@astrale-os/sdk 0.1.8 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/define/remote-function.d.ts +14 -10
- package/dist/define/remote-function.d.ts.map +1 -1
- package/dist/define/remote-function.js.map +1 -1
- package/dist/define/view.d.ts +13 -9
- package/dist/define/view.d.ts.map +1 -1
- package/dist/define/view.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js.map +1 -1
- package/dist/method/context.d.ts +13 -3
- package/dist/method/context.d.ts.map +1 -1
- package/dist/method/index.d.ts +1 -1
- package/dist/method/index.d.ts.map +1 -1
- package/dist/method/single.d.ts +6 -5
- package/dist/method/single.d.ts.map +1 -1
- package/dist/method/single.js.map +1 -1
- package/package.json +1 -1
- package/src/define/remote-function.ts +14 -9
- package/src/define/view.ts +16 -9
- package/src/index.ts +1 -0
- package/src/method/context.ts +24 -3
- package/src/method/index.ts +1 -1
- package/src/method/single.ts +6 -5
|
@@ -18,18 +18,21 @@
|
|
|
18
18
|
import type { AuthPolicy, FunctionBinding } from '@astrale-os/kernel-api/routed';
|
|
19
19
|
import type { FnMap } from '@astrale-os/kernel-client';
|
|
20
20
|
import type { BoundClientSessionView } from '@astrale-os/kernel-client/session';
|
|
21
|
-
import type { AuthContext } from '@astrale-os/kernel-core';
|
|
22
21
|
import type { Context } from 'hono';
|
|
23
22
|
import type { z } from 'zod';
|
|
24
23
|
import type { CallRemoteFn } from '../dispatch/call-remote';
|
|
25
|
-
import type { KernelForAuth } from '../method/context';
|
|
26
|
-
export type RemoteFunctionContext<TParams, TDeps = unknown, TKernel = BoundClientSessionView<FnMap> | null> = {
|
|
24
|
+
import type { AuthForPolicy, KernelForAuth } from '../method/context';
|
|
25
|
+
export type RemoteFunctionContext<TParams, TDeps = unknown, TKernel = BoundClientSessionView<FnMap> | null, TAuth extends AuthPolicy = AuthPolicy> = {
|
|
27
26
|
/** Validated params (Zod-checked against `inputSchema`). */
|
|
28
27
|
params: TParams;
|
|
29
28
|
/** Hono request context — escape hatch for headers, raw body, etc. */
|
|
30
29
|
c: Context;
|
|
31
|
-
/**
|
|
32
|
-
|
|
30
|
+
/**
|
|
31
|
+
* Resolved auth context. Its nullability follows the function's `auth`
|
|
32
|
+
* policy: non-null for the default `'required'`, `... | null` for
|
|
33
|
+
* `'optional'`, and `null` for `'public'`.
|
|
34
|
+
*/
|
|
35
|
+
auth: AuthForPolicy<TAuth>;
|
|
33
36
|
/** Typed dependency container injected at server startup. */
|
|
34
37
|
deps: TDeps;
|
|
35
38
|
/**
|
|
@@ -83,15 +86,16 @@ export type RemoteFunctionDef<TParams = unknown, TResult = unknown, TDeps = unkn
|
|
|
83
86
|
binding?: FunctionBinding;
|
|
84
87
|
/**
|
|
85
88
|
* Authentication policy. Defaults to `'required'`. Captured as a literal type
|
|
86
|
-
* so it drives {@link KernelForAuth} on the
|
|
87
|
-
* omit it (or `'required'`)
|
|
88
|
-
* `'
|
|
89
|
+
* so it drives `ctx.auth` and {@link KernelForAuth} on the
|
|
90
|
+
* `execute`/`authorize` context: omit it (or `'required'`) makes both
|
|
91
|
+
* non-null; `'optional'` widens them to `... | null`; `'public'` makes them
|
|
92
|
+
* `null` (webhooks reach the graph via `ctx.selfKernel`).
|
|
89
93
|
*/
|
|
90
94
|
auth?: TAuth;
|
|
91
95
|
/** Optional pre-execute authorization. Throw to deny. */
|
|
92
|
-
authorize?: (ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth
|
|
96
|
+
authorize?: (ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth>, TAuth>) => void | Promise<void>;
|
|
93
97
|
/** The function body. May be async. */
|
|
94
|
-
execute: (ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth
|
|
98
|
+
execute: (ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth>, TAuth>) => TResult | Promise<TResult>;
|
|
95
99
|
/** Optional human-readable description. */
|
|
96
100
|
description?: string;
|
|
97
101
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote-function.d.ts","sourceRoot":"","sources":["../../src/define/remote-function.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAChF,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"remote-function.d.ts","sourceRoot":"","sources":["../../src/define/remote-function.