@authsome/client 0.0.1 → 0.0.3

package/package.json

@@ -1,37 +1,16 @@
 {
   "name": "@authsome/client",
-  "version": "0.0.1",
+  "version": "0.0.3",
   "description": "TypeScript client for AuthSome authentication",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
-  "files": [
-    "dist"
-  ],
   "scripts": {
     "build": "tsc",
     "prepublishOnly": "npm run build"
   },
-  "keywords": [
-    "authsome",
-    "authentication",
-    "auth",
-    "client",
-    "sdk",
-    "typescript",
-    "multi-tenant",
-    "rbac"
-  ],
-  "author": "Rex Raphael <rex.raphael@outlook.com>",
+  "keywords": ["authsome", "authentication", "client"],
+  "author": "",
   "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/xraph/authsome.git",
-    "directory": "clients/typescript"
-  },
-  "bugs": {
-    "url": "https://github.com/xraph/authsome/issues"
-  },
-  "homepage": "https://github.com/xraph/authsome#readme",
   "devDependencies": {
     "typescript": "^5.0.0"
   }

package/src/client.ts

@@ -0,0 +1,270 @@
+// Auto-generated AuthSome client
+
+import { ClientPlugin } from './plugin';
+import { createErrorFromResponse } from './errors';
+import * as types from './types';
+import { MagiclinkPlugin } from './plugins/magiclink';
+import { NotificationPlugin } from './plugins/notification';
+import { PasskeyPlugin } from './plugins/passkey';
+import { UsernamePlugin } from './plugins/username';
+import { ApikeyPlugin } from './plugins/apikey';
+import { BackupauthPlugin } from './plugins/backupauth';
+import { ConsentPlugin } from './plugins/consent';
+import { IdverificationPlugin } from './plugins/idverification';
+import { MultiappPlugin } from './plugins/multiapp';
+import { OidcproviderPlugin } from './plugins/oidcprovider';
+import { PhonePlugin } from './plugins/phone';
+import { AdminPlugin } from './plugins/admin';
+import { EmailotpPlugin } from './plugins/emailotp';
+import { MfaPlugin } from './plugins/mfa';
+import { OrganizationPlugin } from './plugins/organization';
+import { SocialPlugin } from './plugins/social';
+import { SsoPlugin } from './plugins/sso';
+import { AnonymousPlugin } from './plugins/anonymous';
+import { StepupPlugin } from './plugins/stepup';
+import { JwtPlugin } from './plugins/jwt';
+import { MultisessionPlugin } from './plugins/multisession';
+import { TwofaPlugin } from './plugins/twofa';
+import { WebhookPlugin } from './plugins/webhook';
+import { CompliancePlugin } from './plugins/compliance';
+import { ImpersonationPlugin } from './plugins/impersonation';
+
+/**
+ * AuthSome client configuration
+ * Supports multiple authentication methods that can be used simultaneously:
+ * - Cookies: Automatically sent with every request (session-based auth)
+ * - Bearer Token: JWT tokens sent in Authorization header when auth: true
+ * - API Key: Sent with every request for server-to-server auth
+ *   - Publishable Key (pk_*): Safe for frontend, limited permissions
+ *   - Secret Key (sk_*): Backend only, full admin access
+ */
+export interface AuthsomeClientConfig {
+  /** Base URL of the AuthSome API */
+  baseURL: string;
+  
+  /** Plugin instances to initialize */
+  plugins?: ClientPlugin[];
+  
+  /** JWT/Bearer token for user authentication (sent only when auth: true) */
+  token?: string;
+  
+  /** API key for server-to-server auth (pk_* or sk_*, sent with all requests) */
+  apiKey?: string;
+  
+  /** Custom header name for API key (default: 'X-API-Key') */
+  apiKeyHeader?: string;
+  
+  /** Custom headers to include with all requests */
+  headers?: Record<string, string>;
+  
+  /** Base path prefix for all API routes (default: '') */
+  basePath?: string;
+}
+
+export class AuthsomeClient {
+  private baseURL: string;
+  private basePath: string;
+  private token?: string;
+  private apiKey?: string;
+  private apiKeyHeader: string;
+  private headers: Record<string, string>;
+  private plugins: Map<string, ClientPlugin>;
+
+  constructor(config: AuthsomeClientConfig) {
+    this.baseURL = config.baseURL;
+    this.basePath = config.basePath || '';
+    this.token = config.token;
+    this.apiKey = config.apiKey;
+    this.apiKeyHeader = config.apiKeyHeader || 'X-API-Key';
+    this.headers = config.headers || {};
+    this.plugins = new Map();
+
+    if (config.plugins) {
+      for (const plugin of config.plugins) {
+        this.plugins.set(plugin.id, plugin);
+        plugin.init(this);
+      }
+    }
+  }
+
+  setToken(token: string): void {
+    this.token = token;
+  }
+
+  setApiKey(apiKey: string, header?: string): void {
+    this.apiKey = apiKey;
+    if (header) {
+      this.apiKeyHeader = header;
+    }
+  }
+
+  /**
+   * Set a publishable key (pk_*) - safe for frontend use
+   * Publishable keys have limited permissions and can be exposed in client-side code
+   * Typically used for: session creation, user verification, public data reads
+   */
+  setPublishableKey(publishableKey: string): void {
+    if (!publishableKey.startsWith('pk_')) {
+      console.warn('Warning: Publishable keys should start with pk_');
+    }
+    this.setApiKey(publishableKey);
+  }
+
+  /**
+   * Set a secret key (sk_*) - MUST be kept secret on server-side only!
+   * Secret keys have full administrative access to all operations
+   * WARNING: Never expose secret keys in client-side code (browser, mobile apps)
+   */
+  setSecretKey(secretKey: string): void {
+    if (!secretKey.startsWith('sk_')) {
+      console.warn('Warning: Secret keys should start with sk_');
+    }
+    this.setApiKey(secretKey);
+  }
+
+  setBasePath(basePath: string): void {
+    this.basePath = basePath;
+  }
+
+  /**
+   * Set global headers for all requests
+   * @param headers - Headers to set
