opensoma 0.7.0 → 0.9.0

package/src/commands/helpers.test.ts

@@ -2,8 +2,6 @@ import { describe, expect, it } from 'bun:test'
 
 import { createAuthenticatedHttp } from './helpers'
 
-const noBrowserExtraction = async () => null
-
 describe('createAuthenticatedHttp', () => {
   it('throws a login hint when no credentials are stored', async () => {
     const manager = {
@@ -11,12 +9,10 @@ describe('createAuthenticatedHttp', () => {
       clearSessionState: async () => {},
     }
 
-    await expect(createAuthenticatedHttp(manager)).rejects.toThrow(
-      'Not logged in. Run: opensoma auth login or opensoma auth extract',
-    )
+    await expect(createAuthenticatedHttp(manager)).rejects.toThrow('Not logged in. Run: opensoma auth login')
   })
 
-  it('clears only session state (not username/password) when both recovery methods fail', async () => {
+  it('clears only session state (not username/password) when re-login fails', async () => {
     let cleared = false
     const manager = {
       getCredentials: async () => ({
@@ -33,15 +29,13 @@ describe('createAuthenticatedHttp', () => {
       },
     }
 
-    await expect(
-      createAuthenticatedHttp(manager, () => ({ checkLogin: async () => null }), undefined, noBrowserExtraction),
-    ).rejects.toThrow(
-      'Session expired. Run: opensoma auth login or opensoma auth extract (saved id/password were preserved)',
+    await expect(createAuthenticatedHttp(manager, () => ({ checkLogin: async () => null }))).rejects.toThrow(
+      'Session expired. Run: opensoma auth login (saved id/password were preserved)',
     )
     expect(cleared).toBe(true)
   })
 
-  it('preserves stored id/password on disk when session expires and recovery fails', async () => {
+  it('preserves stored id/password on disk when session expires and re-login fails', async () => {
     const { CredentialManager } = await import('../credential-manager')
     const { mkdtemp, rm } = await import('node:fs/promises')
     const { tmpdir } = await import('node:os')
@@ -70,7 +64,6 @@ describe('createAuthenticatedHttp', () => {
             getSessionCookie: () => null,
             getCsrfToken: () => null,
           }),
-          noBrowserExtraction,
         ),
       ).rejects.toThrow('Session expired')
 
@@ -160,108 +153,4 @@ describe('createAuthenticatedHttp', () => {
       tozPhone: '010-1234-5678',
     })
   })
-
-  it('recovers via browser extraction when no stored password is available', async () => {
-    let savedCredentials: Record<string, unknown> | null = null
-    const manager = {
-      getCredentials: async () => ({
-        sessionCookie: 'stale-session',
-        csrfToken: 'stale-csrf',
-      }),
-      setCredentials: async (credentials: Record<string, unknown>) => {
-        savedCredentials = credentials
-      },
-      clearSessionState: async () => {
-        throw new Error('should not clear session state when browser extraction succeeds')
-      },
-    }
-    const recoveredHttp = {
-      checkLogin: async () => ({ userId: 'mentor@example.com', userNm: 'Mentor One' }),
-    }
-
-    const result = await createAuthenticatedHttp(
-      manager,
-      (credentials) => {
-        if (credentials.sessionCookie === 'browser-session') return recoveredHttp
-        return { checkLogin: async () => null }
-      },
-      undefined,
-      async () => ({ sessionCookie: 'browser-session', csrfToken: 'browser-csrf' }),
-    )
-
-    expect(result).toBe(recoveredHttp)
-    expect(savedCredentials).toMatchObject({
-      sessionCookie: 'browser-session',
-      csrfToken: 'browser-csrf',
-    })
-    expect(savedCredentials).toHaveProperty('loggedInAt')
-  })
-
-  it('falls back to browser extraction when password re-login fails', async () => {
-    let savedCredentials: Record<string, unknown> | null = null
-    const manager = {
-      getCredentials: async () => ({
-        sessionCookie: 'stale-session',
-        csrfToken: 'stale-csrf',
-        username: 'mentor@example.com',
-        password: 'wrong-password',
-      }),
-      setCredentials: async (credentials: Record<string, unknown>) => {
-        savedCredentials = credentials
-      },
-      clearSessionState: async () => {
-        throw new Error('should not clear session state when browser extraction succeeds')
-      },
-    }
-    const recoveredHttp = {
-      checkLogin: async () => ({ userId: 'mentor@example.com', userNm: 'Mentor One' }),
-    }
-
-    const result = await createAuthenticatedHttp(
-      manager,
-      (credentials) => {
-        if (credentials.sessionCookie === 'browser-session') return recoveredHttp
-        return { checkLogin: async () => null }
-      },
-      () => ({
-        login: async () => {
-          throw new Error('wrong password')
-        },
-        checkLogin: async () => null,
-        getSessionCookie: () => null,
-        getCsrfToken: () => null,
-      }),
-      async () => ({ sessionCookie: 'browser-session', csrfToken: 'browser-csrf' }),
-    )
-
-    expect(result).toBe(recoveredHttp)
-    expect(savedCredentials).toMatchObject({
-      sessionCookie: 'browser-session',
-      csrfToken: 'browser-csrf',
-    })
-  })
-
-  it('skips browser extraction when no credentials exist', async () => {
-    let browserExtractionCalled = false
-    const manager = {
-      getCredentials: async () => null,
-      setCredentials: async () => {
-        throw new Error('should not save')
-      },
-      clearSessionState: async () => {},
-    }
-
-    await expect(
-      createAuthenticatedHttp(
-        manager,
-        () => ({ checkLogin: async () => null }),
-        undefined,
-        async () => {
-          browserExtractionCalled = true
-          return { sessionCookie: 's', csrfToken: 'c' }
-        },
-      ),
-    ).rejects.toThrow('Not logged in')
-    expect(browserExtractionCalled).toBe(false)
-  })
 })