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAChF,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AACnC,OAAO,KAAK,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAE5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAA;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AAErE,MAAM,MAAM,qBAAqB,CAC/B,OAAO,EACP,KAAK,GAAG,OAAO,EACf,OAAO,GAAG,sBAAsB,CAAC,KAAK,CAAC,GAAG,IAAI,EAC9C,KAAK,SAAS,UAAU,GAAG,UAAU,IACnC;IACF,4DAA4D;IAC5D,MAAM,EAAE,OAAO,CAAA;IACf,sEAAsE;IACtE,CAAC,EAAE,OAAO,CAAA;IACV;;;;OAIG;IACH,IAAI,EAAE,aAAa,CAAC,KAAK,CAAC,CAAA;IAC1B,6DAA6D;IAC7D,IAAI,EAAE,KAAK,CAAA;IACX;;;;;;;OAOG;IACH,MAAM,EAAE,OAAO,CAAA;IACf;;;;;OAKG;IACH,UAAU,EAAE,YAAY,CAAA;IACxB;;;;;;;;OAQG;IACH,UAAU,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC,CAAA;CAC3E,CAAA;AAED,MAAM,MAAM,iBAAiB,CAC3B,OAAO,GAAG,OAAO,EACjB,OAAO,GAAG,OAAO,EACjB,KAAK,GAAG,OAAO,EACf,KAAK,SAAS,UAAU,GAAG,UAAU,IACnC;IACF;;;;OAIG;IACH,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,4CAA4C;IAC5C,WAAW,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC/B,wCAAwC;IACxC,YAAY,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAChC;;;;;;;;;OASG;IACH,OAAO,CAAC,EAAE,eAAe,CAAA;IACzB;;;;;;OAMG;IACH,IAAI,CAAC,EAAE,KAAK,CAAA;IACZ,yDAAyD;IACzD,SAAS,CAAC,EAAE,CACV,GAAG,EAAE,qBAAqB,CAAC,OAAO,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC,KACpE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACzB,uCAAuC;IACvC,OAAO,EAAE,CACP,GAAG,EAAE,qBAAqB,CAAC,OAAO,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC,KACpE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAC/B,2CAA2C;IAC3C,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAMD,MAAM,MAAM,oBAAoB,GAAG,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAA;AAE/E;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,EACP,OAAO,EACP,KAAK,GAAG,OAAO,EACf,KAAK,SAAS,UAAU,GAAG,UAAU,EAErC,GAAG,EAAE,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,GACrD,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAEnD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote-function.js","sourceRoot":"","sources":["../../src/define/remote-function.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;
|
|
1
|
+
{"version":3,"file":"remote-function.js","sourceRoot":"","sources":["../../src/define/remote-function.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AA8GH;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAMlC,GAAsD;IAEtD,OAAO,GAAG,CAAA;AACZ,CAAC"}
|
package/dist/define/view.d.ts
CHANGED
|
@@ -20,10 +20,10 @@
|
|
|
20
20
|
import type { AuthPolicy, FunctionBinding } from '@astrale-os/kernel-api/routed';
|
|
21
21
|
import type { FnMap } from '@astrale-os/kernel-client';
|
|
22
22
|
import type { BoundClientSessionView } from '@astrale-os/kernel-client/session';
|
|
23
|
-
import type { AuthContext } from '@astrale-os/kernel-core';
|
|
24
23
|
import type { EdgeEndpoint } from '@astrale-os/kernel-dsl';
|
|
25
24
|
import type { Context } from 'hono';
|
|
26
|
-
|
|
25
|
+
import type { AuthForPolicy } from '../method/context';
|
|
26
|
+
export type ViewRenderContext<TDeps = unknown, TAuth extends AuthPolicy = AuthPolicy> = {
|
|
27
27
|
/** Hono request context — read params, headers, query, etc. */
|
|
28
28
|
c: Context;
|
|
29
29
|
/**
|
|
@@ -32,8 +32,12 @@ export type ViewRenderContext<TDeps = unknown> = {
|
|
|
32
32
|
* the binding has no placeholders.
|
|
33
33
|
*/
|
|
34
34
|
params: Record<string, string>;
|
|
35
|
-
/**
|
|
36
|
-
|
|
35
|
+
/**
|
|
36
|
+
* Resolved auth context. Its nullability follows the View's `auth` policy:
|
|
37
|
+
* non-null for `'required'`, `... | null` for `'optional'`, and `null` for
|
|
38
|
+
* `'public'`.
|
|
39
|
+
*/
|
|
40
|
+
auth: AuthForPolicy<TAuth>;
|
|
37
41
|
/** Typed dependency container injected at server startup. */
|
|
38
42
|
deps: TDeps;
|
|
39
43
|
/**
|
|
@@ -45,7 +49,7 @@ export type ViewRenderContext<TDeps = unknown> = {
|
|
|
45
49
|
*/
|
|
46
50
|
selfKernel: (kernelUrl?: string) => Promise<BoundClientSessionView<FnMap>>;
|
|
47
51
|
};
|
|
48
|
-
export type ViewDef<TDeps = unknown> = {
|
|
52
|
+
export type ViewDef<TDeps = unknown, TAuth extends AuthPolicy = AuthPolicy> = {
|
|
49
53
|
/**
|
|
50
54
|
* Override the binding (URL + route shape). When absent, SDK defaults to
|
|
51
55
|
* `{ remoteUrl: ${url}/<viewsFolder>/<slug> }`. The HTTP verb (GET for
|
|
@@ -65,18 +69,18 @@ export type ViewDef<TDeps = unknown> = {
|
|
|
65
69
|
*/
|
|
66
70
|
mount?: string;
|
|
67
71
|
/** Authentication policy. Defaults to `'required'`. */
|
|
68
|
-
auth?:
|
|
72
|
+
auth?: TAuth;
|
|
69
73
|
/**
|
|
70
74
|
* Optional pre-render authorization. Runs after auth resolution; throw to
|
|
71
75
|
* deny. SDK wraps as 403.
|
|
72
76
|
*/
|
|
73
|
-
authorize?: (ctx: ViewRenderContext<TDeps>) => void | Promise<void>;
|
|
77
|
+
authorize?: (ctx: ViewRenderContext<TDeps, TAuth>) => void | Promise<void>;
|
|
74
78
|
/**
|
|
75
79
|
* Render the iframe response. May return a redirect, a proxy, or inline
|
|
76
80
|
* HTML. When omitted, no worker route is mounted — the binding URL
|
|
77
81
|
* points elsewhere (CDN, external service).
