forgexa-cli 1.11.3__tar.gz → 1.11.4__tar.gz

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: forgexa-cli
-Version: 1.11.3
+Version: 1.11.4
 Summary: Forgexa CLI — command-line client and AI agent runtime for the Forgexa platform
 Author-email: Jason Sun <dev.winds@gmail.com>
 License: MIT
@@ -100,9 +100,9 @@ forgexa board --project <project-id>
 | `forgexa budget --workspace <id>` | Budget overview |
 | `forgexa daemon start` | Start local daemon (discover agents, run tasks) |
 | `forgexa daemon start -d` | Start daemon in background |
-| `forgexa daemon status` | Show daemon statuses |
+| `forgexa daemon status` | Show your daemon statuses |
 | `forgexa daemon stop` | Stop local daemon |
-| `forgexa runtimes list` | List runtimes |
+| `forgexa runtimes list` | List your runtimes |
 | `forgexa version` | Show CLI version |
 
 ## Configuration
@@ -144,11 +144,20 @@ forgexa-daemon
 ### Other Daemon Commands
 
 ```bash
-# Check daemon status (from server)
+# Check your daemon status (from server)
 forgexa daemon status
 
+# Platform admin: list all runtimes
+forgexa daemon status --all
+
 # Stop background daemon
 forgexa daemon stop
+
+# List your runtimes
+forgexa runtimes list
+
+# Platform admin: list all runtimes
+forgexa runtimes list --all
 ```
 
 ### Supported AI Agents

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/README.md

@@ -70,9 +70,9 @@ forgexa board --project <project-id>
 | `forgexa budget --workspace <id>` | Budget overview |
 | `forgexa daemon start` | Start local daemon (discover agents, run tasks) |
 | `forgexa daemon start -d` | Start daemon in background |
-| `forgexa daemon status` | Show daemon statuses |
+| `forgexa daemon status` | Show your daemon statuses |
 | `forgexa daemon stop` | Stop local daemon |
-| `forgexa runtimes list` | List runtimes |
+| `forgexa runtimes list` | List your runtimes |
 | `forgexa version` | Show CLI version |
 
 ## Configuration
@@ -114,11 +114,20 @@ forgexa-daemon
 ### Other Daemon Commands
 
 ```bash
-# Check daemon status (from server)
+# Check your daemon status (from server)
 forgexa daemon status
 
+# Platform admin: list all runtimes
+forgexa daemon status --all
+
 # Stop background daemon
 forgexa daemon stop
+
+# List your runtimes
+forgexa runtimes list
+
+# Platform admin: list all runtimes
+forgexa runtimes list --all
 ```
 
 ### Supported AI Agents

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/forgexa_cli/__init__.py

@@ -1,2 +1,2 @@
 """forgexa-cli — Forgexa command-line client."""
-__version__ = "1.11.3"
+__version__ = "1.11.4"

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/forgexa_cli/daemon.py

@@ -68,6 +68,42 @@ except ImportError:
 _HTTPX_DEPS_DIR = os.path.join(str(Path.home()), ".forgexa", "daemon", "deps")
 
 
+def _cli_config_path() -> Path:
+    return Path.home() / ".forgexa" / "config"
+
+
+def _load_cli_config() -> dict:
+    path = _cli_config_path()
+    if not path.exists():
+        return {}
+    try:
+        return json.loads(path.read_text())
+    except Exception:
+        return {}
+
+
+def _save_cli_config(data: dict) -> None:
+    path = _cli_config_path()
+    path.parent.mkdir(parents=True, exist_ok=True)
+    path.write_text(json.dumps(data, indent=2))
+    path.chmod(0o600)
+
+
+def _save_cli_tokens(access_token: str, refresh_token: str | None = None) -> None:
+    cfg = _load_cli_config()
+    cfg["token"] = access_token
+    if refresh_token:
+        cfg["refresh_token"] = refresh_token
+    else:
+        cfg.pop("refresh_token", None)
+    _save_cli_config(cfg)
+
+    token_path = Path.home() / ".forgexa" / "token"
+    token_path.parent.mkdir(parents=True, exist_ok=True)
+    token_path.write_text(access_token)
+    token_path.chmod(0o600)
+
+
 def _try_install_httpx(deps_dir: str) -> tuple[bool, str]:
     """Try to install httpx to a user-writable directory.
 
