@ahoo-wang/fetcher-cosec 0.3.0

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,204 @@
+# @ahoo-wang/fetcher-cosec
+
+Support for CoSec authentication in Fetcher HTTP client.
+
+[CoSec](https://github.com/Ahoo-Wang/CoSec) is a comprehensive authentication and authorization framework.
+
+This package provides integration between the Fetcher HTTP client and the CoSec authentication framework.
+
+## Features
+
+- Automatic CoSec authentication headers
+- Device ID management with localStorage persistence
+- Automatic token refresh based on response codes (401)
+- Request ID generation for tracking
+- Token storage management
+
+## Installation
+
+```bash
+npm install @ahoo-wang/fetcher-cosec
+```
+
+## Usage
+
+### Basic Setup
+
+```typescript
+import { Fetcher } from '@ahoo-wang/fetcher';
+import {
+  CoSecRequestInterceptor,
+  CoSecResponseInterceptor,
+  DeviceIdStorage,
+  TokenStorage,
+  TokenRefresher,
+  CompositeToken,
+} from '@ahoo-wang/fetcher-cosec';
+
+// Create a Fetcher instance
+const fetcher = new Fetcher({
+  baseURL: 'https://api.example.com',
+});
+
+// Create storage instances
+const deviceIdStorage = new DeviceIdStorage();
+const tokenStorage = new TokenStorage();
+
+// Create token refresher
+const tokenRefresher: TokenRefresher = {
+  async refresh(token: CompositeToken): Promise<CompositeToken> {
+    // Refresh token logic here
+    const response = await fetcher.fetch('/auth/refresh', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+      },
+      body: token,
+    });
+
+    const tokens = await response.json();
+    return {
+      accessToken: tokens.access_token,
+      refreshToken: tokens.refresh_token,
+    };
+  },
+};
+
+// Add CoSec request interceptor
+fetcher.interceptors.request.use(
+  new CoSecRequestInterceptor({
+    appId: 'your-app-id',
+    deviceIdStorage,
+    tokenStorage,
+    tokenRefresher,
+  }),
+);
+
+// Add CoSec response interceptor
+fetcher.interceptors.response.use(
+  new CoSecResponseInterceptor({
+    appId: 'your-app-id',
+    deviceIdStorage,
+    tokenStorage,
+    tokenRefresher,
+  }),
+);
+```
+
+### Configuration Options
+
+```typescript
+interface CoSecOptions {
+  /**
+   * Application ID to be sent in the CoSec-App-Id header
+   */
+  appId: string;
+
+  /**
+   * Device ID storage instance
+   */
+  deviceIdStorage: DeviceIdStorage;
+
+  /**
+   * Token storage instance
+   */
+  tokenStorage: TokenStorage;
+
+  /**
+   * Token refresher function
+   */
+  tokenRefresher: TokenRefresher;
+}
+```
+
+### Headers Added
+
+The interceptor automatically adds the following headers to requests:
+
+1. `CoSec-Device-Id`: Device identifier (stored in localStorage or generated)
+2. `CoSec-App-Id`: Application identifier
+3. `Authorization`: Bearer token
+4. `CoSec-Request-Id`: Unique request identifier for each request
+
+### Token Refresh
+
+The response interceptor automatically handles token refresh when the server returns status code 401. When this happens,
+the `tokenRefresher.refresh` function is called to obtain new access and refresh tokens.
+
+### Token Storage
+
+The package includes a `TokenStorage` class for managing tokens in localStorage:
+
+```typescript
+import { TokenStorage } from '@ahoo-wang/fetcher-cosec';
+
+const tokenStorage = new TokenStorage();
+
+// Store tokens
+tokenStorage.set({
+  accessToken: 'access-token',
+  refreshToken: 'refresh-token',
+});
+
+// Get tokens
+const token = tokenStorage.get();
+if (token) {
+  console.log('Access token:', token.accessToken);
+  console.log('Refresh token:', token.refreshToken);
+}
+
+// Clear tokens
+tokenStorage.clear();
+```
+
+### Device ID Storage
+
+The package includes a `DeviceIdStorage` class for managing device identifiers in localStorage:
+
+```typescript
+import { DeviceIdStorage } from '@ahoo-wang/fetcher-cosec';
+
+const deviceIdStorage = new DeviceIdStorage();
+
+// Get or create a device ID
+const deviceId = deviceIdStorage.getOrCreate();
+
+// Store a specific device ID
+deviceIdStorage.set('specific-device-id');
+
+// Get the current device ID
+const currentDeviceId = deviceIdStorage.get();
+
+// Clear the stored device ID
+deviceIdStorage.clear();
+
+// Generate a new device ID (without storing it)
+const newDeviceId = deviceIdStorage.generateDeviceId();
+```
+
+## API
+
+### Interfaces
+
+- `AccessToken`: Contains an access token
+- `RefreshToken`: Contains a refresh token
+- `CompositeToken`: Contains both access and refresh tokens
+- `TokenRefresher`: Provides a method to refresh tokens
+
+### Classes
+
+- `TokenStorage`: Manages token storage in localStorage
+- `DeviceIdStorage`: Manages device ID storage in localStorage
+- `CoSecRequestInterceptor`: Adds CoSec headers to requests
+- `CoSecResponseInterceptor`: Handles token refresh on 401 responses
+- `InMemoryStorage`: In-memory storage fallback for environments without localStorage
+
+## CoSec Framework
+
+This package is designed to work with the [CoSec authentication framework](https://github.com/Ahoo-Wang/CoSec). For more
+information about CoSec features and capabilities, please visit
+the [CoSec GitHub repository](https://github.com/Ahoo-Wang/CoSec).
+
+## License
+
+Apache-2.0

