theclawbay 0.1.15 → 0.2.0

package/README.md

@@ -1,77 +1,67 @@
 # The Claw Bay (`theclawbay`)
 
-`theclawbay` is a CLI for customers of `theclawbay.com`.
-Its main job is to auto-switch between Codex accounts assigned from your web app, so users can keep working without manual login/logout churn.
+`theclawbay` is a customer CLI for The Claw Bay.
 
-> [!WARNING]
-> Not affiliated with OpenAI or Codex. Not an official tool.
-
-## Main Functionality
+It now does one job:
 
-For end users, the normal flow is:
+- link your purchased API key
+- run a local relay that forwards Codex/OpenAI requests to your The Claw Bay backend
 
-1. Install `theclawbay`
-2. Link with API key from `theclawbay.com`
-3. Run `theclawbay agent`
-4. Agent auto-manages account sessions and switches accounts locally when limits are reached
+This package no longer runs local account login automation or local account switching flows.
 
-Internally, switching happens by updating the active `~/.codex/auth.json` from managed snapshots in `~/.codex/accounts/*.json`.
+> Not affiliated with OpenAI or Codex. Not an official tool.
 
 ## Requirements
 
 - Node.js 18+
-- Codex CLI in `PATH` (`codex` command)
-- Python 3
-- Chrome/Chromium browser (or set `THECLAWBAY_ZENDRIVER_BROWSER_BIN`)
+- Codex CLI installed (`@openai/codex`)
 
 ## Install
 
-### Linux/macOS (recommended)
-
 ```sh
-curl -fsSL https://theclawbay.com/install.sh | bash
-```
-
-Run this as a regular user (not `root`/`sudo`).  
-The installer uses deterministic user-owned paths:
-
-- npm global prefix: `~/.local/share/theclawbay/npm`
-- Python env: `~/.local/share/theclawbay/py-venv`
-- CLI launch path: `~/.local/bin`
-
-### Windows (PowerShell)
-
-```powershell
-# Run as Administrator
-winget install -e --id OpenJS.NodeJS.LTS
-winget install -e --id Python.Python.3.12
-winget install -e --id Google.Chrome
-npm i -g @openai/codex
-python -m pip install --user --upgrade pip zendriver
 npm i -g theclawbay
 ```
 
-## Link and Run
+## Link
 
-1. Go to `https://theclawbay.com`, purchase a plan, and copy your API key from the dashboard.
-2. Link your machine:
+Use your purchased API key from your dashboard:
 
 ```sh
 theclawbay link --api-key <apiKey>
 ```
 
-3. Start the agent:
+This defaults to `https://theclawbay.com`.
+
+If you operate a custom backend, pass it explicitly:
 
 ```sh
-theclawbay agent
+theclawbay link --api-key <apiKey> --backend https://your-domain.com
 ```
 
-Optional troubleshooting (shows browser automation live):
+## Run Relay
 
 ```sh
-theclawbay agent --showBrowser
+theclawbay proxy
 ```
 
-## Need More Details?
+By default this starts a local relay on `http://127.0.0.1:2455` and forwards to:
+
+- `https://theclawbay.com/api/codex-auth/v1/proxy/...`
+
+The command prints a ready-to-paste Codex provider snippet.
+
+## Common Flags
+
+`theclawbay proxy` supports:
+
+- `--host` local bind host (default `127.0.0.1`)
+- `--port` local bind port (default `2455`)
+- `--backend` override backend URL from linked config
+- `--api-key` override API key from linked config
+- `--base-path` override server proxy path (default `/api/codex-auth/v1/proxy`)
+
+## Notes
 
-- End-user onboarding and billing are handled in `https://theclawbay.com`.
+- End users only need API keys. They do not need upstream account credentials.
+- Keep your backend on HTTPS for WAN usage.
+- Linked config is stored at `~/.codex/theclawbay.managed.json`.

