switchroom 0.14.60 → 0.14.62

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -49452,8 +49452,8 @@ var {
49452
49452
  } = import__.default;
49453
49453
 
49454
49454
  // src/build-info.ts
49455
- var VERSION = "0.14.60";
49456
- var COMMIT_SHA = "7a03004e";
49455
+ var VERSION = "0.14.62";
49456
+ var COMMIT_SHA = "3967bb6f";
49457
49457
 
49458
49458
  // src/cli/agent.ts
49459
49459
  init_source();
@@ -57732,6 +57732,69 @@ function resolveMicrosoftClientId(configClientId) {
57732
57732
  return { clientId: DEFAULT_MICROSOFT_CLIENT_ID, source: "default" };
57733
57733
  }
57734
57734
 
57735
+ // src/microsoft/scopes.ts
57736
+ var SCOPE_SET_DEFAULT = [
57737
+ "openid",
57738
+ "profile",
57739
+ "email",
57740
+ "offline_access",
57741
+ "User.Read",
57742
+ "Mail.ReadWrite",
57743
+ "Calendars.ReadWrite",
57744
+ "Files.ReadWrite.All"
57745
+ ];
57746
+ var SCOPE_SET_ORG_MODE = [...SCOPE_SET_DEFAULT, "Sites.ReadWrite.All"];
57747
+ function selectMicrosoftScopes(orgMode) {
57748
+ return orgMode ? SCOPE_SET_ORG_MODE : SCOPE_SET_DEFAULT;
57749
+ }
57750
+
57751
+ // src/microsoft/credentials.ts
57752
+ init_oauth2();
57753
+ function buildMicrosoftCredentials(opts) {
57754
+ const { tokens, clientId, accountEmail, fallbackScope } = opts;
57755
+ const now = opts.now ?? Date.now;
57756
+ let tenantId = "";
57757
+ let accountType = "work";
57758
+ let homeAccountId = "";
57759
+ let resolvedEmail = accountEmail;
57760
+ if (tokens.id_token) {
57761
+ const claims = decodeJwtPayloadUnsafe(tokens.id_token);
57762
+ if (claims) {
57763
+ if (typeof claims.tid === "string")
57764
+ tenantId = claims.tid;
57765
+ if (tenantId)
57766
+ accountType = classifyAccountType(tenantId);
57767
+ const home2 = buildHomeAccountId(claims);
57768
+ if (home2)
57769
+ homeAccountId = home2;
57770
+ if (typeof claims.preferred_username === "string") {
57771
+ resolvedEmail = claims.preferred_username.toLowerCase();
57772
+ } else if (typeof claims.email === "string") {
57773
+ resolvedEmail = claims.email.toLowerCase();
57774
+ }
57775
+ }
57776
+ }
57777
+ const emailMismatch = accountEmail.length > 0 && resolvedEmail.toLowerCase() !== accountEmail.toLowerCase();
57778
+ return {
57779
+ credentials: {
57780
+ microsoftOauth: {
57781
+ accessToken: tokens.access_token,
57782
+ refreshToken: tokens.refresh_token ?? "",
57783
+ expiresAt: now() + tokens.expires_in * 1000,
57784
+ scope: tokens.scope ?? fallbackScope,
57785
+ clientId,
57786
+ accountEmail: resolvedEmail,
57787
+ tokenType: "Bearer",
57788
+ tenantId,
57789
+ accountType,
57790
+ homeAccountId
57791
+ }
57792
+ },
57793
+ resolvedEmail,
57794
+ emailMismatch
57795
+ };
57796
+ }
57797
+
57735
57798
  // src/cli/auth-microsoft.ts
57736
57799
  function registerAuthMicrosoftSubcommands(program3, authParent) {
57737
57800
  const microsoft = authParent.command("microsoft").description("Manage Microsoft 365 accounts shared across agents (RFC #1873 \u2014 see docs/rfcs/microsoft-workspace.md)");
@@ -57838,23 +57901,6 @@ function registerList2(microsoftParent, program3) {
57838
57901
  console.log();
57839
57902
  }));
57840
57903
  }
57841
- var SCOPE_SET_DEFAULT = [
57842
- "openid",
57843
- "profile",
57844
- "email",
57845
- "offline_access",
57846
- "User.Read",
57847
- "Mail.ReadWrite",
57848
- "Calendars.ReadWrite",
57849
- "Files.ReadWrite.All"
57850
- ];
57851
- var SCOPE_SET_ORG_MODE = [
57852
- ...SCOPE_SET_DEFAULT,
57853
- "Sites.ReadWrite.All"
57854
- ];
57855
- function selectMicrosoftScopes(orgMode) {
57856
- return orgMode ? SCOPE_SET_ORG_MODE : SCOPE_SET_DEFAULT;
57857
- }
57858
57904
  function registerAccountAdd2(accountParent) {
57859
57905
  accountParent.command("add <account>").description("Mint a Microsoft OAuth refresh token for <account> and register with the auth-broker. Uses desktop-loopback by default (or device-code on headless hosts); both work for personal MSA and work/school. --org-mode also requests Sites.ReadWrite.All (SharePoint).").option("--replace", "Overwrite existing credentials for <account> (default refuses if account already registered)", false).option("--org-mode", "Request the SharePoint scope (Sites.ReadWrite.All) in addition to the default set. Useful for work accounts with SharePoint document libraries. Default is OneDrive-only.", false).action(withConfigError(async (account, opts) => {
