@blimu/client 0.5.0 → 0.6.1

package/README.md

@@ -101,6 +101,10 @@ import { PaymentService, Schema } from '@blimu/client';
 - **refresh**: POST /v1/auth/refresh - Refresh session token
 - **getSession**: GET /v1/auth/session - Get current session
 
+### EntitlementsService
+
+- **listForTenant**: GET /v1/client/entitlements/list-for-tenant/{tenantResourceId} - List entitlements for a tenant and all its sub-resources
+
 ## TypeScript Support
 
 This SDK is written in TypeScript and provides full type safety:
@@ -116,7 +120,7 @@ const client = new BlimuClient({
 const result: unknown = await client.auth.logout(/* ... */);
 
 // Schema types are available
-const data: Schema.RefreshResponse = {
+const data: Schema.EntitlementType = {
   // Fully typed object
 };
 ```
@@ -143,7 +147,10 @@ const client = new BlimuClient({
 
 The SDK includes the following TypeScript interfaces:
 
+- **EntitlementType**: Entitlement identifier
+- **EntitlementsListResult**
 - **RefreshResponse**
+- **ResourceType**: Resource type identifier
 - **SessionResponse**
 
 All types are available under the `Schema` namespace:

package/dist/{chunk-GA44NLBR.mjs → chunk-ATZGLDGF.mjs}

@@ -23,6 +23,7 @@ var CoreClient = class {
     this.cfg.accessToken = token;
   }
   async request(init) {
+    var _a, _b, _c;
     let normalizedPath = init.path || "";
     if (normalizedPath.length > 1 && normalizedPath.endsWith("/")) {
       normalizedPath = normalizedPath.slice(0, -1);
@@ -54,14 +55,27 @@ var CoreClient = class {
         ...init,
         headers: requestHeaders
       };
+      if (this.cfg.credentials !== void 0) {
+        fetchInit.credentials = this.cfg.credentials;
+      }
       if (this.cfg.onRequest)
         await this.cfg.onRequest({ url: url.toString(), init: fetchInit, attempt });
       let controller;
       let timeoutId;
+      const existingSignal = fetchInit.signal;
       if (this.cfg.timeoutMs && typeof AbortController !== "undefined") {
         controller = new AbortController();
+        if (existingSignal) {
+          if (existingSignal.aborted) {
+            controller.abort();
+          } else {
+            existingSignal.addEventListener("abort", () => {
+              controller == null ? void 0 : controller.abort();
+            });
+          }
+        }
         fetchInit.signal = controller.signal;
-        timeoutId = setTimeout(() => controller?.abort(), this.cfg.timeoutMs);
+        timeoutId = setTimeout(() => controller == null ? void 0 : controller.abort(), this.cfg.timeoutMs);
       }
       try {
         const res = await (this.cfg.fetch || fetch)(url.toString(), fetchInit);
@@ -82,7 +96,12 @@ var CoreClient = class {
           parsed = await res.arrayBuffer();
         }
         if (!res.ok) {
-          throw new FetchError(`HTTP ${res.status}`, res.status, parsed, res.headers);
+          throw new FetchError(
+            (parsed == null ? void 0 : parsed.message) || `HTTP ${res.status}`,
+            res.status,
+            parsed,
+            res.headers
+          );
         }
         return parsed;
       } catch (err) {
@@ -92,15 +111,15 @@ var CoreClient = class {
         if (timeoutId) clearTimeout(timeoutId);
       }
     };
-    const retries = this.cfg.retry?.retries ?? 0;
-    const baseBackoff = this.cfg.retry?.backoffMs ?? 300;
-    const retryOn = this.cfg.retry?.retryOn ?? [429, 500, 502, 503, 504];
+    const retries = ((_a = this.cfg.retry) == null ? void 0 : _a.retries) ?? 0;
+    const baseBackoff = ((_b = this.cfg.retry) == null ? void 0 : _b.backoffMs) ?? 300;
+    const retryOn = ((_c = this.cfg.retry) == null ? void 0 : _c.retryOn) ?? [429, 500, 502, 503, 504];
     let lastError;
     for (let attempt = 0; attempt <= retries; attempt++) {
       try {
         return await doFetch(attempt);
       } catch (err) {
-        const status = err?.status;
+        const status = err == null ? void 0 : err.status;
         const shouldRetry = status ? retryOn.includes(status) : true;
         if (attempt < retries && shouldRetry) {
           const delay = baseBackoff * Math.pow(2, attempt);
@@ -108,8 +127,10 @@ var CoreClient = class {
           lastError = err;
           continue;
         }
+        if (err instanceof DOMException) throw err;
         if (err instanceof FetchError) throw err;
-        throw new FetchError(err?.message || "Network error", status ?? 0);
+        if (typeof err === "string") throw new FetchError(err, status ?? 0);
+        throw new FetchError((err == null ? void 0 : err.message) || "Network error", status ?? 0);
       }
     }
     throw lastError;

package/dist/chunk-ENXZU3RF.mjs

@@ -0,0 +1,30 @@
+// src/services/entitlements.ts
+var EntitlementsService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/client/entitlements/list-for-tenant/{tenantResourceId}
+   * @summary List entitlements for a tenant and all its sub-resources
+   *
+   * @description Returns entitlements for a tenant resource and all its descendant resources for the authenticated user. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).
