@arbidocs/sdk 0.3.16 → 0.3.18

package/dist/index.cjs

@@ -129,11 +129,13 @@ var FileConfigStore = class {
   configFile;
   credentialsFile;
   sessionFile;
+  metadataFile;
   constructor(configDir) {
     this.configDir = configDir ?? process.env.ARBI_CONFIG_DIR ?? path2__default.default.join(os__default.default.homedir(), ".arbi");
     this.configFile = path2__default.default.join(this.configDir, "config.json");
     this.credentialsFile = path2__default.default.join(this.configDir, "credentials.json");
     this.sessionFile = path2__default.default.join(this.configDir, "session.json");
+    this.metadataFile = path2__default.default.join(this.configDir, "last-metadata.json");
   }
   ensureConfigDir() {
     if (!fs__default.default.existsSync(this.configDir)) {
@@ -204,6 +206,13 @@ var FileConfigStore = class {
   clearChatSession() {
     this.saveChatSession({ ...DEFAULT_SESSION });
   }
+  // ── Last metadata (for citation browsing) ────────────────────────────────
+  saveLastMetadata(metadata) {
+    this.writeSecureFile(this.metadataFile, metadata);
+  }
+  loadLastMetadata() {
+    return this.readJsonFile(this.metadataFile);
+  }
   /**
    * Try to resolve config from multiple sources, in priority order:
    *
@@ -276,6 +285,107 @@ var FileConfigStore = class {
     return null;
   }
 };
+
+// src/device-flow.ts
+var device_flow_exports = {};
+__export(device_flow_exports, {
+  DeviceFlowAccessDenied: () => DeviceFlowAccessDenied,
+  DeviceFlowError: () => DeviceFlowError,
+  DeviceFlowExpired: () => DeviceFlowExpired,
+  fetchSsoConfig: () => fetchSsoConfig,
+  pollForToken: () => pollForToken,
+  requestDeviceCode: () => requestDeviceCode
+});
+var DeviceFlowError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "DeviceFlowError";
+  }
+};
+var DeviceFlowExpired = class extends DeviceFlowError {
+  constructor() {
+    super("Device code expired \u2014 please try again");
+    this.name = "DeviceFlowExpired";
+  }
+};
+var DeviceFlowAccessDenied = class extends DeviceFlowError {
+  constructor() {
+    super("Authorization was denied by the user");
+    this.name = "DeviceFlowAccessDenied";
+  }
+};
+async function fetchSsoConfig(baseUrl) {
+  const arbi = client.createArbiClient({ baseUrl, deploymentDomain: "", credentials: "omit" });
+  const { data, error } = await arbi.fetch.GET("/v1/user/sso-config");
+  if (error || !data) {
+    throw new DeviceFlowError(`Failed to fetch SSO config`);
+  }
+  return {
+    ssoEnabled: data.sso_enabled,
+    domain: data.domain,
+    clientId: data.cli_client_id || data.client_id,
+    audience: data.audience
+  };
+}
+async function requestDeviceCode(domain, clientId, audience, scope = "openid email profile") {
+  const body = new URLSearchParams({
+    client_id: clientId,
+    scope,
+    ...audience ? { audience } : {}
+  });
+  const res = await fetch(`https://${domain}/oauth/device/code`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body
+  });
+  if (!res.ok) {
+    const text = await res.text();
+    throw new DeviceFlowError(`Device code request failed: ${res.status} ${text}`);
+  }
+  return await res.json();
+}
+async function pollForToken(domain, clientId, deviceCode, interval, expiresIn, onPoll) {
+  const deadline = Date.now() + expiresIn * 1e3;
+  let pollInterval = interval * 1e3;
+  while (Date.now() < deadline) {
+    await sleep(pollInterval);
+    onPoll?.(Date.now());
+    const res = await fetch(`https://${domain}/oauth/token`, {
+      method: "POST",
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      body: new URLSearchParams({
+        grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+        client_id: clientId,
+        device_code: deviceCode
+      })
+    });
+    if (res.ok) {
+      const data = await res.json();
+      return data.access_token;
+    }
+    const errBody = await res.json().catch(() => ({ error: "unknown" }));
+    if (errBody.error === "authorization_pending") {
+      continue;
+    } else if (errBody.error === "slow_down") {
+      pollInterval += 5e3;
+      continue;
+    } else if (errBody.error === "expired_token") {
+      throw new DeviceFlowExpired();
+    } else if (errBody.error === "access_denied") {
