@blimu/backend 1.2.0 → 1.2.2

package/dist/services/auth_jwks.mjs

@@ -0,0 +1,44 @@
+// src/services/auth_jwks.ts
+var AuthJwksService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/auth/.well-known/jwks.json*
+   * @summary Get JSON Web Key Set for environment (Public)*
+   * @description Returns the public keys used to verify JWT tokens issued by this environment. Authenticate using either x-api-key header (secretKey) or x-blimu-publishable-key header (publishableKey).*/
+  getJwks(init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/auth/.well-known/jwks.json`,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/auth/.well-known/public-key.pem*
+   * @summary Get environment public key (PEM)*
+   * @description Returns the public key in PEM format for verifying JWT tokens. Authenticate with x-api-key or x-blimu-publishable-key.*/
+  getPublicKeyPem(init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/auth/.well-known/public-key.pem`,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/auth/oauth/.well-known/jwks.json*
+   * @summary Get JSON Web Key Set for OAuth app (Public)*
+   * @description Returns the public key for a specific OAuth app to verify JWT tokens. This is a public endpoint following OAuth2/OIDC standards. Provide client_id to get keys for a specific OAuth app, or use authenticated endpoint for environment keys.*/
+  getOAuthAppJwks(query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/auth/oauth/.well-known/jwks.json`,
+      query,
+      ...init ?? {}
+    });
+  }
+};
+export {
+  AuthJwksService
+};
+//# sourceMappingURL=auth_jwks.mjs.map

package/dist/services/auth_jwks.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/auth_jwks.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\n\nexport class AuthJwksService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * GET /v1/auth/.well-known/jwks.json*\n   * @summary Get JSON Web Key Set for environment (Public)*\n   * @description Returns the public keys used to verify JWT tokens issued by this environment. Authenticate using either x-api-key header (secretKey) or x-blimu-publishable-key header (publishableKey).*/\n  getJwks(init?: Omit<RequestInit, 'method' | 'body'>): Promise<Schema.JWK> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/auth/.well-known/jwks.json`,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/auth/.well-known/public-key.pem*\n   * @summary Get environment public key (PEM)*\n   * @description Returns the public key in PEM format for verifying JWT tokens. Authenticate with x-api-key or x-blimu-publishable-key.*/\n  getPublicKeyPem(init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/auth/.well-known/public-key.pem`,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/auth/oauth/.well-known/jwks.json*\n   * @summary Get JSON Web Key Set for OAuth app (Public)*\n   * @description Returns the public key for a specific OAuth app to verify JWT tokens. This is a public endpoint following OAuth2/OIDC standards. Provide client_id to get keys for a specific OAuth app, or use authenticated endpoint for environment keys.*/\n  getOAuthAppJwks(\n    query?: Schema.AuthJwksGetOAuthAppJwksQuery,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.JWK> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/auth/oauth/.well-known/jwks.json`,\n      query,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";AAGO,IAAM,kBAAN,MAAsB;AAAA,EAC3B,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,QAAQ,MAAkE;AACxE,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBAAgB,MAA+D;AAC7E,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBACE,OACA,MACqB;AACrB,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/bulk_resources.cjs

@@ -0,0 +1,47 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/services/bulk_resources.ts
+var bulk_resources_exports = {};
+__export(bulk_resources_exports, {
+  BulkResourcesService: () => BulkResourcesService
+});
+module.exports = __toCommonJS(bulk_resources_exports);
+var BulkResourcesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/resources/{resourceType}/bulk*
+   * @summary Bulk create resources*
+   * @description Creates multiple resources of the specified type in a single request. This operation supports partial success - some resources may be created while others fail. The response includes details about successful creations and any errors encountered. Resources can have parent relationships and initial role assignments.*/
+  create(resourceType, body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/bulk`,
+      body,
+      ...init ?? {}
+    });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  BulkResourcesService
+});
+//# sourceMappingURL=bulk_resources.cjs.map

package/dist/services/bulk_resources.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/bulk_resources.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\nimport type { ResourceType } from '@blimu/types';\n\nexport class BulkResourcesService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * POST /v1/resources/{resourceType}/bulk*\n   * @summary Bulk create resources*\n   * @description Creates multiple resources of the specified type in a single request. This operation supports partial success - some resources may be created while others fail. The response includes details about successful creations and any errors encountered. Resources can have parent relationships and initial role assignments.*/\n  create(\n    resourceType: ResourceType,\n    body: Schema.ResourceBulkCreateBody,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.ResourceBulkResult> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/resources/${encodeURIComponent(resourceType)}/bulk`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAIO,IAAM,uBAAN,MAA2B;AAAA,EAChC,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,OACE,cACA,MACA,MACoC;AACpC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,iBAAiB,mBAAmB,YAAY,CAAC;AAAA,MACvD;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/bulk_resources.d.mts