@@ -438,7 +474,7 @@ except (ImportError, ModuleNotFoundError):
 # DAEMON_VERSION is the protocol/logic version of the daemon code.
 # Kept in sync with pyproject.toml version via bump-version.sh.
 # CLIENT_TYPE identifies which packaging/distribution this daemon runs in.
-DAEMON_VERSION = "1.11.3"
+DAEMON_VERSION = "1.11.4"
 
 
 def _detect_client_type() -> str:
@@ -2844,6 +2880,10 @@ class ProcessManager:
                 or (task.input_data or {}).get("output_dir", "")
                 or ""
             )
+        elif task.node_type == "fix":
+            bugfix_doc_path = str((task.input_data or {}).get("bugfix_doc_path", "") or "")
+            bugfix_doc_path = bugfix_doc_path.replace("\\", "/").lstrip("./")
+            return {bugfix_doc_path} if bugfix_doc_path else set()
         else:
             output_dir = str((task.input_data or {}).get("output_dir", "") or "")
         output_dir = output_dir.replace("\\", "/").lstrip("./").rstrip("/")
@@ -4646,23 +4686,76 @@ class ServerConnection:
         parsed = urlparse(server_url)
         self.label = parsed.hostname or server_url
 
-    def refresh_token(self) -> bool:
-        """Re-read the user JWT from ~/.forgexa/token and update client headers.
+    def _apply_api_token(self, token: str) -> bool:
+        token = str(token or "").strip()
+        if not token or token == self.api_token:
+            return False
+        self.api_token = token
+        self.client.headers["Authorization"] = f"Bearer {token}"
+        return True
 
-        Returns True if a new token was loaded (different from current).
-        """
+    def _load_token_from_disk(self) -> str:
         token_path = Path.home() / ".forgexa" / "token"
         try:
-            new_token = token_path.read_text().strip() if token_path.exists() else ""
+            return token_path.read_text().strip() if token_path.exists() else ""
         except OSError:
-            new_token = ""
+            return ""
 
-        if new_token and new_token != self.api_token:
-            self.api_token = new_token
-            self.client.headers["Authorization"] = f"Bearer {new_token}"
+    async def refresh_access_token(self) -> bool:
+        """Refresh the daemon's user session token.
+
+        First re-read ~/.forgexa/token in case an interactive CLI login already
+        rotated the access token. If that did not change anything, fall back to
+        ~/.forgexa/config refresh_token and call /api/v1/auth/refresh.
+        """
+        if self._apply_api_token(self._load_token_from_disk()):
             logger.info("[%s] Refreshed daemon token from ~/.forgexa/token", self.label)
             return True
-        return False
+
+        if self.api_token.startswith("pat_"):
+            return False
+
+        cfg = _load_cli_config()
+        refresh_token = str(cfg.get("refresh_token") or "").strip()
+        if not refresh_token:
+            return False
+
+        try:
+            resp = await self.client.post(
+                f"{self.server_url}/api/v1/auth/refresh",
+                json={"refresh_token": refresh_token},
+                headers={"Content-Type": "application/json"},
+                timeout=15,
+            )
+        except Exception as exc:
+            logger.warning("[%s] Token refresh request failed: %s", self.label, exc)
+            return False
+
+        if resp.status_code != 200:
+            logger.warning(
+                "[%s] Token refresh rejected: HTTP %s",
+                self.label,
+                resp.status_code,
+            )
+            return False
+
+        try:
+            data = resp.json()
+        except Exception as exc:
+            logger.warning("[%s] Token refresh payload invalid: %s", self.label, exc)
+            return False
+
+        access_token = str(data.get("access_token") or "").strip()
+        next_refresh_token = str(data.get("refresh_token") or refresh_token).strip()
+        if not access_token:
+            logger.warning("[%s] Token refresh payload missing access_token", self.label)
+            return False
+
+        self.api_token = access_token
+        self.client.headers["Authorization"] = f"Bearer {access_token}"
+        _save_cli_tokens(access_token, next_refresh_token or None)
+        logger.info("[%s] Refreshed daemon token via /auth/refresh", self.label)
+        return True
 