package/src/commands/helpers.ts

@@ -1,42 +1,29 @@
 import { CredentialManager } from '../credential-manager'
 import { SomaHttp } from '../http'
 import { recoverSession } from '../session-recovery'
-import * as stderr from '../shared/utils/stderr'
 import type { Credentials } from '../types'
 
 type CredentialStore = Pick<CredentialManager, 'clearSessionState' | 'getCredentials' | 'setCredentials'>
 type AuthenticatedHttp = Pick<SomaHttp, 'checkLogin'>
 type ReloginHttp = Pick<SomaHttp, 'checkLogin' | 'getCsrfToken' | 'getSessionCookie' | 'login'>
-type BrowserExtractor = () => Promise<{ csrfToken: string; sessionCookie: string } | null>
 
-const NOT_LOGGED_IN_MESSAGE = 'Not logged in. Run: opensoma auth login or opensoma auth extract'
-const STALE_SESSION_MESSAGE =
-  'Session expired. Run: opensoma auth login or opensoma auth extract (saved id/password were preserved)'
+const NOT_LOGGED_IN_MESSAGE = 'Not logged in. Run: opensoma auth login'
+const STALE_SESSION_MESSAGE = 'Session expired. Run: opensoma auth login (saved id/password were preserved)'
 
 function defaultCreateHttp(credentials: Credentials): SomaHttp {
   return new SomaHttp({ sessionCookie: credentials.sessionCookie, csrfToken: credentials.csrfToken })
 }
 
-async function defaultExtractBrowserCredentials(): Promise<{ csrfToken: string; sessionCookie: string } | null> {
-  const { TokenExtractor } = await import('../token-extractor')
-  const { resolveExtractedCredentials } = await import('./auth')
-  const candidates = await new TokenExtractor().extractCandidates()
-  if (candidates.length === 0) return null
-  return resolveExtractedCredentials(candidates)
-}
-
 export function createAuthenticatedHttp(): Promise<SomaHttp>
 export function createAuthenticatedHttp<T extends AuthenticatedHttp>(
   manager: CredentialStore,
   createHttp: (credentials: Credentials) => T,
   createReloginHttp?: () => ReloginHttp,
-  recoverViaBrowser?: BrowserExtractor,
 ): Promise<T>
 export async function createAuthenticatedHttp<T extends AuthenticatedHttp>(
   manager: CredentialStore = new CredentialManager(),
   createHttp?: (credentials: Credentials) => T,
   createReloginHttp: () => ReloginHttp = () => new SomaHttp(),
-  recoverViaBrowser: BrowserExtractor = defaultExtractBrowserCredentials,
 ): Promise<SomaHttp | T> {
   const creds = await manager.getCredentials()
   if (!creds) {
@@ -52,26 +39,7 @@ export async function createAuthenticatedHttp<T extends AuthenticatedHttp>(
       if (refreshedCredentials) {
         return createHttp ? createHttp(refreshedCredentials) : defaultCreateHttp(refreshedCredentials)
       }
-    } catch {
-      // Password recovery failed — try browser extraction next
-    }
-
-    try {
-      stderr.info('Session expired. Attempting browser token extraction...')
-      const extracted = await recoverViaBrowser()
-      if (extracted) {
-        const browserCredentials: Credentials = {
-          sessionCookie: extracted.sessionCookie,
-          csrfToken: extracted.csrfToken,
-          loggedInAt: new Date().toISOString(),
-        }
-        await manager.setCredentials(browserCredentials)
-        stderr.info('Browser token extraction successful.')
-        return createHttp ? createHttp(browserCredentials) : defaultCreateHttp(browserCredentials)
-      }
-    } catch {
-      // Browser extraction also failed
-    }
+    } catch {}
 
