instant-cli 1.0.22 → 1.0.23-branch-cli-codex-update.25390498340.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/.turbo/turbo-build.log +1 -1
  2. package/__tests__/authClientAddGoogle.test.ts +92 -0
  3. package/__tests__/authClientList.test.ts +90 -0
  4. package/__tests__/authClientUpdate.test.ts +583 -0
  5. package/__tests__/oauthMock.ts +9 -1
  6. package/__tests__/redirectUriPrompt.test.ts +26 -0
  7. package/dist/commands/auth/client/add.d.ts +1 -2
  8. package/dist/commands/auth/client/add.d.ts.map +1 -1
  9. package/dist/commands/auth/client/add.js +173 -276
  10. package/dist/commands/auth/client/add.js.map +1 -1
  11. package/dist/commands/auth/client/delete.d.ts +1 -2
  12. package/dist/commands/auth/client/delete.d.ts.map +1 -1
  13. package/dist/commands/auth/client/delete.js +8 -18
  14. package/dist/commands/auth/client/delete.js.map +1 -1
  15. package/dist/commands/auth/client/list.d.ts.map +1 -1
  16. package/dist/commands/auth/client/list.js +11 -2
  17. package/dist/commands/auth/client/list.js.map +1 -1
  18. package/dist/commands/auth/client/shared.d.ts +72 -0
  19. package/dist/commands/auth/client/shared.d.ts.map +1 -0
  20. package/dist/commands/auth/client/shared.js +145 -0
  21. package/dist/commands/auth/client/shared.js.map +1 -0
  22. package/dist/commands/auth/client/update.d.ts +8 -0
  23. package/dist/commands/auth/client/update.d.ts.map +1 -0
  24. package/dist/commands/auth/client/update.js +515 -0
  25. package/dist/commands/auth/client/update.js.map +1 -0
  26. package/dist/index.d.ts +5 -0
  27. package/dist/index.d.ts.map +1 -1
  28. package/dist/index.js +60 -13
  29. package/dist/index.js.map +1 -1
  30. package/dist/lib/oauth.d.ts +114 -7
  31. package/dist/lib/oauth.d.ts.map +1 -1
  32. package/dist/lib/oauth.js +51 -1
  33. package/dist/lib/oauth.js.map +1 -1
  34. package/package.json +4 -4
  35. package/src/commands/auth/client/add.ts +251 -330
  36. package/src/commands/auth/client/delete.ts +8 -20
  37. package/src/commands/auth/client/list.ts +21 -2
  38. package/src/commands/auth/client/shared.ts +195 -0
  39. package/src/commands/auth/client/update.ts +853 -0
  40. package/src/index.ts +74 -13
  41. package/src/lib/oauth.ts +83 -1
package/dist/lib/oauth.js CHANGED
@@ -17,7 +17,15 @@ export const OAuthServiceProvider = Schema.Struct({
17
17
  id: Schema.String,
18
18
  provider_name: Schema.String,
19
19
  });
20
+ export const GoogleAppTypeSchema = Schema.Literal('web', 'ios', 'android', 'button-for-web');
20
21
  const NullableString = Schema.Union(Schema.String, Schema.Null).pipe(Schema.optional);
22
+ const NullableBoolean = Schema.Union(Schema.Boolean, Schema.Null).pipe(Schema.optional);
23
+ const OAuthClientMeta = Schema.Struct({
24
+ // Currently the CLI only reads Google app type from meta. Other providers store
25
+ // different meta shapes, so keep the rest open until we have a clean
26
+ // top-level discriminator for a full provider-specific union.
27
+ appType: GoogleAppTypeSchema.pipe(Schema.optional),
28
+ }).pipe(Schema.extend(Schema.Record({ key: Schema.String, value: Schema.Any })));
21
29
  export const OAuthClient = Schema.Struct({
22
30
  id: Schema.String,
23
31
  client_name: Schema.String,
@@ -27,7 +35,8 @@ export const OAuthClient = Schema.Struct({
27
35
  token_endpoint: NullableString,
28
36
  discovery_endpoint: NullableString,
29
37
  redirect_to: NullableString,
30
- meta: Schema.Any.pipe(Schema.optional),
38
+ meta: Schema.Union(OAuthClientMeta, Schema.Null).pipe(Schema.optional),
39
+ use_shared_credentials: NullableBoolean,
31
40
  });
32
41
  export const AddOAuthProviderResponse = Schema.Struct({
33
42
  provider: OAuthServiceProvider,
@@ -77,6 +86,23 @@ export const addOAuthClient = Effect.fn(function* (params) {
77
86
  discovery_endpoint: params.discoveryEndpoint,
78
87
  redirect_to: params.redirectTo,
79
88
  meta: params.meta,
89
+ use_shared_credentials: params.useSharedCredentials,
90
+ }),
91
+ })
92
+ .pipe(Effect.flatMap(HttpClientResponse.schemaBodyJson(AddOAuthClientResponse)));
93
+ });
94
+ export const updateOAuthClient = Effect.fn(function* (params) {
95
+ const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));
96
+ const targetAppId = (yield* CurrentApp).appId;
97
+ return yield* http
98
+ .post(`/dash/apps/${targetAppId}/oauth_clients/${params.oauthClientId}`, {
99
+ body: HttpBody.unsafeJson({
100
+ client_id: params.clientId,
101
+ client_secret: params.clientSecret,
102
+ discovery_endpoint: params.discoveryEndpoint,
103
+ redirect_to: params.redirectTo,
104
+ meta: params.meta,
105
+ use_shared_credentials: params.useSharedCredentials,
80
106
  }),
81
107
  })
82
108
  .pipe(Effect.flatMap(HttpClientResponse.schemaBodyJson(AddOAuthClientResponse)));
@@ -154,6 +180,30 @@ export const getClientNameAndProvider = Effect.fn(function* (providerType, opts)
154
180
  }
155
181
