willys-cli 1.0.0

package/LICENSE.md

@@ -0,0 +1,9 @@
+# The MIT License (MIT)
+
+Copyright © 2026 Erik Hellman
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -0,0 +1,123 @@
+# willys-cli
+
+TypeScript library and CLI for the [Willys](https://www.willys.se/) grocery store API.
+
+Search for products, browse categories, and manage your shopping cart from the terminal.
+
+## Install
+
+```bash
+npm install -g willys-cli
+```
+
+## Credentials
+
+Set your Willys login (personnummer + password) via environment variables or a `.env` file:
+
+```
+WILLYS_USERNAME=199001011234
+WILLYS_PASSWORD=yourpassword
+```
+
+You can also pass them as flags: `-u <username> -p <password>`.
+
+## CLI Usage
+
+```bash
+# Search for products (default 10 results)
+willys-cli search mjölk
+
+# Search with more results (auto-paginates)
+willys-cli search "ekologisk mjölk" 30
+
+# List categories
+willys-cli categories
+
+# Browse a category
+willys-cli browse frukt-och-gront/frukt/citrusfrukt
+
+# Add to cart
+willys-cli add 101233933_ST 2
+
+# View cart
+willys-cli cart
+
+# Remove from cart
+willys-cli remove 101233933_ST
+
+# Clear cart
+willys-cli clear
+```
+
+### Batch operations
+
+Create a CSV file with one operation per line:
+
+```csv
+add,101233933_ST,2
+add,101205823_ST,1
+cart
+remove,101205823_ST
+clear
+```
+
+Run it:
+
+```bash
+willys-cli -i shopping-list.csv
+```
+
+## Library Usage
+
+```typescript
+import { WillysApi } from "willys-cli";
+
+const api = new WillysApi();
+await api.login("199001011234", "yourpassword");
+
+const results = await api.search("mjölk");
+console.log(results.results[0].name); // "Mellanmjölk Längre Hållbarhet 1,5%"
+
+await api.addToCart([{ code: "101233933_ST", qty: 2 }]);
+const cart = await api.getCart();
+
+await api.logout();
+```
+
+### API Methods
+
+| Method | Description |
+|--------|-------------|
+| `login(username, password)` | Authenticate (returns `Customer`) |
+| `logout()` | End session |
+| `getCustomer()` | Get current user profile |
+| `search(query, page?, size?)` | Search products |
+| `getCategories(storeId?)` | Get category tree |
+| `browseCategory(path, page?, size?)` | List products in a category |
+| `getCart()` | Get current cart |
+| `addToCart([{code, qty}])` | Add products to cart |
+| `removeFromCart(code)` | Remove a product from cart |
+| `clearCart()` | Empty the cart |
+
+## Claude Code Integration
+
+Install the Claude Code skill into your project:
+
+```bash
+cd your-project
+willys-cli --install-skills
+```
+
+This creates `.claude/skills/willys-cli/SKILL.md`, enabling Claude Code to use the CLI as a tool.
+
+## Development
+
+```bash
+git clone https://github.com/pansen/willys-agent.git
+cd willys-agent
+npm install
+cp .env.example .env  # add your credentials
+npm run build          # compile TypeScript
+npm test               # run integration tests
+npm start              # run CLI in dev mode (via tsx)
+```

package/dist/cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+import "dotenv/config";

