nutstore-webdav-secret-cli 0.1.0

package/src/components/secrets-page.tsx

@@ -0,0 +1,252 @@
+import { useAtomRefresh, useAtomSet, useAtomValue } from "@effect/atom-solid";
+import type { ThemeMode } from "@opentui/core";
+import { useKeyboard, useRenderer } from "@opentui/solid";
+import { createMemo, createSignal } from "solid-js";
+import { addSecretAtom, deleteSecretAtom, secretsListAtom, secretsLoadStateAtom, secretsPageInfoAtom, secretsStatusMessageAtom } from "../atom/secrets";
+import { WEBDAV_URL } from "../constants";
+import type { OpenTUIElement } from "../opentui-jsx";
+import type { Palette } from "../theme";
+import { clamp, copyToClipboard } from "../utils";
+import { Footer } from "./footer";
+import { Header } from "./header";
+import { SecretDetail } from "./secret-detail";
+import { SecretList } from "./secret-list";
+
+type SecretsPageProps = {
+  palette: Palette;
+  themeMode: ThemeMode | null;
+};
+
+export function SecretsPage(props: SecretsPageProps): OpenTUIElement {
+  const renderer = useRenderer();
+  const items = useAtomValue(() => secretsListAtom);
+  const secretsLoadState = useAtomValue(() => secretsLoadStateAtom);
+  const remoteStatusMessage = useAtomValue(() => secretsStatusMessageAtom);
+  const refreshSecrets = useAtomRefresh(() => secretsPageInfoAtom);
+  const createSecret = useAtomSet(() => addSecretAtom, { mode: "promise" });
+  const revokeSecret = useAtomSet(() => deleteSecretAtom, { mode: "promise" });
+  const [addSecretMode, setAddSecretMode] = createSignal(false);
+  const [addSecretName, setAddSecretName] = createSignal("");
+  const [addSecretError, setAddSecretError] = createSignal<string | null>(null);
+  const [addingSecret, setAddingSecret] = createSignal(false);
+  const [selectedIndex, setSelectedIndex] = createSignal(0);
+  const [statusMessage, setStatusMessage] = createSignal("");
+  const [confirmingDelete, setConfirmingDelete] = createSignal(false);
+
+  const selectedItem = createMemo(() => items()[selectedIndex()] ?? null);
+  const headerStatus = createMemo(() =>
+    statusMessage().length > 0 ? statusMessage() : remoteStatusMessage(),
+  );
+
+  const moveSelection = (direction: number) => {
+    if (addSecretMode()) {
+      return;
+    }
+    setConfirmingDelete(false);
+    setSelectedIndex((current) =>
+      clamp(current + direction, 0, Math.max(0, items().length - 1)),
+    );
+  };
+
+  const refresh = (nextSelectedIndex = 0) => {
+    setAddSecretMode(false);
+    setAddSecretError(null);
+    setConfirmingDelete(false);
+    setSelectedIndex(nextSelectedIndex);
+    setStatusMessage("");
+    refreshSecrets();
+  };
+
+  const copyValue = async (label: string, value: string) => {
+    const copied = await copyToClipboard(value);
+    setStatusMessage(copied ? `${label} copied` : `${label} ready to copy`);
+  };
+
+  const deleteSelected = async () => {
+    if (addSecretMode()) {
+      return;
+    }
+    const item = selectedItem();
+    const currentIndex = selectedIndex();
+    if (!item) {
+      return;
+    }
+
+    if (!confirmingDelete()) {
+      setConfirmingDelete(true);
+      setStatusMessage(`Confirm delete: ${item.name}`);
+      return;
+    }
+
+    try {
+      await revokeSecret(item.name);
+      const nextSelectedIndex = clamp(
+        Math.min(currentIndex, Math.max(0, items().length - 2)),
+        0,
+        Math.max(0, items().length - 2),
+      );
+      setConfirmingDelete(false);
+      setStatusMessage(`Deleted ${item.name}`);
+      refresh(nextSelectedIndex);
+    } catch (cause) {
+      setConfirmingDelete(false);
