feat(auth): add attachLoginCommand Commander helper#13
Merged
Conversation
Wires `<cli> [auth] login` with the standard flag set (--read-only, --callback-port, --json, --ndjson) and drives runOAuthFlow end-to-end, so consumers don't hand-roll Commander wiring around the OAuth runtime. Returns the new Command for chaining .description / .option / .addHelpText; consumer-attached options land in the `flags` object passed to resolveScopes and the downstream provider. Updates the README's `auth` row + usage block to match the actual 0.8.0 surface (drops references to registerAuthCommand / createConfigTokenStore / startCallbackServer that were trimmed before the 0.8.0 release). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
doistbot
reviewed
May 9, 2026
Member
doistbot
left a comment
doistbot
left a comment
There was a problem hiding this comment.
This PR introduces the attachLoginCommand helper to streamline OAuth flow wiring for consumers and updates the related README documentation. It is a great addition that cleanly encapsulates the CLI flag setup and runtime orchestration, paving the way for easier consumer migrations. A few refinements are needed, specifically around preserving the authorization URL fallback in machine-output modes, exposing unstripped flags to the onSuccess hook, reusing the existing ViewOptions type, and tightening up both the port validation logic and test assertions.
- onAuthorizeUrl fallback (P1): under --json/--ndjson the helper now
routes the authorize URL to stderr rather than swallowing it, so a
missing/throwing `open` peer can no longer hang the flow until
AUTH_CALLBACK_TIMEOUT. Consumers can pass `onAuthorizeUrl` to
override.
- onSuccess receives `flags` (P2): switched to a single context object
`{ account, view, flags }` so consumer-attached options stay reachable
post-flow, not just inside resolveScopes.
- Reuse `Required<ViewOptions>` (P2): drops the duplicate AttachLoginView
shape; renames the renamed export to AttachLoginContext.
- parsePort dedup (P2): single throw branch covering non-integer +
out-of-range cases.
- Tests (P2): port-validation cases now match on `AUTH_PORT_BIND_FAILED`
and assert runOAuthFlow was not called; the --json/--ndjson cases
drive the supplied onAuthorizeUrl through the mock and assert stderr
received the URL while console.log stayed untouched; provider/store
stubs simplified to `{} as ...` and asserted forwarded.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
doist-release-bot Bot
added a commit
that referenced
this pull request
May 9, 2026
## [0.9.0](v0.8.0...v0.9.0) (2026-05-09) ### Features * **auth:** add attachLoginCommand Commander helper ([#13](#13)) ([bb921b8](bb921b8))
Contributor
|
🎉 This PR is included in version 0.9.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
attachLoginCommand(parent, options): Commandunder@doist/cli-core/auth— a thin Commander helper that wires the standard flag set (--read-only,--callback-port,--json,--ndjson) and drivesrunOAuthFlowend-to-end so consumers don't hand-roll the wiring around the OAuth runtime.Commandso consumers can chain.description(...)/.option(...)/.addHelpText(...). Consumer-attached options land in theflagsobject passed toresolveScopesand the downstream provider.parsePortrejects bad--callback-portvalues viaCliError('AUTH_PORT_BIND_FAILED', ...).authrow + "Auth (optional subpath)" usage block to match the actual 0.8.0 surface — drops references toregisterAuthCommand/createConfigTokenStore/startCallbackServerthat were trimmed before the 0.8.0 release.Sibling helpers (
attachLogoutCommand/attachStatusCommand/attachTokenCommand) deferred to a follow-up PR; their shape is clearer once a concrete consumer migration confirms the conventions.Test plan
npm run check(oxlint + oxfmt)npm run type-checknpm test— 217 passing (up from 207; +10 new tests insrc/auth/login.test.ts)src/auth/index.tsexportsNew tests
src/auth/login.test.tscovers:--read-onlythreading intoresolveScopes+runOAuthFlow--callback-portoverride +CliErroron non-integer / out-of-range values--json/--ndjsonsuppress the authorize-URL fallback printflagswhile standard flags are strippedopenBrowserforwardedCommandis chainable🤖 Generated with Claude Code