eventmodeler 0.4.0 → 0.4.1

package/dist/lib/auth.d.ts

@@ -0,0 +1,24 @@
+import { type AuthTokens } from './config.js';
+interface AuthResult {
+    success: boolean;
+    tokens?: AuthTokens;
+    error?: string;
+}
+/**
+ * Starts the OAuth flow using Keycloak PKCE.
+ * Opens browser and waits for the callback.
+ */
+export declare function startAuthFlow(): Promise<AuthResult>;
+/**
+ * Refresh the access token using the refresh token.
+ */
+export declare function refreshAccessToken(): Promise<AuthResult>;
+/**
+ * Get a valid access token, refreshing if needed.
+ */
+export declare function getValidAccessToken(): Promise<string | null>;
+/**
+ * Log out by clearing stored tokens.
+ */
+export declare function logout(): void;
+export {};

package/dist/lib/auth.js

@@ -0,0 +1,332 @@
+import * as http from 'node:http';
+import * as crypto from 'node:crypto';
+import { exec } from 'node:child_process';
+import { saveAuthTokens, clearAuthTokens, getAuthTokens, getKeycloakUrl } from './config.js';
+const KEYCLOAK_CLIENT_ID = 'eventmodeler-cli';
+const REDIRECT_URI = 'http://localhost:8787/callback';
+/**
+ * Decode the payload of a JWT token (no signature verification - that's the server's job).
+ */
+function decodeJwtPayload(token) {
+    const parts = token.split('.');
+    if (parts.length !== 3)
+        throw new Error('Invalid JWT format');
+    const payload = Buffer.from(parts[1], 'base64url').toString('utf-8');
+    return JSON.parse(payload);
+}
+/**
+ * Generate PKCE code verifier and challenge.
+ */
+function generatePKCE() {
+    // Generate a random code verifier (43-128 characters)
+    const codeVerifier = crypto.randomBytes(32).toString('base64url');
+    // Generate code challenge using S256 method
+    const codeChallenge = crypto
+        .createHash('sha256')
+        .update(codeVerifier)
+        .digest('base64url');
+    return { codeVerifier, codeChallenge };
+}
+/**
+ * Starts the OAuth flow using Keycloak PKCE.
+ * Opens browser and waits for the callback.
+ */
+export async function startAuthFlow() {
+    return new Promise((resolve) => {
+        const keycloakUrl = getKeycloakUrl();
+        // Generate PKCE values
+        const { codeVerifier, codeChallenge } = generatePKCE();
+        // Generate state for CSRF protection
+        const state = crypto.randomBytes(16).toString('hex');
+        // Create local server to receive callback
+        const server = http.createServer(async (req, res) => {
+            const url = new URL(req.url ?? '/', `http://localhost:8787`);
+            if (url.pathname === '/callback') {
+                const code = url.searchParams.get('code');
+                const returnedState = url.searchParams.get('state');
+                const error = url.searchParams.get('error');
+                if (error) {
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end(renderHtml('Authentication Failed', `Error: ${error}`, false));
+                    server.close();
+                    resolve({ success: false, error });
+                    return;
+                }
+                if (returnedState !== state) {
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end(renderHtml('Authentication Failed', 'Invalid state parameter. Please try again.', false));
+                    server.close();
+                    resolve({ success: false, error: 'Invalid state parameter' });
+                    return;
+                }
+                if (!code) {
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end(renderHtml('Authentication Failed', 'No authorization code received.', false));
+                    server.close();
+                    resolve({ success: false, error: 'No authorization code' });
+                    return;
+                }
+                try {
+                    // Exchange the code for tokens via Keycloak token endpoint (form-urlencoded)
+                    const tokenUrl = `${keycloakUrl}/protocol/openid-connect/token`;
+                    const body = new URLSearchParams({
+                        client_id: KEYCLOAK_CLIENT_ID,
+                        code,
+                        code_verifier: codeVerifier,
+                        grant_type: 'authorization_code',
+                        redirect_uri: REDIRECT_URI,
+                    });
+                    const tokenResponse = await fetch(tokenUrl, {
+                        method: 'POST',
+                        headers: {
