Change prepare to auth prepare for consistency.

hynek-urban · hynek-urban · commit 2b45bccc71e3 · 2026-06-23T09:57:47.000+02:00
diff --git a/src/cliCommands.ts b/src/cliCommands.ts
@@ -737,7 +737,7 @@ export function registerCommands(program: Command, deps: CliDependencies): void
       }
     });
 
-  program
+  authCommand
     .command('prepare')
     .description(
       "Store a service's credentials from a JSON payload (e.g. an OAuth client id/secret)."
@@ -749,12 +749,12 @@ export function registerCommands(program: Command, deps: CliDependencies): void
     )
     .addHelpText(
       'after',
-      `\nExample:\n  $ latchkey prepare google-gmail '{"clientId":"<id>","clientSecret":"<secret>"}'`
+      `\nExample:\n  $ latchkey auth prepare google-gmail '{"clientId":"<id>","clientSecret":"<secret>"}'`
     )
     .action(async (serviceName: string, json: string) => {
       if (deps.config.gatewayUrl !== null) {
         await forwardToGateway(deps, {
-          command: 'prepare',
+          command: 'auth prepare',
           params: { serviceName, json },
         });
         deps.log(`Done`);
@@ -766,7 +766,7 @@ export function registerCommands(program: Command, deps: CliDependencies): void
           deps.config.credentialStorePath,
           encryptedStorage
         );
-        const result = prepareService(deps.registry, apiCredentialStore, serviceName, json);
+        prepareService(deps.registry, apiCredentialStore, serviceName, json);
         deps.log(`Done`);
       } catch (error) {
         if (
diff --git a/src/gateway/latchkeyEndpoint.ts b/src/gateway/latchkeyEndpoint.ts
@@ -75,7 +75,7 @@ const AuthBrowserPrepareRequestSchema = z.object({
 });
 
 const PrepareRequestSchema = z.object({
-  command: z.literal('prepare'),
+  command: z.literal('auth prepare'),
   params: serviceNameParams.extend({
     json: z.string(),
   }),
@@ -175,7 +175,7 @@ async function dispatch(
         parsed.params.serviceName
       );
 
-    case 'prepare':
+    case 'auth prepare':
       return prepareService(
         deps.registry,
         apiCredentialStore,
diff --git a/src/services/core/base.ts b/src/services/core/base.ts
@@ -40,21 +40,21 @@ export class LoginFailedError extends Error {
 }
 
 /**
- * Thrown when `latchkey prepare` is run for a service that does not declare a
+ * Thrown when `latchkey auth prepare` is run for a service that does not declare a
  * prepare schema (the base default — services opt in by setting one).
  */
 export class PrepareNotSupportedError extends Error {
   constructor(serviceName: string) {
     super(
-      `Service '${serviceName}' does not support 'latchkey prepare'. ` +
+      `Service '${serviceName}' does not support 'latchkey auth prepare'. ` +
         `Use 'latchkey services info ${serviceName}' to see how to authenticate.`
     );
     this.name = 'PrepareNotSupportedError';
   }
 }
 
 /**
- * Thrown when the JSON passed to `latchkey prepare` is malformed or does not
+ * Thrown when the JSON passed to `latchkey auth prepare` is malformed or does not
  * match the service's prepare schema. The whole command is rejected and
  * nothing is stored.
  */
@@ -180,7 +180,7 @@ export abstract class Service {
   }
 
   /**
-   * Build credentials from a parsed JSON payload for `latchkey prepare`.
+   * Build credentials from a parsed JSON payload for `latchkey auth prepare`.
    *
    * Optional, like `getSession`/`refreshCredentials`: services opt in by
    * implementing it (typically via `buildPreparedCredentials` with a Zod
diff --git a/src/services/google/base.ts b/src/services/google/base.ts
@@ -824,7 +824,7 @@ class GoogleServiceSession extends BrowserFollowupServiceSession {
 }
 