package/dist/commands/link.d.ts

@@ -3,10 +3,7 @@ export default class LinkCommand extends BaseCommand {
     static description: string;
     static flags: {
         backend: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        "api-key": import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        "seat-id": import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        "device-token": import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        "poll-interval-ms": import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        "api-key": import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
     };
     run(): Promise<void>;
 }

package/dist/commands/link.js

@@ -5,69 +5,35 @@ const base_command_1 = require("../lib/base-command");
 const config_1 = require("../lib/managed/config");
 const paths_1 = require("../lib/config/paths");
 const api_key_1 = require("../lib/managed/api-key");
+const DEFAULT_BACKEND_URL = "https://theclawbay.com";
 class LinkCommand extends base_command_1.BaseCommand {
     async run() {
         await this.runSafe(async () => {
             const { flags } = await this.parse(LinkCommand);
             const apiKey = flags["api-key"];
-            const seatId = flags["seat-id"];
-            const deviceToken = flags["device-token"];
-            const pollIntervalMs = flags["poll-interval-ms"];
             const backendUrlFlag = flags.backend;
-            if (apiKey) {
-                const backendUrl = backendUrlFlag !== null && backendUrlFlag !== void 0 ? backendUrlFlag : (0, api_key_1.tryInferBackendUrlFromApiKey)(apiKey);
-                if (!backendUrl) {
-                    throw new Error('Backend URL is required. Pass "--backend https://YOUR_ADMIN_APP", or use an API key created by the web app (new keys encode the backend URL).');
-                }
-                await (0, config_1.writeManagedConfig)({
-                    backendUrl,
-                    authType: "apiKey",
-                    apiKey,
-                    pollIntervalMs,
-                });
-            }
-            else {
-                if (!backendUrlFlag) {
-                    throw new Error('Backend URL is required for seat mode. Pass "--backend https://YOUR_ADMIN_APP".');
-                }
-                await (0, config_1.writeManagedConfig)({
-                    backendUrl: backendUrlFlag,
-                    authType: "seat",
-                    seatId,
-                    deviceToken,
-                    pollIntervalMs,
-                });
-            }
+            const inferredBackendUrl = (0, api_key_1.tryInferBackendUrlFromApiKey)(apiKey);
+            const backendUrl = backendUrlFlag ?? inferredBackendUrl ?? DEFAULT_BACKEND_URL;
+            await (0, config_1.writeManagedConfig)({
+                backendUrl,
+                apiKey,
+            });
             this.log(`Linked. Managed config written to ${paths_1.managedConfigPath}`);
-            this.log(`Run "theclawbay agent" to start managed switching.`);
+            this.log(`Backend: ${backendUrl}`);
+            this.log(`Run "theclawbay proxy" to start the local relay.`);
         });
     }
 }
-LinkCommand.description = "Link this Codex Auth install to your management web app";
+LinkCommand.description = "Link this machine to your The Claw Bay API backend using an API key";
 LinkCommand.flags = {
     backend: core_1.Flags.string({
         required: false,
-        description: "Backend base URL (e.g. https://admin.example.com)",
+        description: "Backend base URL override (default: https://theclawbay.com)",
     }),
     "api-key": core_1.Flags.string({
-        required: false,
+        required: true,
         aliases: ["apiKey"],
-        description: "API key issued by your admin web app (recommended)",
-    }),
-    "seat-id": core_1.Flags.string({
-        required: false,
-        aliases: ["seatId"],
-        description: "[legacy] Seat ID issued by your admin web app",
-    }),
-    "device-token": core_1.Flags.string({
-        required: false,
-        aliases: ["deviceToken"],
-        description: "[legacy] Device token issued by your admin web app",
-    }),
-    "poll-interval-ms": core_1.Flags.integer({
-        required: false,
-        aliases: ["pollIntervalMs"],
-        description: "Override backend poll interval (ms)",
+        description: "API key issued by your The Claw Bay dashboard",
     }),
 };
 exports.default = LinkCommand;

package/dist/commands/proxy.d.ts

@@ -0,0 +1,12 @@
+import { BaseCommand } from "../lib/base-command";
+export default class ProxyCommand extends BaseCommand {
+    static description: string;
+    static flags: {
+        host: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
+        port: import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
+        backend: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        "api-key": import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        "base-path": import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/proxy.js