package/README.zh-CN.md

@@ -0,0 +1,202 @@
+# @ahoo-wang/fetcher-cosec
+
+Fetcher HTTP 客户端的 CoSec 认证支持。
+
+[CoSec](https://github.com/Ahoo-Wang/CoSec) 是一个全面的身份认证和授权框架。
+
+此包提供了 Fetcher HTTP 客户端与 CoSec 认证框架之间的集成。
+
+## 功能特性
+
+- 自动添加 CoSec 认证头
+- 设备 ID 管理与 localStorage 持久化
+- 基于响应码（401）的自动令牌刷新
+- 请求 ID 生成用于跟踪
+- 令牌存储管理
+
+## 安装
+
+```bash
+npm install @ahoo-wang/fetcher-cosec
+```
+
+## 使用方法
+
+### 基本设置
+
+```typescript
+import { Fetcher } from '@ahoo-wang/fetcher';
+import {
+  CoSecRequestInterceptor,
+  CoSecResponseInterceptor,
+  DeviceIdStorage,
+  TokenStorage,
+  TokenRefresher,
+  CompositeToken,
+} from '@ahoo-wang/fetcher-cosec';
+
+// 创建 Fetcher 实例
+const fetcher = new Fetcher({
+  baseURL: 'https://api.example.com',
+});
+
+// 创建存储实例
+const deviceIdStorage = new DeviceIdStorage();
+const tokenStorage = new TokenStorage();
+
+// 创建令牌刷新器
+const tokenRefresher: TokenRefresher = {
+  async refresh(token: CompositeToken): Promise<CompositeToken> {
+    // 刷新令牌逻辑
+    const response = await fetcher.fetch('/auth/refresh', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+      },
+      body: token,
+    });
+
+    const tokens = await response.json();
+    return {
+      accessToken: tokens.access_token,
+      refreshToken: tokens.refresh_token,
+    };
+  },
+};
+
+// 添加 CoSec 请求拦截器
+fetcher.interceptors.request.use(
+  new CoSecRequestInterceptor({
+    appId: 'your-app-id',
+    deviceIdStorage,
+    tokenStorage,
+    tokenRefresher,
+  }),
+);
+
+// 添加 CoSec 响应拦截器
+fetcher.interceptors.response.use(
+  new CoSecResponseInterceptor({
+    appId: 'your-app-id',
+    deviceIdStorage,
+    tokenStorage,
+    tokenRefresher,
+  }),
+);
+```
+
+### 配置选项
+
+```typescript
+interface CoSecOptions {
+  /**
+   * 应用程序 ID，将在 CoSec-App-Id 头部中发送
+   */
+  appId: string;
+
+  /**
+   * 设备 ID 存储实例
+   */
+  deviceIdStorage: DeviceIdStorage;
+
+  /**
+   * 令牌存储实例
+   */
+  tokenStorage: TokenStorage;
+
+  /**
+   * 令牌刷新函数
+   */
+  tokenRefresher: TokenRefresher;
+}
+```
+
+### 添加的头部
+
+拦截器会自动向请求添加以下头部：
+
+1. `CoSec-Device-Id`: 设备标识符（存储在 localStorage 中或生成）
+2. `CoSec-App-Id`: 应用程序标识符
+3. `Authorization`: Bearer 令牌
+4. `CoSec-Request-Id`: 每个请求的唯一请求标识符
+
+### 令牌刷新
+
+响应拦截器会在服务器返回状态码 401 时自动处理令牌刷新。此时会调用 `tokenRefresher.refresh` 函数来获取新的访问和刷新令牌。
+
+### 令牌存储
+
+包中包含一个 `TokenStorage` 类，用于管理 localStorage 中的令牌：
