@0xmonaco/core 0.0.0-develop-20260120180031

package/dist/api/applications/api.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Applications API Implementation
+ *
+ * Handles application configuration operations. All operations go through
+ * the API Gateway and require valid authentication.
+ *
+ * This class provides an interface for retrieving application configuration
+ * on the Monaco protocol.
+ *
+ * @example
+ * ```typescript
+ * const applicationsAPI = new ApplicationsAPIImpl(apiUrl);
+ *
+ * // Get application configuration
+ * const config = await applicationsAPI.getApplicationConfig();
+ * console.log(`App name: ${config.name}`);
+ * console.log(`Allowed origins: ${config.allowedOrigins.join(', ')}`);
+ * ```
+ */
+import type { ApplicationConfigResponse, ApplicationsAPI } from "@0xmonaco/types";
+import { BaseAPI } from "../base";
+export declare class ApplicationsAPIImpl extends BaseAPI implements ApplicationsAPI {
+    /**
+     * Gets the configuration for the authenticated application.
+     *
+     * Returns the application's configuration including allowed origins,
+     * webhook URL, and other settings. Requires valid authentication.
+     *
+     * @returns Promise resolving to the application configuration
+     * @throws {APIError} When the request fails or authentication is invalid
+     *
+     * @example
+     * ```typescript
+     * const config = await applicationsAPI.getApplicationConfig();
+     * console.log(`Application: ${config.name}`);
+     * console.log(`ID: ${config.id}`);
+     * if (config.webhookUrl) {
+     *   console.log(`Webhook: ${config.webhookUrl}`);
+     * }
+     * ```
+     */
+    getApplicationConfig(): Promise<ApplicationConfigResponse>;
+}
+//# sourceMappingURL=api.d.ts.map

package/dist/api/applications/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../src/api/applications/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,qBAAa,mBAAoB,SAAQ,OAAQ,YAAW,eAAe;IACzE;;;;;;;;;;;;;;;;;;OAkBG;IACG,oBAAoB,IAAI,OAAO,CAAC,yBAAyB,CAAC;CAkBjE"}

package/dist/api/applications/api.js

@@ -0,0 +1,54 @@
+/**
+ * Applications API Implementation
+ *
+ * Handles application configuration operations. All operations go through
+ * the API Gateway and require valid authentication.
+ *
+ * This class provides an interface for retrieving application configuration
+ * on the Monaco protocol.
+ *
+ * @example
+ * ```typescript
+ * const applicationsAPI = new ApplicationsAPIImpl(apiUrl);
+ *
+ * // Get application configuration
+ * const config = await applicationsAPI.getApplicationConfig();
+ * console.log(`App name: ${config.name}`);
+ * console.log(`Allowed origins: ${config.allowedOrigins.join(', ')}`);
+ * ```
+ */
+import { BaseAPI } from "../base";
+export class ApplicationsAPIImpl extends BaseAPI {
+    /**
+     * Gets the configuration for the authenticated application.
+     *
+     * Returns the application's configuration including allowed origins,
+     * webhook URL, and other settings. Requires valid authentication.
+     *
+     * @returns Promise resolving to the application configuration
+     * @throws {APIError} When the request fails or authentication is invalid
+     *
+     * @example
+     * ```typescript
+     * const config = await applicationsAPI.getApplicationConfig();
+     * console.log(`Application: ${config.name}`);
+     * console.log(`ID: ${config.id}`);
+     * if (config.webhookUrl) {
+     *   console.log(`Webhook: ${config.webhookUrl}`);
+     * }
+     * ```
+     */
+    async getApplicationConfig() {
+        const data = await this.makeAuthenticatedRequest("/api/v1/applications/config", {
+            method: "GET",
+        });
+        return {
+            id: data.id,
+            name: data.name,
+            allowedOrigins: data.allowed_origins,
+            webhookUrl: data.webhook_url,
+            vaultContractAddress: data.vault_contract_address,
+        };
+    }
+}
+//# sourceMappingURL=api.js.map

