omnikey-cli 1.6.0 → 1.6.1

package/backend-dist/aiProviderRoutes.js

@@ -0,0 +1,247 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.aiProviderRouter = aiProviderRouter;
+const express_1 = __importDefault(require("express"));
+const zod_1 = __importDefault(require("zod"));
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const os_1 = __importDefault(require("os"));
+const authMiddleware_1 = require("./authMiddleware");
+const config_1 = require("./config");
+const logger_1 = require("./logger");
+const providerEnum = zod_1.default.enum(['openai', 'anthropic', 'gemini', 'nemotron']);
+const putSchema = zod_1.default.object({
+    apiKey: zod_1.default.string().min(1).max(4096),
+    baseUrl: zod_1.default
+        .string()
+        .max(1000)
+        .url({ message: 'baseUrl must be a valid URL.' })
+        .nullable()
+        .optional(),
+});
+/** Mapping from provider → env var that holds its API key. */
+const PROVIDER_ENV_KEY = {
+    openai: 'OPENAI_API_KEY',
+    anthropic: 'ANTHROPIC_API_KEY',
+    gemini: 'GEMINI_API_KEY',
+    nemotron: 'NEMOTRON_API_KEY',
+};
+/** Legacy aliases that should be cleared whenever the canonical env is rewritten. */
+const PROVIDER_LEGACY_ALIASES = {
+    nemotron: ['NVIDIA_API_KEY'],
+};
+function getConfigPath() {
+    const home = process.env.HOME || process.env.USERPROFILE || os_1.default.homedir();
+    return path_1.default.join(home, '.omnikey', 'config.json');
+}
+function readConfigFile() {
+    const configPath = getConfigPath();
+    try {
+        if (fs_1.default.existsSync(configPath)) {
+            const raw = fs_1.default.readFileSync(configPath, 'utf-8');
+            const parsed = JSON.parse(raw);
+            if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+                return parsed;
+            }
+        }
+    }
+    catch (err) {
+        logger_1.logger.warn('Could not read ~/.omnikey/config.json — treating as empty.', { error: err });
+    }
+    return {};
+}
+function writeConfigFile(data) {
+    const configPath = getConfigPath();
+    fs_1.default.mkdirSync(path_1.default.dirname(configPath), { recursive: true });
+    fs_1.default.writeFileSync(configPath, JSON.stringify(data, null, 2), 'utf-8');
+}
+/** Mask an API key so a small prefix/suffix is visible (e.g. `sk-…AB12`). */
+function maskApiKey(key) {
+    if (!key)
+        return '';
+    if (key.length <= 8)
+        return '••••••••';
+    return `${key.slice(0, 3)}••••••••${key.slice(-4)}`;
+}
+/** Reads any provider key (canonical or legacy alias) out of the config object. */
+function readProviderKey(cfg, provider) {
+    const canonical = cfg[PROVIDER_ENV_KEY[provider]];
+    if (canonical && typeof canonical === 'string' && canonical.length > 0)
+        return canonical;
+    for (const alias of PROVIDER_LEGACY_ALIASES[provider] ?? []) {
+        const v = cfg[alias];
+        if (v && typeof v === 'string' && v.length > 0)
+            return v;
+    }
+    return undefined;
+}
+function describeProvider(provider, cfg) {
+    const key = readProviderKey(cfg, provider);
+    return {
+        provider,
+        isConfigured: Boolean(key),
+        apiKeyMasked: maskApiKey(key),
+        baseUrl: provider === 'nemotron'
+            ? (typeof cfg.NEMOTRON_BASE_URL === 'string' ? cfg.NEMOTRON_BASE_URL : null)
+            : null,
+    };
+}
+function readActiveProvider(cfg) {
+    const raw = cfg.AI_PROVIDER;
+    if (raw === 'openai' || raw === 'anthropic' || raw === 'gemini' || raw === 'nemotron') {
+        return raw;
+    }
+    // Fall back to the provider currently bound to the running process (config.ts
+    // already auto-detects from the first configured key in env).
+    return config_1.config.aiProvider;
+}
+/**
+ * Triggers a graceful daemon restart. The process is supervised by launchd
+ * (macOS) / NSSM (Windows) with auto-restart enabled, so exiting will cause
+ * the supervisor to relaunch the API with the freshly written config.json.
+ */
+function scheduleDaemonRestart(reason) {
+    setTimeout(() => {
+        logger_1.logger.info(`Exiting process to trigger supervised restart: ${reason}`);
+        process.exit(0);
+    }, 500);
+}
+function aiProviderRouter() {
+    const router = express_1.default.Router();
+    /** GET /api/providers — list which providers have a key in config.json. */
+    router.get('/', authMiddleware_1.authMiddleware, async (_req, res) => {
+        const { logger: reqLogger } = res.locals;
+        try {
+            const cfg = readConfigFile();
+            const providers = ['openai', 'anthropic', 'gemini', 'nemotron'];
+            const active = readActiveProvider(cfg);
+            res.json({
+                providers: providers.map((p) => describeProvider(p, cfg)),
+                activeProvider: active,
+                // The in-process provider may differ from cfg.AI_PROVIDER if the user
+                // changed config.json out of band — surface both so the UI can warn.
+                runtimeProvider: config_1.config.aiProvider,
+            });
+        }
+        catch (err) {
+            reqLogger.error('Error reading provider config.', { error: err });
+            res.status(500).json({ error: 'Failed to read provider config.' });
