11import type PolykeyClient from 'polykey/PolykeyClient.js' ;
2- import type {
3- TokenPayloadEncoded ,
4- TokenProtectedHeaderEncoded ,
5- TokenSignatureEncoded ,
6- } from 'polykey/tokens/types.js' ;
7- import type { IdentityRequestData } from 'polykey/client/types.js' ;
82import CommandPolykey from '../CommandPolykey.js' ;
93import * as binProcessors from '../utils/processors.js' ;
104import * as binParsers from '../utils/parsers.js' ;
@@ -17,19 +11,15 @@ class CommandLogin extends CommandPolykey {
1711 super ( ...args ) ;
1812 this . name ( 'login' ) ;
1913 this . description ( 'Login to a platform with Polykey identity' ) ;
20- this . argument (
21- '<token>' ,
22- 'Token provided by platform for logging in' ,
23- binParsers . parseCompactJWT ,
24- ) ;
14+ this . argument ( '<url>' , 'The URL to login using Polykey' ) ;
2515 this . addOption ( binOptions . nodeId ) ;
2616 this . addOption ( binOptions . clientHost ) ;
2717 this . addOption ( binOptions . clientPort ) ;
28- this . action ( async ( encodedToken , options ) => {
18+ this . addOption ( binOptions . returnURLPath ) ;
19+ this . action ( async ( url : string , options ) => {
2920 const { default : PolykeyClient } = await import (
3021 'polykey/PolykeyClient.js'
3122 ) ;
32- const tokensUtils = await import ( 'polykey/tokens/utils.js' ) ;
3323 const clientOptions = await binProcessors . processClientOptions (
3424 options . nodePath ,
3525 options . nodeId ,
@@ -58,52 +48,22 @@ class CommandLogin extends CommandPolykey {
5848 logger : this . logger . getChild ( PolykeyClient . name ) ,
5949 } ) ;
6050
61- // Create a JSON representation of the encoded header
62- const [ protectedHeader , payload , signature ] = encodedToken ;
63- const incomingTokenEncoded = {
64- payload : payload as TokenPayloadEncoded ,
65- signatures : [
66- {
67- protected : protectedHeader as TokenProtectedHeaderEncoded ,
68- signature : signature as TokenSignatureEncoded ,
69- } ,
70- ] ,
71- } ;
72-
73- // Get it verified and signed by the agent
51+ // Get a signed token by the agent
7452 const response = await binUtils . retryAuthentication (
7553 ( auth ) =>
76- pkClient . rpcClient . methods . authSignToken ( {
77- metadata : auth ,
78- ...incomingTokenEncoded ,
79- } ) ,
54+ pkClient . rpcClient . methods . authSignToken ( { metadata : auth } ) ,
8055 meta ,
8156 ) ;
8257
8358 // Send the returned JWT to the returnURL provided by the initial token
8459 const compactHeader = binUtils . jsonToCompactJWT ( response ) ;
85- const incomingPayload =
86- tokensUtils . parseTokenPayload < IdentityRequestData > ( payload ) ;
87- let result : Response ;
88- try {
89- result = await fetch ( incomingPayload . returnURL , {
90- method : 'POST' ,
91- headers : { 'Content-Type' : 'application/json' } ,
92- body : JSON . stringify ( { token : compactHeader } ) ,
93- } ) ;
94- } catch ( e ) {
95- throw new errors . ErrorPolykeyCLILoginFailed (
96- 'Failed to send token to return url' ,
97- { cause : e } ,
98- ) ;
99- }
60+ const targetURL = new URL ( url . endsWith ( '/' ) ? url . slice ( 0 , url . length ) : url ) ;
61+ const subPath : string = options . returnURLPath ?? '/api/oauth2/oidc'
62+ targetURL . pathname = subPath . startsWith ( '/' ) ? subPath : `/${ subPath } ;
63+ targetURL . searchParams . append ( 'token' , compactHeader ) ;
10064
101- // Handle non-200 response
102- if ( ! result . ok ) {
103- throw new errors . ErrorPolykeyCLILoginFailed (
104- `Return url returned failure with code ${ result . status } ,
105- ) ;
106- }
65+ // TEMPORARY: Print out the resulting URL
66+ process . stdout . write ( `Open the following URL in your browser:\n\t${ targetURL } )
10767 } finally {
10868 if ( pkClient ! != null ) await pkClient . stop ( ) ;
10969 }
0 commit comments