     await manager.clearSessionState()
     throw new Error(STALE_SESSION_MESSAGE)

package/src/commands/team.ts

@@ -49,7 +49,7 @@ async function runTeamAction(params: {
   try {
     const http = await getHttpOrExit()
     const user = await http.checkLogin()
-    if (!user) throw new Error('Not logged in. Run: opensoma auth login or opensoma auth extract')
+    if (!user) throw new Error('Not logged in. Run: opensoma auth login')
     if (!user.userNo) throw new Error('현재 사용자의 userNo를 확인할 수 없습니다.')
 
     const response = await http.postJson<{ resultCode?: string }>(

package/src/credential-manager.ts

@@ -1,9 +1,9 @@
 import { createCipheriv, createDecipheriv, randomBytes } from 'node:crypto'
 import { existsSync } from 'node:fs'
 import { chmod, mkdir, readFile, rm, writeFile } from 'node:fs/promises'
-import { homedir } from 'node:os'
 import { join } from 'node:path'
 
+import { getConfigDir } from './shared/utils/config-dir'
 import type { Credentials } from './types'
 
 interface EncryptedSecret {
@@ -26,7 +26,7 @@ export class CredentialManager {
   private encryptionKeyPath: string
 
   constructor(configDir?: string) {
-    this.configDir = configDir ?? join(homedir(), '.config', 'opensoma')
+    this.configDir = configDir ?? getConfigDir()
     this.credentialsPath = join(this.configDir, 'credentials.json')
     this.encryptionKeyPath = join(this.configDir, 'credentials.key')
   }

package/src/errors.ts

@@ -1,9 +1,5 @@
-/**
- * Error thrown when authentication is required but not valid.
- * Provides a clear message indicating the need to authenticate.
- */
 export class AuthenticationError extends Error {
-  constructor(message = 'Authentication required. Please login with: opensoma auth login or opensoma auth extract') {
+  constructor(message = 'Authentication required. Please login with: opensoma auth login') {
     super(message)
     this.name = 'AuthenticationError'
   }

package/src/shared/utils/config-dir.test.ts

@@ -0,0 +1,41 @@
+import { afterEach, beforeEach, describe, expect, it } from 'bun:test'
+import { homedir } from 'node:os'
+import { join } from 'node:path'
+
+import { CONFIG_DIR_ENV_VAR, getConfigDir } from './config-dir'
+
+let originalValue: string | undefined
+
+beforeEach(() => {
+  originalValue = process.env[CONFIG_DIR_ENV_VAR]
+  delete process.env[CONFIG_DIR_ENV_VAR]
+})
+
+afterEach(() => {
+  if (originalValue === undefined) {
+    delete process.env[CONFIG_DIR_ENV_VAR]
+  } else {
+    process.env[CONFIG_DIR_ENV_VAR] = originalValue
+  }
+})
+
+describe('getConfigDir', () => {
+  it('falls back to ~/.config/opensoma when env var is unset', () => {
+    expect(getConfigDir()).toBe(join(homedir(), '.config', 'opensoma'))
+  })
+
+  it('returns OPENSOMA_CONFIG_DIR when set', () => {
+    process.env[CONFIG_DIR_ENV_VAR] = '/custom/config/path'
+    expect(getConfigDir()).toBe('/custom/config/path')
+  })
+
+  it('falls back to default when env var is empty string', () => {
+    process.env[CONFIG_DIR_ENV_VAR] = ''
+    expect(getConfigDir()).toBe(join(homedir(), '.config', 'opensoma'))
+  })
+
+  it('preserves relative paths verbatim', () => {
+    process.env[CONFIG_DIR_ENV_VAR] = './local-config'
+    expect(getConfigDir()).toBe('./local-config')
+  })
+})

