@apifuse/provider-sdk 2.0.0-beta.1 → 2.1.0-beta.0

package/src/protocol.ts

@@ -1,183 +0,0 @@
-/**
- * Container Protocol — Communication contract between Route Server and Provider Containers.
- *
- * All provider containers expose HTTP endpoints. Route Server sends requests
- * and receives responses in these formats.
- */
-
-// ═══════════════════════════════════════════════════════════════
-// Execute Operation
-// POST /execute/:operationId
-// ═══════════════════════════════════════════════════════════════
-
-export interface ExecuteRequest {
-	/** Validated input (already passed Zod validation by Route Server) */
-	input: unknown;
-	/** Decrypted session key-value pairs (loaded by Route Server from DB) */
-	session?: Record<string, string>;
-	/** Trace context for distributed tracing */
-	trace?: { traceId: string; spanId: string };
-}
-
-export interface ExecuteResponse {
-	/** Operation result (will be Zod-validated by Route Server) */
-	data: unknown;
-	/** Session mutations to persist back to DB (key→value for set, key→null for delete) */
-	sessionPatch?: Record<string, string | null>;
-	/** Trace spans collected during execution */
-	trace?: { spans: unknown[] };
-}
-
-// ═══════════════════════════════════════════════════════════════
-// Connect (Auth Exchange)
-// POST /connect
-// ═══════════════════════════════════════════════════════════════
-
-export interface ConnectRequest {
-	/** User-provided credentials */
-	credentials: Record<string, string>;
-	/** Existing session (for re-auth scenarios) */
-	session?: Record<string, string>;
-}
-
-/** Successful connection */
-export interface ConnectSuccessResponse {
-	status: "success";
-	/** Display name for the connected upstream account */
-	accountRef?: string;
-	/** Session data to persist (full session state after exchange) */
-	sessionPatch: Record<string, string>;
-}
-
-/** Connection requires additional field (e.g., OTP) */
-export interface ConnectPendingFieldResponse {
-	status: "pending_field";
-	/** Name of the field to request from user */
-	field: string;
-	/** Label to display to user */
-	fieldLabel?: string;
-	/** Opaque token to resume the connection flow */
-	resumeToken: string;
-	/** Partial session state to persist (intermediate state) */
-	sessionPatch?: Record<string, string>;
-}
-
-/** Connection failed */
-export interface ConnectFailedResponse {
-	status: "failed";
-	/** Error code for programmatic handling */
-	error: string;
-	/** Human-readable error message */
-	message?: string;
-}
-
-export type ConnectResponse =
-	| ConnectSuccessResponse
-	| ConnectPendingFieldResponse
-	| ConnectFailedResponse;
-
-// ═══════════════════════════════════════════════════════════════
-// Resume (Continue deferred auth)
-// POST /connect/resume
-// ═══════════════════════════════════════════════════════════════
-
-export interface ResumeRequest {
-	/** Resume token from ConnectPendingFieldResponse */
-	resumeToken: string;
-	/** User-provided value for the requested field */
-	fieldValue: string;
-	/** Current session state */
-	session?: Record<string, string>;
-}
-
-export type ResumeResponse = ConnectResponse; // same as ConnectResponse
-
-// ═══════════════════════════════════════════════════════════════
-// Refresh (Auth token refresh)
-// POST /refresh
-// ═══════════════════════════════════════════════════════════════
-
-export interface RefreshRequest {
-	/** Current session to refresh */
-	session: Record<string, string>;
-}
-
-export interface RefreshSuccessResponse {
-	status: "success";
-	/** Updated session data */
-	sessionPatch: Record<string, string>;
-}
-
-export interface RefreshFailedResponse {
-	status: "failed";
-	error: string;
-	message?: string;
-}
-
-export type RefreshResponse = RefreshSuccessResponse | RefreshFailedResponse;
-