+      setSelectedIndex(currentIndex);
+      setStatusMessage(
+        cause instanceof Error ? cause.message : `Failed to delete ${item.name}`,
+      );
+    }
+  };
+
+  const openAddSecret = () => {
+    setConfirmingDelete(false);
+    setAddSecretError(null);
+    setAddSecretName("");
+    setAddSecretMode(true);
+  };
+
+  const cancelAddSecret = () => {
+    setAddSecretMode(false);
+    setAddSecretError(null);
+    setAddingSecret(false);
+  };
+
+  const submitAddSecret = async () => {
+    setAddingSecret(true);
+    setAddSecretError(null);
+
+    try {
+      const created = await createSecret(addSecretName());
+      setAddSecretMode(false);
+      setAddSecretName("");
+      setStatusMessage(`Created ${created.name}`);
+      refresh();
+    } catch (cause) {
+      setAddSecretError(
+        cause instanceof Error ? cause.message : "Failed to create app password.",
+      );
+    } finally {
+      setAddingSecret(false);
+    }
+  };
+
+  useKeyboard((key) => {
+    const name = key.name.toLowerCase();
+
+    if (name === "q") {
+      renderer.destroy();
+      return;
+    }
+
+    if (addSecretMode()) {
+      if (name === "escape") {
+        cancelAddSecret();
+        key.preventDefault();
+      }
+
+      return;
+    }
+
+    if (name === "up") {
+      moveSelection(-1);
+      key.preventDefault();
+      return;
+    }
+
+    if (name === "down") {
+      moveSelection(1);
+      key.preventDefault();
+      return;
+    }
+
+    if (name === "escape") {
+      if (addSecretMode()) {
+        cancelAddSecret();
+        key.preventDefault();
+        return;
+      }
+
+      setConfirmingDelete(false);
+      setStatusMessage("Delete cancelled");
+      key.preventDefault();
+      return;
+    }
+
+    if (name === "r") {
+      refresh();
+      return;
+    }
+
+    if (name === "n") {
+      openAddSecret();
+      key.preventDefault();
+      return;
+    }
+
+    if (name === "d") {
+      void deleteSelected();
+      return;
+    }
+
+    if (name === "y" && confirmingDelete()) {
+      void deleteSelected();
+      return;
+    }
+
+    const item = selectedItem();
+    if (!item || secretsLoadState() !== "ready") {
+      return;
+    }
+
+    if (name === "enter") {
+      void copyValue("Password", item.password);
+      return;
+    }
+
+    if (name === "u") {
+      void copyValue("WebDAV URL", WEBDAV_URL);
+      return;
+    }
+
+    if (name === "a") {
+      if (!item.account) {
+        setStatusMessage("Account unavailable");
+        return;
+      }
+
+      void copyValue("Account", item.account);
+    }
+  });
+
+  return (
+    <box flexDirection="column" flexGrow={1} paddingX={1} paddingY={1} gap={1}>
+      <Header
+        count={items().length}
+        palette={props.palette}
+        status={headerStatus()}
+        themeMode={props.themeMode}
+      />
+
+      <box flexDirection="row" flexGrow={1} gap={1} minHeight={14}>
+        <SecretList
+          palette={props.palette}
+          selectedIndex={selectedIndex()}
+        />
+        <SecretDetail
+          addError={addSecretError()}
+          addName={addSecretName()}
+          addSecretMode={addSecretMode()}
+          addingSecret={addingSecret()}
+          confirmingDelete={confirmingDelete()}
+          item={selectedItem()}
+          onAddNameInput={setAddSecretName}
+          onAddSubmit={() => {
+            void submitAddSecret();
+          }}
+          palette={props.palette}
+        />
+      </box>
+
+      <Footer palette={props.palette} />
+    </box>
+  );
+}