+                            'Content-Type': 'application/x-www-form-urlencoded',
+                        },
+                        body: body.toString(),
+                    });
+                    if (!tokenResponse.ok) {
+                        const errorData = await tokenResponse.json().catch(() => ({}));
+                        throw new Error(errorData.error_description ?? errorData.error ?? `Token exchange failed: ${tokenResponse.status}`);
+                    }
+                    const tokenData = await tokenResponse.json();
+                    // Extract user info from JWT claims
+                    const claims = decodeJwtPayload(tokenData.access_token);
+                    const expiresAt = Date.now() + (tokenData.expires_in ?? 3600) * 1000;
+                    const tokens = {
+                        accessToken: tokenData.access_token,
+                        refreshToken: tokenData.refresh_token ?? '',
+                        expiresAt,
+                        userId: String(claims.sub ?? ''),
+                        email: String(claims.email ?? ''),
+                    };
+                    saveAuthTokens(tokens);
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end(renderHtml('Authentication Successful!', formatSuccessMessage(tokens.email), true));
+                    server.close();
+                    resolve({ success: true, tokens });
+                }
+                catch (err) {
+                    const errorMessage = err instanceof Error ? err.message : 'Unknown error';
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end(renderHtml('Authentication Failed', errorMessage, false));
+                    server.close();
+                    resolve({ success: false, error: errorMessage });
+                }
+            }
+            else {
+                res.writeHead(404);
+                res.end('Not found');
+            }
+        });
+        server.listen(8787, () => {
+            // Build Keycloak authorization URL with PKCE
+            const params = new URLSearchParams({
+                client_id: KEYCLOAK_CLIENT_ID,
+                redirect_uri: REDIRECT_URI,
+                response_type: 'code',
+                state,
+                code_challenge: codeChallenge,
+                code_challenge_method: 'S256',
+                scope: 'openid email profile',
+            });
+            const authorizationUrl = `${keycloakUrl}/protocol/openid-connect/auth?${params}`;
+            console.log('\nOpening browser for authentication...');
+            console.log(`\nIf the browser doesn't open, visit:\n${authorizationUrl}\n`);
+            // Open the browser
+            openBrowser(authorizationUrl);
+        });
+        // Timeout after 5 minutes
+        setTimeout(() => {
+            server.close();
+            resolve({ success: false, error: 'Authentication timed out' });
+        }, 5 * 60 * 1000);
+    });
+}
+/**
+ * Refresh the access token using the refresh token.
+ */
+export async function refreshAccessToken() {
+    const tokens = getAuthTokens();
+    if (!tokens?.refreshToken) {
+        return { success: false, error: 'No refresh token available' };
+    }
+    const keycloakUrl = getKeycloakUrl();
+    const tokenUrl = `${keycloakUrl}/protocol/openid-connect/token`;
+    try {
+        const body = new URLSearchParams({
+            client_id: KEYCLOAK_CLIENT_ID,
+            refresh_token: tokens.refreshToken,
+            grant_type: 'refresh_token',
+        });
+        const response = await fetch(tokenUrl, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/x-www-form-urlencoded',
+            },
+            body: body.toString(),
+        });
+        if (!response.ok) {
+            const errorData = await response.json().catch(() => ({}));
+            throw new Error(errorData.error_description ?? errorData.error ?? `Token refresh failed: ${response.status}`);
+        }
+        const tokenData = await response.json();
+        // Extract user info from refreshed JWT
+        const claims = decodeJwtPayload(tokenData.access_token);
+        const newTokens = {
+            accessToken: tokenData.access_token,
+            refreshToken: tokenData.refresh_token ?? tokens.refreshToken,
+            expiresAt: Date.now() + (tokenData.expires_in ?? 3600) * 1000,
+            userId: String(claims.sub ?? tokens.userId),
+            email: String(claims.email ?? tokens.email),
+        };
