workos 0.5.4 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +51 -15
- package/dist/bin.js +151 -0
- package/dist/bin.js.map +1 -1
- package/dist/cli.config.d.ts +1 -0
- package/dist/cli.config.js +1 -0
- package/dist/cli.config.js.map +1 -1
- package/dist/commands/doctor.d.ts +1 -0
- package/dist/commands/doctor.js +1 -0
- package/dist/commands/doctor.js.map +1 -1
- package/dist/commands/env.d.ts +9 -0
- package/dist/commands/env.js +188 -0
- package/dist/commands/env.js.map +1 -0
- package/dist/commands/organization.d.ts +18 -0
- package/dist/commands/organization.js +142 -0
- package/dist/commands/organization.js.map +1 -0
- package/dist/commands/user.d.ts +19 -0
- package/dist/commands/user.js +128 -0
- package/dist/commands/user.js.map +1 -0
- package/dist/dashboard/components/CompletionView.js +5 -1
- package/dist/dashboard/components/CompletionView.js.map +1 -1
- package/dist/doctor/agent-prompt.d.ts +9 -0
- package/dist/doctor/agent-prompt.js +67 -0
- package/dist/doctor/agent-prompt.js.map +1 -0
- package/dist/doctor/checks/ai-analysis.d.ts +9 -0
- package/dist/doctor/checks/ai-analysis.js +122 -0
- package/dist/doctor/checks/ai-analysis.js.map +1 -0
- package/dist/doctor/checks/auth-patterns.d.ts +2 -0
- package/dist/doctor/checks/auth-patterns.js +530 -0
- package/dist/doctor/checks/auth-patterns.js.map +1 -0
- package/dist/doctor/checks/environment.js +22 -4
- package/dist/doctor/checks/environment.js.map +1 -1
- package/dist/doctor/checks/framework.js +27 -8
- package/dist/doctor/checks/framework.js.map +1 -1
- package/dist/doctor/checks/language.d.ts +6 -0
- package/dist/doctor/checks/language.js +104 -0
- package/dist/doctor/checks/language.js.map +1 -0
- package/dist/doctor/checks/sdk.js +113 -22
- package/dist/doctor/checks/sdk.js.map +1 -1
- package/dist/doctor/index.js +26 -3
- package/dist/doctor/index.js.map +1 -1
- package/dist/doctor/issues.js +22 -1
- package/dist/doctor/issues.js.map +1 -1
- package/dist/doctor/output.js +85 -18
- package/dist/doctor/output.js.map +1 -1
- package/dist/doctor/types.d.ts +38 -0
- package/dist/doctor/types.js.map +1 -1
- package/dist/lib/adapters/cli-adapter.js +4 -14
- package/dist/lib/adapters/cli-adapter.js.map +1 -1
- package/dist/lib/adapters/dashboard-adapter.js +3 -16
- package/dist/lib/adapters/dashboard-adapter.js.map +1 -1
- package/dist/lib/agent-interface.d.ts +12 -3
- package/dist/lib/agent-interface.js +56 -15
- package/dist/lib/agent-interface.js.map +1 -1
- package/dist/lib/agent-runner.js +29 -27
- package/dist/lib/agent-runner.js.map +1 -1
- package/dist/lib/api-key.d.ts +13 -0
- package/dist/lib/api-key.js +26 -0
- package/dist/lib/api-key.js.map +1 -0
- package/dist/lib/config-store.d.ts +27 -0
- package/dist/lib/config-store.js +142 -0
- package/dist/lib/config-store.js.map +1 -0
- package/dist/lib/credential-store.d.ts +4 -0
- package/dist/lib/credential-store.js +47 -11
- package/dist/lib/credential-store.js.map +1 -1
- package/dist/lib/credentials.d.ts +1 -1
- package/dist/lib/credentials.js +1 -1
- package/dist/lib/credentials.js.map +1 -1
- package/dist/lib/events.d.ts +11 -0
- package/dist/lib/events.js.map +1 -1
- package/dist/lib/run-with-core.js +23 -2
- package/dist/lib/run-with-core.js.map +1 -1
- package/dist/lib/settings.d.ts +1 -0
- package/dist/lib/settings.js.map +1 -1
- package/dist/lib/validation/build-validator.d.ts +12 -0
- package/dist/lib/validation/build-validator.js +35 -5
- package/dist/lib/validation/build-validator.js.map +1 -1
- package/dist/lib/validation/index.d.ts +3 -2
- package/dist/lib/validation/index.js +2 -1
- package/dist/lib/validation/index.js.map +1 -1
- package/dist/lib/validation/quick-checks.d.ts +19 -0
- package/dist/lib/validation/quick-checks.js +190 -0
- package/dist/lib/validation/quick-checks.js.map +1 -0
- package/dist/lib/validation/types.d.ts +15 -0
- package/dist/lib/validation/types.js.map +1 -1
- package/dist/lib/validation/validator.d.ts +8 -1
- package/dist/lib/validation/validator.js +19 -11
- package/dist/lib/validation/validator.js.map +1 -1
- package/dist/lib/workos-api.d.ts +30 -0
- package/dist/lib/workos-api.js +69 -0
- package/dist/lib/workos-api.js.map +1 -0
- package/dist/utils/cli-symbols.d.ts +1 -1
- package/dist/utils/lock-art.d.ts +4 -0
- package/dist/utils/lock-art.js +73 -0
- package/dist/utils/lock-art.js.map +1 -0
- package/dist/utils/package-json.d.ts +1 -0
- package/dist/utils/package-json.js +11 -0
- package/dist/utils/package-json.js.map +1 -1
- package/dist/utils/summary-box.d.ts +18 -0
- package/dist/utils/summary-box.js +148 -0
- package/dist/utils/summary-box.js.map +1 -0
- package/dist/utils/table.d.ts +5 -0
- package/dist/utils/table.js +18 -0
- package/dist/utils/table.js.map +1 -0
- package/dist/utils/types.d.ts +6 -0
- package/dist/utils/types.js.map +1 -1
- package/package.json +1 -1
- package/skills/workos-authkit-nextjs/SKILL.md +5 -5
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent-runner.js","sourceRoot":"","sources":["../../src/lib/agent-runner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAwB,MAAM,uBAAuB,CAAC;AAC9E,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAE7D,OAAO,EACL,wBAAwB,EACxB,4BAA4B,EAC5B,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,gCAAgC,EAAE,MAAM,gBAAgB,CAAC;AAClE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EAAE,8BAA8B,EAAE,MAAM,mBAAmB,CAAC;AACnE,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAC;AACxE,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAuB,EAAE,OAAyB;IACxF,wCAAwC;IACxC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE;QAC9B,OAAO,EAAE,iCAAiC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE;KACjE,CAAC,CAAC;IAEH,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEtD,wEAAwE;IAExE,kCAAkC;IAClC,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACrD,MAAM,wBAAwB,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;IAE/G,MAAM,gBAAgB,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IAElE,2CAA2C;IAC3C,IAAI,gBAAgB,IAAI,MAAM,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;QAC1D,MAAM,aAAa,GAAG,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;QAC1E,SAAS,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,UAAU,EAAE,aAAa,CAAC,CAAC;IAC5E,CAAC;IAED,SAAS,CAAC,OAAO,CAAC,gCAAgC,EAAE;QAClD,MAAM,EAAE,2BAA2B;QACnC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW;KACzC,CAAC,CAAC;IAEH,iEAAiE;IACjE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,4BAA4B,CAAC,OAAO,EAAE,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IAE5G,wEAAwE;IACxE,gFAAgF;IAChF,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;IAExE,mEAAmE;IACnE,mFAAmF;IACnF,IAAI,CAAC,mBAAmB,IAAI,MAAM,IAAI,MAAM,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC;QACxE,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACzE,MAAM,8BAA8B,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,EAAE;YAC9E,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAC;IACL,CAAC;IAED,kFAAkF;IAClF,MAAM,gBAAgB,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE3G,8DAA8D;IAC9D,gEAAgE;IAChE,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACzE,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAClE,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,oBAAoB,IAAI,GAAG,YAAY,EAAE,CAAC;QAErF,gEAAgE;QAChE,MAAM,cAAc,GAClB,MAAM,CAAC,QAAQ,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,qBAAqB,CAAC;QAEvG,aAAa,CAAC,OAAO,CAAC,UAAU,EAAE;YAChC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7C,gBAAgB,EAAE,QAAQ;YAC1B,CAAC,cAAc,CAAC,EAAE,WAAW;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,WAAW,GAAG,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC/D,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QACnD,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,mEAAmE;IACnE,MAAM,iBAAiB,GAAG,sBAAsB,CAC9C,MAAM,EACN;QACE,gBAAgB,EAAE,gBAAgB,IAAI,QAAQ;QAC9C,UAAU,EAAE,kBAAkB;KAC/B,EACD,gBAAgB,CACjB,CAAC;IAEF,2BAA2B;IAC3B,oFAAoF;IACpF,MAAM,KAAK,GAAG,MAAM,eAAe,CACjC;QACE,gBAAgB,EAAE,OAAO,CAAC,UAAU;QACpC,YAAY,EAAE,MAAM;QACpB,aAAa,EAAE,wBAAwB;KACxC,EACD,OAAO,CACR,CAAC;IAEF,oEAAoE;IACpE,MAAM,WAAW,GAAG,MAAM,QAAQ,CAChC,KAAK,EACL,iBAAiB,EACjB,OAAO,EACP;QACE,cAAc,EAAE,eAAe;QAC/B,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC,cAAc;QACxC,YAAY,EAAE,oBAAoB;KACnC,EACD,OAAO,CAAC,OAAO,CAChB,CAAC;IAEF,mEAAmE;IACnE,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC;QACtB,MAAM,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,IAAI,WAAW,CAAC,KAAK,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,mCAAmC;IACnC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACxB,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAEtF,MAAM,gBAAgB,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,UAAU,EAAE;YACnG,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,IAAI,gBAAgB,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,CAAC;QAED,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,qBAAqB,EAAE;YAC3C,MAAM,EAAE,gBAAgB,CAAC,MAAM;YAC/B,UAAU,EAAE,gBAAgB,CAAC,MAAM,CAAC,MAAM;YAC1C,UAAU,EAAE,gBAAgB,CAAC,UAAU;SACxC,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAEhE,oEAAoE;IACpE,IAAI,eAAe,GAAa,EAAE,CAAC;IACnC,IAAI,MAAM,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC;QACvC,eAAe,GAAG,MAAM,8BAA8B,CAAC,OAAO,EAAE;YAC9D,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW;YACxC,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,mEAAmE;IACnE,4CAA4C;IAE5C,sBAAsB;IACtB,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,mCAAmC;IAElE,MAAM,OAAO,GAAG;QACd,GAAG,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,gBAAgB,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C,CAAC,CAAC,CAAC,EAAE;QACjF,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,yDAAyD,CAAC,CAAC,CAAC,EAAE;KAC5F,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElB,MAAM,SAAS,GAAG;QAChB,GAAG,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,gBAAgB,CAAC;QAChD,eAAe,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,eAAe;YAChE,CAAC,CAAC,yDAAyD;YAC3D,CAAC,CAAC,EAAE;KACP,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElB,6DAA6D;IAC7D,MAAM,OAAO,GAAG,sBAAsB,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IAEhF,MAAM,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEpC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB,CAC7B,MAAuB,EACvB,OAGC,EACD,gBAAqC;IAErC,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,yBAAyB;QAC9D,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,yBAAyB,CAAC,gBAAgB,CAAC;QAC5D,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,iBAAiB,GACrB,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEjG,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;IAC5C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,aAAa,MAAM,CAAC,QAAQ,CAAC,IAAI,8BAA8B,CAAC,CAAC;IACnF,CAAC;IAED,oDAAoD;IACpD,MAAM,iBAAiB,GACrB,MAAM,CAAC,QAAQ,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,qBAAqB,CAAC;IAEvG,OAAO,gDAAgD,MAAM,CAAC,QAAQ,CAAC,IAAI;;;;eAI9D,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,CAAC,gBAAgB;gBAC/C,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,iBAAiB;;;;;;;IAOjE,iBAAiB;;;;;YAKT,SAAS;;;;;;;;;;;wBAWG,SAAS,SAAS,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,SAAS,sBAAsB,CAC7B,MAAuB,EACvB,OAAiB,EACjB,SAAmB,EACnB,WAA+B;IAE/B,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAClC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1B,SAAS,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC;QACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;IAErD,IAAI,WAAW,EAAE,CAAC;QAChB,KAAK,CAAC,IAAI,CAAC,wBAAwB,WAAW,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CACR,4GAA4G,CAC7G,CAAC;IAEF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC","sourcesContent":["import { SPINNER_MESSAGE, type FrameworkConfig } from './framework-config.js';\nimport { validateInstallation } from './validation/index.js';\nimport type { InstallerOptions } from '../utils/types.js';\nimport {\n ensurePackageIsInstalled,\n getOrAskForWorkOSCredentials,\n getPackageDotJson,\n isUsingTypeScript,\n} from '../utils/clack-utils.js';\nimport { analytics } from '../utils/analytics.js';\nimport { INSTALLER_INTERACTION_EVENT_NAME } from './constants.js';\nimport { initializeAgent, runAgent } from './agent-interface.js';\nimport { uploadEnvironmentVariablesStep } from '../steps/index.js';\nimport { autoConfigureWorkOSEnvironment } from './workos-management.js';\nimport { detectPort, getCallbackPath } from './port-detection.js';\nimport { writeEnvLocal } from './env-writer.js';\n\n/**\n * Universal agent-powered wizard runner.