57860
57906
  const normalizedAccount = validateAndNormalizeAccountEmail2(account);
@@ -57980,7 +58026,7 @@ function registerAccountAdd2(accountParent) {
57980
58026
  if (!tokens.refresh_token) {
57981
58027
  throw new Error("Microsoft did not return a refresh_token \u2014 ensure `offline_access` is in the consented scope set and try again.");
57982
58028
  }
57983
- const microsoftCreds = buildMicrosoftCredentials({
58029
+ const microsoftCreds = buildMicrosoftCredentials2({
57984
58030
  tokens,
57985
58031
  clientId: clientIdRaw,
57986
58032
  accountEmail: normalizedAccount,
@@ -58095,51 +58141,16 @@ function validateAgentSlugs(agents, config) {
58095
58141
  function pad2(s, width) {
58096
58142
  return s.length >= width ? s : s + " ".repeat(width - s.length);
58097
58143
  }
58098
- function buildMicrosoftCredentials(opts) {
58099
- const { tokens, clientId, accountEmail, fallbackScope } = opts;
58100
- const { decodeJwtPayloadUnsafe: decodeJwtPayloadUnsafe2, classifyAccountType: classifyAccountType2, buildHomeAccountId: buildHomeAccountId2 } = (init_oauth2(), __toCommonJS(exports_oauth2));
58101
- let tenantId = "";
58102
- let accountType = "work";
58103
- let homeAccountId = "";
58104
- let resolvedEmail = accountEmail;
58105
- if (tokens.id_token) {
58106
- const claims = decodeJwtPayloadUnsafe2(tokens.id_token);
58107
- if (claims) {
58108
- if (typeof claims.tid === "string")
58109
- tenantId = claims.tid;
58110
- if (tenantId)
58111
- accountType = classifyAccountType2(tenantId);
58112
- const home2 = buildHomeAccountId2(claims);
58113
- if (home2)
58114
- homeAccountId = home2;
58115
- if (typeof claims.preferred_username === "string") {
58116
- resolvedEmail = claims.preferred_username.toLowerCase();
58117
- } else if (typeof claims.email === "string") {
58118
- resolvedEmail = claims.email.toLowerCase();
58119
- }
58120
- }
58121
- }
58122
- if (resolvedEmail.toLowerCase() !== accountEmail.toLowerCase()) {
58144
+ function buildMicrosoftCredentials2(opts) {
58145
+ const built = buildMicrosoftCredentials(opts);
58146
+ if (built.emailMismatch) {
58123
58147
  console.warn();
58124
- console.warn(` \u26a0 Account argument was '${accountEmail}' but Microsoft authenticated as '${resolvedEmail}'.`);
58125
- console.warn(` The broker will index by '${accountEmail}' (what you typed). If this isn't what`);
58126
- console.warn(` you intended (e.g. a typo), 'switchroom auth microsoft account remove ${accountEmail}' to undo.`);
58148
+ console.warn(` \u26a0 Account argument was '${opts.accountEmail}' but Microsoft authenticated as '${built.resolvedEmail}'.`);
58149
+ console.warn(` The broker will index by '${opts.accountEmail}' (what you typed). If this isn't what`);
58150
+ console.warn(` you intended (e.g. a typo), 'switchroom auth microsoft account remove ${opts.accountEmail}' to undo.`);
58127
58151
  console.warn();
58128
58152
  }
58129
- return {
58130
- microsoftOauth: {
58131
- accessToken: tokens.access_token,
58132
- refreshToken: tokens.refresh_token ?? "",
58133
- expiresAt: Date.now() + tokens.expires_in * 1000,
58134
- scope: tokens.scope ?? fallbackScope,
58135
- clientId,
58136
- accountEmail: resolvedEmail,
58137
- tokenType: "Bearer",
58138
- tenantId,
58139
- accountType,
58140
- homeAccountId
58141
- }
58142
- };
58153
+ return built.credentials;
58143
58154
  }
58144
58155
  async function readHiddenLine2(prompt) {
58145
58156
  const readline = await import("node:readline");
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "switchroom",
3
- "version": "0.14.60",
3
+ "version": "0.14.62",
4
4
  "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
5
5
  "type": "module",
6
6
  "bin": {