@audiodn/agent-kit 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +74 -0
- package/assets/content/instructions.md +48 -0
- package/assets/content/partials/auth.md +17 -0
- package/assets/content/partials/compatibility.md +10 -0
- package/assets/content/partials/playback.md +14 -0
- package/assets/content/partials/processing.md +17 -0
- package/assets/content/partials/security.md +14 -0
- package/assets/content/partials/upload.md +17 -0
- package/assets/content/partials/webhooks.md +13 -0
- package/assets/skill/SKILL.md +52 -0
- package/assets/skill/references/authentication.md +27 -0
- package/assets/skill/references/playback.md +29 -0
- package/assets/skill/references/processing.md +23 -0
- package/assets/skill/references/security.md +30 -0
- package/assets/skill/references/upload-flow.md +29 -0
- package/assets/skill/references/webhooks.md +19 -0
- package/assets/skill/scripts/known-endpoints.json +28 -0
- package/assets/skill/scripts/validate.mjs +287 -0
- package/assets/skill/templates/cloudflare-worker.md +39 -0
- package/assets/skill/templates/nextjs.md +47 -0
- package/assets/skill/templates/node-server.md +44 -0
- package/assets/skill/templates/vue-nuxt.md +49 -0
- package/assets/snapshots/llms-full.txt +347 -0
- package/assets/snapshots/openapi.json +1416 -0
- package/assets/snapshots/sources.json +19 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +101 -0
- package/dist/commands/init.d.ts +8 -0
- package/dist/commands/init.js +35 -0
- package/dist/commands/list.d.ts +1 -0
- package/dist/commands/list.js +28 -0
- package/dist/commands/uninstall.d.ts +6 -0
- package/dist/commands/uninstall.js +20 -0
- package/dist/commands/validate.d.ts +5 -0
- package/dist/commands/validate.js +18 -0
- package/dist/core/formats.d.ts +23 -0
- package/dist/core/formats.js +43 -0
- package/dist/core/fsutil.d.ts +5 -0
- package/dist/core/fsutil.js +34 -0
- package/dist/core/install.d.ts +16 -0
- package/dist/core/install.js +76 -0
- package/dist/core/markers.d.ts +5 -0
- package/dist/core/markers.js +13 -0
- package/dist/core/merge.d.ts +21 -0
- package/dist/core/merge.js +38 -0
- package/dist/core/prompt.d.ts +2 -0
- package/dist/core/prompt.js +23 -0
- package/dist/core/render.d.ts +5 -0
- package/dist/core/render.js +21 -0
- package/dist/core/report.d.ts +10 -0
- package/dist/core/report.js +35 -0
- package/dist/core/skill.d.ts +13 -0
- package/dist/core/skill.js +117 -0
- package/dist/paths.d.ts +5 -0
- package/dist/paths.js +10 -0
- package/dist/version.d.ts +1 -0
- package/dist/version.js +12 -0
- package/package.json +61 -0
package/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) AudioDN
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
package/README.md
ADDED
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
# @audiodn/agent-kit
|
|
2
|
+
|
|
3
|
+
Install AudioDN-specific guidance for AI coding agents into any repository, and
|
|
4
|
+
validate AudioDN integrations for common mistakes.
|
|
5
|
+
|
|
6
|
+
```bash
|
|
7
|
+
npx @audiodn/agent-kit init
|
|
8
|
+
```
|
|
9
|
+
|
|
10
|
+
## What it installs
|
|
11
|
+
|
|
12
|
+
`init` writes guidance in the formats you select. All installs are **merge-safe**
|
|
13
|
+
(they never clobber your own content) and **idempotent** (re-running reports
|
|
14
|
+
`unchanged`):
|
|
15
|
+
|
|
16
|
+
- `AGENTS.md`
|
|
17
|
+
- `CLAUDE.md`
|
|
18
|
+
- `.github/copilot-instructions.md`
|
|
19
|
+
- `.cursor/rules/audiodn.mdc`
|
|
20
|
+
- `.agents/skills/audiodn/` — a portable Skill (references, framework templates, and a validator)
|
|
21
|
+
|
|
22
|
+
Kit-owned content lives inside a managed block:
|
|
23
|
+
|
|
24
|
+
```
|
|
25
|
+
<!-- AUDIODN:BEGIN v0.1.0 (managed by @audiodn/agent-kit — do not edit inside) -->
|
|
26
|
+
...