+        }
+    });
+    /** PUT /api/providers/:provider — store/update API key for that provider. */
+    router.put('/:provider', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger: reqLogger } = res.locals;
+        const providerParam = providerEnum.safeParse(req.params.provider);
+        if (!providerParam.success) {
+            return res.status(400).json({ error: 'Unknown provider.' });
+        }
+        const provider = providerParam.data;
+        try {
+            const parsed = putSchema.parse(req.body);
+            const cfg = readConfigFile();
+            // Always clear legacy aliases so the canonical env wins on next boot.
+            for (const alias of PROVIDER_LEGACY_ALIASES[provider] ?? []) {
+                delete cfg[alias];
+            }
+            cfg[PROVIDER_ENV_KEY[provider]] = parsed.apiKey;
+            if (provider === 'nemotron') {
+                if (parsed.baseUrl) {
+                    cfg.NEMOTRON_BASE_URL = parsed.baseUrl;
+                }
+                else if (parsed.baseUrl === null) {
+                    delete cfg.NEMOTRON_BASE_URL;
+                }
+            }
+            writeConfigFile(cfg);
+            // If the user updated the currently-active provider's key, the running
+            // process is now using a stale key — schedule a restart so it picks
+            // the new one up. We only restart when AI_PROVIDER is *explicitly*
+            // pinned in config.json, because the auto-detected fallback may differ
+            // from what the user is configuring and we don't want to bounce the
+            // server on first-time key save.
+            const explicitActive = typeof cfg.AI_PROVIDER === 'string' ? cfg.AI_PROVIDER : null;
+            let restartScheduled = false;
+            if (explicitActive === provider) {
+                scheduleDaemonRestart(`updated active provider key (${provider})`);
+                restartScheduled = true;
+            }
+            res.json({
+                ...describeProvider(provider, cfg),
+                restartScheduled,
+            });
+        }
+        catch (err) {
+            reqLogger.error('Error storing provider key.', { error: err });
+            if (err instanceof zod_1.default.ZodError) {
+                return res.status(400).json({ error: 'Invalid provider data.' });
+            }
+            res.status(500).json({ error: 'Failed to store provider key.' });
+        }
+    });
+    /** DELETE /api/providers/:provider — remove the saved key. */
+    router.delete('/:provider', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger: reqLogger } = res.locals;
+        const providerParam = providerEnum.safeParse(req.params.provider);
+        if (!providerParam.success) {
+            return res.status(400).json({ error: 'Unknown provider.' });
+        }
+        const provider = providerParam.data;
+        try {
+            const cfg = readConfigFile();
+            const active = readActiveProvider(cfg);
+            if (active === provider) {
+                return res.status(409).json({
+                    error: 'Cannot remove the active provider. Activate a different provider first, then remove this one.',
+                });
+            }
+            delete cfg[PROVIDER_ENV_KEY[provider]];
+            for (const alias of PROVIDER_LEGACY_ALIASES[provider] ?? []) {
+                delete cfg[alias];
+            }
+            if (provider === 'nemotron') {
+                delete cfg.NEMOTRON_BASE_URL;
+            }
+            writeConfigFile(cfg);
+            res.status(204).send();
+        }
+        catch (err) {
+            reqLogger.error('Error removing provider key.', { error: err });
+            res.status(500).json({ error: 'Failed to remove provider key.' });
+        }
+    });
+    /** POST /api/providers/:provider/activate — switch AI_PROVIDER + restart. */
+    router.post('/:provider/activate', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger: reqLogger } = res.locals;
+        const providerParam = providerEnum.safeParse(req.params.provider);
+        if (!providerParam.success) {
+            return res.status(400).json({ error: 'Unknown provider.' });
+        }
+        const provider = providerParam.data;
+        try {
+            const cfg = readConfigFile();
+            const key = readProviderKey(cfg, provider);
+            if (!key) {
+                return res.status(400).json({
+                    error: `No API key saved for provider "${provider}". Save a key first, then activate.`,
+                });
+            }
+            cfg.AI_PROVIDER = provider;
+            writeConfigFile(cfg);
+            res.json({
+                provider,
+                activeProvider: provider,
+                restartScheduled: true,
+                message: 'Provider activated. Server will restart shortly to apply the change.',
+            });
+            scheduleDaemonRestart(`activated provider ${provider}`);
+        }
+        catch (err) {
+            reqLogger.error('Error activating provider.', { error: err });
+            res.status(500).json({ error: 'Failed to activate provider.' });
+        }
+    });
+    return router;
+}