     async def re_register(self, agents: list[DiscoveredAgent], max_concurrent: int):
         """Refresh token and re-register with the server.
@@ -4671,7 +4764,7 @@ class ServerConnection:
         After re-registration, update the runtime_id on heartbeat/poller/reporter
         in case the server assigned a different one.
         """
-        self.refresh_token()
+        await self.refresh_access_token()
         try:
             await self.register(agents, max_concurrent)
             # Sync runtime_id to all services (may change after re-registration)
@@ -4701,8 +4794,8 @@ class ServerConnection:
             }
             for a in agents
         ]
-        try:
-            resp = await self.client.post(
+        async def _register_once():
+            return await self.client.post(
                 f"{self.server_url}/api/v1/runtimes/register",
                 json={
                     "daemon_id": self.daemon_id,
@@ -4722,6 +4815,11 @@ class ServerConnection:
                 },
                 timeout=15,
             )
+
+        try:
+            resp = await _register_once()
+            if resp.status_code == 401 and await self.refresh_access_token():
+                resp = await _register_once()
             resp.raise_for_status()
             data = resp.json()
             self.runtime_id = data["runtime_id"]
@@ -5719,9 +5817,9 @@ class RuntimeDaemon:
                     result.status = "failed"
                     result.failure_code = "all_agents_rate_limited"
 
-            # 4.55 Analysis/design nodes must update their deliverables in THIS run.
+            # 4.55 Analysis/design/fix nodes must update their deliverables in THIS run.
             # Existing files from a prior iteration are not sufficient evidence.
-            if result.status == "success" and task.node_type in ("analysis", "design"):
+            if result.status == "success" and task.node_type in ("analysis", "design", "fix"):
                 committed_git = await self.process_manager._collect_git_info_vs_parent(workspace_path)
                 git_check_passed = self.process_manager._has_required_deliverable_updates(
                     task,
@@ -5770,6 +5868,11 @@ class RuntimeDaemon:
             if result.status == "success" and task.node_type == "design":
                 await self._collect_design_artifacts(workspace_path, task, result)
 
+            # 4.8 For fix nodes: attach the bugfix report inline so knowledge
+            # extraction can use the exact root-cause and verification text.
+            if result.status == "success" and task.node_type == "fix":
+                await self._collect_bugfix_artifacts(workspace_path, task, result)
+
             # 5. Auto-commit and push if changes exist
             if result.status == "success":
                 commit_result = await self._auto_commit(workspace_path, task)
@@ -6547,6 +6650,34 @@ class RuntimeDaemon:
         except Exception as e:
             logger.warning("Failed to read design artifact: %s", e)
 
+    async def _collect_bugfix_artifacts(
+        self, workspace_path: Path, task: TaskInfo, result: TaskResult
+    ) -> None:
+        """Attach the bugfix markdown report as an inline artifact."""
+        bugfix_doc_path = str((task.input_data or {}).get("bugfix_doc_path", "") or "")
+        bugfix_doc_path = bugfix_doc_path.replace("\\", "/").lstrip("./")
+        if not bugfix_doc_path:
+            return
+
+        artifact_paths = {a.get("path", "").replace("\\", "/") for a in result.artifacts}
+        if bugfix_doc_path in artifact_paths:
+            return
+
+        full_path = workspace_path / bugfix_doc_path
+        if not full_path.exists() or full_path.stat().st_size == 0:
+            return
+
+        try:
+            content = full_path.read_text(encoding="utf-8", errors="replace")
+            result.artifacts.append({
+                "path": bugfix_doc_path,
+                "content": content,
+                "type": "text/markdown",
+            })
+            logger.debug("Attached bugfix artifact inline: %s (%d bytes)", bugfix_doc_path, len(content))
+        except Exception as e:
+            logger.warning("Failed to read bugfix artifact %s: %s", bugfix_doc_path, e)
+
     async def _remove_root_scratch_files(
         self, workspace_path: Path, task: TaskInfo, git_status_output: str
     ) -> None:

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/forgexa_cli/main.py

@@ -69,6 +69,29 @@ def _save_config(data: dict) -> None:
     p.chmod(0o600)
 