  return { provider, clientName };
156
182
  });
183
+ export const findClientByIdOrName = Effect.fn(function* (params) {
184
+ if (params.id && params.name) {
185
+ return yield* BadArgsError.make({
186
+ message: 'Cannot specify both --id and --name',
187
+ });
188
+ }
189
+ if (!params.id && !params.name) {
190
+ return yield* BadArgsError.make({
191
+ message: 'Must specify --id or --name',
192
+ });
193
+ }
194
+ const auth = yield* getAppsAuth();
195
+ const clients = auth.oauth_clients ?? [];
196
+ const client = params.id
197
+ ? clients.find((entry) => entry.id === params.id)
198
+ : clients.find((entry) => entry.client_name === params.name);
199
+ if (!client) {
200
+ const lookup = params.id ? `id ${params.id}` : `name ${params.name}`;
201
+ return yield* BadArgsError.make({
202
+ message: `OAuth client not found: ${lookup}`,
203
+ });
204
+ }
205
+ return { auth, client };
206
+ });
157
207
  export const removeAuthorizedOrigin = Effect.fn(function* (originId) {
158
208
  const http = (yield* InstantHttpAuthed).pipe(withCommand('auth origin delete'));
159
209
  const { appId } = yield* CurrentApp;
package/dist/lib/oauth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/lib/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EACL,WAAW,EACX,WAAW,EACX,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAGrC,MAAM,CAAC,MAAM,uBAAuB,GAAG,MAAM,CAAC,OAAO,CACnD,SAAS,EACT,QAAQ,EACR,SAAS,EACT,eAAe,CAChB,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,OAAO,EAAE,uBAAuB;IAChC,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;CACzD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,aAAa,EAAE,MAAM,CAAC,MAAM;CAC7B,CAAC,CAAC;AAEH,MAAM,cAAc,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAClE,MAAM,CAAC,QAAQ,CAChB,CAAC;AAEF,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;IACvC,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,WAAW,EAAE,MAAM,CAAC,MAAM;IAC1B,SAAS,EAAE,cAAc;IACzB,WAAW,EAAE,MAAM,CAAC,MAAM;IAC1B,sBAAsB,EAAE,cAAc;IACtC,cAAc,EAAE,cAAc;IAC9B,kBAAkB,EAAE,cAAc;IAClC,WAAW,EAAE,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;CACvC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,MAAM,CAAC;IACpD,QAAQ,EAAE,oBAAoB;CAC/B,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAClD,MAAM,EAAE,WAAW;CACpB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,MAAM,CAAC;IACpD,MAAM,EAAE,gBAAgB;CACzB,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,CAAU,MAA8B,EAAE,EAAE,CAChE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CACvE,MAAM,CAAC,QAAQ,CAChB,CAAC;AAEJ,MAAM,CAAC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,2BAA2B,EAAE,aAAa,CAAC,gBAAgB,CAAC;IAC5D,uBAAuB,EAAE,aAAa,CAAC,oBAAoB,CAAC;IAC5D,aAAa,EAAE,aAAa,CAAC,WAAW,CAAC;CAC1C,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9C,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,GAAG,CAAC,cAAc,WAAW,OAAO,CAAC;SACrC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAC/E,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAGpD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9D,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,WAAW,0BAA0B,EAAE;QACzD,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,aAAa,EAAE,MAAM,CAAC,YAAY;SACnC,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CACZ,kBAAkB,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAC5D,CACF,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAWlD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9D,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,WAAW,gBAAgB,EAAE;QAC/C,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,SAAS,EAAE,MAAM,CAAC,QAAQ;YAC1B,aAAa,EAAE,MAAM,CAAC,YAAY;YAClC,sBAAsB,EAAE,MAAM,CAAC,qBAAqB;YACpD,cAAc,EAAE,MAAM,CAAC,aAAa;YACpC,kBAAkB,EAAE,MAAM,CAAC,iBAAiB;YAC5C,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,IAAI,EAAE,MAAM,CAAC,IAAI;SAClB,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,sBAAsB,CAAC,CAAC,CAC1E,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,wFAAwF;AACxF,8BAA8B;AAC9B,MAAM,CAAC,MAAM,oBAAoB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EACrD,aAAsB;IAEtB,IAAI,aAAa;QAAE,OAAO,aAAa,CAAC;IAExC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,WAAW,CAC/B,IAAI,EAAE,CAAC,SAAS,CAAC;QACf,MAAM,EAAE,EAAE;QACV,WAAW,EAAE,qCAAqC;QAClD,YAAY,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC;YAC/B,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE;gBACjB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;oBACtB,OAAO,CACL;EACZ,KAAK,CAAC,GAAG,CAAC,4GAA4G,CAAC;EACvH,KAAK,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,kDAAkD,CAAC,uCAAuC,CAAC,MAAM;wBAChI,mBAAmB,CAAC,MAAM,CAAC,CAC5B,CAAC;gBACJ,CAAC;gBACD,OAAO,sCAAsC,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7E,CAAC;YACD,EAAE,CAAC,SAAS,CAAC,aAAa;SAC3B,CAAC;KACH,CAAC,CACH,CAAC,IAAI,CACJ,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAC/B,YAAY,CAAC,IAAI,CAAC;QAChB,OAAO,EAAE,8BAA8B,CAAC,CAAC,OAAO,EAAE;KACnD,CAAC,CACH,CACF,CAAC;