npm - styrby-cli - Versions diffs - 0.1.0-beta.2 → 0.1.0-beta.3 - Mend

styrby-cli 0.1.0-beta.2 → 0.1.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.js CHANGED Viewed

@@ -17264,22 +17264,22 @@ var require_nacl_fast = __commonJS({
         randombytes = fn;
       };
       (function() {
-        var crypto4 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
-        if (crypto4 && crypto4.getRandomValues) {
+        var crypto3 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
+        if (crypto3 && crypto3.getRandomValues) {
           var QUOTA = 65536;
           nacl2.setPRNG(function(x, n) {
             var i, v = new Uint8Array(n);
             for (i = 0; i < n; i += QUOTA) {
-              crypto4.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
+              crypto3.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
             }
             for (i = 0; i < n; i++) x[i] = v[i];
             cleanup(v);
           });
         } else if (typeof __require !== "undefined") {
-          crypto4 = __require("crypto");
-          if (crypto4 && crypto4.randomBytes) {
+          crypto3 = __require("crypto");
+          if (crypto3 && crypto3.randomBytes) {
             nacl2.setPRNG(function(x, n) {
-              var i, v = crypto4.randomBytes(n);
+              var i, v = crypto3.randomBytes(n);
               for (i = 0; i < n; i++) x[i] = v[i];
               cleanup(v);
             });
@@ -22449,101 +22449,51 @@ var init_local_server = __esm({
 });
 // src/auth/browser-auth.ts
-import * as crypto2 from "node:crypto";
-function generatePKCE() {
-  const verifierBytes = crypto2.randomBytes(32);
-  const verifier = verifierBytes.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-  const hash = crypto2.createHash("sha256").update(verifier).digest();
-  const challenge = hash.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-  return {
-    verifier,
-    challenge,
-    method: "S256"
-  };
-}
-function generateState() {
-  return crypto2.randomBytes(16).toString("base64url");
-}
-function buildAuthUrl(supabaseUrl, redirectUri, pkce, state, provider) {
-  const params = new URLSearchParams({
-    redirect_to: redirectUri,
-    code_challenge: pkce.challenge,
-    code_challenge_method: pkce.method,
-    state
-  });
-  if (provider) {
-    params.set("provider", provider);
-  }
-  return `${supabaseUrl}/auth/v1/authorize?${params.toString()}`;
-}
-function buildTokenUrl(supabaseUrl) {
-  return `${supabaseUrl}/auth/v1/token`;
-}
-async function exchangeCodeForTokens(supabaseUrl, code, verifier, redirectUri) {
-  const tokenUrl = buildTokenUrl(supabaseUrl);
-  const body = new URLSearchParams({
-    grant_type: "authorization_code",
-    code,
-    code_verifier: verifier,
-    redirect_uri: redirectUri
-  });
-  try {
-    const response = await fetch(tokenUrl, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/x-www-form-urlencoded"
-      },
-      body: body.toString()
-    });
-    if (!response.ok) {
-      const errorText = await response.text();
-      logger.debug("Token exchange failed", { status: response.status, error: errorText });
-      throw new AuthError(
-        "invalid_code",
-        `Token exchange failed: ${response.status} ${response.statusText}`
-      );
-    }
-    const data = await response.json();
-    return {
-      accessToken: data.access_token,
-      refreshToken: data.refresh_token,
-      expiresIn: data.expires_in,
-      tokenType: data.token_type,
-      user: {
-        id: data.user?.id || "",
-        email: data.user?.email,
-        name: data.user?.user_metadata?.full_name || data.user?.user_metadata?.name,
-        avatarUrl: data.user?.user_metadata?.avatar_url
-      }
-    };
-  } catch (error40) {
-    if (error40 instanceof AuthError) {
-      throw error40;
-    }
-    throw new AuthError(
-      "network_error",
-      "Failed to exchange authorization code for tokens",
-      error40
-    );
-  }
-}
 async function startBrowserAuth(options) {
-  const { supabaseUrl, provider = "github", timeout = 12e4, skipBrowser = false } = options;
-  const pkce = generatePKCE();
-  const state = generateState();
+  const {
+    supabaseUrl,
+    supabaseAnonKey,
+    provider = "github",
+    timeout = 12e4,
+    skipBrowser = false
+  } = options;
   logger.debug("Starting browser auth", { provider, supabaseUrl });
   const server = await startAuthCallbackServer({ timeout });
   const redirectUri = server.callbackUrl;
   logger.debug("Callback server started", { redirectUri, port: server.port });
