npm - termbeam - Versions diffs - 1.17.8 → 1.18.1 - Mend

termbeam 1.17.8 → 1.18.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (60) hide show

package/src/tunnel/index.js CHANGED Viewed

@@ -21,19 +21,77 @@ let restartAttempts = 0;
 let isRestarting = false;
 let restartTimer = null;
+// --- Auth-wait state ---
+let waitingForAuth = false;
+let authCheckInterval = null;
+let expiryWarned = false;
 const HEALTH_CHECK_INTERVAL = 30_000; // 30s between checks
 const HEALTH_CHECK_GRACE = 2; // 2 consecutive failures before restart
 const MAX_RESTART_ATTEMPTS = 10;
 const BACKOFF_DELAYS = [1000, 2000, 5000, 10_000, 15_000, 30_000]; // then stays at 30s
+const AUTH_CHECK_INTERVAL = 30_000; // 30s between auth re-checks
+const TOKEN_EXPIRY_WARN_SECONDS = 3600; // warn at 1 hour remaining
+const AUTH_ERROR_PATTERNS = ['login required', 'not logged in', 'sign in required'];
 const SAFE_ID_RE = /^[a-zA-Z0-9._-]+$/;
 const DEVICE_CODE_INITIAL_TIMEOUT = 15000;
 const DEVICE_CODE_AUTH_TIMEOUT = 120000;
+function isAuthError(message) {
+  const lower = (message || '').toLowerCase();
+  return AUTH_ERROR_PATTERNS.some((p) => lower.includes(p));
+}
+function isLoggedIn() {
+  try {
+    const out = execFileSync(devtunnelCmd, ['user', 'show'], {
+      encoding: 'utf-8',
+      stdio: ['pipe', 'pipe', 'pipe'],
+      timeout: 10_000,
+    });
+    return out && !out.toLowerCase().includes('not logged in');
+  } catch {
+    return false;
+  }
+}
+function getLoginInfo() {
+  try {
+    const out = execFileSync(devtunnelCmd, ['user', 'show', '-v'], {
+      encoding: 'utf-8',
+      stdio: ['pipe', 'pipe', 'pipe'],
+      timeout: 10_000,
+    });
+    return parseLoginInfo(out);
+  } catch {
+    return null;
+  }
+}
+function parseLoginInfo(output) {
+  if (!output || output.toLowerCase().includes('not logged in')) return null;
+  let provider = 'unknown';
+  if (output.toLowerCase().includes('github')) provider = 'github';
+  else if (output.toLowerCase().includes('microsoft')) provider = 'microsoft';
+  // Parse "Token lifetime: H:MM:SS" from verbose output
+  let tokenLifetimeSeconds = null;
+  const ltMatch = output.match(/Token lifetime:\s*(\d+):(\d+):(\d+)/);
+  if (ltMatch) {
+    tokenLifetimeSeconds =
+      parseInt(ltMatch[1], 10) * 3600 + parseInt(ltMatch[2], 10) * 60 + parseInt(ltMatch[3], 10);
+  }
+  return { provider, tokenLifetimeSeconds };
+}
 function deviceCodeLogin(cmd) {
   return new Promise((resolve, reject) => {
-    const proc = spawn(cmd, ['user', 'login', '-d'], {
+    const proc = spawn(cmd, ['user', 'login', '-e', '-d'], {
       stdio: ['inherit', 'pipe', 'pipe'],
     });
@@ -152,7 +210,7 @@ let isPersisted = false;
 // --- Watchdog: health check & auto-restart ---
 function checkTunnelHealth() {
-  if (!tunnelId || !tunnelProc || isRestarting) return;
+  if (!tunnelId || !tunnelProc || isRestarting || waitingForAuth) return;
   const abortCtrl = new AbortController();
   const timer = setTimeout(() => abortCtrl.abort(), 10_000);
@@ -165,6 +223,20 @@ function checkTunnelHealth() {
       clearTimeout(timer);
       if (err) {
+        // Auth errors are handled separately — no restart countdown
+        if (isAuthError(err.message) || isAuthError(err.stderr)) {
+          handleAuthExpiration();
+          return;
+        }
+        // "Tunnel not found" can mean the user's auth expired (CLI can't
+        // query the tunnel without valid credentials). Check login status
+        // to distinguish from a genuinely deleted tunnel.
+        if (!isLoggedIn()) {
+          handleAuthExpiration();
+          return;
+        }
         consecutiveFailures++;
         log.warn(
           `Tunnel health check error: ${err.message} (${consecutiveFailures}/${HEALTH_CHECK_GRACE})`,
@@ -193,6 +265,9 @@ function checkTunnelHealth() {
           log.info(`Tunnel health restored (${hostConns} host connection(s))`);
         }
         consecutiveFailures = 0;
+        // Check token expiry while tunnel is healthy
+        checkTokenExpiry();
         return;
       }
@@ -209,6 +284,24 @@ function checkTunnelHealth() {
   );
 }
+function checkTokenExpiry() {
+  const info = getLoginInfo();
+  if (!info || info.tokenLifetimeSeconds === null) return;
+  const remaining = info.tokenLifetimeSeconds;
+  if (remaining <= TOKEN_EXPIRY_WARN_SECONDS && !expiryWarned) {
+    expiryWarned = true;
+    const minutes = Math.round(remaining / 60);
+    log.warn(`DevTunnel token expires in ${minutes}m (will auto-refresh)`);
+  } else if (remaining > TOKEN_EXPIRY_WARN_SECONDS && expiryWarned) {
+    expiryWarned = false;
+    log.info('DevTunnel token was auto-refreshed');
+  } else if (remaining > TOKEN_EXPIRY_WARN_SECONDS) {
+    expiryWarned = false;
+  }
+}
 function startHealthCheck() {
   stopHealthCheck();
   consecutiveFailures = 0;
@@ -226,30 +319,74 @@ function stopHealthCheck() {
 function handleTunnelFailure() {
   if (isRestarting) return;
   stopHealthCheck();
+  killTunnelProc();
-  // Kill the zombie process
-  if (tunnelProc) {
-    try {
-      if (process.platform === 'win32' && tunnelProc.pid) {
-        try {
-          execFileSync('taskkill', ['/pid', String(tunnelProc.pid), '/T', '/F'], {
-            stdio: 'pipe',
-            timeout: 5000,
-          });
-        } catch {
-          /* best effort */
-        }
-      } else {
-        tunnelProc.kill('SIGKILL');
+  tunnelEvents.emit('disconnected');
+  scheduleRestart();
+}
+// --- Auth-expiration handling ---
+function killTunnelProc() {
+  if (!tunnelProc) return;
+  try {
+    if (process.platform === 'win32' && tunnelProc.pid) {
+      try {
+        execFileSync('taskkill', ['/pid', String(tunnelProc.pid), '/T', '/F'], {