-// ═══════════════════════════════════════════════════════════════
-// Disconnect
-// POST /disconnect
-// ═══════════════════════════════════════════════════════════════
-
-export interface DisconnectRequest {
-	/** Session to clean up */
-	session: Record<string, string>;
-}
-
-export interface DisconnectResponse {
-	status: "success" | "failed";
-	error?: string;
-}
-
-// ═══════════════════════════════════════════════════════════════
-// Health
-// GET /health
-// ═══════════════════════════════════════════════════════════════
-
-export interface HealthResponse {
-	status: "ok" | "degraded" | "error";
-	provider: string;
-	version: string;
-	uptime?: number;
-}
-
-// ═══════════════════════════════════════════════════════════════
-// Schema
-// GET /schema/:operationId
-// ═══════════════════════════════════════════════════════════════
-
-export interface SchemaResponse {
-	operationId: string;
-	description?: string;
-	input: Record<string, unknown>; // JSON Schema
-	output: Record<string, unknown>; // JSON Schema
-	hints?: Record<string, string>;
-}
-
-// ═══════════════════════════════════════════════════════════════
-// Error envelope (used for any error response)
-// ═══════════════════════════════════════════════════════════════
-
-export interface ContainerErrorResponse {
-	error: {
-		code: string;
-		message: string;
-		details?: unknown;
-	};
-}
-
-// ═══════════════════════════════════════════════════════════════
-// Standard endpoint paths
-// ═══════════════════════════════════════════════════════════════
-
-export const CONTAINER_ENDPOINTS = {
-	execute: "/execute/:operationId",
-	connect: "/connect",
-	resume: "/connect/resume",
-	refresh: "/refresh",
-	disconnect: "/disconnect",
-	health: "/health",
-	schema: "/schema/:operationId",
-} as const;

package/src/runtime/auth.ts

@@ -1,245 +0,0 @@
-import { AuthError, TransportError } from "../errors";
-import type {
-	AuthConfig,
-	AuthContext,
-	AuthField,
-	ProviderContext,
-	SessionStore,
-} from "../types";
-
-const AUTH_SESSION_KEY = "__auth__";
-const REQUEST_FIELD_TIMEOUT_MS = 60_000;
-
-function createAuthSessionMarker(
-	marker: Record<string, boolean | number>,
-): string {
-	return JSON.stringify(marker);
-}
-
-type PendingFieldRequest = {
-	promise: Promise<string>;
-	resolve: (value: string) => void;
-	reject: (error: AuthError) => void;
-	timeoutId: ReturnType<typeof setTimeout>;
-};
-
-export interface AuthManager {
-	exchange(
-		ctx: ProviderContext,
-		credentials: Record<string, string>,
-	): Promise<void>;
-	refresh(ctx: ProviderContext): Promise<void>;
-	disconnect(ctx: ProviderContext): Promise<void>;
-	wrapWithAutoRefresh<T>(
-		ctx: ProviderContext,
-		operation: () => Promise<T>,
-	): Promise<T>;
-	getFields(): AuthField[];
-	createAuthContext(): AuthContext;
-	resolveField(name: string, value: string): void;
-	getPendingFields(): string[];
-	isAuthNone(): boolean;
-}
-
-function toAuthError(error: unknown): AuthError {
-	if (error instanceof AuthError) {
-		return error;
-	}
-
-	if (error instanceof Error) {
-		return new AuthError(error.message, { cause: error });
-	}
-
-	return new AuthError("Auth exchange failed");
-}
-
-function is401or403(error: unknown): error is TransportError {
-	return (
-		error instanceof TransportError &&
-		(error.status === 401 || error.status === 403)
-	);
-}
-
-export function createAuthManager(
-	config: AuthConfig | undefined,
-	session: SessionStore,
-): AuthManager {
-	const pendingFieldRequests = new Map<string, PendingFieldRequest>();
-	const resolvedFieldValues = new Map<string, string>();
-	let refreshPromise: Promise<void> | null = null;
-
-	function createTimedFieldRequest(name: string): Promise<string> {
-		const existingRequest = pendingFieldRequests.get(name);
-		if (existingRequest) {
-			return existingRequest.promise;