+
+```typescript
+import { TokenStorage } from '@ahoo-wang/fetcher-cosec';
+
+const tokenStorage = new TokenStorage();
+
+// 存储令牌
+tokenStorage.set({
+  accessToken: 'access-token',
+  refreshToken: 'refresh-token',
+});
+
+// 获取令牌
+const token = tokenStorage.get();
+if (token) {
+  console.log('访问令牌:', token.accessToken);
+  console.log('刷新令牌:', token.refreshToken);
+}
+
+// 清除令牌
+tokenStorage.clear();
+```
+
+### 设备 ID 存储
+
+包中包含一个 `DeviceIdStorage` 类，用于管理 localStorage 中的设备标识符：
+
+```typescript
+import { DeviceIdStorage } from '@ahoo-wang/fetcher-cosec';
+
+const deviceIdStorage = new DeviceIdStorage();
+
+// 获取或创建设备 ID
+const deviceId = deviceIdStorage.getOrCreate();
+
+// 存储特定的设备 ID
+deviceIdStorage.set('specific-device-id');
+
+// 获取当前设备 ID
+const currentDeviceId = deviceIdStorage.get();
+
+// 清除存储的设备 ID
+deviceIdStorage.clear();
+
+// 生成新的设备 ID（不存储）
+const newDeviceId = deviceIdStorage.generateDeviceId();
+```
+
+## API
+
+### 接口
+
+- `AccessToken`: 包含访问令牌
+- `RefreshToken`: 包含刷新令牌
+- `CompositeToken`: 包含访问和刷新令牌
+- `TokenRefresher`: 提供刷新令牌的方法
+
+### 类
+
+- `TokenStorage`: 管理 localStorage 中的令牌存储
+- `DeviceIdStorage`: 管理 localStorage 中的设备 ID 存储
+- `CoSecRequestInterceptor`: 向请求添加 CoSec 头部
+- `CoSecResponseInterceptor`: 处理 401 响应的令牌刷新
+- `InMemoryStorage`: 无 localStorage 环境的内存存储后备
+
+## CoSec 框架
+
+此包设计用于与 [CoSec 认证框架](https://github.com/Ahoo-Wang/CoSec) 配合使用。有关 CoSec
+功能和特性的更多信息，请访问 [CoSec GitHub 仓库](https://github.com/Ahoo-Wang/CoSec)。
+
+## 许可证
+
+Apache-2.0

package/dist/cosecRequestInterceptor.d.ts

@@ -0,0 +1,20 @@
+import { Interceptor, FetchExchange } from '@ahoo-wang/fetcher';
+import { CoSecOptions } from './types';
+/**
+ * CoSec Request Interceptor
+ *
+ * Automatically adds CoSec authentication headers to requests:
+ * - CoSec-Device-Id: Device identifier (stored in localStorage or generated)
+ * - CoSec-App-Id: Application identifier
+ * - Authorization: Bearer token
+ * - CoSec-Request-Id: Unique request identifier for each request
+ */
+export declare class CoSecRequestInterceptor implements Interceptor {
+    private options;
+    constructor(options: CoSecOptions);
+    /**
+     * Intercept requests to add CoSec authentication headers
+     */
+    intercept(exchange: FetchExchange): FetchExchange;
+}
+//# sourceMappingURL=cosecRequestInterceptor.d.ts.map

