kontexted 0.1.16 → 0.1.18

package/dist/commands/relogin.d.ts

@@ -0,0 +1,2 @@
+import type { Command } from "commander";
+export declare function registerReLoginCommand(program: Command): void;

package/dist/commands/relogin.js

@@ -0,0 +1,55 @@
+import { readConfig, writeConfig } from "../lib/config.js";
+import { getProfile, addProfile } from "../lib/profile.js";
+import { createOAuthProvider, waitForOAuthCallback } from "../lib/oauth.js";
+import { logDebug } from "../lib/logger.js";
+export function registerReLoginCommand(program) {
+    program
+        .command("relogin")
+        .description("Re-authenticate an existing profile to refresh tokens")
+        .requiredOption("--alias <name>", "Profile alias to re-authenticate")
+        .action(async (options) => {
+        // Read existing config
+        const config = await readConfig();
+        const existingProfile = getProfile(config, options.alias);
+        if (!existingProfile) {
+            throw new Error(`Profile not found: ${options.alias}. Use 'kontexted login --url <url> --alias ${options.alias} --workspace <slug>' to create a new profile.`);
+        }
+        const serverUrl = existingProfile.serverUrl;
+        logDebug(`[RELOGIN] Starting re-auth flow - Alias: ${options.alias}, Server: ${serverUrl}`);
+        // Create a new OAuth state that preserves client information from existing profile
+        const oauth = {
+            clientInformation: existingProfile.oauth?.clientInformation,
+            clientMetadata: existingProfile.oauth?.clientMetadata,
+        };
+        const persist = async () => {
+            // Update the profile in config with new OAuth state
+            const updatedProfile = {
+                ...existingProfile,
+                oauth,
+            };
+            addProfile(config, options.alias, updatedProfile);
+            await writeConfig(config);
+        };
+        // Create OAuth provider with existing client info
+        const provider = createOAuthProvider(oauth, persist, serverUrl);
+        // 1. If no client information exists, register a new OAuth client
+        if (!oauth.clientInformation) {
+            logDebug(`[RELOGIN] No existing client information, registering new OAuth client...`);
+            await provider.registerClient();
+        }
+        else {
+            logDebug(`[RELOGIN] Using existing client information: ${oauth.clientInformation.client_id}`);
+        }
+        // 2. Get authorization URL and open browser
+        const authUrl = await provider.getAuthorizationUrl();
+        logDebug(`[RELOGIN] Opening browser for authorization...`);
+        provider.redirectToAuthorization(authUrl);
+        // 3. Wait for callback with auth code
+        logDebug(`[RELOGIN] Waiting for authorization callback...`);
+        const authCode = await waitForOAuthCallback();
+        // 4. Exchange code for tokens
+        logDebug(`[RELOGIN] Exchanging authorization code for tokens...`);
+        await provider.exchangeCodeForToken(authCode);
+        console.log(`✓ Re-authentication successful. Tokens refreshed for profile: ${options.alias}`);
+    });
+}

package/dist/index.js

@@ -4,6 +4,7 @@ import { fileURLToPath } from "node:url";
 import { dirname, join } from "node:path";
 import { Command } from "commander";
 import { registerLoginCommand } from "./commands/login.js";
+import { registerReLoginCommand } from "./commands/relogin.js";
 import { registerLogoutCommand } from "./commands/logout.js";
 import { registerShowConfigCommand } from "./commands/show-config.js";
 import { registerMcpCommand } from "./commands/mcp.js";
@@ -20,6 +21,7 @@ program
     .version(packageJson.version);
 // Register subcommands
 registerLoginCommand(program);
+registerReLoginCommand(program);
 registerLogoutCommand(program);
 registerShowConfigCommand(program);
 registerSkillCommand(program);