package/dist/api/applications/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/api/applications/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,MAAM,OAAO,mBAAoB,SAAQ,OAAO;IAC9C;;;;;;;;;;;;;;;;;;OAkBG;IACH,KAAK,CAAC,oBAAoB;QACxB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAM7C,6BAA6B,EAAE;YAChC,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,cAAc,EAAE,IAAI,CAAC,eAAe;YACpC,UAAU,EAAE,IAAI,CAAC,WAAW;YAC5B,oBAAoB,EAAE,IAAI,CAAC,sBAAsB;SAClD,CAAC;IACJ,CAAC;CACF"}

package/dist/api/applications/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Applications API Module
+ */
+export { ApplicationsAPIImpl } from "./api";
+//# sourceMappingURL=index.d.ts.map

package/dist/api/applications/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/applications/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,OAAO,CAAC"}

package/dist/api/applications/index.js

@@ -0,0 +1,5 @@
+/**
+ * Applications API Module
+ */
+export { ApplicationsAPIImpl } from "./api";
+//# sourceMappingURL=index.js.map

package/dist/api/applications/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/api/applications/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,OAAO,CAAC"}

package/dist/api/auth/api.d.ts

@@ -0,0 +1,201 @@
+/**
+ * Auth API Implementation
+ *
+ * Handles authentication operations including challenge creation, signature verification,
+ * and backend authentication. All operations go through the API Gateway.
+ *
+ * This class provides a complete interface for authentication on the Monaco protocol,
+ * including frontend wallet authentication and backend service authentication.
+ *
+ * @example
+ * ```typescript
+ * const authAPI = new AuthAPIImpl(walletClient, chain, apiUrl);
+ *
+ * // Complete authentication flow
+ * const authResult = await authAPI.authenticate(clientId);
+ *
+ * // Or step-by-step flow
+ * const challenge = await authAPI.createChallenge(userAddress, clientId);
+ * const signature = await authAPI.signChallenge(challenge.message);
+ * const authResult = await authAPI.verifySignature(
+ *   userAddress,
+ *   signature,
+ *   challenge.nonce,
+ *   clientId
+ * );
+ *
+ * // Authenticate backend service
+ * const backendAuth = await authAPI.authenticateBackend(secretKey);
+ * ```
+ */
+import type { AuthAPI, AuthState, BackendAuthResponse, ChallengeResponse, TokenRefreshResponse } from "@0xmonaco/types";
+import type { Chain, WalletClient } from "viem";
+import { BaseAPI } from "../base";
+export declare class AuthAPIImpl extends BaseAPI implements AuthAPI {
+    private readonly walletClient;
+    private readonly chain;
+    /**
+     * Creates a new AuthAPI instance.
+     *
+     * @param walletClient - The viem wallet client for signing operations
+     * @param chain - The blockchain network configuration
+     * @param apiUrl - The base URL for the Monaco API Gateway
+     */
+    constructor(walletClient: WalletClient, chain: Chain, apiUrl: string);
+    /**
+     * Complete authentication flow for frontend applications.
+     *
+     * This method handles the entire authentication process:
+     * 1. Creates a challenge
+     * 2. Signs the challenge message
+     * 3. Verifies the signature and returns JWT tokens
+     *
+     * @param clientId - Client ID of the application
+     * @returns Promise resolving to the verification response with JWT tokens
+     * @throws {APIError} When authentication fails
+     * @throws {InvalidConfigError} When wallet account is not available
+     *
+     * @example
+     * ```typescript
+     * // Complete authentication in one call
+     * const authResult = await authAPI.authenticate("my-app-client-id");
+     * console.log(`Access token: ${authResult.access_token}`);
+     * console.log(`User ID: ${authResult.user.id}`);
+     * ```
+     */
+    authenticate(clientId: string): Promise<AuthState>;
+    /**
+     * Signs a challenge message using the wallet client.
+     *
+     * Signs the provided message using the wallet's private key.
+     * This is used in the authentication flow to prove ownership of the wallet.
+     *
+     * @param message - The message to sign
+     * @returns Promise resolving to the signature
+     * @throws {InvalidConfigError} When wallet account is not available
+     * @throws {APIError} When signing fails
+     *
+     * @example
+     * ```typescript
+     * const challenge = await authAPI.createChallenge(address, clientId);
+     * const signature = await authAPI.signChallenge(challenge.message);
+     * console.log(`Signature: ${signature}`);
+     * ```
+     */
+    signChallenge(message: string): Promise<string>;
+    /**
+     * Creates a challenge for frontend authentication.