package/src/constants.ts

@@ -0,0 +1 @@
+export const WEBDAV_URL = "https://dav.jianguoyun.com/dav/";

package/src/effect/add-secret.ts

@@ -0,0 +1,94 @@
+import { Data, Effect, Schema } from "effect";
+import { FetchHttpClient, HttpBody, HttpClient, HttpClientResponse, UrlParams } from "effect/unstable/http";
+import type { SecretItem } from "../types";
+
+const GENERATE_ASP_URL = "https://www.jianguoyun.com/d/ajax/userop/generateAsp";
+
+export class AddSecretHttpError extends Data.TaggedError("AddSecretHttpError")<{
+  readonly cause: unknown;
+  readonly message: string;
+}> { }
+
+export class AddSecretParseError extends Data.TaggedError("AddSecretParseError")<{
+  readonly message: string;
+}> { }
+
+const AddSecretResponseSchema = Schema.Struct({
+  credential: Schema.String,
+  creationTime: Schema.String,
+  name: Schema.String,
+});
+
+export type AddSecretResponse = Schema.Schema.Type<typeof AddSecretResponseSchema>;
+
+export const addSecret = (
+  cookie: string,
+  name: string,
+): Effect.Effect<SecretItem, AddSecretHttpError | AddSecretParseError> =>
+  Effect.gen(function* () {
+    const normalizedName = name.trim();
+
+    if (normalizedName.length === 0) {
+      return yield* Effect.fail(
+        new AddSecretParseError({
+          message: "Secret name cannot be empty.",
+        }),
+      );
+    }
+
+    const client = yield* HttpClient.HttpClient;
+    const response = yield* client.post(GENERATE_ASP_URL, {
+      headers: {
+        Accept: "application/json, text/javascript, */*; q=0.01",
+        Cookie: cookie,
+        "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+        Origin: "https://www.jianguoyun.com",
+        Referer: "https://www.jianguoyun.com/d/mobile_asp",
+        "X-Requested-With": "XMLHttpRequest",
+      },
+      body: HttpBody.urlParams(
+        UrlParams.fromInput({
+          asp_name: normalizedName,
+        }),
+      ),
+    }).pipe(
+      Effect.mapError((cause) =>
+        new AddSecretHttpError({
+          cause,
+          message: "Failed to request Nutstore generateAsp endpoint.",
+        }),
+      ),
+    );
+
+    if (response.status < 200 || response.status >= 300) {
+      return yield* Effect.fail(
+        new AddSecretHttpError({
+          cause: response.status,
+          message: `generateAsp returned ${response.status}.`,
+        }),
+      );
+    }
+
+    const record = yield* HttpClientResponse.schemaBodyJson(AddSecretResponseSchema)(
+      response,
+    ).pipe(
+      Effect.mapError((cause) =>
+        new AddSecretParseError({
+          message: "generateAsp response is not a valid ASP record.",
+        }),
+      ),
+    );
+
+    return toSecretItem(record);
+  }).pipe(Effect.provide(FetchHttpClient.layer));
+
+function toSecretItem(record: AddSecretResponse): SecretItem {
+  const normalizedName = record.name.trim() || "Untitled App Password";
+
+  return {
+    id: `secret_${record.creationTime}_${normalizedName}`,
+    name: normalizedName,
+    password: record.credential,
+    createdAt: record.creationTime,
+  };
+}

package/src/effect/auth.ts

@@ -0,0 +1,46 @@
+import { Effect, Data } from 'effect'
+import { FileSystem } from 'effect/FileSystem'
+import path from 'node:path'
+import os from 'node:os'
+
+export class ConfigFileError extends Data.TaggedError('ConfigFileError')<{
+  readonly cause: unknown
+  readonly message: string
+}> { }
+
+export class CookieNotFoundError extends Data.TaggedError('CookieNotFoundError') { }
+
+const resolveConfigPaths = Effect.sync(function () {
+  const configDir = path.join(os.homedir(), '.config', 'nswds')
+  const configFile = path.join(configDir, 'cookie')
+
+  return { configDir, configFile }
+})
+
+export const readCookie = Effect.gen(function* () {
+  const { configDir, configFile } = yield* resolveConfigPaths
+  const fs = yield* FileSystem
+  const fileContent = yield* fs.readFileString(configFile).pipe(
+    Effect.catchTag("PlatformError", err => {
+      return new CookieNotFoundError()
+    })
+  )
+
+  if (!fileContent || !fileContent.trim()) {
+    return yield* Effect.fail(new CookieNotFoundError())
+  }
+
+  return fileContent
+})
+
+export const saveCookie = Effect.fnUntraced(function* (cookie: string) {
+  const { configDir, configFile } = yield* resolveConfigPaths
+  const fs = yield* FileSystem
+
+  yield* Effect.gen((function* () {
+    yield* fs.makeDirectory(configDir, { recursive: true })
+    yield* fs.writeFileString(configFile, cookie)
+  })).pipe(
+    Effect.mapError(systemError => new ConfigFileError({ cause: systemError, message: "write file failed" }))
+  )
+})