@@ -0,0 +1,11 @@
+import { FetchClient } from '@blimu/fetch';
+import { R as ResourceBulkCreateBody, a as ResourceBulkResult } from '../schema-CdEZKE7E.mjs';
+import { ResourceType } from '@blimu/types';
+
+declare class BulkResourcesService {
+    private core;
+    constructor(core: FetchClient);
+    create(resourceType: ResourceType, body: ResourceBulkCreateBody, init?: Omit<RequestInit, 'method' | 'body'>): Promise<ResourceBulkResult>;
+}
+
+export { BulkResourcesService };

package/dist/services/bulk_resources.d.ts

@@ -0,0 +1,11 @@
+import { FetchClient } from '@blimu/fetch';
+import { R as ResourceBulkCreateBody, a as ResourceBulkResult } from '../schema-CdEZKE7E.js';
+import { ResourceType } from '@blimu/types';
+
+declare class BulkResourcesService {
+    private core;
+    constructor(core: FetchClient);
+    create(resourceType: ResourceType, body: ResourceBulkCreateBody, init?: Omit<RequestInit, 'method' | 'body'>): Promise<ResourceBulkResult>;
+}
+
+export { BulkResourcesService };

package/dist/services/bulk_resources.mjs

@@ -0,0 +1,22 @@
+// src/services/bulk_resources.ts
+var BulkResourcesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/resources/{resourceType}/bulk*
+   * @summary Bulk create resources*
+   * @description Creates multiple resources of the specified type in a single request. This operation supports partial success - some resources may be created while others fail. The response includes details about successful creations and any errors encountered. Resources can have parent relationships and initial role assignments.*/
+  create(resourceType, body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/bulk`,
+      body,
+      ...init ?? {}
+    });
+  }
+};
+export {
+  BulkResourcesService
+};
+//# sourceMappingURL=bulk_resources.mjs.map

package/dist/services/bulk_resources.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/bulk_resources.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\nimport type { ResourceType } from '@blimu/types';\n\nexport class BulkResourcesService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * POST /v1/resources/{resourceType}/bulk*\n   * @summary Bulk create resources*\n   * @description Creates multiple resources of the specified type in a single request. This operation supports partial success - some resources may be created while others fail. The response includes details about successful creations and any errors encountered. Resources can have parent relationships and initial role assignments.*/\n  create(\n    resourceType: ResourceType,\n    body: Schema.ResourceBulkCreateBody,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.ResourceBulkResult> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/resources/${encodeURIComponent(resourceType)}/bulk`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";AAIO,IAAM,uBAAN,MAA2B;AAAA,EAChC,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,OACE,cACA,MACA,MACoC;AACpC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,iBAAiB,mBAAmB,YAAY,CAAC;AAAA,MACvD;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/bulk_roles.cjs

@@ -0,0 +1,47 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/services/bulk_roles.ts
+var bulk_roles_exports = {};
+__export(bulk_roles_exports, {
+  BulkRolesService: () => BulkRolesService
+});
+module.exports = __toCommonJS(bulk_roles_exports);
+var BulkRolesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/users/roles/bulk*
+   * @summary Bulk create roles*
+   * @description Assigns multiple roles to users on resources in a single request. This operation supports partial success - some role assignments may succeed while others fail. The response includes details about successful assignments and any errors encountered. All roles must be valid according to your resource definitions.*/
+  create(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/users/roles/bulk`,
+      body,
+      ...init ?? {}
+    });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  BulkRolesService
+});
+//# sourceMappingURL=bulk_roles.cjs.map

package/dist/services/bulk_roles.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/bulk_roles.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\n\nexport class BulkRolesService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * POST /v1/users/roles/bulk*\n   * @summary Bulk create roles*\n   * @description Assigns multiple roles to users on resources in a single request. This operation supports partial success - some role assignments may succeed while others fail. The response includes details about successful assignments and any errors encountered. All roles must be valid according to your resource definitions.*/\n  create(\n    body: Schema.RoleBulkCreateBody,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.RoleBulkResult> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/users/roles/bulk`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGO,IAAM,mBAAN,MAAuB;AAAA,EAC5B,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,OACE,MACA,MACgC;AAChC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/bulk_roles.d.mts

