npm - granola-toolkit - Versions diffs - 0.7.0 → 0.9.0 - Mend

granola-toolkit 0.7.0 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -31,6 +31,7 @@ Installed CLI:
 ```bash
 granola --help
+granola auth login
 granola notes --help
 granola transcripts --help
 ```
@@ -57,6 +58,9 @@ npm run transcripts -- --help
 Export notes:
 ```bash
+granola auth login
+granola notes
 node dist/cli.js notes --supabase "$HOME/Library/Application Support/Granola/supabase.json"
 node dist/cli.js notes --format json --output ./notes-json
 ```
@@ -76,7 +80,7 @@ node dist/cli.js transcripts --format yaml --output ./transcripts-yaml
 The flow is:
-1. read your local `supabase.json`
+1. read a stored Granola session, or fall back to your local `supabase.json`
 2. extract the WorkOS access token from it
 3. call Granola's paginated documents API
 4. normalise each document into a structured note export
@@ -117,6 +121,17 @@ Speaker labels are currently normalised to:
 Structured output formats are useful when you want to post-process exports in scripts instead of reading the default human-oriented Markdown or text files.
+## Auth
+If you do not want to keep passing `--supabase`, import the desktop app session once:
+```bash
+granola auth login
+granola auth status
+```
+That stores a reusable Granola session locally and lets `granola notes` use it directly. `granola auth logout` deletes the stored session.
 ### Incremental Writes
 Both commands keep a small hidden state file in the output directory to track:

package/dist/cli.js CHANGED Viewed

@@ -1,8 +1,10 @@
 #!/usr/bin/env node
 import { existsSync } from "node:fs";
-import { mkdir, readFile, rm, stat, writeFile } from "node:fs/promises";
-import { homedir } from "node:os";
+import { execFile } from "node:child_process";
+import { mkdir, readFile, rm, stat, unlink, writeFile } from "node:fs/promises";
+import { homedir, platform } from "node:os";
 import { dirname, join } from "node:path";
+import { promisify } from "node:util";
 import { createHash } from "node:crypto";
 //#region src/utils.ts
 const INVALID_FILENAME_CHARS = /[<>:"/\\|?*]/g;
@@ -162,16 +164,46 @@ function transcriptSpeakerLabel(segment) {
 }
 //#endregion
 //#region src/client/auth.ts
-function getAccessTokenFromSupabaseContents(supabaseContents) {
+const execFileAsync = promisify(execFile);
+const DEFAULT_CLIENT_ID = "client_GranolaMac";
+const KEYCHAIN_SERVICE_NAME = "com.granola.toolkit";
+const KEYCHAIN_ACCOUNT_NAME = "session";
+const WORKOS_AUTH_URL = "https://api.workos.com/user_management/authenticate";
+function numberValue(value) {
+	return typeof value === "number" && Number.isFinite(value) ? value : void 0;
+}
+function parseSessionRecord(record) {
+	const accessToken = stringValue(record.access_token);
+	if (!accessToken.trim()) return;
+	return {
+		accessToken,
+		clientId: stringValue(record.client_id) || DEFAULT_CLIENT_ID,
+		expiresIn: numberValue(record.expires_in),
+		externalId: stringValue(record.external_id) || void 0,
+		obtainedAt: stringValue(record.obtained_at) || void 0,
+		refreshToken: stringValue(record.refresh_token) || void 0,
+		sessionId: stringValue(record.session_id) || void 0,
+		signInMethod: stringValue(record.sign_in_method) || void 0,
+		tokenType: stringValue(record.token_type) || void 0
+	};
+}
+function parseNestedRecord(value) {
+	if (typeof value === "string") return parseJsonString(value);
+	return asRecord(value);
+}
+function getSessionFromSupabaseContents(supabaseContents) {
 	const wrapper = parseJsonString(supabaseContents);