package/src/effect/delete-secret.ts

@@ -0,0 +1,62 @@
+import { Data, Effect } from "effect";
+import { FetchHttpClient, HttpBody, HttpClient, UrlParams } from "effect/unstable/http";
+
+const REVOKE_ASP_URL = "https://www.jianguoyun.com/d/ajax/userop/revokeAsp";
+
+export class DeleteSecretHttpError extends Data.TaggedError("DeleteSecretHttpError")<{
+  readonly cause: unknown;
+  readonly message: string;
+}> { }
+
+export class DeleteSecretValidationError extends Data.TaggedError("DeleteSecretValidationError")<{
+  readonly message: string;
+}> { }
+
+export const deleteSecret = (
+  cookie: string,
+  name: string,
+): Effect.Effect<void, DeleteSecretHttpError | DeleteSecretValidationError> =>
+  Effect.gen(function* () {
+    const normalizedName = name.trim();
+
+    if (normalizedName.length === 0) {
+      return yield* Effect.fail(
+        new DeleteSecretValidationError({
+          message: "Secret name cannot be empty.",
+        }),
+      );
+    }
+
+    const client = yield* HttpClient.HttpClient;
+    const response = yield* client.post(REVOKE_ASP_URL, {
+      headers: {
+        Accept: "*/*",
+        Cookie: cookie,
+        "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+        Origin: "https://www.jianguoyun.com",
+        Referer: "https://www.jianguoyun.com/d/mobile_asp",
+        "X-Requested-With": "XMLHttpRequest",
+      },
+      body: HttpBody.urlParams(
+        UrlParams.fromInput({
+          asp_name: normalizedName,
+        }),
+      ),
+    }).pipe(
+      Effect.mapError((cause) =>
+        new DeleteSecretHttpError({
+          cause,
+          message: "Failed to request Nutstore revokeAsp endpoint.",
+        }),
+      ),
+    );
+
+    if (response.status < 200 || response.status >= 300) {
+      return yield* Effect.fail(
+        new DeleteSecretHttpError({
+          cause: response.status,
+          message: `revokeAsp returned ${response.status}.`,
+        }),
+      );
+    }
+  }).pipe(Effect.provide(FetchHttpClient.layer));

package/src/effect/list-secrets.ts

@@ -0,0 +1,160 @@
+import { Data, Effect } from "effect";
+import { FetchHttpClient, HttpClient } from "effect/unstable/http";
+import type { SecretItem } from "../types";
+
+const MOBILE_ASP_URL = "https://www.jianguoyun.com/d/mobile_asp";
+const USER_ASPS_PATTERN = /userAspsStr\s*:\s*'((?:\\'|[^'])*)'/;
+
+export class MobileAspHttpError extends Data.TaggedError("MobileAspHttpError")<{
+  readonly cause: unknown;
+  readonly message: string;
+}> { }
+
+export class MobileAspParseError extends Data.TaggedError("MobileAspParseError")<{
+  readonly message: string;
+}> { }
+
+export type MobileAspRecord = {
+  credential: string;
+  creationTime: string;
+  name: string;
+};
+
+export const parseSecretsHtml = (html: string): SecretItem[] => {
+  const userAspsMatch = html.match(USER_ASPS_PATTERN);
+
+  if (!userAspsMatch) {
+    throw new MobileAspParseError({
+      message: "Could not extract userAspsStr from mobile_asp HTML.",
+    });
+  }
+
+  const userAspsLiteral = userAspsMatch[1];
+  if (userAspsLiteral === undefined) {
+    throw new MobileAspParseError({
+      message: "userAspsStr capture group was empty.",
+    });
+  }
+
+  const rawUserAsps = decodeJsSingleQuotedString(userAspsLiteral);
+  const records = parseMobileAspRecords(rawUserAsps);
+  const account = parseAccountFromHtml(html);
+
+  return records.map((record) => toSecretItem(record, account));
+};
+
+export const querySecretsList = (
+  cookie: string,
+): Effect.Effect<SecretItem[], MobileAspHttpError | MobileAspParseError> =>
+  Effect.gen(function* () {
+    const client = yield* HttpClient.HttpClient;
+    const response = yield* client.get(MOBILE_ASP_URL, {
+      headers: {
+        Cookie: cookie,
+        Accept: "text/html,application/xhtml+xml",
+      },
+    }).pipe(
+      Effect.mapError((cause) =>
+        new MobileAspHttpError({
+          cause,
+          message: "Failed to fetch Nutstore mobile_asp page.",
+        }),
+      ),
+    );
+
+    const html = yield* response.text.pipe(
+      Effect.mapError((cause) =>
+        new MobileAspHttpError({
+          cause,
+          message: "Failed to read Nutstore mobile_asp response body.",
+        }),
+      ),
+    );
+
+    if (response.status < 200 || response.status >= 300) {
+      return yield* Effect.fail(
+        new MobileAspHttpError({
+          cause: response.status,
+          message: `mobile_asp returned ${response.status}: ${formatHtmlSnippet(html)}`,
+        }),
+      );
+    }
+
+    return yield* Effect.try({
+      try: () => parseSecretsHtml(html),
+      catch: (cause) =>
+        cause instanceof MobileAspParseError
+          ? cause
+          : new MobileAspParseError({
+            message: `Failed to parse Nutstore mobile_asp HTML: ${formatHtmlSnippet(html)}`,
+          }),
+    });
+  }).pipe(Effect.provide(FetchHttpClient.layer));
+
+function decodeJsSingleQuotedString(value: string): string {
+  return value
+    .replace(/\\\\/g, "\\")
+    .replace(/\\'/g, "'");
+}
+
+function formatHtmlSnippet(html: string): string {
+  return html
+    .replace(/\s+/g, " ")
+    .trim()
+    .slice(0, 160);
+}
+
+function parseAccountFromHtml(html: string): string | undefined {
+  const patterns = [
+    /(?:account|username|userName|loginName|email)\s*[:=]\s*["']([^"'@\s]+@[^"'\s]+)["']/i,
+    /(?:用户名|账号|邮箱)[^<]{0,20}[:：]\s*([^<\s]+@[^<\s]+)/i,
+    /value=["']([^"'@\s]+@[^"'\s]+)["']/i,
+  ];
+
+  for (const pattern of patterns) {
+    const matched = html.match(pattern)?.[1]?.trim();
+    if (matched) {
+      return matched;
+    }
+  }
+
+  return html.match(/[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}/i)?.[0];
+}
+
+function parseMobileAspRecords(value: string): MobileAspRecord[] {
+  const parsed = JSON.parse(value) as unknown;
+
+  if (!Array.isArray(parsed)) {
+    throw new MobileAspParseError({
+      message: "userAspsStr is not a JSON array.",
+    });
+  }
+
+  return parsed.map((item, index) => {
+    if (
+      typeof item !== "object" ||
+      item === null ||
+      typeof item.credential !== "string" ||
+      typeof item.creationTime !== "string" ||
+      typeof item.name !== "string"
+    ) {
+      throw new MobileAspParseError({
+        message: `Invalid ASP record at index ${index}.`,
+      });
+    }
+
+    return item;
+  });
+}
+
+function toSecretItem(record: MobileAspRecord, account?: string): SecretItem {
+  const normalizedName = record.name.trim() || "Untitled App Password";
+
+  return {
+    account,
+    id: `secret_${record.creationTime}_${normalizedName}`,
+    name: normalizedName,
+    password: record.credential,
+    createdAt: record.creationTime,
+  };
+}