 
+def _save_tokens(
+    access_token: str,
+    refresh_token: str | None = None,
+    *,
+    server_url: str | None = None,
+) -> None:
+    cfg = _load_config()
+    if server_url:
+        cfg["server_url"] = server_url.rstrip("/")
+    cfg["token"] = access_token
+    if refresh_token:
+        cfg["refresh_token"] = refresh_token
+    else:
+        cfg.pop("refresh_token", None)
+    _save_config(cfg)
+
+    token_dir = Path.home() / ".forgexa"
+    token_dir.mkdir(exist_ok=True)
+    token_file = token_dir / "token"
+    token_file.write_text(access_token)
+    token_file.chmod(0o600)
+
+
 def _api_url() -> str:
     """Resolve the server URL using priority chain."""
     if _SERVER_URL_OVERRIDE:
@@ -93,70 +116,111 @@ def _token() -> str | None:
     return cfg.get("token") or None
 
 
-def _headers() -> dict[str, str]:
-    h: dict[str, str] = {"Content-Type": "application/json"}
+def _can_refresh_session() -> bool:
+    if os.environ.get("FORGEXA_TOKEN"):
+        return False
     token = _token()
-    if token:
-        h["Authorization"] = f"Bearer {token}"
-    return h
+    if not token or token.startswith("pat_"):
+        return False
+    cfg = _load_config()
+    return bool(str(cfg.get("refresh_token") or "").strip())
 
 
-def _get(path: str) -> dict | list:
+def _refresh_access_token() -> bool:
+    if not _can_refresh_session():
+        return False
+
+    cfg = _load_config()
+    refresh_token = str(cfg.get("refresh_token") or "").strip()
+    if not refresh_token:
+        return False
+
     import urllib.request
     import urllib.error
 
-    url = f"{_api_url()}/api/v1{path}"
-    req = urllib.request.Request(url, headers=_headers())
+    url = f"{_api_url()}/api/v1/auth/refresh"
+    body = json.dumps({"refresh_token": refresh_token}).encode()
+    req = urllib.request.Request(
+        url,
+        data=body,
+        headers={"Content-Type": "application/json"},
+        method="POST",
+    )
     try:
         with urllib.request.urlopen(req, timeout=15) as resp:
-            return json.loads(resp.read())
-    except urllib.error.HTTPError as e:
-        body = e.read().decode(errors="replace")
-        print(f"Error {e.code}: {body}", file=sys.stderr)
-        sys.exit(1)
-    except urllib.error.URLError as e:
-        print(f"Connection error: {e.reason}\nServer: {_api_url()}", file=sys.stderr)
-        sys.exit(1)
+            payload = json.loads(resp.read())
+    except (urllib.error.HTTPError, urllib.error.URLError, json.JSONDecodeError, OSError):
+        return False
 
+    access_token = str(payload.get("access_token") or "").strip()
+    next_refresh_token = str(payload.get("refresh_token") or refresh_token).strip()
+    if not access_token:
+        return False
 
-def _post(path: str, data: dict | None = None) -> dict:
-    import urllib.request
-    import urllib.error
+    _save_tokens(access_token, next_refresh_token or None)
+    return True
 
-    url = f"{_api_url()}/api/v1{path}"
-    body = json.dumps(data or {}).encode()
-    req = urllib.request.Request(url, data=body, headers=_headers(), method="POST")
-    try:
-        with urllib.request.urlopen(req, timeout=30) as resp:
-            return json.loads(resp.read())
-    except urllib.error.HTTPError as e:
-        body_text = e.read().decode(errors="replace")
-        print(f"Error {e.code}: {body_text}", file=sys.stderr)
-        sys.exit(1)
-    except urllib.error.URLError as e:
-        print(f"Connection error: {e.reason}\nServer: {_api_url()}", file=sys.stderr)
-        sys.exit(1)
 
+def _headers() -> dict[str, str]:
+    h: dict[str, str] = {"Content-Type": "application/json"}
+    token = _token()
+    if token:
+        h["Authorization"] = f"Bearer {token}"
+    return h
 
