npm - oauth.do - Versions diffs - 0.1.15 → 0.2.0 - Mend

oauth.do 0.1.15 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/cli.js CHANGED Viewed

@@ -11,10 +11,6 @@ var __esm = (fn, res) => function __init() {
 var __commonJS = (cb, mod) => function __require() {
   return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
 var __copyProps = (to, from, except, desc) => {
   if (from && typeof from === "object" || typeof from === "function") {
     for (let key of __getOwnPropNames(from))
@@ -32,24 +28,21 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   mod
 ));
-// src/storage.ts
-var storage_exports = {};
-__export(storage_exports, {
-  CompositeTokenStorage: () => CompositeTokenStorage,
-  FileTokenStorage: () => FileTokenStorage,
-  KeychainTokenStorage: () => KeychainTokenStorage,
-  LocalStorageTokenStorage: () => LocalStorageTokenStorage,
-  MemoryTokenStorage: () => MemoryTokenStorage,
-  SecureFileTokenStorage: () => SecureFileTokenStorage,
-  createSecureStorage: () => createSecureStorage
+// src/utils.ts
+function getEnv(key) {
+  if (globalThis[key]) return globalThis[key];
+  if (typeof process !== "undefined" && process.env?.[key]) return process.env[key];
+  return void 0;
+}
+var init_utils = __esm({
+  "src/utils.ts"() {
+  }
 });
+// src/storage.ts
 function isNode() {
   return typeof process !== "undefined" && process.versions != null && process.versions.node != null;
 }
-function getEnv2(key) {
-  if (typeof process !== "undefined" && process.env?.[key]) return process.env[key];
-  return void 0;
-}
 function createSecureStorage(storagePath) {
   if (isNode()) {
     return new SecureFileTokenStorage(storagePath);
@@ -59,100 +52,10 @@ function createSecureStorage(storagePath) {
   }
   return new MemoryTokenStorage();
 }
-var KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT, KeychainTokenStorage, SecureFileTokenStorage, FileTokenStorage, MemoryTokenStorage, LocalStorageTokenStorage, CompositeTokenStorage;
+var SecureFileTokenStorage, MemoryTokenStorage, LocalStorageTokenStorage;
 var init_storage = __esm({
   "src/storage.ts"() {
-    KEYCHAIN_SERVICE = "oauth.do";
-    KEYCHAIN_ACCOUNT = "access_token";
-    KeychainTokenStorage = class {
-      keytar = null;
-      initialized = false;
-      /**
-       * Lazily load keytar module
-       * Returns null if keytar is not available (e.g., missing native dependencies)
-       */
-      async getKeytar() {
-        if (this.initialized) {
-          return this.keytar;
-        }
-        this.initialized = true;
-        try {
-          const imported = await import('keytar');
-          const keytarModule = imported.default || imported;
-          this.keytar = keytarModule;
-          if (typeof this.keytar.getPassword !== "function") {
-            if (getEnv2("DEBUG")) {
-              console.warn("Keytar module loaded but getPassword is not a function:", Object.keys(this.keytar));
-            }
-            this.keytar = null;
-            return null;
-          }
-          return this.keytar;
-        } catch (error) {
-          if (getEnv2("DEBUG")) {
-            console.warn("Keychain storage not available:", error);
-          }
-          return null;
-        }
-      }
-      async getToken() {
-        const keytar = await this.getKeytar();
-        if (!keytar) {
-          return null;
-        }
-        try {
-          const token = await keytar.getPassword(KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT);
-          return token;
-        } catch (error) {
-          if (getEnv2("DEBUG")) {
-            console.warn("Failed to get token from keychain:", error);
-          }
-          return null;
-        }
-      }
-      async setToken(token) {
-        try {
-          const keytar = await this.getKeytar();
-          if (!keytar) {
-            throw new Error("Keychain storage not available");
-          }