package/src/hooks/useThemeMode.ts

@@ -0,0 +1,26 @@
+import { CliRenderEvents, type ThemeMode } from "@opentui/core";
+import { useRenderer } from "@opentui/solid";
+import { createSignal, onCleanup, onMount } from "solid-js";
+
+export function useThemeMode() {
+  const renderer = useRenderer();
+  const [themeMode, setThemeMode] = createSignal<ThemeMode | null>(
+    renderer.themeMode,
+  );
+
+  onMount(() => {
+    const updateThemeMode = (mode: ThemeMode) => setThemeMode(mode);
+    renderer.on(CliRenderEvents.THEME_MODE, updateThemeMode);
+    void renderer.waitForThemeMode(500).then((mode) => {
+      if (mode) {
+        setThemeMode(mode);
+      }
+    });
+
+    onCleanup(() => {
+      renderer.off(CliRenderEvents.THEME_MODE, updateThemeMode);
+    });
+  });
+
+  return themeMode;
+}

package/src/index.tsx

@@ -0,0 +1 @@
+import "./cli";

package/src/mockSecrets.ts

@@ -0,0 +1,39 @@
+import type { SecretItem } from "./types";
+
+export const initialSecrets: SecretItem[] = [
+  {
+    id: "sec_raycast",
+    account: "user@example.com",
+    name: "Raycast",
+    password: "nsc_app_9vK3pQ7Lm2Xz",
+    createdAt: "2026-05-28",
+  },
+  {
+    id: "sec_obsidian",
+    account: "user@example.com",
+    name: "Obsidian Sync Backup",
+    password: "nsc_app_B8mN4tYw6QaR",
+    createdAt: "2026-04-12",
+  },
+  {
+    id: "sec_alfred",
+    account: "user@example.com",
+    name: "Alfred Workflow",
+    password: "nsc_app_U2hK7dPq5VzE",
+    createdAt: "2026-03-09",
+  },
+  {
+    id: "sec_backup",
+    account: "user@example.com",
+    name: "Server Backup",
+    password: "nsc_app_H4xT8rLm1CyN",
+    createdAt: "2026-01-21",
+  },
+  {
+    id: "sec_mobile",
+    account: "user@example.com",
+    name: "Mobile WebDAV",
+    password: "nsc_app_M6qP2zLf8TaK",
+    createdAt: "2025-12-18",
+  },
+];