+   */
+  listForTenant(tenantResourceId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/client/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * @summary Get query keys for listForTenant
+   * @returns ['v1/client/entitlements/list-for-tenant', tenantResourceId]
+   */
+  listForTenant__queryKeys(tenantResourceId) {
+    return ["v1/client/entitlements/list-for-tenant", tenantResourceId];
+  }
+};
+
+export {
+  EntitlementsService
+};

package/dist/{chunk-UTMQXMDQ.mjs → chunk-YGEJFE6U.mjs}

@@ -14,17 +14,32 @@ var AuthService = class {
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for logout
+   * @returns ['v1/auth/logout']
+   */
+  logout__queryKeys() {
+    return ["v1/auth/logout"];
+  }
   /**
    * POST /v1/auth/refresh
    * @summary Refresh session token
    */
-  refresh(init) {
+  refresh(query, init) {
     return this.core.request({
       method: "POST",
       path: `/v1/auth/refresh`,
+      query,
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for refresh
+   * @returns ['v1/auth/refresh', query]
+   */
+  refresh__queryKeys(query) {
+    return ["v1/auth/refresh", query];
+  }
   /**
    * GET /v1/auth/session
    * @summary Get current session
@@ -36,6 +51,13 @@ var AuthService = class {
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for getSession
+   * @returns ['v1/auth/session']
+   */
+  getSession__queryKeys() {
+    return ["v1/auth/session"];
+  }
 };
 
 export {

package/dist/client.d.mts

@@ -46,6 +46,7 @@ type ClientOption = {
     headerName?: string;
     bearer?: string;
     fetch?: typeof fetch;
+    credentials?: RequestCredentials;
 };
 declare class FetchError<T = unknown> extends Error {
     readonly status: number;

package/dist/client.d.ts

@@ -46,6 +46,7 @@ type ClientOption = {
     headerName?: string;
     bearer?: string;
     fetch?: typeof fetch;
+    credentials?: RequestCredentials;
 };
 declare class FetchError<T = unknown> extends Error {
     readonly status: number;

package/dist/client.js

@@ -1,3 +1,4 @@
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -47,6 +48,7 @@ var CoreClient = class {
     this.cfg.accessToken = token;
   }
   async request(init) {
+    var _a, _b, _c;
     let normalizedPath = init.path || "";
     if (normalizedPath.length > 1 && normalizedPath.endsWith("/")) {
       normalizedPath = normalizedPath.slice(0, -1);
@@ -78,14 +80,27 @@ var CoreClient = class {
         ...init,
         headers: requestHeaders
       };
+      if (this.cfg.credentials !== void 0) {
+        fetchInit.credentials = this.cfg.credentials;
+      }
       if (this.cfg.onRequest)
         await this.cfg.onRequest({ url: url.toString(), init: fetchInit, attempt });
       let controller;
       let timeoutId;
+      const existingSignal = fetchInit.signal;
       if (this.cfg.timeoutMs && typeof AbortController !== "undefined") {
         controller = new AbortController();
+        if (existingSignal) {
+          if (existingSignal.aborted) {
+            controller.abort();
+          } else {
+            existingSignal.addEventListener("abort", () => {
+              controller == null ? void 0 : controller.abort();
+            });
+          }
+        }
         fetchInit.signal = controller.signal;
-        timeoutId = setTimeout(() => controller?.abort(), this.cfg.timeoutMs);
+        timeoutId = setTimeout(() => controller == null ? void 0 : controller.abort(), this.cfg.timeoutMs);
       }
       try {
         const res = await (this.cfg.fetch || fetch)(url.toString(), fetchInit);
@@ -106,7 +121,12 @@ var CoreClient = class {
           parsed = await res.arrayBuffer();
         }
         if (!res.ok) {
-          throw new FetchError(`HTTP ${res.status}`, res.status, parsed, res.headers);
+          throw new FetchError(
+            (parsed == null ? void 0 : parsed.message) || `HTTP ${res.status}`,
+            res.status,
+            parsed,
+            res.headers
+          );
         }
         return parsed;
       } catch (err) {
@@ -116,15 +136,15 @@ var CoreClient = class {
         if (timeoutId) clearTimeout(timeoutId);
       }
     };
-    const retries = this.cfg.retry?.retries ?? 0;