|
|
78
82
|
*/
|
|
79
|
-
render?: (ctx: ViewRenderContext<TDeps>) => Response | Promise<Response>;
|
|
83
|
+
render?: (ctx: ViewRenderContext<TDeps, TAuth>) => Response | Promise<Response>;
|
|
80
84
|
/**
|
|
81
85
|
* Optional target(s) the View attaches to via `view_for` edge(s). Typically
|
|
82
86
|
* `selfOf(SomeClass)` to bind to a class meta-node, or a `CorePath`
|
|
@@ -92,5 +96,5 @@ export type ViewDef<TDeps = unknown> = {
|
|
|
92
96
|
* `defineRemoteDomain` consumes the typed shape and the author retains
|
|
93
97
|
* full type inference on `render` / `authorize`.
|
|
94
98
|
*/
|
|
95
|
-
export declare function defineView<TDeps = unknown>(def: ViewDef<TDeps>): ViewDef<TDeps>;
|
|
99
|
+
export declare function defineView<TDeps = unknown, TAuth extends AuthPolicy = 'required'>(def: ViewDef<TDeps, TAuth>): ViewDef<TDeps, TAuth>;
|
|
96
100
|
//# sourceMappingURL=view.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"view.d.ts","sourceRoot":"","sources":["../../src/define/view.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAChF,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"view.d.ts","sourceRoot":"","sources":["../../src/define/view.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAA;AAChF,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAA;AAC1D,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AAEnC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AAEtD,MAAM,MAAM,iBAAiB,CAAC,KAAK,GAAG,OAAO,EAAE,KAAK,SAAS,UAAU,GAAG,UAAU,IAAI;IACtF,+DAA+D;IAC/D,CAAC,EAAE,OAAO,CAAA;IACV;;;;OAIG;IACH,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC9B;;;;OAIG;IACH,IAAI,EAAE,aAAa,CAAC,KAAK,CAAC,CAAA;IAC1B,6DAA6D;IAC7D,IAAI,EAAE,KAAK,CAAA;IACX;;;;;;OAMG;IACH,UAAU,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC,CAAA;CAC3E,CAAA;AAED,MAAM,MAAM,OAAO,CAAC,KAAK,GAAG,OAAO,EAAE,KAAK,SAAS,UAAU,GAAG,UAAU,IAAI;IAC5E;;;;;;;;OAQG;IACH,OAAO,CAAC,EAAE,eAAe,CAAA;IACzB;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,uDAAuD;IACvD,IAAI,CAAC,EAAE,KAAK,CAAA;IACZ;;;OAGG;IACH,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC1E;;;;OAIG;IACH,MAAM,CAAC,EAAE,CAAC,GAAG,EAAE,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;IAC/E;;;;;OAKG;IACH,OAAO,CAAC,EAAE,YAAY,GAAG,YAAY,EAAE,CAAA;IACvC,2CAA2C;IAC3C,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED;;;;GAIG;AACH,wBAAgB,UAAU,CAAC,KAAK,GAAG,OAAO,EAAE,KAAK,SAAS,UAAU,GAAG,UAAU,EAC/E,GAAG,EAAE,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,GACzB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAEvB"}
|
package/dist/define/view.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"view.js","sourceRoot":"","sources":["../../src/define/view.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;
|
|
1
|
+
{"version":3,"file":"view.js","sourceRoot":"","sources":["../../src/define/view.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAgFH;;;;GAIG;AACH,MAAM,UAAU,UAAU,CACxB,GAA0B;IAE1B,OAAO,GAAG,CAAA;AACZ,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export type { Kernel, KernelForAuth, RemoteContext, RemoteHandler, MethodImpl, ClassMethodsImpl, InterfaceMethodsImpl, SchemaMethodsImpl, } from './method';
|
|
1
|
+
export type { AuthForPolicy, Kernel, KernelForAuth, RemoteContext, RemoteHandler, MethodImpl, ClassMethodsImpl, InterfaceMethodsImpl, SchemaMethodsImpl, } from './method';
|
|
2
2
|
export { remoteMethod, remoteClassMethods, remoteInterfaceMethods } from './method';
|
|
3
3
|
export { defineDomain, deploy, defineAdapter } from './config';
|
|
4
4
|
export type { ClientBinding, DefineDomainConfig, DomainDefinition, DeployConfig, AdapterSpec, DeployCtx, DeployResult, DomainAdapter, DomainInfo, WatchCtx, WatchHandle, } from './config';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,MAAM,EACN,aAAa,EACb,aAAa,EACb,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,MAAM,UAAU,CAAA;AAOnF,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAC9D,YAAY,EACV,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,SAAS,EACT,YAAY,EACZ,aAAa,EACb,UAAU,EACV,QAAQ,EACR,WAAW,GACZ,MAAM,UAAU,CAAA;AAGjB,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAUnE,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAA;AAC3D,YAAY,EAAE,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAcpG,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,YAAY,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAGzC,YAAY,EACV,UAAU,EACV,YAAY,EACZ,eAAe,EACf,gBAAgB,EAChB,sBAAsB,EACtB,UAAU,EACV,SAAS,EACT,UAAU,GACX,MAAM,+BAA+B,CAAA;AAGtC,YAAY,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,QAAQ,CAAA;AACtE,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,QAAQ,CAAA;AAChF,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAC3D,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AAClF,YAAY,EACV,WAAW,EACX,WAAW,EACX,aAAa,EACb,UAAU,EACV,UAAU,EACV,QAAQ,GACT,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AAGnD,OAAO,EAAE,aAAa,EAAE,KAAK,mBAAmB,EAAE,MAAM,YAAY,CAAA;AACpE,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,kBAAkB,EAClB,wBAAwB,GACzB,MAAM,YAAY,CAAA;AACnB,YAAY,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,aAAa,EACb,MAAM,EACN,aAAa,EACb,aAAa,EACb,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,MAAM,UAAU,CAAA;AAOnF,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAC9D,YAAY,EACV,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,SAAS,EACT,YAAY,EACZ,aAAa,EACb,UAAU,EACV,QAAQ,EACR,WAAW,GACZ,MAAM,UAAU,CAAA;AAGjB,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAUnE,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAA;AAC3D,YAAY,EAAE,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAcpG,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,YAAY,EAAE,IAAI,EAAE,MAAM,eAAe,CAAA;AAGzC,YAAY,EACV,UAAU,EACV,YAAY,EACZ,eAAe,EACf,gBAAgB,EAChB,sBAAsB,EACtB,UAAU,EACV,SAAS,EACT,UAAU,GACX,MAAM,+BAA+B,CAAA;AAGtC,YAAY,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,QAAQ,CAAA;AACtE,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,QAAQ,CAAA;AAChF,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAC3D,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AAClF,YAAY,EACV,WAAW,EACX,WAAW,EACX,aAAa,EACb,UAAU,EACV,UAAU,EACV,QAAQ,GACT,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AAGnD,OAAO,EAAE,aAAa,EAAE,KAAK,mBAAmB,EAAE,MAAM,YAAY,CAAA;AACpE,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,kBAAkB,EAClB,wBAAwB,GACzB,MAAM,YAAY,CAAA;AACnB,YAAY,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA"}
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAYA,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,MAAM,UAAU,CAAA;AAEnF,4EAA4E;AAC5E,6EAA6E;AAC7E,+EAA+E;AAC/E,6EAA6E;AAC7E,qEAAqE;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAe9D,4EAA4E;AAC5E,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAEnE,4EAA4E;AAC5E,6EAA6E;AAC7E,4EAA4E;AAC5E,0EAA0E;AAC1E,6EAA6E;AAC7E,yEAAyE;AACzE,8EAA8E;AAC9E,wBAAwB;AACxB,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAA;AAG3D,4EAA4E;AAC5E,qFAAqF;AACrF,wEAAwE;AACxE,6EAA6E;AAC7E,wEAAwE;AACxE,yDAAyD;AAEzD,4EAA4E;AAC5E,yEAAyE;AACzE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAiB1C,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,QAAQ,CAAA;AAChF,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAA;AAC3D,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AASlF,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AAEnD,4EAA4E;AAC5E,OAAO,EAAE,aAAa,EAA4B,MAAM,YAAY,CAAA;AACpE,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,kBAAkB,EAClB,wBAAwB,GACzB,MAAM,YAAY,CAAA"}
|
package/dist/method/context.d.ts
CHANGED
|
@@ -34,11 +34,21 @@ export type Kernel = BoundClientSessionView<FnMap>;
|
|
|
34
34
|
* pre-conditional behaviour.
|
|
35
35
|
*/
|
|
36
36
|
export type KernelForAuth<TAuth extends AuthPolicy> = TAuth extends 'public' ? null : TAuth extends 'optional' ? Kernel | null : Kernel;
|
|
37
|
-
|
|
37
|
+
/**
|
|
38
|
+
* The resolved auth context a handler receives, derived from its declared
|
|
39
|
+
* `auth` policy. Mirrors {@link KernelForAuth}: required methods have a
|
|
40
|
+
* verified auth context, optional/public methods encode the nullable cases.
|
|
41
|
+
*/
|
|
42
|
+
export type AuthForPolicy<TAuth extends AuthPolicy> = TAuth extends 'public' ? null : TAuth extends 'optional' ? AuthContext | null : AuthContext;
|
|
43
|
+
export type RemoteContext<TParams, TSelf, TDeps, TKernel = Kernel | null, TAuth extends AuthPolicy = AuthPolicy> = {
|
|
38
44
|
/** Validated params (Zod-checked against the method's `inputSchema`). */
|
|
39
45
|
params: TParams;
|
|
40
|
-
/**
|
|
41
|
-
|
|
46
|
+
/**
|
|
47
|
+
* Auth context resolved from the inbound delegation credential. Its
|
|
48
|
+
* nullability follows the method's `auth` policy: non-null for the default
|
|
49
|
+
* `'required'`, `... | null` for `'optional'`, and `null` for `'public'`.