IAEF,OAAO,MAAM,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC;AAC5C,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EACpD,IAAkC;IAElC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,uBAAuB,EAAE,IAAI,CACjD,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,KAAK,IAAI,CACxC,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,gBAAgB,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAChE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;AAC9C,CAAC,CAAC,CAAC;AAEH,sEAAsE;AACtE,6EAA6E;AAC7E,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,MAAc,EAAE,IAAiB,EAAE,EAAE;IAC5D,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACtB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,GAAI,CAAC,EAAE,EAAE,CAAC;QACtB,MAAM,SAAS,GAAG,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACzB,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EACzD,YAA0C,EAC1C,IAA6B;IAE7B,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;IACpE,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,CAC/D,CAAC;IACF,MAAM,mBAAmB,GAAG,QAAQ,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IAEpE,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE;QAC/C,UAAU,EAAE,QAAQ;QACpB,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,KAAK;QACb,MAAM,EAAE;YACN,MAAM,EAAE,cAAc;YACtB,YAAY,EAAE,mBAAmB;YACjC,WAAW,EAAE,mBAAmB;YAChC,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC;gBAC/B,EAAE,CAAC,SAAS,CAAC,UAAU;gBACvB,EAAE,CAAC,SAAS,CAAC,aAAa;aAC3B,CAAC;SACH;KACF,CAAC,CAAC;IAEH,IAAI,eAAe,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;YAC9B,OAAO,EAAE,oBAAoB,UAAU,sBAAsB;SAC9D,CAAC,CAAC;IACL,CAAC;IACD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;AAClC,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,QAAgB;IACzE,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAC1C,WAAW,CAAC,oBAAoB,CAAC,CAClC,CAAC;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC;IAEpC,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,GAAG,CAAC,cAAc,KAAK,gCAAgC,QAAQ,EAAE,CAAC;SAClE,IAAI,CACH,MAAM,CAAC,OAAO,CACZ,kBAAkB,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAC5D,CACF,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAGvD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC7E,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC;IAEpC,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,KAAK,8BAA8B,EAAE;QACvD,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CACZ,kBAAkB,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAC5D,CACF,CAAC;AACN,CAAC,CAAC,CAAC","sourcesContent":["import { HttpBody, HttpClientResponse } from '@effect/platform';\nimport { Effect, Schema } from 'effect';\nimport { CurrentApp } from '../context/currentApp.ts';\nimport { InstantHttpAuthed, withCommand } from './http.ts';\nimport chalk from 'chalk';\nimport {\n optOrPrompt,\n runUIEffect,\n stripFirstBlankLine,\n validateRequired,\n} from './ui.ts';\nimport { UI } from '../ui/index.ts';\nimport { BadArgsError } from '../errors.ts';\nimport { link } from '../logging.ts';\nimport type { ClientTypeSchema } from '../commands/auth/client/add.ts';\n\nexport const AuthorizedOriginService = Schema.Literal(\n 'generic',\n 'vercel',\n 'netlify',\n 'custom-scheme',\n);\n\nexport const AuthorizedOrigin = Schema.Struct({\n id: Schema.String,\n service: AuthorizedOriginService,\n params: Schema.Array(Schema.String).pipe(Schema.mutable),\n});\n\nexport const OAuthServiceProvider = Schema.Struct({\n id: Schema.String,\n provider_name: Schema.String,\n});\n\nconst NullableString = Schema.Union(Schema.String, Schema.Null).pipe(\n Schema.optional,\n);\n\nexport const OAuthClient = Schema.Struct({\n id: Schema.String,\n client_name: Schema.String,\n client_id: NullableString,\n provider_id: Schema.String,\n authorization_endpoint: NullableString,\n token_endpoint: NullableString,\n discovery_endpoint: NullableString,\n redirect_to: NullableString,\n meta: Schema.Any.pipe(Schema.optional),\n});\n\nexport const AddOAuthProviderResponse = Schema.Struct({\n provider: OAuthServiceProvider,\n});\n\nexport const AddOAuthClientResponse = Schema.Struct({\n client: OAuthClient,\n});\n\nexport const AuthorizedOriginResponse = Schema.Struct({\n origin: AuthorizedOrigin,\n});\n\nconst NullableArray = <A, I, R>(schema: Schema.Schema<A, I, R>) =>\n Schema.Union(Schema.Array(schema).pipe(Schema.mutable), Schema.Null).pipe(\n Schema.optional,\n );\n\nexport const AppsAuthResponse = Schema.Struct({\n authorized_redirect_origins: NullableArray(AuthorizedOrigin),\n oauth_service_providers: NullableArray(OAuthServiceProvider),\n oauth_clients: NullableArray(OAuthClient),\n});\n\nexport const getAppsAuth = Effect.fn(function* () {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = (yield* CurrentApp).appId;\n\n return yield* http\n .get(`/dash/apps/${targetAppId}/auth`)\n .pipe(Effect.flatMap(HttpClientResponse.schemaBodyJson(AppsAuthResponse)));\n});\n\nexport const addOAuthProvider = Effect.fn(function* (params: {\n appId?: string;\n providerName: string;\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = params.appId ?? (yield* CurrentApp).appId;\n\n return yield* http\n .post(`/dash/apps/${targetAppId}/oauth_service_providers`, {\n body: HttpBody.unsafeJson({\n provider_name: params.providerName,\n }),\n })\n .pipe(\n Effect.flatMap(\n HttpClientResponse.schemaBodyJson(AddOAuthProviderResponse),\n ),\n );\n});\n\nexport const addOAuthClient = Effect.fn(function* (params: {\n appId?: string;\n providerId: string;\n clientName: string;\n clientId?: string;\n clientSecret?: string;\n authorizationEndpoint?: string;\n tokenEndpoint?: string;\n discoveryEndpoint?: string;\n redirectTo?: string;\n meta?: unknown;\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = params.appId ?? (yield* CurrentApp).appId;\n\n return yield* http\n .post(`/dash/apps/${targetAppId}/oauth_clients`, {\n body: HttpBody.unsafeJson({\n provider_id: params.providerId,\n client_name: params.clientName,\n client_id: params.clientId,\n client_secret: params.clientSecret,\n authorization_endpoint: params.authorizationEndpoint,\n token_endpoint: params.tokenEndpoint,\n discovery_endpoint: params.discoveryEndpoint,\n redirect_to: params.redirectTo,\n meta: params.meta,\n }),\n })\n .pipe(\n Effect.flatMap(HttpClientResponse.schemaBodyJson(AddOAuthClientResponse)),\n );\n});\n\n// Due to the long prompt text, we use modifiers to manually create the prompt so we can\n// change it after submission.\nexport const promptForRedirectURI = Effect.fn(function* (\n existingValue?: string,\n) {\n if (existingValue) return existingValue;\n\n const result = yield* runUIEffect(\n new UI.TextInput({\n prompt: '',\n placeholder: 'https://yoursite.com/oauth/callback',\n modifyOutput: UI.modifiers.piped([\n (output, status) => {\n if (status === 'idle') {\n return (\n `\\nCustom redirect URL (optional):\n${chalk.dim('With a custom redirect URL, users will see \"Redirecting to yoursite.com...\" for a more branded experience.')}\n${chalk.dim(`Your URL must forward to ${link('https://api.instantdb.com/runtime/oauth/callback')} with all query parameters preserved.`)}\\n\\n` +\n stripFirstBlankLine(output)\n );\n }\n return `\\nCustom redirect URL (optional):\\n${stripFirstBlankLine(output)}`;\n },\n UI.modifiers.dimOnComplete,\n ]),\n }),\n ).pipe(\n Effect.catchTag('UIError', (e) =>\n BadArgsError.make({\n message: `UI error for redirect URI: ${e.message}`,\n }),\n ),\n );\n\n return result === '' ? undefined : result;\n});\n\nexport const getOrCreateProvider = Effect.fn(function* (\n type: typeof ClientTypeSchema.Type,\n) {\n const auth = yield* getAppsAuth();\n const provider = auth.oauth_service_providers?.find(\n (entry) => entry.provider_name === type,\n );\n\n if (provider) {\n return { auth, provider };\n }\n\n const created = yield* addOAuthProvider({ providerName: type });\n return { auth, provider: created.provider };\n});\n\n// Returns prefix if unused; otherwise appends integers starting at 2.\n// e.g. findName('google', new Set(['google', 'google2'])) returns 'google3'.\nexport const findName = (prefix: string, used: Set<string>) => {\n if (!used.has(prefix)) {\n return prefix;\n }\n\n for (let i = 2; ; i++) {\n const candidate = `${prefix}${i}`;\n if (!used.has(candidate)) {\n return candidate;\n }\n }\n};\n\nexport const getClientNameAndProvider = Effect.fn(function* (\n providerType: typeof ClientTypeSchema.Type,\n opts: Record<string, unknown>,\n) {\n const { auth, provider } = yield* getOrCreateProvider(providerType);\n const usedClientNames = new Set(\n (auth.oauth_clients ?? []).map((client) => client.client_name),\n );\n const suggestedClientName = findName(providerType, usedClientNames);\n\n const clientName = yield* optOrPrompt(opts.name, {\n simpleName: '--name',\n required: true,\n skipIf: false,\n prompt: {\n prompt: 'Client Name:',\n defaultValue: suggestedClientName,\n placeholder: suggestedClientName,\n validate: validateRequired,\n modifyOutput: UI.modifiers.piped([\n UI.modifiers.topPadding,\n UI.modifiers.dimOnComplete,\n ]),\n },\n });\n\n if (usedClientNames.has(clientName || '')) {\n return yield* BadArgsError.make({\n message: `The unique name '${clientName}' is already in use.`,\n });\n }\n return { provider, clientName };\n});\n\nexport const removeAuthorizedOrigin = Effect.fn(function* (originId: string) {\n const http = (yield* InstantHttpAuthed).pipe(\n withCommand('auth origin delete'),\n );\n const { appId } = yield* CurrentApp;\n\n return yield* http\n .del(`/dash/apps/${appId}/authorized_redirect_origins/${originId}`)\n .pipe(\n Effect.flatMap(\n HttpClientResponse.schemaBodyJson(AuthorizedOriginResponse),\n ),\n );\n});\n\nexport const addAuthorizedOrigin = Effect.fn(function* (params: {\n service: Schema.Schema.Type<typeof AuthorizedOriginService>;\n params: string[];\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth origin add'));\n const { appId } = yield* CurrentApp;\n\n return yield* http\n .post(`/dash/apps/${appId}/authorized_redirect_origins`, {\n body: HttpBody.unsafeJson({\n service: params.service,\n params: params.params,\n }),\n })\n .pipe(\n Effect.flatMap(\n HttpClientResponse.schemaBodyJson(AuthorizedOriginResponse),\n ),\n );\n});\n"]}