|
|
27
|
+
<!-- AUDIODN:END -->
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
Anything outside that block is yours and is preserved.
|
|
31
|
+
|
|
32
|
+
## Commands
|
|
33
|
+
|
|
34
|
+
```bash
|
|
35
|
+
npx @audiodn/agent-kit init # interactive
|
|
36
|
+
npx @audiodn/agent-kit init --yes # non-interactive (all formats)
|
|
37
|
+
npx @audiodn/agent-kit init --formats agents,cursor,skill
|
|
38
|
+
npx @audiodn/agent-kit init --dry-run # preview, no writes
|
|
39
|
+
npx @audiodn/agent-kit init --force # overwrite unmanaged conflicts
|
|
40
|
+
|
|
41
|
+
npx @audiodn/agent-kit validate [path] # scan a project for AudioDN mistakes
|
|
42
|
+
npx @audiodn/agent-kit validate . --json
|
|
43
|
+
|
|
44
|
+
npx @audiodn/agent-kit uninstall # remove managed blocks / kit files only
|
|
45
|
+
npx @audiodn/agent-kit list # show formats + bundled doc versions
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
## What the validator catches
|
|
49
|
+
|
|
50
|
+
Server API key exposed to client code, invented endpoints, a missing per-track
|
|
51
|
+
upload request, treating an upload URL as permanent, playback before processing
|
|
52
|
+
is ready, hardcoded secrets, incorrect API origin, and obsolete documentation
|
|
53
|
+
URLs. See [`assets/skill/references/security.md`](assets/skill/references/security.md).
|
|
54
|
+
|
|
55
|
+
## Canonical sources
|
|
56
|
+
|
|
57
|
+
Guidance and the bundled OpenAPI snapshot derive from the public AudioDN docs
|
|
58
|
+
(`https://audiodeliverynetwork.com/openapi.json`, `/llms-full.txt`). The snapshot
|
|
59
|
+
is refreshed by `npm run sync` and pinned in
|
|
60
|
+
[`assets/snapshots/sources.json`](assets/snapshots/sources.json). This repository
|
|
61
|
+
never depends on the AudioDN monorepo; it only reads the public site.
|
|
62
|
+
|
|
63
|
+
## Development
|
|
64
|
+
|
|
65
|
+
```bash
|
|
66
|
+
npm install
|
|
67
|
+
npm run build # tsc -> dist
|
|
68
|
+
npm test # vitest
|
|
69
|
+
npm run smoke # build + init into a temp dir + validate
|
|
70
|
+
```
|
|
71
|
+
|
|
72
|
+
## License
|
|
73
|
+
|
|
74
|
+
MIT
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# AudioDN integration guide for coding agents
|
|
2
|
+
|
|
3
|
+
This project uses (or integrates with) **AudioDN** (Audio Delivery Network).
|
|
4
|
+
AudioDN handles audio **upload, processing, normalization, variants, previews,
|
|
5
|
+
waveforms, secure delivery, and playback**. Follow this guidance whenever you
|
|
6
|
+
write or review code that touches AudioDN.
|
|
7
|
+
|
|
8
|
+
## Golden rules
|
|
9
|
+
|
|
10
|
+
1. **Never put server API credentials in browser or mobile code.** API Access
|
|
11
|
+
keys (Bearer tokens) belong only on a server you control. Client-side keys
|
|
12
|
+
may be used **only** where AudioDN specifically supports them (e.g. a
|
|
13
|
+
Client-Side Player/Uploader key for components).
|
|
14
|
+
2. **Never invent endpoints, fields, or parameters.** Verify every operation
|
|
15
|
+
against the canonical OpenAPI document:
|
|
16
|
+
`https://audiodeliverynetwork.com/openapi.json`.