-    const baseBackoff = this.cfg.retry?.backoffMs ?? 300;
-    const retryOn = this.cfg.retry?.retryOn ?? [429, 500, 502, 503, 504];
+    const retries = ((_a = this.cfg.retry) == null ? void 0 : _a.retries) ?? 0;
+    const baseBackoff = ((_b = this.cfg.retry) == null ? void 0 : _b.backoffMs) ?? 300;
+    const retryOn = ((_c = this.cfg.retry) == null ? void 0 : _c.retryOn) ?? [429, 500, 502, 503, 504];
     let lastError;
     for (let attempt = 0; attempt <= retries; attempt++) {
       try {
         return await doFetch(attempt);
       } catch (err) {
-        const status = err?.status;
+        const status = err == null ? void 0 : err.status;
         const shouldRetry = status ? retryOn.includes(status) : true;
         if (attempt < retries && shouldRetry) {
           const delay = baseBackoff * Math.pow(2, attempt);
@@ -132,8 +152,10 @@ var CoreClient = class {
           lastError = err;
           continue;
         }
+        if (err instanceof DOMException) throw err;
         if (err instanceof FetchError) throw err;
-        throw new FetchError(err?.message || "Network error", status ?? 0);
+        if (typeof err === "string") throw new FetchError(err, status ?? 0);
+        throw new FetchError((err == null ? void 0 : err.message) || "Network error", status ?? 0);
       }
     }
     throw lastError;

package/dist/client.mjs

@@ -1,7 +1,7 @@
 import {
   CoreClient,
   FetchError
-} from "./chunk-GA44NLBR.mjs";
+} from "./chunk-ATZGLDGF.mjs";
 export {
   CoreClient,
   FetchError

package/dist/index.d.mts

@@ -1,13 +1,15 @@
 import { ClientOption, FetchError } from './client.mjs';
 import { AuthService } from './services/auth.mjs';
+import { EntitlementsService } from './services/entitlements.mjs';
 export { PaginableQuery, listAll, paginate } from './utils.mjs';
-export { s as Schema } from './schema-C3_USjmu.mjs';
+export { s as Schema } from './schema-jwKwV_Bm.mjs';
 
 declare class Blimu {
     readonly auth: AuthService;
+    readonly entitlements: EntitlementsService;
     constructor(options?: ClientOption);
 }
 
 declare const BlimuError: typeof FetchError;
 
-export { AuthService, Blimu, BlimuError, ClientOption, FetchError };
+export { AuthService, Blimu, BlimuError, ClientOption, EntitlementsService, FetchError };

package/dist/index.d.ts

@@ -1,13 +1,15 @@
 import { ClientOption, FetchError } from './client.js';
 import { AuthService } from './services/auth.js';
+import { EntitlementsService } from './services/entitlements.js';
 export { PaginableQuery, listAll, paginate } from './utils.js';
-export { s as Schema } from './schema-C3_USjmu.js';
+export { s as Schema } from './schema-jwKwV_Bm.js';
 
 declare class Blimu {
     readonly auth: AuthService;
+    readonly entitlements: EntitlementsService;
     constructor(options?: ClientOption);
 }
 
 declare const BlimuError: typeof FetchError;
 
-export { AuthService, Blimu, BlimuError, ClientOption, FetchError };
+export { AuthService, Blimu, BlimuError, ClientOption, EntitlementsService, FetchError };

package/dist/index.js

@@ -1,3 +1,4 @@
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -22,6 +23,7 @@ __export(index_exports, {
   AuthService: () => AuthService,
   Blimu: () => Blimu,
   BlimuError: () => BlimuError,
+  EntitlementsService: () => EntitlementsService,
   FetchError: () => FetchError,
   Schema: () => schema_exports,
   listAll: () => listAll,
@@ -54,6 +56,7 @@ var CoreClient = class {
     this.cfg.accessToken = token;
   }
   async request(init) {
+    var _a, _b, _c;
     let normalizedPath = init.path || "";
     if (normalizedPath.length > 1 && normalizedPath.endsWith("/")) {
       normalizedPath = normalizedPath.slice(0, -1);
@@ -85,14 +88,27 @@ var CoreClient = class {
         ...init,
         headers: requestHeaders
       };
+      if (this.cfg.credentials !== void 0) {
+        fetchInit.credentials = this.cfg.credentials;
+      }
       if (this.cfg.onRequest)
         await this.cfg.onRequest({ url: url.toString(), init: fetchInit, attempt });
       let controller;
       let timeoutId;
+      const existingSignal = fetchInit.signal;
       if (this.cfg.timeoutMs && typeof AbortController !== "undefined") {
