instant-cli 1.0.19 → 1.0.20

package/src/commands/auth/origin/add.ts

@@ -0,0 +1,248 @@
+import { Effect, Match, Option, Schema } from 'effect';
+import type { authOriginAddDef, OptsFromCommand } from '../../../index.ts';
+import { BadArgsError } from '../../../errors.ts';
+import { GlobalOpts } from '../../../context/globalOpts.ts';
+import { optOrPrompt, runUIEffect } from '../../../lib/ui.ts';
+import { addAuthorizedOrigin } from '../../../lib/oauth.ts';
+import { UI } from '../../../ui/index.ts';
+import chalk from 'chalk';
+import boxen from 'boxen';
+import { originDisplay, originSource } from './list.ts';
+
+export const OriginTypeSchema = Schema.Literal(
+  'website',
+  'vercel',
+  'netlify',
+  'custom-scheme',
+);
+
+type OriginParams = string[];
+
+type Validated =
+  | { type: 'success'; params: OriginParams }
+  | { type: 'error'; message: string };
+
+const validateGenericUrl = (input: string): Validated => {
+  const trimmed = input.trim();
+  try {
+    const url = new URL(trimmed);
+    const host = url.host;
+    if (!host) {
+      throw new Error('missing host');
+    }
+    if (host.split('.').length === 1 && !url.port) {
+      throw new Error('invalid url');
+    }
+    return { type: 'success', params: [host] };
+  } catch {
+    if (!trimmed.startsWith('http')) {
+      return validateGenericUrl(`http://${trimmed}`);
+    }
+    return { type: 'error', message: 'Invalid URL.' };
+  }
+};
+
+const validateNetlifyUrl = (input: string): Validated => {
+  const trimmed = input.trim();
+  if (!trimmed) {
+    return { type: 'error', message: 'Netlify site name is required.' };
+  }
+  return { type: 'success', params: [trimmed] };
+};
+
+const validateVercelUrl = (input: string): Validated => {
+  const trimmed = input.trim();
+  if (!trimmed) {
+    return { type: 'error', message: 'Vercel project name is required.' };
+  }
+  return { type: 'success', params: ['vercel.app', trimmed] };
+};
+
+const validateCustomScheme = (input: string): Validated => {
+  const trimmed = input.trim();
+  try {
+    const url = new URL(trimmed);
+    const scheme = url.protocol.slice(0, -1);
+    return { type: 'success', params: [scheme] };
+  } catch {
+    return { type: 'error', message: 'Invalid scheme.' };
+  }
+};
+
+const addOriginHandler = Effect.fn(function* (
+  type: Schema.Schema.Type<typeof OriginTypeSchema>,
+  validated: { params: OriginParams },
+) {
+  const response = yield* addAuthorizedOrigin({
+    service: type === 'website' ? 'generic' : type,
+    params: validated.params,
+  });
+
+  yield* Effect.log(
+    '\n' +
+      boxen(
+        [
+          `Origin added: ${originDisplay(response.origin)}`,
+          `Type: ${originSource(response.origin)}`,
+          `ID: ${response.origin.id}`,
+        ].join('\n'),
+        { dimBorder: true, padding: { right: 1, left: 1 } },
+      ),
+  );
+});
+
+const handleGenericOrigin = Effect.fn(function* (
+  opts: Record<string, unknown>,
+) {
+  const url = yield* optOrPrompt(opts.url, {
+    simpleName: '--url',
+    required: true,
+    skipIf: false,
+    prompt: {
+      prompt: 'Website URL:',
+      placeholder: 'example.com',
+      modifyOutput: UI.modifiers.piped([
+        UI.modifiers.topPadding,
+        UI.modifiers.dimOnComplete,
+      ]),
+    },
+  });
+
+  if (!url) {
+    return yield* BadArgsError.make({ message: 'URL is required.' });
+  }
+
+  const validated = validateGenericUrl(url);
+  if (validated.type === 'error') {
+    return yield* BadArgsError.make({ message: validated.message });
+  }
+
+  yield* addOriginHandler('website', validated);
+});
+
+const handleVercelOrigin = Effect.fn(function* (opts: Record<string, unknown>) {
+  const project = yield* optOrPrompt(opts.project, {
+    simpleName: '--project',
+    required: true,