package/dist/cli.js

@@ -0,0 +1,216 @@
+#!/usr/bin/env node
+import "dotenv/config";
+import { readFileSync, mkdirSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+import { WillysApi } from "./willys-api.js";
+import { SKILL_MD } from "./skill.js";
+function formatProduct(p) {
+    const parts = [p.name];
+    if (p.manufacturer)
+        parts.push(`[${p.manufacturer}]`);
+    if (p.displayVolume)
+        parts.push(p.displayVolume);
+    parts.push(`— ${p.price}`);
+    if (p.comparePrice && p.comparePriceUnit) {
+        parts.push(`(${p.comparePrice}/${p.comparePriceUnit})`);
+    }
+    parts.push(`(${p.code})`);
+    return `  ${parts.join(" ")}`;
+}
+function printCart(cart) {
+    if (cart.totalUnitCount === 0) {
+        console.log("Cart is empty.");
+        return;
+    }
+    console.log(`Cart (${cart.totalUnitCount} items):`);
+    for (const p of cart.products) {
+        const parts = [`  ${p.name}`];
+        if (p.manufacturer)
+            parts.push(`[${p.manufacturer}]`);
+        if (p.displayVolume)
+            parts.push(p.displayVolume);
+        parts.push(`x${p.pickQuantity} — ${p.totalPrice}`);
+        if (p.comparePrice && p.comparePriceUnit) {
+            parts.push(`(${p.comparePrice}/${p.comparePriceUnit})`);
+        }
+        parts.push(`(${p.code})`);
+        console.log(parts.join(" "));
+    }
+    console.log(`Total: ${cart.totalPrice}`);
+}
+async function runOperation(api, op, args) {
+    switch (op) {
+        case "cart": {
+            const cart = await api.getCart();
+            printCart(cart);
+            break;
+        }
+        case "add": {
+            const code = args[0];
+            const qty = parseInt(args[1] ?? "1", 10);
+            if (!code)
+                throw new Error("add requires a product code");
+            const cart = await api.addToCart([{ code, qty }]);
+            console.log(`Added ${qty}x ${code}`);
+            printCart(cart);
+            break;
+        }
+        case "remove": {
+            const code = args[0];
+            if (!code)
+                throw new Error("remove requires a product code");
+            const cart = await api.removeFromCart(code);
+            console.log(`Removed ${code}`);
+            printCart(cart);
+            break;
+        }
+        case "clear": {
+            await api.clearCart();
+            console.log("Cart cleared.");
+            const cart = await api.getCart();
+            printCart(cart);
+            break;
+        }
+        case "search": {
+            const query = args[0];
+            const count = parseInt(args[1] ?? "10", 10);
+            if (!query)
+                throw new Error("search requires a query");
+            const collected = [];
+            let page = 0;
+            const pageSize = Math.min(count, 30);
+            while (collected.length < count) {
+                const results = await api.search(query, page, pageSize);
+                collected.push(...results.results);
+                if (page === 0) {
+                    console.log(`${results.pagination.totalNumberOfResults} results for "${query}":`);
+                }
+                if (page + 1 >= results.pagination.numberOfPages)
+                    break;
+                page++;
+            }
+            for (const p of collected.slice(0, count)) {
+                console.log(formatProduct(p));
+            }
+            break;
+        }
+        case "categories": {
+            const tree = await api.getCategories();
+            function print(cat, depth) {
+                if (depth > 2)
+                    return;
+                console.log(`${"  ".repeat(depth)}${cat.title} (${cat.url})`);
+                for (const child of cat.children)
+                    print(child, depth + 1);
+            }