+   * @param replace - If true, replaces all existing headers. If false (default), merges with existing headers
+   */
+  setGlobalHeaders(headers: Record<string, string>, replace: boolean = false): void {
+    if (replace) {
+      this.headers = { ...headers };
+    } else {
+      this.headers = { ...this.headers, ...headers };
+    }
+  }
+
+  getPlugin<T extends ClientPlugin>(id: string): T | undefined {
+    return this.plugins.get(id) as T | undefined;
+  }
+
+  public readonly $plugins = {
+    magiclink: (): MagiclinkPlugin | undefined => this.getPlugin<MagiclinkPlugin>('magiclink'),
+    notification: (): NotificationPlugin | undefined => this.getPlugin<NotificationPlugin>('notification'),
+    passkey: (): PasskeyPlugin | undefined => this.getPlugin<PasskeyPlugin>('passkey'),
+    username: (): UsernamePlugin | undefined => this.getPlugin<UsernamePlugin>('username'),
+    apikey: (): ApikeyPlugin | undefined => this.getPlugin<ApikeyPlugin>('apikey'),
+    backupauth: (): BackupauthPlugin | undefined => this.getPlugin<BackupauthPlugin>('backupauth'),
+    consent: (): ConsentPlugin | undefined => this.getPlugin<ConsentPlugin>('consent'),
+    idverification: (): IdverificationPlugin | undefined => this.getPlugin<IdverificationPlugin>('idverification'),
+    multiapp: (): MultiappPlugin | undefined => this.getPlugin<MultiappPlugin>('multiapp'),
+    oidcprovider: (): OidcproviderPlugin | undefined => this.getPlugin<OidcproviderPlugin>('oidcprovider'),
+    phone: (): PhonePlugin | undefined => this.getPlugin<PhonePlugin>('phone'),
+    admin: (): AdminPlugin | undefined => this.getPlugin<AdminPlugin>('admin'),
+    emailotp: (): EmailotpPlugin | undefined => this.getPlugin<EmailotpPlugin>('emailotp'),
+    mfa: (): MfaPlugin | undefined => this.getPlugin<MfaPlugin>('mfa'),
+    organization: (): OrganizationPlugin | undefined => this.getPlugin<OrganizationPlugin>('organization'),
+    social: (): SocialPlugin | undefined => this.getPlugin<SocialPlugin>('social'),
+    sso: (): SsoPlugin | undefined => this.getPlugin<SsoPlugin>('sso'),
+    anonymous: (): AnonymousPlugin | undefined => this.getPlugin<AnonymousPlugin>('anonymous'),
+    stepup: (): StepupPlugin | undefined => this.getPlugin<StepupPlugin>('stepup'),
+    jwt: (): JwtPlugin | undefined => this.getPlugin<JwtPlugin>('jwt'),
+    multisession: (): MultisessionPlugin | undefined => this.getPlugin<MultisessionPlugin>('multisession'),
+    twofa: (): TwofaPlugin | undefined => this.getPlugin<TwofaPlugin>('twofa'),
+    webhook: (): WebhookPlugin | undefined => this.getPlugin<WebhookPlugin>('webhook'),
+    compliance: (): CompliancePlugin | undefined => this.getPlugin<CompliancePlugin>('compliance'),
+    impersonation: (): ImpersonationPlugin | undefined => this.getPlugin<ImpersonationPlugin>('impersonation'),
+  };
+
+  public async request<T>(
+    method: string,
+    path: string,
+    options?: {
+      body?: any;
+      query?: Record<string, string>;
+      auth?: boolean;
+    }
+  ): Promise<T> {
+    const url = new URL(this.basePath + path, this.baseURL);
+
+    if (options?.query) {
+      for (const [key, value] of Object.entries(options.query)) {
+        url.searchParams.append(key, value);
+      }
+    }
+
+    const headers: Record<string, string> = {
+      'Content-Type': 'application/json',
+      ...this.headers,
+    };
+
+    if (options?.auth && this.token) {
+      headers['Authorization'] = `Bearer ${this.token}`;
+    }
+
+    if (this.apiKey) {
+      headers[this.apiKeyHeader] = this.apiKey;
+    }
+
+    const response = await fetch(url.toString(), {
+      method,
+      headers,
+      body: options?.body ? JSON.stringify(options.body) : undefined,
+      credentials: 'include',
+    });
+
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ error: response.statusText }));
+      throw createErrorFromResponse(response.status, error.error || error.message || 'Request failed');
+    }
+
+    return response.json();
+  }
+
+  async signUp(request: { email: string; password: string; name?: string }): Promise<{ user: types.User; session: types.Session }> {
+    const path = '/signup';
+    return this.request<{ user: types.User; session: types.Session }>('POST', path, {
+      body: request,
+    });
+  }
+
+  async signIn(request: { email: string; password: string }): Promise<{ user: types.User; session: types.Session; requiresTwoFactor: boolean }> {
+    const path = '/signin';
+    return this.request<{ user: types.User; session: types.Session; requiresTwoFactor: boolean }>('POST', path, {
+      body: request,
+    });
+  }
+
+  async signOut(): Promise<{ success: boolean }> {
+    const path = '/signout';
+    return this.request<{ success: boolean }>('POST', path, {
+      auth: true,
+    });
+  }
+
+  async getSession(): Promise<{ user: types.User; session: types.Session }> {
+    const path = '/session';
+    return this.request<{ user: types.User; session: types.Session }>('GET', path, {
+      auth: true,
+    });
+  }
+
+  async updateUser(request: { email?: string; name?: string }): Promise<{ user: types.User }> {
+    const path = '/user/update';
+    return this.request<{ user: types.User }>('POST', path, {
+      body: request,
+      auth: true,
+    });
+  }
+
+  async listDevices(): Promise<{ devices: types.Device[] }> {
+    const path = '/devices';
+    return this.request<{ devices: types.Device[] }>('GET', path, {
+      auth: true,
+    });
+  }
+
+  async revokeDevice(request: { deviceId: string }): Promise<{ success: boolean }> {
+    const path = '/devices/revoke';
+    return this.request<{ success: boolean }>('POST', path, {
+      body: request,
+      auth: true,
+    });
+  }
+
+}