+    skipIf: false,
+    prompt: {
+      prompt: 'Vercel project name:',
+      placeholder: 'vercel-project-name',
+      modifyOutput: UI.modifiers.piped([
+        UI.modifiers.topPadding,
+        UI.modifiers.dimOnComplete,
+      ]),
+    },
+  });
+
+  const validated = validateVercelUrl(project ?? '');
+  if (validated.type === 'error') {
+    return yield* BadArgsError.make({ message: validated.message });
+  }
+
+  yield* addOriginHandler('vercel', validated);
+});
+
+const handleNetlifyOrigin = Effect.fn(function* (
+  opts: Record<string, unknown>,
+) {
+  const site = yield* optOrPrompt(opts.site, {
+    simpleName: '--site',
+    required: true,
+    skipIf: false,
+    prompt: {
+      prompt: 'Netlify site name:',
+      placeholder: 'netlify-site-name',
+      modifyOutput: UI.modifiers.piped([
+        UI.modifiers.topPadding,
+        UI.modifiers.dimOnComplete,
+      ]),
+    },
+  });
+
+  const validated = validateNetlifyUrl(site ?? '');
+  if (validated.type === 'error') {
+    return yield* BadArgsError.make({ message: validated.message });
+  }
+
+  yield* addOriginHandler('netlify', validated);
+});
+
+const handleCustomSchemeOrigin = Effect.fn(function* (
+  opts: Record<string, unknown>,
+) {
+  const scheme = yield* optOrPrompt(opts.scheme, {
+    simpleName: '--scheme',
+    required: true,
+    skipIf: false,
+    prompt: {
+      prompt: 'App scheme:',
+      placeholder: 'app-scheme://',
+      modifyOutput: UI.modifiers.piped([
+        UI.modifiers.topPadding,
+        UI.modifiers.dimOnComplete,
+      ]),
+    },
+  });
+
+  const validated = validateCustomScheme(scheme ?? '');
+  if (validated.type === 'error') {
+    return yield* BadArgsError.make({ message: validated.message });
+  }
+
+  yield* addOriginHandler('custom-scheme', validated);
+});
+
+export const authOriginAddCmd = Effect.fn(
+  function* (
+    opts: OptsFromCommand<typeof authOriginAddDef> & Record<string, unknown>,
+  ) {
+    const { yes } = yield* GlobalOpts;
+    if (!opts.type && yes) {
+      return yield* BadArgsError.make({
+        message: `Missing required value for --type. Expected one of: ${OriginTypeSchema.literals.join(', ')}`,
+      });
+    }
+    const originType = yield* Option.fromNullable(opts.type).pipe(
+      Effect.catchTag('NoSuchElementException', () =>
+        runUIEffect(
+          new UI.Select({
+            options: [
+              { label: 'Website', value: 'website' },
+              { label: 'Vercel previews', value: 'vercel' },
+              { label: 'Netlify previews', value: 'netlify' },
+              { label: 'App scheme', value: 'custom-scheme' },
+            ],
+            promptText: 'Select an origin type:',
+            modifyOutput: UI.modifiers.piped([UI.modifiers.dimOnComplete]),
+          }),
+        ),
+      ),
+      Effect.andThen((s) => Schema.decodeUnknown(OriginTypeSchema)(s)),
+      Effect.catchTag('ParseError', () =>
+        BadArgsError.make({
+          message: `Invalid origin type, must be one of: ${OriginTypeSchema.literals.join(', ')}`,
+        }),
+      ),
+    );
+
+    yield* Match.value(originType).pipe(
+      Match.withReturnType<Effect.Effect<void, any, any>>(),
+      Match.when('website', () => handleGenericOrigin(opts)),
+      Match.when('vercel', () => handleVercelOrigin(opts)),
+      Match.when('netlify', () => handleNetlifyOrigin(opts)),
+      Match.when('custom-scheme', () => handleCustomSchemeOrigin(opts)),
+      Match.exhaustive,
+    );
+  },
+  Effect.catchTag('BadArgsError', (e) =>
+    Effect.gen(function* () {
+      yield* Effect.logError(e.message);
+      yield* Effect.log(
+        chalk.dim(
+          'hint: run `instant-cli auth origin add --help` for available arguments',
+        ),
+      );
+    }),
+  ),
+);