@@ -0,0 +1,179 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const node_http_1 = __importDefault(require("node:http"));
+const node_stream_1 = require("node:stream");
+const core_1 = require("@oclif/core");
+const base_command_1 = require("../lib/base-command");
+const config_1 = require("../lib/managed/config");
+function trimTrailingSlash(value) {
+    return value.replace(/\/+$/g, "");
+}
+function ensureLeadingSlash(value) {
+    return value.startsWith("/") ? value : `/${value}`;
+}
+function joinUrl(base, pathname) {
+    const url = new URL(base);
+    url.pathname = `${url.pathname.replace(/\/+$/g, "")}${pathname.startsWith("/") ? "" : "/"}${pathname}`;
+    return url.toString();
+}
+function normalizeUrl(raw, label) {
+    try {
+        const parsed = new URL(raw.trim());
+        return trimTrailingSlash(parsed.toString());
+    }
+    catch {
+        throw new Error(`invalid ${label} URL: ${raw}`);
+    }
+}
+function headersFromIncoming(source) {
+    const headers = new Headers();
+    for (const [key, value] of Object.entries(source)) {
+        if (!value)
+            continue;
+        const lower = key.toLowerCase();
+        if (lower === "host" || lower === "content-length" || lower === "authorization" || lower === "connection") {
+            continue;
+        }
+        if (Array.isArray(value)) {
+            headers.set(key, value.join(", "));
+        }
+        else {
+            headers.set(key, value);
+        }
+    }
+    return headers;
+}
+async function readIncomingBody(req) {
+    if (!req.method || req.method === "GET" || req.method === "HEAD")
+        return null;
+    const chunks = [];
+    for await (const chunk of req) {
+        chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(String(chunk)));
+    }
+    if (!chunks.length)
+        return null;
+    return Buffer.concat(chunks);
+}
+function bufferToArrayBuffer(buffer) {
+    const bytes = new Uint8Array(buffer.length);
+    bytes.set(buffer);
+    return bytes.buffer;
+}
+function writeUpstreamHeaders(res, source) {
+    source.forEach((value, key) => {
+        const lower = key.toLowerCase();
+        if (lower === "connection" || lower === "transfer-encoding" || lower === "keep-alive")
+            return;
+        res.setHeader(key, value);
+    });
+}
+class ProxyCommand extends base_command_1.BaseCommand {
+    async run() {
+        await this.runSafe(async () => {
+            const { flags } = await this.parse(ProxyCommand);
+            const managed = await (0, config_1.readManagedConfig)();
+            if (!managed.apiKey?.trim()) {
+                throw new Error('API key auth is required. Re-link using "theclawbay link --api-key <key>".');
+            }
+            const backendUrl = normalizeUrl(flags.backend ?? managed.backendUrl, "--backend");
+            const apiKey = (flags["api-key"] ?? managed.apiKey ?? "").trim();
+            if (!apiKey) {
+                throw new Error("API key is required for WAN proxy mode.");
+            }
+            const basePath = ensureLeadingSlash(flags["base-path"].trim()).replace(/\/+$/g, "");
+            const proxyBase = `${trimTrailingSlash(backendUrl)}${basePath}`;
+            const server = node_http_1.default.createServer(async (req, res) => {
+                const method = req.method?.toUpperCase() ?? "GET";
+                const incomingUrl = new URL(req.url || "/", "http://local-proxy.invalid");
+                const routePath = incomingUrl.pathname.replace(/^\/+/, "");
+                const upstreamUrl = joinUrl(proxyBase, routePath);
+                const urlWithQuery = `${upstreamUrl}${incomingUrl.search || ""}`;