package/dist/cosecRequestInterceptor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cosecRequestInterceptor.d.ts","sourceRoot":"","sources":["../src/cosecRequestInterceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAChF,OAAO,EAAgB,YAAY,EAAE,MAAM,SAAS,CAAC;AAGrD;;;;;;;;GAQG;AACH,qBAAa,uBAAwB,YAAW,WAAW;IACzD,OAAO,CAAC,OAAO,CAAe;gBAElB,OAAO,EAAE,YAAY;IAIjC;;OAEG;IACH,SAAS,CAAC,QAAQ,EAAE,aAAa,GAAG,aAAa;CAuBlD"}

package/dist/cosecResponseInterceptor.d.ts

@@ -0,0 +1,13 @@
+import { CoSecOptions } from './types';
+import { FetchExchange, Interceptor } from '@ahoo-wang/fetcher';
+/**
+ * CoSec Response Interceptor
+ *
+ * Handles automatic token refresh based on response codes
+ */
+export declare class CoSecResponseInterceptor implements Interceptor {
+    private options;
+    constructor(options: CoSecOptions);
+    intercept(exchange: FetchExchange): Promise<FetchExchange>;
+}
+//# sourceMappingURL=cosecResponseInterceptor.d.ts.map

package/dist/cosecResponseInterceptor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cosecResponseInterceptor.d.ts","sourceRoot":"","sources":["../src/cosecResponseInterceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAiB,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEhE;;;;GAIG;AACH,qBAAa,wBAAyB,YAAW,WAAW;IAC1D,OAAO,CAAC,OAAO,CAAe;gBAElB,OAAO,EAAE,YAAY;IAI3B,SAAS,CAAC,QAAQ,EAAE,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;CAsBjE"}

package/dist/deviceIdStorage.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Device ID storage class for managing device identifiers
+ */
+export declare class DeviceIdStorage {
+    private readonly deviceIdKey;
+    private storage;
+    constructor(deviceIdKey?: string, storage?: Storage);
+    /**
+     * Get the current device ID
+     */
+    get(): string | null;
+    /**
+     * Set a device ID
+     */
+    set(deviceId: string): void;
+    /**
+     * Generate a new device ID
+     */
+    generateDeviceId(): string;
+    /**
+     * Get or create a device ID
+     */
+    getOrCreate(): string;
+    /**
+     * Clear the stored device ID
+     */
+    clear(): void;
+}
+//# sourceMappingURL=deviceIdStorage.d.ts.map

package/dist/deviceIdStorage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deviceIdStorage.d.ts","sourceRoot":"","sources":["../src/deviceIdStorage.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,OAAO,CAAU;gBAGvB,WAAW,GAAE,MAAgC,EAC7C,OAAO,GAAE,OAAsB;IAMjC;;OAEG;IACH,GAAG,IAAI,MAAM,GAAG,IAAI;IAIpB;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAI3B;;OAEG;IACH,gBAAgB,IAAI,MAAM;IAI1B;;OAEG;IACH,WAAW,IAAI,MAAM;IAYrB;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}

package/dist/idGenerator.d.ts

@@ -0,0 +1,15 @@
+export interface IdGenerator {
+    generateId(): string;
+}
+/**
+ * Nano ID implementation of IdGenerator
+ * Generates unique request IDs using Nano ID
+ */
+export declare class NanoIdGenerator implements IdGenerator {
+    /**
+     * Generate a unique request ID
+     */
+    generateId(): string;
+}
+export declare const idGenerator: NanoIdGenerator;
+//# sourceMappingURL=idGenerator.d.ts.map

package/dist/idGenerator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"idGenerator.d.ts","sourceRoot":"","sources":["../src/idGenerator.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,WAAW;IAC1B,UAAU,IAAI,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,qBAAa,eAAgB,YAAW,WAAW;IACjD;;OAEG;IACH,UAAU,IAAI,MAAM;CAGrB;AAED,eAAO,MAAM,WAAW,iBAAwB,CAAC"}