+        saveAuthTokens(newTokens);
+        return { success: true, tokens: newTokens };
+    }
+    catch (err) {
+        const errorMessage = err instanceof Error ? err.message : 'Unknown error';
+        return { success: false, error: errorMessage };
+    }
+}
+/**
+ * Get a valid access token, refreshing if needed.
+ */
+export async function getValidAccessToken() {
+    const tokens = getAuthTokens();
+    if (!tokens)
+        return null;
+    // If token is expired or will expire in 5 minutes, refresh it
+    if (tokens.expiresAt < Date.now() + 5 * 60 * 1000) {
+        const result = await refreshAccessToken();
+        if (!result.success || !result.tokens)
+            return null;
+        return result.tokens.accessToken;
+    }
+    return tokens.accessToken;
+}
+/**
+ * Log out by clearing stored tokens.
+ */
+export function logout() {
+    clearAuthTokens();
+}
+/**
+ * Open a URL in the default browser.
+ */
+function openBrowser(url) {
+    const platform = process.platform;
+    let command;
+    if (platform === 'darwin') {
+        command = `open "${url}"`;
+    }
+    else if (platform === 'win32') {
+        command = `start "" "${url}"`;
+    }
+    else {
+        command = `xdg-open "${url}"`;
+    }
+    exec(command, (err) => {
+        if (err) {
+            console.error('Failed to open browser:', err.message);
+        }
+    });
+}
+/**
+ * Render a styled HTML page for the callback matching Event Modeler's design.
+ */
+function renderHtml(title, message, success) {
+    const iconColor = success ? '#16a34a' : '#dc2626';
+    const icon = success
+        ? `<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 24 24" fill="none" stroke="${iconColor}" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>`
+        : `<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 24 24" fill="none" stroke="${iconColor}" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="10"/><line x1="15" y1="9" x2="9" y2="15"/><line x1="9" y1="9" x2="15" y2="15"/></svg>`;
+    return `<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>${title} - Event Modeler</title>
+    <style>
+      * { box-sizing: border-box; margin: 0; padding: 0; }
+      body {
+        font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+        display: flex;
+        flex-direction: column;
+        justify-content: center;
+        align-items: center;
+        min-height: 100vh;
+        background: #fafaf9;
+        color: #57534e;
+        padding: 1rem;
+      }
+      .card {
+        background: white;
+        border: 1px solid #e7e5e4;
+        border-radius: 12px;
+        padding: 2.5rem 3rem;
+        text-align: center;
+        max-width: 420px;
+        width: 100%;
+        box-shadow: 0 1px 3px rgba(0,0,0,0.05);
+      }
+      .icon {
+        margin-bottom: 1.5rem;
+      }
+      .logo {
+        display: flex;
+        align-items: center;
+        justify-content: center;
+        gap: 0.5rem;
+        margin-bottom: 2rem;
+        font-weight: 600;
+        font-size: 1.125rem;
+        color: #44403c;
+      }
+      .logo svg {
+        width: 28px;
+        height: 28px;
+      }
+      h1 {
+        font-size: 1.5rem;
+        font-weight: 600;
+        color: #1c1917;
+        margin-bottom: 0.5rem;
+      }
+      .message {
+        color: #78716c;
+        margin-bottom: 1.5rem;
+        line-height: 1.5;
+      }
+      .hint {
+        font-size: 0.875rem;
+        color: #a8a29e;
+        padding-top: 1.5rem;
+        border-top: 1px solid #f5f5f4;
+      }
+      .email {
+        font-weight: 500;
+        color: #44403c;
+      }
+    </style>
+  </head>
+  <body>
+    <div class="card">
+      <div class="logo">
+        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100">
+          <path d="M50 50 L50 5 A45 45 0 0 1 89.0 72.5 Z" fill="#D5F1A5"/>
+          <path d="M50 50 L89.0 72.5 A45 45 0 0 1 11.0 72.5 Z" fill="#FFB87B"/>
+          <path d="M50 50 L11.0 72.5 A45 45 0 0 1 50 5 Z" fill="#B7D3FE"/>
+        </svg>
+        Event Modeler
+      </div>
+      <div class="icon">${icon}</div>
+      <h1>${title}</h1>
+      <p class="message">${message}</p>
+      <p class="hint">You can close this window and return to the terminal.</p>
+    </div>
+  </body>
+</html>`;
+}
+/**
+ * Format the success message with email highlighted.
+ */
+function formatSuccessMessage(email) {
+    return `Signed in as <span class="email">${email}</span>`;
+}