package/backend-dist/index.js

@@ -15,6 +15,7 @@ const logger_1 = require("./logger");
 const taskInstructionRoutes_1 = require("./taskInstructionRoutes");
 const scheduledJobRoutes_1 = require("./scheduledJobRoutes");
 const mcpServerRoutes_1 = require("./mcpServerRoutes");
+const aiProviderRoutes_1 = require("./aiProviderRoutes");
 const spawn_1 = require("./workers/spawn");
 const scheduledJobWorkerClient_1 = require("./workers/scheduledJobWorkerClient");
 const config_1 = require("./config");
@@ -36,6 +37,7 @@ app.use('/api/feature', (0, featureRoutes_1.createFeatureRouter)());
 app.use('/api/instructions', (0, taskInstructionRoutes_1.taskInstructionRouter)());
 app.use('/api/scheduled-jobs', (0, scheduledJobRoutes_1.scheduledJobRouter)());
 app.use('/api/mcp-servers', (0, mcpServerRoutes_1.mcpServerRouter)());
+app.use('/api/providers', (0, aiProviderRoutes_1.aiProviderRouter)());
 app.use('/api/agent', (0, agentServer_1.createAgentRouter)());
 app.get('/macos/download', (_req, res) => {
     const dmgPath = path_1.default.join(process.cwd(), 'macOS', 'OmniKeyAI.dmg');
@@ -43,21 +45,25 @@ app.get('/macos/download', (_req, res) => {
         res.status(404).send('File not found.');
         return;
     }
+    let fileSize = 0;
+    try {
+        fileSize = fs_1.default.statSync(dmgPath).size;
+    }
+    catch (_) { }
     res.set({
         'Content-Type': 'application/octet-stream',
         'Content-Disposition': 'attachment; filename="OmniKeyAI.dmg"',
-        'Content-Encoding': 'gzip',
+        ...(fileSize ? { 'Content-Length': String(fileSize) } : {}),
     });
     (0, bucket_adapter_1.incrementDownloadCount)('macos').catch(() => { });
     const fileStream = fs_1.default.createReadStream(dmgPath);
-    const gzip = zlib_1.default.createGzip();
     fileStream.on('error', (err) => {
         logger_1.logger.error('Failed to send OmniKeyAI.dmg for download.', { error: err });
         if (!res.headersSent) {
             res.status(500).send('Unable to download file.');
         }
     });
-    fileStream.pipe(gzip).pipe(res);
+    fileStream.pipe(res);
 });
 // Sparkle appcast feed for macOS updates.
 // This feed uses the existing /macos/download endpoint as the
@@ -181,6 +187,24 @@ app.get('/downloads/stats', async (_req, res) => {
 app.get('/health', (_req, res) => {
     res.json({ status: 'ok' });
 });
+app.get('/install.sh', (_req, res) => {
+    const scriptPath = path_1.default.join(process.cwd(), 'install.sh');
+    if (!fs_1.default.existsSync(scriptPath)) {
+        res.status(404).send('Not found.');
+        return;
+    }
+    res.set('Content-Type', 'text/plain; charset=utf-8');
+    res.sendFile(scriptPath);
+});
+app.get('/install.ps1', (_req, res) => {
+    const scriptPath = path_1.default.join(process.cwd(), 'install.ps1');
+    if (!fs_1.default.existsSync(scriptPath)) {
+        res.status(404).send('Not found.');
+        return;
+    }
+    res.set('Content-Type', 'text/plain; charset=utf-8');
+    res.sendFile(scriptPath);
+});
 app.get('*', (_req, res) => {
     res.sendFile(path_1.default.join(process.cwd(), 'public', 'index.html'));
 });

package/package.json

@@ -4,7 +4,7 @@
     "access": "public",
     "registry": "https://registry.npmjs.org/"
   },
-  "version": "1.6.0",
+  "version": "1.6.1",
   "description": "CLI for onboarding users to Omnikey AI and configuring OPENAI_API_KEY. Use Yarn for install/build.",
   "engines": {
     "node": ">=14.0.0",