gitspace 0.2.0-rc.2 → 0.2.0-rc.21

package/src/commands/auth.ts

@@ -1,364 +0,0 @@
-/**
- * Authentication commands for gitspace.sh
- *
- * Handles 'gssh auth login', 'gssh auth logout', 'gssh auth status'
- */
-
-import open from 'open';
-import os from 'os';
-import { getSecret, setSecret, deleteSecret } from '../utils/secrets.js';
-import { loadKeypair, keypairExists, getPublicKeyWithoutPassword } from '../core/identity.js';
-import { sign, serializeIdentity } from '../lib/tmux-lite/crypto/identity.js';
-import { promptPassword } from '../utils/prompts.js';
-import { logger } from '../utils/logger.js';
-import { NoIdentityError, SpacesError } from '../types/errors.js';
-
-// API Configuration
-const API_BASE = process.env.GITSPACE_API_URL || 'https://api.gitspace.sh';
-
-/**
- * Fetch GitHub Client ID from the API
- */
-async function getGitHubClientId(): Promise<string> {
-  const res = await fetch(`${API_BASE}/config`);
-  if (!res.ok) {
-    throw new SpacesError('Failed to fetch config from API', 'SYSTEM_ERROR');
-  }
-  const config = await res.json() as { github_client_id: string };
-  if (!config.github_client_id) {
-    throw new SpacesError('GitHub Client ID not configured on server', 'SYSTEM_ERROR');
-  }
-  return config.github_client_id;
-}
-
-// ============================================================================
-// Types
-// ============================================================================
-
-interface DeviceCodeResponse {
-  device_code: string;
-  user_code: string;
-  verification_uri: string;
-  expires_in: number;
-  interval: number;
-}
-
-interface GitHubTokenResponse {
-  access_token?: string;
-  token_type?: string;
-  scope?: string;
-  error?: string;
-  error_description?: string;
-}
-
-interface GitspaceAuthResponse {
-  token: string;
-  user: {
-    id: string;
-    github_username: string;
-    email: string | null;
-    name: string | null;
-    avatar_url: string | null;
-  };
-}
-
-// ============================================================================
-// Login Command
-// ============================================================================
-
-/**
- * Login to gitspace.sh using GitHub Device Flow
- */
-export async function authLogin(): Promise<void> {
-  // Check if identity exists
-  if (!keypairExists()) {
-    throw new NoIdentityError();
-  }
-
-  // Load identity (requires password for signing)
-  logger.info('Loading identity...');
-  const password = await promptPassword('Enter identity password:');
-  if (!password) {
-    logger.info('Cancelled');
-    return;
-  }
-
-  let identity;
-  try {
-    identity = await loadKeypair(password);
-  } catch (error) {
-    if (error instanceof SpacesError) {
-      throw error;
-    }
-    throw new SpacesError('Failed to load identity', 'USER_ERROR');
-  }
-
-  // Step 1: Get GitHub Client ID from API
-  logger.info('Starting GitHub authentication...');
-  const githubClientId = await getGitHubClientId();
-
-  // Step 2: Request device code from GitHub
-  const deviceRes = await fetch('https://github.com/login/device/code', {
-    method: 'POST',
-    headers: {
-      Accept: 'application/json',
-      'Content-Type': 'application/json',
-    },
-    body: JSON.stringify({
-      client_id: githubClientId,
-      scope: 'read:user user:email',
-    }),
-  });
-
-  if (!deviceRes.ok) {
-    throw new SpacesError(
-      `GitHub device flow failed: ${await deviceRes.text()}`,
-      'SYSTEM_ERROR'
-    );
-  }
-
-  const deviceData: DeviceCodeResponse = await deviceRes.json();
-  const { device_code, user_code, verification_uri, interval } = deviceData;
-
-  // Step 2: Display code and open browser
-  logger.log('');
-  logger.bold(`! First, copy your one-time code: ${user_code}`);
-  logger.log('');
-
-  // Try to open browser, with fallback for headless/SSH environments
-  const canOpenBrowser = process.stdout.isTTY && !process.env.SSH_CLIENT;
-
-  if (canOpenBrowser) {
-    logger.log(`Press Enter to open ${verification_uri} in your browser...`);
-    await waitForEnter();
-
-    try {
-      await open(verification_uri);
-      logger.info('Browser opened. Waiting for authorization...');
-    } catch {
-      // Browser open failed (WSL, headless, etc.)