         controller = new AbortController();
+        if (existingSignal) {
+          if (existingSignal.aborted) {
+            controller.abort();
+          } else {
+            existingSignal.addEventListener("abort", () => {
+              controller == null ? void 0 : controller.abort();
+            });
+          }
+        }
         fetchInit.signal = controller.signal;
-        timeoutId = setTimeout(() => controller?.abort(), this.cfg.timeoutMs);
+        timeoutId = setTimeout(() => controller == null ? void 0 : controller.abort(), this.cfg.timeoutMs);
       }
       try {
         const res = await (this.cfg.fetch || fetch)(url.toString(), fetchInit);
@@ -113,7 +129,12 @@ var CoreClient = class {
           parsed = await res.arrayBuffer();
         }
         if (!res.ok) {
-          throw new FetchError(`HTTP ${res.status}`, res.status, parsed, res.headers);
+          throw new FetchError(
+            (parsed == null ? void 0 : parsed.message) || `HTTP ${res.status}`,
+            res.status,
+            parsed,
+            res.headers
+          );
         }
         return parsed;
       } catch (err) {
@@ -123,15 +144,15 @@ var CoreClient = class {
         if (timeoutId) clearTimeout(timeoutId);
       }
     };
-    const retries = this.cfg.retry?.retries ?? 0;
-    const baseBackoff = this.cfg.retry?.backoffMs ?? 300;
-    const retryOn = this.cfg.retry?.retryOn ?? [429, 500, 502, 503, 504];
+    const retries = ((_a = this.cfg.retry) == null ? void 0 : _a.retries) ?? 0;
+    const baseBackoff = ((_b = this.cfg.retry) == null ? void 0 : _b.backoffMs) ?? 300;
+    const retryOn = ((_c = this.cfg.retry) == null ? void 0 : _c.retryOn) ?? [429, 500, 502, 503, 504];
     let lastError;
     for (let attempt = 0; attempt <= retries; attempt++) {
       try {
         return await doFetch(attempt);
       } catch (err) {
-        const status = err?.status;
+        const status = err == null ? void 0 : err.status;
         const shouldRetry = status ? retryOn.includes(status) : true;
         if (attempt < retries && shouldRetry) {
           const delay = baseBackoff * Math.pow(2, attempt);
@@ -139,14 +160,19 @@ var CoreClient = class {
           lastError = err;
           continue;
         }
+        if (err instanceof DOMException) throw err;
         if (err instanceof FetchError) throw err;
-        throw new FetchError(err?.message || "Network error", status ?? 0);
+        if (typeof err === "string") throw new FetchError(err, status ?? 0);
+        throw new FetchError((err == null ? void 0 : err.message) || "Network error", status ?? 0);
       }
     }
     throw lastError;
   }
 };
 
+// src/schema.ts
+var schema_exports = {};
+
 // src/services/auth.ts
 var AuthService = class {
   constructor(core) {
@@ -163,17 +189,32 @@ var AuthService = class {
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for logout
+   * @returns ['v1/auth/logout']
+   */
+  logout__queryKeys() {
+    return ["v1/auth/logout"];
+  }
   /**
    * POST /v1/auth/refresh
    * @summary Refresh session token
    */
-  refresh(init) {
+  refresh(query, init) {
     return this.core.request({
       method: "POST",
       path: `/v1/auth/refresh`,
+      query,
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for refresh
+   * @returns ['v1/auth/refresh', query]
+   */
+  refresh__queryKeys(query) {
+    return ["v1/auth/refresh", query];
+  }
   /**
    * GET /v1/auth/session
    * @summary Get current session
@@ -185,6 +226,40 @@ var AuthService = class {
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for getSession
+   * @returns ['v1/auth/session']
+   */
+  getSession__queryKeys() {
+    return ["v1/auth/session"];
+  }
+};
+
+// src/services/entitlements.ts
+var EntitlementsService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/client/entitlements/list-for-tenant/{tenantResourceId}
+   * @summary List entitlements for a tenant and all its sub-resources
+   *
+   * @description Returns entitlements for a tenant resource and all its descendant resources for the authenticated user. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).