\n * Handles the complete flow for any framework using WorkOS MCP integration.\n *\n * @returns A detailed summary of what was done and next steps\n */\nexport async function runAgentInstaller(config: FrameworkConfig, options: InstallerOptions): Promise<string> {\n // Emit status for UI adapters to render\n options.emitter?.emit('status', {\n message: `Setting up WorkOS AuthKit for ${config.metadata.name}`,\n });\n\n const typeScriptDetected = isUsingTypeScript(options);\n\n // Git check is now handled by the state machine - no need to check here\n\n // Framework detection and version\n const packageJson = await getPackageDotJson(options);\n await ensurePackageIsInstalled(packageJson, config.detection.packageName, config.detection.packageDisplayName);\n\n const frameworkVersion = config.detection.getVersion(packageJson);\n\n // Set analytics tags for framework version\n if (frameworkVersion && config.detection.getVersionBucket) {\n const versionBucket = config.detection.getVersionBucket(frameworkVersion);\n analytics.setTag(`${config.metadata.integration}-version`, versionBucket);\n }\n\n analytics.capture(INSTALLER_INTERACTION_EVENT_NAME, {\n action: 'started agent integration',\n integration: config.metadata.integration,\n });\n\n // Get WorkOS credentials (API key optional for client-only SDKs)\n const { apiKey, clientId } = await getOrAskForWorkOSCredentials(options, config.environment.requiresApiKey);\n\n // Check if caller (state machine) already configured WorkOS environment\n // If credentials were passed via options, the caller handled config+env writing\n const callerHandledConfig = Boolean(options.apiKey || options.clientId);\n\n // Auto-configure WorkOS environment (redirect URI, CORS, homepage)\n // Skip if caller already handled this (prevents duplicate dashboard config output)\n if (!callerHandledConfig && apiKey && config.environment.requiresApiKey) {\n const port = detectPort(config.metadata.integration, options.installDir);\n await autoConfigureWorkOSEnvironment(apiKey, config.metadata.integration, port, {\n homepageUrl: options.homepageUrl,\n redirectUri: options.redirectUri,\n });\n }\n\n // Gather framework-specific context (e.g., Next.js router, React Native platform)\n const frameworkContext = config.metadata.gatherContext ? await config.metadata.gatherContext(options) : {};\n\n // Write environment variables to .env.local BEFORE agent runs\n // Skip if caller already handled this (prevents double-writing)\n if (!callerHandledConfig) {\n const port = detectPort(config.metadata.integration, options.installDir);\n const callbackPath = getCallbackPath(config.metadata.integration);\n const redirectUri = options.redirectUri || `http://localhost:${port}${callbackPath}`;\n\n // Next.js requires NEXT_PUBLIC_ prefix for client-side env vars\n const redirectUriKey =\n config.metadata.integration === 'nextjs' ? 'NEXT_PUBLIC_WORKOS_REDIRECT_URI' : 'WORKOS_REDIRECT_URI';\n\n writeEnvLocal(options.installDir, {\n ...(apiKey ? { WORKOS_API_KEY: apiKey } : {}),\n WORKOS_CLIENT_ID: clientId,\n [redirectUriKey]: redirectUri,\n });\n }\n\n // Set analytics tags from framework context\n const contextTags = config.analytics.getTags(frameworkContext);\n Object.entries(contextTags).forEach(([key, value]) => {\n analytics.setTag(key, value);\n });\n\n // Build integration prompt (credentials are already in .env.local)\n const integrationPrompt = buildIntegrationPrompt(\n config,\n {\n frameworkVersion: frameworkVersion || 'latest',\n typescript: typeScriptDetected,\n },\n frameworkContext,\n );\n\n // Initialize and run agent\n // Spinner is now handled by adapters listening to agent:start/agent:progress events\n const agent = await initializeAgent(\n {\n workingDirectory: options.installDir,\n workOSApiKey: apiKey,\n workOSApiHost: 'https://api.workos.com',\n },\n options,\n );\n\n // Run agent - errors will throw naturally with skill-based approach\n const agentResult = await runAgent(\n agent,\n integrationPrompt,\n options,\n {\n spinnerMessage: SPINNER_MESSAGE,\n successMessage: config.ui.successMessage,\n errorMessage: 'Integration failed',\n },\n options.emitter,\n );\n\n // If agent returned an error, throw so state machine can handle it\n if (agentResult.error) {\n await analytics.shutdown('error');\n const message = agentResult.errorMessage || agentResult.error;\n throw new Error(`Agent SDK error: ${message}`);\n }\n\n // Run post-installation validation\n if (!options.noValidate) {\n options.emitter?.emit('validation:start', { framework: config.metadata.integration });\n\n const validationResult = await validateInstallation(config.metadata.integration, options.installDir, {\n runBuild: true,\n });\n\n if (validationResult.issues.length > 0) {\n options.emitter?.emit('validation:issues', { issues: validationResult.issues });\n }\n\n options.emitter?.emit('validation:complete', {\n passed: validationResult.passed,\n issueCount: validationResult.issues.length,\n durationMs: validationResult.durationMs,\n });\n }\n\n // Build environment variables from WorkOS credentials\n const envVars = config.environment.getEnvVars(apiKey, clientId);\n\n // Upload environment variables to hosting providers (if configured)\n let uploadedEnvVars: string[] = [];\n if (config.environment.uploadToHosting) {\n uploadedEnvVars = await uploadEnvironmentVariablesStep(envVars, {\n integration: config.metadata.integration,\n options,\n });\n }\n\n // Skip MCP server setup for now (WorkOS doesn't need it initially)\n // await addMCPServerToClientsStep({ ... });\n\n // Build outro message\n const continueUrl = undefined; // No signup flow for WorkOS wizard\n\n const changes = [\n ...config.ui.getOutroChanges(frameworkContext),\n Object.keys(envVars).length > 0 ? `Added environment variables to .env file` : '',\n uploadedEnvVars.length > 0 ? `Uploaded environment variables to your hosting provider` : '',\n ].filter(Boolean);\n\n const nextSteps = [\n ...config.ui.getOutroNextSteps(frameworkContext),\n uploadedEnvVars.length === 0 && config.environment.uploadToHosting\n ? `Upload your WorkOS credentials to your hosting provider`\n : '',\n ].filter(Boolean);\n\n // Build detailed summary to return to caller (state machine)\n const summary = buildCompletionSummary(config, changes, nextSteps, continueUrl);\n\n await analytics.shutdown('success');\n\n return summary;\n}\n\n/**\n * Build the integration prompt for the agent.\n * Uses skill-based approach where agent invokes framework-specific skill.\n * Note: Credentials are pre-written to .env.local, so not included in prompt.\n */\nfunction buildIntegrationPrompt(\n config: FrameworkConfig,\n context: {\n frameworkVersion: string;\n typescript: boolean;\n },\n frameworkContext: Record<string, any>,\n): string {\n const additionalLines = config.prompts.getAdditionalContextLines\n ? config.prompts.getAdditionalContextLines(frameworkContext)\n : [];\n\n const additionalContext =\n additionalLines.length > 0 ? '\\n' + additionalLines.map((line) => `- ${line}`).join('\\n') : '';\n\n const skillName = config.metadata.skillName;\n if (!skillName) {\n throw new Error(`Framework ${config.metadata.name} missing skillName in config`);\n }\n\n // Next.js uses NEXT_PUBLIC_ prefix for redirect URI\n const redirectUriEnvVar =\n config.metadata.integration === 'nextjs' ? 'NEXT_PUBLIC_WORKOS_REDIRECT_URI' : 'WORKOS_REDIRECT_URI';\n\n return `You are integrating WorkOS AuthKit into this ${config.metadata.name} application.\n\n## Project Context\n\n- Framework: ${config.metadata.name} ${context.frameworkVersion}\n- TypeScript: ${context.typescript ? 'Yes' : 'No'}${additionalContext}\n\n## Environment\n\nThe following environment variables have been configured in .env.local:\n- WORKOS_API_KEY\n- WORKOS_CLIENT_ID\n- ${redirectUriEnvVar}\n- WORKOS_COOKIE_PASSWORD\n\n## Your Task\n\nUse the \\`${skillName}\\` skill to integrate WorkOS AuthKit into this application.\n\nThe skill contains step-by-step instructions including:\n1. Fetching the SDK documentation\n2. Installing the SDK\n3. Creating the callback route\n4. Setting up middleware/auth handling\n5. Adding authentication UI to the home page\n\nReport your progress using [STATUS] prefixes.\n\nBegin by invoking the ${skillName} skill.`;\n}\n\n/**\n * Build a completion summary for the event payload.\n * This is a plain-text summary without styling (adapters handle presentation).\n */\nfunction buildCompletionSummary(\n config: FrameworkConfig,\n changes: string[],\n nextSteps: string[],\n continueUrl: string | undefined,\n): string {\n const lines: string[] = [];\n\n lines.push('Successfully installed WorkOS AuthKit!');\n lines.push('');\n\n if (changes.length > 0) {\n lines.push('What the agent did:');\n changes.forEach((change) => lines.push(`• ${change}`));\n lines.push('');\n }\n\n if (nextSteps.length > 0) {\n lines.push('Next steps:');\n nextSteps.forEach((step) => lines.push(`• ${step}`));\n lines.push('');\n }\n\n lines.push(`Learn more: ${config.metadata.docsUrl}`);\n\n if (continueUrl) {\n lines.push(`Continue onboarding: ${continueUrl}`);\n }\n\n lines.push('');\n lines.push(\n 'Note: This installer uses an LLM agent to analyze and modify your project. Please review the changes made.',\n );\n\n return lines.join('\\n');\n}\n"]}
|
|
1
|
+