|
|
17
|
+
3. **Creating an upload session is not the whole upload flow.** Each track needs
|
|
18
|
+
a **separate** request that returns that track's own upload URL.
|
|
19
|
+
4. **Playback must account for processing readiness.** A freshly uploaded track
|
|
20
|
+
is not immediately playable.
|
|
21
|
+
5. **Preserve existing API compatibility.** Do not change request/response
|
|
22
|
+
shapes, rename endpoints, or drop backward-compatible behavior.
|
|
23
|
+
6. **Use the correct hosts.** API base is `https://api.audiodelivery.net/v1/`.
|
|
24
|
+
The marketing/docs host `audiodeliverynetwork.com` must never be used as the
|
|
25
|
+
API origin for `/v1/` requests.
|
|
26
|
+
|
|
27
|
+
{{PARTIALS}}
|
|
28
|
+
|
|
29
|
+
## Canonical references
|
|
30
|
+
|
|
31
|
+
- OpenAPI 3.1 spec: https://audiodeliverynetwork.com/openapi.json
|
|
32
|
+
- LLM-readable overview: https://audiodeliverynetwork.com/llms-full.txt
|
|
33
|
+
- Docs: https://audiodeliverynetwork.com/docs
|
|
34
|
+
- AI-agent guide: https://audiodeliverynetwork.com/for-ai-agents
|
|
35
|
+
|
|
36
|
+
## Validate your work
|
|
37
|
+
|
|
38
|
+
If this repo has the AudioDN Skill installed, run its validator before finishing:
|
|
39
|
+
|
|
40
|
+
```bash
|
|
41
|
+
node .agents/skills/audiodn/scripts/validate.mjs .
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
Or, with the kit:
|
|
45
|
+
|
|
46
|
+
```bash
|
|
47
|
+
npx @audiodn/agent-kit validate .
|
|
48
|
+
```
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
## Authentication
|
|
2
|
+
|
|
3
|
+
AudioDN uses three credential types:
|
|
4
|
+
|
|
5
|
+
- **API Access key** (`Bearer` token): full server-side access. Server-only.
|
|
6
|
+
Used to create upload sessions, read track status, and create play sessions.
|
|
7
|
+
- **Client-Side keys** (Player / Uploader): scoped keys safe to ship in a
|
|
8
|
+
browser or app for the web components only.
|
|
9
|
+
- **Session IDs as capability tokens**: some endpoints are authorized by a
|
|
10
|
+
session ID instead of a Bearer token and take **no** Authorization header:
|
|
11
|
+
- `GET /v1/upload_session/{id}`
|
|
12
|
+
- `POST /v1/upload/{upload_session_id}/track`
|
|
13
|
+
- `GET /v1/play/{play_session_id}/{play_track_id}`
|
|
14
|
+
- `GET /v1/play/{play_session_id}/{play_track_id}/{variant_index}/download`
|
|
15
|
+
|
|
16
|
+
Rule: server code holds the Bearer key; the client only ever receives a session
|
|
17
|
+
ID or a finished signed URL. See `references/authentication.md` in the Skill.
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
## API compatibility
|
|
2
|
+
|
|
3
|
+
AudioDN's public API is stable. When integrating or refactoring:
|
|
4
|
+
|
|
5
|
+
- Do not rename endpoints, change path styles, or alter request/response shapes.
|
|
6
|
+
- API paths use underscores (`/v1/upload_session`, `/v1/play_session`). HTML
|
|
7
|
+
component attributes use hyphens (`upload-session-id`).
|
|
8
|
+
- Prefer additive changes; keep backward-compatible behavior intact.
|
|
9
|
+
- If something seems missing, re-check the OpenAPI spec before assuming it does
|
|
10
|
+
not exist — do not invent a replacement endpoint.