+   */
+  listForTenant(tenantResourceId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/client/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * @summary Get query keys for listForTenant
+   * @returns ['v1/client/entitlements/list-for-tenant', tenantResourceId]
+   */
+  listForTenant__queryKeys(tenantResourceId) {
+    return ["v1/client/entitlements/list-for-tenant", tenantResourceId];
+  }
 };
 
 // src/utils.ts
@@ -208,14 +283,14 @@ async function listAll(fetchPage, query = {}, pageSize = 100) {
   return out;
 }
 
-// src/schema.ts
-var schema_exports = {};
-
 // src/index.ts
 var Blimu = class {
+  auth;
+  entitlements;
   constructor(options) {
     const core = new CoreClient(options);
     this.auth = new AuthService(core);
+    this.entitlements = new EntitlementsService(core);
   }
 };
 var BlimuError = FetchError;
@@ -224,6 +299,7 @@ var BlimuError = FetchError;
   AuthService,
   Blimu,
   BlimuError,
+  EntitlementsService,
   FetchError,
   Schema,
   listAll,

package/dist/index.mjs

@@ -1,23 +1,29 @@
-import {
-  CoreClient,
-  FetchError
-} from "./chunk-GA44NLBR.mjs";
-import {
-  schema_exports
-} from "./chunk-7SBLH5KM.mjs";
 import {
   listAll,
   paginate
 } from "./chunk-LZ27JJ4R.mjs";
 import {
   AuthService
-} from "./chunk-UTMQXMDQ.mjs";
+} from "./chunk-YGEJFE6U.mjs";
+import {
+  EntitlementsService
+} from "./chunk-ENXZU3RF.mjs";
+import {
+  CoreClient,
+  FetchError
+} from "./chunk-ATZGLDGF.mjs";
+import {
+  schema_exports
+} from "./chunk-7SBLH5KM.mjs";
 
 // src/index.ts
 var Blimu = class {
+  auth;
+  entitlements;
   constructor(options) {
     const core = new CoreClient(options);
     this.auth = new AuthService(core);
+    this.entitlements = new EntitlementsService(core);
   }
 };
 var BlimuError = FetchError;
@@ -25,6 +31,7 @@ export {
   AuthService,
   Blimu,
   BlimuError,
+  EntitlementsService,
   FetchError,
   schema_exports as Schema,
   listAll,

package/dist/schema-jwKwV_Bm.d.mts

@@ -0,0 +1,57 @@
+type Enum<T> = T[keyof T];
+/**
+ * Entitlement identifier
+ */
+type EntitlementType = string;
+interface EntitlementsListResult {
+    results: Array<{
+        entitlements: Array<{
+            allowed: boolean;
+            allowedByPlan: boolean;
+            allowedByRole: boolean;
+            allowedPlans?: Array<string>;
+            allowedRoles: Array<string>;
+            currentPlan?: string;
+            currentRole?: string;
+            entitlement: EntitlementType;
+        }>;
+        resourceId: string;
+        resourceType: ResourceType;
+    }>;
+}
+interface RefreshResponse {
+    sessionToken: string;
+}
+/**
+ * Resource type identifier
+ */
+type ResourceType = string;
+interface SessionResponse {
+    isAuthenticated: boolean;
+    user: {
+        email: string;
+        emailVerified: boolean;
+        firstName: string | null;
+        id: string;
+        lastName: string | null;
+    } | null;
+}
+/**
+ * Query params for Auth.Refresh
+ */
+interface AuthRefreshQuery {
+    __lh_jwt?: string;
+}
+
+type schema_AuthRefreshQuery = AuthRefreshQuery;
+type schema_EntitlementType = EntitlementType;
+type schema_EntitlementsListResult = EntitlementsListResult;
+type schema_Enum<T> = Enum<T>;
+type schema_RefreshResponse = RefreshResponse;
+type schema_ResourceType = ResourceType;
+type schema_SessionResponse = SessionResponse;
+declare namespace schema {
+  export type { schema_AuthRefreshQuery as AuthRefreshQuery, schema_EntitlementType as EntitlementType, schema_EntitlementsListResult as EntitlementsListResult, schema_Enum as Enum, schema_RefreshResponse as RefreshResponse, schema_ResourceType as ResourceType, schema_SessionResponse as SessionResponse };
+}
+
+export { type AuthRefreshQuery as A, type EntitlementsListResult as E, type RefreshResponse as R, type SessionResponse as S, type Enum as a, type EntitlementType as b, type ResourceType as c, schema as s };

package/dist/schema-jwKwV_Bm.d.ts

@@ -0,0 +1,57 @@
+type Enum<T> = T[keyof T];
+/**
+ * Entitlement identifier
+ */
+type EntitlementType = string;
+interface EntitlementsListResult {
+    results: Array<{
+        entitlements: Array<{
+            allowed: boolean;
+            allowedByPlan: boolean;