{"version":3,"file":"agent-runner.js","sourceRoot":"","sources":["../../src/lib/agent-runner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAwB,MAAM,uBAAuB,CAAC;AAC9E,OAAO,EAAE,oBAAoB,EAAE,2BAA2B,EAAE,MAAM,uBAAuB,CAAC;AAE1F,OAAO,EACL,wBAAwB,EACxB,4BAA4B,EAC5B,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,gCAAgC,EAAE,MAAM,gBAAgB,CAAC;AAClE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAoB,MAAM,sBAAsB,CAAC;AACnF,OAAO,EAAE,8BAA8B,EAAE,MAAM,mBAAmB,CAAC;AACnE,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAC;AACxE,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAuB,EAAE,OAAyB;IACxF,wCAAwC;IACxC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE;QAC9B,OAAO,EAAE,iCAAiC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE;KACjE,CAAC,CAAC;IAEH,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEtD,wEAAwE;IAExE,kCAAkC;IAClC,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACrD,MAAM,wBAAwB,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;IAE/G,MAAM,gBAAgB,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IAElE,2CAA2C;IAC3C,IAAI,gBAAgB,IAAI,MAAM,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;QAC1D,MAAM,aAAa,GAAG,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;QAC1E,SAAS,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,UAAU,EAAE,aAAa,CAAC,CAAC;IAC5E,CAAC;IAED,SAAS,CAAC,OAAO,CAAC,gCAAgC,EAAE;QAClD,MAAM,EAAE,2BAA2B;QACnC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW;KACzC,CAAC,CAAC;IAEH,iEAAiE;IACjE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,4BAA4B,CAAC,OAAO,EAAE,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IAE5G,wEAAwE;IACxE,gFAAgF;IAChF,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;IAExE,mEAAmE;IACnE,mFAAmF;IACnF,IAAI,CAAC,mBAAmB,IAAI,MAAM,IAAI,MAAM,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC;QACxE,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACzE,MAAM,8BAA8B,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,EAAE;YAC9E,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAC;IACL,CAAC;IAED,kFAAkF;IAClF,MAAM,gBAAgB,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE3G,8DAA8D;IAC9D,gEAAgE;IAChE,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACzE,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAClE,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,oBAAoB,IAAI,GAAG,YAAY,EAAE,CAAC;QAErF,gEAAgE;QAChE,MAAM,cAAc,GAClB,MAAM,CAAC,QAAQ,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,qBAAqB,CAAC;QAEvG,aAAa,CAAC,OAAO,CAAC,UAAU,EAAE;YAChC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7C,gBAAgB,EAAE,QAAQ;YAC1B,CAAC,cAAc,CAAC,EAAE,WAAW;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,WAAW,GAAG,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC/D,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QACnD,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,mEAAmE;IACnE,MAAM,iBAAiB,GAAG,sBAAsB,CAC9C,MAAM,EACN;QACE,gBAAgB,EAAE,gBAAgB,IAAI,QAAQ;QAC9C,UAAU,EAAE,kBAAkB;KAC/B,EACD,gBAAgB,CACjB,CAAC;IAEF,2BAA2B;IAC3B,oFAAoF;IACpF,MAAM,KAAK,GAAG,MAAM,eAAe,CACjC;QACE,gBAAgB,EAAE,OAAO,CAAC,UAAU;QACpC,YAAY,EAAE,MAAM;QACpB,aAAa,EAAE,wBAAwB;KACxC,EACD,OAAO,CACR,CAAC;IAEF,MAAM,WAAW,GAA4B,OAAO,CAAC,UAAU;QAC7D,CAAC,CAAC,SAAS;QACX,CAAC,CAAC;YACE,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,CAAC;YACnC,iBAAiB,EAAE,2BAA2B;SAC/C,CAAC;IAEN,qFAAqF;IACrF,MAAM,WAAW,GAAG,MAAM,QAAQ,CAChC,KAAK,EACL,iBAAiB,EACjB,OAAO,EACP;QACE,cAAc,EAAE,eAAe;QAC/B,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC,cAAc;QACxC,YAAY,EAAE,oBAAoB;KACnC,EACD,OAAO,CAAC,OAAO,EACf,WAAW,CACZ,CAAC;IAEF,mEAAmE;IACnE,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC;QACtB,MAAM,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,IAAI,WAAW,CAAC,KAAK,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,sBAAsB;IACtB,IAAI,WAAW,CAAC,UAAU,KAAK,SAAS,IAAI,WAAW,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;QACvE,SAAS,CAAC,OAAO,CAAC,gCAAgC,EAAE;YAClD,MAAM,EAAE,qBAAqB;YAC7B,WAAW,EAAE,WAAW,CAAC,UAAU;YACnC,WAAW,EAAE,OAAO,CAAC,UAAU,IAAI,CAAC;YACpC,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;IACL,CAAC;IAED,2DAA2D;IAC3D,8DAA8D;IAC9D,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QACxB,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAEtF,MAAM,gBAAgB,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,UAAU,EAAE;YACnG,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;QAEH,IAAI,gBAAgB,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,CAAC;QAED,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,qBAAqB,EAAE;YAC3C,MAAM,EAAE,gBAAgB,CAAC,MAAM;YAC/B,UAAU,EAAE,gBAAgB,CAAC,MAAM,CAAC,MAAM;YAC1C,UAAU,EAAE,gBAAgB,CAAC,UAAU;SACxC,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAEhE,oEAAoE;IACpE,IAAI,eAAe,GAAa,EAAE,CAAC;IACnC,IAAI,MAAM,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC;QACvC,eAAe,GAAG,MAAM,8BAA8B,CAAC,OAAO,EAAE;YAC9D,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW;YACxC,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAAG;QACd,GAAG,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,gBAAgB,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C,CAAC,CAAC,CAAC,EAAE;QACjF,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,yDAAyD,CAAC,CAAC,CAAC,EAAE;KAC5F,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElB,MAAM,SAAS,GAAG;QAChB,GAAG,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,gBAAgB,CAAC;QAChD,eAAe,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,eAAe;YAChE,CAAC,CAAC,yDAAyD;YAC3D,CAAC,CAAC,EAAE;KACP,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElB,MAAM,OAAO,GAAG,sBAAsB,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;IAEnE,MAAM,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEpC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB,CAC7B,MAAuB,EACvB,OAGC,EACD,gBAAqC;IAErC,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,yBAAyB;QAC9D,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,yBAAyB,CAAC,gBAAgB,CAAC;QAC5D,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,iBAAiB,GACrB,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEjG,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;IAC5C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,aAAa,MAAM,CAAC,QAAQ,CAAC,IAAI,8BAA8B,CAAC,CAAC;IACnF,CAAC;IAED,oDAAoD;IACpD,MAAM,iBAAiB,GACrB,MAAM,CAAC,QAAQ,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,qBAAqB,CAAC;IAEvG,OAAO,gDAAgD,MAAM,CAAC,QAAQ,CAAC,IAAI;;;;eAI9D,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,CAAC,gBAAgB;gBAC/C,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,iBAAiB;;;;;;;IAOjE,iBAAiB;;;;;YAKT,SAAS;;;;;;;;;;;wBAWG,SAAS,SAAS,CAAC;AAC3C,CAAC;AAED,SAAS,sBAAsB,CAAC,MAAuB,EAAE,OAAiB,EAAE,SAAmB;IAC7F,MAAM,KAAK,GAAa,CAAC,wCAAwC,EAAE,EAAE,CAAC,CAAC;IAEvE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAClC,KAAK,MAAM,MAAM,IAAI,OAAO;YAAE,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1B,KAAK,MAAM,IAAI,IAAI,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CACR,eAAe,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EACxC,EAAE,EACF,4GAA4G,CAC7G,CAAC;IAEF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC","sourcesContent":["import { SPINNER_MESSAGE, type FrameworkConfig } from './framework-config.js';\nimport { validateInstallation, quickCheckValidateAndFormat } from './validation/index.js';\nimport type { InstallerOptions } from '../utils/types.js';\nimport {\n ensurePackageIsInstalled,\n getOrAskForWorkOSCredentials,\n getPackageDotJson,\n isUsingTypeScript,\n} from '../utils/clack-utils.js';\nimport { analytics } from '../utils/analytics.js';\nimport { INSTALLER_INTERACTION_EVENT_NAME } from './constants.js';\nimport { initializeAgent, runAgent, type RetryConfig } from './agent-interface.js';\nimport { uploadEnvironmentVariablesStep } from '../steps/index.js';\nimport { autoConfigureWorkOSEnvironment } from './workos-management.js';\nimport { detectPort, getCallbackPath } from './port-detection.js';\nimport { writeEnvLocal } from './env-writer.js';\n\n/**\n * Universal agent-powered wizard runner.\n * Handles the complete flow for any framework using WorkOS MCP integration.\n *\n * @returns A detailed summary of what was done and next steps\n */\nexport async function runAgentInstaller(config: FrameworkConfig, options: InstallerOptions): Promise<string> {\n // Emit status for UI adapters to render\n options.emitter?.emit('status', {\n message: `Setting up WorkOS AuthKit for ${config.metadata.name}`,\n });\n\n const typeScriptDetected = isUsingTypeScript(options);\n\n // Git check is now handled by the state machine - no need to check here\n\n // Framework detection and version\n const packageJson = await getPackageDotJson(options);\n await ensurePackageIsInstalled(packageJson, config.detection.packageName, config.detection.packageDisplayName);\n\n const frameworkVersion = config.detection.getVersion(packageJson);\n\n // Set analytics tags for framework version\n if (frameworkVersion && config.detection.getVersionBucket) {\n const versionBucket = config.detection.getVersionBucket(frameworkVersion);\n analytics.setTag(`${config.metadata.integration}-version`, versionBucket);\n }\n\n analytics.capture(INSTALLER_INTERACTION_EVENT_NAME, {\n action: 'started agent integration',\n integration: config.metadata.integration,\n });\n\n // Get WorkOS credentials (API key optional for client-only SDKs)\n const { apiKey, clientId } = await getOrAskForWorkOSCredentials(options, config.environment.requiresApiKey);\n\n // Check if caller (state machine) already configured WorkOS environment\n // If credentials were passed via options, the caller handled config+env writing\n const callerHandledConfig = Boolean(options.apiKey || options.clientId);\n\n // Auto-configure WorkOS environment (redirect URI, CORS, homepage)\n // Skip if caller already handled this (prevents duplicate dashboard config output)\n if (!callerHandledConfig && apiKey && config.environment.requiresApiKey) {\n const port = detectPort(config.metadata.integration, options.installDir);\n await autoConfigureWorkOSEnvironment(apiKey, config.metadata.integration, port, {\n homepageUrl: options.homepageUrl,\n redirectUri: options.redirectUri,\n });\n }\n\n // Gather framework-specific context (e.g., Next.js router, React Native platform)\n const frameworkContext = config.metadata.gatherContext ? await config.metadata.gatherContext(options) : {};\n\n // Write environment variables to .env.local BEFORE agent runs\n // Skip if caller already handled this (prevents double-writing)\n if (!callerHandledConfig) {\n const port = detectPort(config.metadata.integration, options.installDir);\n const callbackPath = getCallbackPath(config.metadata.integration);\n const redirectUri = options.redirectUri || `http://localhost:${port}${callbackPath}`;\n\n // Next.js requires NEXT_PUBLIC_ prefix for client-side env vars\n const redirectUriKey =\n config.metadata.integration === 'nextjs' ? 'NEXT_PUBLIC_WORKOS_REDIRECT_URI' : 'WORKOS_REDIRECT_URI';\n\n writeEnvLocal(options.installDir, {\n ...