package/src/errors.ts

@@ -0,0 +1,92 @@
+// Auto-generated error classes
+
+export class AuthsomeError extends Error {
+  constructor(
+    message: string,
+    public statusCode: number,
+    public code?: string
+  ) {
+    super(message);
+    this.name = 'AuthsomeError';
+  }
+}
+
+export class NetworkError extends AuthsomeError {
+  constructor(message: string) {
+    super(message, 0, 'NETWORK_ERROR');
+    this.name = 'NetworkError';
+  }
+}
+
+export class ValidationError extends AuthsomeError {
+  constructor(message: string, public fields?: Record<string, string>) {
+    super(message, 400, 'VALIDATION_ERROR');
+    this.name = 'ValidationError';
+  }
+}
+
+export class UnauthorizedError extends AuthsomeError {
+  constructor(message: string = 'Unauthorized') {
+    super(message, 401, 'UNAUTHORIZED');
+    this.name = 'UnauthorizedError';
+  }
+}
+
+export class ForbiddenError extends AuthsomeError {
+  constructor(message: string = 'Forbidden') {
+    super(message, 403, 'FORBIDDEN');
+    this.name = 'ForbiddenError';
+  }
+}
+
+export class NotFoundError extends AuthsomeError {
+  constructor(message: string = 'Not found') {
+    super(message, 404, 'NOT_FOUND');
+    this.name = 'NotFoundError';
+  }
+}
+
+export class ConflictError extends AuthsomeError {
+  constructor(message: string) {
+    super(message, 409, 'CONFLICT');
+    this.name = 'ConflictError';
+  }
+}
+
+export class RateLimitError extends AuthsomeError {
+  constructor(message: string = 'Rate limit exceeded') {
+    super(message, 429, 'RATE_LIMIT_EXCEEDED');
+    this.name = 'RateLimitError';
+  }
+}
+
+export class ServerError extends AuthsomeError {
+  constructor(message: string = 'Internal server error') {
+    super(message, 500, 'SERVER_ERROR');
+    this.name = 'ServerError';
+  }
+}
+
+export function createErrorFromResponse(statusCode: number, message: string): AuthsomeError {
+  switch (statusCode) {
+    case 400:
+      return new ValidationError(message);
+    case 401:
+      return new UnauthorizedError(message);
+    case 403:
+      return new ForbiddenError(message);
+    case 404:
+      return new NotFoundError(message);
+    case 409:
+      return new ConflictError(message);
+    case 429:
+      return new RateLimitError(message);
+    case 500:
+    case 502:
+    case 503:
+    case 504:
+      return new ServerError(message);
+    default:
+      return new AuthsomeError(message, statusCode);
+  }
+}