+     *
+     * Generates a unique nonce and message that the user must sign with their wallet.
+     * This is the first step in the authentication flow for frontend applications.
+     *
+     * @param address - Wallet address of the user
+     * @param clientId - Client ID of the application
+     * @returns Promise resolving to the challenge response
+     * @throws {APIError} When challenge creation fails
+     *
+     * @example
+     * ```typescript
+     * const challenge = await authAPI.createChallenge(
+     *   "0x1234...",
+     *   "my-app-client-id"
+     * );
+     * console.log(`Challenge message: ${challenge.message}`);
+     * console.log(`Nonce: ${challenge.nonce}`);
+     * ```
+     */
+    createChallenge(address: string, clientId: string): Promise<ChallengeResponse>;
+    /**
+     * Verifies a signature for frontend authentication.
+     *
+     * Validates the signature against the challenge and returns JWT tokens for
+     * authenticated API access. This is the second step in the authentication flow.
+     *
+     * @param address - Wallet address of the user
+     * @param signature - Signature of the challenge message
+     * @param nonce - Nonce from the challenge response
+     * @param clientId - Client ID of the application
+     * @returns Promise resolving to the verification response with JWT tokens
+     * @throws {APIError} When signature verification fails
+     *
+     * @example
+     * ```typescript
+     * // First create a challenge
+     * const challenge = await authAPI.createChallenge(address, clientId);
+     *
+     * // User signs the challenge message with their wallet
+     * const signature = await wallet.signMessage(challenge.message);
+     *
+     * // Verify the signature and get tokens
+     * const authResult = await authAPI.verifySignature(
+     *   address,
+     *   signature,
+     *   challenge.nonce,
+     *   clientId
+     * );
+     *
+     * console.log(`Access token: ${authResult.accessToken}`);
+     * console.log(`User ID: ${authResult.user.id}`);
+     * ```
+     */
+    verifySignature(address: string, signature: string, nonce: string, clientId: string): Promise<AuthState>;
+    /**
+     * Authenticates a backend service using a secret key.
+     *
+     * Returns JWT tokens for API access. This method is used for backend services
+     * that need to authenticate with the Monaco API Gateway.
+     *
+     * @param secretKey - Secret key of the application
+     * @returns Promise resolving to the backend auth response with JWT tokens
+     * @throws {APIError} When backend authentication fails
+     *
+     * @example
+     * ```typescript
+     * const backendAuth = await authAPI.authenticateBackend("my-secret-key");
+     * console.log(`Backend access token: ${backendAuth.accessToken}`);
+     * console.log(`Application: ${backendAuth.application.name}`);
+     * ```
+     */
+    authenticateBackend(secretKey: string): Promise<BackendAuthResponse>;
+    /**
+     * Refreshes an access token using a refresh token.
+     *
+     * Obtains a new access token using a valid refresh token. This is useful for
+     * maintaining long-term authentication without requiring the user to sign
+     * a new challenge.
+     *
+     * @param refreshToken - The refresh token to use
+     * @returns Promise resolving to new access and refresh tokens
+     * @throws {APIError} When token refresh fails
+     *
+     * @example
+     * ```typescript
+     * const newTokens = await authAPI.refreshToken(refreshToken);
+     * console.log(`New access token: ${newTokens.accessToken}`);
+     * console.log(`Expires at: ${new Date(newTokens.expiresAt * 1000)}`);
+     * ```
+     */
+    refreshToken(refreshToken: string): Promise<TokenRefreshResponse>;
+    /**
+     * Revokes a refresh token.
+     *
+     * Invalidates a refresh token, preventing it from being used to obtain
+     * new access tokens. This is useful for logout functionality or when
+     * a token has been compromised.
+     *
+     * **Important:** Pass the `refreshToken` from the authentication response.
+     * @param refreshToken - The refresh token to revoke (from authResult.refreshToken)
+     * @returns Promise resolving when the token is revoked
+     * @throws {APIError} When token revocation fails
+     *
+     * @example
+     * ```typescript
+     * // After authentication
+     * const authResult = await authAPI.authenticate(clientId);
+     * await authAPI.revokeToken(authResult.refreshToken);
+     * console.log("Token revoked successfully");
+     * ```
+     */
+    revokeToken(refreshToken: string): Promise<void>;
+}
+//# sourceMappingURL=api.d.ts.map