package/dist/inMemoryStorage.d.ts

@@ -0,0 +1,14 @@
+/**
+ * In-memory storage fallback for environments without localStorage
+ */
+export declare class InMemoryStorage implements Storage {
+    private store;
+    get length(): number;
+    clear(): void;
+    getItem(key: string): string | null;
+    key(index: number): string | null;
+    removeItem(key: string): void;
+    setItem(key: string, value: string): void;
+}
+export declare function getStorage(): Storage;
+//# sourceMappingURL=inMemoryStorage.d.ts.map

package/dist/inMemoryStorage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inMemoryStorage.d.ts","sourceRoot":"","sources":["../src/inMemoryStorage.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,qBAAa,eAAgB,YAAW,OAAO;IAC7C,OAAO,CAAC,KAAK,CAAkC;IAE/C,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED,KAAK,IAAI,IAAI;IAIb,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKnC,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKjC,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAM7B,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;CAG1C;AAED,wBAAgB,UAAU,IAAI,OAAO,CAOpC"}

package/dist/index.d.ts

@@ -0,0 +1,9 @@
+export * from './cosecRequestInterceptor';
+export * from './cosecResponseInterceptor';
+export * from './deviceIdStorage';
+export * from './idGenerator';
+export * from './inMemoryStorage';
+export * from './tokenRefresher';
+export * from './tokenStorage';
+export * from './types';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,2BAA2B,CAAC;AAC1C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,mBAAmB,CAAC;AAClC,cAAc,eAAe,CAAC;AAC9B,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC"}

package/dist/index.es.js

@@ -0,0 +1,162 @@
+var o = /* @__PURE__ */ ((t) => (t.DEVICE_ID = "CoSec-Device-Id", t.APP_ID = "CoSec-App-Id", t.AUTHORIZATION = "Authorization", t.REQUEST_ID = "CoSec-Request-Id", t))(o || {}), c = /* @__PURE__ */ ((t) => (t[t.UNAUTHORIZED = 401] = "UNAUTHORIZED", t))(c || {});
+const S = {
+  ALLOW: { authorized: !0, reason: "Allow" },
+  EXPLICIT_DENY: { authorized: !1, reason: "Explicit Deny" },
+  IMPLICIT_DENY: { authorized: !1, reason: "Implicit Deny" },
+  TOKEN_EXPIRED: { authorized: !1, reason: "Token Expired" },
+  TOO_MANY_REQUESTS: { authorized: !1, reason: "Too Many Requests" }
+}, d = "useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";
+let h = (t = 21) => {
+  let e = "", r = crypto.getRandomValues(new Uint8Array(t |= 0));
+  for (; t--; )
+    e += d[r[t] & 63];
+  return e;
+};
+class l {
+  /**
+   * Generate a unique request ID
+   */
+  generateId() {
+    return h();
+  }
+}
+const u = new l();
+class k {
+  constructor(e) {
+    this.options = e;
+  }
+  /**
+   * Intercept requests to add CoSec authentication headers
+   */
+  intercept(e) {
+    const r = u.generateId(), n = this.options.deviceIdStorage.getOrCreate(), s = this.options.tokenStorage.get(), a = {