-          await keytar.setPassword(KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT, token);
-        } catch (error) {
-          if (error?.code === "MODULE_NOT_FOUND" || error?.message?.includes("Cannot find module")) {
-            throw new Error("Keychain storage not available: native module not built");
-          }
-          throw new Error(`Failed to save token to keychain: ${error}`);
-        }
-      }
-      async removeToken() {
-        const keytar = await this.getKeytar();
-        if (!keytar) {
-          return;
-        }
-        try {
-          await keytar.deletePassword(KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT);
-        } catch {
-        }
-      }
-      /**
-       * Check if keychain storage is available on this system
-       */
-      async isAvailable() {
-        try {
-          const keytar = await this.getKeytar();
-          if (!keytar) {
-            return false;
-          }
-          await keytar.getPassword(KEYCHAIN_SERVICE, "__test__");
-          return true;
-        } catch (error) {
-          if (getEnv2("DEBUG")) {
-            console.warn("Keychain not available:", error);
-          }
-          return false;
-        }
-      }
-    };
+    init_utils();
     SecureFileTokenStorage = class {
       tokenPath = null;
       configDir = null;
@@ -191,7 +94,7 @@ var init_storage = __esm({
           const fs = await import('fs/promises');
           const stats = await fs.stat(this.tokenPath);
           const mode = stats.mode & 511;
-          if (mode !== 384 && getEnv2("DEBUG")) {
+          if (mode !== 384 && getEnv("DEBUG")) {
             console.warn(
               `Warning: Token file has insecure permissions (${mode.toString(8)}). Expected 600. Run: chmod 600 ${this.tokenPath}`
             );
@@ -254,56 +157,6 @@ var init_storage = __esm({
         return { type: "file", secure: true, path: this.tokenPath };
       }
     };
-    FileTokenStorage = class {
-      tokenPath = null;
-      configDir = null;
-      initialized = false;
-      async init() {
-        if (this.initialized) return this.tokenPath !== null;
-        this.initialized = true;
-        if (!isNode()) return false;
-        try {
-          const os = await import('os');
-          const path = await import('path');
-          this.configDir = path.join(os.homedir(), ".oauth.do");
-          this.tokenPath = path.join(this.configDir, "token");
-          return true;
-        } catch {
-          return false;
-        }
-      }
-      async getToken() {
-        if (!await this.init() || !this.tokenPath) return null;
-        try {
-          const fs = await import('fs/promises');
-          const token = await fs.readFile(this.tokenPath, "utf-8");
-          return token.trim();
-        } catch {
-          return null;
-        }
-      }
-      async setToken(token) {
-        if (!await this.init() || !this.tokenPath || !this.configDir) {
-          throw new Error("File storage not available");
-        }
-        try {
-          const fs = await import('fs/promises');
-          await fs.mkdir(this.configDir, { recursive: true });
-          await fs.writeFile(this.tokenPath, token, "utf-8");
-        } catch (error) {
-          console.error("Failed to save token:", error);
-          throw error;
-        }
-      }
-      async removeToken() {
-        if (!await this.init() || !this.tokenPath) return;
-        try {
-          const fs = await import('fs/promises');
-          await fs.unlink(this.tokenPath);
-        } catch {
-        }
-      }
-    };
     MemoryTokenStorage = class {
       token = null;
       async getToken() {
@@ -337,66 +190,6 @@ var init_storage = __esm({
         localStorage.removeItem(this.key);
       }
     };
-    CompositeTokenStorage = class {
-      keychainStorage;
-      fileStorage;
-      preferredStorage = null;
-      constructor() {