+          stdio: 'pipe',
+          timeout: 5000,
+        });
+      } catch {
+        /* best effort */
       }
-    } catch {
-      /* best effort */
+    } else {
+      tunnelProc.kill('SIGKILL');
     }
-    tunnelProc = null;
+  } catch {
+    /* best effort */
   }
+  tunnelProc = null;
+}
+function handleAuthExpiration() {
+  if (waitingForAuth) return;
+  stopHealthCheck();
+  killTunnelProc();
   tunnelEvents.emit('disconnected');
-  scheduleRestart();
+  tunnelEvents.emit('auth-expired');
+  startAuthWait();
+}
+function startAuthWait() {
+  if (waitingForAuth) return;
+  waitingForAuth = true;
+  isRestarting = false;
+  restartAttempts = 0;
+  consecutiveFailures = 0;
+  log.warn('DevTunnel auth token expired (Microsoft tokens expire after a few days).');
+  log.warn('Tunnel is paused — re-authenticate on the host machine to restore:');
+  log.warn('  devtunnel user login -d');
+  log.warn('Tunnel will auto-reconnect once auth is restored.');
+  authCheckInterval = setInterval(() => {
+    if (isLoggedIn()) {
+      log.info('DevTunnel auth restored — resuming tunnel');
+      stopAuthWait();
+      tunnelEvents.emit('auth-restored');
+      scheduleRestart();
+    }
+  }, AUTH_CHECK_INTERVAL);
+  authCheckInterval.unref();
+}
+function stopAuthWait() {
+  waitingForAuth = false;
+  if (authCheckInterval) {
+    clearInterval(authCheckInterval);
+    authCheckInterval = null;
+  }
 }
 function scheduleRestart() {
@@ -271,6 +408,15 @@ function scheduleRestart() {
   restartTimer = setTimeout(async () => {
     restartTimer = null;
+    // If auth expired since restart was scheduled, switch to auth-wait mode
+    if (!isLoggedIn()) {
+      log.warn('DevTunnel auth expired during restart — waiting for re-authentication');
+      isRestarting = false;
+      handleAuthExpiration();
+      return;
+    }
     try {
       const result = await hostTunnel();
       if (result) {
@@ -368,21 +514,30 @@ async function startTunnel(port, options = {}) {
   log.info('Starting devtunnel...');
   try {
-    // Ensure user is logged in
-    let loggedIn = false;
-    try {
-      const userOut = execFileSync(devtunnelCmd, ['user', 'show'], {
-        encoding: 'utf-8',
-        stdio: ['pipe', 'pipe', 'pipe'],
-      });
-      // user show can succeed but show "not logged in" status
-      loggedIn = userOut && !userOut.toLowerCase().includes('not logged in');
-    } catch {}
+    // Ensure user is logged in. Prefer Entra over GitHub — Entra tokens auto-refresh
+    // for weeks via MSAL, while GitHub tokens expire after 8 hours.
+    let loggedIn = isLoggedIn();
+    const loginInfo = loggedIn ? getLoginInfo() : null;
+    if (loggedIn && loginInfo) {
+      const { provider, tokenLifetimeSeconds } = loginInfo;
+      if (provider === 'github') {
+        log.warn(
+          'Logged in with GitHub — tokens expire every 8 hours. ' +
+            'For longer sessions, use: devtunnel user login -e -d',
+        );
+      }
+      if (tokenLifetimeSeconds !== null) {
+        const h = Math.floor(tokenLifetimeSeconds / 3600);
+        const m = Math.round((tokenLifetimeSeconds % 3600) / 60);
+        log.info(`DevTunnel token expires in ${h}h ${m}m`);
+      }
+    }
     if (!loggedIn) {
-      log.info('devtunnel not logged in, launching browser login (30s timeout)...');
+      log.info('Logging in to DevTunnel with Microsoft Entra (recommended for long sessions)...');
       try {
-        execFileSync(devtunnelCmd, ['user', 'login'], { stdio: 'inherit', timeout: 30000 });
+        execFileSync(devtunnelCmd, ['user', 'login', '-e'], { stdio: 'inherit', timeout: 30000 });
       } catch {
         log.info('Browser login failed or unavailable, falling back to device code flow...');
         log.info('A code will be displayed — open the URL on any device to authenticate.');
@@ -391,7 +546,7 @@ async function startTunnel(port, options = {}) {
         } catch (_loginErr) {
           log.error('');
           log.error('  DevTunnel login failed. To use tunnels, run:');
-          log.error('    devtunnel user login');
+          log.error('    devtunnel user login -e -d');
           log.error('');
           log.error('  Or start without a tunnel:');
           log.error('    termbeam --no-tunnel');
@@ -480,8 +635,9 @@ async function startTunnel(port, options = {}) {
 }
 function cleanupTunnel() {
-  // Stop watchdog first to prevent restart during cleanup
+  // Stop watchdog and auth-wait to prevent restart during cleanup
   stopHealthCheck();
+  stopAuthWait();
   isRestarting = true; // prevent exit handler from restarting
   if (restartTimer) {
     clearTimeout(restartTimer);
@@ -489,26 +645,7 @@ function cleanupTunnel() {
   }
   const id = tunnelId;
-  if (tunnelProc) {
-    try {
-      // On Windows, kill the process tree to ensure all children die
-      if (process.platform === 'win32' && tunnelProc.pid) {
-        try {
-          execFileSync('taskkill', ['/pid', String(tunnelProc.pid), '/T', '/F'], {
-            stdio: 'pipe',
-            timeout: 5000,
-          });
-        } catch {
-          /* best effort */
-        }
-      } else {
-        tunnelProc.kill('SIGKILL');
-      }
-    } catch {
-      /* best effort */
-    }
-    tunnelProc = null;
-  }
+  killTunnelProc();
   if (id) {
     tunnelId = null;
     if (isPersisted) {
@@ -527,6 +664,14 @@ function cleanupTunnel() {
   consecutiveFailures = 0;
   restartAttempts = 0;
   isRestarting = false;
+  expiryWarned = false;
 }
-module.exports = { startTunnel, cleanupTunnel, findDevtunnel, tunnelEvents };
+module.exports = {
+  startTunnel,
+  cleanupTunnel,
+  findDevtunnel,
+  tunnelEvents,
+  getLoginInfo,
+  parseLoginInfo,
+};