+                try {
+                    const headers = headersFromIncoming(req.headers);
+                    headers.set("Authorization", `Bearer ${apiKey}`);
+                    const bodyBuffer = await readIncomingBody(req);
+                    const body = bodyBuffer ? bufferToArrayBuffer(bodyBuffer) : undefined;
+                    const upstream = await fetch(urlWithQuery, {
+                        method,
+                        headers,
+                        body,
+                        redirect: "manual",
+                    });
+                    res.statusCode = upstream.status;
+                    res.statusMessage = upstream.statusText;
+                    writeUpstreamHeaders(res, upstream.headers);
+                    if (!upstream.body || method === "HEAD") {
+                        res.end();
+                        return;
+                    }
+                    const stream = node_stream_1.Readable.fromWeb(upstream.body);
+                    stream.on("error", () => {
+                        res.destroy();
+                    });
+                    stream.pipe(res);
+                }
+                catch (error) {
+                    const message = error instanceof Error ? error.message : String(error);
+                    res.statusCode = 502;
+                    res.setHeader("Content-Type", "application/json");
+                    res.end(JSON.stringify({ error: `proxy relay failed: ${message}` }));
+                }
+            });
+            await new Promise((resolve, reject) => {
+                server.once("error", reject);
+                server.listen(flags.port, flags.host, () => {
+                    server.off("error", reject);
+                    resolve();
+                });
+            });
+            const localBase = `http://${flags.host}:${flags.port}`;
+            this.log(`theclawbay WAN relay listening at ${localBase}`);
+            this.log(`Forwarding to ${proxyBase}`);
+            this.log("");
+            this.log("Codex CLI config snippet:");
+            this.log('model_provider = "theclawbay-wan"');
+            this.log("");
+            this.log("[model_providers.theclawbay-wan]");
+            this.log('name = "OpenAI"');
+            this.log(`base_url = "${localBase}/backend-api/codex"`);
+            this.log('wire_api = "responses"');
+            this.log(`chatgpt_base_url = "${localBase}"`);
+            this.log("requires_openai_auth = true");
+            await new Promise((resolve) => {
+                const stop = () => {
+                    server.close(() => resolve());
+                };
+                process.once("SIGINT", stop);
+                process.once("SIGTERM", stop);
+            });
+        });
+    }
+}
+ProxyCommand.description = "Run a local relay that forwards Codex/OpenAI requests to your The Claw Bay backend using API-key auth";
+ProxyCommand.flags = {
+    host: core_1.Flags.string({
+        default: "127.0.0.1",
+        description: "Local bind host",
+    }),
+    port: core_1.Flags.integer({
+        default: 2455,
+        description: "Local bind port",
+    }),
+    backend: core_1.Flags.string({
+        required: false,
+        description: "Override backend URL (defaults to linked managed backend)",
+    }),
+    "api-key": core_1.Flags.string({
+        required: false,
+        aliases: ["apiKey"],
+        description: "Override API key (defaults to linked managed API key)",
+    }),
+    "base-path": core_1.Flags.string({
+        default: "/api/codex-auth/v1/proxy",
+        description: "Server proxy base path",
+    }),
+};
+exports.default = ProxyCommand;