@@ -0,0 +1,11 @@
+import { FetchClient } from '@blimu/fetch';
+import { b as RoleBulkCreateBody, c as RoleBulkResult } from '../schema-CdEZKE7E.mjs';
+import '@blimu/types';
+
+declare class BulkRolesService {
+    private core;
+    constructor(core: FetchClient);
+    create(body: RoleBulkCreateBody, init?: Omit<RequestInit, 'method' | 'body'>): Promise<RoleBulkResult>;
+}
+
+export { BulkRolesService };

package/dist/services/bulk_roles.d.ts

@@ -0,0 +1,11 @@
+import { FetchClient } from '@blimu/fetch';
+import { b as RoleBulkCreateBody, c as RoleBulkResult } from '../schema-CdEZKE7E.js';
+import '@blimu/types';
+
+declare class BulkRolesService {
+    private core;
+    constructor(core: FetchClient);
+    create(body: RoleBulkCreateBody, init?: Omit<RequestInit, 'method' | 'body'>): Promise<RoleBulkResult>;
+}
+
+export { BulkRolesService };

package/dist/services/bulk_roles.mjs

@@ -0,0 +1,22 @@
+// src/services/bulk_roles.ts
+var BulkRolesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/users/roles/bulk*
+   * @summary Bulk create roles*
+   * @description Assigns multiple roles to users on resources in a single request. This operation supports partial success - some role assignments may succeed while others fail. The response includes details about successful assignments and any errors encountered. All roles must be valid according to your resource definitions.*/
+  create(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/users/roles/bulk`,
+      body,
+      ...init ?? {}
+    });
+  }
+};
+export {
+  BulkRolesService
+};
+//# sourceMappingURL=bulk_roles.mjs.map

package/dist/services/bulk_roles.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/bulk_roles.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\n\nexport class BulkRolesService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * POST /v1/users/roles/bulk*\n   * @summary Bulk create roles*\n   * @description Assigns multiple roles to users on resources in a single request. This operation supports partial success - some role assignments may succeed while others fail. The response includes details about successful assignments and any errors encountered. All roles must be valid according to your resource definitions.*/\n  create(\n    body: Schema.RoleBulkCreateBody,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.RoleBulkResult> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/users/roles/bulk`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";AAGO,IAAM,mBAAN,MAAuB;AAAA,EAC5B,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,OACE,MACA,MACgC;AAChC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/entitlements.cjs

@@ -0,0 +1,71 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/services/entitlements.ts
+var entitlements_exports = {};
+__export(entitlements_exports, {
+  EntitlementsService: () => EntitlementsService
+});
+module.exports = __toCommonJS(entitlements_exports);
+var EntitlementsService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/entitlements/check*
+   * @summary Check if a user has a specific entitlement on a resource*
+   * @description Checks whether a user has permission to perform a specific action (entitlement) on a resource. This endpoint evaluates role-based access, plan gating, and usage limits. The response includes detailed information about why access was granted or denied, including which roles were checked, plan requirements, and usage limit status.*/
+  checkEntitlement(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/entitlements/check`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/entitlements/list-for-resource/{resourceType}/{resourceId}*
+   * @summary List entitlements for a specific resource*
+   * @description Returns entitlements for a specific resource and user. Only evaluates roles and plans (excludes limits). Provides detailed information about why entitlements are allowed or denied, including current roles, allowed roles, current plan, and allowed plans. Results are cached per resource for performance.*/
+  listForResource(resourceType, resourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/entitlements/list-for-resource/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      query,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/entitlements/list-for-tenant/{tenantResourceId}*
+   * @summary List entitlements for a tenant and all its sub-resources*
+   * @description Returns entitlements for a tenant resource and all its descendant resources. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).*/
+  listForTenant(tenantResourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,
+      query,
+      ...init ?? {}
+    });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  EntitlementsService
+});
+//# sourceMappingURL=entitlements.cjs.map