1
+ {"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/lib/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EACL,WAAW,EACX,WAAW,EACX,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAGrC,MAAM,CAAC,MAAM,uBAAuB,GAAG,MAAM,CAAC,OAAO,CACnD,SAAS,EACT,QAAQ,EACR,SAAS,EACT,eAAe,CAChB,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,OAAO,EAAE,uBAAuB;IAChC,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;CACzD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,aAAa,EAAE,MAAM,CAAC,MAAM;CAC7B,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,OAAO,CAC/C,KAAK,EACL,KAAK,EACL,SAAS,EACT,gBAAgB,CACjB,CAAC;AAEF,MAAM,cAAc,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAClE,MAAM,CAAC,QAAQ,CAChB,CAAC;AAEF,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CACpE,MAAM,CAAC,QAAQ,CAChB,CAAC;AAEF,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,gFAAgF;IAChF,qEAAqE;IACrE,8DAA8D;IAC9D,OAAO,EAAE,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;CACnD,CAAC,CAAC,IAAI,CACL,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CACxE,CAAC;AAEF,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;IACvC,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,WAAW,EAAE,MAAM,CAAC,MAAM;IAC1B,SAAS,EAAE,cAAc;IACzB,WAAW,EAAE,MAAM,CAAC,MAAM;IAC1B,sBAAsB,EAAE,cAAc;IACtC,cAAc,EAAE,cAAc;IAC9B,kBAAkB,EAAE,cAAc;IAClC,WAAW,EAAE,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;IACtE,sBAAsB,EAAE,eAAe;CACxC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,MAAM,CAAC;IACpD,QAAQ,EAAE,oBAAoB;CAC/B,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAClD,MAAM,EAAE,WAAW;CACpB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,MAAM,CAAC;IACpD,MAAM,EAAE,gBAAgB;CACzB,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,CAAU,MAA8B,EAAE,EAAE,CAChE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CACvE,MAAM,CAAC,QAAQ,CAChB,CAAC;AAEJ,MAAM,CAAC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,2BAA2B,EAAE,aAAa,CAAC,gBAAgB,CAAC;IAC5D,uBAAuB,EAAE,aAAa,CAAC,oBAAoB,CAAC;IAC5D,aAAa,EAAE,aAAa,CAAC,WAAW,CAAC;CAC1C,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9C,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,GAAG,CAAC,cAAc,WAAW,OAAO,CAAC;SACrC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAC/E,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAGpD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9D,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,WAAW,0BAA0B,EAAE;QACzD,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,aAAa,EAAE,MAAM,CAAC,YAAY;SACnC,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CACZ,kBAAkB,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAC5D,CACF,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAYlD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9D,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,WAAW,gBAAgB,EAAE;QAC/C,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,SAAS,EAAE,MAAM,CAAC,QAAQ;YAC1B,aAAa,EAAE,MAAM,CAAC,YAAY;YAClC,sBAAsB,EAAE,MAAM,CAAC,qBAAqB;YACpD,cAAc,EAAE,MAAM,CAAC,aAAa;YACpC,kBAAkB,EAAE,MAAM,CAAC,iBAAiB;YAC5C,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,sBAAsB,EAAE,MAAM,CAAC,oBAAoB;SACpD,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,sBAAsB,CAAC,CAAC,CAC1E,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,iBAAiB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAQrD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;IAE9C,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,WAAW,kBAAkB,MAAM,CAAC,aAAa,EAAE,EAAE;QACvE,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,SAAS,EAAE,MAAM,CAAC,QAAQ;YAC1B,aAAa,EAAE,MAAM,CAAC,YAAY;YAClC,kBAAkB,EAAE,MAAM,CAAC,iBAAiB;YAC5C,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,sBAAsB,EAAE,MAAM,CAAC,oBAAoB;SACpD,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,sBAAsB,CAAC,CAAC,CAC1E,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,wFAAwF;AACxF,8BAA8B;AAC9B,MAAM,CAAC,MAAM,oBAAoB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EACrD,aAAsB;IAEtB,IAAI,aAAa;QAAE,OAAO,aAAa,CAAC;IAExC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,WAAW,CAC/B,IAAI,EAAE,CAAC,SAAS,CAAC;QACf,MAAM,EAAE,EAAE;QACV,WAAW,EAAE,qCAAqC;QAClD,YAAY,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC;YAC/B,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE;gBACjB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;oBACtB,OAAO,CACL;EACZ,KAAK,CAAC,GAAG,CAAC,4GAA4G,CAAC;EACvH,KAAK,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,kDAAkD,CAAC,uCAAuC,CAAC,MAAM;wBAChI