+      ...e.request,
+      headers: {
+        ...e.request.headers
+      }
+    }, i = a.headers;
+    return i[o.APP_ID] = this.options.appId, i[o.DEVICE_ID] = n, i[o.REQUEST_ID] = r, s && (i[o.AUTHORIZATION] = `Bearer ${s.accessToken}`), { ...e, request: a };
+  }
+}
+class f {
+  constructor(e) {
+    this.options = e;
+  }
+  async intercept(e) {
+    const r = e.response;
+    if (!r || r.status !== c.UNAUTHORIZED)
+      return e;
+    const n = this.options.tokenStorage.get();
+    if (!n)
+      return e;
+    try {
+      const s = await this.options.tokenRefresher.refresh(n);
+      return this.options.tokenStorage.set(s), e.fetcher.request(e.url, e.request);
+    } catch (s) {
+      throw this.options.tokenStorage.clear(), s;
+    }
+  }
+}
+class g {
+  constructor() {
+    this.store = /* @__PURE__ */ new Map();
+  }
+  get length() {
+    return this.store.size;
+  }
+  clear() {
+    this.store.clear();
+  }
+  getItem(e) {
+    const r = this.store.get(e);
+    return r !== void 0 ? r : null;
+  }
+  key(e) {
+    return Array.from(this.store.keys())[e] || null;
+  }
+  removeItem(e) {
+    this.store.has(e) && this.store.delete(e);
+  }
+  setItem(e, r) {
+    this.store.set(e, r);
+  }
+}
+function I() {
+  return typeof window < "u" && window.localStorage ? window.localStorage : new g();
+}
+const p = "cosec-device-id";
+class D {
+  constructor(e = p, r = I()) {
+    this.deviceIdKey = e, this.storage = r;
+  }
+  /**
+   * Get the current device ID
+   */
+  get() {
+    return this.storage.getItem(this.deviceIdKey);
+  }
+  /**
+   * Set a device ID
+   */
+  set(e) {
+    this.storage.setItem(this.deviceIdKey, e);
+  }
+  /**
+   * Generate a new device ID
+   */
+  generateDeviceId() {
+    return u.generateId();
+  }
+  /**
+   * Get or create a device ID
+   */
+  getOrCreate() {
+    let e = this.get();
+    return e || (e = this.generateDeviceId(), this.set(e)), e;
+  }
+  /**
+   * Clear the stored device ID
+   */
+  clear() {
+    this.storage.removeItem(this.deviceIdKey);
+  }
+}
+const y = "cosec-token";
+class E {
+  constructor(e = y, r = I()) {
+    this.tokenKey = e, this.storage = r;
+  }
+  /**
+   * Get the current access token
+   */
+  get() {
+    const e = this.storage.getItem(this.tokenKey);
+    return e ? JSON.parse(e) : null;
+  }
+  /**
+   * Store a composite token
+   */
+  set(e) {
+    const r = JSON.stringify(e);
+    this.storage.setItem(this.tokenKey, r);
+  }
+  /**
+   * Clear all tokens
+   */
+  clear() {
+    this.storage.removeItem(this.tokenKey);
+  }
+}
+export {
+  S as AuthorizeResults,
+  o as CoSecHeaders,
+  k as CoSecRequestInterceptor,
+  f as CoSecResponseInterceptor,
+  D as DeviceIdStorage,
+  g as InMemoryStorage,
+  l as NanoIdGenerator,
+  c as ResponseCodes,
+  E as TokenStorage,
+  I as getStorage,
+  u as idGenerator
+};