package/dist/lib/backend.d.ts

@@ -0,0 +1,48 @@
+import type { EventModel } from '../types.js';
+import { type CloudClient } from './cloud-client.js';
+import { type ProjectConfig } from './project-config.js';
+/**
+ * Backend abstraction for CLI operations.
+ * Allows commands to work with either local files or cloud backend.
+ */
+export interface CliBackend {
+    /** Get the current event model */
+    getModel(): Promise<EventModel>;
+    /** Dispatch a command (for mutations) */
+    dispatch(command: unknown): Promise<void>;
+    /** Whether this is a cloud backend */
+    isCloud(): boolean;
+    /** Get the model name or file path */
+    getModelIdentifier(): string;
+    /** Append a raw event (for local backend only, used by existing commands) */
+    appendEvent?(event: unknown): Promise<void>;
+}
+/**
+ * Create a local file-based backend.
+ */
+export declare function createLocalBackend(filePath: string): CliBackend;
+/**
+ * Create a cloud backend using the Axon backend.
+ */
+export declare function createCloudBackendFromClient(client: CloudClient, modelId: string, modelName: string): CliBackend;
+export interface ResolveBackendOptions {
+    /** Explicit file path (overrides auto-detection) */
+    filePath?: string;
+    /** Force cloud mode */
+    forceCloud?: boolean;
+}
+/**
+ * Resolve which backend to use based on:
+ * 1. Explicit -f <file> flag
+ * 2. .eventmodeler.json project config
+ * 3. .eventmodel file in current directory (legacy)
+ */
+export declare function resolveBackend(options?: ResolveBackendOptions): Promise<CliBackend>;
+/**
+ * Check if we're in a configured project.
+ */
+export declare function isInConfiguredProject(): boolean;
+/**
+ * Get the project config if available.
+ */
+export declare function getProjectConfig(): ProjectConfig | null;

package/dist/lib/backend.js

@@ -0,0 +1,103 @@
+import { loadModel, appendEvent as appendEventToFile } from './file-loader.js';
+import { createCloudClient } from './cloud-client.js';
+import { loadProjectConfig } from './project-config.js';
+import { findEventModelFile } from './file-loader.js';
+import { isAuthenticated } from './config.js';
+/**
+ * Create a local file-based backend.
+ */
+export function createLocalBackend(filePath) {
+    return {
+        async getModel() {
+            return loadModel(filePath);
+        },
+        async dispatch(_command) {
+            // Local backend doesn't use dispatch - existing commands use appendEvent directly
+            throw new Error('Local backend does not support dispatch. Use appendEvent instead.');
+        },
+        isCloud() {
+            return false;
+        },
+        getModelIdentifier() {
+            return filePath;
+        },
+        async appendEvent(event) {
+            appendEventToFile(filePath, event);
+        },
+    };
+}
+/**
+ * Create a cloud backend using the Axon backend.
+ */
+export function createCloudBackendFromClient(client, modelId, modelName) {
+    return {
+        async getModel() {
+            const model = await client.getModel(modelId);
+            if (!model) {
+                throw new Error(`Event model not found: ${modelId}`);
+            }
+            return model;
+        },
+        async dispatch(command) {
+            const result = await client.dispatch(modelId, command);
+            if (!result.success) {
+                throw new Error('Command dispatch failed');
+            }
+        },
+        isCloud() {
+            return true;
+        },
+        getModelIdentifier() {
+            return `${modelName} (${modelId})`;
+        },
+    };
+}
+/**
+ * Resolve which backend to use based on:
+ * 1. Explicit -f <file> flag
+ * 2. .eventmodeler.json project config
+ * 3. .eventmodel file in current directory (legacy)
+ */
+export async function resolveBackend(options = {}) {
+    // 1. Explicit file path always wins
+    if (options.filePath) {
+        return createLocalBackend(options.filePath);
+    }
+    // 2. Check for project config
+    const projectConfig = loadProjectConfig();
+    if (projectConfig) {
+        if (projectConfig.type === 'local') {
+            return createLocalBackend(projectConfig.file);
+        }
+        if (projectConfig.type === 'cloud') {
+            if (!isAuthenticated()) {
+                throw new Error('Not authenticated. Run "eventmodeler login" first.');
+            }
+            const client = await createCloudClient();
+            return createCloudBackendFromClient(client, projectConfig.modelId, projectConfig.modelName);
+        }
+    }
+    // 3. Legacy: look for .eventmodel file in current directory
+    const localFile = await findEventModelFile();
+    if (localFile) {
+        return createLocalBackend(localFile);
+    }
+    // 4. No backend found
+    throw new Error('No event model found.\n\n' +
+        'Options:\n' +
+        '  - Run "eventmodeler init" to set up a project\n' +
+        '  - Use "-f <file>" to specify a local .eventmodel file\n' +
+        '  - Create a .eventmodel file in the current directory');
+}
+/**
+ * Check if we're in a configured project.
+ */
+export function isInConfiguredProject() {
+    return loadProjectConfig() !== null;
+}
+/**
+ * Get the project config if available.
+ */
+export function getProjectConfig() {
+    return loadProjectConfig();
+}