 /**
- * JSON accepted by `latchkey prepare <google-service>`: the OAuth client
+ * JSON accepted by `latchkey auth prepare <google-service>`: the OAuth client
  * credentials to use for that service. `.strict()` rejects unknown keys so
  * typos are reported instead of silently ignored.
  */
@@ -851,7 +851,7 @@ export abstract class GoogleService extends Service {
 
   /**
    * Google services accept an official OAuth client's id/secret via
-   * `latchkey prepare`, stored as token-less OAuth credentials until login.
+   * `latchkey auth prepare`, stored as token-less OAuth credentials until login.
    */
   override prepareFromJson(parsedJson: unknown): ApiCredentials {
     return buildPreparedCredentials(
diff --git a/src/sharedOperations.ts b/src/sharedOperations.ts
@@ -265,7 +265,7 @@ export interface PrepareServiceResult {
 
 /**
  * Store credentials for a service from a validated JSON payload
- * (`latchkey prepare <service> <json>`). The whole operation is rejected — and
+ * (`latchkey auth prepare <service> <json>`). The whole operation is rejected — and
  * nothing is stored — if the JSON is malformed, fails the service's schema, or
  * the service does not support prepare.
  */
diff --git a/tests/cli.test.ts b/tests/cli.test.ts
@@ -1205,11 +1205,11 @@ describe('CLI commands with dependency injection', () => {
       });
 
       await runCommand(
-        ['prepare', 'google-gmail', '{"clientId":"cid","clientSecret":"csecret"}'],
+        ['auth', 'prepare', 'google-gmail', '{"clientId":"cid","clientSecret":"csecret"}'],
         deps
       );
 
-      expect(logs).toContain('Prepared google-gmail.');
+      expect(logs).toContain('Done');
       const storedData = JSON.parse(readSecureFile(storePath) ?? '{}') as Record<string, unknown>;
       expect(storedData['google-gmail']).toEqual({
         objectType: 'oauth',
@@ -1221,15 +1221,15 @@ describe('CLI commands with dependency injection', () => {
     it('returns an error for an unknown service', async () => {
       const deps = createMockDependencies();
 
-      await runCommand(['prepare', 'unknown-service', '{}'], deps);
+      await runCommand(['auth', 'prepare', 'unknown-service', '{}'], deps);
 
       expect(exitCode).toBe(1);
     });
 
     it('returns an error for a service that does not support prepare', async () => {
       const deps = createMockDependencies();
 
-      await runCommand(['prepare', 'slack', '{"clientId":"a","clientSecret":"b"}'], deps);
+      await runCommand(['auth', 'prepare', 'slack', '{"clientId":"a","clientSecret":"b"}'], deps);
 
       expect(exitCode).toBe(1);
     });
@@ -1242,7 +1242,7 @@ describe('CLI commands with dependency injection', () => {
         registry: new ServiceRegistry([GOOGLE_GMAIL]),
       });
 
-      await runCommand(['prepare', 'google-gmail', '{not valid'], deps);
+      await runCommand(['auth', 'prepare', 'google-gmail', '{not valid'], deps);
 
       expect(exitCode).toBe(1);
       const storedData = JSON.parse(readSecureFile(storePath) ?? '{}') as Record<string, unknown>;
@@ -1257,7 +1257,7 @@ describe('CLI commands with dependency injection', () => {
         registry: new ServiceRegistry([GOOGLE_GMAIL]),
       });
 