package/dist/index.umd.js

@@ -0,0 +1 @@
+(function(o,s){typeof exports=="object"&&typeof module<"u"?s(exports):typeof define=="function"&&define.amd?define(["exports"],s):(o=typeof globalThis<"u"?globalThis:o||self,s(o.FetcherCoSec={}))})(this,(function(o){"use strict";var s=(t=>(t.DEVICE_ID="CoSec-Device-Id",t.APP_ID="CoSec-App-Id",t.AUTHORIZATION="Authorization",t.REQUEST_ID="CoSec-Request-Id",t))(s||{}),c=(t=>(t[t.UNAUTHORIZED=401]="UNAUTHORIZED",t))(c||{});const g={ALLOW:{authorized:!0,reason:"Allow"},EXPLICIT_DENY:{authorized:!1,reason:"Explicit Deny"},IMPLICIT_DENY:{authorized:!1,reason:"Implicit Deny"},TOKEN_EXPIRED:{authorized:!1,reason:"Token Expired"},TOO_MANY_REQUESTS:{authorized:!1,reason:"Too Many Requests"}},f="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";let S=(t=21)=>{let e="",r=crypto.getRandomValues(new Uint8Array(t|=0));for(;t--;)e+=f[r[t]&63];return e};class I{generateId(){return S()}}const u=new I;class y{constructor(e){this.options=e}intercept(e){const r=u.generateId(),i=this.options.deviceIdStorage.getOrCreate(),n=this.options.tokenStorage.get(),l={...e.request,headers:{...e.request.headers}},a=l.headers;return a[s.APP_ID]=this.options.appId,a[s.DEVICE_ID]=i,a[s.REQUEST_ID]=r,n&&(a[s.AUTHORIZATION]=`Bearer ${n.accessToken}`),{...e,request:l}}}class p{constructor(e){this.options=e}async intercept(e){const r=e.response;if(!r||r.status!==c.UNAUTHORIZED)return e;const i=this.options.tokenStorage.get();if(!i)return e;try{const n=await this.options.tokenRefresher.refresh(i);return this.options.tokenStorage.set(n),e.fetcher.request(e.url,e.request)}catch(n){throw this.options.tokenStorage.clear(),n}}}class h{constructor(){this.store=new Map}get length(){return this.store.size}clear(){this.store.clear()}getItem(e){const r=this.store.get(e);return r!==void 0?r:null}key(e){return Array.from(this.store.keys())[e]||null}removeItem(e){this.store.has(e)&&this.store.delete(e)}setItem(e,r){this.store.set(e,r)}}function d(){return typeof window<"u"&&window.localStorage?window.localStorage:new h}const T="cosec-device-id";class k{constructor(e=T,r=d()){this.deviceIdKey=e,this.storage=r}get(){return this.storage.getItem(this.deviceIdKey)}set(e){this.storage.setItem(this.deviceIdKey,e)}generateDeviceId(){return u.generateId()}getOrCreate(){let e=this.get();return e||(e=this.generateDeviceId(),this.set(e)),e}clear(){this.storage.removeItem(this.deviceIdKey)}}const v="cosec-token";class D{constructor(e=v,r=d()){this.tokenKey=e,this.storage=r}get(){const e=this.storage.getItem(this.tokenKey);return e?JSON.parse(e):null}set(e){const r=JSON.stringify(e);this.storage.setItem(this.tokenKey,r)}clear(){this.storage.removeItem(this.tokenKey)}}o.AuthorizeResults=g,o.CoSecHeaders=s,o.CoSecRequestInterceptor=y,o.CoSecResponseInterceptor=p,o.DeviceIdStorage=k,o.InMemoryStorage=h,o.NanoIdGenerator=I,o.ResponseCodes=c,o.TokenStorage=D,o.getStorage=d,o.idGenerator=u,Object.defineProperty(o,Symbol.toStringTag,{value:"Module"})}));

package/dist/tokenRefresher.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Access token interface
+ */
+export interface AccessToken {
+    accessToken: string;
+}
+/**
+ * Refresh token interface
+ */
+export interface RefreshToken {
+    refreshToken: string;
+}
+/**
+ * Composite token interface that contains both access and refresh tokens
+ * accessToken and refreshToken always appear in pairs, no need to split them
+ */
+export interface CompositeToken extends AccessToken, RefreshToken {
+}
+/**
+ * Token refresher interface
+ * Provides a method to refresh tokens
+ */
+export interface TokenRefresher {
+    /**
+     * Refresh the given token and return a new CompositeToken
+     * @param token The token to refresh
+     * @returns A Promise that resolves to a new CompositeToken
+     */
+    refresh(token: CompositeToken): Promise<CompositeToken>;
+}
+//# sourceMappingURL=tokenRefresher.d.ts.map

package/dist/tokenRefresher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokenRefresher.d.ts","sourceRoot":"","sources":["../src/tokenRefresher.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAe,SAAQ,WAAW,EAAE,YAAY;CAChE;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;OAIG;IACH,OAAO,CAAC,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;CACzD"}

package/dist/tokenStorage.d.ts

@@ -0,0 +1,22 @@
+import { CompositeToken } from './tokenRefresher';
+/**
+ * Token storage class for managing access and refresh tokens
+ */
+export declare class TokenStorage {
+    private readonly tokenKey;
+    private storage;
+    constructor(tokenKey?: string, storage?: Storage);
+    /**
+     * Get the current access token
+     */
+    get(): CompositeToken | null;
+    /**
+     * Store a composite token
+     */
+    set(token: CompositeToken): void;
+    /**
+     * Clear all tokens
+     */
+    clear(): void;
+}
+//# sourceMappingURL=tokenStorage.d.ts.map

package/dist/tokenStorage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokenStorage.d.ts","sourceRoot":"","sources":["../src/tokenStorage.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAIlD;;GAEG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,OAAO,CAAU;gBAGvB,QAAQ,GAAE,MAA6B,EACvC,OAAO,GAAE,OAAsB;IAMjC;;OAEG;IACH,GAAG,IAAI,cAAc,GAAG,IAAI;IAK5B;;OAEG;IACH,GAAG,CAAC,KAAK,EAAE,cAAc,GAAG,IAAI;IAKhC;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}