+            print(tree, 0);
+            break;
+        }
+        case "browse": {
+            const catPath = args[0];
+            const page = parseInt(args[1] ?? "0", 10);
+            if (!catPath)
+                throw new Error("browse requires a category path");
+            const results = await api.browseCategory(catPath, page, 10);
+            console.log(`${results.pagination.totalNumberOfResults} products:`);
+            for (const p of results.results) {
+                console.log(formatProduct(p));
+            }
+            break;
+        }
+        default:
+            throw new Error(`Unknown operation: ${op}`);
+    }
+}
+function usage() {
+    console.error(`Usage:
+  willys-cli [-u <username> -p <password>] <operation> [args...]
+  willys-cli [-u <username> -p <password>] -i <file>
+
+Credentials are read from -u/-p flags, or WILLYS_USERNAME/WILLYS_PASSWORD
+environment variables (also loaded from .env).
+
+Operations:
+  cart                          Show cart contents
+  add <product-code> [qty]      Add product to cart
+  remove <product-code>         Remove product from cart
+  clear                         Clear the cart
+  search <query> [count]         Search for products (default: 10)
+  categories                    List categories
+  browse <category-path> [page] Browse a category
+
+File format (CSV, one operation per line):
+  add,<product-code>,<quantity>
+  remove,<product-code>
+  clear
+  cart`);
+    process.exit(1);
+}
+async function main() {
+    const argv = process.argv.slice(2);
+    let username = "";
+    let password = "";
+    let inputFile = "";
+    const positional = [];
+    for (let i = 0; i < argv.length; i++) {
+        switch (argv[i]) {
+            case "-u":
+                username = argv[++i] ?? "";
+                break;
+            case "-p":
+                password = argv[++i] ?? "";
+                break;
+            case "-i":
+                inputFile = argv[++i] ?? "";
+                break;
+            case "--install-skills": {
+                const dir = join(process.cwd(), ".claude", "skills", "willys-cli");
+                mkdirSync(dir, { recursive: true });
+                const dest = join(dir, "SKILL.md");
+                writeFileSync(dest, SKILL_MD);
+                console.log(`Installed willys-cli skill to ${dest}`);
+                process.exit(0);
+            }
+            case "-h":
+            case "--help":
+                usage();
+                break;
+            default:
+                positional.push(argv[i]);
+        }
+    }
+    if (!username)
+        username = process.env.WILLYS_USERNAME?.replace(/^"|"$/g, "") ?? "";
+    if (!password)
+        password = process.env.WILLYS_PASSWORD?.replace(/^"|"$/g, "") ?? "";
+    if (!username || !password) {
+        console.error("Error: No credentials provided. Use -u/-p flags or set WILLYS_USERNAME/WILLYS_PASSWORD.\n");
+        usage();
+    }
+    if (!inputFile && positional.length === 0)
+        usage();
+    const api = new WillysApi();
+    await api.login(username, password);
+    if (inputFile) {
+        const content = readFileSync(inputFile, "utf-8");
+        const lines = content
+            .split("\n")
+            .map((l) => l.trim())
+            .filter((l) => l && !l.startsWith("#"));
+        for (const line of lines) {
+            const [op, ...args] = line.split(",").map((s) => s.trim());
+            console.log(`> ${op} ${args.join(" ")}`);
+            await runOperation(api, op, args);
+            console.log();
+        }
+    }
+    else {
+        const [op, ...args] = positional;
+        await runOperation(api, op, args);
+    }
+    await api.logout();
+}
+main().catch((e) => {
+    console.error(`Error: ${e.message}`);
+    process.exit(1);
+});