|
|
50
|
+
*/
|
|
51
|
+
auth: AuthForPolicy<TAuth>;
|
|
42
52
|
/** Bound node instance — `undefined` for static methods. */
|
|
43
53
|
self: TSelf;
|
|
44
54
|
/** Typed dependency container injected at server startup. */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/method/context.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC/D,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;AAE1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAA;AAE3D;;;;;;;GAOG;AACH,MAAM,MAAM,MAAM,GAAG,sBAAsB,CAAC,KAAK,CAAC,CAAA;AAElD;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,UAAU,IAAI,KAAK,SAAS,QAAQ,GACxE,IAAI,GACJ,KAAK,SAAS,UAAU,GACtB,MAAM,GAAG,IAAI,GACb,MAAM,CAAA;AAEZ,MAAM,MAAM,aAAa,CAAC,OAAO,
|
|
1
|
+
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/method/context.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC/D,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;AAE1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAA;AAE3D;;;;;;;GAOG;AACH,MAAM,MAAM,MAAM,GAAG,sBAAsB,CAAC,KAAK,CAAC,CAAA;AAElD;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,UAAU,IAAI,KAAK,SAAS,QAAQ,GACxE,IAAI,GACJ,KAAK,SAAS,UAAU,GACtB,MAAM,GAAG,IAAI,GACb,MAAM,CAAA;AAEZ;;;;GAIG;AACH,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,UAAU,IAAI,KAAK,SAAS,QAAQ,GACxE,IAAI,GACJ,KAAK,SAAS,UAAU,GACtB,WAAW,GAAG,IAAI,GAClB,WAAW,CAAA;AAEjB,MAAM,MAAM,aAAa,CACvB,OAAO,EACP,KAAK,EACL,KAAK,EACL,OAAO,GAAG,MAAM,GAAG,IAAI,EACvB,KAAK,SAAS,UAAU,GAAG,UAAU,IACnC;IACF,yEAAyE;IACzE,MAAM,EAAE,OAAO,CAAA;IACf;;;;OAIG;IACH,IAAI,EAAE,aAAa,CAAC,KAAK,CAAC,CAAA;IAC1B,4DAA4D;IAC5D,IAAI,EAAE,KAAK,CAAA;IACX,6DAA6D;IAC7D,IAAI,EAAE,KAAK,CAAA;IACX,mCAAmC;IACnC,GAAG,EAAE,MAAM,CAAA;IACX;;;;;;;;OAQG;IACH,MAAM,EAAE,OAAO,CAAA;IACf;;;;;;;OAOG;IACH,UAAU,EAAE,YAAY,CAAA;CACzB,CAAA"}
|
package/dist/method/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export type { Kernel, KernelForAuth, RemoteContext } from './context';
|
|
1
|
+
export type { AuthForPolicy, Kernel, KernelForAuth, RemoteContext } from './context';
|
|
2
2
|
export type { RemoteHandler, AnyRemoteHandler, MethodImpl } from './single';
|
|
3
3
|
export { remoteMethod } from './single';
|
|
4
4
|
export type { ClassMethodsImpl, InterfaceMethodsImpl, SchemaMethodsImpl } from './class';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/method/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,MAAM,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/method/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AACpF,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AACvC,YAAY,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA;AACxF,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,MAAM,SAAS,CAAA"}
|
package/dist/method/single.d.ts
CHANGED
|
@@ -29,7 +29,7 @@ import type { KernelForAuth, RemoteContext } from './context';
|
|
|
29
29
|
*/
|
|
30
30
|
export type RemoteHandler<TParams, TResult, TSelf, TDeps, TAuth extends AuthPolicy = 'required'> = {
|
|
31
31
|
/** The handler body. May be async or an async generator (for `output: 'stream'`). */
|
|
32
|
-
execute?: (ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth
|
|
32
|
+
execute?: (ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth>, TAuth>) => TResult | Promise<TResult> | AsyncGenerator<TResult>;
|
|
33
33
|
/**
|
|
34
34
|
* Optional REST binding — attaches a native HTTP route to this method.
|
|
35
35
|
* Uses the kernel's canonical `RouteBinding` type directly.
|
|
@@ -45,9 +45,10 @@ export type RemoteHandler<TParams, TResult, TSelf, TDeps, TAuth extends AuthPoli
|
|
|
45
45
|
description?: string;
|
|
46
46
|
/**
|
|
47
47
|
* Authentication policy. Defaults to `'required'` when absent. Captured as a
|
|
48
|
-
* literal type so it drives {@link KernelForAuth} on the
|
|
49
|
-
* context: omit it (or set `'required'`) and
|
|
50
|
-
* `
|
|
48
|
+
* literal type so it drives `ctx.auth` and {@link KernelForAuth} on the
|
|
49
|
+
* `execute`/`authorize` context: omit it (or set `'required'`) and both
|
|
50
|
+
* `ctx.auth` and `ctx.kernel` are non-null; `'optional'` widens them to
|
|
51
|
+
* `... | null`; `'public'` makes both `null`.
|
|
51
52
|
*/
|
|
52
53
|
auth?: TAuth;
|
|
53
54
|
/**
|
|
@@ -64,7 +65,7 @@ export type RemoteHandler<TParams, TResult, TSelf, TDeps, TAuth extends AuthPoli
|
|
|
64
65
|
* The kernel still enforces `has_perm` independently — `authorize` is
|
|
65
66
|
* additive ergonomic gating on top, not a replacement.
