codexuse-cli 3.1.3 → 3.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +69 -1
- package/dist/index.js.map +1 -1
- package/dist/server/index.mjs +79 -0
- package/package.json +1 -1
package/dist/server/index.mjs
CHANGED
|
@@ -45783,6 +45783,69 @@ var ProfileManager = class {
|
|
|
45783
45783
|
return null;
|
|
45784
45784
|
}
|
|
45785
45785
|
}
|
|
45786
|
+
async captureActiveAuthSnapshot() {
|
|
45787
|
+
await this.initialize();
|
|
45788
|
+
let raw;
|
|
45789
|
+
try {
|
|
45790
|
+
raw = await promises$1.readFile(this.activeAuth, "utf8");
|
|
45791
|
+
} catch (error) {
|
|
45792
|
+
if (this.isNotFoundError(error)) return {
|
|
45793
|
+
fingerprint: null,
|
|
45794
|
+
email: null,
|
|
45795
|
+
accountId: null,
|
|
45796
|
+
userId: null,
|
|
45797
|
+
chatgptUserId: null,
|
|
45798
|
+
workspaceId: null
|
|
45799
|
+
};
|
|
45800
|
+
const message = error instanceof Error ? error.message : "unknown error";
|
|
45801
|
+
const signature = typeof message === "string" ? `${message}:${this.activeAuth}` : this.activeAuth;
|
|
45802
|
+
if (this.lastActiveAuthErrorSignature !== signature) {
|
|
45803
|
+
logWarn("Failed to snapshot active auth file:", error);
|
|
45804
|
+
this.lastActiveAuthErrorSignature = signature;
|
|
45805
|
+
}
|
|
45806
|
+
return {
|
|
45807
|
+
fingerprint: null,
|
|
45808
|
+
email: null,
|
|
45809
|
+
accountId: null,
|
|
45810
|
+
userId: null,
|
|
45811
|
+
chatgptUserId: null,
|
|
45812
|
+
workspaceId: null
|
|
45813
|
+
};
|
|
45814
|
+
}
|
|
45815
|
+
const trimmed = raw.trim();
|
|
45816
|
+
if (!trimmed) return {
|
|
45817
|
+
fingerprint: null,
|
|
45818
|
+
email: null,
|
|
45819
|
+
accountId: null,
|
|
45820
|
+
userId: null,
|
|
45821
|
+
chatgptUserId: null,
|
|
45822
|
+
workspaceId: null
|
|
45823
|
+
};
|
|
45824
|
+
const fingerprint = createHash("sha256").update(trimmed).digest("hex");
|
|
45825
|
+
try {
|
|
45826
|
+
const parsed = JSON.parse(trimmed);
|
|
45827
|
+
const normalized = this.normalizeProfileData(parsed);
|
|
45828
|
+
const metadata = this.extractProfileMetadata(normalized);
|
|
45829
|
+
const workspace = this.resolveWorkspaceIdentity(normalized, metadata);
|
|
45830
|
+
return {
|
|
45831
|
+
fingerprint,
|
|
45832
|
+
email: this.resolveProfileEmail(normalized, metadata) ?? null,
|
|
45833
|
+
accountId: this.getAccountIdFromData(normalized) ?? null,
|
|
45834
|
+
userId: metadata?.userId ?? null,
|
|
45835
|
+
chatgptUserId: metadata?.chatgptUserId ?? null,
|
|
45836
|
+
workspaceId: workspace.id ?? null
|
|
45837
|
+
};
|
|
45838
|
+
} catch {
|
|
45839
|
+
return {
|
|
45840
|
+
fingerprint,
|
|
45841
|
+
email: null,
|
|
45842
|
+
accountId: null,
|
|
45843
|
+
userId: null,
|
|
45844
|
+
chatgptUserId: null,
|
|
45845
|
+
workspaceId: null
|
|
45846
|
+
};
|
|
45847
|
+
}
|
|
45848
|
+
}
|
|
45786
45849
|
/**
|
|
45787
45850
|
* Decode a JWT payload into an object without validating the signature.
|
|
45788
45851
|
*/
|
|
@@ -49858,6 +49921,10 @@ function recordRefreshRedeemed(session, output) {
|
|
|
49858
49921
|
appendSessionError(session, detected);
|
|
49859
49922
|
}
|
|
49860
49923
|
}
|
|
49924
|
+
function describeActiveAuthOwner(snapshot) {
|
|
49925
|
+
if (!snapshot) return null;
|
|
49926
|
+
return snapshot.email ?? snapshot.userId ?? snapshot.chatgptUserId ?? snapshot.accountId ?? null;
|
|
49927
|
+
}
|
|
49861
49928
|
async function resolveCodexBinaryOrThrow(context) {
|
|
49862
49929
|
try {
|
|
49863
49930
|
return await requireCodexCli();
|
|
@@ -50695,6 +50762,7 @@ const createServer = fn(function* () {
|
|
|
50695
50762
|
authSessions.delete(name);
|
|
50696
50763
|
}
|
|
50697
50764
|
const startedAt = Date.now();
|
|
50765
|
+
const initialAuthSnapshot = yield* promise(() => profileManager.captureActiveAuthSnapshot());
|
|
50698
50766
|
let cleanupConfig = null;
|
|
50699
50767
|
const restoreConfig = async () => {
|
|
50700
50768
|
if (!cleanupConfig) return;
|
|
@@ -50726,6 +50794,7 @@ const createServer = fn(function* () {
|
|
|
50726
50794
|
exitCode: null,
|
|
50727
50795
|
mode,
|
|
50728
50796
|
startedAt,
|
|
50797
|
+
initialAuthSnapshot,
|
|
50729
50798
|
restoreConfig
|
|
50730
50799
|
};
|
|
50731
50800
|
authSessions.set(name, session);
|
|
@@ -50800,6 +50869,16 @@ const createServer = fn(function* () {
|
|
|
50800
50869
|
trackTelemetryEvent("profile_auth_failed", { mode: session.mode });
|
|
50801
50870
|
return yield* new RouteRequestError({ message: formatUserFacingError(session.error ?? `Authentication failed with code ${session.exitCode}`, { fallback: "Authentication failed. Try again." }) });
|
|
50802
50871
|
}
|
|
50872
|
+
if (session.mode === "create") {
|
|
50873
|
+
const currentAuthSnapshot = yield* promise(() => profileManager.captureActiveAuthSnapshot());
|
|
50874
|
+
if (currentAuthSnapshot.fingerprint === (session.initialAuthSnapshot?.fingerprint ?? null)) {
|
|
50875
|
+
authSessions.delete(body.name);
|
|
50876
|
+
trackTelemetryEvent("profile_auth_complete_failed", { mode: session.mode });
|
|
50877
|
+
const activeOwner = describeActiveAuthOwner(currentAuthSnapshot);
|
|
50878
|
+
const ownerText = activeOwner ? ` The active auth still belongs to '${activeOwner}'.` : "";
|
|
50879
|
+
return yield* new RouteRequestError({ message: `Codex login finished without updating the active auth for '${body.name}'.${ownerText} Finish the browser login for the new account and try again.` });
|
|
50880
|
+
}
|
|
50881
|
+
}
|
|
50803
50882
|
try {
|
|
50804
50883
|
if (session.mode === "refresh") yield* promise(() => profileManager.refreshProfileAuth(body.name));
|
|
50805
50884
|
else {
|