package/dist/crypto.d.ts

@@ -0,0 +1,17 @@
+export interface EncryptedCredential {
+    key: string;
+    str: string;
+}
+/**
+ * Encrypts a credential string using AES-128-CBC with PBKDF2 key derivation.
+ * This replicates the client-side encryption used by the Willys website
+ * (module 89683 in their JS bundle).
+ *
+ * Algorithm:
+ * 1. Generate random 16-byte IV and 16-byte salt
+ * 2. Generate random 16-digit numeric key string
+ * 3. Derive AES-128-CBC key using PBKDF2 (SHA-1, 1000 iterations)
+ * 4. Encrypt plaintext with AES-128-CBC
+ * 5. Return { key, str: base64(hex(iv) + "::" + hex(salt) + "::" + base64(ciphertext)) }
+ */
+export declare function encryptCredential(plaintext: string): EncryptedCredential;

package/dist/crypto.js

@@ -0,0 +1,32 @@
+import { randomBytes, pbkdf2Sync, createCipheriv } from "node:crypto";
+/**
+ * Encrypts a credential string using AES-128-CBC with PBKDF2 key derivation.
+ * This replicates the client-side encryption used by the Willys website
+ * (module 89683 in their JS bundle).
+ *
+ * Algorithm:
+ * 1. Generate random 16-byte IV and 16-byte salt
+ * 2. Generate random 16-digit numeric key string
+ * 3. Derive AES-128-CBC key using PBKDF2 (SHA-1, 1000 iterations)
+ * 4. Encrypt plaintext with AES-128-CBC
+ * 5. Return { key, str: base64(hex(iv) + "::" + hex(salt) + "::" + base64(ciphertext)) }
+ */
+export function encryptCredential(plaintext) {
+    const iv = randomBytes(16);
+    const salt = randomBytes(16);
+    // Generate a random 16-digit numeric key (like the JS: two 8-digit random number strings)
+    const key = Math.random().toString().substring(2, 10) +
+        Math.random().toString().substring(2, 10);
+    // Derive AES key using PBKDF2
+    const derivedKey = pbkdf2Sync(key, salt, 1000, 16, "sha1");
+    // Encrypt with AES-128-CBC
+    const cipher = createCipheriv("aes-128-cbc", derivedKey, iv);
+    const encrypted = Buffer.concat([
+        cipher.update(plaintext, "utf8"),
+        cipher.final(),
+    ]);
+    // Format: base64(hex(iv) + "::" + hex(salt) + "::" + base64(ciphertext))
+    const combined = `${iv.toString("hex")}::${salt.toString("hex")}::${encrypted.toString("base64")}`;
+    const str = Buffer.from(combined).toString("base64");
+    return { key, str };
+}

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export { WillysApi } from "./willys-api.js";
+export { encryptCredential } from "./crypto.js";
+export type { Customer, Product, SearchResult, Pagination, Category, Cart, CartProduct, Address, ProductImage, Promotion, } from "./types.js";

package/dist/index.js

@@ -0,0 +1,2 @@
+export { WillysApi } from "./willys-api.js";
+export { encryptCredential } from "./crypto.js";

package/dist/skill.d.ts

@@ -0,0 +1 @@
+export declare const SKILL_MD = "---\nname: willys-cli\ndescription: Manages grocery shopping at Willys.se. Search for products, browse categories, and manage a shopping cart. Use when the user wants to find groceries, add/remove items from their Willys cart, or view their cart.\nallowed-tools: Bash(willys-cli:*)\n---\n\n# Willys Grocery CLI\n\nA CLI tool for shopping at Willys.se (Swedish grocery store).\n\nCredentials are read from WILLYS_USERNAME and WILLYS_PASSWORD environment variables,\nor from a .env file in the current directory. They can also be passed with -u and -p flags.\n\n## Commands\n\n### Search for products\n\n```bash\n# Search for products (default 10 results)\nwillys-cli search mj\u00F6lk\n\n# Search with a specific number of results (fetches multiple pages if needed)\nwillys-cli search \"ekologisk mj\u00F6lk\" 20\n```\n\nOutput includes product name, brand, volume, price, compare price, and product code.\n\n### Browse categories\n\n```bash\n# List all top-level categories (with 2 levels of subcategories)\nwillys-cli categories\n\n# Browse products in a specific category\nwillys-cli browse frukt-och-gront/frukt/citrusfrukt\n```\n\nCategory paths use the URL-style paths shown in the categories output (e.g. `kott-chark-och-fagel/korv`).\n\n### Cart operations\n\n```bash\n# Show current cart\nwillys-cli cart\n\n# Add a product (product code from search results, optional quantity defaults to 1)\nwillys-cli add 101233933_ST 2\n\n# Remove a product\nwillys-cli remove 101233933_ST\n\n# Clear entire cart\nwillys-cli clear\n```\n\nCart-modifying operations (add, remove, clear) print the updated cart after each change.\n\n### Batch operations from CSV file\n\n```bash\nwillys-cli -i shopping-list.csv\n```\n\nCSV format (one operation per line, lines starting with # are ignored):\n```\nadd,101233933_ST,2\nadd,101205823_ST,1\nremove,101233933_ST\ncart\nclear\n```\n\n## Product codes\n\nProduct codes look like `101233933_ST` or `100126409_KG`. They are shown in parentheses\nin search and browse output. Always use the exact code from the output.\n\n## Typical workflow\n\n1. Search for a product: `willys-cli search mj\u00F6lk`\n2. Pick a product code from the results\n3. Add it to cart: `willys-cli add 101233933_ST 2`\n4. Review the cart: `willys-cli cart`\n";