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
## Playback and delivery
|
|
2
|
+
|
|
3
|
+
Two supported ways to deliver audio, both gated by readiness:
|
|
4
|
+
|
|
5
|
+
- **Play sessions**: `POST /v1/play_session/{scope}` (server, Bearer) returns
|
|
6
|
+
signed variant URLs in `first_track.variants[].url` plus waveform `levels`.
|
|
7
|
+
Fetch more tracks with `GET /v1/play/{play_session_id}/{play_track_id}` (no
|
|
8
|
+
Bearer). Best for per-listener authorization and short expiry.
|
|
9
|
+
- **Signed delivery**: sign a delivery URL on your server with a URL Signing key
|
|
10
|
+
(HMAC-SHA256; the `verify` query param must be appended **last**). Skips play
|
|
11
|
+
sessions for public/entitled tracks. The signing secret is server-only.
|
|
12
|
+
|
|
13
|
+
For components, pass a Client-Side Player key or a server-provisioned play
|
|
14
|
+
session ID to `<audiodn-player>`. See `references/playback.md` in the Skill.
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
## Processing and readiness
|
|
2
|
+
|
|
3
|
+
After the bytes are uploaded, AudioDN processes the track: probing, waveform
|
|
4
|
+
generation, variant transcodes/previews, optional fallback processing, and cover
|
|
5
|
+
extraction. This takes time, so a track is not playable the instant it uploads.
|
|
6
|
+
|
|
7
|
+
Determine readiness in one of two ways:
|
|
8
|
+
|
|
9
|
+
- **Poll**: `GET /v1/track/{track_id}` (server, Bearer) until
|
|
10
|
+
`track.track_status_id === 'ready'` (or a terminal state like `incomplete`,
|
|
11
|
+
`error`, `init_error`).
|
|
12
|
+
- **Webhook** (preferred in production): react to the Track Processing webhook,
|
|
13
|
+
which fires on terminal outcomes / when the file set is complete — not on every
|
|
14
|
+
transitional status.
|
|
15
|
+
|
|
16
|
+
Never build a playback experience that assumes a just-uploaded track is ready.
|
|
17
|
+
See `references/processing.md` in the Skill.
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
## Security
|
|
2
|
+
|
|
3
|
+
- **Server key isolation**: API Access keys (Bearer) live only in server code and
|
|
4
|
+
server-side environment variables. They must never appear in browser bundles,
|
|
5
|
+
mobile apps, `public/` assets, client components, or committed files.
|
|
6
|
+
- **No hardcoded secrets**: read keys and signing secrets from environment
|
|
7
|
+
variables. Never inline a literal `adn_...` key, `Bearer` token, or signing
|
|
8
|
+
secret in source.
|
|
9
|
+
- **Signing secret stays server/edge-side**: URL Signing is done on your server or
|
|
10
|
+
in an edge worker; the secret is never sent to the client.
|
|
11
|
+
- **Least privilege on the client**: use resource-scoped Client-Side keys and
|
|
12
|
+
short-lived, per-listener play sessions.
|
|
13
|
+
|
|
14
|
+
See `references/security.md` in the Skill.
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
## Upload flow (do not skip steps)
|
|
2
|
+
|
|
3
|
+
The upload lifecycle is multi-step. Creating a session alone uploads nothing.
|
|
4
|
+
|
|
5
|
+
1. **Create an upload session** (server, Bearer):
|
|
6
|
+
`POST /v1/upload_session` -> returns `upload_session_id`. A session can hold
|
|
7
|
+
many tracks and does **not** return an upload URL by itself.
|
|
8
|
+
2. **Create a track in the session** (no Bearer — the session ID authorizes it):
|
|
9
|
+
`POST /v1/upload/{upload_session_id}/track` -> returns `track_id` and a
|
|
10
|
+
per-track upload target in `track_upload.upload_url` (with `track_upload.method`).
|
|
11
|
+
Do this **once per file**.
|
|
12
|
+
3. **Upload the bytes**: `PUT` the file to `track_upload.upload_url`.
|
|
13
|
+
4. **Wait for readiness** before playback (see Processing).
|
|
14
|
+
|
|
15
|
+
The per-track upload URL is **short-lived and single-purpose**. Never store it
|
|
16
|
+
in a database, cache it, or treat it as a permanent link — mint a fresh track if
|
|
17
|
+
it expires. See `references/upload-flow.md` in the Skill.