+            allowedByRole: boolean;
+            allowedPlans?: Array<string>;
+            allowedRoles: Array<string>;
+            currentPlan?: string;
+            currentRole?: string;
+            entitlement: EntitlementType;
+        }>;
+        resourceId: string;
+        resourceType: ResourceType;
+    }>;
+}
+interface RefreshResponse {
+    sessionToken: string;
+}
+/**
+ * Resource type identifier
+ */
+type ResourceType = string;
+interface SessionResponse {
+    isAuthenticated: boolean;
+    user: {
+        email: string;
+        emailVerified: boolean;
+        firstName: string | null;
+        id: string;
+        lastName: string | null;
+    } | null;
+}
+/**
+ * Query params for Auth.Refresh
+ */
+interface AuthRefreshQuery {
+    __lh_jwt?: string;
+}
+
+type schema_AuthRefreshQuery = AuthRefreshQuery;
+type schema_EntitlementType = EntitlementType;
+type schema_EntitlementsListResult = EntitlementsListResult;
+type schema_Enum<T> = Enum<T>;
+type schema_RefreshResponse = RefreshResponse;
+type schema_ResourceType = ResourceType;
+type schema_SessionResponse = SessionResponse;
+declare namespace schema {
+  export type { schema_AuthRefreshQuery as AuthRefreshQuery, schema_EntitlementType as EntitlementType, schema_EntitlementsListResult as EntitlementsListResult, schema_Enum as Enum, schema_RefreshResponse as RefreshResponse, schema_ResourceType as ResourceType, schema_SessionResponse as SessionResponse };
+}
+
+export { type AuthRefreshQuery as A, type EntitlementsListResult as E, type RefreshResponse as R, type SessionResponse as S, type Enum as a, type EntitlementType as b, type ResourceType as c, schema as s };

package/dist/schema.d.mts

@@ -1 +1 @@
-export { E as Enum, R as RefreshResponse, S as SessionResponse } from './schema-C3_USjmu.mjs';
+export { A as AuthRefreshQuery, b as EntitlementType, E as EntitlementsListResult, a as Enum, R as RefreshResponse, c as ResourceType, S as SessionResponse } from './schema-jwKwV_Bm.mjs';

package/dist/schema.d.ts

@@ -1 +1 @@
-export { E as Enum, R as RefreshResponse, S as SessionResponse } from './schema-C3_USjmu.js';
+export { A as AuthRefreshQuery, b as EntitlementType, E as EntitlementsListResult, a as Enum, R as RefreshResponse, c as ResourceType, S as SessionResponse } from './schema-jwKwV_Bm.js';

package/dist/schema.js

@@ -1,3 +1,4 @@
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;

package/dist/services/auth.d.mts

@@ -1,12 +1,39 @@
 import { CoreClient } from '../client.mjs';
-import { R as RefreshResponse, S as SessionResponse } from '../schema-C3_USjmu.mjs';
+import { A as AuthRefreshQuery, R as RefreshResponse, S as SessionResponse } from '../schema-jwKwV_Bm.mjs';
 
 declare class AuthService {
     private core;
     constructor(core: CoreClient);
+    /**
+     * POST /v1/auth/logout
+     * @summary Logout and invalidate session
+     */
     logout(init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown>;
-    refresh(init?: Omit<RequestInit, 'method' | 'body'>): Promise<RefreshResponse>;
+    /**
+     * @summary Get query keys for logout
+     * @returns ['v1/auth/logout']
+     */
+    logout__queryKeys(): readonly ["v1/auth/logout"];
+    /**
+     * POST /v1/auth/refresh
+     * @summary Refresh session token
+     */
+    refresh(query?: AuthRefreshQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<RefreshResponse>;
+    /**
+     * @summary Get query keys for refresh
+     * @returns ['v1/auth/refresh', query]
+     */
+    refresh__queryKeys(query?: AuthRefreshQuery): readonly ["v1/auth/refresh", AuthRefreshQuery | undefined];
+    /**
+     * GET /v1/auth/session
+     * @summary Get current session
+     */
     getSession(init?: Omit<RequestInit, 'method' | 'body'>): Promise<SessionResponse>;
+    /**
+     * @summary Get query keys for getSession
+     * @returns ['v1/auth/session']
+     */
+    getSession__queryKeys(): readonly ["v1/auth/session"];
 }
 
 export { AuthService };

package/dist/services/auth.d.ts

@@ -1,12 +1,39 @@
 import { CoreClient } from '../client.js';
-import { R as RefreshResponse, S as SessionResponse } from '../schema-C3_USjmu.js';
+import { A as AuthRefreshQuery, R as RefreshResponse, S as SessionResponse } from '../schema-jwKwV_Bm.js';
 
