mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-09 08:21:50 +00:00
568e127612
Batch extraction of every remaining subcommand whose handler is top-level and whose parser block is pure argparse: model, setup, postinstall, whatsapp, slack, login, logout, auth, status, webhook, hooks, doctor, security, dump, debug, backup, import, config, version, update, uninstall, dashboard, gui, logs, prompt-size. Each becomes hermes_cli/subcommands/<name>.py with build_<name>_parser() and an injected handler (no main import). dashboard also injects cmd_dashboard_register for its nested 'register' action. Behavior-neutral: all 25 subcommands' --help output (and nested subaction help) diff-verified byte-identical to pre-extraction. Two RawDescriptionHelpFormatter epilogs (debug, logs) needed their multi-line string interiors preserved at column 0 — caught by the --help diff, not compile. main() 3297 -> 1798 LOC across this PR; add_parser calls in main.py 179 -> 89. Validation: tests/hermes_cli/ 6476 passed / 0 failed under per-file process isolation; new test_subcommands_batch.py smoke-tests all 25 builders + the dashboard two-handler case.
109 lines
4.1 KiB
Python
109 lines
4.1 KiB
Python
"""``hermes auth`` subcommand parser.
|
|
|
|
Extracted verbatim from ``hermes_cli/main.py:main()`` (god-file Phase 2).
|
|
Handler injected to avoid importing ``main``.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
from typing import Callable
|
|
|
|
|
|
def build_auth_parser(subparsers, *, cmd_auth: Callable) -> None:
|
|
"""Attach the ``auth`` subcommand to ``subparsers``."""
|
|
auth_parser = subparsers.add_parser(
|
|
"auth",
|
|
help="Manage pooled provider credentials",
|
|
)
|
|
auth_subparsers = auth_parser.add_subparsers(dest="auth_action")
|
|
auth_add = auth_subparsers.add_parser("add", help="Add a pooled credential")
|
|
auth_add.add_argument(
|
|
"provider",
|
|
help="Provider id (for example: anthropic, openai-codex, openrouter)",
|
|
)
|
|
auth_add.add_argument(
|
|
"--type",
|
|
dest="auth_type",
|
|
choices=["oauth", "api-key", "api_key"],
|
|
help="Credential type to add",
|
|
)
|
|
auth_add.add_argument("--label", help="Optional display label")
|
|
auth_add.add_argument(
|
|
"--api-key", help="API key value (otherwise prompted securely)"
|
|
)
|
|
auth_add.add_argument("--portal-url", help="Nous portal base URL")
|
|
auth_add.add_argument("--inference-url", help="Nous inference base URL")
|
|
auth_add.add_argument("--client-id", help="OAuth client id")
|
|
auth_add.add_argument("--scope", help="OAuth scope override")
|
|
auth_add.add_argument(
|
|
"--no-browser",
|
|
action="store_true",
|
|
help="Do not auto-open a browser for OAuth login",
|
|
)
|
|
auth_add.add_argument(
|
|
"--manual-paste",
|
|
action="store_true",
|
|
help=(
|
|
"Skip the loopback callback listener and paste the failed "
|
|
"callback URL from your browser instead. Use this on "
|
|
"browser-only remotes (GCP Cloud Shell, GitHub Codespaces, "
|
|
"EC2 Instance Connect, ...) where 127.0.0.1 on the remote "
|
|
"isn't reachable from your laptop. See #26923."
|
|
),
|
|
)
|
|
auth_add.add_argument(
|
|
"--timeout", type=float, help="OAuth/network timeout in seconds"
|
|
)
|
|
auth_add.add_argument(
|
|
"--insecure",
|
|
action="store_true",
|
|
help="Disable TLS verification for OAuth login",
|
|
)
|
|
auth_add.add_argument("--ca-bundle", help="Custom CA bundle for OAuth login")
|
|
auth_list = auth_subparsers.add_parser("list", help="List pooled credentials")
|
|
auth_list.add_argument("provider", nargs="?", help="Optional provider filter")
|
|
auth_remove = auth_subparsers.add_parser(
|
|
"remove", help="Remove a pooled credential by index, id, or label"
|
|
)
|
|
auth_remove.add_argument("provider", help="Provider id")
|
|
auth_remove.add_argument(
|
|
"target", help="Credential index, entry id, or exact label"
|
|
)
|
|
auth_reset = auth_subparsers.add_parser(
|
|
"reset", help="Clear exhaustion status for all credentials for a provider"
|
|
)
|
|
auth_reset.add_argument("provider", help="Provider id")
|
|
auth_status = auth_subparsers.add_parser(
|
|
"status", help="Show auth status for a provider"
|
|
)
|
|
auth_status.add_argument("provider", help="Provider id")
|
|
auth_logout = auth_subparsers.add_parser(
|
|
"logout", help="Log out a provider and clear stored auth state"
|
|
)
|
|
auth_logout.add_argument("provider", help="Provider id")
|
|
auth_spotify = auth_subparsers.add_parser(
|
|
"spotify", help="Authenticate Hermes with Spotify via PKCE"
|
|
)
|
|
auth_spotify.add_argument(
|
|
"spotify_action",
|
|
nargs="?",
|
|
choices=["login", "status", "logout"],
|
|
default="login",
|
|
)
|
|
auth_spotify.add_argument(
|
|
"--client-id", help="Spotify app client_id (or set HERMES_SPOTIFY_CLIENT_ID)"
|
|
)
|
|
auth_spotify.add_argument(
|
|
"--redirect-uri",
|
|
help="Allow-listed localhost redirect URI for your Spotify app",
|
|
)
|
|
auth_spotify.add_argument("--scope", help="Override requested Spotify scopes")
|
|
auth_spotify.add_argument(
|
|
"--no-browser",
|
|
action="store_true",
|
|
help="Do not attempt to open the browser automatically",
|
|
)
|
|
auth_spotify.add_argument(
|
|
"--timeout", type=float, help="Callback/token exchange timeout in seconds"
|
|
)
|
|
auth_parser.set_defaults(func=cmd_auth)
|