+      throw new DeviceFlowAccessDenied();
+    } else {
+      throw new DeviceFlowError(
+        `Token polling error: ${errBody.error} \u2014 ${errBody.error_description ?? ""}`
+      );
+    }
+  }
+  throw new DeviceFlowExpired();
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// src/auth.ts
 function formatWorkspaceChoices(wsList) {
   return wsList.map((ws) => {
     const totalDocs = ws.shared_document_count + ws.private_document_count;
@@ -296,7 +406,8 @@ async function createAuthenticatedClient(config, creds, store) {
   const signingPrivateKey = client.base64ToBytes(creds.signingPrivateKeyBase64);
   const loginResult = await arbi.auth.loginWithKey({
     email: creds.email,
-    signingPrivateKey
+    signingPrivateKey,
+    ssoToken: creds.ssoToken
   });
   store.saveCredentials({
     ...creds,
@@ -328,6 +439,40 @@ async function performPasswordLogin(config, email, password, store) {
   });
   return { arbi, loginResult, config };
 }
+async function performSsoDeviceFlowLogin(config, email, password, store, callbacks) {
+  const ssoConfig = await fetchSsoConfig(config.baseUrl);
+  if (!ssoConfig.ssoEnabled) {
+    throw new ArbiError("SSO is not enabled on this deployment");
+  }
+  const dc = await requestDeviceCode(ssoConfig.domain, ssoConfig.clientId, ssoConfig.audience);
+  callbacks?.onUserCode?.(dc.user_code, dc.verification_uri_complete);
+  const ssoToken = await pollForToken(
+    ssoConfig.domain,
+    ssoConfig.clientId,
+    dc.device_code,
+    dc.interval,
+    dc.expires_in,
+    callbacks?.onPoll
+  );
+  const arbi = client.createArbiClient({
+    baseUrl: config.baseUrl,
+    deploymentDomain: config.deploymentDomain,
+    credentials: "omit"
+  });
+  await arbi.crypto.initSodium();
+  const loginResult = await arbi.auth.login({ email, password, ssoToken });
+  store.saveCredentials({
+    email,
+    signingPrivateKeyBase64: arbi.crypto.bytesToBase64(loginResult.signingPrivateKey),
+    serverSessionKeyBase64: arbi.crypto.bytesToBase64(loginResult.serverSessionKey),
+    ssoToken,
+    accessToken: void 0,
+    workspaceKeyHeader: void 0,
+    workspaceId: void 0,
+    tokenTimestamp: void 0
+  });
+  return { arbi, loginResult, config };
+}
 async function selectWorkspace(arbi, workspaceId, wrappedKey, serverSessionKey, signingPrivateKeyBase64) {
   const signingPrivateKey = client.base64ToBytes(signingPrivateKeyBase64);
   const ed25519PublicKey = signingPrivateKey.slice(32, 64);
@@ -652,6 +797,27 @@ async function streamSSE(response, callbacks = {}) {
     context
   };
 }
+function formatStreamSummary(result, elapsedTime) {
+  const parts = [];
+  if (result.agentSteps.length > 0) {
+    let stepLabel = `${result.agentSteps.length} step${result.agentSteps.length === 1 ? "" : "s"}`;
+    if (result.toolCallCount > 0) {
+      stepLabel += ` (${result.toolCallCount} tool call${result.toolCallCount === 1 ? "" : "s"})`;
+    }
+    parts.push(stepLabel);
+  }
+  if (result.usage) {
+    parts.push(`${result.usage.total_tokens.toLocaleString()} tokens`);
+  }
+  if (result.context && result.context.context_window > 0) {
+    const used = result.context.all_llm_calls?.last_input_tokens ?? result.context.total_input;
+    parts.push(`${used.toLocaleString()}/${result.context.context_window.toLocaleString()} context`);
+  }
+  if (elapsedTime != null) {
+    parts.push(`${elapsedTime.toFixed(1)}s`);
+  }
+  return parts.length > 0 ? parts.join(" \xB7 ") : "";
+}
 var consumeSSEStream = streamSSE;
 var AUTH_TIMEOUT_MS = 1e4;
 var MAX_BACKOFF_MS = 3e4;
@@ -876,6 +1042,66 @@ function formatUserName(user) {
   return [user.given_name, user.family_name].filter(Boolean).join(" ");
 }
 
+// src/citations.ts
+function resolveCitations(metadata) {
+  if (!metadata?.tools) return [];
+  const tools = metadata.tools;
+  const modelCitations = tools.model_citations;
+  const citationMap = modelCitations?.tool_responses;
+  if (!citationMap || Object.keys(citationMap).length === 0) return [];
+  const chunkLookup = buildChunkLookup(tools);
+  const resolved = [];
+  for (const [citationNum, citationData] of Object.entries(citationMap)) {
+    const chunks = [];
+    for (const chunkId of citationData.chunk_ids ?? []) {