-        this.keychainStorage = new KeychainTokenStorage();
-        this.fileStorage = new SecureFileTokenStorage();
-      }
-      /**
-       * Determine the best available storage backend
-       */
-      async getPreferredStorage() {
-        if (this.preferredStorage) {
-          return this.preferredStorage;
-        }
-        if (await this.keychainStorage.isAvailable()) {
-          this.preferredStorage = this.keychainStorage;
-          return this.preferredStorage;
-        }
-        this.preferredStorage = this.fileStorage;
-        return this.preferredStorage;
-      }
-      async getToken() {
-        const keychainToken = await this.keychainStorage.getToken();
-        if (keychainToken) {
-          return keychainToken;
-        }
-        const fileToken = await this.fileStorage.getToken();
-        if (fileToken) {
-          if (await this.keychainStorage.isAvailable()) {
-            try {
-              await this.keychainStorage.setToken(fileToken);
-              await this.fileStorage.removeToken();
-              if (getEnv2("DEBUG")) {
-                console.log("Migrated token from file to keychain");
-              }
-            } catch {
-            }
-          }
-          return fileToken;
-        }
-        return null;
-      }
-      async setToken(token) {
-        const storage2 = await this.getPreferredStorage();
-        await storage2.setToken(token);
-      }
-      async removeToken() {
-        await Promise.all([this.keychainStorage.removeToken(), this.fileStorage.removeToken()]);
-      }
-      /**
-       * Get information about the current storage backend
-       */
-      async getStorageInfo() {
-        if (await this.keychainStorage.isAvailable()) {
-          return { type: "keychain", secure: true };
-        }
-        return { type: "file", secure: true };
-      }
-    };
   }
 });
@@ -405,13 +198,14 @@ var require_package = __commonJS({
   "package.json"(exports$1, module) {
     module.exports = {
       name: "oauth.do",
-      version: "0.1.15",
-      description: "OAuth authentication SDK and CLI for .do Platform",
+      version: "0.2.0",
+      description: "OAuth authentication SDK, React components, and Hono middleware for org.ai identity",
       type: "module",
       main: "./dist/index.js",
       types: "./dist/index.d.ts",
       bin: {
-        "oauth.do": "./dist/cli.js"
+        "oauth.do": "./dist/cli.js",
+        "duckdb-auth": "./bin/duckdb-auth"
       },
       exports: {
         ".": {
@@ -426,10 +220,27 @@ var require_package = __commonJS({
           require: "./dist/node.js",
           default: "./dist/node.js"
         },
+        "./react": {
+          types: "./dist/react.d.ts",
+          import: "./dist/react.js",
+          require: "./dist/react.js",
+          default: "./dist/react.js"
+        },
+        "./hono": {
+          types: "./dist/hono.d.ts",
+          import: "./dist/hono.js",
+          require: "./dist/hono.js",
+          default: "./dist/hono.js"
+        },
+        "./types": {
+          types: "./dist/types-export.d.ts",
+          import: "./dist/types-export.js"
+        },
         "./mdx/*": "./src/mdx/*"
       },
       files: [
         "dist",
+        "bin",
         "src/mdx",
         "README.md",
         "LICENSE"
@@ -447,16 +258,19 @@ var require_package = __commonJS({
         "authentication",
         "auth",
         "login",
-        "api-key",
+        "identity",
         "cli",
         "sdk",
-        "platform",
-        "workos"
+        "org-ai",
+        "workos",
+        "authkit",
+        "react",
+        "hono"
       ],
       author: {
-        name: "Platform.do",
-        email: "npm@platform.do",
-        url: "https://platform.do"
+        name: "org.ai",
+        email: "npm@org.ai",
+        url: "https://org.ai"
       },
       license: "MIT",
       repository: {