(apiKey ? { WORKOS_API_KEY: apiKey } : {}),\n WORKOS_CLIENT_ID: clientId,\n [redirectUriKey]: redirectUri,\n });\n }\n\n // Set analytics tags from framework context\n const contextTags = config.analytics.getTags(frameworkContext);\n Object.entries(contextTags).forEach(([key, value]) => {\n analytics.setTag(key, value);\n });\n\n // Build integration prompt (credentials are already in .env.local)\n const integrationPrompt = buildIntegrationPrompt(\n config,\n {\n frameworkVersion: frameworkVersion || 'latest',\n typescript: typeScriptDetected,\n },\n frameworkContext,\n );\n\n // Initialize and run agent\n // Spinner is now handled by adapters listening to agent:start/agent:progress events\n const agent = await initializeAgent(\n {\n workingDirectory: options.installDir,\n workOSApiKey: apiKey,\n workOSApiHost: 'https://api.workos.com',\n },\n options,\n );\n\n const retryConfig: RetryConfig | undefined = options.noValidate\n ? undefined\n : {\n maxRetries: options.maxRetries ?? 2,\n validateAndFormat: quickCheckValidateAndFormat,\n };\n\n // Run agent with retry support — agent gets correction prompts on validation failure\n const agentResult = await runAgent(\n agent,\n integrationPrompt,\n options,\n {\n spinnerMessage: SPINNER_MESSAGE,\n successMessage: config.ui.successMessage,\n errorMessage: 'Integration failed',\n },\n options.emitter,\n retryConfig,\n );\n\n // If agent returned an error, throw so state machine can handle it\n if (agentResult.error) {\n await analytics.shutdown('error');\n const message = agentResult.errorMessage || agentResult.error;\n throw new Error(`Agent SDK error: ${message}`);\n }\n\n // Track retry metrics\n if (agentResult.retryCount !== undefined && agentResult.retryCount > 0) {\n analytics.capture(INSTALLER_INTERACTION_EVENT_NAME, {\n action: 'agent retry summary',\n retry_count: agentResult.retryCount,\n max_retries: options.maxRetries ?? 2,\n passed_after_retry: true,\n });\n }\n\n // Run full validation after agent (with retries) completes\n // Quick checks already ran inside the retry loop — skip build\n if (!options.noValidate) {\n options.emitter?.emit('validation:start', { framework: config.metadata.integration });\n\n const validationResult = await validateInstallation(config.metadata.integration, options.installDir, {\n runBuild: false,\n });\n\n if (validationResult.issues.length > 0) {\n options.emitter?.emit('validation:issues', { issues: validationResult.issues });\n }\n\n options.emitter?.emit('validation:complete', {\n passed: validationResult.passed,\n issueCount: validationResult.issues.length,\n durationMs: validationResult.durationMs,\n });\n }\n\n // Build environment variables from WorkOS credentials\n const envVars = config.environment.getEnvVars(apiKey, clientId);\n\n // Upload environment variables to hosting providers (if configured)\n let uploadedEnvVars: string[] = [];\n if (config.environment.uploadToHosting) {\n uploadedEnvVars = await uploadEnvironmentVariablesStep(envVars, {\n integration: config.metadata.integration,\n options,\n });\n }\n\n const changes = [\n ...config.ui.getOutroChanges(frameworkContext),\n Object.keys(envVars).length > 0 ? `Added environment variables to .env file` : '',\n uploadedEnvVars.length > 0 ? `Uploaded environment variables to your hosting provider` : '',\n ].filter(Boolean);\n\n const nextSteps = [\n ...config.ui.getOutroNextSteps(frameworkContext),\n uploadedEnvVars.length === 0 && config.environment.uploadToHosting\n ? `Upload your WorkOS credentials to your hosting provider`\n : '',\n ].filter(Boolean);\n\n const summary = buildCompletionSummary(config, changes, nextSteps);\n\n await analytics.shutdown('success');\n\n return summary;\n}\n\n/**\n * Build the integration prompt for the agent.\n * Uses skill-based approach where agent invokes framework-specific skill.\n * Note: Credentials are pre-written to .env.local, so not included in prompt.\n */\nfunction buildIntegrationPrompt(\n config: FrameworkConfig,\n context: {\n frameworkVersion: string;\n typescript: boolean;\n },\n frameworkContext: Record<string, any>,\n): string {\n const additionalLines = config.prompts.getAdditionalContextLines\n ? config.prompts.getAdditionalContextLines(frameworkContext)\n : [];\n\n const additionalContext =\n additionalLines.length > 0 ? '\\n' + additionalLines.map((line) => `- ${line}`).join('\\n') : '';\n\n const skillName = config.metadata.skillName;\n if (!skillName) {\n throw new Error(`Framework ${config.metadata.name} missing skillName in config`);\n }\n\n // Next.js uses NEXT_PUBLIC_ prefix for redirect URI\n const redirectUriEnvVar =\n config.metadata.integration === 'nextjs' ? 'NEXT_PUBLIC_WORKOS_REDIRECT_URI' : 'WORKOS_REDIRECT_URI';\n\n return `You are integrating WorkOS AuthKit into this ${config.metadata.name} application.\n\n## Project Context\n\n- Framework: ${config.metadata.name} ${context.frameworkVersion}\n- TypeScript: ${context.typescript ? 'Yes' : 'No'}${additionalContext}\n\n## Environment\n\nThe following environment variables have been configured in .env.local:\n- WORKOS_API_KEY\n- WORKOS_CLIENT_ID\n- ${redirectUriEnvVar}\n- WORKOS_COOKIE_PASSWORD\n\n## Your Task\n\nUse the \\`${skillName}\\` skill to integrate WorkOS AuthKit into this application.\n\nThe skill contains step-by-step instructions including:\n1. Fetching the SDK documentation\n2. Installing the SDK\n3. Creating the callback route\n4. Setting up middleware/auth handling\n5. Adding authentication UI to the home page\n\nReport your progress using [STATUS] prefixes.\n\nBegin by invoking the ${skillName} skill.`;\n}\n\nfunction buildCompletionSummary(config: FrameworkConfig, changes: string[], nextSteps: string[]): string {\n const lines: string[] = ['Successfully installed WorkOS AuthKit!', ''];\n\n if (changes.length > 0) {\n lines.push('What the agent did:');\n for (const change of changes) lines.push(`• ${change}`);\n lines.push('');\n }\n\n if (nextSteps.length > 0) {\n lines.push('Next steps:');\n for (const step of nextSteps) lines.push(`• ${step}`);\n lines.push('');\n }\n\n lines.push(\n `Learn more: ${config.metadata.docsUrl}`,\n '',\n 'Note: This installer uses an LLM agent to analyze and modify your project. Please review the changes made.',\n );\n\n return lines.join('\\n');\n}\n"]}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* API key resolution for management commands.
|
|
3
|
+
*
|
|
4
|
+
* Priority chain:
|
|
5
|
+
* 1. WORKOS_API_KEY environment variable
|
|
6
|
+
* 2. --api-key flag
|
|
7
|
+
* 3. Active environment's stored API key
|
|
8
|
+
*/
|
|
9
|
+
export interface ApiKeyOptions {
|
|
10
|
+
apiKey?: string;
|
|
11
|
+
}
|
|
12
|
+
export declare function resolveApiKey(options?: ApiKeyOptions): string;
|
|
13
|
+
export declare function resolveApiBaseUrl(): string;
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* API key resolution for management commands.
|
|
3
|
+
*
|
|
4
|
+
* Priority chain:
|
|
5
|
+
* 1. WORKOS_API_KEY environment variable
|
|
6
|
+
* 2. --api-key flag
|
|
7
|
+
* 3. Active environment's stored API key
|
|
8
|
+
*/
|
|
9
|
+
import { getActiveEnvironment } from './config-store.js';
|
|
10
|
+
const DEFAULT_BASE_URL = 'https://api.workos.com';
|
|
11
|
+
export function resolveApiKey(options) {
|
|
12
|
+
const envVar = process.env.WORKOS_API_KEY;
|
|
13
|
+
if (envVar)
|
|
14
|
+
return envVar;
|
|
15
|
+
if (options?.apiKey)
|
|
16
|
+
return options.apiKey;
|
|
17
|
+
const activeEnv = getActiveEnvironment();
|
|
18
|
+
if (activeEnv?.apiKey)
|
|
19
|
+
return activeEnv.apiKey;
|
|
20
|
+
throw new Error('No API key configured. Run `workos env add` to configure an environment, or set WORKOS_API_KEY.');
|
|
21
|
+
}
|
|
22
|
+
export function resolveApiBaseUrl() {
|
|
23
|
+
const activeEnv = getActiveEnvironment();
|
|
24
|
+
return activeEnv?.endpoint || DEFAULT_BASE_URL;
|
|
25
|
+
}
|
|
26
|
+
//# sourceMappingURL=api-key.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"api-key.js","sourceRoot":"","sources":["../../src/lib/api-key.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAEzD,MAAM,gBAAgB,GAAG,wBAAwB,CAAC;AAMlD,MAAM,UAAU,aAAa,CAAC,OAAuB;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;IAC1C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,IAAI,OAAO,EAAE,MAAM;QAAE,OAAO,OAAO,CAAC,MAAM,CAAC;IAE3C,MAAM,SAAS,GAAG,oBAAoB,EAAE,CAAC;IACzC,IAAI,SAAS,EAAE,MAAM;QAAE,OAAO,SAAS,CAAC,MAAM,CAAC;IAE/C,MAAM,IAAI,KAAK,CAAC,iGAAiG,CAAC,CAAC;AACrH,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,MAAM,SAAS,GAAG,oBAAoB,EAAE,CAAC;IACzC,OAAO,SAAS,EAAE,QAAQ,IAAI,gBAAgB,CAAC;AACjD,CAAC","sourcesContent":["/**\n * API key resolution for management commands.\n *\n * Priority chain:\n * 1. WORKOS_API_KEY environment variable\n * 2. --api-key flag\n * 3. Active environment's stored API key\n */\n\nimport { getActiveEnvironment } from './config-store.js';\n\nconst DEFAULT_BASE_URL = 'https://api.workos.com';\n\nexport interface ApiKeyOptions {\n apiKey?: string;\n}\n\nexport function resolveApiKey(options?: ApiKeyOptions): string {\n const envVar = process.env.WORKOS_API_KEY;\n if (envVar) return envVar;\n\n if (options?.apiKey) return options.apiKey;\n\n const activeEnv = getActiveEnvironment();\n if (activeEnv?.apiKey) return activeEnv.apiKey;\n\n throw new Error('No API key configured. Run `workos env add` to configure an environment, or set WORKOS_API_KEY.');\n}\n\nexport function resolveApiBaseUrl(): string {\n const activeEnv = getActiveEnvironment();\n return activeEnv?.endpoint || DEFAULT_BASE_URL;\n}\n"]}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CLI config storage abstraction with keyring support and file fallback.
|
|
3
|
+
*
|
|
4
|
+
* Stores environment configurations (names, API keys, endpoints) separately
|
|
5
|
+
* from OAuth credentials. Uses a second keyring entry under the same service.
|
|
6
|
+
*
|
|
7
|
+
* Storage priority:
|
|
8
|
+
* 1. If insecure storage forced: use file only
|
|
9
|
+
* 2. Try keyring, fall back to file with warning if unavailable
|
|
10
|
+
*/
|
|
11
|
+
export interface EnvironmentConfig {
|
|
12
|
+
name: string;
|
|
13
|
+
type: 'production' | 'sandbox';
|
|
14
|
+
apiKey: string;
|
|
15
|
+
clientId?: string;
|
|
16
|
+
endpoint?: string;
|
|
17
|
+
}
|
|
18
|
+
export interface CliConfig {
|
|
19
|
+
activeEnvironment?: string;
|
|
20
|
+
environments: Record<string, EnvironmentConfig>;
|
|
21
|
+
}
|
|
22
|
+
export declare function setInsecureConfigStorage(value: boolean): void;
|
|
23
|
+
export declare function getConfig(): CliConfig | null;
|
|
24
|
+
export declare function saveConfig(config: CliConfig): void;
|
|
25
|
+
export declare function clearConfig(): void;
|
|
26
|
+
export declare function getActiveEnvironment(): EnvironmentConfig | null;
|
|
27
|
+
export declare function getConfigPath(): string;
|
|
@@ -0,0 +1,142 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CLI config storage abstraction with keyring support and file fallback.
|
|
3
|
+
*
|
|
4
|
+
* Stores environment configurations (names, API keys, endpoints) separately
|
|
5
|
+
* from OAuth credentials. Uses a second keyring entry under the same service.