-def _delete(path: str) -> dict | None:
+
+def _request_json(
+    path: str,
+    *,
+    method: str = "GET",
+    data: dict | None = None,
+    timeout: int = 15,
+    allow_refresh: bool = True,
+) -> dict | list | None:
     import urllib.request
     import urllib.error
 
     url = f"{_api_url()}/api/v1{path}"
-    req = urllib.request.Request(url, headers=_headers(), method="DELETE")
+    body = json.dumps(data).encode() if data is not None else None
+    req = urllib.request.Request(url, data=body, headers=_headers(), method=method)
     try:
-        with urllib.request.urlopen(req, timeout=15) as resp:
+        with urllib.request.urlopen(req, timeout=timeout) as resp:
             content = resp.read()
             return json.loads(content) if content else None
     except urllib.error.HTTPError as e:
-        body = e.read().decode(errors="replace")
-        print(f"Error {e.code}: {body}", file=sys.stderr)
+        body_text = e.read().decode(errors="replace")
+        if e.code == 401 and allow_refresh and _refresh_access_token():
+            return _request_json(
+                path,
+                method=method,
+                data=data,
+                timeout=timeout,
+                allow_refresh=False,
+            )
+        print(f"Error {e.code}: {body_text}", file=sys.stderr)
         sys.exit(1)
     except urllib.error.URLError as e:
         print(f"Connection error: {e.reason}\nServer: {_api_url()}", file=sys.stderr)
         sys.exit(1)
 
 
+def _get(path: str) -> dict | list:
+    result = _request_json(path, method="GET", timeout=15)
+    if result is None:
+        return {}
+    return result
+
+
+def _post(path: str, data: dict | None = None) -> dict:
+    result = _request_json(path, method="POST", data=data or {}, timeout=30)
+    return result if isinstance(result, dict) else {}
+
+
+def _delete(path: str) -> dict | None:
+    result = _request_json(path, method="DELETE", timeout=15)
+    return result if isinstance(result, dict) else None
+
+
 # ── Output helpers ──
 
 _output_format = "table"
@@ -203,20 +267,9 @@ def cmd_login(args: argparse.Namespace) -> None:
     email = args.email or input("Email: ")
     password = args.password or getpass.getpass("Password: ")
     result = _post("/auth/login", {"email": email, "password": password})
-    token = result.get("access_token", "")
-
-    # Save to config file (server_url + token in one place)
-    cfg = _load_config()
-    if server:
-        cfg["server_url"] = _SERVER_URL_OVERRIDE
-    cfg["token"] = token
-    _save_config(cfg)
-
-    # Also keep the legacy token file for backwards compatibility
-    token_dir = Path.home() / ".forgexa"
-    token_dir.mkdir(exist_ok=True)
-    (token_dir / "token").write_text(token)
-    (token_dir / "token").chmod(0o600)
+    token = str(result.get("access_token") or "").strip()
+    refresh_token = str(result.get("refresh_token") or "").strip()
+    _save_tokens(token, refresh_token or None, server_url=_SERVER_URL_OVERRIDE if server else None)
 
     active_server = _api_url()
     print(f"Login successful.")
@@ -233,10 +286,11 @@ def cmd_logout(_args: argparse.Namespace) -> None:
     cfg = _load_config()
     if "token" in cfg:
         del cfg["token"]
+        cfg.pop("refresh_token", None)
         _save_config(cfg)
         cleared = True
     if cleared:
-        print("Logged out. Token removed.")
+        print("Logged out. Tokens removed.")
     else:
         print("No token found.")
 
@@ -255,6 +309,7 @@ def cmd_config_show(_args: argparse.Namespace) -> None:
         source = f"~/.forgexa/config"
     print(f"Server URL : {active_url}  (source: {source})")
     print(f"Auth token : {'set' if token else 'not set'}")
+    print(f"Refresh tok: {'set' if cfg.get('refresh_token') else 'not set'}")
     print(f"Config file: {_config_path()}")
 
 
@@ -273,8 +328,14 @@ def cmd_config_set(args: argparse.Namespace) -> None:
         sys.exit(1)
 
 
-def cmd_daemon_status(_args: argparse.Namespace) -> None:
-    runtimes = _get("/runtimes")
+def _get_runtimes(include_all: bool = False) -> list[dict]:
+    path = "/runtimes" if include_all else "/runtimes/me"
+    runtimes = _get(path)
+    return runtimes if isinstance(runtimes, list) else []
+
+
+def cmd_daemon_status(args: argparse.Namespace) -> None:
+    runtimes = _get_runtimes(include_all=getattr(args, "all", False))
     if not runtimes:
         print("No daemons registered.")
         return
@@ -363,8 +424,8 @@ def cmd_daemon_start(args: argparse.Namespace) -> None:
         main_sync()
 