 	if (!wrapper) throw new Error("failed to parse supabase.json");
-	const workosTokens = wrapper.workos_tokens;
-	let tokenPayload;
-	if (typeof workosTokens === "string") tokenPayload = parseJsonString(workosTokens);
-	else tokenPayload = asRecord(workosTokens);
-	const accessToken = tokenPayload ? stringValue(tokenPayload.access_token) : "";
-	if (!accessToken.trim()) throw new Error("access token not found in supabase.json");
-	return accessToken;
+	const workOsSession = parseSessionRecord(parseNestedRecord(wrapper.workos_tokens) ?? {});
+	if (workOsSession) return workOsSession;
+	const cognitoSession = parseSessionRecord(parseNestedRecord(wrapper.cognito_tokens) ?? {});
+	if (cognitoSession) return cognitoSession;
+	const legacySession = parseSessionRecord(wrapper);
+	if (legacySession) return legacySession;
+	throw new Error("access token not found in supabase.json");
+}
+function getAccessTokenFromSupabaseContents(supabaseContents) {
+	return getSessionFromSupabaseContents(supabaseContents).accessToken;
 }
 var SupabaseFileTokenSource = class {
 	constructor(filePath) {
@@ -181,11 +213,85 @@ var SupabaseFileTokenSource = class {
 		return getAccessTokenFromSupabaseContents(await readFile(this.filePath, "utf8"));
 	}
 };
+var SupabaseFileSessionSource = class {
+	constructor(filePath) {
+		this.filePath = filePath;
+	}
+	async loadSession() {
+		return getSessionFromSupabaseContents(await readFile(this.filePath, "utf8"));
+	}
+};
 var NoopTokenStore = class {
 	async clearToken() {}
 	async readToken() {}
 	async writeToken(_token) {}
 };
+var FileSessionStore = class {
+	constructor(filePath = defaultSessionFilePath()) {
+		this.filePath = filePath;
+	}
+	async clearSession() {
+		try {
+			await unlink(this.filePath);
+		} catch {}
+	}
+	async readSession() {
+		try {
+			const parsed = parseJsonString(await readFile(this.filePath, "utf8"));
+			return parsed?.accessToken ? parsed : void 0;
+		} catch {
+			return;
+		}
+	}
+	async writeSession(session) {
+		await mkdir(dirname(this.filePath), { recursive: true });
+		await writeFile(this.filePath, `${JSON.stringify(session, null, 2)}\n`, {
+			encoding: "utf8",
+			mode: 384
+		});
+	}
+};
+var KeychainSessionStore = class {
+	async clearSession() {
+		try {
+			await execFileAsync("security", [
+				"delete-generic-password",
+				"-s",
+				KEYCHAIN_SERVICE_NAME,
+				"-a",
+				KEYCHAIN_ACCOUNT_NAME
+			]);
+		} catch {}
+	}
+	async readSession() {
+		try {
+			const { stdout } = await execFileAsync("security", [
+				"find-generic-password",
+				"-s",
+				KEYCHAIN_SERVICE_NAME,
+				"-a",
+				KEYCHAIN_ACCOUNT_NAME,
+				"-w"
+			]);
+			const parsed = parseJsonString(stdout.trim());
+			return parsed?.accessToken ? parsed : void 0;
+		} catch {
+			return;
+		}
+	}
+	async writeSession(session) {
+		await execFileAsync("security", [
+			"add-generic-password",
+			"-U",
+			"-s",
+			KEYCHAIN_SERVICE_NAME,
+			"-a",
+			KEYCHAIN_ACCOUNT_NAME,
+			"-w",
+			JSON.stringify(session)
+		]);
+	}
+};
 var CachedTokenProvider = class {
 	#token;
 	constructor(source, store = new NoopTokenStore()) {
@@ -209,6 +315,135 @@ var CachedTokenProvider = class {
 		await this.store.clearToken();
 	}
 };
+var StoredSessionTokenProvider = class {
+	#session;
+	constructor(store, options = {}) {
+		this.store = store;
+		this.options = options;
+	}
+	async loadSession() {
+		if (this.#session) return this.#session;
+		const storedSession = await this.store.readSession();
+		if (storedSession?.accessToken.trim()) {
+			this.#session = storedSession;