package/dist/skill.js

@@ -0,0 +1,84 @@
+export const SKILL_MD = `---
+name: willys-cli
+description: Manages grocery shopping at Willys.se. Search for products, browse categories, and manage a shopping cart. Use when the user wants to find groceries, add/remove items from their Willys cart, or view their cart.
+allowed-tools: Bash(willys-cli:*)
+---
+
+# Willys Grocery CLI
+
+A CLI tool for shopping at Willys.se (Swedish grocery store).
+
+Credentials are read from WILLYS_USERNAME and WILLYS_PASSWORD environment variables,
+or from a .env file in the current directory. They can also be passed with -u and -p flags.
+
+## Commands
+
+### Search for products
+
+\`\`\`bash
+# Search for products (default 10 results)
+willys-cli search mjölk
+
+# Search with a specific number of results (fetches multiple pages if needed)
+willys-cli search "ekologisk mjölk" 20
+\`\`\`
+
+Output includes product name, brand, volume, price, compare price, and product code.
+
+### Browse categories
+
+\`\`\`bash
+# List all top-level categories (with 2 levels of subcategories)
+willys-cli categories
+
+# Browse products in a specific category
+willys-cli browse frukt-och-gront/frukt/citrusfrukt
+\`\`\`
+
+Category paths use the URL-style paths shown in the categories output (e.g. \`kott-chark-och-fagel/korv\`).
+
+### Cart operations
+
+\`\`\`bash
+# Show current cart
+willys-cli cart
+
+# Add a product (product code from search results, optional quantity defaults to 1)
+willys-cli add 101233933_ST 2
+
+# Remove a product
+willys-cli remove 101233933_ST
+
+# Clear entire cart
+willys-cli clear
+\`\`\`
+
+Cart-modifying operations (add, remove, clear) print the updated cart after each change.
+
+### Batch operations from CSV file
+
+\`\`\`bash
+willys-cli -i shopping-list.csv
+\`\`\`
+
+CSV format (one operation per line, lines starting with # are ignored):
+\`\`\`
+add,101233933_ST,2
+add,101205823_ST,1
+remove,101233933_ST
+cart
+clear
+\`\`\`
+
+## Product codes
+
+Product codes look like \`101233933_ST\` or \`100126409_KG\`. They are shown in parentheses
+in search and browse output. Always use the exact code from the output.
+
+## Typical workflow
+
+1. Search for a product: \`willys-cli search mjölk\`
+2. Pick a product code from the results
+3. Add it to cart: \`willys-cli add 101233933_ST 2\`
+4. Review the cart: \`willys-cli cart\`
+`;