-		}
-
-		const preResolvedValue = resolvedFieldValues.get(name);
-		if (preResolvedValue !== undefined) {
-			resolvedFieldValues.delete(name);
-			return Promise.resolve(preResolvedValue);
-		}
-
-		let resolvePromise!: (value: string) => void;
-		let rejectPromise!: (error: AuthError) => void;
-
-		const promise = new Promise<string>((resolve, reject) => {
-			resolvePromise = resolve;
-			rejectPromise = reject;
-		});
-
-		const timeoutId = setTimeout(() => {
-			pendingFieldRequests.delete(name);
-			rejectPromise(new AuthError(`Auth field request timed out: ${name}`));
-		}, REQUEST_FIELD_TIMEOUT_MS);
-
-		pendingFieldRequests.set(name, {
-			promise,
-			resolve: (value) => {
-				clearTimeout(timeoutId);
-				pendingFieldRequests.delete(name);
-				resolvePromise(value);
-			},
-			reject: (error) => {
-				clearTimeout(timeoutId);
-				pendingFieldRequests.delete(name);
-				rejectPromise(error);
-			},
-			timeoutId,
-		});
-
-		return promise;
-	}
-
-	const authContext: AuthContext = {
-		requestField(name) {
-			return createTimedFieldRequest(name);
-		},
-	};
-
-	const manager: AuthManager = {
-		async exchange(ctx, credentials) {
-			if (!config || config.mode === "none") {
-				throw new AuthError("No auth configured");
-			}
-
-			if (!config.exchange) {
-				throw new AuthError("Auth exchange is not configured");
-			}
-
-			ctx.auth = authContext;
-
-			await ctx.trace.span("auth.exchange", async () => {
-				try {
-					await config.exchange?.(ctx, credentials);
-				} catch (error) {
-					throw toAuthError(error);
-				}
-
-				await session.set(
-					AUTH_SESSION_KEY,
-					createAuthSessionMarker({
-						authenticated: true,
-						timestamp: Date.now(),
-					}),
-				);
-			});
-		},
-		async refresh(ctx) {
-			if (refreshPromise) {
-				return refreshPromise;
-			}
-
-			if (!config?.refresh) {
-				throw new AuthError("No refresh configured");
-			}
-
-			const doRefresh = async () => {
-				await ctx.trace.span("auth.refresh", async () => {
-					try {
-						await config.refresh?.(ctx);
-					} catch (error) {
-						throw toAuthError(error);
-					}
-
-					await session.set(
-						AUTH_SESSION_KEY,
-						createAuthSessionMarker({
-							authenticated: true,
-							refreshed: true,
-							timestamp: Date.now(),
-						}),
-					);
-				});
-			};
-
-			refreshPromise = doRefresh().finally(() => {
-				refreshPromise = null;
-			});
-
-			return refreshPromise;
-		},
-		async disconnect(ctx) {
-			await ctx.trace.span("auth.disconnect", async () => {
-				let disconnectError: AuthError | null = null;
-
-				try {
-					if (config?.disconnect) {
-						await config.disconnect(ctx);
-					}
-				} catch (error) {
-					disconnectError = toAuthError(error);
-				} finally {
-					await session.delete(AUTH_SESSION_KEY);
-				}
-
-				if (disconnectError) {
-					throw disconnectError;
-				}
-			});
-		},
-		async wrapWithAutoRefresh(ctx, operation) {
-			try {
-				return await operation();
-			} catch (error) {
-				if (is401or403(error) && config?.refresh) {
-					const originalError = error;
-					await manager.refresh(ctx);
-
-					try {
-						return await operation();
-					} catch {
-						throw originalError;
-					}
-				}
-
-				throw error;
-			}
-		},
-		getFields() {
-			return config?.fields ?? [];
-		},
-		createAuthContext() {
-			return authContext;
-		},
-		resolveField(name, value) {
-			const pendingRequest = pendingFieldRequests.get(name);
-
-			if (!pendingRequest) {
-				resolvedFieldValues.set(name, value);
-				return;
-			}
-
-			clearTimeout(pendingRequest.timeoutId);
-			pendingRequest.resolve(value);
-		},
-		getPendingFields() {
-			return Array.from(pendingFieldRequests.keys());
-		},
-		isAuthNone() {
-			return !config || config.mode === "none";
-		},
-	};
-
-	return manager;
-}