-  const authUrl = buildAuthUrl(supabaseUrl, redirectUri, pkce, state, provider);
+  const supabase = createClient(supabaseUrl, supabaseAnonKey || "dummy", {
+    auth: {
+      persistSession: false,
+      autoRefreshToken: false,
+      detectSessionInUrl: false,
+      flowType: "pkce"
+    }
+  });
+  const { data, error: oauthError } = await supabase.auth.signInWithOAuth({
+    provider,
+    options: {
+      redirectTo: redirectUri,
+      skipBrowserRedirect: true
+      // We handle browser opening ourselves
+    }
+  });
+  if (oauthError || !data?.url) {
+    await server.close();
+    throw new AuthError(
+      "server_error",
+      `Failed to create auth URL: ${oauthError?.message || "No URL returned"}`
+    );
+  }
+  const authUrl = data.url;
+  logger.debug("Auth URL generated by Supabase client", { authUrl, redirectUri });
   if (!skipBrowser) {
     logger.info("Opening browser for authentication...");
-    console.log("\n  Please sign in with your Styrby account.\n");
+    console.log("\n  Sign in with GitHub to get started.\n");
     try {
       await open_default(authUrl);
-    } catch (error40) {
+    } catch {
       console.log("  Could not open browser automatically.");
-      console.log("  Please open this URL manually:\n");
+      console.log("  Please open this URL in your browser:\n");
       console.log(`  ${authUrl}
 `);
     }
@@ -22554,12 +22504,6 @@ async function startBrowserAuth(options) {
   } finally {
     await server.close();
   }
-  if (callbackResult.state !== state) {
-    throw new AuthError(
-      "server_error",
-      "State mismatch - possible CSRF attack or stale auth flow"
-    );
-  }
   if (callbackResult.error) {
     throw new AuthError(
       "server_error",
@@ -22569,20 +22513,36 @@ async function startBrowserAuth(options) {
   if (!callbackResult.code) {
     throw new AuthError("server_error", "No authorization code received");
   }
-  logger.debug("Received authorization code, exchanging for tokens");
-  const result = await exchangeCodeForTokens(
-    supabaseUrl,
-    callbackResult.code,
-    pkce.verifier,
-    redirectUri
+  logger.debug("Received authorization code, exchanging for session");
+  const { data: sessionData, error: sessionError } = await supabase.auth.exchangeCodeForSession(
+    callbackResult.code
   );
-  logger.debug("Authentication successful", { userId: result.user.id });
-  return result;
+  if (sessionError || !sessionData?.session) {
+    throw new AuthError(
+      "invalid_code",
+      `Token exchange failed: ${sessionError?.message || "No session returned"}`
+    );
+  }
+  const { session } = sessionData;
+  logger.debug("Authentication successful", { userId: session.user.id });
+  return {
+    accessToken: session.access_token,
+    refreshToken: session.refresh_token,
+    expiresIn: session.expires_in ?? 3600,
+    tokenType: session.token_type ?? "bearer",
+    user: {
+      id: session.user.id,
+      email: session.user.email,
+      name: session.user.user_metadata?.full_name || session.user.user_metadata?.name,
+      avatarUrl: session.user.user_metadata?.avatar_url
+    }
+  };
 }
 var AuthError;
 var init_browser_auth = __esm({
   "src/auth/browser-auth.ts"() {
     init_open();
+    init_dist4();
     init_logger();
     init_local_server();
     AuthError = class extends Error {
@@ -22596,17 +22556,12 @@ var init_browser_auth = __esm({
         __name(this, "AuthError");
       }
     };
-    __name(generatePKCE, "generatePKCE");
-    __name(generateState, "generateState");
-    __name(buildAuthUrl, "buildAuthUrl");
-    __name(buildTokenUrl, "buildTokenUrl");
-    __name(exchangeCodeForTokens, "exchangeCodeForTokens");
     __name(startBrowserAuth, "startBrowserAuth");
   }
 });
 // src/auth/machine-registration.ts
-import * as crypto3 from "node:crypto";
+import * as crypto2 from "node:crypto";
 import * as os5 from "node:os";
 function generateMachineFingerprint() {
   const components = [
@@ -22615,10 +22570,10 @@ function generateMachineFingerprint() {
     process.platform,
     os5.homedir()
   ].join(":");
-  return crypto3.createHash("sha256").update(components).digest("hex");
+  return crypto2.createHash("sha256").update(components).digest("hex");
 }
 function generateMachineId() {
-  return crypto3.randomUUID();
+  return crypto2.randomUUID();
 }
 function getMachineName() {
   return os5.hostname();
@@ -22640,7 +22595,7 @@ async function registerMachine(supabase, userId, existingMachineId) {
     platform: platform3
   });
   try {
