implicit auth (#5)

* implicit auth

* logging

* updates

Author: clavery

packages/b2c-tooling/package.json

@@ -164,6 +164,7 @@
     "chokidar": "^5.0.0",
     "glob": "^13.0.0",
     "i18next": "^25.6.3",
+    "open": "^11.0.0",
     "openapi-fetch": "^0.15.0",
     "pino": "^10.1.0",
     "pino-pretty": "^13.1.2"

packages/b2c-tooling/src/auth/index.ts

@@ -8,28 +8,53 @@
  *
  * - {@link BasicAuthStrategy} - Username/password authentication for WebDAV operations
  * - {@link OAuthStrategy} - OAuth 2.0 client credentials for OCAPI and platform APIs
+ * - {@link ImplicitOAuthStrategy} - Interactive browser-based OAuth for CLI/desktop apps
  * - {@link ApiKeyStrategy} - API key authentication for MRT services
  *
- * ## Usage
+ * ## Strategy Resolution
  *
- * All strategies implement the {@link AuthStrategy} interface, allowing you to
- * switch authentication methods without changing your code:
+ * Use {@link resolveAuthStrategy} to automatically select the best strategy based on
+ * available credentials and allowed methods:
  *
  * ```typescript
- * import { BasicAuthStrategy, OAuthStrategy } from '@salesforce/b2c-tooling';
+ * import { resolveAuthStrategy } from '@salesforce/b2c-tooling';
  *
- * // For WebDAV operations (code upload)
- * const basicAuth = new BasicAuthStrategy('username', 'access-key');
+ * // Automatically picks client-credentials if secret available, otherwise implicit
+ * const strategy = resolveAuthStrategy({
+ *   clientId: 'your-client-id',
+ *   clientSecret: process.env.CLIENT_SECRET, // may be undefined
+ * });
+ *
+ * // Force a specific method
+ * const implicitOnly = resolveAuthStrategy(
+ *   { clientId: 'your-client-id' },
+ *   { allowedMethods: ['implicit'] }
+ * );
+ * ```
+ *
+ * ## Direct Usage
+ *
+ * All strategies implement the {@link AuthStrategy} interface:
  *
- * // For OCAPI operations (sites, jobs)
+ * ```typescript
+ * import { OAuthStrategy, ImplicitOAuthStrategy } from '@salesforce/b2c-tooling';
+ *
+ * // For automated/server usage (client credentials)
  * const oauthAuth = new OAuthStrategy({
  *   clientId: 'your-client-id',
  *   clientSecret: 'your-client-secret',
  * });
+ *
+ * // For interactive/CLI usage (opens browser)
+ * const implicitAuth = new ImplicitOAuthStrategy({
+ *   clientId: 'your-client-id',
+ * });
  * ```
  *
  * @module auth
  */
+
+// Types
 export type {
   AuthStrategy,
   AccessTokenResponse,
@@ -38,8 +63,19 @@ export type {
   BasicAuthConfig,
   OAuthAuthConfig,
   ApiKeyAuthConfig,
+  AuthMethod,
+  AuthCredentials,
 } from './types.js';
+export {ALL_AUTH_METHODS} from './types.js';
+
+// Strategies
 export {BasicAuthStrategy} from './basic.js';
 export {OAuthStrategy, decodeJWT} from './oauth.js';
 export type {OAuthConfig} from './oauth.js';
+export {ImplicitOAuthStrategy} from './oauth-implicit.js';
+export type {ImplicitOAuthConfig} from './oauth-implicit.js';
 export {ApiKeyStrategy} from './api-key.js';
+
+// Resolution helpers
+export {resolveAuthStrategy, checkAvailableAuthMethods} from './resolve.js';
+export type {ResolveAuthStrategyOptions, AvailableAuthMethods} from './resolve.js';