package/src/commands/auth/origin/delete.ts

@@ -0,0 +1,50 @@
+import chalk from 'chalk';
+import { Effect } from 'effect';
+import type { authOriginDeleteDef, OptsFromCommand } from '../../../index.ts';
+import { BadArgsError } from '../../../errors.ts';
+import { getAppsAuth, removeAuthorizedOrigin } from '../../../lib/oauth.ts';
+import { GlobalOpts } from '../../../context/globalOpts.ts';
+import { runUIEffect } from '../../../lib/ui.ts';
+import { UI } from '../../../ui/index.ts';
+import { originDisplay, originSource } from './list.ts';
+
+export const authOriginDeleteCmd = Effect.fn(function* (
+  opts: OptsFromCommand<typeof authOriginDeleteDef>,
+) {
+  const info = yield* getAppsAuth();
+  const origins = info.authorized_redirect_origins ?? [];
+
+  if (origins.length === 0) {
+    yield* Effect.log('No authorized redirect origins configured.');
+    return;
+  }
+
+  if (!opts.id) {
+    const { yes } = yield* GlobalOpts;
+    if (yes) {
+      return yield* BadArgsError.make({
+        message: 'Must specify --id',
+      });
+    }
+
+    const picked = yield* runUIEffect(
+      new UI.Select({
+        options: origins.map((origin) => ({
+          label:
+            `${originSource(origin)} — ${originDisplay(origin)} ` +
+            chalk.dim(`(${origin.id})`),
+          value: origin,
+        })),
+        promptText: 'Select an origin to delete:',
+      }),
+    );
+
+    yield* removeAuthorizedOrigin(picked.id);
+  }
+
+  if (opts.id) {
+    yield* removeAuthorizedOrigin(opts.id);
+  }
+
+  yield* Effect.log('Origin deleted!');
+});

package/src/commands/auth/origin/list.ts

@@ -0,0 +1,66 @@
+import chalk from 'chalk';
+import { Effect, Schema } from 'effect';
+import type { authOriginListDef, OptsFromCommand } from '../../../index.ts';
+import { AuthorizedOrigin, getAppsAuth } from '../../../lib/oauth.ts';
+
+export const originSource = (
+  origin: Schema.Schema.Type<typeof AuthorizedOrigin>,
+) => {
+  switch (origin.service) {
+    case 'generic':
+      return 'Website';
+    case 'netlify':
+      return 'Netlify site';
+    case 'vercel':
+      if (origin.params[0] !== 'vercel.app') {
+        return `Vercel project (${origin.params[0]})`;
+      }
+      return 'Vercel project';
+    case 'custom-scheme':
+      return 'Native app';
+    default:
+      return origin.service;
+  }
+};
+
+export const originDisplay = (
+  origin: Schema.Schema.Type<typeof AuthorizedOrigin>,
+) => {
+  switch (origin.service) {
+    case 'generic':
+      return origin.params[0];
+    case 'netlify':
+      return origin.params[0];
+    case 'vercel':
+      return origin.params[1];
+    case 'custom-scheme':
+      return `${origin.params[0]}://`;
+    default:
+      return origin.params[0];
+  }
+};
+
+export const authOriginListCmd = Effect.fn(function* (
+  _opts: OptsFromCommand<typeof authOriginListDef>,
+) {
+  const info = yield* getAppsAuth();
+  if (_opts.json) {
+    yield* Effect.log(
+      JSON.stringify(info.authorized_redirect_origins, null, 2),
+    );
+    return;
+  }
+
+  const origins = info.authorized_redirect_origins ?? [];
+
+  if (origins.length === 0) {
+    yield* Effect.log('No authorized redirect origins configured.');
+    return;
+  }
+
+  for (const origin of origins) {
+    yield* Effect.log(chalk.cyan(originDisplay(origin)));
+    yield* Effect.log(`  Type: ${originSource(origin)}`);
+    yield* Effect.log(`  ID: ${origin.id}`);
+  }
+});

package/src/index.ts

@@ -29,6 +29,9 @@ import { PACKAGE_ALIAS_AND_FULL_NAMES } from './context/projectInfo.ts';
 import { authClientAddCmd } from './commands/auth/client/add.ts';
 import { authClientListCmd } from './commands/auth/client/list.ts';
 import { authClientDeleteCmd } from './commands/auth/client/delete.ts';
+import { authOriginListCmd } from './commands/auth/origin/list.ts';
+import { authOriginDeleteCmd } from './commands/auth/origin/delete.ts';
+import { authOriginAddCmd } from './commands/auth/origin/add.ts';
 import { link } from './logging.ts';
 
 export type OptsFromCommand<C> =
@@ -194,6 +197,95 @@ export const authClientDeleteDef = authClient
     );
   });
 