+      const chunk = chunkLookup.get(chunkId);
+      if (chunk) chunks.push(chunk);
+    }
+    resolved.push({ citationNum, citationData, chunks });
+  }
+  resolved.sort((a, b) => Number(a.citationNum) - Number(b.citationNum));
+  return resolved;
+}
+function summarizeCitations(resolved) {
+  return resolved.map((r) => {
+    const firstChunk = r.chunks[0];
+    return {
+      citationNum: r.citationNum,
+      statement: r.citationData.statement ?? "",
+      docTitle: firstChunk?.metadata?.doc_title ?? "Unknown document",
+      pageNumber: firstChunk?.metadata?.page_number ?? null,
+      chunkCount: r.chunks.length
+    };
+  });
+}
+function countCitations(metadata) {
+  if (!metadata?.tools) return 0;
+  const tools = metadata.tools;
+  const modelCitations = tools.model_citations;
+  const responses = modelCitations?.tool_responses;
+  return responses ? Object.keys(responses).length : 0;
+}
+function stripCitationMarkdown(text) {
+  return text.replace(/\[([^\]]+)\]\(#cite-(\d+)\)/g, "$1[$2]");
+}
+function buildChunkLookup(tools) {
+  const lookup = /* @__PURE__ */ new Map();
+  for (const toolName of ["retrieval_chunk", "retrieval_full_context"]) {
+    const tool = tools[toolName];
+    if (!tool?.tool_responses) continue;
+    for (const chunks of Object.values(tool.tool_responses)) {
+      if (!Array.isArray(chunks)) continue;
+      for (const chunk of chunks) {
+        const id = chunk.metadata?.chunk_ext_id;
+        if (id && !lookup.has(id)) {
+          lookup.set(id, chunk);
+        }
+      }
+    }
+  }
+  return lookup;
+}
+
 // src/operations/documents.ts
 var documents_exports = {};
 __export(documents_exports, {
@@ -1573,6 +1799,19 @@ var Arbi = class {
       lr.serverSessionKey,
       signingPrivateKeyBase64
     );
+    const workspaceKeyHeader = client.session.getWorkspaceKeyHeader();
+    if (workspaceKeyHeader) {
+      const { data: openResult, error: openError } = await client.fetch.POST(
+        "/v1/workspace/{workspace_ext_id}/open",
+        {
+          params: { path: { workspace_ext_id: ws.external_id } },
+          body: { workspace_key: workspaceKeyHeader }
+        }
+      );
+      if (!openError && openResult?.access_token) {
+        client.session.setAccessToken(openResult.access_token);
+      }
+    }
     this.currentWorkspaceId = ws.external_id;
   }
   /** Log out and clear internal state. */
@@ -1991,8 +2230,10 @@ exports.connectWithReconnect = connectWithReconnect;
 exports.consumeSSEStream = consumeSSEStream;
 exports.contacts = contacts_exports;
 exports.conversations = conversations_exports;
+exports.countCitations = countCitations;
 exports.createAuthenticatedClient = createAuthenticatedClient;
 exports.createDocumentWaiter = createDocumentWaiter;
+exports.deviceFlow = device_flow_exports;
 exports.dm = dm_exports;
 exports.doctags = doctags_exports;
 exports.documents = documents_exports;
@@ -2000,6 +2241,7 @@ exports.documentsNode = documents_node_exports;
 exports.files = files_exports;
 exports.formatAgentStepLabel = formatAgentStepLabel;
 exports.formatFileSize = formatFileSize;
+exports.formatStreamSummary = formatStreamSummary;
 exports.formatUserName = formatUserName;
 exports.formatWorkspaceChoices = formatWorkspaceChoices;
 exports.formatWsMessage = formatWsMessage;
@@ -2009,15 +2251,19 @@ exports.getErrorMessage = getErrorMessage;
 exports.health = health_exports;
 exports.parseSSEEvents = parseSSEEvents;
 exports.performPasswordLogin = performPasswordLogin;
+exports.performSsoDeviceFlowLogin = performSsoDeviceFlowLogin;
 exports.requireData = requireData;
 exports.requireOk = requireOk;
 exports.resolveAuth = resolveAuth;
+exports.resolveCitations = resolveCitations;
 exports.resolveWorkspace = resolveWorkspace;
 exports.responses = responses_exports;
 exports.selectWorkspace = selectWorkspace;
 exports.selectWorkspaceById = selectWorkspaceById;
 exports.settings = settings_exports;
 exports.streamSSE = streamSSE;
+exports.stripCitationMarkdown = stripCitationMarkdown;
+exports.summarizeCitations = summarizeCitations;
 exports.tags = tags_exports;
 exports.workspaces = workspaces_exports;
 //# sourceMappingURL=index.cjs.map