diff --git a/docs/plans/state.json b/docs/plans/state.json index 804cf09..226b949 100644 --- a/docs/plans/state.json +++ b/docs/plans/state.json @@ -81,6 +81,22 @@ "test_status": "pnpm test:run src/cli/zai-auth.test.ts + pnpm typecheck passing" }, + "auth-commands-reauthenticate-confirmation": { + "status": "completed", + "date": "2026-02-16", + "updated": "2026-02-16", + "summary": "Extended re-auth confirmation dialog (`Re-authenticate and replace it? (y/N)`) to other auth providers/commands: openai-key, openai-auth, and anthropic-auth (API key + --token). Added tests for cancel and proceed flows across all commands.", + "files_modified": [ + "src/cli/openai-key.ts", + "src/cli/openai-auth.ts", + "src/cli/anthropic-auth.ts", + "src/cli/openai-key.test.ts", + "src/cli/openai-auth.test.ts", + "src/cli/anthropic-auth.test.ts" + ], + "test_status": "pnpm test:run src/cli/openai-key.test.ts src/cli/anthropic-auth.test.ts src/cli/openai-auth.test.ts src/cli/zai-auth.test.ts + pnpm typecheck passing" + }, + "deployment-port-env-override": { "status": "completed", "date": "2026-02-16", diff --git a/src/cli/anthropic-auth.test.ts b/src/cli/anthropic-auth.test.ts new file mode 100644 index 0000000..628fd63 --- /dev/null +++ b/src/cli/anthropic-auth.test.ts @@ -0,0 +1,132 @@ +import { Command } from 'commander'; +import { beforeEach, describe, expect, it, vi } from 'vitest'; + +const { + mockLoadStoredAnthropicAuth, + mockLoadStoredAnthropicAuthToken, + mockStoreAnthropicAuth, + mockStoreAnthropicAuthToken, +} = vi.hoisted(() => ({ + mockLoadStoredAnthropicAuth: vi.fn(), + mockLoadStoredAnthropicAuthToken: vi.fn(), + mockStoreAnthropicAuth: vi.fn(), + mockStoreAnthropicAuthToken: vi.fn(), +})); + +const { mockCreateInterface } = vi.hoisted(() => ({ + mockCreateInterface: vi.fn(), +})); + +vi.mock('../auth/index.js', () => ({ + loadStoredAnthropicAuth: mockLoadStoredAnthropicAuth, + loadStoredAnthropicAuthToken: mockLoadStoredAnthropicAuthToken, + storeAnthropicAuth: mockStoreAnthropicAuth, + storeAnthropicAuthToken: mockStoreAnthropicAuthToken, +})); + +vi.mock('readline', () => ({ + default: { + createInterface: mockCreateInterface, + }, +})); + +function mockReadlineAnswers(answers: string[]): void { + const queue = [...answers]; + mockCreateInterface.mockImplementation(() => ({ + question: (_prompt: string, cb: (answer: string) => void) => cb(queue.shift() ?? ''), + close: () => undefined, + })); +} + +describe('anthropic-auth command', () => { + beforeEach(() => { + vi.clearAllMocks(); + mockLoadStoredAnthropicAuth.mockReset(); + mockLoadStoredAnthropicAuthToken.mockReset(); + mockStoreAnthropicAuth.mockReset(); + mockStoreAnthropicAuthToken.mockReset(); + mockCreateInterface.mockReset(); + }); + + it('cancels key re-auth when key exists and user answers no', async () => { + mockLoadStoredAnthropicAuth.mockReturnValue({ api_key: 'sk-ant-existing', created_at: '2026-02-16T00:00:00.000Z' }); + mockReadlineAnswers(['n']); + + const program = new Command(); + const { registerAnthropicAuthCommand } = await import('./anthropic-auth.js'); + registerAnthropicAuthCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const exitSpy = vi.spyOn(process, 'exit').mockImplementation(((code?: number) => { + throw new Error(`EXIT:${code ?? 0}`); + }) as never); + + await expect(program.parseAsync(['node', 'test', 'anthropic-auth'])).rejects.toThrow('EXIT:0'); + expect(mockStoreAnthropicAuth).not.toHaveBeenCalled(); + expect(consoleLog).toHaveBeenCalledWith('Cancelled.'); + + exitSpy.mockRestore(); + consoleLog.mockRestore(); + }); + + it('stores a new key when key exists and user answers yes', async () => { + mockLoadStoredAnthropicAuth.mockReturnValue({ api_key: 'sk-ant-existing', created_at: '2026-02-16T00:00:00.000Z' }); + mockReadlineAnswers(['y', 'sk-ant-new']); + + const program = new Command(); + const { registerAnthropicAuthCommand } = await