package/dist/lib/base-command.d.ts

@@ -1,6 +1,5 @@
 import { Command } from "@oclif/core";
 export declare abstract class BaseCommand extends Command {
-    protected readonly accounts: import("./accounts").AccountService;
     protected runSafe(action: () => Promise<void>): Promise<void>;
     private handleError;
 }

package/dist/lib/base-command.js

@@ -2,13 +2,9 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.BaseCommand = void 0;
 const core_1 = require("@oclif/core");
-const accounts_1 = require("./accounts");
+const errors_1 = require("./errors");
 const update_check_1 = require("./update-check");
 class BaseCommand extends core_1.Command {
-    constructor() {
-        super(...arguments);
-        this.accounts = accounts_1.accountService;
-    }
     async runSafe(action) {
         try {
             await (0, update_check_1.maybeNotifyUpdate)({
@@ -23,7 +19,7 @@ class BaseCommand extends core_1.Command {
         }
     }
     handleError(error) {
-        if (error instanceof accounts_1.CodexAuthError) {
+        if (error instanceof errors_1.ClawBayError) {
             this.error(error.message);
         }
         if (error instanceof Error) {

package/dist/lib/config/paths.d.ts

@@ -1,18 +1,5 @@
 export declare const codexDir: string;
-export declare const accountsDir: string;
-export declare const authPath: string;
-export declare const currentNamePath: string;
-export declare const sessionsDir: string;
 export declare const managedConfigPath: string;
-export declare const managedAccountsStatePath: string;
-export declare const usageStatePath: string;
-export declare const usageHistoryPath: string;
 export declare const updateCheckStatePath: string;
 export declare const legacyManagedConfigPathClayBay: string;
 export declare const legacyManagedConfigPathCodexAuth: string;
-export declare function resolveOpenClawStateDir(): string;
-export declare function resolveOpenClawAgentDir(): string;
-export declare function resolveOpenClawAuthStorePath(): string;
-export declare function resolveOpenClawLegacyAuthPath(): string;
-export declare function resolveOpenClawAccountsDir(): string;
-export declare function resolveOpenClawCurrentNamePath(): string;

package/dist/lib/config/paths.js

@@ -3,94 +3,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.legacyManagedConfigPathCodexAuth = exports.legacyManagedConfigPathClayBay = exports.updateCheckStatePath = exports.usageHistoryPath = exports.usageStatePath = exports.managedAccountsStatePath = exports.managedConfigPath = exports.sessionsDir = exports.currentNamePath = exports.authPath = exports.accountsDir = exports.codexDir = void 0;
-exports.resolveOpenClawStateDir = resolveOpenClawStateDir;
-exports.resolveOpenClawAgentDir = resolveOpenClawAgentDir;
-exports.resolveOpenClawAuthStorePath = resolveOpenClawAuthStorePath;
-exports.resolveOpenClawLegacyAuthPath = resolveOpenClawLegacyAuthPath;
-exports.resolveOpenClawAccountsDir = resolveOpenClawAccountsDir;
-exports.resolveOpenClawCurrentNamePath = resolveOpenClawCurrentNamePath;
-const node_fs_1 = __importDefault(require("node:fs"));
+exports.legacyManagedConfigPathCodexAuth = exports.legacyManagedConfigPathClayBay = exports.updateCheckStatePath = exports.managedConfigPath = exports.codexDir = void 0;
 const node_os_1 = __importDefault(require("node:os"));
 const node_path_1 = __importDefault(require("node:path"));
 exports.codexDir = node_path_1.default.join(node_os_1.default.homedir(), ".codex");
-exports.accountsDir = node_path_1.default.join(exports.codexDir, "accounts");
-exports.authPath = node_path_1.default.join(exports.codexDir, "auth.json");
-exports.currentNamePath = node_path_1.default.join(exports.codexDir, "current");
-exports.sessionsDir = node_path_1.default.join(exports.codexDir, "sessions");