+			return storedSession;
+		}
+		if (!this.options.source) throw new Error("no stored Granola session found");
+		const sourcedSession = await this.options.source.loadSession();
+		this.#session = sourcedSession;
+		return sourcedSession;
+	}
+	async getAccessToken() {
+		return (await this.loadSession()).accessToken;
+	}
+	async invalidate() {
+		const session = await this.loadSession().catch(() => void 0);
+		if (session?.refreshToken && session.clientId) {
+			const refreshedSession = await refreshGranolaSession(session, this.options.fetchImpl);
+			this.#session = refreshedSession;
+			await this.store.writeSession(refreshedSession);
+			return;
+		}
+		if (this.options.source) {
+			this.#session = await this.options.source.loadSession();
+			return;
+		}
+		this.#session = void 0;
+		await this.store.clearSession();
+	}
+};
+async function refreshGranolaSession(session, fetchImpl = fetch) {
+	if (!session.refreshToken?.trim()) throw new Error("refresh token not available");
+	const response = await fetchImpl(WORKOS_AUTH_URL, {
+		body: JSON.stringify({
+			client_id: session.clientId,
+			grant_type: "refresh_token",
+			refresh_token: session.refreshToken
+		}),
+		headers: { "Content-Type": "application/json" },
+		method: "POST"
+	});
+	if (!response.ok) throw new Error(`failed to refresh session: ${response.status} ${response.statusText}`);
+	const refreshed = parseSessionRecord(await response.json());
+	if (!refreshed) throw new Error("failed to parse refreshed session");
+	return {
+		...session,
+		...refreshed,
+		clientId: refreshed.clientId || session.clientId,
+		obtainedAt: refreshed.obtainedAt ?? (/* @__PURE__ */ new Date()).toISOString(),
+		refreshToken: refreshed.refreshToken ?? session.refreshToken
+	};
+}
+function defaultSessionFilePath() {
+	const home = homedir();
+	return platform() === "darwin" ? join(home, "Library", "Application Support", "granola-toolkit", "session.json") : join(home, ".config", "granola-toolkit", "session.json");
+}
+function createDefaultSessionStore() {
+	return platform() === "darwin" ? new KeychainSessionStore() : new FileSessionStore();
+}
+//#endregion
+//#region src/commands/auth.ts
+function authHelp() {
+	return `Granola auth
+Usage:
+  granola auth <login|status|logout>
+Subcommands:
+  login               Import credentials from the Granola desktop app
+  status              Show whether a stored Granola session is available
+  logout              Delete the stored Granola session
+Options:
+  --supabase <path>   Path to supabase.json for auth login
+  -h, --help          Show help
+`;
+}
+const authCommand = {
+	description: "Manage stored Granola sessions",
+	flags: { help: { type: "boolean" } },
+	help: authHelp,
+	name: "auth",
+	async run({ commandArgs, globalFlags }) {
+		const [action] = commandArgs;
+		switch (action) {
+			case "login": return await login(globalFlags.supabase);
+			case "logout": return await logout();
+			case "status": return await status();
+			case void 0:
+				console.log(authHelp());
+				return 1;
+			default: throw new Error("invalid auth command: expected login, status, or logout");
+		}
+	}
+};
+async function login(supabaseFlag) {
+	const supabasePath = typeof supabaseFlag === "string" && supabaseFlag.trim() || firstExistingPath(granolaSupabaseCandidates());
+	if (!supabasePath) throw new Error(`supabase.json not found. Pass --supabase or create .granola.toml. Expected locations include: ${granolaSupabaseCandidates().join(", ")}`);
+	if (!existsSync(supabasePath)) throw new Error(`supabase.json not found: ${supabasePath}`);