|
|
6
|
+
*
|
|
7
|
+
* Storage priority:
|
|
8
|
+
* 1. If insecure storage forced: use file only
|
|
9
|
+
* 2. Try keyring, fall back to file with warning if unavailable
|
|
10
|
+
*/
|
|
11
|
+
import { Entry } from '@napi-rs/keyring';
|
|
12
|
+
import fs from 'node:fs';
|
|
13
|
+
import path from 'node:path';
|
|
14
|
+
import os from 'node:os';
|
|
15
|
+
import { logWarn } from '../utils/debug.js';
|
|
16
|
+
const SERVICE_NAME = 'workos-cli';
|
|
17
|
+
const ACCOUNT_NAME = 'config';
|
|
18
|
+
let fallbackWarningShown = false;
|
|
19
|
+
let forceInsecureStorage = false;
|
|
20
|
+
export function setInsecureConfigStorage(value) {
|
|
21
|
+
forceInsecureStorage = value;
|
|
22
|
+
}
|
|
23
|
+
function getConfigDir() {
|
|
24
|
+
return path.join(os.homedir(), '.workos');
|
|
25
|
+
}
|
|
26
|
+
function getConfigFilePath() {
|
|
27
|
+
return path.join(getConfigDir(), 'config.json');
|
|
28
|
+
}
|
|
29
|
+
function fileExists() {
|
|
30
|
+
return fs.existsSync(getConfigFilePath());
|
|
31
|
+
}
|
|
32
|
+
function readFromFile() {
|
|
33
|
+
if (!fileExists())
|
|
34
|
+
return null;
|
|
35
|
+
try {
|
|
36
|
+
const content = fs.readFileSync(getConfigFilePath(), 'utf-8');
|
|
37
|
+
return JSON.parse(content);
|
|
38
|
+
}
|
|
39
|
+
catch (error) {
|
|
40
|
+
logWarn('Failed to read config file:', error);
|
|
41
|
+
return null;
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
function writeToFile(config) {
|
|
45
|
+
const dir = getConfigDir();
|
|
46
|
+
if (!fs.existsSync(dir)) {
|
|
47
|
+
fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
|
|
48
|
+
}
|
|
49
|
+
fs.writeFileSync(getConfigFilePath(), JSON.stringify(config, null, 2), {
|
|
50
|
+
mode: 0o600,
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
function deleteFile() {
|
|
54
|
+
if (fileExists()) {
|
|
55
|
+
fs.unlinkSync(getConfigFilePath());
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
function getKeyringEntry() {
|
|
59
|
+
return new Entry(SERVICE_NAME, ACCOUNT_NAME);
|
|
60
|
+
}
|
|
61
|
+
function readFromKeyring() {
|
|
62
|
+
try {
|
|
63
|
+
const entry = getKeyringEntry();
|
|
64
|
+
const data = entry.getPassword();
|
|
65
|
+
if (!data)
|
|
66
|
+
return null;
|
|
67
|
+
return JSON.parse(data);
|
|
68
|
+
}
|
|
69
|
+
catch (error) {
|
|
70
|
+
logWarn('Failed to read config from keyring:', error);
|
|
71
|
+
return null;
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
function writeToKeyring(config) {
|
|
75
|
+
try {
|
|
76
|
+
const entry = getKeyringEntry();
|
|
77
|
+
entry.setPassword(JSON.stringify(config));
|
|
78
|
+
return true;
|
|
79
|
+
}
|
|
80
|
+
catch (error) {
|
|
81
|
+
logWarn('Failed to write config to keyring:', error);
|
|
82
|
+
return false;
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
function deleteFromKeyring() {
|
|
86
|
+
try {
|
|
87
|
+
const entry = getKeyringEntry();
|
|
88
|
+
entry.deletePassword();
|
|
89
|
+
}
|
|
90
|
+
catch (error) {
|
|
91
|
+
const msg = error instanceof Error ? error.message : String(error);
|
|
92
|
+
if (!msg.includes('not found') && !msg.includes('No such')) {
|
|
93
|
+
logWarn('Failed to delete config from keyring:', error);
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
function showFallbackWarning() {
|
|
98
|
+
if (fallbackWarningShown || forceInsecureStorage)
|
|
99
|
+
return;
|
|
100
|
+
fallbackWarningShown = true;
|
|
101
|
+
logWarn('Unable to store config in system keyring. Using file storage.', 'Config saved to ~/.workos/config.json', 'Use --insecure-storage to suppress this warning.');
|
|
102
|
+
}
|
|
103
|
+
export function getConfig() {
|
|
104
|
+
if (forceInsecureStorage)
|
|
105
|
+
return readFromFile();
|
|
106
|
+
const keyringConfig = readFromKeyring();
|
|
107
|
+
if (keyringConfig)
|
|
108
|
+
return keyringConfig;
|
|
109
|
+
const fileConfig = readFromFile();
|
|
110
|
+
if (fileConfig) {
|
|
111
|
+
// Migrate file config to keyring if possible
|
|
112
|
+
if (writeToKeyring(fileConfig))
|
|
113
|
+
deleteFile();
|
|
114
|
+
return fileConfig;
|
|
115
|
+
}
|
|
116
|
+
return null;
|
|
117
|
+
}
|
|
118
|
+
export function saveConfig(config) {
|
|
119
|
+
if (forceInsecureStorage)
|
|
120
|
+
return writeToFile(config);
|
|
121
|
+
if (writeToKeyring(config)) {
|
|
122
|
+
deleteFile();
|
|
123
|
+
}
|
|
124
|
+
else {
|
|
125
|
+
showFallbackWarning();
|
|
126
|
+
writeToFile(config);
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
export function clearConfig() {
|
|
130
|
+
deleteFromKeyring();
|
|
131
|
+
deleteFile();
|
|
132
|
+
}
|
|
133
|
+
export function getActiveEnvironment() {
|
|
134
|
+
const config = getConfig();
|
|
135
|
+
if (!config?.activeEnvironment)
|
|
136
|
+
return null;
|
|
137
|
+
return config.environments[config.activeEnvironment] ?? null;
|
|
138
|
+
}
|
|
139
|
+
export function getConfigPath() {
|
|
140
|
+
return getConfigFilePath();
|
|
141
|
+
}
|
|
142
|
+
//# sourceMappingURL=config-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config-store.js","sourceRoot":"","sources":["../../src/lib/config-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAe5C,MAAM,YAAY,GAAG,YAAY,CAAC;AAClC,MAAM,YAAY,GAAG,QAAQ,CAAC;AAE9B,IAAI,oBAAoB,GAAG,KAAK,CAAC;AACjC,IAAI,oBAAoB,GAAG,KAAK,CAAC;AAEjC,MAAM,UAAU,wBAAwB,CAAC,KAAc;IACrD,oBAAoB,GAAG,KAAK,CAAC;AAC/B,CAAC;AAED,SAAS,YAAY;IACnB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,aAAa,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,EAAE,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,YAAY;IACnB,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,IAAI,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,iBAAiB,EAAE,EAAE,OAAO,CAAC,CAAC;QAC9D,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,MAAiB;IACpC,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAC3B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,iBAAiB,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;QACrE,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,UAAU,EAAE,EAAE,CAAC;QACjB,EAAE,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC;IACrC,CAAC;AACH,CAAC;AAED,SAAS,eAAe;IACtB,OAAO,IAAI,KAAK,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,eAAe;IACtB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QACjC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,MAAiB;IACvC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB;IACxB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,cAAc,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB;IAC1B,IAAI,oBAAoB,IAAI,oBAAoB;QAAE,OAAO;IACzD,oBAAoB,GAAG,IAAI,CAAC;IAC5B,OAAO,CACL,+DAA+D,EAC/D,uCAAuC,EACvC,kDAAkD,CACnD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,SAAS;IACvB,IAAI,oBAAoB;QAAE,OAAO,YAAY,EAAE,CAAC;IAEhD,MAAM,aAAa,GAAG,eAAe,EAAE,CAAC;IACxC,IAAI,aAAa;QAAE,OAAO,aAAa,CAAC;IAExC,MAAM,UAAU,GAAG,YAAY,EAAE,CAAC;IAClC,IAAI,UAAU,EAAE,CAAC;QACf,6CAA6C;QAC7C,IAAI,cAAc,CAAC,UAAU,CAAC;YAAE,UAAU,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAiB;IAC1C,IAAI,oBAAoB;QAAE,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;IAErD,IAAI,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,UAAU,EAAE,CAAC;IACf,CAAC;SAAM,CAAC;QACN,mBAAmB,EAAE,CAAC;QACtB,WAAW,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,iBAAiB,EAAE,CAAC;IACpB,UAAU,EAAE,CAAC;AACf,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,IAAI,CAAC,MAAM,EAAE,iBAAiB;QAAE,OAAO,IAAI,CAAC;IAC5C,OAAO,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC;AAC/D,CAAC;AAED,MAAM,UAAU,aAAa;IAC3B,OAAO,iBAAiB,EAAE,CAAC;AAC7B,CAAC","sourcesContent":["/**\n * CLI config storage abstraction with keyring support and file fallback.\n *\n * Stores environment configurations (names, API keys, endpoints) separately\n * from OAuth credentials. Uses a second keyring entry under the same service.\n *\n * Storage priority:\n * 1. If insecure storage forced: use file only\n * 2. Try keyring, fall back to file with warning if unavailable\n */\n\nimport { Entry } from '@napi-rs/keyring';\nimport fs from 'node:fs';\nimport path from 'node:path';\nimport os from 'node:os';\nimport { logWarn } from '../utils/debug.js';\n\nexport interface EnvironmentConfig {\n name: string;\n type: 'production' | 'sandbox';\n apiKey: string;\n clientId?: string;\n endpoint?: string;\n}\n\nexport interface CliConfig {\n activeEnvironment?: string;\n environments: Record<string, EnvironmentConfig>;\n}\n\nconst SERVICE_NAME = 'workos-cli';\nconst ACCOUNT_NAME = 'config';\n\nlet fallbackWarningShown = false;\nlet forceInsecureStorage = false;\n\nexport function setInsecureConfigStorage(value: boolean): void {\n forceInsecureStorage = value;\n}\n\nfunction getConfigDir(): string {\n return path.join(os.homedir(), '.workos');\n}\n\nfunction getConfigFilePath(): string {\n return path.join(getConfigDir(), 'config.json');\n}\n\nfunction fileExists(): boolean {\n return fs.existsSync(getConfigFilePath());\n}\n\nfunction readFromFile(): CliConfig | null {\n if (!fileExists()) return null;\n try {\n const content = fs.readFileSync(getConfigFilePath(), 'utf-8');\n return JSON.parse(content);\n } catch (error) {\n logWarn('Failed to read config file:', error);\n return null;\n }\n}\n\nfunction writeToFile(config: CliConfig): void {\n const dir = getConfigDir();\n if (!fs.existsSync(dir)) {\n fs.mkdirSync(dir, { recursive: true, mode: 0o700 });\n }\n fs.writeFileSync(getConfigFilePath(), JSON.stringify(config, null, 2), {\n mode: 0o600,\n });\n}\n\nfunction deleteFile(): void {\n if (fileExists()) {\n fs.unlinkSync(getConfigFilePath());\n }\n}\n\nfunction getKeyringEntry(): Entry {\n return new Entry(SERVICE_NAME, ACCOUNT_NAME);\n}\n\nfunction readFromKeyring(): CliConfig | null {\n try {\n const entry = getKeyringEntry();\n const data = entry.getPassword();\n if (!data) return null;\n return JSON.parse(data);\n } catch (error) {\n logWarn('Failed to read config from keyring:', error);\n return null;\n }\n}\n\nfunction writeToKeyring(config: CliConfig): boolean {\n try {\n const entry = getKeyringEntry();\n entry.setPassword(JSON.stringify(config));\n return true;\n } catch (error) {\n logWarn('Failed to write config to keyring:', error);\n return false;\n }\n}\n\nfunction deleteFromKeyring(): void {\n try {\n const entry = getKeyringEntry();\n entry.deletePassword();\n } catch (error) {\n const msg = error instanceof Error ? error.message : String(error);\n if (!msg.includes('not found') && !msg.includes('No such')) {\n logWarn('Failed to delete config from keyring:', error);\n }\n }\n}\n\nfunction showFallbackWarning(): void {\n if (fallbackWarningShown || forceInsecureStorage) return;\n fallbackWarningShown = true;\n logWarn(\n 'Unable to store config in system keyring. Using file storage.',\n 'Config saved to ~/.workos/config.json',\n 'Use --insecure-storage to suppress this warning.',\n );\n}\n\nexport function getConfig(): CliConfig | null {\n if (forceInsecureStorage) return readFromFile();\n\n const keyringConfig = readFromKeyring();\n if (keyringConfig) return keyringConfig;\n\n const fileConfig = readFromFile();\n if (fileConfig) {\n // Migrate file config to keyring if possible\n if (writeToKeyring(fileConfig)) deleteFile();\n return fileConfig;\n }\n\n return null;\n}\n\nexport function saveConfig(config: CliConfig): void {\n if (forceInsecureStorage) return writeToFile(config);\n\n if (writeToKeyring(config)) {\n deleteFile();\n } else {\n showFallbackWarning();\n writeToFile(config);\n }\n}\n\nexport function clearConfig(): void {\n deleteFromKeyring();\n deleteFile();\n}\n\nexport function getActiveEnvironment(): EnvironmentConfig | null {\n const config = getConfig();\n if (!config?.activeEnvironment) return null;\n return config.environments[config.activeEnvironment] ?? null;\n}\n\nexport function getConfigPath(): string {\n return getConfigFilePath();\n}\n"]}
|
|
@@ -25,4 +25,8 @@ export declare function getCredentials(): Credentials | null;
|
|
|
25
25
|
export declare function saveCredentials(creds: Credentials): void;
|
|
26
26
|
export declare function clearCredentials(): void;
|
|
27
27
|
export declare function updateTokens(accessToken: string, expiresAt: number, refreshToken?: string): void;
|
|
28
|
+
/**
|
|
29
|
+
* Diagnostic info about credential storage state — for debugging auth failures.
