npm - @amigo-ai/platform-sdk - Versions diffs - 0.11.0 → 0.11.2 - Mend

@amigo-ai/platform-sdk 0.11.0 → 0.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/core/device-code.js +60 -11
package/dist/core/device-code.js.map +1 -1
package/dist/index.cjs +75 -14
package/dist/index.cjs.map +3 -3
package/dist/index.mjs +75 -14
package/dist/index.mjs.map +3 -3
package/dist/types/core/device-code.d.ts +2 -0
package/dist/types/core/device-code.d.ts.map +1 -1
package/package.json +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -3115,9 +3115,10 @@ async function requestDeviceCode(baseUrl, params, fetchFn) {
   }
   return await res.json();
 }
-async function pollDeviceCode(baseUrl, deviceCode, scope, fetchFn) {
+async function pollDeviceCode(baseUrl, deviceCode, scope, workspaceId2, fetchFn) {
   const body = new URLSearchParams({ grant_type: "device_code", device_code: deviceCode });
   if (scope) body.set("scope", scope);
+  if (workspaceId2) body.set("workspace_id", workspaceId2);
   const res = await identityPost(baseUrl, "/token", body, fetchFn);
   if (res.status === 300)
     return { type: "multi_workspace", data: await res.json() };
@@ -3193,6 +3194,64 @@ function toAuthResult(token, workspaceIdOverride) {
     scope: token.scope
   };
 }
+async function fetchWorkspaces(baseUrl, accessToken, fetchFn) {
+  for (const path of ["/self/profile", "/self"]) {
+    const res = await fetchFn(`${baseUrl}${path}`, {
+      headers: { Authorization: `Bearer ${accessToken}` }
+    });
+    if (res.ok) {
+      const data = await res.json();
+      return (data.workspaces ?? []).map((ws) => ({
+        workspace_id: ws.workspace_id,
+        role: ws.role,
+        name: ws.name
+      }));
+    }
+    if (res.status !== 404) {
+      throw new AmigoError(`Failed to fetch workspaces (${res.status})`, { statusCode: res.status });
+    }
+  }
+  return [];
+}
+async function resolveWorkspaceFromBootstrap(baseUrl, token, options, fetchFn) {
+  if (!token.refresh_token) {
+    throw new AmigoError("Bootstrap token missing refresh_token", { errorCode: "server_error" });
+  }
+  const workspaces = await fetchWorkspaces(baseUrl, token.access_token, fetchFn);
+  if (workspaces.length === 0) {
+    throw new AmigoError(
+      "No workspace memberships found. Create a workspace or request an invitation.",
+      { errorCode: "no_workspaces" }
+    );
+  }
+  if (workspaces.length === 1 && workspaces[0]) {
+    const scoped2 = await doRefreshToken(
+      baseUrl,
+      { refreshToken: token.refresh_token, workspaceId: workspaces[0].workspace_id, scope: options.scope },
+      fetchFn
+    );
+    return toAuthResult(scoped2, workspaces[0].workspace_id);
+  }
+  const workspaceId2 = await options.onWorkspaceRequired(workspaces);
+  const scoped = await doRefreshToken(
+    baseUrl,
+    { refreshToken: token.refresh_token, workspaceId: workspaceId2, scope: options.scope },
+    fetchFn
+  );
+  return toAuthResult(scoped, workspaceId2);
+}
+async function resolveWorkspaceFromMulti(baseUrl, multi, options, fetchFn) {
+  if (!multi.refresh_token) {
+    throw new AmigoError("Multi-workspace response missing refresh_token", { errorCode: "server_error" });
+  }
+  const workspaceId2 = await options.onWorkspaceRequired(multi.workspaces);
+  const scoped = await doRefreshToken(
+    baseUrl,
+    { refreshToken: multi.refresh_token, workspaceId: workspaceId2, scope: options.scope },
+    fetchFn
+  );
+  return toAuthResult(scoped, workspaceId2);
+}
 async function loginWithDeviceCode(options) {
   const baseUrl = (options.identityBaseUrl ?? DEFAULT_IDENTITY_URL).replace(/\/+$/, "");
   const fetchFn = options.fetch ?? globalThis.fetch;
@@ -3210,7 +3269,7 @@ async function loginWithDeviceCode(options) {
     if (options.signal?.aborted) throw new LoginCancelledError();
     options.onStatus?.("polling");
     try {
-      const result = await pollDeviceCode(baseUrl, issuance.device_code, options.scope, fetchFn);
+      const result = await pollDeviceCode(baseUrl, issuance.device_code, options.scope, options.workspaceId, fetchFn);
       if (result.type === "pending") {
         options.onStatus?.("authorization_pending");
         continue;
@@ -3222,20 +3281,22 @@ async function loginWithDeviceCode(options) {
       }
       options.onStatus?.("approved");
       if (result.type === "token") {
+        const claims = decodeJwtPayload(result.data.access_token);
+        const isBootstrap = claims?.workspace_bootstrap || !claims?.workspace_id;
+        if (isBootstrap && result.data.refresh_token) {
+          if (options.workspaceId) {
+            const scoped = await doRefreshToken(
+              baseUrl,
+              { refreshToken: result.data.refresh_token, workspaceId: options.workspaceId, scope: options.scope },
+              fetchFn
+            );
+            return toAuthResult(scoped, options.workspaceId);
+          }
+          return await resolveWorkspaceFromBootstrap(baseUrl, result.data, options, fetchFn);
+        }
         return toAuthResult(result.data);
       }
-      const workspaceId2 = await options.onWorkspaceRequired(result.data.workspaces);
-      if (!result.data.refresh_token) {
-        throw new AmigoError("Multi-workspace response missing refresh_token", {
-          errorCode: "server_error"
-        });
-      }
-      const tokenResponse = await doRefreshToken(
-        baseUrl,
-        { refreshToken: result.data.refresh_token, workspaceId: workspaceId2, scope: options.scope },
-        fetchFn
-      );
-      return toAuthResult(tokenResponse, workspaceId2);
+      return await resolveWorkspaceFromMulti(baseUrl, result.data, options, fetchFn);
     } catch (err) {
       if (err instanceof AmigoError && err.errorCode === "expired_token") {
         options.onStatus?.("expired");