-    const { data: existing, error: selectError } = await supabase.from("machines").select("id, fingerprint, name, platform, created_at").eq("user_id", userId).eq("fingerprint", fingerprint).single();
+    const { data: existing, error: selectError } = await supabase.from("machines").select("id, machine_fingerprint, name, platform, created_at").eq("user_id", userId).eq("machine_fingerprint", fingerprint).single();
     if (selectError && selectError.code !== "PGRST116") {
       throw new MachineRegistrationError(
         `Failed to check existing machine: ${selectError.message}`,
@@ -22663,7 +22618,7 @@ async function registerMachine(supabase, userId, existingMachineId) {
         isNew: false,
         machine: {
           machineId: existing.id,
-          fingerprint: existing.fingerprint,
+          fingerprint: existing.machine_fingerprint,
           machineName: existing.name || machineName,
           platform: existing.platform || platform3,
           platformVersion
@@ -22676,14 +22631,14 @@ async function registerMachine(supabase, userId, existingMachineId) {
     const { data: inserted, error: insertError } = await supabase.from("machines").insert({
       id: machineId,
       user_id: userId,
-      fingerprint,
+      machine_fingerprint: fingerprint,
       name: machineName,
       platform: platform3,
       platform_version: platformVersion,
       is_online: true,
       last_seen_at: now,
       created_at: now
-    }).select("id, fingerprint, name, platform, created_at").single();
+    }).select("id, machine_fingerprint, name, platform, created_at").single();
     if (insertError) {
       if (insertError.code === "23505") {
         return registerMachine(supabase, userId, existingMachineId);
@@ -22698,7 +22653,7 @@ async function registerMachine(supabase, userId, existingMachineId) {
       isNew: true,
       machine: {
         machineId: inserted.id,
-        fingerprint: inserted.fingerprint,
+        fingerprint: inserted.machine_fingerprint,
         machineName: inserted.name || machineName,
         platform: inserted.platform || platform3,
         platformVersion
@@ -22797,11 +22752,12 @@ function displayPreflightChecks(checks) {
 }
 async function runAuthentication(options) {
   console.log(source_default.bold("\n  [2/6] Opening browser for authentication..."));
-  console.log("        Please sign in with your Styrby account.");
+  console.log("        Sign in with GitHub to create your account.");
   console.log(source_default.dim("        Waiting for authentication..."));
   try {
     const result = await startBrowserAuth({
       supabaseUrl: SUPABASE_URL,
+      supabaseAnonKey: SUPABASE_ANON_KEY,
       provider: "github",
       timeout: options.timeout || 12e4
     });
@@ -42568,7 +42524,7 @@ var init_package = __esm({
   "package.json"() {
     package_default = {
       name: "styrby-cli",
-      version: "0.1.0-beta.2",
+      version: "0.1.0-beta.3",
       description: "Mobile remote control for AI coding agents. Control Claude Code, Codex, Gemini, and OpenCode from your phone.",
       author: {
         name: "Steel Motion LLC",
@@ -46365,7 +46321,7 @@ async function handleAuth() {
 async function handlePair() {
   const qrcode2 = await Promise.resolve().then(() => __toESM(require_main4(), 1));
   const os6 = await import("os");
-  const crypto4 = await import("crypto");
+  const crypto3 = await import("crypto");
   const { createClient: createClient2 } = await Promise.resolve().then(() => (init_dist4(), dist_exports));
   const chalk2 = (await Promise.resolve().then(() => (init_source(), source_exports))).default;
   const { encodePairingUrl: encodePairingUrl2, generatePairingToken: generatePairingToken2, PAIRING_EXPIRY_MINUTES: PAIRING_EXPIRY_MINUTES2, createRelayClient: createRelayClient2 } = await Promise.resolve().then(() => (init_src(), src_exports));
@@ -46375,7 +46331,7 @@ async function handlePair() {
     logger.error('Not authenticated. Please run "styrby onboard" first.');
     process.exit(1);
   }
-  const machineId = data.machineId || `machine_${crypto4.randomUUID()}`;
+  const machineId = data.machineId || `machine_${crypto3.randomUUID()}`;
   const deviceName = os6.hostname();
   const token = generatePairingToken2();
   const { config: config3 } = await Promise.resolve().then(() => (init_env(), env_exports));
@@ -46972,7 +46928,7 @@ var init_index = __esm({
   "src/index.ts"() {
     init_logger();
     init_AgentRegistry();
-    VERSION = "0.1.0-beta.2";
+    VERSION = "0.1.0-beta.3";
     __name(main, "main");
     __name(handleStop2, "handleStop");
     __name(handleLogs2, "handleLogs");