|
|
66
67
|
*/
|
|
67
|
-
authorize?: (ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth
|
|
68
|
+
authorize?: (ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth>, TAuth>) => void | Promise<void>;
|
|
68
69
|
};
|
|
69
70
|
export type AnyRemoteHandler = RemoteHandler<any, any, any, any, AuthPolicy>;
|
|
70
71
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"single.d.ts","sourceRoot":"","sources":["../../src/method/single.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAA;AAC7E,OAAO,KAAK,EACV,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACd,MAAM,gCAAgC,CAAA;AACvC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAA;AAEpD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AAE7D;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,SAAS,UAAU,GAAG,UAAU,IAAI;IACjG,qFAAqF;IACrF,OAAO,CAAC,EAAE,CACR,GAAG,EAAE,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"single.d.ts","sourceRoot":"","sources":["../../src/method/single.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAA;AAC7E,OAAO,KAAK,EACV,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACd,MAAM,gCAAgC,CAAA;AACvC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAA;AAEpD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AAE7D;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,SAAS,UAAU,GAAG,UAAU,IAAI;IACjG,qFAAqF;IACrF,OAAO,CAAC,EAAE,CACR,GAAG,EAAE,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC,KACnE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,CAAA;IACzD;;;OAGG;IACH,KAAK,CAAC,EAAE,YAAY,CAAA;IACpB;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,sEAAsE;IACtE,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB;;;;;;OAMG;IACH,IAAI,CAAC,EAAE,KAAK,CAAA;IACZ;;;;;;;;;;;;;OAaG;IACH,SAAS,CAAC,EAAE,CACV,GAAG,EAAE,aAAa,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC,KACnE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CAC1B,CAAA;AAOD,MAAM,MAAM,gBAAgB,GAAG,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAA;AAE5E;;;GAGG;AACH,MAAM,MAAM,UAAU,CACpB,CAAC,SAAS,MAAM,EAChB,CAAC,SAAS,eAAe,CAAC,CAAC,CAAC,GAAG,MAAM,EACrC,CAAC,SAAS,MAAM,EAChB,KAAK,GAAG,OAAO,EACf,KAAK,SAAS,UAAU,GAAG,UAAU,IAErC,iBAAiB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,SAAS;IACjC,MAAM,EAAE,MAAM,CAAC,CAAA;IACf,MAAM,EAAE,MAAM,CAAC,CAAA;IACf,IAAI,EAAE,OAAO,CAAA;IACb,QAAQ,EAAE,MAAM,EAAE,CAAA;CACnB,GACG,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,SAAS,IAAI,GAAG,SAAS,GAAG,UAAU,EAAE,KAAK,EAAE,KAAK,CAAC,GAC3E,KAAK,CAAA;AAEX,KAAK,uBAAuB,CAAC,CAAC,SAAS,MAAM,EAAE,CAAC,SAAS,eAAe,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI,CACpF,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,GACnB,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,CAC5B,GACC,MAAM,CAAA;AAER;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAAC,KAAK,KAAK,CACrC,CAAC,SAAS,MAAM,EAChB,CAAC,SAAS,eAAe,CAAC,CAAC,CAAC,GAAG,MAAM,EACrC,CAAC,SAAS,uBAAuB,CAAC,CAAC,EAAE,CAAC,CAAC,EACvC,KAAK,SAAS,UAAU,GAAG,UAAU,EAErC,MAAM,EAAE,CAAC,EACT,SAAS,EAAE,CAAC,EACZ,UAAU,EAAE,CAAC,EACb,IAAI,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,KACpC,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;AACtC,wBAAgB,YAAY,CAC1B,CAAC,SAAS,MAAM,EAChB,CAAC,SAAS,eAAe,CAAC,CAAC,CAAC,GAAG,MAAM,EACrC,CAAC,SAAS,uBAAuB,CAAC,CAAC,EAAE,CAAC,CAAC,EACvC,KAAK,SAAS,UAAU,GAAG,UAAU,EAErC,MAAM,EAAE,CAAC,EACT,SAAS,EAAE,CAAC,EACZ,UAAU,EAAE,CAAC,EACb,IAAI,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,GACxC,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"single.js","sourceRoot":"","sources":["../../src/method/single.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"single.js","sourceRoot":"","sources":["../../src/method/single.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAwIH,MAAM,UAAU,YAAY,CAAC,GAAG,IAAe;IAC7C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IAClD,CAAC;IAED,OAAO,IAAI,CAAC,CAAC,CAAC,CAAA;AAChB,CAAC"}
|
package/package.json
CHANGED
|
@@ -19,24 +19,28 @@
|
|
|
19
19
|
import type { AuthPolicy, FunctionBinding } from '@astrale-os/kernel-api/routed'
|
|
20
20
|
import type { FnMap } from '@astrale-os/kernel-client'
|
|
21
21
|
import type { BoundClientSessionView } from '@astrale-os/kernel-client/session'
|
|
22
|
-
import type { AuthContext } from '@astrale-os/kernel-core'
|
|
23
22
|
import type { Context } from 'hono'
|
|
24
23
|
import type { z } from 'zod'
|
|
25
24
|
|
|
26
25
|
import type { CallRemoteFn } from '../dispatch/call-remote'
|
|
27
|
-
import type { KernelForAuth } from '../method/context'
|
|
26
|
+
import type { AuthForPolicy, KernelForAuth } from '../method/context'
|
|
28
27
|
|
|
29
28
|
export type RemoteFunctionContext<
|
|
30
29
|
TParams,
|
|
31
30
|
TDeps = unknown,
|
|
32
31
|
TKernel = BoundClientSessionView<FnMap> | null,
|
|
32
|
+
TAuth extends AuthPolicy = AuthPolicy,
|
|
33
33
|
> = {
|
|
34
34
|
/** Validated params (Zod-checked against `inputSchema`). */
|
|
35
35
|
params: TParams
|
|
36
36
|
/** Hono request context — escape hatch for headers, raw body, etc. */
|
|
37
37
|
c: Context
|
|
38
|
-
/**
|
|
39
|
-
|
|
38
|
+
/**
|
|
39
|
+
* Resolved auth context. Its nullability follows the function's `auth`
|
|
40
|
+
* policy: non-null for the default `'required'`, `... | null` for
|
|
41
|
+
* `'optional'`, and `null` for `'public'`.
|
|
42
|
+
*/
|
|
43
|
+
auth: AuthForPolicy<TAuth>
|
|
40
44
|
/** Typed dependency container injected at server startup. */
|
|
41
45
|
deps: TDeps
|
|
42
46
|
/**
|
|
@@ -96,18 +100,19 @@ export type RemoteFunctionDef<
|
|
|
96
100
|
binding?: FunctionBinding
|
|
97
101
|
/**
|
|
98
102
|
* Authentication policy. Defaults to `'required'`. Captured as a literal type
|
|
99
|
-
* so it drives {@link KernelForAuth} on the
|
|
100
|
-
* omit it (or `'required'`)
|
|
101
|
-
* `'
|
|
103
|
+
* so it drives `ctx.auth` and {@link KernelForAuth} on the
|
|
104
|
+
* `execute`/`authorize` context: omit it (or `'required'`) makes both
|
|
105
|
+
* non-null; `'optional'` widens them to `... | null`; `'public'` makes them
|
|
106
|
+
* `null` (webhooks reach the graph via `ctx.selfKernel`).