 exports.managedConfigPath = node_path_1.default.join(exports.codexDir, "theclawbay.managed.json");
-exports.managedAccountsStatePath = node_path_1.default.join(exports.codexDir, "theclawbay.accounts-state.json");
-exports.usageStatePath = node_path_1.default.join(exports.codexDir, "theclawbay.usage-state.json");
-exports.usageHistoryPath = node_path_1.default.join(exports.codexDir, "theclawbay.usage-history.jsonl");
 exports.updateCheckStatePath = node_path_1.default.join(exports.codexDir, "theclawbay.update-check.json");
 exports.legacyManagedConfigPathClayBay = node_path_1.default.join(exports.codexDir, "theclaybay.managed.json");
 exports.legacyManagedConfigPathCodexAuth = node_path_1.default.join(exports.codexDir, "codex-auth.managed.json");
-const OPENCLAW_LEGACY_STATE_DIRNAMES = [".clawdbot", ".moltbot", ".moldbot"];
-function normalizeEnvPath(rawValue) {
-    if (typeof rawValue !== "string")
-        return null;
-    const trimmed = rawValue.trim();
-    return trimmed.length ? trimmed : null;
-}
-function resolveEffectiveHomeDir() {
-    var _a, _b;
-    const explicitHome = normalizeEnvPath(process.env.OPENCLAW_HOME);
-    const systemHome = (_b = (_a = normalizeEnvPath(process.env.HOME)) !== null && _a !== void 0 ? _a : normalizeEnvPath(process.env.USERPROFILE)) !== null && _b !== void 0 ? _b : node_os_1.default.homedir();
-    if (!explicitHome) {
-        return node_path_1.default.resolve(systemHome);
-    }
-    if (explicitHome === "~" || explicitHome.startsWith("~/") || explicitHome.startsWith("~\\")) {
-        return node_path_1.default.resolve(explicitHome.replace(/^~(?=$|[\\/])/, systemHome));
-    }
-    return node_path_1.default.resolve(explicitHome);
-}
-function resolveUserPath(rawPath) {
-    const trimmed = rawPath.trim();
-    if (trimmed.startsWith("~")) {
-        return node_path_1.default.resolve(trimmed.replace(/^~(?=$|[\\/])/, resolveEffectiveHomeDir()));
-    }
-    return node_path_1.default.resolve(trimmed);
-}
-function pathExistsSync(targetPath) {
-    try {
-        return node_fs_1.default.existsSync(targetPath);
-    }
-    catch {
-        return false;
-    }
-}
-function resolveOpenClawStateDir() {
-    var _a;
-    const override = (_a = normalizeEnvPath(process.env.OPENCLAW_STATE_DIR)) !== null && _a !== void 0 ? _a : normalizeEnvPath(process.env.CLAWDBOT_STATE_DIR);
-    if (override)
-        return resolveUserPath(override);
-    const home = resolveEffectiveHomeDir();
-    const openClawDir = node_path_1.default.join(home, ".openclaw");
-    if (pathExistsSync(openClawDir))
-        return openClawDir;
-    for (const legacyDirName of OPENCLAW_LEGACY_STATE_DIRNAMES) {
-        const legacyDir = node_path_1.default.join(home, legacyDirName);
-        if (pathExistsSync(legacyDir))
-            return legacyDir;
-    }
-    return openClawDir;
-}
-function resolveOpenClawAgentDir() {
-    var _a;
-    const override = (_a = normalizeEnvPath(process.env.OPENCLAW_AGENT_DIR)) !== null && _a !== void 0 ? _a : normalizeEnvPath(process.env.PI_CODING_AGENT_DIR);
-    if (override)
-        return resolveUserPath(override);
-    return node_path_1.default.join(resolveOpenClawStateDir(), "agents", "default", "agent");
-}
-function resolveOpenClawAuthStorePath() {
-    return node_path_1.default.join(resolveOpenClawAgentDir(), "auth-profiles.json");
-}
-function resolveOpenClawLegacyAuthPath() {
-    return node_path_1.default.join(resolveOpenClawAgentDir(), "auth.json");
-}
-function resolveOpenClawAccountsDir() {
-    return node_path_1.default.join(resolveOpenClawStateDir(), "accounts");
-}
-function resolveOpenClawCurrentNamePath() {
-    return node_path_1.default.join(resolveOpenClawStateDir(), "current");
-}