,mBAAmB,CAAC,MAAM,CAAC,CAC5B,CAAC;gBACJ,CAAC;gBACD,OAAO,sCAAsC,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7E,CAAC;YACD,EAAE,CAAC,SAAS,CAAC,aAAa;SAC3B,CAAC;KACH,CAAC,CACH,CAAC,IAAI,CACJ,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAC/B,YAAY,CAAC,IAAI,CAAC;QAChB,OAAO,EAAE,8BAA8B,CAAC,CAAC,OAAO,EAAE;KACnD,CAAC,CACH,CACF,CAAC;IAEF,OAAO,MAAM,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC;AAC5C,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EACpD,IAAkC;IAElC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,uBAAuB,EAAE,IAAI,CACjD,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,KAAK,IAAI,CACxC,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,gBAAgB,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAChE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;AAC9C,CAAC,CAAC,CAAC;AAEH,sEAAsE;AACtE,6EAA6E;AAC7E,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,MAAc,EAAE,IAAiB,EAAE,EAAE;IAC5D,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACtB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,GAAI,CAAC,EAAE,EAAE,CAAC;QACtB,MAAM,SAAS,GAAG,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACzB,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EACzD,YAA0C,EAC1C,IAA6B;IAE7B,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;IACpE,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,CAC/D,CAAC;IACF,MAAM,mBAAmB,GAAG,QAAQ,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IAEpE,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE;QAC/C,UAAU,EAAE,QAAQ;QACpB,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,KAAK;QACb,MAAM,EAAE;YACN,MAAM,EAAE,cAAc;YACtB,YAAY,EAAE,mBAAmB;YACjC,WAAW,EAAE,mBAAmB;YAChC,QAAQ,EAAE,gBAAgB;YAC1B,YAAY,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC;gBAC/B,EAAE,CAAC,SAAS,CAAC,UAAU;gBACvB,EAAE,CAAC,SAAS,CAAC,aAAa;aAC3B,CAAC;SACH;KACF,CAAC,CAAC;IAEH,IAAI,eAAe,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;YAC9B,OAAO,EAAE,oBAAoB,UAAU,sBAAsB;SAC9D,CAAC,CAAC;IACL,CAAC;IACD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;AAClC,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAGxD;IACC,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;YAC9B,OAAO,EAAE,qCAAqC;SAC/C,CAAC,CAAC;IACL,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;YAC9B,OAAO,EAAE,6BAA6B;SACvC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;IACzC,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE;QACtB,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,CAAC;QACjD,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC;IAE/D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACrE,OAAO,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;YAC9B,OAAO,EAAE,2BAA2B,MAAM,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;AAC1B,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,QAAgB;IACzE,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAC1C,WAAW,CAAC,oBAAoB,CAAC,CAClC,CAAC;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC;IAEpC,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,GAAG,CAAC,cAAc,KAAK,gCAAgC,QAAQ,EAAE,CAAC;SAClE,IAAI,CACH,MAAM,CAAC,OAAO,CACZ,kBAAkB,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAC5D,CACF,CAAC;AACN,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,MAGvD;IACC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC7E,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC;IAEpC,OAAO,KAAK,CAAC,CAAC,IAAI;SACf,IAAI,CAAC,cAAc,KAAK,8BAA8B,EAAE;QACvD,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC;YACxB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB,CAAC;KACH,CAAC;SACD,IAAI,CACH,MAAM,CAAC,OAAO,CACZ,kBAAkB,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAC5D,CACF,CAAC;AACN,CAAC,CAAC,CAAC","sourcesContent":["import { HttpBody, HttpClientResponse } from '@effect/platform';\nimport { Effect, Schema } from 'effect';\nimport { CurrentApp } from '../context/currentApp.ts';\nimport { InstantHttpAuthed, withCommand } from './http.ts';\nimport chalk from 'chalk';\nimport {\n optOrPrompt,\n runUIEffect,\n stripFirstBlankLine,\n validateRequired,\n} from './ui.ts';\nimport { UI } from '../ui/index.ts';\nimport { BadArgsError } from '../errors.ts';\nimport { link } from '../logging.ts';\nimport type { ClientTypeSchema } from '../commands/auth/client/add.ts';\n\nexport const AuthorizedOriginService = Schema.Literal(\n 'generic',\n 'vercel',\n 'netlify',\n 'custom-scheme',\n);\n\nexport const AuthorizedOrigin = Schema.Struct({\n id: Schema.String,\n service: AuthorizedOriginService,\n params: Schema.Array(Schema.String).pipe(Schema.mutable),\n});\n\nexport const OAuthServiceProvider = Schema.Struct({\n id: Schema.String,\n provider_name: Schema.String,\n});\n\nexport const GoogleAppTypeSchema = Schema.Literal(\n 'web',\n 'ios',\n 'android',\n 'button-for-web',\n);\n\nconst NullableString = Schema.Union(Schema.String, Schema.Null).pipe(\n Schema.optional,\n);\n\nconst NullableBoolean = Schema.Union(Schema.Boolean, Schema.Null).pipe(\n Schema.optional,\n);\n\nconst OAuthClientMeta = Schema.Struct({\n // Currently the CLI only reads Google app type from meta. Other providers store\n // different meta shapes, so keep the rest open until we have a clean\n // top-level discriminator for a full provider-specific union.