package/dist/services/entitlements.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/entitlements.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\nimport type { ResourceType } from '@blimu/types';\n\nexport class EntitlementsService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * POST /v1/entitlements/check*\n   * @summary Check if a user has a specific entitlement on a resource*\n   * @description Checks whether a user has permission to perform a specific action (entitlement) on a resource. This endpoint evaluates role-based access, plan gating, and usage limits. The response includes detailed information about why access was granted or denied, including which roles were checked, plan requirements, and usage limit status.*/\n  checkEntitlement(\n    body: Schema.EntitlementCheckBody,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.EntitlementCheckResult> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/entitlements/check`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/entitlements/list-for-resource/{resourceType}/{resourceId}*\n   * @summary List entitlements for a specific resource*\n   * @description Returns entitlements for a specific resource and user. Only evaluates roles and plans (excludes limits). Provides detailed information about why entitlements are allowed or denied, including current roles, allowed roles, current plan, and allowed plans. Results are cached per resource for performance.*/\n  listForResource(\n    resourceType: ResourceType,\n    resourceId: string,\n    query?: Schema.EntitlementsListForResourceQuery,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.EntitlementsListResult> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/entitlements/list-for-resource/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,\n      query,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/entitlements/list-for-tenant/{tenantResourceId}*\n   * @summary List entitlements for a tenant and all its sub-resources*\n   * @description Returns entitlements for a tenant resource and all its descendant resources. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).*/\n  listForTenant(\n    tenantResourceId: string,\n    query?: Schema.EntitlementsListForTenantQuery,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.EntitlementsListResult> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,\n      query,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAIO,IAAM,sBAAN,MAA0B;AAAA,EAC/B,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,iBACE,MACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBACE,cACA,YACA,OACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,sCAAsC,mBAAmB,YAAY,CAAC,IAAI,mBAAmB,UAAU,CAAC;AAAA,MAC9G;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,cACE,kBACA,OACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,oCAAoC,mBAAmB,gBAAgB,CAAC;AAAA,MAC9E;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/entitlements.d.mts

@@ -0,0 +1,13 @@
+import { FetchClient } from '@blimu/fetch';
+import { E as EntitlementCheckBody, d as EntitlementCheckResult, e as EntitlementsListForResourceQuery, f as EntitlementsListResult, g as EntitlementsListForTenantQuery } from '../schema-CdEZKE7E.mjs';
+import { ResourceType } from '@blimu/types';
+
+declare class EntitlementsService {
+    private core;
+    constructor(core: FetchClient);
+    checkEntitlement(body: EntitlementCheckBody, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementCheckResult>;
+    listForResource(resourceType: ResourceType, resourceId: string, query?: EntitlementsListForResourceQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementsListResult>;
+    listForTenant(tenantResourceId: string, query?: EntitlementsListForTenantQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementsListResult>;
+}
+
+export { EntitlementsService };

package/dist/services/entitlements.d.ts

@@ -0,0 +1,13 @@
+import { FetchClient } from '@blimu/fetch';
+import { E as EntitlementCheckBody, d as EntitlementCheckResult, e as EntitlementsListForResourceQuery, f as EntitlementsListResult, g as EntitlementsListForTenantQuery } from '../schema-CdEZKE7E.js';
+import { ResourceType } from '@blimu/types';
+
+declare class EntitlementsService {
+    private core;
+    constructor(core: FetchClient);
+    checkEntitlement(body: EntitlementCheckBody, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementCheckResult>;
+    listForResource(resourceType: ResourceType, resourceId: string, query?: EntitlementsListForResourceQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementsListResult>;
+    listForTenant(tenantResourceId: string, query?: EntitlementsListForTenantQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementsListResult>;
+}
+
+export { EntitlementsService };

