npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@kud/pcloud-auth

v0.1.0

Published

OAuth flow and token storage for pCloud — shared auth layer for CLI, MCP, and extensions

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

kudkud

Keywords

pcloudoauthauthtypescript

Readme

@kud/pcloud-auth

OAuth flow and token storage for pCloud. Shared auth layer for CLI tools, MCP servers, and browser extensions.

Handles the full credential resolution waterfall: env token → stored tokens → interactive OAuth flow.

Install

npm install @kud/pcloud-auth

Requires Node ≥ 20. ESM only.

Usage

Quick start with resolveAuth

import { resolveAuth } from "@kud/pcloud-auth"

const api = await resolveAuth()

resolveAuth returns a PCloudAPI instance from @kud/pcloud-sdk, ready to use. It tries credentials in this order:

  1. PCLOUD_ACCESS_TOKEN env var
  2. Stored tokens at ~/.config/pcloud/tokens.json
  3. Full OAuth flow using PCLOUD_CLIENT_ID + PCLOUD_CLIENT_SECRET

If none are available, it throws with a descriptive message.

OAuthFlow

Spins up a local HTTP server, opens the browser to the pCloud authorise page, and exchanges the code for tokens.

import { OAuthFlow } from "@kud/pcloud-auth"

const flow = new OAuthFlow(clientId, clientSecret)
const tokens = await flow.authenticate()
// tokens.access_token, tokens.hostname, tokens.userId, tokens.locationId

Constructor signature:

new OAuthFlow(
  clientId: string,
  clientSecret: string,
  authBaseUrl?: string,  // default: "https://my.pcloud.com"
  port?: number          // default: 3000
)

The redirect URI is always http://localhost:<port>/oauth/callback.

TokenStore

Reads and writes tokens to ~/.config/pcloud/tokens.json with 0o600 permissions.

import { TokenStore } from "@kud/pcloud-auth"

const store = new TokenStore()

store.save({ access_token: "…", hostname: "api.pcloud.com" })

const tokens = store.load() // StoredTokens | null

store.exists() // boolean
store.delete()

API reference

resolveAuth(options?)

| Option | Type | Default | Description | | -------------------- | -------- | --------------------------- | ---------------------------------------------- | | tokenEnvVar | string | "PCLOUD_ACCESS_TOKEN" | Env var name for a raw access token | | clientIdEnvVar | string | "PCLOUD_CLIENT_ID" | Env var name for the OAuth client ID | | clientSecretEnvVar | string | "PCLOUD_CLIENT_SECRET" | Env var name for the OAuth client secret | | defaultApiServer | string | "https://eapi.pcloud.com" | Fallback API server when no hostname is stored |

Returns Promise<PCloudAPI>.

OAuthFlow

| Member | Signature | Description | | -------------- | ----------------------------------------------- | --------------------------------- | | constructor | (clientId, clientSecret, authBaseUrl?, port?) | Creates a new flow instance | | authenticate | () => Promise<OAuthTokens> | Runs the browser-based OAuth flow |

TokenStore

| Method | Signature | Description | | -------- | -------------------------------- | ---------------------------------------------------------- | | save | (tokens: StoredTokens) => void | Writes tokens, sets file mode to 0o600 | | load | () => StoredTokens \| null | Reads stored tokens, returns null on miss or parse error | | delete | () => void | Removes the token file | | exists | () => boolean | Returns true if a token file is present |

Types

interface OAuthTokens {
  access_token: string
  locationId?: number
  hostname?: string
  userId?: number
}

interface StoredTokens {
  access_token: string
  hostname?: string
  expiresAt?: number
}

interface ResolveAuthOptions {
  tokenEnvVar?: string
  clientIdEnvVar?: string
  clientSecretEnvVar?: string
  defaultApiServer?: string
}

Environment variables

| Variable | Required | Description | | ---------------------- | --------- | ---------------------------------------------- | | PCLOUD_ACCESS_TOKEN | No | Pre-issued access token. Skips OAuth entirely. | | PCLOUD_CLIENT_ID | For OAuth | OAuth application client ID | | PCLOUD_CLIENT_SECRET | For OAuth | OAuth application client secret |

At least one of PCLOUD_ACCESS_TOKEN or the PCLOUD_CLIENT_ID + PCLOUD_CLIENT_SECRET pair must be present, unless tokens are already stored on disk.

Licence

MIT