\n appType: GoogleAppTypeSchema.pipe(Schema.optional),\n}).pipe(\n Schema.extend(Schema.Record({ key: Schema.String, value: Schema.Any })),\n);\n\nexport const OAuthClient = Schema.Struct({\n id: Schema.String,\n client_name: Schema.String,\n client_id: NullableString,\n provider_id: Schema.String,\n authorization_endpoint: NullableString,\n token_endpoint: NullableString,\n discovery_endpoint: NullableString,\n redirect_to: NullableString,\n meta: Schema.Union(OAuthClientMeta, Schema.Null).pipe(Schema.optional),\n use_shared_credentials: NullableBoolean,\n});\n\nexport const AddOAuthProviderResponse = Schema.Struct({\n provider: OAuthServiceProvider,\n});\n\nexport const AddOAuthClientResponse = Schema.Struct({\n client: OAuthClient,\n});\n\nexport const AuthorizedOriginResponse = Schema.Struct({\n origin: AuthorizedOrigin,\n});\n\nconst NullableArray = <A, I, R>(schema: Schema.Schema<A, I, R>) =>\n Schema.Union(Schema.Array(schema).pipe(Schema.mutable), Schema.Null).pipe(\n Schema.optional,\n );\n\nexport const AppsAuthResponse = Schema.Struct({\n authorized_redirect_origins: NullableArray(AuthorizedOrigin),\n oauth_service_providers: NullableArray(OAuthServiceProvider),\n oauth_clients: NullableArray(OAuthClient),\n});\n\nexport const getAppsAuth = Effect.fn(function* () {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = (yield* CurrentApp).appId;\n\n return yield* http\n .get(`/dash/apps/${targetAppId}/auth`)\n .pipe(Effect.flatMap(HttpClientResponse.schemaBodyJson(AppsAuthResponse)));\n});\n\nexport const addOAuthProvider = Effect.fn(function* (params: {\n appId?: string;\n providerName: string;\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = params.appId ?? (yield* CurrentApp).appId;\n\n return yield* http\n .post(`/dash/apps/${targetAppId}/oauth_service_providers`, {\n body: HttpBody.unsafeJson({\n provider_name: params.providerName,\n }),\n })\n .pipe(\n Effect.flatMap(\n HttpClientResponse.schemaBodyJson(AddOAuthProviderResponse),\n ),\n );\n});\n\nexport const addOAuthClient = Effect.fn(function* (params: {\n appId?: string;\n providerId: string;\n clientName: string;\n clientId?: string;\n clientSecret?: string;\n authorizationEndpoint?: string;\n tokenEndpoint?: string;\n discoveryEndpoint?: string;\n redirectTo?: string;\n meta?: unknown;\n useSharedCredentials?: boolean;\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = params.appId ?? (yield* CurrentApp).appId;\n\n return yield* http\n .post(`/dash/apps/${targetAppId}/oauth_clients`, {\n body: HttpBody.unsafeJson({\n provider_id: params.providerId,\n client_name: params.clientName,\n client_id: params.clientId,\n client_secret: params.clientSecret,\n authorization_endpoint: params.authorizationEndpoint,\n token_endpoint: params.tokenEndpoint,\n discovery_endpoint: params.discoveryEndpoint,\n redirect_to: params.redirectTo,\n meta: params.meta,\n use_shared_credentials: params.useSharedCredentials,\n }),\n })\n .pipe(\n Effect.flatMap(HttpClientResponse.schemaBodyJson(AddOAuthClientResponse)),\n );\n});\n\nexport const updateOAuthClient = Effect.fn(function* (params: {\n oauthClientId: string;\n clientId?: string | null;\n clientSecret?: string | null;\n discoveryEndpoint?: string | null;\n redirectTo?: string | null;\n meta?: unknown;\n useSharedCredentials?: boolean | null;\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth'));\n const targetAppId = (yield* CurrentApp).appId;\n\n return yield* http\n .post(`/dash/apps/${targetAppId}/oauth_clients/${params.oauthClientId}`, {\n body: HttpBody.unsafeJson({\n client_id: params.clientId,\n client_secret: params.clientSecret,\n discovery_endpoint: params.discoveryEndpoint,\n redirect_to: params.redirectTo,\n meta: params.meta,\n use_shared_credentials: params.useSharedCredentials,\n }),\n })\n .pipe(\n Effect.flatMap(HttpClientResponse.schemaBodyJson(AddOAuthClientResponse)),\n );\n});\n\n// Due to the long prompt text, we use modifiers to manually create the prompt so we can\n// change it after submission.\nexport const promptForRedirectURI = Effect.fn(function* (\n existingValue?: string,\n) {\n if (existingValue) return existingValue;\n\n const result = yield* runUIEffect(\n new UI.TextInput({\n prompt: '',\n placeholder: 'https://yoursite.com/oauth/callback',\n modifyOutput: UI.modifiers.piped([\n (output, status) => {\n if (status === 'idle') {\n return (\n `\\nCustom redirect URL (optional):\n${chalk.dim('With a custom redirect URL, users will see \"Redirecting to yoursite.com...\" for a more branded experience.')