-      logger.log('');
-      logger.log(`Could not open browser automatically.`);
-      logger.log(`Please open this URL manually: ${verification_uri}`);
-      logger.log('');
-      logger.info('Waiting for authorization...');
-    }
-  } else {
-    // Headless environment (SSH, CI, etc.)
-    logger.log(`Open this URL in your browser: ${verification_uri}`);
-    logger.log(`Enter the code: ${user_code}`);
-    logger.log('');
-    logger.info('Waiting for authorization...');
-  }
-
-  // Step 3: Poll GitHub for access token
-  const githubToken = await pollForGitHubToken(device_code, interval, githubClientId);
-
-  // Step 4: Exchange GitHub token for gitspace.sh token with signature
-  logger.info('Completing authentication...');
-
-  const authTimestamp = Date.now();
-  const authMessage = `gitspace-device-auth:${authTimestamp}`;
-  const messageBytes = new TextEncoder().encode(authMessage);
-  const signatureBytes = sign(messageBytes, identity.signing.secretKey);
-  const authSignature = Buffer.from(signatureBytes).toString('base64');
-
-  const serialized = serializeIdentity(identity);
-
-  const response = await fetch(`${API_BASE}/auth/github/device`, {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({
-      github_token: githubToken,
-      machine_pubkey: serialized.signingPublicKey,
-      device_name: os.hostname(),
-      auth_timestamp: authTimestamp,
-      auth_signature: authSignature,
-    }),
-  });
-
-  if (!response.ok) {
-    const error = await response.json().catch(() => ({ error: 'Unknown error' }));
-    throw new SpacesError(
-      `Authentication failed: ${error.error || response.statusText}`,
-      'USER_ERROR'
-    );
-  }
-
-  const { token, user }: GitspaceAuthResponse = await response.json();
-
-  // Step 5: Save token to keychain
-  await setSecret('GITSPACE_TOKEN', token);
-
-  logger.log('');
-  logger.success('Authentication complete');
-  logger.success(`Logged in as ${user.github_username}`);
-  logger.success('Token saved to keychain');
-}
-
-// ============================================================================
-// Logout Command
-// ============================================================================
-
-/**
- * Logout from gitspace.sh (clear local credentials)
- */
-export async function authLogout(): Promise<void> {
-  const token = await getSecret('GITSPACE_TOKEN');
-
-  if (!token) {
-    logger.log('Not logged in');
-    return;
-  }
-
-  await deleteSecret('GITSPACE_TOKEN');
-  logger.success('Logged out');
-}
-
-// ============================================================================
-// Status Command
-// ============================================================================
-
-/**
- * Show current authentication status
- */
-export async function authStatus(): Promise<void> {
-  const token = await getSecret('GITSPACE_TOKEN');
-
-  if (!token) {
-    logger.log('Not logged in');
-    logger.dim('Run: gssh auth login');
-    return;
-  }
-
-  // Verify token with API
-  try {
-    const deviceFingerprint = getDeviceFingerprint();
-    if (!deviceFingerprint) {
-      logger.log('Identity not found. Run: gssh identity init');
-      return;
-    }
-
-    const res = await fetch(`${API_BASE}/me`, {
-      headers: {
-        Authorization: `Bearer ${token}`,