-      await runCommand(['prepare', 'google-gmail', '{"clientId":"only-id"}'], deps);
+      await runCommand(['auth', 'prepare', 'google-gmail', '{"clientId":"only-id"}'], deps);
 
       expect(exitCode).toBe(1);
       const storedData = JSON.parse(readSecureFile(storePath) ?? '{}') as Record<string, unknown>;
@@ -2539,21 +2539,21 @@ describe('CLI commands with dependency injection', () => {
       });
 
       await runCommand(
-        ['prepare', 'google-gmail', '{"clientId":"cid","clientSecret":"csecret"}'],
+        ['auth', 'prepare', 'google-gmail', '{"clientId":"cid","clientSecret":"csecret"}'],
         deps
       );
 
       expect(fetchMock).toHaveBeenCalledTimes(1);
       const [url, init] = fetchMock.mock.calls[0] as [string, RequestInit];
       expect(url).toBe(`${GATEWAY_URL}/latchkey`);
       expect(JSON.parse(init.body as string) as unknown).toEqual({
-        command: 'prepare',
+        command: 'auth prepare',
         params: {
           serviceName: 'google-gmail',
           json: '{"clientId":"cid","clientSecret":"csecret"}',
         },
       });
-      expect(logs).toContain('Prepared google-gmail.');
+      expect(logs).toContain('Done');
     });
 
     it.each([
@@ -2562,7 +2562,7 @@ describe('CLI commands with dependency injection', () => {
       ['auth list', ['auth', 'list']],
       ['auth browser', ['auth', 'browser', 'slack']],
       ['auth browser-prepare', ['auth', 'browser-prepare', 'slack']],
-      ['prepare', ['prepare', 'foo', '{}']],
+      ['auth prepare', ['auth', 'prepare', 'foo', '{}']],
     ])('reports gateway errors on stderr (not stdout) for `%s`', async (_name, argv) => {
       makeFetchMock(
         new Response(JSON.stringify({ error: 'Unknown service: foo.' }), { status: 400 })
diff --git a/tests/latchkeyEndpoint.test.ts b/tests/latchkeyEndpoint.test.ts
@@ -94,23 +94,23 @@ describe('LatchkeyRequestSchema', () => {
 
   it('should validate prepare with serviceName and json', () => {
     const result = LatchkeyRequestSchema.safeParse({
-      command: 'prepare',
+      command: 'auth prepare',
       params: { serviceName: 'google-gmail', json: '{"clientId":"a","clientSecret":"b"}' },
     });
     expect(result.success).toBe(true);
   });
 
   it('should reject prepare without json', () => {
     const result = LatchkeyRequestSchema.safeParse({
-      command: 'prepare',
+      command: 'auth prepare',
       params: { serviceName: 'google-gmail' },
     });
     expect(result.success).toBe(false);
   });
 
   it('should reject prepare without serviceName', () => {
     const result = LatchkeyRequestSchema.safeParse({
-      command: 'prepare',
+      command: 'auth prepare',
       params: { json: '{}' },
     });
     expect(result.success).toBe(false);
@@ -348,7 +348,7 @@ describe('/latchkey/ endpoint', () => {
     it('stores OAuth client credentials for a Google service', async () => {
       gateway = await createTestGateway({}, { registry: new ServiceRegistry([GOOGLE_GMAIL]) });
       const response = await postLatchkey({
-        command: 'prepare',
+        command: 'auth prepare',
         params: {
           serviceName: 'google-gmail',
           json: '{"clientId":"cid","clientSecret":"csecret"}',
@@ -365,7 +365,7 @@ describe('/latchkey/ endpoint', () => {
     it('returns 400 when the service does not support prepare', async () => {
       gateway = await createTestGateway();
       const response = await postLatchkey({
-        command: 'prepare',
+        command: 'auth prepare',
         params: { serviceName: 'slack', json: '{"clientId":"a","clientSecret":"b"}' },
       });
 
@@ -377,7 +377,7 @@ describe('/latchkey/ endpoint', () => {
     it('returns 400 for malformed prepare JSON', async () => {
       gateway = await createTestGateway({}, { registry: new ServiceRegistry([GOOGLE_GMAIL]) });
       const response = await postLatchkey({
-        command: 'prepare',
+        command: 'auth prepare',
         params: { serviceName: 'google-gmail', json: '{not valid' },
       });
 