}\n${chalk.dim(`Your URL must forward to ${link('https://api.instantdb.com/runtime/oauth/callback')} with all query parameters preserved.`)}\\n\\n` +\n stripFirstBlankLine(output)\n );\n }\n return `\\nCustom redirect URL (optional):\\n${stripFirstBlankLine(output)}`;\n },\n UI.modifiers.dimOnComplete,\n ]),\n }),\n ).pipe(\n Effect.catchTag('UIError', (e) =>\n BadArgsError.make({\n message: `UI error for redirect URI: ${e.message}`,\n }),\n ),\n );\n\n return result === '' ? undefined : result;\n});\n\nexport const getOrCreateProvider = Effect.fn(function* (\n type: typeof ClientTypeSchema.Type,\n) {\n const auth = yield* getAppsAuth();\n const provider = auth.oauth_service_providers?.find(\n (entry) => entry.provider_name === type,\n );\n\n if (provider) {\n return { auth, provider };\n }\n\n const created = yield* addOAuthProvider({ providerName: type });\n return { auth, provider: created.provider };\n});\n\n// Returns prefix if unused; otherwise appends integers starting at 2.\n// e.g. findName('google', new Set(['google', 'google2'])) returns 'google3'.\nexport const findName = (prefix: string, used: Set<string>) => {\n if (!used.has(prefix)) {\n return prefix;\n }\n\n for (let i = 2; ; i++) {\n const candidate = `${prefix}${i}`;\n if (!used.has(candidate)) {\n return candidate;\n }\n }\n};\n\nexport const getClientNameAndProvider = Effect.fn(function* (\n providerType: typeof ClientTypeSchema.Type,\n opts: Record<string, unknown>,\n) {\n const { auth, provider } = yield* getOrCreateProvider(providerType);\n const usedClientNames = new Set(\n (auth.oauth_clients ?? []).map((client) => client.client_name),\n );\n const suggestedClientName = findName(providerType, usedClientNames);\n\n const clientName = yield* optOrPrompt(opts.name, {\n simpleName: '--name',\n required: true,\n skipIf: false,\n prompt: {\n prompt: 'Client Name:',\n defaultValue: suggestedClientName,\n placeholder: suggestedClientName,\n validate: validateRequired,\n modifyOutput: UI.modifiers.piped([\n UI.modifiers.topPadding,\n UI.modifiers.dimOnComplete,\n ]),\n },\n });\n\n if (usedClientNames.has(clientName || '')) {\n return yield* BadArgsError.make({\n message: `The unique name '${clientName}' is already in use.`,\n });\n }\n return { provider, clientName };\n});\n\nexport const findClientByIdOrName = Effect.fn(function* (params: {\n id?: string;\n name?: string;\n}) {\n if (params.id && params.name) {\n return yield* BadArgsError.make({\n message: 'Cannot specify both --id and --name',\n });\n }\n if (!params.id && !params.name) {\n return yield* BadArgsError.make({\n message: 'Must specify --id or --name',\n });\n }\n\n const auth = yield* getAppsAuth();\n const clients = auth.oauth_clients ?? [];\n const client = params.id\n ? clients.find((entry) => entry.id === params.id)\n : clients.find((entry) => entry.client_name === params.name);\n\n if (!client) {\n const lookup = params.id ? `id ${params.id}` : `name ${params.name}`;\n return yield* BadArgsError.make({\n message: `OAuth client not found: ${lookup}`,\n });\n }\n\n return { auth, client };\n});\n\nexport const removeAuthorizedOrigin = Effect.fn(function* (originId: string) {\n const http = (yield* InstantHttpAuthed).pipe(\n withCommand('auth origin delete'),\n );\n const { appId } = yield* CurrentApp;\n\n return yield* http\n .del(`/dash/apps/${appId}/authorized_redirect_origins/${originId}`)\n .pipe(\n Effect.flatMap(\n HttpClientResponse.schemaBodyJson(AuthorizedOriginResponse),\n ),\n );\n});\n\nexport const addAuthorizedOrigin = Effect.fn(function* (params: {\n service: Schema.Schema.Type<typeof AuthorizedOriginService>;\n params: string[];\n}) {\n const http = (yield* InstantHttpAuthed).pipe(withCommand('auth origin add'));\n const { appId } = yield* CurrentApp;\n\n return yield* http\n .post(`/dash/apps/${appId}/authorized_redirect_origins`, {\n body: HttpBody.unsafeJson({\n service: params.service,\n params: params.params,\n }),\n })\n .pipe(\n Effect.flatMap(\n HttpClientResponse.schemaBodyJson(AuthorizedOriginResponse),\n ),\n );\n});\n"]}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "instant-cli",
3
3
  "type": "module",
4
- "version": "1.0.22",
4
+ "version": "1.0.23-branch-cli-codex-update.25390498340.1",
5
5
  "description": "Instant's CLI",
6
6
  "license": "Apache-2.0",
7
7
  "homepage": "https://github.com/instantdb/instant/tree/main/client/packages/cli",
@@ -50,9 +50,9 @@
50
50
  "strip-ansi": "^7.1.2",
51
51
  "supports-hyperlinks": "^4.4.0",
52
52
  "unconfig": "^7.5.0",
53
- "@instantdb/core": "1.0.22",
54
- "@instantdb/platform": "1.0.22",
55
- "@instantdb/version": "1.0.22"
53
+ "@instantdb/core": "1.0.23-branch-cli-codex-update.25390498340.1",
54
+ "@instantdb/platform": "1.0.23-branch-cli-codex-update.25390498340.1",
55
+ "@instantdb/version": "1.0.23-branch-cli-codex-update.25390498340.1"
56
56
  },
57
57
  "devDependencies": {
58
58
  "@babel/core": "^7.17.9",