package/dist/types.d.ts

@@ -0,0 +1,135 @@
+export interface Customer {
+    uid: string;
+    name: string;
+    firstName: string;
+    lastName: string;
+    email: string;
+    socialSecurityNumer: string;
+    storeId: string;
+    homeStoreId: string;
+    displayUid: string;
+    defaultBillingAddress: Address | null;
+    defaultShippingAddress: Address | null;
+    linkedAccounts: {
+        name: string;
+        isPrimary: boolean;
+    }[];
+    bonusInfo: Record<string, unknown>;
+}
+export interface Address {
+    id: string;
+    firstName: string;
+    lastName: string;
+    line1: string;
+    line2: string;
+    town: string;
+    postalCode: string;
+    cellphone: string;
+    email: string;
+    country: {
+        isocode: string;
+        name: string;
+    };
+    formattedAddress: string;
+    longitude: number;
+    latitude: number;
+}
+export interface Product {
+    name: string;
+    code: string;
+    price: string;
+    priceValue: number;
+    priceUnit: string;
+    priceNoUnit: string;
+    comparePrice: string;
+    comparePriceUnit: string;
+    productLine2: string;
+    manufacturer: string;
+    displayVolume: string;
+    image: ProductImage | null;
+    thumbnail: ProductImage | null;
+    labels: string[];
+    outOfStock: boolean;
+    online: boolean;
+    addToCartDisabled: boolean;
+    productBasketType: {
+        code: string;
+        type: string;
+    };
+    incrementValue: number;
+    potentialPromotions: Promotion[];
+    savingsAmount: string | null;
+    depositPrice: string;
+    averageWeight: number | null;
+}
+export interface ProductImage {
+    imageType: string;
+    format: string;
+    url: string;
+    altText: string | null;
+}
+export interface Promotion {
+    code?: string;
+    description?: string;
+    [key: string]: unknown;
+}
+export interface Pagination {
+    pageSize: number;
+    currentPage: number;
+    sort: string | null;
+    numberOfPages: number;
+    totalNumberOfResults: number;
+    allProductsInCategoriesCount: number;
+    allProductsInSearchCount: number;
+}
+export interface SearchResult {
+    results: Product[];
+    pagination: Pagination;
+    facets: unknown[];
+    freeTextSearch: string | null;
+    categoryCode: string | null;
+    categoryName: string | null;
+    breadcrumbs: unknown[];
+    sorts: unknown[];
+}
+export interface Category {
+    id: string;
+    category: string;
+    title: string;
+    url: string;
+    valid: boolean;
+    children: Category[];
+}
+export interface Cart {
+    products: CartProduct[];
+    totalPrice: string;
+    totalItems: number;
+    totalUnitCount: number;
+    totalDiscount: string;
+    totalTax: string;
+    subTotalWithDiscounts: string;
+    deliveryCost: string;
+    paymentType: string;
+    appliedVouchers: unknown[];
+    taxes: Record<string, unknown>;
+    isocode: string;
+}
+export interface CartProduct {
+    code: string;
+    name: string;
+    price: string;
+    priceValue: number;
+    quantity: number;
+    pickQuantity: number;
+    totalPrice: string;
+    manufacturer: string;
+    displayVolume: string;
+    comparePrice: string;
+    comparePriceUnit: string;
+    image: ProductImage | null;
+    productBasketType: {
+        code: string;
+        type: string;
+    };
+    [key: string]: unknown;
+}

package/dist/types.js

@@ -0,0 +1 @@
+export {};

package/dist/willys-api.d.ts

@@ -0,0 +1,62 @@
+import type { Customer, SearchResult, Category, Cart } from "./types.js";
+export declare class WillysApi {
+    private cookies;
+    private csrfToken;
+    /**
+     * Make an HTTP request with cookie and CSRF token management.
+     */
+    private request;
+    /**
+     * Parse Set-Cookie headers from a response and store them.
+     */
+    private parseCookies;
+    /**
+     * Fetch a fresh CSRF token from the server.
+     */
+    getCsrfToken(): Promise<string>;
+    /**
+     * Log in to Willys with username (personnummer) and password.
+     * Credentials are encrypted client-side before sending.
+     */
+    login(username: string, password: string): Promise<Customer>;
+    /**
+     * Log out from Willys.
+     */
+    logout(): Promise<void>;
+    /**
+     * Get the currently logged-in customer's profile.
+     */
+    getCustomer(): Promise<Customer>;
+    /**
+     * Search for products by text query.
+     */
+    search(query: string, page?: number, size?: number): Promise<SearchResult>;
+    /**
+     * Get the full category tree.
+     */
+    getCategories(storeId?: string): Promise<Category>;
+    /**
+     * Browse products in a specific category.
+     * @param categoryPath - URL path like "frukt-och-gront/frukt/citrusfrukt"
+     */
+    browseCategory(categoryPath: string, page?: number, size?: number, sort?: string): Promise<SearchResult>;
+    /**
+     * Get the current shopping cart.
+     */
+    getCart(): Promise<Cart>;
+    /**
+     * Add one or more products to the cart.
+     */
+    addToCart(products: Array<{
+        code: string;
+        qty: number;
+    }>): Promise<Cart>;
+    /**
+     * Remove a product from the cart (sets quantity to 0).
+     */
+    removeFromCart(productCode: string): Promise<Cart>;
+    /**
+     * Clear all products from the cart.
+     */
+    clearCart(): Promise<void>;
+}