-        'X-Device-Fingerprint': deviceFingerprint,
-      },
-    });
-
-    if (!res.ok) {
-      logger.log('Session expired or invalid');
-      logger.dim('Run: gssh auth login');
-      return;
-    }
-
-    const user = await res.json();
-    logger.log(`Logged in as: ${user.github_username}`);
-    logger.log(`Email: ${user.email || '(not set)'}`);
-    if (user.name) {
-      logger.log(`Name: ${user.name}`);
-    }
-  } catch {
-    logger.log('Could not verify session (API unreachable)');
-    logger.dim('Token is saved locally');
-  }
-}
-
-// ============================================================================
-// Helper Functions
-// ============================================================================
-
-function getDeviceFingerprint(): string | null {
-  try {
-    const identity = getPublicKeyWithoutPassword();
-    return identity?.signingPublicKey ?? null;
-  } catch {
-    return null;
-  }
-}
-
-/**
- * Wait for Enter key press
- */
-function waitForEnter(): Promise<void> {
-  return new Promise((resolve) => {
-    if (process.stdin.isTTY) {
-      process.stdin.setRawMode(true);
-      process.stdin.resume();
-      process.stdin.once('data', () => {
-        process.stdin.setRawMode(false);
-        process.stdin.pause(); // Release the event loop
-        resolve();
-      });
-    } else {
-      resolve();
-    }
-  });
-}
-
-/**
- * Poll GitHub for access token (Device Flow)
- */
-async function pollForGitHubToken(
-  deviceCode: string,
-  interval: number,
-  clientId: string
-): Promise<string> {
-  const maxAttempts = 60; // ~5 minutes with default 5s interval
-  let currentInterval = interval;
-
-  for (let i = 0; i < maxAttempts; i++) {
-    await Bun.sleep(currentInterval * 1000);
-
-    // Show polling indicator
-    process.stdout.write('.');
-
-    const res = await fetch('https://github.com/login/oauth/access_token', {
-      method: 'POST',
-      headers: {
-        Accept: 'application/json',
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({
-        client_id: clientId,
-        device_code: deviceCode,
-        grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
-      }),
-    });
-
-    const data: GitHubTokenResponse = await res.json();
-
-    if (data.access_token) {
-      return data.access_token;
-    }
-
-    if (data.error === 'authorization_pending') {
-      // User hasn't authorized yet, keep polling
-      continue;
-    }
-
-    if (data.error === 'slow_down') {
-      // Rate limited, increase interval
-      currentInterval += 5;
-      continue;
-    }
-
-    if (data.error === 'expired_token') {
-      throw new SpacesError(
-        'Authorization expired. Please try again.',
-        'USER_ERROR'
-      );
-    }
-
-    if (data.error === 'access_denied') {
-      throw new SpacesError('Authorization denied by user.', 'USER_ERROR');
-    }
-
-    throw new SpacesError(
-      `GitHub auth error: ${data.error_description || data.error}`,
-      'SYSTEM_ERROR'
-    );
-  }
-
-  throw new SpacesError('Authorization timeout. Please try again.', 'USER_ERROR');
-}

package/src/commands/connect.ts

@@ -1,287 +0,0 @@
-/**
- * Connect command implementation
- *
- * Handles 'gssh connect <invite>' to connect to a remote machine
- * via an invite token or URL, or lists available machines when no
- * invite is provided.