 declare class AuthService {
     private core;
     constructor(core: CoreClient);
+    /**
+     * POST /v1/auth/logout
+     * @summary Logout and invalidate session
+     */
     logout(init?: Omit<RequestInit, 'method' | 'body'>): Promise<unknown>;
-    refresh(init?: Omit<RequestInit, 'method' | 'body'>): Promise<RefreshResponse>;
+    /**
+     * @summary Get query keys for logout
+     * @returns ['v1/auth/logout']
+     */
+    logout__queryKeys(): readonly ["v1/auth/logout"];
+    /**
+     * POST /v1/auth/refresh
+     * @summary Refresh session token
+     */
+    refresh(query?: AuthRefreshQuery, init?: Omit<RequestInit, 'method' | 'body'>): Promise<RefreshResponse>;
+    /**
+     * @summary Get query keys for refresh
+     * @returns ['v1/auth/refresh', query]
+     */
+    refresh__queryKeys(query?: AuthRefreshQuery): readonly ["v1/auth/refresh", AuthRefreshQuery | undefined];
+    /**
+     * GET /v1/auth/session
+     * @summary Get current session
+     */
     getSession(init?: Omit<RequestInit, 'method' | 'body'>): Promise<SessionResponse>;
+    /**
+     * @summary Get query keys for getSession
+     * @returns ['v1/auth/session']
+     */
+    getSession__queryKeys(): readonly ["v1/auth/session"];
 }
 
 export { AuthService };

package/dist/services/auth.js

@@ -1,3 +1,4 @@
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -37,17 +38,32 @@ var AuthService = class {
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for logout
+   * @returns ['v1/auth/logout']
+   */
+  logout__queryKeys() {
+    return ["v1/auth/logout"];
+  }
   /**
    * POST /v1/auth/refresh
    * @summary Refresh session token
    */
-  refresh(init) {
+  refresh(query, init) {
     return this.core.request({
       method: "POST",
       path: `/v1/auth/refresh`,
+      query,
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for refresh
+   * @returns ['v1/auth/refresh', query]
+   */
+  refresh__queryKeys(query) {
+    return ["v1/auth/refresh", query];
+  }
   /**
    * GET /v1/auth/session
    * @summary Get current session
@@ -59,6 +75,13 @@ var AuthService = class {
       ...init || {}
     });
   }
+  /**
+   * @summary Get query keys for getSession
+   * @returns ['v1/auth/session']
+   */
+  getSession__queryKeys() {
+    return ["v1/auth/session"];
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/services/auth.mjs

@@ -1,6 +1,8 @@
 import {
   AuthService
-} from "../chunk-UTMQXMDQ.mjs";
+} from "../chunk-YGEJFE6U.mjs";
+import "../chunk-ATZGLDGF.mjs";
+import "../chunk-7SBLH5KM.mjs";
 export {
   AuthService
 };

package/dist/services/entitlements.d.mts

@@ -0,0 +1,21 @@
+import { CoreClient } from '../client.mjs';
+import { E as EntitlementsListResult } from '../schema-jwKwV_Bm.mjs';
+
+declare class EntitlementsService {
+    private core;
+    constructor(core: CoreClient);
+    /**
+     * GET /v1/client/entitlements/list-for-tenant/{tenantResourceId}
+     * @summary List entitlements for a tenant and all its sub-resources
+     *
+     * @description Returns entitlements for a tenant resource and all its descendant resources for the authenticated user. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).
+     */
+    listForTenant(tenantResourceId: string, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementsListResult>;
+    /**
+     * @summary Get query keys for listForTenant
+     * @returns ['v1/client/entitlements/list-for-tenant', tenantResourceId]
+     */
+    listForTenant__queryKeys(tenantResourceId: string): readonly ["v1/client/entitlements/list-for-tenant", string];
+}
+
+export { EntitlementsService };

package/dist/services/entitlements.d.ts

@@ -0,0 +1,21 @@
+import { CoreClient } from '../client.js';
+import { E as EntitlementsListResult } from '../schema-jwKwV_Bm.js';
+
+declare class EntitlementsService {
+    private core;
+    constructor(core: CoreClient);
+    /**
+     * GET /v1/client/entitlements/list-for-tenant/{tenantResourceId}
+     * @summary List entitlements for a tenant and all its sub-resources
+     *
+     * @description Returns entitlements for a tenant resource and all its descendant resources for the authenticated user. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).