package/dist/willys-api.js

@@ -0,0 +1,221 @@
+import { encryptCredential } from "./crypto.js";
+const BASE_URL = "https://www.willys.se";
+const DEFAULT_STORE_ID = "2110";
+export class WillysApi {
+    cookies = new Map();
+    csrfToken = null;
+    /**
+     * Make an HTTP request with cookie and CSRF token management.
+     */
+    async request(path, options = {}) {
+        const url = path.startsWith("http") ? path : `${BASE_URL}${path}`;
+        const headers = new Headers(options.headers);
+        headers.set("Accept", "application/json");
+        // Attach cookies
+        if (this.cookies.size > 0) {
+            const cookieStr = Array.from(this.cookies.entries())
+                .map(([k, v]) => `${k}=${v}`)
+                .join("; ");
+            headers.set("Cookie", cookieStr);
+        }
+        // Attach CSRF token for mutating requests
+        if (options.method &&
+            options.method !== "GET" &&
+            this.csrfToken) {
+            headers.set("X-CSRF-TOKEN", this.csrfToken);
+        }
+        const response = await fetch(url, {
+            ...options,
+            headers,
+            redirect: "manual",
+        });
+        this.parseCookies(response);
+        return response;
+    }
+    /**
+     * Parse Set-Cookie headers from a response and store them.
+     */
+    parseCookies(response) {
+        const setCookieHeaders = response.headers.getSetCookie?.() ?? [];
+        for (const header of setCookieHeaders) {
+            const parts = header.split(";")[0];
+            const eqIdx = parts.indexOf("=");
+            if (eqIdx > 0) {
+                const name = parts.substring(0, eqIdx).trim();
+                const value = parts.substring(eqIdx + 1).trim();
+                this.cookies.set(name, value);
+            }
+        }
+    }
+    /**
+     * Fetch a fresh CSRF token from the server.
+     */
+    async getCsrfToken() {
+        // First ensure we have a session
+        if (!this.cookies.has("JSESSIONID")) {
+            await this.request("/api/config");
+        }
+        const response = await this.request("/axfood/rest/csrf-token");
+        if (!response.ok) {
+            throw new Error(`Failed to get CSRF token: ${response.status}`);
+        }
+        const token = await response.json();
+        this.csrfToken = token;
+        return token;
+    }
+    /**
+     * Log in to Willys with username (personnummer) and password.
+     * Credentials are encrypted client-side before sending.
+     */
+    async login(username, password) {
+        // Ensure we have a CSRF token
+        await this.getCsrfToken();
+        // Encrypt credentials
+        const encryptedUsername = encryptCredential(username);
+        const encryptedPassword = encryptCredential(password);
+        const body = {
+            j_username: encryptedUsername.str,
+            j_username_key: encryptedUsername.key,
+            j_password: encryptedPassword.str,
+            j_password_key: encryptedPassword.key,
+            j_remember_me: true,
+        };
+        const response = await this.request("/login", {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(body),
+        });
+        // Login typically returns 200 on success, may redirect
+        if (response.status >= 400) {
+            const text = await response.text();
+            throw new Error(`Login failed with status ${response.status}: ${text.substring(0, 200)}`);
+        }
+        // Follow redirect if needed
+        const location = response.headers.get("location");
+        if (location) {
+            await this.request(location);
+        }
+        // Refresh CSRF token after login
+        await this.getCsrfToken();
+        return this.getCustomer();
+    }
+    /**
+     * Log out from Willys.
+     */
+    async logout() {
+        await this.request("/logout");
+        this.csrfToken = null;
+    }
+    /**
+     * Get the currently logged-in customer's profile.
+     */
+    async getCustomer() {
+        const response = await this.request("/axfood/rest/customer");
+        if (!response.ok) {
+            throw new Error(`Failed to get customer: ${response.status}`);