|
|
30
|
+
*/
|
|
31
|
+
export declare function diagnoseCredentials(): string[];
|
|
28
32
|
export { getCredentialsPath };
|
|
@@ -59,12 +59,15 @@ function readFromKeyring() {
|
|
|
59
59
|
try {
|
|
60
60
|
const entry = getKeyringEntry();
|
|
61
61
|
const data = entry.getPassword();
|
|
62
|
-
if (!data)
|
|
62
|
+
if (!data) {
|
|
63
|
+
logWarn('[credential-store] keyring: entry exists but data is null/empty');
|
|
63
64
|
return null;
|
|
65
|
+
}
|
|
64
66
|
return JSON.parse(data);
|
|
65
67
|
}
|
|
66
68
|
catch (error) {
|
|
67
|
-
|
|
69
|
+
const msg = error instanceof Error ? error.message : String(error);
|
|
70
|
+
logWarn(`[credential-store] keyring read failed: ${msg}`);
|
|
68
71
|
return null;
|
|
69
72
|
}
|
|
70
73
|
}
|
|
@@ -75,7 +78,8 @@ function writeToKeyring(creds) {
|
|
|
75
78
|
return true;
|
|
76
79
|
}
|
|
77
80
|
catch (error) {
|
|
78
|
-
|
|
81
|
+
const msg = error instanceof Error ? error.message : String(error);
|
|
82
|
+
logWarn(`[credential-store] keyring write failed: ${msg}`);
|
|
79
83
|
return false;
|
|
80
84
|
}
|
|
81
85
|
}
|
|
@@ -111,9 +115,7 @@ export function getCredentials() {
|
|
|
111
115
|
return keyringCreds;
|
|
112
116
|
const fileCreds = readFromFile();
|
|
113
117
|
if (fileCreds) {
|
|
114
|
-
|
|
115
|
-
if (writeToKeyring(fileCreds))
|
|
116
|
-
deleteFile();
|
|
118
|
+
writeToKeyring(fileCreds);
|
|
117
119
|
return fileCreds;
|
|
118
120
|
}
|
|
119
121
|
return null;
|
|
@@ -121,12 +123,9 @@ export function getCredentials() {
|
|
|
121
123
|
export function saveCredentials(creds) {
|
|
122
124
|
if (forceInsecureStorage)
|
|
123
125
|
return writeToFile(creds);
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
}
|
|
127
|
-
else {
|
|
126
|
+
writeToFile(creds);
|
|
127
|
+
if (!writeToKeyring(creds)) {
|
|
128
128
|
showFallbackWarning();
|
|
129
|
-
writeToFile(creds);
|
|
130
129
|
}
|
|
131
130
|
}
|
|
132
131
|
export function clearCredentials() {
|
|
@@ -146,5 +145,42 @@ export function updateTokens(accessToken, expiresAt, refreshToken) {
|
|
|
146
145
|
};
|
|
147
146
|
saveCredentials(updated);
|
|
148
147
|
}
|
|
148
|
+
/**
|
|
149
|
+
* Diagnostic info about credential storage state — for debugging auth failures.
|
|
150
|
+
*/
|
|
151
|
+
export function diagnoseCredentials() {
|
|
152
|
+
const lines = [];
|
|
153
|
+
const filePath = getCredentialsPath();
|
|
154
|
+
const filePresent = fileExists();
|
|
155
|
+
lines.push(`file: ${filePath} (exists=${filePresent})`);
|
|
156
|
+
if (filePresent) {
|
|
157
|
+
try {
|
|
158
|
+
const content = fs.readFileSync(filePath, 'utf-8');
|
|
159
|
+
const parsed = JSON.parse(content);
|
|
160
|
+
const expired = parsed.expiresAt ? Date.now() >= parsed.expiresAt : 'unknown';
|
|
161
|
+
lines.push(`file creds: userId=${parsed.userId ?? 'missing'}, expired=${expired}, hasRefreshToken=${!!parsed.refreshToken}`);
|
|
162
|
+
}
|
|
163
|
+
catch (e) {
|
|
164
|
+
lines.push(`file creds: parse error — ${e instanceof Error ? e.message : String(e)}`);
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
try {
|
|
168
|
+
const entry = getKeyringEntry();
|
|
169
|
+
const data = entry.getPassword();
|
|
170
|
+
if (data) {
|
|
171
|
+
const parsed = JSON.parse(data);
|
|
172
|
+
const expired = parsed.expiresAt ? Date.now() >= parsed.expiresAt : 'unknown';
|
|
173
|
+
lines.push(`keyring: found, userId=${parsed.userId ?? 'missing'}, expired=${expired}, hasRefreshToken=${!!parsed.refreshToken}`);
|
|
174
|
+
}
|
|
175
|
+
else {
|
|
176
|
+
lines.push('keyring: empty (getPassword returned null)');
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
catch (e) {
|
|
180
|
+
lines.push(`keyring: error — ${e instanceof Error ? e.message : String(e)}`);
|
|
181
|
+
}
|
|
182
|
+
lines.push(`insecureStorage=${forceInsecureStorage}`);
|
|
183
|
+
return lines;
|
|
184
|
+
}
|
|
149
185
|
export { getCredentialsPath };
|
|
150
186
|
//# sourceMappingURL=credential-store.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credential-store.js","sourceRoot":"","sources":["../../src/lib/credential-store.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAiB5C,MAAM,YAAY,GAAG,YAAY,CAAC;AAClC,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC,IAAI,oBAAoB,GAAG,KAAK,CAAC;AACjC,IAAI,oBAAoB,GAAG,KAAK,CAAC;AAEjC,MAAM,UAAU,kBAAkB,CAAC,KAAc;IAC/C,oBAAoB,GAAG,KAAK,CAAC;AAC/B,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,kBAAkB,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,EAAE,CAAC,UAAU,CAAC,kBAAkB,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED,SAAS,YAAY;IACnB,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,IAAI,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE,EAAE,OAAO,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAkB;IACrC,MAAM,GAAG,GAAG,iBAAiB,EAAE,CAAC;IAChC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,kBAAkB,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;QACrE,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,UAAU,EAAE,EAAE,CAAC;QACjB,EAAE,CAAC,UAAU,CAAC,kBAAkB,EAAE,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,eAAe;IACtB,OAAO,IAAI,KAAK,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,eAAe;IACtB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QACjC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,KAAkB;IACxC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB;IACxB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,cAAc,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB;IAC1B,IAAI,oBAAoB,IAAI,oBAAoB;QAAE,OAAO;IACzD,oBAAoB,GAAG,IAAI,CAAC;IAC5B,OAAO,CACL,oEAAoE,EACpE,iDAAiD,EACjD,kDAAkD,CACnD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,IAAI,oBAAoB,EAAE,CAAC;QACzB,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;IACD,OAAO,eAAe,EAAE,KAAK,IAAI,IAAI,UAAU,EAAE,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,IAAI,oBAAoB;QAAE,OAAO,YAAY,EAAE,CAAC;IAEhD,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,IAAI,YAAY;QAAE,OAAO,YAAY,CAAC;IAEtC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,IAAI,SAAS,EAAE,CAAC;QACd,4CAA4C;QAC5C,IAAI,cAAc,CAAC,SAAS,CAAC;YAAE,UAAU,EAAE,CAAC;QAC5C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,KAAkB;IAChD,IAAI,oBAAoB;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IAEpD,IAAI,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,UAAU,EAAE,CAAC;IACf,CAAC;SAAM,CAAC;QACN,mBAAmB,EAAE,CAAC;QACtB,WAAW,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,iBAAiB,EAAE,CAAC;IACpB,UAAU,EAAE,CAAC;AACf,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,WAAmB,EAAE,SAAiB,EAAE,YAAqB;IACxF,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,OAAO,GAAgB;QAC3B,GAAG,KAAK;QACR,WAAW;QACX,SAAS;QACT,GAAG,CAAC,YAAY,IAAI,EAAE,YAAY,EAAE,CAAC;KACtC,CAAC;IAEF,eAAe,CAAC,OAAO,CAAC,CAAC;AAC3B,CAAC;AAED,OAAO,EAAE,kBAAkB,EAAE,CAAC","sourcesContent":["/**\n * Credential storage abstraction with keyring support and file fallback.\n *\n * Storage priority:\n * 1. If --insecure-storage: use file only\n * 2. Try keyring, fall back to file with warning if unavailable\n */\n\nimport { Entry } from '@napi-rs/keyring';\nimport fs from 'node:fs';\nimport path from 'node:path';\nimport os from 'node:os';\nimport { logWarn } from '../utils/debug.js';\n\nexport interface StagingCache {\n clientId: string;\n apiKey: string;\n fetchedAt: number;\n}\n\nexport interface Credentials {\n accessToken: string;\n expiresAt: number;\n userId: string;\n email?: string;\n staging?: StagingCache;\n refreshToken?: string;\n}\n\nconst SERVICE_NAME = 'workos-cli';\nconst ACCOUNT_NAME = 'credentials';\n\nlet fallbackWarningShown = false;\nlet forceInsecureStorage = false;\n\nexport function setInsecureStorage(value: boolean): void {\n forceInsecureStorage = value;\n}\n\nfunction getCredentialsDir(): string {\n return path.join(os.homedir(), '.workos');\n}\n\nfunction getCredentialsPath(): string {\n return path.join(getCredentialsDir(), 'credentials.json');\n}\n\nfunction fileExists(): boolean {\n return fs.existsSync(getCredentialsPath());\n}\n\nfunction readFromFile(): Credentials | null {\n if (!fileExists()) return null;\n try {\n const content = fs.readFileSync(getCredentialsPath(), 'utf-8');\n return JSON.parse(content);\n } catch (error) {\n logWarn('Failed to read credentials file:', error);\n return null;\n }\n}\n\nfunction writeToFile(creds: Credentials): void {\n const dir = getCredentialsDir();\n if (!fs.existsSync(dir)) {\n fs.mkdirSync(dir, { recursive: true, mode: 0o700 });\n }\n fs.writeFileSync(getCredentialsPath(), JSON.stringify(creds, null, 2), {\n mode: 0o600,\n });\n}\n\nfunction deleteFile(): void {\n if (fileExists()) {\n fs.unlinkSync(getCredentialsPath());\n }\n}\n\nfunction getKeyringEntry(): Entry {\n return new Entry(SERVICE_NAME, ACCOUNT_NAME);\n}\n\nfunction readFromKeyring(): Credentials | null {\n try {\n const entry = getKeyringEntry();\n const data = entry.getPassword();\n if (!data) return null;\n return JSON.parse(data);\n } catch (error) {\n logWarn('Failed to read from keyring:', error);\n return null;\n }\n}\n\nfunction writeToKeyring(creds: Credentials): boolean {\n try {\n const entry = getKeyringEntry();\n entry.setPassword(JSON.stringify(creds));\n return true;\n } catch (error) {\n logWarn('Failed to write to keyring:', error);\n return false;\n }\n}\n\nfunction deleteFromKeyring(): void {\n try {\n const entry = getKeyringEntry();\n entry.deletePassword();\n } catch (error) {\n const msg = error instanceof Error ? error.message : String(error);\n if (!msg.includes('not found') && !msg.includes('No such')) {\n logWarn('Failed to delete from keyring:', error);\n }\n }\n}\n\nfunction showFallbackWarning(): void {\n if (fallbackWarningShown || forceInsecureStorage) return;\n fallbackWarningShown = true;\n logWarn(\n 'Unable to store credentials in system keyring. Using file storage.',\n 'Credentials saved to ~/.workos/credentials.json',\n 'Use --insecure-storage to suppress this warning.',\n );\n}\n\nexport function hasCredentials(): boolean {\n if (forceInsecureStorage) {\n return fileExists();\n }\n return readFromKeyring() !== null || fileExists();\n}\n\nexport function getCredentials(): Credentials | null {\n if (forceInsecureStorage) return readFromFile();\n\n const keyringCreds = readFromKeyring();\n if (keyringCreds) return keyringCreds;\n\n const fileCreds = readFromFile();\n if (fileCreds) {\n // Migrate file creds to keyring if possible\n if (writeToKeyring(fileCreds)) deleteFile();\n return fileCreds;\n }\n\n return null;\n}\n\nexport function saveCredentials(creds: Credentials): void {\n if (forceInsecureStorage) return writeToFile(creds);\n\n if (writeToKeyring(creds)) {\n deleteFile();\n } else {\n showFallbackWarning();\n writeToFile(creds);\n }\n}\n\nexport function clearCredentials(): void {\n deleteFromKeyring();\n deleteFile();\n}\n\nexport function updateTokens(accessToken: string, expiresAt: number, refreshToken?: string): void {\n const creds = getCredentials();\n if (!creds) {\n throw new Error('No existing credentials to update');\n }\n\n const updated: Credentials = {\n ...creds,\n accessToken,\n expiresAt,\n ...(refreshToken && { refreshToken }),\n };\n\n saveCredentials(updated);\n}\n\nexport { getCredentialsPath };\n"]}