package/dist/lib/api-client.js

@@ -104,6 +104,7 @@ export class ApiClient {
                     refresh_token: this.oauth.tokens.refresh_token,
                     client_id: this.oauth.clientInformation?.client_id ?? "",
                     client_secret: this.oauth.clientInformation?.client_secret ?? "",
+                    resource: this.serverUrl,
                 }),
             });
             logDebug(`[API CLIENT] Token refresh response status: ${response.status}`);
@@ -112,12 +113,16 @@ export class ApiClient {
                 logError(`[API CLIENT] Failed to refresh access token - Status: ${response.status}, Error: ${errorText}`);
                 return false;
             }
-            const tokens = (await response.json());
-            // Calculate absolute expiry time if not provided by server
-            if (tokens.expires_in && !tokens.expires_at) {
-                tokens.expires_at = Math.floor(Date.now() / 1000) + tokens.expires_in;
+            const newTokens = (await response.json());
+            // Merge with existing to preserve refresh_token if not returned by server
+            if (newTokens.expires_in && !newTokens.expires_at) {
+                newTokens.expires_at = Math.floor(Date.now() / 1000) + newTokens.expires_in;
             }
-            this.oauth.tokens = tokens;
+            this.oauth.tokens = {
+                ...this.oauth.tokens,
+                ...newTokens,
+                refresh_token: newTokens.refresh_token ?? this.oauth.tokens?.refresh_token,
+            };
             await this.persist();
             logDebug("[API CLIENT] Token refresh successful");
             return true;

package/dist/lib/oauth.js

@@ -347,7 +347,12 @@ export async function ensureValidTokens(oauth, persist, serverUrl) {
         if (newTokens.expires_in && !newTokens.expires_at) {
             newTokens.expires_at = Math.floor(Date.now() / 1000) + newTokens.expires_in;
         }
-        oauth.tokens = newTokens;
+        // Merge with existing to preserve refresh_token if not returned by server
+        oauth.tokens = {
+            ...oauth.tokens,
+            ...newTokens,
+            refresh_token: newTokens.refresh_token ?? oauth.tokens?.refresh_token,
+        };
         await persist();
         logInfo("Token refresh successful", {
             newExpiresAt: newTokens.expires_at,

package/dist/lib/sync/remote-listener.d.ts

@@ -13,6 +13,7 @@ export declare class RemoteListener {
     private reconnectAttempts;
     private maxReconnectAttempts;
     private reconnectDelay;
+    private readonly TOKEN_REFRESH_BUFFER_SECONDS;
     private isRunning;
     private reconnectTimeout;
     private onStopped?;

package/dist/lib/sync/remote-listener.js

@@ -11,6 +11,7 @@ export class RemoteListener {
     reconnectAttempts = 0;
     maxReconnectAttempts = 10;
     reconnectDelay = 1000;
+    TOKEN_REFRESH_BUFFER_SECONDS = 5 * 60; // Refresh 5 minutes before expiry
     isRunning = false;
     reconnectTimeout = null;
     onStopped;
@@ -42,7 +43,22 @@ export class RemoteListener {
         }
         const url = `${this.apiClient.baseUrl}/api/sync/events?workspaceSlug=${encodeURIComponent(this.workspaceSlug)}`;
         this.abortController = new AbortController();
-        // Get fresh token before connecting
+        // Proactively check and refresh token BEFORE connecting
+        const tokens = this.apiClient.getOAuth().tokens;
+        const now = Math.floor(Date.now() / 1000);
+        // Check if token is missing, expired, or expiring within buffer time
+        const needsRefresh = !tokens?.access_token ||
+            (tokens.expires_at && tokens.expires_at <= now + this.TOKEN_REFRESH_BUFFER_SECONDS);
+        if (needsRefresh) {
+            console.log("[RemoteListener] Token expired or expiring soon, refreshing before connect...");
+            const refreshed = await this.apiClient.refreshToken();
+            if (!refreshed) {
+                console.error("[RemoteListener] Failed to refresh token before connect");
+                this.handleReconnect();
+                return;
+            }
+        }
+        // Get fresh token after potential refresh
         let accessToken = this.apiClient.getAccessToken();
         if (!accessToken) {
             console.error("[RemoteListener] No access token available");