package/dist/types.d.ts

@@ -0,0 +1,70 @@
+import { DeviceIdStorage } from './deviceIdStorage';
+import { TokenStorage } from './tokenStorage';
+import { TokenRefresher } from './tokenRefresher';
+/**
+ * CoSec HTTP headers enumeration
+ */
+export declare enum CoSecHeaders {
+    DEVICE_ID = "CoSec-Device-Id",
+    APP_ID = "CoSec-App-Id",
+    AUTHORIZATION = "Authorization",
+    REQUEST_ID = "CoSec-Request-Id"
+}
+export declare enum ResponseCodes {
+    UNAUTHORIZED = 401
+}
+/**
+ * CoSec options interface
+ */
+export interface CoSecOptions {
+    /**
+     * Application ID to be sent in the CoSec-App-Id header
+     */
+    appId: string;
+    /**
+     * Device ID storage instance
+     */
+    deviceIdStorage: DeviceIdStorage;
+    /**
+     * Token storage instance
+     */
+    tokenStorage: TokenStorage;
+    /**
+     * Token refresher function
+     * Takes a CompositeToken and returns a Promise that resolves to a new CompositeToken
+     */
+    tokenRefresher: TokenRefresher;
+}
+/**
+ * Authorization result interface
+ */
+export interface AuthorizeResult {
+    authorized: boolean;
+    reason: string;
+}
+/**
+ * Authorization result constants
+ */
+export declare const AuthorizeResults: {
+    ALLOW: {
+        authorized: boolean;
+        reason: string;
+    };
+    EXPLICIT_DENY: {
+        authorized: boolean;
+        reason: string;
+    };
+    IMPLICIT_DENY: {
+        authorized: boolean;
+        reason: string;
+    };
+    TOKEN_EXPIRED: {
+        authorized: boolean;
+        reason: string;
+    };
+    TOO_MANY_REQUESTS: {
+        authorized: boolean;
+        reason: string;
+    };
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAElD;;GAEG;AACH,oBAAY,YAAY;IACtB,SAAS,oBAAoB;IAC7B,MAAM,iBAAiB;IACvB,aAAa,kBAAkB;IAC/B,UAAU,qBAAqB;CAChC;AAED,oBAAY,aAAa;IACvB,YAAY,MAAM;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,eAAe,EAAE,eAAe,CAAC;IAEjC;;OAEG;IACH,YAAY,EAAE,YAAY,CAAC;IAE3B;;;OAGG;IACH,cAAc,EAAE,cAAc,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;CAM5B,CAAC"}

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "@ahoo-wang/fetcher-cosec",
+  "version": "0.3.0",
+  "description": "Support for CoSec authentication in Fetcher",
+  "keywords": [
+    "fetch",
+    "http",
+    "client",
+    "cosec",
+    "authentication"
+  ],
+  "author": "Ahoo-Wang",
+  "license": "Apache-2.0",
+  "homepage": "https://github.com/Ahoo-Wang/fetcher/tree/master/packages/cosec",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Ahoo-Wang/fetcher.git",
+    "directory": "packages/cosec"
+  },
+  "bugs": {
+    "url": "https://github.com/Ahoo-Wang/fetcher/issues"
+  },
+  "main": "./dist/index.umd.js",
+  "module": "./dist/index.es.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.es.js",
+      "require": "./dist/index.umd.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "nanoid": "^5.1.5",
+    "@ahoo-wang/fetcher": "0.3.0"
+  },
+  "devDependencies": {
+    "@vitest/coverage-v8": "^3.2.4",
+    "eslint": "^9.33.0",
+    "prettier": "^3.6.2",
+    "typescript": "^5.9.2",
+    "unplugin-dts": "1.0.0-beta.6",
+    "vite": "^7.1.3",
+    "vitest": "^3.2.4"
+  },
+  "scripts": {
+    "build": "vite build",
+    "test": "vitest run --coverage",
+    "lint": "tsc --noEmit",
+    "clean": "rm -rf dist"
+  }
+}