package/dist/services/entitlements.mjs

@@ -0,0 +1,46 @@
+// src/services/entitlements.ts
+var EntitlementsService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/entitlements/check*
+   * @summary Check if a user has a specific entitlement on a resource*
+   * @description Checks whether a user has permission to perform a specific action (entitlement) on a resource. This endpoint evaluates role-based access, plan gating, and usage limits. The response includes detailed information about why access was granted or denied, including which roles were checked, plan requirements, and usage limit status.*/
+  checkEntitlement(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/entitlements/check`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/entitlements/list-for-resource/{resourceType}/{resourceId}*
+   * @summary List entitlements for a specific resource*
+   * @description Returns entitlements for a specific resource and user. Only evaluates roles and plans (excludes limits). Provides detailed information about why entitlements are allowed or denied, including current roles, allowed roles, current plan, and allowed plans. Results are cached per resource for performance.*/
+  listForResource(resourceType, resourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/entitlements/list-for-resource/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      query,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/entitlements/list-for-tenant/{tenantResourceId}*
+   * @summary List entitlements for a tenant and all its sub-resources*
+   * @description Returns entitlements for a tenant resource and all its descendant resources. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).*/
+  listForTenant(tenantResourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,
+      query,
+      ...init ?? {}
+    });
+  }
+};
+export {
+  EntitlementsService
+};
+//# sourceMappingURL=entitlements.mjs.map

package/dist/services/entitlements.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/entitlements.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\nimport type { ResourceType } from '@blimu/types';\n\nexport class EntitlementsService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * POST /v1/entitlements/check*\n   * @summary Check if a user has a specific entitlement on a resource*\n   * @description Checks whether a user has permission to perform a specific action (entitlement) on a resource. This endpoint evaluates role-based access, plan gating, and usage limits. The response includes detailed information about why access was granted or denied, including which roles were checked, plan requirements, and usage limit status.*/\n  checkEntitlement(\n    body: Schema.EntitlementCheckBody,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.EntitlementCheckResult> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/entitlements/check`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/entitlements/list-for-resource/{resourceType}/{resourceId}*\n   * @summary List entitlements for a specific resource*\n   * @description Returns entitlements for a specific resource and user. Only evaluates roles and plans (excludes limits). Provides detailed information about why entitlements are allowed or denied, including current roles, allowed roles, current plan, and allowed plans. Results are cached per resource for performance.*/\n  listForResource(\n    resourceType: ResourceType,\n    resourceId: string,\n    query?: Schema.EntitlementsListForResourceQuery,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.EntitlementsListResult> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/entitlements/list-for-resource/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,\n      query,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/entitlements/list-for-tenant/{tenantResourceId}*\n   * @summary List entitlements for a tenant and all its sub-resources*\n   * @description Returns entitlements for a tenant resource and all its descendant resources. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).*/\n  listForTenant(\n    tenantResourceId: string,\n    query?: Schema.EntitlementsListForTenantQuery,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.EntitlementsListResult> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,\n      query,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";AAIO,IAAM,sBAAN,MAA0B;AAAA,EAC/B,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,iBACE,MACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBACE,cACA,YACA,OACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,sCAAsC,mBAAmB,YAAY,CAAC,IAAI,mBAAmB,UAAU,CAAC;AAAA,MAC9G;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,cACE,kBACA,OACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,oCAAoC,mBAAmB,gBAAgB,CAAC;AAAA,MAC9E;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/oauth.cjs