package/src/index.ts

@@ -0,0 +1,33 @@
+// Auto-generated exports
+
+export { AuthsomeClient, AuthsomeClientConfig } from './client';
+export { ClientPlugin } from './plugin';
+export * from './types';
+export * from './errors';
+
+// Plugin exports
+export { MagiclinkPlugin, magiclinkClient } from './plugins/magiclink';
+export { NotificationPlugin, notificationClient } from './plugins/notification';
+export { PasskeyPlugin, passkeyClient } from './plugins/passkey';
+export { UsernamePlugin, usernameClient } from './plugins/username';
+export { ApikeyPlugin, apikeyClient } from './plugins/apikey';
+export { BackupauthPlugin, backupauthClient } from './plugins/backupauth';
+export { ConsentPlugin, consentClient } from './plugins/consent';
+export { IdverificationPlugin, idverificationClient } from './plugins/idverification';
+export { MultiappPlugin, multiappClient } from './plugins/multiapp';
+export { OidcproviderPlugin, oidcproviderClient } from './plugins/oidcprovider';
+export { PhonePlugin, phoneClient } from './plugins/phone';
+export { AdminPlugin, adminClient } from './plugins/admin';
+export { EmailotpPlugin, emailotpClient } from './plugins/emailotp';
+export { MfaPlugin, mfaClient } from './plugins/mfa';
+export { OrganizationPlugin, organizationClient } from './plugins/organization';
+export { SocialPlugin, socialClient } from './plugins/social';
+export { SsoPlugin, ssoClient } from './plugins/sso';
+export { AnonymousPlugin, anonymousClient } from './plugins/anonymous';
+export { StepupPlugin, stepupClient } from './plugins/stepup';
+export { JwtPlugin, jwtClient } from './plugins/jwt';
+export { MultisessionPlugin, multisessionClient } from './plugins/multisession';
+export { TwofaPlugin, twofaClient } from './plugins/twofa';
+export { WebhookPlugin, webhookClient } from './plugins/webhook';
+export { CompliancePlugin, complianceClient } from './plugins/compliance';
+export { ImpersonationPlugin, impersonationClient } from './plugins/impersonation';

package/src/plugin.ts

@@ -0,0 +1,13 @@
+// Auto-generated plugin interface
+
+import { AuthsomeClient } from './client';
+
+export interface ClientPlugin {
+  readonly id: string;
+  
+  // Initialize plugin with base client
+  init(client: AuthsomeClient): void;
+  
+  // Optional: validate configuration
+  validate?(): Promise<boolean>;
+}