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
## Webhooks
|
|
2
|
+
|
|
3
|
+
Configure webhooks in the dashboard to react to processing without polling:
|
|
4
|
+
|
|
5
|
+
- **Track Processing** (`webhook_url`): fires when a track reaches a terminal
|
|
6
|
+
status (`ready`, `incomplete`, `error`, `init_error`) or when its full file set
|
|
7
|
+
is complete (`files_completed_at`) — not on transitional statuses.
|
|
8
|
+
- **Track File** (`webhook_url_file`): fires once per track file with a status of
|
|
9
|
+
`success`/`failed`.
|
|
10
|
+
- **Collection Sync**: collection create/update/delete events.
|
|
11
|
+
|
|
12
|
+
Verify webhook authenticity and make handlers idempotent (deliveries can retry).
|
|
13
|
+
See `references/webhooks.md` in the Skill.
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: audiodn
|
|
3
|
+
description: Use when integrating AudioDN (Audio Delivery Network) — audio upload, processing, variants/previews, waveforms, secure delivery, and playback. Covers auth boundaries, the multi-step upload flow, processing readiness, playback, webhooks, and security, plus a validator for common mistakes.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# AudioDN integration skill
|
|
7
|
+
|
|
8
|
+
Use this skill whenever you write or review code that uploads, processes,
|
|
9
|
+
delivers, or plays audio through AudioDN. Read the relevant reference before
|
|
10
|
+
implementing, and run the validator before you finish.
|
|
11
|
+
|
|
12
|
+
## Non-negotiable rules
|
|
13
|
+
|
|
14
|
+
1. Server API credentials (Bearer / API Access keys) never appear in browser or
|
|
15
|
+
mobile code. Client-side keys only where AudioDN supports them.
|
|
16
|
+
2. Never invent endpoints, fields, or params. Verify against the canonical
|
|
17
|
+
OpenAPI: https://audiodeliverynetwork.com/openapi.json
|
|
18
|
+
3. Creating an upload session is not the whole upload. Each track needs a
|
|
19
|
+
separate request that returns its own `track_upload.upload_url`.
|
|
20
|
+
4. Playback must wait for processing readiness.
|
|
21
|
+
5. Preserve existing API compatibility (paths use underscores; no shape changes).
|
|
22
|
+
6. API host is `https://api.audiodelivery.net/v1/`; never use the marketing host
|
|
23
|
+
`audiodeliverynetwork.com` for `/v1/` calls.
|
|
24
|
+
|
|
25
|
+
## References (read as needed)
|
|
26
|
+
|
|
27
|
+
- `references/authentication.md` — key types and which endpoints are session-gated.
|
|
28
|
+
- `references/upload-flow.md` — session -> per-track -> PUT -> readiness.
|
|
29
|
+
- `references/processing.md` — statuses and readiness detection.
|
|
30
|
+
- `references/playback.md` — play sessions and signed delivery.
|
|
31
|
+
- `references/webhooks.md` — track/file/collection webhooks.
|
|
32
|
+
- `references/security.md` — secret handling and the validator's rules.
|
|
33
|
+
|
|
34
|
+
## Framework templates
|
|
35
|
+
|
|
36
|
+
Copy-adapt the correct server/client boundary for your stack:
|
|
37
|
+
|
|
38
|
+
- `templates/nextjs.md`
|
|
39
|
+
- `templates/vue-nuxt.md`
|
|
40
|
+
- `templates/cloudflare-worker.md`
|
|
41
|
+
- `templates/node-server.md`
|
|
42
|
+
|
|
43
|
+
## Validate before finishing
|
|
44
|
+
|
|
45
|
+
```bash
|
|
46
|
+
node .agents/skills/audiodn/scripts/validate.mjs .
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
Fix every error (exit code is non-zero while errors remain) and review warnings.
|
|
50
|
+
The validator checks: server key in client code, invented endpoints, missing
|
|
51
|
+
per-track request, permanent upload URL, playback before ready, hardcoded
|
|
52
|
+
secrets, incorrect API origin, and obsolete documentation URLs.