@@ -476,8 +290,57 @@ var require_package = __commonJS({
       optionalDependencies: {
         keytar: "^7.9.0"
       },
+      peerDependencies: {
+        "@radix-ui/themes": ">=3.0.0",
+        "@tanstack/react-query": ">=5.0.0",
+        "@workos-inc/authkit-react": ">=0.5.0",
+        "@workos-inc/widgets": ">=1.0.0",
+        hono: ">=4.0.0",
+        jose: ">=5.0.0",
+        react: ">=18.0.0",
+        "react-dom": ">=18.0.0"
+      },
+      peerDependenciesMeta: {
+        "@radix-ui/themes": {
+          optional: true
+        },
+        "@tanstack/react-query": {
+          optional: true
+        },
+        "@workos-inc/authkit-react": {
+          optional: true
+        },
+        "@workos-inc/widgets": {
+          optional: true
+        },
+        hono: {
+          optional: true
+        },
+        jose: {
+          optional: true
+        },
+        react: {
+          optional: true
+        },
+        "react-dom": {
+          optional: true
+        }
+      },
       devDependencies: {
+        "@radix-ui/themes": "^3.0.0",
+        "@tanstack/react-query": "^5.0.0",
+        "@testing-library/jest-dom": "^6.9.1",
+        "@testing-library/react": "^16.3.2",
         "@types/node": "^24.10.1",
+        "@types/react": "^18.2.0",
+        "@types/react-dom": "^18.2.0",
+        "@workos-inc/authkit-react": "^0.16.0",
+        "@workos-inc/widgets": "^1.0.0",
+        hono: "^4.0.0",
+        jose: "^5.0.0",
+        jsdom: "^27.4.0",
+        react: "^18.2.0",
+        "react-dom": "^18.2.0",
         tsup: "^8.0.0",
         typescript: "^5.5.2",
         vitest: "^2.1.8"
@@ -487,11 +350,7 @@ var require_package = __commonJS({
 });
 // src/config.ts
-function getEnv(key) {
-  if (globalThis[key]) return globalThis[key];
-  if (typeof process !== "undefined" && process.env?.[key]) return process.env[key];
-  return void 0;
-}
+init_utils();
 var globalConfig = {
   apiUrl: getEnv("OAUTH_API_URL") || getEnv("API_URL") || "https://apis.do",
   clientId: getEnv("OAUTH_CLIENT_ID") || "client_01JQYTRXK9ZPD8JPJTKDCRB656",
@@ -596,22 +455,37 @@ async function pollForTokens(deviceCode, interval = 5, expiresIn = 600) {
 }
 // src/auth.ts
-async function resolveSecret(value) {
-  if (!value) return null;
-  if (typeof value === "string") return value;
-  if (typeof value === "object" && typeof value.get === "function") {
-    return await value.get();
+init_utils();
+async function getUser(token) {
+  const config = getConfig();
+  const authToken = token || getEnv("DO_TOKEN") || "";
+  if (!authToken) {
+    return { user: null };
+  }
+  try {
+    const response = await config.fetch(`${config.apiUrl}/me`, {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${authToken}`,
+        "Content-Type": "application/json"
+      }
+    });
+    if (!response.ok) {
+      if (response.status === 401) {
+        return { user: null };
+      }
+      throw new Error(`Authentication failed: ${response.statusText}`);
+    }
+    const user = await response.json();
+    return { user, token: authToken };
+  } catch (error) {
+    console.error("Auth error:", error);
+    return { user: null };
   }
-  return null;
-}
-function getEnv3(key) {
-  if (globalThis[key]) return globalThis[key];
-  if (typeof process !== "undefined" && process.env?.[key]) return process.env[key];
-  return void 0;
 }
 async function logout(token) {
   const config = getConfig();
-  const authToken = token || getEnv3("DO_TOKEN") || "";
+  const authToken = token || getEnv("DO_TOKEN") || "";
   if (!authToken) {
     return;
   }
@@ -630,84 +504,6 @@ async function logout(token) {
     console.error("Logout error:", error);
   }
 }
-var REFRESH_BUFFER_MS = 5 * 60 * 1e3;
-function isTokenExpired(expiresAt) {
-  if (!expiresAt) return false;
-  return Date.now() >= expiresAt - REFRESH_BUFFER_MS;
-}
-async function getToken() {
-  const adminToken = getEnv3("DO_ADMIN_TOKEN");