package/dist/lib/sync/sync-engine.d.ts

@@ -23,6 +23,9 @@ export declare class SyncEngine {
     private state;
     private running;
     private paused;
+    private tokenRefreshInterval;
+    private readonly TOKEN_REFRESH_CHECK_INTERVAL_MS;
+    private readonly TOKEN_REFRESH_BUFFER_SECONDS;
     constructor(syncDir: string, apiClient: ApiClient);
     /**
      * Check if pause flag file exists
@@ -33,6 +36,10 @@ export declare class SyncEngine {
      * Performs initial sync first, then starts file watcher
      */
     start(): Promise<void>;
+    /**
+     * Start periodic token refresh to prevent auth expiry during long-running sessions
+     */
+    private startTokenRefreshTimer;
     /**
      * Stop the sync engine
      * Stops file watcher and closes queue database

package/dist/lib/sync/sync-engine.js

@@ -37,6 +37,9 @@ export class SyncEngine {
     state;
     running = false;
     paused = false;
+    tokenRefreshInterval = null;
+    TOKEN_REFRESH_CHECK_INTERVAL_MS = 30 * 60 * 1000; // Check every 30 minutes
+    TOKEN_REFRESH_BUFFER_SECONDS = 10 * 60; // Refresh 10 minutes before expiry
     constructor(syncDir, apiClient) {
         this.syncDir = syncDir;
         this.apiClient = apiClient;
@@ -93,14 +96,49 @@ export class SyncEngine {
         this.fileWatcher.start();
         // Start listening for remote changes
         await this.remoteListener.start();
+        // Start periodic token refresh to prevent auth expiry
+        this.startTokenRefreshTimer();
         console.log("Sync engine started");
     }
+    /**
+     * Start periodic token refresh to prevent auth expiry during long-running sessions
+     */
+    startTokenRefreshTimer() {
+        this.tokenRefreshInterval = setInterval(async () => {
+            if (!this.running)
+                return;
+            try {
+                const tokens = this.apiClient.getOAuth().tokens;
+                const now = Math.floor(Date.now() / 1000);
+                // Check if token is expired or expiring soon
+                if (!tokens?.expires_at || tokens.expires_at <= now + this.TOKEN_REFRESH_BUFFER_SECONDS) {
+                    console.log("[SyncEngine] Token expiring soon, refreshing proactively...");
+                    const refreshed = await this.apiClient.refreshToken();
+                    if (!refreshed) {
+                        console.error("[SyncEngine] Proactive token refresh failed - will retry on next check");
+                    }
+                    else {
+                        console.log("[SyncEngine] Token refreshed successfully");
+                    }
+                }
+            }
+            catch (error) {
+                console.error("[SyncEngine] Token refresh check error:", error);
+            }
+        }, this.TOKEN_REFRESH_CHECK_INTERVAL_MS);
+        console.log("[SyncEngine] Token refresh timer started");
+    }
     /**
      * Stop the sync engine
      * Stops file watcher and closes queue database
      */
     stop() {
         this.running = false;
+        // Stop token refresh timer
+        if (this.tokenRefreshInterval) {
+            clearInterval(this.tokenRefreshInterval);
+            this.tokenRefreshInterval = null;
+        }
         this.fileWatcher.stop();
         this.remoteListener.stop();
         this.queue.close();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kontexted",
-  "version": "0.1.16",
+  "version": "0.1.18",
   "description": "CLI tool for Kontexted - MCP proxy, workspaces management, and local server",
   "type": "module",
   "bin": {
@@ -48,8 +48,8 @@
     "typescript": "^5.6.0"
   },
   "optionalDependencies": {
-    "@kontexted/darwin-arm64": "0.1.16",
-    "@kontexted/linux-x64": "0.1.16",
-    "@kontexted/windows-x64": "0.1.16"
+    "@kontexted/darwin-arm64": "0.1.18",
+    "@kontexted/linux-x64": "0.1.18",
+    "@kontexted/windows-x64": "0.1.18"
   }
 }