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# Authentication reference
|
|
2
|
+
|
|
3
|
+
## Credential types
|
|
4
|
+
|
|
5
|
+
- **API Access key** — `Authorization: Bearer <key>`. Full server-side access.
|
|
6
|
+
Server-only. Used to create upload sessions, read track status, create play
|
|
7
|
+
sessions, and manage resources.
|
|
8
|
+
- **Client-Side keys** (Player / Uploader) — scoped keys safe to ship to a
|
|
9
|
+
browser/app, but ONLY for the AudioDN web components.
|
|
10
|
+
- **Session IDs as capability tokens** — some endpoints are authorized purely by
|
|
11
|
+
a session ID in the path and take NO `Authorization` header.
|
|
12
|
+
|
|
13
|
+
## Session-gated endpoints (no Bearer)
|
|
14
|
+
|
|
15
|
+
- `GET /v1/upload_session/{upload_session_id}`
|
|
16
|
+
- `POST /v1/upload/{upload_session_id}/track`
|
|
17
|
+
- `GET /v1/play/{play_session_id}/{play_track_id}`
|
|
18
|
+
- `GET /v1/play/{play_session_id}/{play_track_id}/{variant_index}/download`
|
|
19
|
+
|
|
20
|
+
## Rules
|
|
21
|
+
|
|
22
|
+
- The browser holds only a Client-Side key or a session ID/signed URL provisioned
|
|
23
|
+
by your server.
|
|
24
|
+
- Read keys from environment variables; never hardcode them.
|
|
25
|
+
- Errors use `{ ok: false, message, api_request_id }` with 400/401/404/500.
|
|
26
|
+
|
|
27
|
+
Canonical: https://audiodeliverynetwork.com/docs/api and `/openapi.json`.
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Playback reference
|
|
2
|
+
|
|
3
|
+
Two supported delivery paths, both gated by readiness.
|
|
4
|
+
|
|
5
|
+
## Play sessions (per-listener)
|
|
6
|
+
|
|
7
|
+
`POST /v1/play_session/{scope}` (server, Bearer), scope `track` or `collection`:
|
|
8
|
+
|
|
9
|
+
- Body: `{ track_id | collection_id, variants?, expires_in?, is_downloadable? }`.
|
|
10
|
+
- Returns signed variant URLs in `first_track.variants[].url` and waveform data
|
|
11
|
+
in `first_track.levels`.
|
|
12
|
+
- Fetch more tracks: `GET /v1/play/{play_session_id}/{play_track_id}` (no Bearer).
|
|
13
|
+
- Downloads: `GET /v1/play/{play_session_id}/{play_track_id}/{variant_index}/download`
|
|
14
|
+
(only if the session is downloadable).
|
|
15
|
+
|
|
16
|
+
## Signed delivery (public/entitled, no session)
|
|
17
|
+
|
|
18
|
+
Sign a delivery URL on your server with a URL Signing key (HMAC-SHA256). The
|
|
19
|
+
`verify` query parameter must be appended LAST. The signing secret is
|
|
20
|
+
server/edge-only. Skips play sessions for public tracks.
|
|
21
|
+
|
|
22
|
+
## Components
|
|
23
|
+
|
|
24
|
+
Pass a Client-Side Player key or a server-provisioned play session ID to
|
|
25
|
+
`<audiodn-player>`. Do not embed a server key.
|
|
26
|
+
|
|
27
|
+
Canonical: https://audiodeliverynetwork.com/docs/api/play-sessions and
|
|
28
|
+
`/docs/integration/signed-delivery`.
|
|
29
|
+
OpenAPI operationIds: `createPlaySession`, `getPlayTrack`, `downloadPlayTrackVariant`.