|
|
102
107
|
*/
|
|
103
108
|
auth?: TAuth
|
|
104
109
|
/** Optional pre-execute authorization. Throw to deny. */
|
|
105
110
|
authorize?: (
|
|
106
|
-
ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth
|
|
111
|
+
ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth>, TAuth>,
|
|
107
112
|
) => void | Promise<void>
|
|
108
113
|
/** The function body. May be async. */
|
|
109
114
|
execute: (
|
|
110
|
-
ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth
|
|
115
|
+
ctx: RemoteFunctionContext<TParams, TDeps, KernelForAuth<TAuth>, TAuth>,
|
|
111
116
|
) => TResult | Promise<TResult>
|
|
112
117
|
/** Optional human-readable description. */
|
|
113
118
|
description?: string
|
package/src/define/view.ts
CHANGED
|
@@ -21,11 +21,12 @@
|
|
|
21
21
|
import type { AuthPolicy, FunctionBinding } from '@astrale-os/kernel-api/routed'
|
|
22
22
|
import type { FnMap } from '@astrale-os/kernel-client'
|
|
23
23
|
import type { BoundClientSessionView } from '@astrale-os/kernel-client/session'
|
|
24
|
-
import type { AuthContext } from '@astrale-os/kernel-core'
|
|
25
24
|
import type { EdgeEndpoint } from '@astrale-os/kernel-dsl'
|
|
26
25
|
import type { Context } from 'hono'
|
|
27
26
|
|
|
28
|
-
|
|
27
|
+
import type { AuthForPolicy } from '../method/context'
|
|
28
|
+
|
|
29
|
+
export type ViewRenderContext<TDeps = unknown, TAuth extends AuthPolicy = AuthPolicy> = {
|
|
29
30
|
/** Hono request context — read params, headers, query, etc. */
|
|
30
31
|
c: Context
|
|
31
32
|
/**
|
|
@@ -34,8 +35,12 @@ export type ViewRenderContext<TDeps = unknown> = {
|
|
|
34
35
|
* the binding has no placeholders.
|
|
35
36
|
*/
|
|
36
37
|
params: Record<string, string>
|
|
37
|
-
/**
|
|
38
|
-
|
|
38
|
+
/**
|
|
39
|
+
* Resolved auth context. Its nullability follows the View's `auth` policy:
|
|
40
|
+
* non-null for `'required'`, `... | null` for `'optional'`, and `null` for
|
|
41
|
+
* `'public'`.
|
|
42
|
+
*/
|
|
43
|
+
auth: AuthForPolicy<TAuth>
|
|
39
44
|
/** Typed dependency container injected at server startup. */
|
|
40
45
|
deps: TDeps
|
|
41
46
|
/**
|
|
@@ -48,7 +53,7 @@ export type ViewRenderContext<TDeps = unknown> = {
|
|
|
48
53
|
selfKernel: (kernelUrl?: string) => Promise<BoundClientSessionView<FnMap>>
|
|
49
54
|
}
|
|
50
55
|
|
|
51
|
-
export type ViewDef<TDeps = unknown> = {
|
|
56
|
+
export type ViewDef<TDeps = unknown, TAuth extends AuthPolicy = AuthPolicy> = {
|
|
52
57
|
/**
|
|
53
58
|
* Override the binding (URL + route shape). When absent, SDK defaults to
|
|
54
59
|
* `{ remoteUrl: ${url}/<viewsFolder>/<slug> }`. The HTTP verb (GET for
|
|
@@ -68,18 +73,18 @@ export type ViewDef<TDeps = unknown> = {
|
|
|
68
73
|
*/
|
|
69
74
|
mount?: string
|
|
70
75
|
/** Authentication policy. Defaults to `'required'`. */
|
|
71
|
-
auth?:
|
|
76
|
+
auth?: TAuth
|
|
72
77
|
/**
|
|
73
78
|
* Optional pre-render authorization. Runs after auth resolution; throw to
|
|
74
79
|
* deny. SDK wraps as 403.
|
|
75
80
|
*/
|
|
76
|
-
authorize?: (ctx: ViewRenderContext<TDeps>) => void | Promise<void>
|
|
81
|
+
authorize?: (ctx: ViewRenderContext<TDeps, TAuth>) => void | Promise<void>
|
|
77
82
|
/**
|
|
78
83
|
* Render the iframe response. May return a redirect, a proxy, or inline
|
|
79
84
|
* HTML. When omitted, no worker route is mounted — the binding URL
|
|
80
85
|
* points elsewhere (CDN, external service).
|
|
81
86
|
*/
|
|
82
|
-
render?: (ctx: ViewRenderContext<TDeps>) => Response | Promise<Response>
|
|
87
|
+
render?: (ctx: ViewRenderContext<TDeps, TAuth>) => Response | Promise<Response>
|
|
83
88
|
/**
|
|
84
89
|
* Optional target(s) the View attaches to via `view_for` edge(s). Typically
|
|
85
90
|
* `selfOf(SomeClass)` to bind to a class meta-node, or a `CorePath`
|
|
@@ -96,6 +101,8 @@ export type ViewDef<TDeps = unknown> = {
|
|
|
96
101
|
* `defineRemoteDomain` consumes the typed shape and the author retains
|
|
97
102
|
* full type inference on `render` / `authorize`.