package/dist/api/auth/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../src/api/auth/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACxH,OAAO,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,MAAM,CAAC;AAEhD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,qBAAa,WAAY,SAAQ,OAAQ,YAAW,OAAO;IASvD,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,KAAK;IATxB;;;;;;OAMG;gBAEgB,YAAY,EAAE,YAAY,EAC1B,KAAK,EAAE,KAAK,EAC7B,MAAM,EAAE,MAAM;IAKhB;;;;;;;;;;;;;;;;;;;;OAoBG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAgBxD;;;;;;;;;;;;;;;;;OAiBG;IACG,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAarD;;;;;;;;;;;;;;;;;;;;OAoBG;IACG,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAqBpF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACG,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAiC9G;;;;;;;;;;;;;;;;OAgBG;IACG,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA4B1E;;;;;;;;;;;;;;;;;OAiBG;IACG,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAiBvE;;;;;;;;;;;;;;;;;;;OAmBG;IACG,WAAW,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAQvD"}

package/dist/api/auth/api.js

@@ -0,0 +1,293 @@
+/**
+ * Auth API Implementation
+ *
+ * Handles authentication operations including challenge creation, signature verification,
+ * and backend authentication. All operations go through the API Gateway.
+ *
+ * This class provides a complete interface for authentication on the Monaco protocol,
+ * including frontend wallet authentication and backend service authentication.
+ *
+ * @example
+ * ```typescript
+ * const authAPI = new AuthAPIImpl(walletClient, chain, apiUrl);
+ *
+ * // Complete authentication flow
+ * const authResult = await authAPI.authenticate(clientId);
+ *
+ * // Or step-by-step flow
+ * const challenge = await authAPI.createChallenge(userAddress, clientId);
+ * const signature = await authAPI.signChallenge(challenge.message);
+ * const authResult = await authAPI.verifySignature(
+ *   userAddress,
+ *   signature,
+ *   challenge.nonce,
+ *   clientId
+ * );
+ *
+ * // Authenticate backend service
+ * const backendAuth = await authAPI.authenticateBackend(secretKey);
+ * ```
+ */
+import { InvalidConfigError } from "../../errors";
+import { BaseAPI } from "../base";
+export class AuthAPIImpl extends BaseAPI {
+    /**
+     * Creates a new AuthAPI instance.
+     *
+     * @param walletClient - The viem wallet client for signing operations
+     * @param chain - The blockchain network configuration
+     * @param apiUrl - The base URL for the Monaco API Gateway
+     */
+    constructor(walletClient, chain, apiUrl) {
+        super(apiUrl);
+        this.walletClient = walletClient;
+        this.chain = chain;
+    }
+    /**
+     * Complete authentication flow for frontend applications.
+     *
+     * This method handles the entire authentication process:
+     * 1. Creates a challenge
+     * 2. Signs the challenge message
+     * 3. Verifies the signature and returns JWT tokens
+     *
+     * @param clientId - Client ID of the application
+     * @returns Promise resolving to the verification response with JWT tokens
+     * @throws {APIError} When authentication fails
+     * @throws {InvalidConfigError} When wallet account is not available
+     *
+     * @example
+     * ```typescript
+     * // Complete authentication in one call
+     * const authResult = await authAPI.authenticate("my-app-client-id");
+     * console.log(`Access token: ${authResult.access_token}`);
+     * console.log(`User ID: ${authResult.user.id}`);
+     * ```
+     */
+    async authenticate(clientId) {
+        const account = this.walletClient.account;
+        if (!account) {
+            throw new InvalidConfigError("No account available in wallet client", "account");
+        }
+        // 1. Create challenge
+        const challenge = await this.createChallenge(account.address, clientId);
+        // 2. Sign the challenge message
+        const signature = await this.signChallenge(challenge.message);
+        // 3. Verify signature and get tokens