import('./anthropic-auth.js'); + registerAnthropicAuthCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const consoleError = vi.spyOn(console, 'error').mockImplementation(() => undefined); + + await program.parseAsync(['node', 'test', 'anthropic-auth']); + + expect(mockStoreAnthropicAuth).toHaveBeenCalledWith('sk-ant-new'); + expect(consoleError).not.toHaveBeenCalled(); + + consoleLog.mockRestore(); + consoleError.mockRestore(); + }); + + it('cancels token re-auth when token exists and user answers no', async () => { + mockLoadStoredAnthropicAuthToken.mockReturnValue('tok-existing'); + mockReadlineAnswers(['n']); + + const program = new Command(); + const { registerAnthropicAuthCommand } = await import('./anthropic-auth.js'); + registerAnthropicAuthCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const exitSpy = vi.spyOn(process, 'exit').mockImplementation(((code?: number) => { + throw new Error(`EXIT:${code ?? 0}`); + }) as never); + + await expect(program.parseAsync(['node', 'test', 'anthropic-auth', '--token'])).rejects.toThrow('EXIT:0'); + expect(mockStoreAnthropicAuthToken).not.toHaveBeenCalled(); + expect(consoleLog).toHaveBeenCalledWith('Cancelled.'); + + exitSpy.mockRestore(); + consoleLog.mockRestore(); + }); + + it('stores a new token when token exists and user answers yes', async () => { + mockLoadStoredAnthropicAuthToken.mockReturnValue('tok-existing'); + mockReadlineAnswers(['y', 'tok-new']); + + const program = new Command(); + const { registerAnthropicAuthCommand } = await import('./anthropic-auth.js'); + registerAnthropicAuthCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const consoleError = vi.spyOn(console, 'error').mockImplementation(() => undefined); + + await program.parseAsync(['node', 'test', 'anthropic-auth', '--token']); + + expect(mockStoreAnthropicAuthToken).toHaveBeenCalledWith('tok-new'); + expect(consoleError).not.toHaveBeenCalled(); + + consoleLog.mockRestore(); + consoleError.mockRestore(); + }); +}); diff --git a/src/cli/anthropic-auth.ts b/src/cli/anthropic-auth.ts index f88451c..8a1fde8 100644 --- a/src/cli/anthropic-auth.ts +++ b/src/cli/anthropic-auth.ts @@ -31,6 +31,14 @@ async function promptHidden(question: string): Promise { return answer.trim(); } +async function promptYesNo(question: string): Promise { + const rl = readline.createInterface({ input: process.stdin, output: process.stdout, terminal: true }); + const answer = await new Promise((resolve) => rl.question(question, resolve)); + rl.close(); + const normalized = answer.trim().toLowerCase(); + return normalized === 'y' || normalized === 'yes'; +} + export function registerAnthropicAuthCommand(program: Command): void { program .command('anthropic-auth') @@ -41,15 +49,21 @@ export function registerAnthropicAuthCommand(program: Command): void { if (opts.token) { if (loadStoredAnthropicAuthToken()) { console.log('Anthropic auth token already exists.'); - console.log('Delete ~/.config/flynn/auth.json anthropic.auth_token entry if you want to re-authenticate.'); - process.exit(0); + const confirmed = await promptYesNo('Re-authenticate and replace it? (y/N): '); + if (!confirmed) { + console.log('Cancelled.'); + process.exit(0); + } } } else { const existing = loadStoredAnthropicAuth(); if (existing?.api_key) { console.log('Anthropic API key already exists.'); - console.log('Delete ~/.config/flynn/auth.json anthropic.api_key entry if you want to re-authenticate.'); - process.exit(0); + const confirmed = await promptYesNo('Re-authenticate and replace it? (y/N): '); + if (!confirmed) { + console.log('Cancelled.'); + process.exit(0); + } } } diff --git a/src/cli/openai-auth.test.ts b/src/cli/openai-auth.test.ts new file mode 100644 index 0000000..45abde2 --- /dev/null +++ b/src/cli/openai-auth.test.ts @@ -0,0 +1,81 @@ +import { Command } from 'commander'; +import { beforeEach, describe, expect, it, vi } from 'vitest'; + +const { mockLoadStoredOpenAIAuth, mockLoginOpenAI } = vi.hoisted(() => ({ + mockLoadStoredOpenAIAuth: vi.fn(), + mockLoginOpenAI: vi.fn(), +})); + +const { mockCreateInterface } = vi.hoisted(() => ({ + mockCreateInterface: vi.fn(), +})); + +vi.mock('../auth/index.js', () => ({ + loadStoredOpenAIAuth: mockLoadStoredOpenAIAuth, + loginOpenAI: mockLoginOpenAI, +})); + +vi.mock('readline', () => ({ + default: { + createInterface: mockCreateInterface, + }, +})); + +function mockReadlineAnswers(answers: string[]): void { + const queue = [...answers]; + mockCreateInterface.mockImplementation(() => ({ + question: (_prompt: string, cb: (answer: string) => void) => cb(queue.shift() ?? ''), + close: () => undefined, + })); +} + +describe('openai-auth command', () => { + beforeEach(() => { + vi.clearAllMocks(); + mockLoadStoredOpenAIAuth.mockReset(); + mockLoginOpenAI.mockReset(); + mockCreateInterface.mockReset(); + }); + + it('cancels when OAuth token exists and user answers no', async () => { + mockLoadStoredOpenAIAuth.mockReturnValue({ access_token: 'at', refresh_token: 'rt', expires_at: Date.now() + 1000, created_at: new Date().toISOString() }); + mockReadlineAnswers(['n']); + + const program = new Command(); + const { registerOpenaiAuthCommand } = await import('./openai-auth.js'); + registerOpenaiAuthCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const exitSpy = vi.spyOn(process, 'exit').mockImplementation(((code?: number) => { + throw new Error(`EXIT:${code ?? 0}`); + }) as never); + + await expect(program.parseAsync(['node', 'test', 'openai-auth'])).rejects.toThrow('EXIT:0'); + expect(mockLoginOpenAI).not.toHaveBeenCalled(); + expect(consoleLog).toHaveBeenCalledWith('Cancelled.'); + + exitSpy.mockRestore(); + consoleLog.mockRestore(); + }); + + it('starts login flow when user confirms re-authentication', async () => { + mockLoadStoredOpenAIAuth.mockReturnValue({ access_token: 'at', refresh_token: 'rt', expires_at: Date.now() + 1000, created_at: new Date().toISOString() }); + mockReadlineAnswers(['y']); + mockLoginOpenAI.mockResolvedValue(undefined); + + const program = new Command(); + const { registerOpenaiAuthCommand } = await import('./openai-auth.js'); + registerOpenaiAuthCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const consoleError = vi.spyOn(console, 'error').mockImplementation(() => undefined); + + await program.parseAsync(['node', 'test', 'openai-auth']); + + expect(mockLoginOpenAI).toHaveBeenCalledOnce(); + expect(consoleError).not.toHaveBeenCalled(); + + consoleLog.mockRestore(); + consoleError.mockRestore(); + }); +}); diff --git a/src/cli/openai-auth.ts b/src/cli/openai-auth.ts index 950e2e9..ba7e83c 100644 --- a/src/cli/openai-auth.ts +++ b/src/cli/openai-auth.ts @@ -1,6 +1,15 @@ import type { Command } from 'commander'; +import readline from 'readline'; import { loadStoredOpenAIAuth, loginOpenAI } from '../auth/index.js'; +async function promptYesNo(question: string): Promise { + const rl = readline.createInterface({ input: process.stdin, output: process.stdout, terminal: true }); + const answer = await new Promise((resolve) => rl.question(question, resolve)); + rl.close(); + const normalized = answer.trim().toLowerCase(); + return normalized === 'y' || normalized === 'yes'; +} + export function registerOpenaiAuthCommand(program: Command): void { program .command('openai-auth') @@ -9,8 +18,11 @@ export function registerOpenaiAuthCommand(program: Command): void { const existing = loadStoredOpenAIAuth(); if (existing) { console.log('OpenAI OAuth token already exists.'); - console.log('Delete ~/.config/flynn/auth.json openai entry if you want to re-authenticate.'); - process.exit(0); + const confirmed = await promptYesNo('Re-authenticate and replace it? (y/N): '); + if (!confirmed) { + console.log('Cancelled.'); + process.exit(0); + } } console.log('Starting OpenAI OAuth device flow...'); diff --git a/src/cli/openai-key.test.ts b/src/cli/openai-key.test.ts