|
|
1
|
+
{"version":3,"file":"credential-store.js","sourceRoot":"","sources":["../../src/lib/credential-store.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAiB5C,MAAM,YAAY,GAAG,YAAY,CAAC;AAClC,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC,IAAI,oBAAoB,GAAG,KAAK,CAAC;AACjC,IAAI,oBAAoB,GAAG,KAAK,CAAC;AAEjC,MAAM,UAAU,kBAAkB,CAAC,KAAc;IAC/C,oBAAoB,GAAG,KAAK,CAAC;AAC/B,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,kBAAkB,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,EAAE,CAAC,UAAU,CAAC,kBAAkB,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED,SAAS,YAAY;IACnB,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,IAAI,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE,EAAE,OAAO,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAkB;IACrC,MAAM,GAAG,GAAG,iBAAiB,EAAE,CAAC;IAChC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,kBAAkB,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;QACrE,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,UAAU,EAAE,EAAE,CAAC;QACjB,EAAE,CAAC,UAAU,CAAC,kBAAkB,EAAE,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,eAAe;IACtB,OAAO,IAAI,KAAK,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,eAAe;IACtB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QACjC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,iEAAiE,CAAC,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,OAAO,CAAC,2CAA2C,GAAG,EAAE,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,KAAkB;IACxC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,OAAO,CAAC,4CAA4C,GAAG,EAAE,CAAC,CAAC;QAC3D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB;IACxB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,cAAc,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB;IAC1B,IAAI,oBAAoB,IAAI,oBAAoB;QAAE,OAAO;IACzD,oBAAoB,GAAG,IAAI,CAAC;IAC5B,OAAO,CACL,oEAAoE,EACpE,iDAAiD,EACjD,kDAAkD,CACnD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,IAAI,oBAAoB,EAAE,CAAC;QACzB,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;IACD,OAAO,eAAe,EAAE,KAAK,IAAI,IAAI,UAAU,EAAE,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,IAAI,oBAAoB;QAAE,OAAO,YAAY,EAAE,CAAC;IAEhD,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,IAAI,YAAY;QAAE,OAAO,YAAY,CAAC;IAEtC,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,IAAI,SAAS,EAAE,CAAC;QACd,cAAc,CAAC,SAAS,CAAC,CAAC;QAC1B,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,KAAkB;IAChD,IAAI,oBAAoB;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IAEpD,WAAW,CAAC,KAAK,CAAC,CAAC;IACnB,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,mBAAmB,EAAE,CAAC;IACxB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,iBAAiB,EAAE,CAAC;IACpB,UAAU,EAAE,CAAC;AACf,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,WAAmB,EAAE,SAAiB,EAAE,YAAqB;IACxF,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,OAAO,GAAgB;QAC3B,GAAG,KAAK;QACR,WAAW;QACX,SAAS;QACT,GAAG,CAAC,YAAY,IAAI,EAAE,YAAY,EAAE,CAAC;KACtC,CAAC;IAEF,eAAe,CAAC,OAAO,CAAC,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,QAAQ,GAAG,kBAAkB,EAAE,CAAC;IACtC,MAAM,WAAW,GAAG,UAAU,EAAE,CAAC;IAEjC,KAAK,CAAC,IAAI,CAAC,SAAS,QAAQ,YAAY,WAAW,GAAG,CAAC,CAAC;IAExD,IAAI,WAAW,EAAE,CAAC;QAChB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAyB,CAAC;YAC3D,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,KAAK,CAAC,IAAI,CACR,sBAAsB,MAAM,CAAC,MAAM,IAAI,SAAS,aAAa,OAAO,qBAAqB,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,CACjH,CAAC;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACxF,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QACjC,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAyB,CAAC;YACxD,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,KAAK,CAAC,IAAI,CACR,0BAA0B,MAAM,CAAC,MAAM,IAAI,SAAS,aAAa,OAAO,qBAAqB,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,CACrH,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,mBAAmB,oBAAoB,EAAE,CAAC,CAAC;IACtD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,OAAO,EAAE,kBAAkB,EAAE,CAAC","sourcesContent":["/**\n * Credential storage abstraction with keyring support and file fallback.\n *\n * Storage priority:\n * 1. If --insecure-storage: use file only\n * 2. Try keyring, fall back to file with warning if unavailable\n */\n\nimport { Entry } from '@napi-rs/keyring';\nimport fs from 'node:fs';\nimport path from 'node:path';\nimport os from 'node:os';\nimport { logWarn } from '../utils/debug.js';\n\nexport interface StagingCache {\n clientId: string;\n apiKey: string;\n fetchedAt: number;\n}\n\nexport interface Credentials {\n accessToken: string;\n expiresAt: number;\n userId: string;\n email?: string;\n staging?: StagingCache;\n refreshToken?: string;\n}\n\nconst SERVICE_NAME = 'workos-cli';\nconst ACCOUNT_NAME = 'credentials';\n\nlet fallbackWarningShown = false;\nlet forceInsecureStorage = false;\n\nexport function setInsecureStorage(value: boolean): void {\n forceInsecureStorage = value;\n}\n\nfunction getCredentialsDir(): string {\n return path.join(os.homedir(), '.workos');\n}\n\nfunction getCredentialsPath(): string {\n return path.join(getCredentialsDir(), 'credentials.json');\n}\n\nfunction fileExists(): boolean {\n return fs.existsSync(getCredentialsPath());\n}\n\nfunction readFromFile(): Credentials | null {\n if (!fileExists()) return null;\n try {\n const content = fs.readFileSync(getCredentialsPath(), 'utf-8');\n return JSON.parse(content);\n } catch (error) {\n logWarn('Failed to read credentials file:', error);\n return null;\n }\n}\n\nfunction writeToFile(creds: Credentials): void {\n const dir = getCredentialsDir();\n if (!fs.existsSync(dir)) {\n fs.mkdirSync(dir, { recursive: true, mode: 0o700 });\n }\n fs.writeFileSync(getCredentialsPath(), JSON.stringify(creds, null, 2), {\n mode: 0o600,\n });\n}\n\nfunction deleteFile(): void {\n if (fileExists()) {\n fs.unlinkSync(getCredentialsPath());\n }\n}\n\nfunction getKeyringEntry(): Entry {\n return new Entry(SERVICE_NAME, ACCOUNT_NAME);\n}\n\nfunction readFromKeyring(): Credentials | null {\n try {\n const entry = getKeyringEntry();\n const data = entry.getPassword();\n if (!data) {\n logWarn('[credential-store] keyring: entry exists but data is null/empty');\n return null;\n }\n return JSON.parse(data);\n } catch (error) {\n const msg = error instanceof Error ? error.message : String(error);\n logWarn(`[credential-store] keyring read failed: ${msg}`);\n return null;\n }\n}\n\nfunction writeToKeyring(creds: Credentials): boolean {\n try {\n const entry = getKeyringEntry();\n entry.setPassword(JSON.stringify(creds));\n return true;\n } catch (error) {\n const msg = error instanceof Error ? error.message : String(error);\n logWarn(`[credential-store] keyring write failed: ${msg}`);\n return false;\n }\n}\n\nfunction deleteFromKeyring(): void {\n try {\n const entry = getKeyringEntry();\n entry.deletePassword();\n } catch (error) {\n const msg = error instanceof Error ? error.message : String(error);\n if (!msg.includes('not found') && !msg.includes('No such')) {\n logWarn('Failed to delete from keyring:', error);\n }\n }\n}\n\nfunction showFallbackWarning(): void {\n if (fallbackWarningShown || forceInsecureStorage) return;\n fallbackWarningShown = true;\n logWarn(\n 'Unable to store credentials in system keyring. Using file storage.',\n 'Credentials saved to ~/.workos/credentials.json',\n 'Use --insecure-storage to suppress this warning.',\n );\n}\n\nexport function hasCredentials(): boolean {\n if (forceInsecureStorage) {\n return fileExists();\n }\n return readFromKeyring() !== null || fileExists();\n}\n\nexport function getCredentials(): Credentials | null {\n if (forceInsecureStorage) return readFromFile();\n\n const keyringCreds = readFromKeyring();\n if (keyringCreds) return keyringCreds;\n\n const fileCreds = readFromFile();\n if (fileCreds) {\n writeToKeyring(fileCreds);\n return fileCreds;\n }\n\n return null;\n}\n\nexport function saveCredentials(creds: Credentials): void {\n if (forceInsecureStorage) return writeToFile(creds);\n\n writeToFile(creds);\n if (!writeToKeyring(creds)) {\n showFallbackWarning();\n }\n}\n\nexport function clearCredentials(): void {\n deleteFromKeyring();\n deleteFile();\n}\n\nexport function updateTokens(accessToken: string, expiresAt: number, refreshToken?: string): void {\n const creds = getCredentials();\n if (!creds) {\n throw new Error('No existing credentials to update');\n }\n\n const updated: Credentials = {\n ...creds,\n accessToken,\n expiresAt,\n ...(refreshToken && { refreshToken }),\n };\n\n saveCredentials(updated);\n}\n\n/**\n * Diagnostic info about credential storage state — for debugging auth failures.\n */\nexport function diagnoseCredentials(): string[] {\n const lines: string[] = [];\n const filePath = getCredentialsPath();\n const filePresent = fileExists();\n\n lines.push(`file: ${filePath} (exists=${filePresent})`);\n\n if (filePresent) {\n try {\n const content = fs.readFileSync(filePath, 'utf-8');\n const parsed = JSON.parse(content) as Partial<Credentials>;\n const expired = parsed.expiresAt ? Date.now() >= parsed.expiresAt : 'unknown';\n lines.push(\n `file creds: userId=${parsed.userId ?? 'missing'}, expired=${expired}, hasRefreshToken=${!!parsed.refreshToken}`,\n );\n } catch (e) {\n lines.push(`file creds: parse error — ${e instanceof Error ? e.message : String(e)}`);\n }\n }\n\n try {\n const entry = getKeyringEntry();\n const data = entry.getPassword();\n if (data) {\n const parsed = JSON.parse(data) as Partial<Credentials>;\n const expired = parsed.expiresAt ? Date.now() >= parsed.expiresAt : 'unknown';\n lines.push(\n `keyring: found, userId=${parsed.userId ?? 'missing'}, expired=${expired}, hasRefreshToken=${!!parsed.refreshToken}`,\n );\n } else {\n lines.push('keyring: empty (getPassword returned null)');\n }\n } catch (e) {\n lines.push(`keyring: error — ${e instanceof Error ? e.message : String(e)}`);\n }\n\n lines.push(`insecureStorage=${forceInsecureStorage}`);\n return lines;\n}\n\nexport { getCredentialsPath };\n"]}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
export type { StagingCache, Credentials } from './credential-store.js';
|
|
2
|
-
export { hasCredentials, getCredentials, saveCredentials, clearCredentials, updateTokens, getCredentialsPath, setInsecureStorage, } from './credential-store.js';
|
|
2
|
+
export { hasCredentials, getCredentials, saveCredentials, clearCredentials, updateTokens, getCredentialsPath, setInsecureStorage, diagnoseCredentials, } from './credential-store.js';
|
|
3
3
|
import type { Credentials } from './credential-store.js';
|
|
4
4
|
export declare function isTokenExpired(creds: Credentials): boolean;
|
|
5
5
|
export declare function getAccessToken(): string | null;
|
package/dist/lib/credentials.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { hasCredentials, getCredentials, saveCredentials, clearCredentials, updateTokens, getCredentialsPath, setInsecureStorage, } from './credential-store.js';
|
|
1
|
+