+     */
+    listForTenant(tenantResourceId: string, init?: Omit<RequestInit, 'method' | 'body'>): Promise<EntitlementsListResult>;
+    /**
+     * @summary Get query keys for listForTenant
+     * @returns ['v1/client/entitlements/list-for-tenant', tenantResourceId]
+     */
+    listForTenant__queryKeys(tenantResourceId: string): readonly ["v1/client/entitlements/list-for-tenant", string];
+}
+
+export { EntitlementsService };

package/dist/services/entitlements.js

@@ -0,0 +1,54 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/services/entitlements.ts
+var entitlements_exports = {};
+__export(entitlements_exports, {
+  EntitlementsService: () => EntitlementsService
+});
+module.exports = __toCommonJS(entitlements_exports);
+var EntitlementsService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/client/entitlements/list-for-tenant/{tenantResourceId}
+   * @summary List entitlements for a tenant and all its sub-resources
+   *
+   * @description Returns entitlements for a tenant resource and all its descendant resources for the authenticated user. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).
+   */
+  listForTenant(tenantResourceId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/client/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * @summary Get query keys for listForTenant
+   * @returns ['v1/client/entitlements/list-for-tenant', tenantResourceId]
+   */
+  listForTenant__queryKeys(tenantResourceId) {
+    return ["v1/client/entitlements/list-for-tenant", tenantResourceId];
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  EntitlementsService
+});

package/dist/services/entitlements.mjs

@@ -0,0 +1,8 @@
+import {
+  EntitlementsService
+} from "../chunk-ENXZU3RF.mjs";
+import "../chunk-ATZGLDGF.mjs";
+import "../chunk-7SBLH5KM.mjs";
+export {
+  EntitlementsService
+};

package/dist/utils.js

@@ -1,3 +1,4 @@
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;

package/package.json

@@ -1,8 +1,11 @@
 {
   "name": "@blimu/client",
-  "version": "0.5.0",
+  "version": "0.6.1",
   "description": "TypeScript SDK for Blimu API (auto-generated)",
-  "repository": "https://github.com/blimu/blimu-ts",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/blimu-dev/blimu-ts"
+  },
   "author": "viniciusdacal",
   "license": "MIT",
   "publishConfig": {
@@ -61,7 +64,8 @@
     }
   },
   "scripts": {
-    "build": "tsup src/index.ts src/services/*.ts src/schema.ts src/client.ts src/utils.ts --format cjs,esm --dts",
+    "build": "npm run clean && tsup src/index.ts src/services/*.ts src/schema.ts src/client.ts src/utils.ts --format cjs,esm --dts",
+    "clean": "rm -rf dist",
     "typecheck": "tsc -p tsconfig.json --noEmit",
     "lint": "eslint .",
     "format": "eslint --fix . && prettier --write .",

package/dist/schema-C3_USjmu.d.mts

@@ -1,23 +0,0 @@
-type Enum<T> = T[keyof T];
-interface RefreshResponse {
-    sessionToken: string;
-}
-interface SessionResponse {
-    isAuthenticated: boolean;
-    user: {
-        email: string;
-        emailVerified: boolean;
-        firstName: string | null;
-        id: string;
-        lastName: string | null;
-    } | null;
-}
-
-type schema_Enum<T> = Enum<T>;
-type schema_RefreshResponse = RefreshResponse;
-type schema_SessionResponse = SessionResponse;
-declare namespace schema {
-  export type { schema_Enum as Enum, schema_RefreshResponse as RefreshResponse, schema_SessionResponse as SessionResponse };
-}
-
-export { type Enum as E, type RefreshResponse as R, type SessionResponse as S, schema as s };

package/dist/schema-C3_USjmu.d.ts

@@ -1,23 +0,0 @@
-type Enum<T> = T[keyof T];
-interface RefreshResponse {
-    sessionToken: string;
-}
-interface SessionResponse {
-    isAuthenticated: boolean;
-    user: {
-        email: string;
-        emailVerified: boolean;
-        firstName: string | null;
-        id: string;
-        lastName: string | null;
-    } | null;
-}
-
-type schema_Enum<T> = Enum<T>;
-type schema_RefreshResponse = RefreshResponse;
-type schema_SessionResponse = SessionResponse;
-declare namespace schema {
-  export type { schema_Enum as Enum, schema_RefreshResponse as RefreshResponse, schema_SessionResponse as SessionResponse };
-}
-
-export { type Enum as E, type RefreshResponse as R, type SessionResponse as S, schema as s };