- */
-
-import { logger } from '../utils/logger.js';
-import { promptPassword, promptConfirm } from '../utils/prompts.js';
-import { loadKeypair, keypairExists } from '../core/identity.js';
-import { parseInviteToken, isInviteExpired } from '../lib/tmux-lite/crypto/invites.js';
-import { RelayClient } from '../lib/tmux-lite/relay-client.js';
-import {
-  NoIdentityError,
-  SpacesError,
-} from '../types/errors.js';
-import type { InviteToken } from '../types/identity.js';
-
-/**
- * Connect to a remote machine via invite token
- *
- * @param inviteTokenOrUrl - Invite token (base64url) or URL containing token
- * @param options - Command options
- */
-export async function connectToRemote(
-  inviteTokenOrUrl?: string,
-  options: { relay?: string } = {}
-): Promise<void> {
-  // Invite is required for connection
-  if (!inviteTokenOrUrl) {
-    throw new SpacesError(
-      'Invite token or URL required.\n\nUsage:\n  gssh connect <invite-url>\n  gssh connect <invite-token>\n\nGet an invite from the machine owner using:\n  gssh share create',
-      'USER_ERROR',
-      1
-    );
-  }
-
-  // Step 1: Parse invite from URL or raw token
-  const token = extractAndValidateToken(inviteTokenOrUrl);
-
-  // Step 2: Display connection details and confirm
-  displayConnectionDetails(token);
-
-  const confirmed = await promptConfirm('Connect to this machine?', true);
-  if (!confirmed) {
-    logger.info('Cancelled');
-    return;
-  }
-
-  // Step 3: Load local identity
-  if (!keypairExists()) {
-    throw new NoIdentityError();
-  }
-
-  const password = await promptPassword('Enter password to unlock identity:');
-  if (!password) {
-    logger.info('Cancelled');
-    return;
-  }
-
-  const identity = await loadKeypair(password);
-  if (!identity) {
-    throw new SpacesError(
-      'Failed to unlock identity. Check your password.',
-      'USER_ERROR',
-      1
-    );
-  }
-
-  // Step 4: Connect to relay and perform handshake
-  const relayUrl = options.relay ?? token.relayUrl;
-
-  logger.info('Connecting to relay...');
-
-  const client = new RelayClient(
-    {
-      relayUrl,
-      machineId: token.machineId,
-      identity,
-      inviteToken: inviteTokenOrUrl.includes('#')
-        ? extractTokenFromUrl(inviteTokenOrUrl) ?? inviteTokenOrUrl
-        : inviteTokenOrUrl,
-    },
-    {
-      onConnect: () => {
-        logger.success('Connected!');
-      },
-      onDisconnect: (code, reason) => {
-        logger.info(`Disconnected: ${code} ${reason}`);
-        process.exit(0);
-      },
-      onError: (error) => {
-        logger.error(`Connection error: ${error.message}`);
-        process.exit(1);
-      },
-      onStateChange: (state) => {
-        if (state === 'handshaking') {
-          logger.info('Authenticating...');
-        }
-      },
-      onHandshakeComplete: (peerIdentityId, accessType, sessionId) => {
-        logger.success(`Session established with ${peerIdentityId.substring(0, 12)}...`);
-        logger.log('');
-        logger.dim(`Access: ${accessType === 'full' ? 'Full access' : 'Session invite'}`);
-        if (sessionId) {
-          logger.dim(`Session: ${sessionId}`);
-        }
-        logger.log('');
-        logger.dim('Press Ctrl+D to disconnect');
-        logger.log('');
-
-        // Enter terminal session
-        startTerminalSession(client);
-      },
-      onMessage: (_streamId, data) => {
-        // Write received data to stdout
-        process.stdout.write(data);
-      },
-    }
-  );
-
-  try {
-    await client.connect();
-  } catch (error) {
-    if (error instanceof Error) {
-      throw new SpacesError(
-        `Connection failed: ${error.message}`,
-        'SYSTEM_ERROR',
-        2
-      );
-    }
-    throw error;
-  }
-
-  // Keep process alive
-  await new Promise(() => {
-    // Never resolves - process stays alive until disconnect
-  });
-}
-
-/**
- * Extract token from URL or validate raw token
- */
-function extractAndValidateToken(input: string): InviteToken {
-  // Try to extract from URL
-  let rawToken = input;
-
-  if (input.includes('#')) {
-    const extracted = extractTokenFromUrl(input);
-    if (extracted) {
-      rawToken = extracted;
-    }
-  }
-
-  // Parse and validate token