export { hasCredentials, getCredentials, saveCredentials, clearCredentials, updateTokens, getCredentialsPath, setInsecureStorage, diagnoseCredentials, } from './credential-store.js';
|
|
2
2
|
import { getCredentials, saveCredentials } from './credential-store.js';
|
|
3
3
|
export function isTokenExpired(creds) {
|
|
4
4
|
return Date.now() >= creds.expiresAt;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/lib/credentials.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,cAAc,EACd,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,
|
|
1
|
+
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/lib/credentials.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,cAAc,EACd,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExE,MAAM,UAAU,cAAc,CAAC,KAAkB;IAC/C,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC,SAAS,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,IAAI,cAAc,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACvC,OAAO,KAAK,CAAC,WAAW,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,OAA6C;IAClF,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO;IAEnB,eAAe,CAAC;QACd,GAAG,KAAK;QACR,OAAO,EAAE;YACP,GAAG,OAAO;YACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,OAAO;QAAE,OAAO,IAAI,CAAC;IACjC,IAAI,cAAc,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACvC,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;AAC5E,CAAC","sourcesContent":["export type { StagingCache, Credentials } from './credential-store.js';\n\nexport {\n hasCredentials,\n getCredentials,\n saveCredentials,\n clearCredentials,\n updateTokens,\n getCredentialsPath,\n setInsecureStorage,\n diagnoseCredentials,\n} from './credential-store.js';\n\nimport type { Credentials } from './credential-store.js';\nimport { getCredentials, saveCredentials } from './credential-store.js';\n\nexport function isTokenExpired(creds: Credentials): boolean {\n return Date.now() >= creds.expiresAt;\n}\n\nexport function getAccessToken(): string | null {\n const creds = getCredentials();\n if (!creds) return null;\n if (isTokenExpired(creds)) return null;\n return creds.accessToken;\n}\n\nexport function saveStagingCredentials(staging: { clientId: string; apiKey: string }): void {\n const creds = getCredentials();\n if (!creds) return;\n\n saveCredentials({\n ...creds,\n staging: {\n ...staging,\n fetchedAt: Date.now(),\n },\n });\n}\n\nexport function getStagingCredentials(): { clientId: string; apiKey: string } | null {\n const creds = getCredentials();\n if (!creds?.staging) return null;\n if (isTokenExpired(creds)) return null;\n return { clientId: creds.staging.clientId, apiKey: creds.staging.apiKey };\n}\n"]}
|
package/dist/lib/events.d.ts
CHANGED
|
@@ -122,6 +122,17 @@ export interface InstallerEvents {
|
|
|
122
122
|
message: string;
|
|
123
123
|
stack?: string;
|
|
124
124
|
};
|
|
125
|
+
'agent:retry': {
|
|
126
|
+
attempt: number;
|
|
127
|
+
maxRetries: number;
|
|
128
|
+
};
|
|
129
|
+
'validation:retry:start': {
|
|
130
|
+
attempt: number;
|
|
131
|
+
};
|
|
132
|
+
'validation:retry:complete': {
|
|
133
|
+
attempt: number;
|
|
134
|
+
passed: boolean;
|
|
135
|
+
};
|
|
125
136
|
'validation:start': {
|
|
126
137
|
framework: string;
|
|
127
138
|
};
|
package/dist/lib/events.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"events.js","sourceRoot":"","sources":["../../src/lib/events.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"events.js","sourceRoot":"","sources":["../../src/lib/events.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AA2FtC,MAAM,OAAO,qBAAsB,SAAQ,YAAY;IACrD,IAAI,CAA+B,KAAQ,EAAE,OAA2B;QACtE,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,EAAE,CAA+B,KAAQ,EAAE,QAA+C;QACxF,OAAO,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,GAAG,CAA+B,KAAQ,EAAE,QAA+C;QACzF,OAAO,KAAK,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,CAA+B,KAAQ,EAAE,QAA+C;QAC1F,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IACrC,CAAC;CACF;AAED,MAAM,UAAU,2BAA2B;IACzC,OAAO,IAAI,qBAAqB,EAAE,CAAC;AACrC,CAAC","sourcesContent":["import { EventEmitter } from 'events';\n\nexport interface InstallerEvents {\n status: { message: string };\n output: { text: string; isError?: boolean };\n 'file:write': { path: string; content: string };\n 'file:edit': { path: string; oldContent: string; newContent: string };\n 'prompt:request': { id: string; message: string; options?: string[] };\n 'prompt:response': { id: string; value: string };\n 'confirm:request': { id: string; message: string; warning?: string; files?: string[] };\n 'confirm:response': { id: string; confirmed: boolean };\n 'credentials:request': { requiresApiKey: boolean };\n 'credentials:response': { apiKey: string; clientId: string };\n complete: { success: boolean; summary?: string };\n error: { message: string; stack?: string };\n\n 'state:enter': { state: string };\n 'state:exit': { state: string };\n 'auth:checking': Record<string, never>;\n 'auth:required': Record<string, never>;\n 'auth:success': Record<string, never>;\n 'auth:failure': { message: string };\n 'detection:start': Record<string, never>;\n 'detection:complete': { integration: string };\n 'detection:none': Record<string, never>;\n 'git:checking': Record<string, never>;\n 'git:clean': Record<string, never>;\n 'git:dirty': { files: string[] };\n 'git:dirty:confirmed': Record<string, never>;\n 'git:dirty:cancelled': Record<string, never>;\n 'credentials:gathering': { requiresApiKey: boolean };\n 'credentials:found': Record<string, never>;\n // Credential discovery events\n 'credentials:env:detected': { files: string[] };\n 'credentials:env:prompt': { files: string[] };\n 'credentials:env:scanning': Record<string, never>;\n 'credentials:env:found': { sourcePath: string };\n 'credentials:env:notfound': Record<string, never>;\n // Device auth events\n 'device:started': { verificationUri: string; verificationUriComplete: string; userCode: string };\n 'device:polling': Record<string, never>;\n 'device:success': { email?: string };\n 'device:timeout': Record<string, never>;\n 'device:error': { message: string };\n // Staging API events\n 'staging:fetching': Record<string, never>;\n 'staging:success': Record<string, never>;\n 'staging:error': { message: string; statusCode?: number };\n 'config:start': Record<string, never>;\n 'config:complete': Record<string, never>;\n 'agent:start': Record<string, never>;\n 'agent:progress': { step: string; detail?: string };\n 'agent:success': { summary?: string };\n 'agent:failure': { message: string; stack?: string };\n 'agent:retry': { attempt: number; maxRetries: number };\n\n 'validation:retry:start': { attempt: number };\n 'validation:retry:complete': { attempt: number; passed: boolean };\n\n 'validation:start': { framework: string };\n 'validation:issues': { issues: import('./validation/types.js').ValidationIssue[] };\n 'validation:complete': { passed: boolean; issueCount: number; durationMs: number };\n\n // Branch check events\n 'branch:checking': Record<string, never>;\n 'branch:protected': { branch: string };\n 'branch:prompt': { branch: string };\n 'branch:created': { branch: string };\n 'branch:create:failed': { error: string };\n 'branch:skipped': Record<string, never>;\n\n // Post-install events\n 'postinstall:changes': { files: string[] };\n 'postinstall:nochanges': Record<string, never>;\n 'postinstall:commit:prompt': Record<string, never>;\n 'postinstall:commit:generating': Record<string, never>;\n 'postinstall:commit:committing': { message: string };\n 'postinstall:commit:success': { message: string };\n 'postinstall:commit:failed': { error: string };\n 'postinstall:pr:prompt': Record<string, never>;\n 'postinstall:pr:generating': Record<string, never>;\n 'postinstall:pr:pushing': Record<string, never>;\n 'postinstall:pr:creating': Record<string, never>;\n 'postinstall:pr:success': { url: string };\n 'postinstall:pr:failed': { error: string };\n 'postinstall:push:failed': { error: string };\n 'postinstall:manual': { instructions: string };\n}\n\nexport type InstallerEventName = keyof InstallerEvents;\n\nexport class InstallerEventEmitter extends EventEmitter {\n emit<K extends InstallerEventName>(event: K, payload: InstallerEvents[K]): boolean {\n return super.emit(event, payload);\n }\n\n on<K extends InstallerEventName>(event: K, listener: (payload: InstallerEvents[K]) => void): this {\n return super.on(event, listener);\n }\n\n off<K extends InstallerEventName>(event: K, listener: (payload: InstallerEvents[K]) => void): this {\n return super.off(event, listener);\n }\n\n once<K extends InstallerEventName>(event: K, listener: (payload: InstallerEvents[K]) => void): this {\n return super.once(event, listener);\n }\n}\n\nexport function createInstallerEventEmitter(): InstallerEventEmitter {\n return new InstallerEventEmitter();\n}\n"]}
|
|
@@ -9,6 +9,7 @@ import { DashboardAdapter } from './adapters/dashboard-adapter.js';
|
|
|
9
9
|
import { parseEnvFile } from '../utils/env-parser.js';
|
|
10
10
|
import { enableDebugLogs, initLogFile, logInfo, logError } from '../utils/debug.js';
|
|
11
11
|
import { getAccessToken, getCredentials, saveCredentials, getStagingCredentials, saveStagingCredentials, } from './credentials.js';
|
|
12
|
+
import { getConfig, saveConfig, getActiveEnvironment } from './config-store.js';
|
|
12
13
|
import { checkForEnvFiles, discoverCredentials } from './credential-discovery.js';
|
|
13
14
|
import { requestDeviceCode, pollForToken } from './device-auth.js';
|
|
14
15
|
import { fetchStagingCredentials as fetchStagingCredentialsApi } from './staging-api.js';
|
|
@@ -278,16 +279,36 @@ export async function runWithCore(options) {
|
|
|
278
279
|
return { result, deviceAuth };
|
|
279
280
|
}),
|
|
280
281
|
fetchStagingCredentials: fromPromise(async () => {
|
|
281
|
-
|
|
282
|
+
const activeEnv = getActiveEnvironment();
|
|
283
|
+
if (activeEnv?.clientId && activeEnv?.apiKey) {
|
|
284
|
+
return { clientId: activeEnv.clientId, apiKey: activeEnv.apiKey };
|
|
285
|
+
}
|
|
282
286
|
const cached = getStagingCredentials();
|
|
283
287
|
if (cached)
|
|
284
288
|
return cached;
|
|
285
|
-
// Fetch fresh from API
|
|
286
289
|
const token = getAccessToken();
|
|
287
290
|
if (!token)
|
|
288
291
|
throw new Error('No access token available');
|
|
289
292
|
const staging = await fetchStagingCredentialsApi(token);
|
|
290
293
|
saveStagingCredentials(staging);
|
|
294
|
+
try {
|
|
295
|
+
const config = getConfig() ?? { environments: {} };
|
|
296
|
+
if (!config.environments['default']) {
|
|
297
|
+
config.environments['default'] = {
|
|
298
|
+
name: 'default',
|
|
299
|
+
type: staging.apiKey.startsWith('sk_test_') ? 'sandbox' : 'production',
|
|
300
|
+
apiKey: staging.apiKey,
|
|
301
|
+
clientId: staging.clientId,
|
|
302
|
+
};
|
|
303
|
+
if (!config.activeEnvironment) {
|
|
304
|
+
config.activeEnvironment = 'default';
|
|
305
|
+
}
|
|
306
|
+
saveConfig(config);
|
|
307
|
+
}
|
|
308
|
+
}
|
|
309
|
+
catch {
|
|
310
|
+
// Don't block install if config-store write fails
|
|
311
|
+
}
|
|
291
312
|
return staging;
|
|
292
313
|
}),
|
|
293
314
|
// Branch check actors
|