 
-def cmd_runtimes_list(_args: argparse.Namespace) -> None:
-    runtimes = _get("/runtimes")
+def cmd_runtimes_list(args: argparse.Namespace) -> None:
+    runtimes = _get_runtimes(include_all=getattr(args, "all", False))
     if not runtimes:
         print("No runtimes registered.")
         return
@@ -596,11 +657,11 @@ def main() -> None:
     sub.add_parser("version", help="Show CLI version")
 
     # auth
-    login_p = sub.add_parser("login", help="Login and save access token")
+    login_p = sub.add_parser("login", help="Login and save session tokens")
     login_p.add_argument("--server", metavar="URL", help="Server URL to connect to (saved to ~/.forgexa/config)")
     login_p.add_argument("--email", help="Email address")
     login_p.add_argument("--password", help="Password")
-    sub.add_parser("logout", help="Remove saved access token")
+    sub.add_parser("logout", help="Remove saved session tokens")
 
     # config
     config_p = sub.add_parser("config", help="View or change CLI configuration")
@@ -616,13 +677,15 @@ def main() -> None:
     daemon_start_p = daemon_sub.add_parser("start", help="Start local daemon (discovers and registers AI agents)")
     daemon_start_p.add_argument("-d", "--detach", action="store_true", help="Run in background")
     daemon_start_p.add_argument("--server-url", default=None, help="Server URL to connect to")
-    daemon_sub.add_parser("status", help="Show all daemon statuses (from server)")
+    daemon_status_p = daemon_sub.add_parser("status", help="Show your daemon statuses (from server)")
+    daemon_status_p.add_argument("--all", action="store_true", help="List all runtimes (platform admin only)")
     daemon_sub.add_parser("stop", help="Stop local daemon (sends SIGTERM)")
 
     # runtimes
     rt_p = sub.add_parser("runtimes", help="Runtime management")
     rt_sub = rt_p.add_subparsers(dest="rt_cmd")
-    rt_sub.add_parser("list", help="List all runtimes")
+    rt_list_p = rt_sub.add_parser("list", help="List your runtimes")
+    rt_list_p.add_argument("--all", action="store_true", help="List all runtimes (platform admin only)")
 
     # workspace
     ws_p = sub.add_parser("workspace", help="Workspace management")

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/forgexa_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: forgexa-cli
-Version: 1.11.3
+Version: 1.11.4
 Summary: Forgexa CLI — command-line client and AI agent runtime for the Forgexa platform
 Author-email: Jason Sun <dev.winds@gmail.com>
 License: MIT
@@ -100,9 +100,9 @@ forgexa board --project <project-id>
 | `forgexa budget --workspace <id>` | Budget overview |
 | `forgexa daemon start` | Start local daemon (discover agents, run tasks) |
 | `forgexa daemon start -d` | Start daemon in background |
-| `forgexa daemon status` | Show daemon statuses |
+| `forgexa daemon status` | Show your daemon statuses |
 | `forgexa daemon stop` | Stop local daemon |
-| `forgexa runtimes list` | List runtimes |
+| `forgexa runtimes list` | List your runtimes |
 | `forgexa version` | Show CLI version |
 
 ## Configuration
@@ -144,11 +144,20 @@ forgexa-daemon
 ### Other Daemon Commands
 
 ```bash
-# Check daemon status (from server)
+# Check your daemon status (from server)
 forgexa daemon status
 
+# Platform admin: list all runtimes
+forgexa daemon status --all
+
 # Stop background daemon
 forgexa daemon stop
+
+# List your runtimes
+forgexa runtimes list
+
+# Platform admin: list all runtimes
+forgexa runtimes list --all
 ```
 
 ### Supported AI Agents

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/forgexa_cli.egg-info/SOURCES.txt

@@ -10,4 +10,5 @@ forgexa_cli.egg-info/SOURCES.txt
 forgexa_cli.egg-info/dependency_links.txt
 forgexa_cli.egg-info/entry_points.txt
 forgexa_cli.egg-info/requires.txt
-forgexa_cli.egg-info/top_level.txt
+forgexa_cli.egg-info/top_level.txt
+tests/test_auth_and_runtime_commands.py