package/public/assets/channel-Cw6U4HD8.js DELETED Viewed

	@@ -1 +0,0 @@
1	- import{aq as o,ar as n}from"./index-CZRetRoe.js";const t=(r,a)=>o.lang.round(n.parse(r)[a]);export{t as c};

package/public/assets/classDiagram-VBA2DB6C-B8Ph5aUJ.js DELETED Viewed

@@ -1 +0,0 @@

- import{s as a,c as s,a as e,C as t}from"./chunk-WL4C6EOR-CpglQTvf.js";import{_ as i}from"./index-CZRetRoe.js";import"./chunk-FMBD7UC4-BSOODOC9.js";import"./chunk-JSJVCQXG-B71Oj-xI.js";import"./chunk-55IACEB6-Dk_FjBN6.js";import"./chunk-KX2RTZJC-Bv_BWOZR.js";var u={parser:e,get db(){return new t},renderer:s,styles:a,init:i(r=>{r.class||(r.class={}),r.class.arrowMarkerAbsolute=r.arrowMarkerAbsolute},"init")};export{u as diagram};

package/public/assets/classDiagram-v2-RAHNMMFH-B8Ph5aUJ.js DELETED Viewed

@@ -1 +0,0 @@

package/public/assets/clone-tNYKz33q.js DELETED Viewed

	@@ -1 +0,0 @@
1	- import{b as r}from"./_baseUniq-B_xhLk1b.js";var e=4;function a(o){return r(o,e)}export{a as c};

package/public/assets/stateDiagram-v2-FVOUBMTO-C4ooUxXR.js DELETED Viewed

	@@ -1 +0,0 @@
1	- import{s as t,b as r,a,S as s}from"./chunk-NQ4KR5QH-NrpJgmB3.js";import{_ as i}from"./index-CZRetRoe.js";import"./chunk-55IACEB6-Dk_FjBN6.js";import"./chunk-KX2RTZJC-Bv_BWOZR.js";var l={parser:a,get db(){return new s(2)},renderer:r,styles:t,init:i(e=>{e.state\|\|(e.state={}),e.state.arrowMarkerAbsolute=e.arrowMarkerAbsolute},"init")};export{l as diagram};