|
|
98
103
|
*/
|
|
99
|
-
export function defineView<TDeps = unknown
|
|
104
|
+
export function defineView<TDeps = unknown, TAuth extends AuthPolicy = 'required'>(
|
|
105
|
+
def: ViewDef<TDeps, TAuth>,
|
|
106
|
+
): ViewDef<TDeps, TAuth> {
|
|
100
107
|
return def
|
|
101
108
|
}
|
package/src/index.ts
CHANGED
package/src/method/context.ts
CHANGED
|
@@ -43,11 +43,32 @@ export type KernelForAuth<TAuth extends AuthPolicy> = TAuth extends 'public'
|
|
|
43
43
|
? Kernel | null
|
|
44
44
|
: Kernel
|
|
45
45
|
|
|
46
|
-
|
|
46
|
+
/**
|
|
47
|
+
* The resolved auth context a handler receives, derived from its declared
|
|
48
|
+
* `auth` policy. Mirrors {@link KernelForAuth}: required methods have a
|
|
49
|
+
* verified auth context, optional/public methods encode the nullable cases.
|
|
50
|
+
*/
|
|
51
|
+
export type AuthForPolicy<TAuth extends AuthPolicy> = TAuth extends 'public'
|
|
52
|
+
? null
|
|
53
|
+
: TAuth extends 'optional'
|
|
54
|
+
? AuthContext | null
|
|
55
|
+
: AuthContext
|
|
56
|
+
|
|
57
|
+
export type RemoteContext<
|
|
58
|
+
TParams,
|
|
59
|
+
TSelf,
|
|
60
|
+
TDeps,
|
|
61
|
+
TKernel = Kernel | null,
|
|
62
|
+
TAuth extends AuthPolicy = AuthPolicy,
|
|
63
|
+
> = {
|
|
47
64
|
/** Validated params (Zod-checked against the method's `inputSchema`). */
|
|
48
65
|
params: TParams
|
|
49
|
-
/**
|
|
50
|
-
|
|
66
|
+
/**
|
|
67
|
+
* Auth context resolved from the inbound delegation credential. Its
|
|
68
|
+
* nullability follows the method's `auth` policy: non-null for the default
|
|
69
|
+
* `'required'`, `... | null` for `'optional'`, and `null` for `'public'`.
|
|
70
|
+
*/
|
|
71
|
+
auth: AuthForPolicy<TAuth>
|
|
51
72
|
/** Bound node instance — `undefined` for static methods. */
|
|
52
73
|
self: TSelf
|
|
53
74
|
/** Typed dependency container injected at server startup. */
|
package/src/method/index.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export type { Kernel, KernelForAuth, RemoteContext } from './context'
|
|
1
|
+
export type { AuthForPolicy, Kernel, KernelForAuth, RemoteContext } from './context'
|
|
2
2
|
export type { RemoteHandler, AnyRemoteHandler, MethodImpl } from './single'
|
|
3
3
|
export { remoteMethod } from './single'
|
|
4
4
|
export type { ClassMethodsImpl, InterfaceMethodsImpl, SchemaMethodsImpl } from './class'
|
package/src/method/single.ts
CHANGED
|
@@ -38,7 +38,7 @@ import type { KernelForAuth, RemoteContext } from './context'
|
|
|
38
38
|
export type RemoteHandler<TParams, TResult, TSelf, TDeps, TAuth extends AuthPolicy = 'required'> = {
|
|
39
39
|
/** The handler body. May be async or an async generator (for `output: 'stream'`). */
|
|
40
40
|
execute?: (
|
|
41
|
-
ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth
|
|
41
|
+
ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth>, TAuth>,
|
|
42
42
|
) => TResult | Promise<TResult> | AsyncGenerator<TResult>
|
|
43
43
|
/**
|
|
44
44
|
* Optional REST binding — attaches a native HTTP route to this method.
|
|
@@ -55,9 +55,10 @@ export type RemoteHandler<TParams, TResult, TSelf, TDeps, TAuth extends AuthPoli
|
|
|
55
55
|
description?: string
|
|
56
56
|
/**
|
|
57
57
|
* Authentication policy. Defaults to `'required'` when absent. Captured as a
|
|
58
|
-
* literal type so it drives {@link KernelForAuth} on the
|
|
59
|
-
* context: omit it (or set `'required'`) and
|
|
60
|
-
* `
|
|
58
|
+
* literal type so it drives `ctx.auth` and {@link KernelForAuth} on the
|
|
59
|
+
* `execute`/`authorize` context: omit it (or set `'required'`) and both
|
|
60
|
+
* `ctx.auth` and `ctx.kernel` are non-null; `'optional'` widens them to
|
|
61
|
+
* `... | null`; `'public'` makes both `null`.
|
|
61
62
|
*/
|
|
62
63
|
auth?: TAuth
|
|
63
64
|
/**
|
|
@@ -75,7 +76,7 @@ export type RemoteHandler<TParams, TResult, TSelf, TDeps, TAuth extends AuthPoli
|
|
|
75
76
|
* additive ergonomic gating on top, not a replacement.
|
|
76
77
|
*/
|
|
77
78
|
authorize?: (
|
|
78
|
-
ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth
|
|
79
|
+
ctx: RemoteContext<TParams, TSelf, TDeps, KernelForAuth<TAuth>, TAuth>,
|
|
79
80
|
) => void | Promise<void>
|
|
80
81
|
}
|
|
81
82
|
|