{forgexa_cli-1.11.3 → forgexa_cli-1.11.4}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "forgexa-cli"
-version = "1.11.3"
+version = "1.11.4"
 description = "Forgexa CLI — command-line client and AI agent runtime for the Forgexa platform"
 requires-python = ">=3.9"
 license = { text = "MIT" }

forgexa_cli-1.11.4/tests/test_auth_and_runtime_commands.py

@@ -0,0 +1,236 @@
+from __future__ import annotations
+
+import io
+import json
+from pathlib import Path
+from types import SimpleNamespace
+import urllib.error
+
+import httpx
+import pytest
+
+from forgexa_cli import daemon, main
+
+
+class UrlopenResponse:
+    def __init__(self, payload):
+        self._payload = payload
+
+    def read(self) -> bytes:
+        return json.dumps(self._payload).encode("utf-8")
+
+    def __enter__(self):
+        return self
+
+    def __exit__(self, exc_type, exc, tb):
+        return False
+
+
+class HttpxResponse:
+    def __init__(self, status_code: int, payload: dict):
+        self.status_code = status_code
+        self._payload = payload
+        self.request = httpx.Request("POST", "https://api.example.com/api/v1/runtimes/register")
+
+    def json(self) -> dict:
+        return self._payload
+
+    def raise_for_status(self) -> None:
+        if self.status_code >= 400:
+            raise httpx.HTTPStatusError(
+                f"HTTP {self.status_code}",
+                request=self.request,
+                response=self,
+            )
+
+
+def _http_error(url: str, status_code: int, payload: dict) -> urllib.error.HTTPError:
+    return urllib.error.HTTPError(
+        url,
+        status_code,
+        payload.get("detail", "error"),
+        hdrs=None,
+        fp=io.BytesIO(json.dumps(payload).encode("utf-8")),
+    )
+
+
+def test_login_persists_refresh_token(tmp_path: Path, monkeypatch: pytest.MonkeyPatch) -> None:
+    monkeypatch.setenv("HOME", str(tmp_path))
+    monkeypatch.setattr(main, "_SERVER_URL_OVERRIDE", None)
+    monkeypatch.setattr(
+        main,
+        "_post",
+        lambda path, data=None: {
+            "access_token": "access-1",
+            "refresh_token": "refresh-1",
+        },
+    )
+
+    args = SimpleNamespace(
+        server="https://api.example.com",
+        email="user@example.com",
+        password="secret",
+    )
+    main.cmd_login(args)
+
+    cfg = json.loads((tmp_path / ".forgexa" / "config").read_text())
+    assert cfg["token"] == "access-1"
+    assert cfg["refresh_token"] == "refresh-1"
+    assert cfg["server_url"] == "https://api.example.com"
+    assert (tmp_path / ".forgexa" / "token").read_text() == "access-1"
+
+
+def test_get_retries_once_after_refresh_on_401(
+    tmp_path: Path,
+    monkeypatch: pytest.MonkeyPatch,
+) -> None:
+    monkeypatch.setenv("HOME", str(tmp_path))
+    monkeypatch.setattr(main, "_SERVER_URL_OVERRIDE", None)
+    config_dir = tmp_path / ".forgexa"
+    config_dir.mkdir()
+    (config_dir / "config").write_text(
+        json.dumps(
+            {
+                "server_url": "https://api.example.com",
+                "token": "old-access",
+                "refresh_token": "refresh-1",
+            }
+        )
+    )
+    (config_dir / "token").write_text("old-access")
+
+    import urllib.request
+
+    runtime_called = {"count": 0}
+
+    def fake_urlopen(req, timeout=0):
+        url = req.full_url
+        if url.endswith("/api/v1/runtimes/me"):
+            runtime_called["count"] += 1
+            if runtime_called["count"] == 1:
+                raise _http_error(url, 401, {"detail": "Invalid token"})
+            assert req.headers.get("Authorization") == "Bearer new-access"
+            return UrlopenResponse([
+                {
+                    "id": "12345678",
+                    "daemon_id": "demo-daemon",
+                    "status": "online",
+                }
+            ])
+        if url.endswith("/api/v1/auth/refresh"):