@@ -0,0 +1,142 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/services/oauth.ts
+var oauth_exports = {};
+__export(oauth_exports, {
+  OauthService: () => OauthService
+});
+module.exports = __toCommonJS(oauth_exports);
+var OauthService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/oauth/authorize*
+   * @summary Check consent requirement*
+   * @description Checks if user consent is required for the OAuth2 app and requested scopes.*/
+  checkConsentRequired(query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/oauth/authorize`,
+      query,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/authorize*
+   * @summary Authorize OAuth2 application*
+   * @description Handles user consent approval/denial. Validates auto_approved flag against consent requirements.*/
+  authorize(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/authorize`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/device/authorize*
+   * @summary Authorize or deny device code*
+   * @description Allows an authenticated user to authorize or deny a device code request. Requires valid user session.*/
+  authorizeDeviceCode(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/device/authorize`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/device/code*
+   * @summary Request device authorization codes*
+   * @description Initiates device authorization flow. Returns device_code (for polling) and user_code (for user entry).*/
+  requestDeviceCode(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/device/code`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * GET /v1/oauth/device/code/{user_code}*
+   * @summary Get device code information*
+   * @description Returns device code information including app name, scopes, and consent requirement status.*/
+  getDeviceCodeInfo(user_code, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/oauth/device/code/${encodeURIComponent(user_code)}`,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/device/token*
+   * @summary Poll for device authorization tokens*
+   * @description Client polls this endpoint to exchange device_code for tokens once user has authorized.*/
+  exchangeDeviceCode(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/device/token`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/introspect*
+   * @summary Introspect token*
+   * @description Validates a token and returns metadata. Requires client authentication.*/
+  introspect(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/introspect`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/revoke*
+   * @summary Revoke token*
+   * @description Revokes an access or refresh token. Requires client authentication.*/
+  revoke(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/revoke`,
+      body,
+      ...init ?? {}
+    });
+  }
+  /**
+   * POST /v1/oauth/token*
+   * @summary Token endpoint*
+   * @description Issues access and refresh tokens. Supports authorization_code and refresh_token (always available per OAuth2 spec).*/
+  token(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/oauth/token`,
+      body,
+      ...init ?? {}
+    });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  OauthService
+});
+//# sourceMappingURL=oauth.cjs.map

package/dist/services/oauth.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/services/oauth.ts"],"sourcesContent":["import type { FetchClient } from '@blimu/fetch';\nimport type * as Schema from '../schema';\n\nexport class OauthService {\n  constructor(private core: FetchClient) {}\n\n  /**\n   * GET /v1/oauth/authorize*\n   * @summary Check consent requirement*\n   * @description Checks if user consent is required for the OAuth2 app and requested scopes.*/\n  checkConsentRequired(\n    query?: Schema.OauthCheckConsentRequiredQuery,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.ConsentCheckResponse> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/oauth/authorize`,\n      query,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/authorize*\n   * @summary Authorize OAuth2 application*\n   * @description Handles user consent approval/denial. Validates auto_approved flag against consent requirements.*/\n  authorize(\n    body: Schema.AuthorizeRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<unknown> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/authorize`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/device/authorize*\n   * @summary Authorize or deny device code*\n   * @description Allows an authenticated user to authorize or deny a device code request. Requires valid user session.*/\n  authorizeDeviceCode(\n    body: Schema.DeviceAuthorizeRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.DeviceAuthorizeResponse> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/device/authorize`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/device/code*\n   * @summary Request device authorization codes*\n   * @description Initiates device authorization flow. Returns device_code (for polling) and user_code (for user entry).*/\n  requestDeviceCode(\n    body: Schema.DeviceCodeRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.DeviceCodeResponse> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/device/code`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * GET /v1/oauth/device/code/{user_code}*\n   * @summary Get device code information*\n   * @description Returns device code information including app name, scopes, and consent requirement status.*/\n  getDeviceCodeInfo(\n    user_code: string,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.DeviceCodeInfoResponse> {\n    return this.core.request({\n      method: 'GET',\n      path: `/v1/oauth/device/code/${encodeURIComponent(user_code)}`,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/device/token*\n   * @summary Poll for device authorization tokens*\n   * @description Client polls this endpoint to exchange device_code for tokens once user has authorized.*/\n  exchangeDeviceCode(\n    body: Schema.DeviceTokenRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.TokenResponse> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/device/token`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/introspect*\n   * @summary Introspect token*\n   * @description Validates a token and returns metadata. Requires client authentication.*/\n  introspect(\n    body: Schema.IntrospectionRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.IntrospectionResponse> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/introspect`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/revoke*\n   * @summary Revoke token*\n   * @description Revokes an access or refresh token. Requires client authentication.*/\n  revoke(\n    body: Schema.RevocationRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<unknown> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/revoke`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n\n  /**\n   * POST /v1/oauth/token*\n   * @summary Token endpoint*\n   * @description Issues access and refresh tokens. Supports authorization_code and refresh_token (always available per OAuth2 spec).*/\n  token(\n    body: Schema.TokenRequest,\n    init?: Omit<RequestInit, 'method' | 'body'>\n  ): Promise<Schema.TokenResponse> {\n    return this.core.request({\n      method: 'POST',\n      path: `/v1/oauth/token`,\n      body,\n      ...(init ?? {}),\n    });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGO,IAAM,eAAN,MAAmB;AAAA,EACxB,YAAoB,MAAmB;AAAnB;AAAA,EAAoB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxC,qBACE,OACA,MACsC;AACtC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,UACE,MACA,MACkB;AAClB,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,oBACE,MACA,MACyC;AACzC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBACE,MACA,MACoC;AACpC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBACE,WACA,MACwC;AACxC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM,yBAAyB,mBAAmB,SAAS,CAAC;AAAA,MAC5D,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,mBACE,MACA,MAC+B;AAC/B,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,WACE,MACA,MACuC;AACvC,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OACE,MACA,MACkB;AAClB,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MACE,MACA,MAC+B;AAC/B,WAAO,KAAK,KAAK,QAAQ;AAAA,MACvB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN;AAAA,MACA,GAAI,QAAQ,CAAC;AAAA,IACf,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/services/oauth.d.mts