+	const sessionStore = createDefaultSessionStore();
+	const session = await new SupabaseFileSessionSource(supabasePath).loadSession();
+	await sessionStore.writeSession(session);
+	console.log(`Imported Granola session from ${supabasePath}`);
+	return 0;
+}
+async function status() {
+	const session = await createDefaultSessionStore().readSession();
+	if (!session) {
+		console.log("No stored Granola session");
+		return 1;
+	}
+	console.log("Stored Granola session");
+	console.log(`Client ID: ${session.clientId}`);
+	console.log(`Refresh token: ${session.refreshToken ? "available" : "missing"}`);
+	console.log(`Sign-in method: ${session.signInMethod ?? "unknown"}`);
+	return 0;
+}
+async function logout() {
+	await createDefaultSessionStore().clearSession();
+	console.log("Stored Granola session deleted");
+	return 0;
+}
 //#endregion
 //#region src/client/parsers.ts
 function parseProseMirrorDoc(value, options = {}) {
@@ -819,8 +1054,10 @@ const notesCommand = {
 			globalFlags,
 			subcommandFlags: commandFlags
 		});
-		if (!config.supabase) throw new Error(`supabase.json not found. Pass --supabase or create .granola.toml. Expected locations include: ${granolaSupabaseCandidates().join(", ")}`);
-		if (!existsSync(config.supabase)) throw new Error(`supabase.json not found: ${config.supabase}`);
+		const sessionStore = createDefaultSessionStore();
+		const storedSession = await sessionStore.readSession();
+		if (!storedSession && !config.supabase) throw new Error(`supabase.json not found. Pass --supabase or create .granola.toml. Expected locations include: ${granolaSupabaseCandidates().join(", ")}`);
+		if (!storedSession && config.supabase && !existsSync(config.supabase)) throw new Error(`supabase.json not found: ${config.supabase}`);
 		debug(config.debug, "using config", config.configFileUsed ?? "(none)");
 		debug(config.debug, "supabase", config.supabase);
 		debug(config.debug, "timeoutMs", config.notes.timeoutMs);
@@ -828,7 +1065,7 @@ const notesCommand = {
 		const format = resolveNoteFormat(commandFlags.format);
 		debug(config.debug, "format", format);
 		console.log("Fetching documents from Granola API...");
-		const tokenProvider = new CachedTokenProvider(new SupabaseFileTokenSource(config.supabase), new NoopTokenStore());
+		const tokenProvider = storedSession ? new StoredSessionTokenProvider(sessionStore, { source: config.supabase && existsSync(config.supabase) ? new SupabaseFileSessionSource(config.supabase) : void 0 }) : new CachedTokenProvider(new SupabaseFileTokenSource(config.supabase), new NoopTokenStore());
 		const documents = await new GranolaApiClient(new AuthenticatedHttpClient({
 			logger: console,
 			tokenProvider
@@ -1098,7 +1335,11 @@ function resolveTranscriptFormat(value) {
 }
 //#endregion
 //#region src/commands/index.ts
-const commands = [notesCommand, transcriptsCommand];
+const commands = [
+	authCommand,
+	notesCommand,
+	transcriptsCommand
+];
 const commandMap = new Map(commands.map((command) => [command.name, command]));
 //#endregion
 //#region src/flags.ts
@@ -1213,6 +1454,7 @@ async function runCli(argv) {
 			return 0;
 		}
 		return await command.run({
+			commandArgs: subcommand.rest,
 			commandFlags: subcommand.values,
 			globalFlags: global.values
 		});

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "granola-toolkit",
-  "version": "0.7.0",
+  "version": "0.9.0",
   "description": "CLI toolkit for exporting and working with Granola notes and transcripts",
   "keywords": [
     "cli",