+const authOrigin = auth.command('origin');
+export const authOriginListDef = authOrigin
+  .command('list')
+  .option(
+    '-a --app <app-id>',
+    'App ID to list origins for. Defaults to *_INSTANT_APP_ID in .env',
+  )
+  .option('--json', 'Enable JSON output')
+  .action((opts) => {
+    return runCommandEffect(
+      authOriginListCmd(opts).pipe(
+        Effect.provide(
+          WithAppLayer({
+            coerce: false,
+            coerceAuth: false,
+            appId: opts.app,
+            allowAdminToken: true,
+          }).pipe(Layer.annotateLogs('silent', !!opts.json)),
+        ),
+      ),
+    );
+  });
+
+export const authOriginAddDef = authOrigin
+  .command('add')
+  .option(
+    '--type <website|vercel|netlify|custom-scheme>',
+    'Type of origin to add.',
+  )
+  .option('--url <url>', 'Website URL (for website type, e.g. example.com)')
+  .option(
+    '--project <name>',
+    'Vercel project name (for vercel type, e.g. my-project)',
+  )
+  .option('--site <name>', 'Netlify site name (for netlify type, e.g. my-site)')
+  .option(
+    '--scheme <scheme>',
+    'App scheme (for custom-scheme type, e.g. myapp://)',
+  )
+  .option(
+    '-a --app <app-id>',
+    'App ID to add an origin to. Defaults to *_INSTANT_APP_ID in .env',
+  )
+  .addHelpText(
+    'after',
+    `
+Origin Types:
+  website         A standard website origin (e.g. example.com)
+  vercel          Vercel preview deployments (project name)
+  netlify         Netlify preview deployments (site name)
+  custom-scheme   Native app scheme (e.g. your-app-scheme://)
+`,
+  )
+  .action((opts) => {
+    return runCommandEffect(
+      authOriginAddCmd(opts).pipe(
+        Effect.provide(
+          WithAppLayer({
+            coerce: false,
+            coerceAuth: false,
+            appId: opts.app,
+            allowAdminToken: true,
+          }),
+        ),
+      ),
+    );
+  });
+
+export const authOriginDeleteDef = authOrigin
+  .command('delete')
+  .option('--id <origin-id>', 'Origin ID to delete')
+  .option(
+    '-a --app <app-id>',
+    'App ID to delete an origin from. Defaults to *_INSTANT_APP_ID in .env',
+  )
+  .action((opts) => {
+    return runCommandEffect(
+      authOriginDeleteCmd(opts).pipe(
+        Effect.provide(
+          WithAppLayer({
+            coerce: false,
+            appId: opts.app,
+            allowAdminToken: true,
+          }),
+        ),
+      ),
+    );
+  });
+
 export const initWithoutFilesDef = program
   .command('init-without-files')
   .description('Generate a new app id and admin token pair without any files.')

package/src/lib/oauth.ts

@@ -56,6 +56,10 @@ export const AddOAuthClientResponse = Schema.Struct({
   client: OAuthClient,
 });
 
+export const AuthorizedOriginResponse = Schema.Struct({
+  origin: AuthorizedOrigin,
+});
+
 const NullableArray = <A, I, R>(schema: Schema.Schema<A, I, R>) =>
   Schema.Union(Schema.Array(schema).pipe(Schema.mutable), Schema.Null).pipe(
     Schema.optional,
@@ -231,3 +235,39 @@ export const getClientNameAndProvider = Effect.fn(function* (
   }
   return { provider, clientName };
 });
+
+export const removeAuthorizedOrigin = Effect.fn(function* (originId: string) {
+  const http = (yield* InstantHttpAuthed).pipe(
+    withCommand('auth origin delete'),
+  );
+  const { appId } = yield* CurrentApp;
+
+  return yield* http
+    .del(`/dash/apps/${appId}/authorized_redirect_origins/${originId}`)
+    .pipe(
+      Effect.flatMap(
+        HttpClientResponse.schemaBodyJson(AuthorizedOriginResponse),
+      ),
+    );
+});
+
+export const addAuthorizedOrigin = Effect.fn(function* (params: {
+  service: Schema.Schema.Type<typeof AuthorizedOriginService>;
+  params: string[];
+}) {
+  const http = (yield* InstantHttpAuthed).pipe(withCommand('auth origin add'));
+  const { appId } = yield* CurrentApp;
+
+  return yield* http
+    .post(`/dash/apps/${appId}/authorized_redirect_origins`, {
+      body: HttpBody.unsafeJson({
+        service: params.service,
+        params: params.params,
+      }),
+    })
+    .pipe(
+      Effect.flatMap(
+        HttpClientResponse.schemaBodyJson(AuthorizedOriginResponse),
+      ),
+    );
+});