package/src/plugins/admin.ts

@@ -0,0 +1,84 @@
+// Auto-generated admin plugin
+
+import { ClientPlugin } from '../plugin';
+import { AuthsomeClient } from '../client';
+import * as types from '../types';
+
+export class AdminPlugin implements ClientPlugin {
+  readonly id = 'admin';
+  private client!: AuthsomeClient;
+
+  init(client: AuthsomeClient): void {
+    this.client = client;
+  }
+
+  async createUser(request: types.CreateUser_reqBody): Promise<void> {
+    const path = '/users';
+    return this.client.request<void>('POST', path, {
+      body: request,
+    });
+  }
+
+  async listUsers(): Promise<void> {
+    const path = '/users';
+    return this.client.request<void>('GET', path);
+  }
+
+  async deleteUser(): Promise<types.MessageResponse> {
+    const path = '/users/:id';
+    return this.client.request<types.MessageResponse>('DELETE', path);
+  }
+
+  async banUser(request: types.BanUser_reqBody): Promise<types.MessageResponse> {
+    const path = '/users/:id/ban';
+    return this.client.request<types.MessageResponse>('POST', path, {
+      body: request,
+    });
+  }
+
+  async unbanUser(request: types.UnbanUser_reqBody): Promise<types.MessageResponse> {
+    const path = '/users/:id/unban';
+    return this.client.request<types.MessageResponse>('POST', path, {
+      body: request,
+    });
+  }
+
+  async impersonateUser(request: types.ImpersonateUser_reqBody): Promise<void> {
+    const path = '/users/:id/impersonate';
+    return this.client.request<void>('POST', path, {
+      body: request,
+    });
+  }
+
+  async setUserRole(request: types.SetUserRole_reqBody): Promise<types.MessageResponse> {
+    const path = '/users/:id/role';
+    return this.client.request<types.MessageResponse>('POST', path, {
+      body: request,
+    });
+  }
+
+  async listSessions(): Promise<void> {
+    const path = '/sessions';
+    return this.client.request<void>('GET', path);
+  }
+
+  async revokeSession(): Promise<types.MessageResponse> {
+    const path = '/sessions/:id';
+    return this.client.request<types.MessageResponse>('DELETE', path);
+  }
+
+  async getStats(): Promise<void> {
+    const path = '/stats';
+    return this.client.request<void>('GET', path);
+  }
+
+  async getAuditLogs(): Promise<void> {
+    const path = '/audit-logs';
+    return this.client.request<void>('GET', path);
+  }
+
+}
+
+export function adminClient(): AdminPlugin {
+  return new AdminPlugin();
+}

package/src/plugins/anonymous.ts

@@ -0,0 +1,31 @@
+// Auto-generated anonymous plugin
+
+import { ClientPlugin } from '../plugin';
+import { AuthsomeClient } from '../client';
+import * as types from '../types';
+
+export class AnonymousPlugin implements ClientPlugin {
+  readonly id = 'anonymous';
+  private client!: AuthsomeClient;
+
+  init(client: AuthsomeClient): void {
+    this.client = client;
+  }
+
+  async signIn(): Promise<types.SignInResponse> {
+    const path = '/anonymous/signin';
+    return this.client.request<types.SignInResponse>('POST', path);
+  }
+
+  async link(request: types.LinkRequest): Promise<types.LinkResponse> {
+    const path = '/anonymous/link';
+    return this.client.request<types.LinkResponse>('POST', path, {
+      body: request,
+    });
+  }
+
+}
+
+export function anonymousClient(): AnonymousPlugin {
+  return new AnonymousPlugin();
+}

package/src/plugins/apikey.ts

@@ -0,0 +1,56 @@
+// Auto-generated apikey plugin
+
+import { ClientPlugin } from '../plugin';
+import { AuthsomeClient } from '../client';
+import * as types from '../types';
+
+export class ApikeyPlugin implements ClientPlugin {
+  readonly id = 'apikey';
+  private client!: AuthsomeClient;
+
+  init(client: AuthsomeClient): void {
+    this.client = client;
+  }
+
+  async createAPIKey(request: types.CreateAPIKey_reqBody): Promise<types.CreateAPIKeyResponse> {
+    const path = '/createapikey';
+    return this.client.request<types.CreateAPIKeyResponse>('POST', path, {
+      body: request,
+    });
+  }
+
+  async listAPIKeys(): Promise<void> {
+    const path = '/listapikeys';
+    return this.client.request<void>('GET', path);
+  }
+
+  async getAPIKey(): Promise<void> {
+    const path = '/:id';
+    return this.client.request<void>('GET', path);
+  }
+
+  async updateAPIKey(): Promise<void> {
+    const path = '/:id';
+    return this.client.request<void>('PUT', path);
+  }
+
+  async deleteAPIKey(): Promise<types.MessageResponse> {
+    const path = '/:id';
+    return this.client.request<types.MessageResponse>('DELETE', path);
+  }
+
+  async rotateAPIKey(): Promise<types.RotateAPIKeyResponse> {
+    const path = '/:id/rotate';
+    return this.client.request<types.RotateAPIKeyResponse>('POST', path);
+  }
+
+  async verifyAPIKey(): Promise<void> {
+    const path = '/verify';
+    return this.client.request<void>('POST', path);
+  }
+
+}
+
+export function apikeyClient(): ApikeyPlugin {
+  return new ApikeyPlugin();
+}