new file mode 100644 index 0000000..cb5d287 --- /dev/null +++ b/src/cli/openai-key.test.ts @@ -0,0 +1,80 @@ +import { Command } from 'commander'; +import { beforeEach, describe, expect, it, vi } from 'vitest'; + +const { mockLoadStoredOpenAIApiKey, mockStoreOpenAIApiKey } = vi.hoisted(() => ({ + mockLoadStoredOpenAIApiKey: vi.fn(), + mockStoreOpenAIApiKey: vi.fn(), +})); + +const { mockCreateInterface } = vi.hoisted(() => ({ + mockCreateInterface: vi.fn(), +})); + +vi.mock('../auth/index.js', () => ({ + loadStoredOpenAIApiKey: mockLoadStoredOpenAIApiKey, + storeOpenAIApiKey: mockStoreOpenAIApiKey, +})); + +vi.mock('readline', () => ({ + default: { + createInterface: mockCreateInterface, + }, +})); + +function mockReadlineAnswers(answers: string[]): void { + const queue = [...answers]; + mockCreateInterface.mockImplementation(() => ({ + question: (_prompt: string, cb: (answer: string) => void) => cb(queue.shift() ?? ''), + close: () => undefined, + })); +} + +describe('openai-key command', () => { + beforeEach(() => { + vi.clearAllMocks(); + mockLoadStoredOpenAIApiKey.mockReset(); + mockStoreOpenAIApiKey.mockReset(); + mockCreateInterface.mockReset(); + }); + + it('cancels when key exists and user answers no', async () => { + mockLoadStoredOpenAIApiKey.mockReturnValue('sk-existing'); + mockReadlineAnswers(['n']); + + const program = new Command(); + const { registerOpenaiKeyCommand } = await import('./openai-key.js'); + registerOpenaiKeyCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const exitSpy = vi.spyOn(process, 'exit').mockImplementation(((code?: number) => { + throw new Error(`EXIT:${code ?? 0}`); + }) as never); + + await expect(program.parseAsync(['node', 'test', 'openai-key'])).rejects.toThrow('EXIT:0'); + expect(mockStoreOpenAIApiKey).not.toHaveBeenCalled(); + expect(consoleLog).toHaveBeenCalledWith('Cancelled.'); + + exitSpy.mockRestore(); + consoleLog.mockRestore(); + }); + + it('stores a new key when user confirms re-authentication', async () => { + mockLoadStoredOpenAIApiKey.mockReturnValue('sk-existing'); + mockReadlineAnswers(['y', 'sk-new']); + + const program = new Command(); + const { registerOpenaiKeyCommand } = await import('./openai-key.js'); + registerOpenaiKeyCommand(program); + + const consoleLog = vi.spyOn(console, 'log').mockImplementation(() => undefined); + const consoleError = vi.spyOn(console, 'error').mockImplementation(() => undefined); + + await program.parseAsync(['node', 'test', 'openai-key']); + + expect(mockStoreOpenAIApiKey).toHaveBeenCalledWith('sk-new'); + expect(consoleError).not.toHaveBeenCalled(); + + consoleLog.mockRestore(); + consoleError.mockRestore(); + }); +}); diff --git a/src/cli/openai-key.ts b/src/cli/openai-key.ts index 824f4be..0981f32 100644 --- a/src/cli/openai-key.ts +++ b/src/cli/openai-key.ts @@ -26,6 +26,14 @@ async function promptHidden(question: string): Promise { return answer.trim(); } +async function promptYesNo(question: string): Promise { + const rl = readline.createInterface({ input: process.stdin, output: process.stdout, terminal: true }); + const answer = await new Promise((resolve) => rl.question(question, resolve)); + rl.close(); + const normalized = answer.trim().toLowerCase(); + return normalized === 'y' || normalized === 'yes'; +} + export function registerOpenaiKeyCommand(program: Command): void { program .command('openai-key') @@ -34,8 +42,11 @@ export function registerOpenaiKeyCommand(program: Command): void { const existing = loadStoredOpenAIApiKey(); if (existing) { console.log('OpenAI API key already exists.'); - console.log('Delete ~/.config/flynn/auth.json openai.api_key entry if you want to re-authenticate.'); - process.exit(0); + const confirmed = await promptYesNo('Re-authenticate and replace it? (y/N): '); + if (!confirmed) { + console.log('Cancelled.'); + process.exit(0); + } } console.log('OpenAI uses API keys for standard API access.');