+            assert json.loads(req.data.decode("utf-8")) == {"refresh_token": "refresh-1"}
+            return UrlopenResponse(
+                {
+                    "access_token": "new-access",
+                    "refresh_token": "refresh-2",
+                }
+            )
+        raise AssertionError(f"Unexpected URL: {url}")
+
+    monkeypatch.setattr(urllib.request, "urlopen", fake_urlopen)
+
+    result = main._get("/runtimes/me")
+
+    assert isinstance(result, list)
+    assert runtime_called["count"] == 2
+    cfg = json.loads((config_dir / "config").read_text())
+    assert cfg["token"] == "new-access"
+    assert cfg["refresh_token"] == "refresh-2"
+    assert (config_dir / "token").read_text() == "new-access"
+
+
+def test_runtime_commands_use_user_scope_by_default(
+    monkeypatch: pytest.MonkeyPatch,
+) -> None:
+    calls: list[bool] = []
+    monkeypatch.setattr(
+        main,
+        "_get_runtimes",
+        lambda include_all=False: calls.append(include_all) or [],
+    )
+
+    main.cmd_daemon_status(SimpleNamespace(all=False))
+    main.cmd_runtimes_list(SimpleNamespace(all=False))
+    main.cmd_runtimes_list(SimpleNamespace(all=True))
+
+    assert calls == [False, False, True]
+
+
+@pytest.mark.asyncio
+async def test_daemon_refreshes_access_token_from_refresh_token(
+    tmp_path: Path,
+    monkeypatch: pytest.MonkeyPatch,
+) -> None:
+    monkeypatch.setenv("HOME", str(tmp_path))
+    config_dir = tmp_path / ".forgexa"
+    config_dir.mkdir()
+    (config_dir / "config").write_text(
+        json.dumps(
+            {
+                "token": "stale-access",
+                "refresh_token": "refresh-1",
+            }
+        )
+    )
+    (config_dir / "token").write_text("stale-access")
+
+    conn = daemon.ServerConnection("https://api.example.com", "stale-access", "daemon-1")
+    try:
+        async def fake_post(url, json=None, headers=None, timeout=None):
+            assert url.endswith("/api/v1/auth/refresh")
+            assert json == {"refresh_token": "refresh-1"}
+            return HttpxResponse(
+                200,
+                {
+                    "access_token": "fresh-access",
+                    "refresh_token": "refresh-2",
+                },
+            )
+
+        monkeypatch.setattr(conn.client, "post", fake_post)
+
+        refreshed = await conn.refresh_access_token()
+
+        assert refreshed is True
+        assert conn.api_token == "fresh-access"
+        assert conn.client.headers["Authorization"] == "Bearer fresh-access"
+        cfg = json.loads((config_dir / "config").read_text())
+        assert cfg["token"] == "fresh-access"
+        assert cfg["refresh_token"] == "refresh-2"
+        assert (config_dir / "token").read_text() == "fresh-access"
+    finally:
+        await conn.client.aclose()
+
+
+@pytest.mark.asyncio
+async def test_daemon_register_retries_once_after_refresh(
+    monkeypatch: pytest.MonkeyPatch,
+) -> None:
+    conn = daemon.ServerConnection("https://api.example.com", "stale-access", "daemon-1")
+    try:
+        async def fake_refresh_access_token() -> bool:
+            conn.api_token = "fresh-access"
+            conn.client.headers["Authorization"] = "Bearer fresh-access"
+            return True
+
+        responses = iter(
+            [
+                HttpxResponse(401, {"detail": "Invalid token"}),
+                HttpxResponse(200, {"runtime_id": "runtime-1"}),
+            ]
+        )
+
+        async def fake_post(url, json=None, headers=None, timeout=None):
+            response = next(responses)
+            if response.status_code == 200:
+                assert json["api_token"] == "fresh-access"
+            return response
+
+        monkeypatch.setattr(conn, "refresh_access_token", fake_refresh_access_token)
+        monkeypatch.setattr(conn.client, "post", fake_post)
+
+        await conn.register([], 2)
+
+        assert conn.runtime_id == "runtime-1"
+    finally:
+        await conn.client.aclose()