmd = new Command("token").description("mint, list, and revoke channel tokens").addCommand(tokenMint).addCommand(tokenList).addCommand(tokenRevoke);
+var tokenCmd = new Command("token").description("mint channel tokens; list/revoke channel + app tokens").addCommand(tokenMint).addCommand(tokenList).addCommand(tokenRevoke);
 function fmtAgo2(iso) {
   const ms = Date.now() - new Date(iso).getTime();
   if (ms < 6e4) return Math.max(1, Math.floor(ms / 1e3)) + "s ago";
@@ -69122,7 +69140,7 @@ var agentsCmd = new Command("agents").description("public expert agents \u2014 l
 // src/commands/apps.ts
 var import_promises = require("node:readline/promises");
 var import_node_http2 = require("node:http");
-var import_node_crypto2 = require("node:crypto");
+var import_node_crypto3 = require("node:crypto");
 var import_node_child_process2 = require("node:child_process");
 function fmtAgo3(iso) {
   if (!iso) return "never";
@@ -69249,9 +69267,9 @@ function awaitSpaCallback(server) {
   });
 }
 async function spaTestOauthFlow(args) {
-  const verifier = base64url2((0, import_node_crypto2.randomBytes)(32));
-  const challenge = base64url2((0, import_node_crypto2.createHash)("sha256").update(verifier).digest());
-  const stateNonce = base64url2((0, import_node_crypto2.randomBytes)(16));
+  const verifier = base64url2((0, import_node_crypto3.randomBytes)(32));
+  const challenge = base64url2((0, import_node_crypto3.createHash)("sha256").update(verifier).digest());
+  const stateNonce = base64url2((0, import_node_crypto3.randomBytes)(16));
   const appName = "claw-cli-test-oauth";
   const server = (0, import_node_http2.createServer)();
   await new Promise((resolve3, reject) => {
@@ -69386,7 +69404,7 @@ function fmtAgo4(iso) {
 
 // src/index.ts
 var program2 = new Command();
-program2.name("claw").description("clawborrator CLI \u2014 control your Claude Code sessions from the terminal").version("0.2.6");
+program2.name("claw").description("clawborrator CLI \u2014 control your Claude Code sessions from the terminal").version("0.2.8");
 program2.addCommand(loginCmd);
 program2.addCommand(logoutCmd);
 program2.addCommand(whoamiCmd);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawborrator-cli",
-  "version": "0.2.6",
+  "version": "0.2.8",
   "type": "module",
   "description": "claw — command-line client for clawborrator. Attach to remote Claude Code sessions, send prompts, resolve permission gates, route across sessions, manage public agents and webhooks. Auth via GitHub OAuth + PKCE.",
   "license": "MIT",