package/dist/lib/errors.d.ts

@@ -0,0 +1,3 @@
+export declare class ClawBayError extends Error {
+    constructor(message: string);
+}

package/dist/lib/errors.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ClawBayError = void 0;
+class ClawBayError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "ClawBayError";
+    }
+}
+exports.ClawBayError = ClawBayError;

package/dist/lib/managed/config.d.ts

@@ -1,10 +1,6 @@
 export type ManagedConfig = {
     backendUrl: string;
-    authType: "seat" | "apiKey";
-    seatId?: string;
-    deviceToken?: string;
-    apiKey?: string;
-    pollIntervalMs?: number;
+    apiKey: string;
 };
 export declare function readManagedConfig(): Promise<ManagedConfig>;
 export declare function writeManagedConfig(config: ManagedConfig): Promise<void>;

package/dist/lib/managed/config.js

@@ -72,70 +72,31 @@ async function readManagedConfig() {
         throw new errors_1.ManagedConfigInvalidError("backendUrl is required");
     }
     const backendUrl = normalizeAndValidateBackendUrl(obj.backendUrl);
-    const authType = obj.authType;
-    if (authType !== "seat" && authType !== "apiKey") {
-        throw new errors_1.ManagedConfigInvalidError('authType must be "seat" or "apiKey"');
+    if (obj.authType === "seat") {
+        throw new errors_1.ManagedConfigInvalidError('legacy seat-mode config is no longer supported; run "theclawbay link --api-key <key>" to relink');
     }
-    if (authType === "seat") {
-        if (typeof obj.seatId !== "string" || !obj.seatId.trim()) {
-            throw new errors_1.ManagedConfigInvalidError("seatId is required for authType=seat");
-        }
-        if (typeof obj.deviceToken !== "string" || !obj.deviceToken.trim()) {
-            throw new errors_1.ManagedConfigInvalidError("deviceToken is required for authType=seat");
-        }
-    }
-    else {
-        if (typeof obj.apiKey !== "string" || !obj.apiKey.trim()) {
-            throw new errors_1.ManagedConfigInvalidError("apiKey is required for authType=apiKey");
-        }
-    }
-    const pollIntervalMs = obj.pollIntervalMs === undefined ? undefined : Number(obj.pollIntervalMs);
-    if (pollIntervalMs !== undefined && (!Number.isFinite(pollIntervalMs) || pollIntervalMs < 250)) {
-        throw new errors_1.ManagedConfigInvalidError("pollIntervalMs must be >= 250");
+    if (typeof obj.apiKey !== "string" || !obj.apiKey.trim()) {
+        throw new errors_1.ManagedConfigInvalidError("apiKey is required");
     }
     if (loadedFromPath !== paths_1.managedConfigPath) {
         // Best-effort migration to the new config filename.
         await promises_1.default.mkdir(paths_1.codexDir, { recursive: true });
         await promises_1.default.writeFile(paths_1.managedConfigPath, raw, "utf8").catch(() => { });
     }
-    return {
-        backendUrl,
-        authType,
-        seatId: obj.seatId,
-        deviceToken: obj.deviceToken,
-        apiKey: obj.apiKey,
-        pollIntervalMs,
-    };
+    return { backendUrl, apiKey: obj.apiKey.trim() };
 }
 async function writeManagedConfig(config) {
     if (typeof config.backendUrl !== "string" || !config.backendUrl.trim()) {
         throw new errors_1.ManagedConfigInvalidError("backendUrl is required");
     }
     const backendUrl = normalizeAndValidateBackendUrl(config.backendUrl);
-    if (config.authType !== "seat" && config.authType !== "apiKey") {
-        throw new errors_1.ManagedConfigInvalidError('authType must be "seat" or "apiKey"');
-    }
-    if (config.authType === "seat") {
-        if (typeof config.seatId !== "string" || !config.seatId.trim()) {
-            throw new errors_1.ManagedConfigInvalidError("seatId is required for authType=seat");
-        }
-        if (typeof config.deviceToken !== "string" || !config.deviceToken.trim()) {
-            throw new errors_1.ManagedConfigInvalidError("deviceToken is required for authType=seat");
-        }
-    }
-    else {
-        if (typeof config.apiKey !== "string" || !config.apiKey.trim()) {
-            throw new errors_1.ManagedConfigInvalidError("apiKey is required for authType=apiKey");
-        }
+    if (typeof config.apiKey !== "string" || !config.apiKey.trim()) {
+        throw new errors_1.ManagedConfigInvalidError("apiKey is required");
     }
     await promises_1.default.mkdir(paths_1.codexDir, { recursive: true });
     const contents = JSON.stringify({
         backendUrl,
-        authType: config.authType,
-        seatId: config.seatId,
-        deviceToken: config.deviceToken,
-        apiKey: config.apiKey,
-        pollIntervalMs: config.pollIntervalMs,
+        apiKey: config.apiKey.trim(),
     }, null, 2);
     await promises_1.default.writeFile(paths_1.managedConfigPath, `${contents}\n`, "utf8");
 }