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
# Processing reference
|
|
2
|
+
|
|
3
|
+
After the bytes upload, AudioDN processes the track (probe, waveform, variants,
|
|
4
|
+
optional fallback processing, cover extraction). A track is not immediately
|
|
5
|
+
playable.
|
|
6
|
+
|
|
7
|
+
## Detect readiness
|
|
8
|
+
|
|
9
|
+
- **Poll** (server, Bearer): `GET /v1/track/{track_id}` until
|
|
10
|
+
`track.track_status_id === 'ready'`. Terminal states also include
|
|
11
|
+
`incomplete` (some variants failed but at least one plays), `error`,
|
|
12
|
+
`init_error`.
|
|
13
|
+
- **Webhook** (preferred): the Track Processing webhook fires on terminal
|
|
14
|
+
outcomes / when the file set is complete (`files_completed_at`), not on every
|
|
15
|
+
transitional status.
|
|
16
|
+
|
|
17
|
+
## Statuses you may observe
|
|
18
|
+
|
|
19
|
+
`processing`, `fallback_processing` (retry on higher-capacity worker), then a
|
|
20
|
+
terminal state. Do not assume a just-uploaded track is `ready`.
|
|
21
|
+
|
|
22
|
+
Canonical: https://audiodeliverynetwork.com/docs and `/docs/webhooks/track-processing`.
|
|
23
|
+
OpenAPI operationId: `getTrack`.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# Security reference
|
|
2
|
+
|
|
3
|
+
## Principles
|
|
4
|
+
|
|
5
|
+
- **Server key isolation**: API Access keys (Bearer) live only in server code and
|
|
6
|
+
server-side env vars. Never in browser bundles, mobile apps, `public/` assets,
|
|
7
|
+
client components, or committed files.
|
|
8
|
+
- **No hardcoded secrets**: read keys and signing secrets from environment
|
|
9
|
+
variables. Never inline an `adn_...` key, `Bearer` token, or signing secret.
|
|
10
|
+
- **Signing secret stays server/edge-side**: URL signing happens on your server
|
|
11
|
+
or an edge worker; the secret is never sent to the client.
|
|
12
|
+
- **Least privilege on the client**: resource-scoped Client-Side keys and
|
|
13
|
+
short-lived, per-listener play sessions.
|
|
14
|
+
|
|
15
|
+
## What the validator enforces
|
|
16
|
+
|
|
17
|
+
The bundled `scripts/validate.mjs` flags:
|
|
18
|
+
|
|
19
|
+
- `server-key-in-client` (error) — server credential referenced in client code.
|
|
20
|
+
- `invented-endpoint` (error) — `/v1/...` path not in the OpenAPI.
|
|
21
|
+
- `missing-per-track-request` (warn) — session created, no per-track upload URL.
|
|
22
|
+
- `upload-url-treated-permanent` (warn) — `upload_url` persisted/cached.
|
|
23
|
+
- `playback-before-ready` (warn) — playback with no readiness gate.
|
|
24
|
+
- `hardcoded-secret` (error) — literal key/secret in source.
|
|
25
|
+
- `incorrect-api-origin` (error) — wrong host for `/v1/` (e.g. marketing host).
|
|
26
|
+
- `obsolete-doc-url` (warn) — deprecated paths/params (`/v1/upload-session`,
|
|
27
|
+
`ttl_seconds`, `session.url`, docs-on-API-host, etc.).
|
|
28
|
+
|
|
29
|
+
Configure exceptions in `.audiodn-validate.json` (`{ "ignore": [], "ignoreFiles": [] }`)
|
|
30
|
+
or add `audiodn-validate-ignore` on a specific line.
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Upload-flow reference
|
|
2
|
+
|
|
3
|
+
The upload lifecycle is multi-step. A session alone uploads nothing.
|
|
4
|
+
|
|
5
|
+
## Steps
|
|
6
|
+
|
|
7
|
+
1. **Create upload session** (server, Bearer)
|
|
8
|
+
`POST /v1/upload_session` with optional `{ collection_id }`.
|
|
9
|
+
Returns `upload_session_id`. Holds many tracks; returns no upload URL.
|
|
10
|
+
|
|
11
|
+
2. **Create a track in the session** (no Bearer)
|
|
12
|
+
`POST /v1/upload/{upload_session_id}/track` with `{ file_name }`.
|
|
13
|
+
Returns `track_id` and `track_upload` = `{ method, upload_url }`.
|
|
14
|
+
Do this once per file.