+        return await this.verifySignature(account.address, signature, challenge.nonce, clientId);
+    }
+    /**
+     * Signs a challenge message using the wallet client.
+     *
+     * Signs the provided message using the wallet's private key.
+     * This is used in the authentication flow to prove ownership of the wallet.
+     *
+     * @param message - The message to sign
+     * @returns Promise resolving to the signature
+     * @throws {InvalidConfigError} When wallet account is not available
+     * @throws {APIError} When signing fails
+     *
+     * @example
+     * ```typescript
+     * const challenge = await authAPI.createChallenge(address, clientId);
+     * const signature = await authAPI.signChallenge(challenge.message);
+     * console.log(`Signature: ${signature}`);
+     * ```
+     */
+    async signChallenge(message) {
+        const account = this.walletClient.account;
+        if (!account) {
+            throw new InvalidConfigError("No account available in wallet client", "account");
+        }
+        // Sign the message using the wallet client
+        return await this.walletClient.signMessage({
+            account,
+            message,
+        });
+    }
+    /**
+     * Creates a challenge for frontend authentication.
+     *
+     * Generates a unique nonce and message that the user must sign with their wallet.
+     * This is the first step in the authentication flow for frontend applications.
+     *
+     * @param address - Wallet address of the user
+     * @param clientId - Client ID of the application
+     * @returns Promise resolving to the challenge response
+     * @throws {APIError} When challenge creation fails
+     *
+     * @example
+     * ```typescript
+     * const challenge = await authAPI.createChallenge(
+     *   "0x1234...",
+     *   "my-app-client-id"
+     * );
+     * console.log(`Challenge message: ${challenge.message}`);
+     * console.log(`Nonce: ${challenge.nonce}`);
+     * ```
+     */
+    async createChallenge(address, clientId) {
+        const responseBody = await this.makePublicRequest("/api/v1/auth/challenge", {
+            method: "POST",
+            body: JSON.stringify({
+                address,
+                client_id: clientId,
+                chain_id: this.chain.id,
+            }),
+        });
+        return {
+            nonce: responseBody.nonce,
+            message: responseBody.message,
+            expiresAt: responseBody.expires_at,
+        };
+    }
+    /**
+     * Verifies a signature for frontend authentication.
+     *
+     * Validates the signature against the challenge and returns JWT tokens for
+     * authenticated API access. This is the second step in the authentication flow.
+     *
+     * @param address - Wallet address of the user
+     * @param signature - Signature of the challenge message
+     * @param nonce - Nonce from the challenge response
+     * @param clientId - Client ID of the application
+     * @returns Promise resolving to the verification response with JWT tokens
+     * @throws {APIError} When signature verification fails
+     *
+     * @example
+     * ```typescript
+     * // First create a challenge
+     * const challenge = await authAPI.createChallenge(address, clientId);
+     *
+     * // User signs the challenge message with their wallet
+     * const signature = await wallet.signMessage(challenge.message);
+     *
+     * // Verify the signature and get tokens
+     * const authResult = await authAPI.verifySignature(
+     *   address,
+     *   signature,
+     *   challenge.nonce,
+     *   clientId
+     * );
+     *
+     * console.log(`Access token: ${authResult.accessToken}`);
+     * console.log(`User ID: ${authResult.user.id}`);
+     * ```
+     */
+    async verifySignature(address, signature, nonce, clientId) {
+        const responseBody = await this.makePublicRequest("/api/v1/auth/verify", {
+            method: "POST",
+            body: JSON.stringify({
+                address,
+                signature,
+                nonce,
+                client_id: clientId,