-  if (adminToken) return adminToken;
-  const doToken = getEnv3("DO_TOKEN");
-  if (doToken) return doToken;
-  try {
-    const { env } = await import('cloudflare:workers');
-    const cfAdminToken = await resolveSecret(env.DO_ADMIN_TOKEN);
-    if (cfAdminToken) return cfAdminToken;
-    const cfToken = await resolveSecret(env.DO_TOKEN);
-    if (cfToken) return cfToken;
-  } catch {
-  }
-  try {
-    const { createSecureStorage: createSecureStorage2 } = await Promise.resolve().then(() => (init_storage(), storage_exports));
-    const config = getConfig();
-    const storage2 = createSecureStorage2(config.storagePath);
-    const tokenData = storage2.getTokenData ? await storage2.getTokenData() : null;
-    if (tokenData) {
-      if (!isTokenExpired(tokenData.expiresAt)) {
-        return tokenData.accessToken;
-      }
-      if (tokenData.refreshToken) {
-        try {
-          const newTokens = await refreshAccessToken(tokenData.refreshToken);
-          const expiresAt = newTokens.expires_in ? Date.now() + newTokens.expires_in * 1e3 : void 0;
-          const newData = {
-            accessToken: newTokens.access_token,
-            refreshToken: newTokens.refresh_token || tokenData.refreshToken,
-            expiresAt
-          };
-          if (storage2.setTokenData) {
-            await storage2.setTokenData(newData);
-          } else {
-            await storage2.setToken(newTokens.access_token);
-          }
-          return newTokens.access_token;
-        } catch {
-          return null;
-        }
-      }
-      return null;
-    }
-    return await storage2.getToken();
-  } catch {
-    return null;
-  }
-}
-function auth() {
-  return getToken;
-}
-async function refreshAccessToken(refreshToken) {
-  const config = getConfig();
-  if (!config.clientId) {
-    throw new Error("Client ID is required for token refresh");
-  }
-  const response = await config.fetch("https://auth.apis.do/user_management/authenticate", {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded"
-    },
-    body: new URLSearchParams({
-      grant_type: "refresh_token",
-      refresh_token: refreshToken,
-      client_id: config.clientId
-    }).toString()
-  });
-  if (!response.ok) {
-    const errorText = await response.text();
-    throw new Error(`Token refresh failed: ${response.status} - ${errorText}`);
-  }
-  return await response.json();
-}
 // src/cli.ts
 init_storage();
@@ -830,7 +626,7 @@ ${colors.dim}Waiting for authorization...${colors.reset}
       authResponse.expires_in
     );
     await storage.setToken(tokenResponse.access_token);
-    const authResult = await auth(tokenResponse.access_token);
+    const authResult = await getUser(tokenResponse.access_token);
     printSuccess("Login successful!");
     if (authResult.user) {
       console.log(`
@@ -877,7 +673,7 @@ async function whoamiCommand() {
 Run ${colors.cyan}oauth.do login${colors.reset} to authenticate`);
       return;
     }
-    const authResult = await auth(token);
+    const authResult = await getUser(token);
     if (!authResult.user) {
       console.log(`${colors.dim}Not authenticated${colors.reset}`);
       console.log(`
@@ -932,7 +728,7 @@ ${colors.cyan}Auth:${colors.reset} ${colors.dim}Not authenticated${colors.reset}
 Run ${colors.cyan}oauth.do login${colors.reset} to authenticate`);
       return;
     }
-    const authResult = await auth(token);
+    const authResult = await getUser(token);
     if (authResult.user) {
       console.log(`
 ${colors.cyan}Auth:${colors.reset} ${colors.green}Authenticated${colors.reset}`);
@@ -954,7 +750,7 @@ async function autoLoginOrShowUser() {
   try {
     const token = await storage.getToken();
     if (token) {
-      const authResult = await auth(token);
+      const authResult = await getUser(token);
       if (authResult.user) {
         console.log(`${colors.green}\u2713${colors.reset} Already authenticated
 `);