+        }
+        return response.json();
+    }
+    /**
+     * Search for products by text query.
+     */
+    async search(query, page = 0, size = 30) {
+        const params = new URLSearchParams({
+            q: query,
+            size: size.toString(),
+            page: page.toString(),
+        });
+        const response = await this.request(`/search/clean?${params}`);
+        if (!response.ok) {
+            throw new Error(`Search failed: ${response.status}`);
+        }
+        return response.json();
+    }
+    /**
+     * Get the full category tree.
+     */
+    async getCategories(storeId = DEFAULT_STORE_ID) {
+        const params = new URLSearchParams({
+            storeId,
+            deviceType: "OTHER",
+        });
+        const response = await this.request(`/leftMenu/categorytree?${params}`);
+        if (!response.ok) {
+            throw new Error(`Failed to get categories: ${response.status}`);
+        }
+        return response.json();
+    }
+    /**
+     * Browse products in a specific category.
+     * @param categoryPath - URL path like "frukt-och-gront/frukt/citrusfrukt"
+     */
+    async browseCategory(categoryPath, page = 0, size = 30, sort = "") {
+        const params = new URLSearchParams({
+            page: page.toString(),
+            size: size.toString(),
+            sort,
+        });
+        const response = await this.request(`/c/${categoryPath}?${params}`);
+        if (!response.ok) {
+            throw new Error(`Browse category failed: ${response.status}`);
+        }
+        return response.json();
+    }
+    /**
+     * Get the current shopping cart.
+     */
+    async getCart() {
+        const response = await this.request("/axfood/rest/cart");
+        if (!response.ok) {
+            throw new Error(`Failed to get cart: ${response.status}`);
+        }
+        return response.json();
+    }
+    /**
+     * Add one or more products to the cart.
+     */
+    async addToCart(products) {
+        if (!this.csrfToken) {
+            await this.getCsrfToken();
+        }
+        const body = {
+            products: products.map((p) => ({
+                productCodePost: p.code,
+                qty: p.qty,
+                pickUnit: "pieces",
+                hideDiscountToolTip: false,
+                noReplacementFlag: false,
+            })),
+        };
+        const response = await this.request("/axfood/rest/cart/addProducts", {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(body),
+        });
+        if (!response.ok) {
+            const text = await response.text();
+            throw new Error(`Add to cart failed: ${response.status} - ${text.substring(0, 200)}`);
+        }
+        return this.getCart();
+    }
+    /**
+     * Remove a product from the cart (sets quantity to 0).
+     */
+    async removeFromCart(productCode) {
+        return this.addToCart([{ code: productCode, qty: 0 }]);
+    }
+    /**
+     * Clear all products from the cart.
+     */
+    async clearCart() {
+        if (!this.csrfToken) {
+            await this.getCsrfToken();
+        }
+        const response = await this.request("/axfood/rest/cart", {
+            method: "DELETE",
+        });
+        if (!response.ok) {
+            throw new Error(`Clear cart failed: ${response.status}`);
+        }
+    }
+}

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "willys-cli",
+  "version": "1.0.0",
+  "description": "TypeScript library and CLI for the Willys grocery store API",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "bin": {
+    "willys-cli": "dist/cli.js"
+  },
+  "files": [
+    "dist",
+    "!dist/test.*"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build",
+    "start": "tsx src/cli.ts",
+    "test": "tsx src/test.ts"
+  },
+  "keywords": [
+    "willys",
+    "grocery",
+    "sweden",
+    "shopping",
+    "cli"
+  ],
+  "author": "Erik Hellman",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ErikHellman/willys-agent"
+  },
+  "license": "ISC",
+  "dependencies": {
+    "dotenv": "^17.3.1"
+  },
+  "devDependencies": {
+    "@types/node": "^25.5.0",
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3"
+  }
+}