+                chain_id: this.chain.id,
+            }),
+        });
+        return {
+            accessToken: responseBody.access_token,
+            refreshToken: responseBody.refresh_token,
+            expiresAt: responseBody.expires_at,
+            user: {
+                id: responseBody.user.id,
+                address: responseBody.user.address,
+                username: responseBody.user.username,
+            },
+        };
+    }
+    /**
+     * Authenticates a backend service using a secret key.
+     *
+     * Returns JWT tokens for API access. This method is used for backend services
+     * that need to authenticate with the Monaco API Gateway.
+     *
+     * @param secretKey - Secret key of the application
+     * @returns Promise resolving to the backend auth response with JWT tokens
+     * @throws {APIError} When backend authentication fails
+     *
+     * @example
+     * ```typescript
+     * const backendAuth = await authAPI.authenticateBackend("my-secret-key");
+     * console.log(`Backend access token: ${backendAuth.accessToken}`);
+     * console.log(`Application: ${backendAuth.application.name}`);
+     * ```
+     */
+    async authenticateBackend(secretKey) {
+        const responseBody = await this.makePublicRequest("/api/v1/auth/backend", {
+            method: "POST",
+            body: JSON.stringify({
+                secret_key: secretKey,
+                chain_id: this.chain.id,
+            }),
+        });
+        return {
+            accessToken: responseBody.access_token,
+            expiresAt: responseBody.expires_at,
+            application: {
+                id: responseBody.application.id,
+                name: responseBody.application.name,
+                clientId: responseBody.application.client_id,
+            },
+        };
+    }
+    /**
+     * Refreshes an access token using a refresh token.
+     *
+     * Obtains a new access token using a valid refresh token. This is useful for
+     * maintaining long-term authentication without requiring the user to sign
+     * a new challenge.
+     *
+     * @param refreshToken - The refresh token to use
+     * @returns Promise resolving to new access and refresh tokens
+     * @throws {APIError} When token refresh fails
+     *
+     * @example
+     * ```typescript
+     * const newTokens = await authAPI.refreshToken(refreshToken);
+     * console.log(`New access token: ${newTokens.accessToken}`);
+     * console.log(`Expires at: ${new Date(newTokens.expiresAt * 1000)}`);
+     * ```
+     */
+    async refreshToken(refreshToken) {
+        const responseBody = await this.makePublicRequest("/api/v1/auth/refresh", {
+            method: "POST",
+            body: JSON.stringify({
+                refresh_token: refreshToken,
+            }),
+        });
+        return {
+            accessToken: responseBody.access_token,
+            expiresAt: responseBody.expires_at,
+        };
+    }
+    /**
+     * Revokes a refresh token.
+     *
+     * Invalidates a refresh token, preventing it from being used to obtain
+     * new access tokens. This is useful for logout functionality or when
+     * a token has been compromised.
+     *
+     * **Important:** Pass the `refreshToken` from the authentication response.
+     * @param refreshToken - The refresh token to revoke (from authResult.refreshToken)
+     * @returns Promise resolving when the token is revoked
+     * @throws {APIError} When token revocation fails
+     *
+     * @example
+     * ```typescript
+     * // After authentication
+     * const authResult = await authAPI.authenticate(clientId);
+     * await authAPI.revokeToken(authResult.refreshToken);
+     * console.log("Token revoked successfully");
+     * ```
+     */
+    async revokeToken(refreshToken) {
+        await this.makeAuthenticatedRequest("/api/v1/auth/revoke", {
+            method: "POST",
+            body: JSON.stringify({
+                refresh_token: refreshToken,
+            }),
+        });
+    }
+}
+//# sourceMappingURL=api.js.map