|
|
15
|
+
|
|
16
|
+
3. **Upload the bytes**
|
|
17
|
+
`PUT` the file to `track_upload.upload_url` using `track_upload.method`.
|
|
18
|
+
Processing begins automatically once the PUT completes.
|
|
19
|
+
|
|
20
|
+
4. **Wait for readiness** (see processing.md) before playback.
|
|
21
|
+
|
|
22
|
+
## Critical
|
|
23
|
+
|
|
24
|
+
- The per-track `upload_url` is short-lived and single-use. Never store it in a
|
|
25
|
+
DB, cache, or config; if it expires, create a fresh track and retry.
|
|
26
|
+
- The session-create step does NOT return `upload_url` — do not expect one.
|
|
27
|
+
|
|
28
|
+
Canonical: https://audiodeliverynetwork.com/docs/api/upload-sessions
|
|
29
|
+
OpenAPI operationIds: `createUploadSession`, `createUploadSessionTrack`.
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# Webhook reference
|
|
2
|
+
|
|
3
|
+
Configure webhooks in the dashboard to react to processing without polling.
|
|
4
|
+
|
|
5
|
+
- **Track Processing** (`webhook_url`): fires when a track reaches a terminal
|
|
6
|
+
status (`ready`, `incomplete`, `error`, `init_error`) or when its file set is
|
|
7
|
+
complete (`files_completed_at`) — not on transitional statuses.
|
|
8
|
+
- **Track File** (`webhook_url_file`): fires once per track file with a status of
|
|
9
|
+
`success`/`failed` (`track_file.created` / `track_file.failed`).
|
|
10
|
+
- **Collection Sync**: collection create/update/delete events.
|
|
11
|
+
|
|
12
|
+
## Handler rules
|
|
13
|
+
|
|
14
|
+
- Make handlers idempotent — deliveries can retry.
|
|
15
|
+
- Verify authenticity before trusting the payload.
|
|
16
|
+
- Use the terminal event to advance your own workflow (mark ready, notify user).
|
|
17
|
+
|
|
18
|
+
Canonical: https://audiodeliverynetwork.com/docs/webhooks/track-processing,
|
|
19
|
+
`/docs/webhooks/track-files`, `/docs/webhooks/collection-sync`.
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
{
|
|
2
|
+
"note": "Canonical AudioDN v1 path templates. Regenerated from the public OpenAPI by scripts/sync-canonical.mjs. Used by validate.mjs to detect invented endpoints.",
|
|
3
|
+
"openapiVersion": "1.0.0",
|
|
4
|
+
"apiBase": "https://api.audiodelivery.net/v1",
|
|
5
|
+
"paths": [
|
|
6
|
+
"/v1/api_key",
|
|
7
|
+
"/v1/collection",
|
|
8
|
+
"/v1/collection/{collection_id}",
|
|
9
|
+
"/v1/collection/{collection_id}/cover",
|
|
10
|
+
"/v1/collection/{collection_id}/track",
|
|
11
|
+
"/v1/creator",
|
|
12
|
+
"/v1/creator/{creator_id}",
|
|
13
|
+
"/v1/organization/{organization_id}",
|
|
14
|
+
"/v1/play/{play_session_id}/{play_track_id}",
|
|
15
|
+
"/v1/play/{play_session_id}/{play_track_id}/{variant_index}/download",
|
|
16
|
+
"/v1/play_session/{play_session_id}",
|
|
17
|
+
"/v1/play_session/{scope}",
|
|
18
|
+
"/v1/track",
|
|
19
|
+
"/v1/track/{track_id}",
|
|
20
|
+
"/v1/track/{track_id}/cover",
|
|
21
|
+
"/v1/track/{track_id}/variant",
|
|
22
|
+
"/v1/upload/{upload_session_id}/track",
|
|
23
|
+
"/v1/upload_session",
|
|
24
|
+
"/v1/upload_session/{upload_session_id}",
|
|
25
|
+
"/v1/variant",
|
|
26
|
+
"/v1/variant/{variant_id}"
|
|
27
|
+
]
|
|
28
|
+
}
|