-  const token = parseInviteToken(rawToken);
-  if (!token) {
-    throw new SpacesError(
-      'Invalid invite token. Check that the token is complete and not corrupted.',
-      'USER_ERROR',
-      1
-    );
-  }
-
-  if (isInviteExpired(token)) {
-    throw new SpacesError(
-      'This invite has expired. Please request a new one.',
-      'USER_ERROR',
-      1
-    );
-  }
-
-  return token;
-}
-
-/**
- * Extract token from a URL like https://gitspace.sh/join#TOKEN
- */
-function extractTokenFromUrl(url: string): string | null {
-  try {
-    const urlObj = new URL(url);
-    const hash = urlObj.hash;
-    if (hash && hash.length > 1) {
-      return hash.substring(1); // Remove leading #
-    }
-    return null;
-  } catch {
-    // Not a valid URL, might be raw token
-    if (url.includes('#')) {
-      return url.split('#')[1] || null;
-    }
-    return null;
-  }
-}
-
-/**
- * Display connection details from invite token
- */
-function displayConnectionDetails(token: InviteToken): void {
-  const expiresAt = new Date(token.expiresAt);
-  const now = new Date();
-  const hoursRemaining = Math.round(
-    (expiresAt.getTime() - now.getTime()) / (1000 * 60 * 60)
-  );
-
-  let expiryStr: string;
-  if (hoursRemaining < 1) {
-    const minutesRemaining = Math.round(
-      (expiresAt.getTime() - now.getTime()) / (1000 * 60)
-    );
-    expiryStr = `${minutesRemaining} minutes`;
-  } else if (hoursRemaining < 24) {
-    expiryStr = `${hoursRemaining} hours`;
-  } else {
-    const daysRemaining = Math.round(hoursRemaining / 24);
-    expiryStr = `${daysRemaining} days`;
-  }
-
-  logger.log('');
-  logger.bold('Remote Connection Details:');
-  logger.log('');
-  logger.log(`  Machine:     ${token.machineId}`);
-  logger.log(`  Access:      ${token.accessType === 'full' ? 'Full access' : 'Session invite'}`);
-  if (token.sessionId) {
-    logger.log(`  Session:     ${token.sessionId}`);
-  }
-  logger.log(`  Expires:     ${expiryStr} (${expiresAt.toLocaleString()})`);
-  logger.log(`  Relay:       ${token.relayUrl}`);
-  if (token.singleUse) {
-    logger.dim('  (Single-use invite)');
-  }
-  logger.log('');
-}
-
-/**
- * Start interactive terminal session
- */
-function startTerminalSession(client: RelayClient): void {
-  // Set stdin to raw mode for character-by-character input
-  if (process.stdin.isTTY) {
-    process.stdin.setRawMode(true);
-  }
-  process.stdin.resume();
-
-  // Forward stdin to remote
-  process.stdin.on('data', (data) => {
-    // Check for Ctrl+D (EOF)
-    if (data.length === 1 && data[0] === 0x04) {
-      logger.log('');
-      logger.info('Disconnecting...');
-      client.disconnect();
-      process.exit(0);
-    }
-
-    client.send(data);
-  });
-
-  // Handle terminal resize
-  if (process.stdout.isTTY) {
-    process.stdout.on('resize', () => {
-      // Send resize event to remote (using a control message)
-      const cols = process.stdout.columns;
-      const rows = process.stdout.rows;
-      const resizeMsg = JSON.stringify({ type: 'resize', cols, rows });
-      client.send(Buffer.from(resizeMsg), 1); // Stream ID 1 for control
-    });
-
-    // Send initial size
-    const cols = process.stdout.columns;
-    const rows = process.stdout.rows;
-    const resizeMsg = JSON.stringify({ type: 'resize', cols, rows });
-    client.send(Buffer.from(resizeMsg), 1);
-  }
-
-  // Handle SIGINT (Ctrl+C)
-  process.on('SIGINT', () => {
-    // Forward Ctrl+C to remote instead of terminating
-    client.send(Buffer.from([0x03]));
-  });
-
-  // Handle process termination
-  process.on('SIGTERM', () => {
-    client.disconnect();
-    process.exit(0);
-  });
-}

package/src/commands/directory.ts

@@ -1,16 +0,0 @@
-import { getCurrentProject, getProjectDir } from '../core/config'
-import { SpacesError } from '../types/errors'
-import { logger } from '../utils/logger'
-
-export async function getProjectDirectory(options: {
-	json?: boolean
-	verbose?: boolean
-}): Promise<void> {
-	const currentProject = getCurrentProject()
-	if (!currentProject) {
-		throw new SpacesError('No project found', 'USER_ERROR', 1)
-	}
-
-	const projectDirectory = getProjectDir(currentProject)
-	console.log(projectDirectory)
-}