package/dist/api/auth/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/api/auth/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAIH,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,MAAM,OAAO,WAAY,SAAQ,OAAO;IACtC;;;;;;OAMG;IACH,YACmB,YAA0B,EAC1B,KAAY,EAC7B,MAAc;QAEd,KAAK,CAAC,MAAM,CAAC,CAAC;QAJG,iBAAY,GAAZ,YAAY,CAAc;QAC1B,UAAK,GAAL,KAAK,CAAO;IAI/B,CAAC;IAED;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,KAAK,CAAC,YAAY,CAAC,QAAgB;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC;QAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,kBAAkB,CAAC,uCAAuC,EAAE,SAAS,CAAC,CAAC;QACnF,CAAC;QAED,sBAAsB;QACtB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAExE,gCAAgC;QAChC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAE9D,qCAAqC;QACrC,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IAC3F,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,aAAa,CAAC,OAAe;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC;QAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,kBAAkB,CAAC,uCAAuC,EAAE,SAAS,CAAC,CAAC;QACnF,CAAC;QAED,2CAA2C;QAC3C,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;YACzC,OAAO;YACP,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,KAAK,CAAC,eAAe,CAAC,OAAe,EAAE,QAAgB;QACrD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAI9C,wBAAwB,EAAE;YAC3B,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,OAAO;gBACP,SAAS,EAAE,QAAQ;gBACnB,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE;aACxB,CAAC;SACH,CAAC,CAAC;QAEH,OAAO;YACL,KAAK,EAAE,YAAY,CAAC,KAAK;YACzB,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,SAAS,EAAE,YAAY,CAAC,UAAU;SACnC,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACH,KAAK,CAAC,eAAe,CAAC,OAAe,EAAE,SAAiB,EAAE,KAAa,EAAE,QAAgB;QACvF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAS9C,qBAAqB,EAAE;YACxB,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,OAAO;gBACP,SAAS;gBACT,KAAK;gBACL,SAAS,EAAE,QAAQ;gBACnB,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE;aACxB,CAAC;SACH,CAAC,CAAC;QAEH,OAAO;YACL,WAAW,EAAE,YAAY,CAAC,YAAY;YACtC,YAAY,EAAE,YAAY,CAAC,aAAa;YACxC,SAAS,EAAE,YAAY,CAAC,UAAU;YAClC,IAAI,EAAE;gBACJ,EAAE,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE;gBACxB,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO;gBAClC,QAAQ,EAAE,YAAY,CAAC,IAAI,CAAC,QAAQ;aACrC;SACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAQ9C,sBAAsB,EAAE;YACzB,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE;aACxB,CAAC;SACH,CAAC,CAAC;QAEH,OAAO;YACL,WAAW,EAAE,YAAY,CAAC,YAAY;YACtC,SAAS,EAAE,YAAY,CAAC,UAAU;YAClC,WAAW,EAAE;gBACX,EAAE,EAAE,YAAY,CAAC,WAAW,CAAC,EAAE;gBAC/B,IAAI,EAAE,YAAY,CAAC,WAAW,CAAC,IAAI;gBACnC,QAAQ,EAAE,YAAY,CAAC,WAAW,CAAC,SAAS;aAC7C;SACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,YAAY,CAAC,YAAoB;QACrC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAG9C,sBAAsB,EAAE;YACzB,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,aAAa,EAAE,YAAY;aAC5B,CAAC;SACH,CAAC,CAAC;QAEH,OAAO;YACL,WAAW,EAAE,YAAY,CAAC,YAAY;YACtC,SAAS,EAAE,YAAY,CAAC,UAAU;SACnC,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB;QACpC,MAAM,IAAI,CAAC,wBAAwB,CAAO,qBAAqB,EAAE;YAC/D,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,aAAa,EAAE,YAAY;aAC5B,CAAC;SACH,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/api/auth/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Auth API Module
+ */
+export { AuthAPIImpl } from "./api";
+//# sourceMappingURL=index.d.ts.map

package/dist/api/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/auth/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,OAAO,CAAC"}

package/dist/api/auth/index.js

@@ -0,0 +1,5 @@
+/**
+ * Auth API Module
+ */
+export { AuthAPIImpl } from "./api";
+//# sourceMappingURL=index.js.map

package/dist/api/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/api/auth/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,OAAO,CAAC"}