package/src/shared/utils/config-dir.ts

@@ -0,0 +1,20 @@
+import { homedir } from 'node:os'
+import { join } from 'node:path'
+
+export const CONFIG_DIR_ENV_VAR = 'OPENSOMA_CONFIG_DIR'
+
+/**
+ * Resolves the directory used to persist opensoma state (credentials, pending
+ * reservations, etc.).
+ *
+ * Resolution order:
+ *   1. `OPENSOMA_CONFIG_DIR` environment variable (if set and non-empty)
+ *   2. `~/.config/opensoma`
+ */
+export function getConfigDir(): string {
+  const fromEnv = process.env[CONFIG_DIR_ENV_VAR]
+  if (fromEnv && fromEnv.length > 0) {
+    return fromEnv
+  }
+  return join(homedir(), '.config', 'opensoma')
+}

package/src/toz-pending-store.ts

@@ -1,8 +1,9 @@
 import { existsSync } from 'node:fs'
 import { mkdir, readFile, rename, rm, writeFile } from 'node:fs/promises'
-import { homedir } from 'node:os'
 import { dirname, join } from 'node:path'
 
+import { getConfigDir } from './shared/utils/config-dir'
+
 export interface TozPendingReservation {
   reservationId: string
   cookies: Record<string, string>
@@ -30,7 +31,7 @@ export class TozPendingStore {
   private readonly path: string
 
   constructor(configDir?: string) {
-    const dir = configDir ?? join(homedir(), '.config', 'opensoma')
+    const dir = configDir ?? getConfigDir()
     this.path = join(dir, 'toz-pending.json')
   }
 

package/dist/src/token-extractor.d.ts

@@ -1,43 +0,0 @@
-type BrowserConfig = {
-    name: string;
-    macPath: string;
-    linuxPath: string;
-    keychainService: string;
-    keychainAccount: string;
-};
-export interface ExtractedSessionCandidate {
-    browser: string;
-    lastAccessUtc: number;
-    profile: string;
-    sessionCookie: string;
-}
-export declare const BROWSERS: BrowserConfig[];
-export type TokenExtractorOptions = {
-    platform?: NodeJS.Platform;
-    homeDirectory?: string;
-    debug?: boolean;
-};
-export declare class TokenExtractor {
-    private readonly platform;
-    private readonly homeDirectory;
-    private readonly debugEnabled;
-    constructor(options?: TokenExtractorOptions);
-    constructor(platform?: NodeJS.Platform, homeDirectory?: string, debug?: boolean);
-    private log;
-    extract(): Promise<{
-        sessionCookie: string;
-    } | null>;
-    extractCandidates(): Promise<ExtractedSessionCandidate[]>;
-    findCookieDatabases(): string[];
-    private decryptCookie;
-    private getMacOSEncryptionKey;
-    private decryptChromiumValue;
-    private getBrowserByPath;
-    private addCandidate;
-    private findBrowserCookieDatabases;
-    private getBrowserRoot;
-    private isSupportedProfileDirectory;
-    private normalizeLastAccessUtc;
-}
-export {};
-//# sourceMappingURL=token-extractor.d.ts.map

package/dist/src/token-extractor.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"token-extractor.d.ts","sourceRoot":"","sources":["../../src/token-extractor.ts"],"names":[],"mappings":"AAeA,KAAK,aAAa,GAAG;IACnB,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,eAAe,EAAE,MAAM,CAAA;IACvB,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAQD,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;IACf,aAAa,EAAE,MAAM,CAAA;CACtB;AAED,eAAO,MAAM,QAAQ,EAAE,aAAa,EA2CnC,CAAA;AA+CD,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAA;IAC1B,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB,CAAA;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAQ;IACtC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;gBAE1B,OAAO,CAAC,EAAE,qBAAqB;gBAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO;IAa/E,OAAO,CAAC,GAAG;IAML,OAAO,IAAI,OAAO,CAAC;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IAWpD,iBAAiB,IAAI,OAAO,CAAC,yBAAyB,EAAE,CAAC;IAsE/D,mBAAmB,IAAI,MAAM,EAAE;YAQjB,aAAa;YAqBb,qBAAqB;IAanC,OAAO,CAAC,oBAAoB;IAkB5B,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,YAAY;IAOpB,OAAO,CAAC,0BAA0B;IAmBlC,OAAO,CAAC,cAAc;IAYtB,OAAO,CAAC,2BAA2B;IAInC,OAAO,CAAC,sBAAsB;CAO/B"}