@@ -0,0 +1,19 @@
+import { FetchClient } from '@blimu/fetch';
+import { O as OauthCheckConsentRequiredQuery, C as ConsentCheckResponse, h as AuthorizeRequest, D as DeviceAuthorizeRequest, i as DeviceAuthorizeResponse, j as DeviceCodeRequest, k as DeviceCodeResponse, l as DeviceCodeInfoResponse, m as DeviceTokenRequest, T as TokenResponse, I as IntrospectionRequest, n as IntrospectionResponse, o as RevocationRequest, p as TokenRequest } from '../schema-CdEZKE7E.mjs';
+import '@blimu/types';
+
+declare class OauthService {
+    private core;
+    constructor(core: FetchClient);
+    checkConsentRequired(query?: OauthCheckConsentRequiredQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<ConsentCheckResponse>;
+    authorize(body: AuthorizeRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown>;
+    authorizeDeviceCode(body: DeviceAuthorizeRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<DeviceAuthorizeResponse>;
+    requestDeviceCode(body: DeviceCodeRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<DeviceCodeResponse>;
+    getDeviceCodeInfo(user_code: string, init?: Omit<RequestInit, 'method' | 'body'>): Promise<DeviceCodeInfoResponse>;
+    exchangeDeviceCode(body: DeviceTokenRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<TokenResponse>;
+    introspect(body: IntrospectionRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<IntrospectionResponse>;
+    revoke(body: RevocationRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown>;
+    token(body: TokenRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<TokenResponse>;
+}
+
+export { OauthService };

package/dist/services/oauth.d.ts

@@ -0,0 +1,19 @@
+import { FetchClient } from '@blimu/fetch';
+import { O as OauthCheckConsentRequiredQuery, C as ConsentCheckResponse, h as AuthorizeRequest, D as DeviceAuthorizeRequest, i as DeviceAuthorizeResponse, j as DeviceCodeRequest, k as DeviceCodeResponse, l as DeviceCodeInfoResponse, m as DeviceTokenRequest, T as TokenResponse, I as IntrospectionRequest, n as IntrospectionResponse, o as RevocationRequest, p as TokenRequest } from '../schema-CdEZKE7E.js';
+import '@blimu/types';
+
+declare class OauthService {
+    private core;
+    constructor(core: FetchClient);
+    checkConsentRequired(query?: OauthCheckConsentRequiredQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<ConsentCheckResponse>;
+    authorize(body: AuthorizeRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown>;
+    authorizeDeviceCode(body: DeviceAuthorizeRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<DeviceAuthorizeResponse>;
+    requestDeviceCode(body: DeviceCodeRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<DeviceCodeResponse>;
+    getDeviceCodeInfo(user_code: string, init?: Omit<RequestInit, 'method' | 'body'>): Promise<DeviceCodeInfoResponse>;
+    exchangeDeviceCode(body: DeviceTokenRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<TokenResponse>;
+    introspect(body: IntrospectionRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<IntrospectionResponse>;
+    revoke(body: RevocationRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown>;
+    token(body: TokenRequest, init?: Omit<RequestInit, 'method' | 'body'>): Promise<TokenResponse>;
+}
+
+export { OauthService };