package/dist/lib/cloud-client.d.ts

@@ -0,0 +1,70 @@
+import type { EventModel, RawEvent } from '../types.js';
+export interface ImportResult {
+    success: boolean;
+    modelId: string;
+    eventCount: number;
+}
+export interface CloudClient {
+    listModels(): Promise<CloudModelInfo[]>;
+    getModel(modelId: string): Promise<EventModel | null>;
+    dispatch(modelId: string, command: unknown): Promise<{
+        success: boolean;
+        events: unknown[];
+    }>;
+    importModel(modelId: string, modelName: string, events: RawEvent[]): Promise<ImportResult>;
+    addField(modelId: string, elementType: string, elementName: string, field: Record<string, unknown>): Promise<{
+        success: boolean;
+    }>;
+    removeField(modelId: string, elementType: string, elementName: string, fieldName: string): Promise<{
+        success: boolean;
+    }>;
+    updateField(modelId: string, elementType: string, elementName: string, fieldName: string, updates: Record<string, unknown>): Promise<{
+        success: boolean;
+    }>;
+    createStateChangeSlice(modelId: string, sliceName: string, after: string, before: string, screen: any, command: any, event: any): Promise<{
+        sliceId: string;
+        screenId: string;
+        commandId: string;
+        eventId: string;
+    }>;
+    createStateViewSlice(modelId: string, sliceName: string, after: string, before: string, readModel: any): Promise<{
+        sliceId: string;
+        readModelId: string;
+    }>;
+    createAutomationSlice(modelId: string, sliceName: string, after: string, before: string, readModel: any, processor: any, command: any, event: any): Promise<{
+        sliceId: string;
+        readModelId: string;
+        processorId: string;
+        commandId: string;
+        eventId: string;
+    }>;
+    createFlow(modelId: string, fromName: string, toName: string): Promise<{
+        flowId: string;
+    }>;
+    markSliceStatus(modelId: string, sliceName: string, status: string): Promise<{
+        success: boolean;
+    }>;
+    createScenario(modelId: string, sliceName: string, scenario: {
+        name: string;
+    }): Promise<{
+        scenarioId: string;
+    }>;
+    removeScenario(modelId: string, scenarioName: string, sliceName?: string): Promise<{
+        success: boolean;
+    }>;
+    mapFields(modelId: string, sourceName: string, targetName: string, mappings: Array<{
+        from: string;
+        to: string;
+    }>): Promise<{
+        success: boolean;
+    }>;
+}
+export interface CloudModelInfo {
+    modelId: string;
+    name: string;
+    updatedAt?: string;
+}
+/**
+ * Create a cloud client for interacting with the Axon backend.
+ */
+export declare function createCloudClient(): Promise<CloudClient>;