@blinkdotnew/sdk 2.0.2 → 2.1.0

package/dist/index.d.mts

@@ -61,6 +61,39 @@ interface BlinkClientConfig {
     projectId: string;
     authRequired?: boolean;
     auth?: BlinkAuthConfig;
+    /**
+     * Publishable key (client-safe).
+     *
+     * Used for **public endpoints** when no user JWT is present (e.g. analytics ingest, storage upload,
+     * optional public DB reads). Never use for privileged operations.
+     */
+    publishableKey?: string;
+    /**
+     * Secret key (server-only, privileged). Permanent, never expires.
+     *
+     * Used in **server runtimes** (Edge Functions, Workers) for privileged operations that require
+     * service-role access (e.g. raw SQL, bypassing row-level security).
+     *
+     * Format: `blnk_sk_{projectId-last-8}_{random}` (similar to Stripe's `sk_live_...`)
+     *
+     * **Security**: Never expose this key in client-side code. It is injected by the platform
+     * into edge function environments as `BLINK_SECRET_KEY`.
+     *
+     * When present, this key takes precedence over user JWTs for all requests.
+     *
+     * @example
+     * // Edge function (Deno)
+     * const blink = createClient({
+     *   projectId: Deno.env.get('BLINK_PROJECT_ID')!,
+     *   secretKey: Deno.env.get('BLINK_SECRET_KEY'),
+     * })
+     */
+    secretKey?: string;
+    /**
+     * @deprecated Use `secretKey` instead. Service tokens are JWT-based and expire after 365 days.
+     * Secret keys are permanent and never expire.
+     */
+    serviceToken?: string;
     /**
      * Storage adapter for cross-platform token persistence
      *
@@ -281,6 +314,9 @@ declare class BlinkError extends Error {
     constructor(message: string, code?: string | undefined, status?: number | undefined, details?: any);
 }
 interface StorageUploadOptions {
+    /**
+     * @deprecated Blink storage uploads are add-only by default. This option is ignored.
+     */
     upsert?: boolean;
     onProgress?: (percent: number) => void;
 }
@@ -737,7 +773,7 @@ interface BlinkNotifications {
  */
 
 interface RequestOptions {
-    method?: 'GET' | 'POST' | 'PATCH' | 'DELETE';
+    method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
     headers?: Record<string, string>;
     body?: any;
     searchParams?: Record<string, string>;
@@ -752,9 +788,14 @@ declare class HttpClient {
     private readonly authUrl;
     private readonly coreUrl;
     readonly projectId: string;
+    private readonly publishableKey?;
+    private readonly secretKey?;
     private getToken;
     private getValidToken?;
     constructor(config: BlinkClientConfig, getToken: () => string | null, getValidToken?: () => Promise<string | null>);
+    private shouldAttachPublishableKey;
+    private shouldSkipSecretKey;
+    private getAuthorizationHeader;
     /**
      * Make an authenticated request to the Blink API
      */
@@ -836,7 +877,7 @@ declare class HttpClient {
         signal?: AbortSignal;
     }): Promise<BlinkResponse<any>>;
     /**
-     * Stream AI text generation with Vercel AI SDK data stream format
+     * Stream AI text generation - uses Vercel AI SDK's pipeUIMessageStreamToResponse (Data Stream Protocol)
      */
     streamAiText(prompt: string, options: {
         model?: string | undefined;
@@ -860,7 +901,7 @@ declare class HttpClient {
         signal?: AbortSignal;
     }): Promise<BlinkResponse<any>>;
     /**
-     * Stream AI object generation with Vercel AI SDK data stream format
+     * Stream AI object generation - uses Vercel AI SDK's pipeTextStreamToResponse
      */
     streamAiObject(prompt: string, options: {
         model?: string | undefined;
@@ -941,10 +982,10 @@ declare class HttpClient {
     private parseResponse;
     private handleErrorResponse;
     /**
-     * Parse Vercel AI SDK data stream format
-     * Handles text chunks (0:"text"), partial objects (2:[...]), and metadata (d:, e:)
+     * Parse Vercel AI SDK v5 Data Stream Protocol (Server-Sent Events)
+     * Supports all event types from the UI Message Stream protocol
      */
-    private parseDataStream;
+    private parseDataStreamProtocol;
 }
 
 /**
@@ -1633,6 +1674,50 @@ declare class BlinkAnalyticsImpl implements BlinkAnalytics {
     private detectChannel;
 }
 
+/**
+ * Blink Functions - Edge function invocation helper
+ * Provides a simple interface for calling Blink Edge Functions with automatic JWT attachment
+ */
+
+interface FunctionsInvokeOptions {
+    method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    body?: any;
+    headers?: Record<string, string>;
+    searchParams?: Record<string, string>;
+}
+interface FunctionsInvokeResponse<T = any> {
+    data: T;
+    status: number;
+    headers: Headers;
+}
+interface BlinkFunctions {
+    /**
+     * Invoke a Blink Edge Function.
+     *
+     * Automatically attaches the user's JWT for authenticated requests.
+     * The function URL is constructed as: https://{projectSuffix}--{functionSlug}.functions.blink.new
+     *
+     * @param functionSlug - The slug of the edge function to invoke
+     * @param options - Request options (method, body, headers, etc.)
+     * @returns The function response
+     *
+     * @example
+     * // Simple POST request
+     * const { data } = await blink.functions.invoke('my-function', {
+     *   method: 'POST',
+     *   body: { message: 'Hello' }
+     * })
+     *
+     * @example
+     * // GET request with query params
+     * const { data } = await blink.functions.invoke('my-function', {
+     *   method: 'GET',
+     *   searchParams: { limit: '10' }
+     * })
+     */
+    invoke<T = any>(functionSlug: string, options?: FunctionsInvokeOptions): Promise<FunctionsInvokeResponse<T>>;
+}
+
 /**
  * Blink Client - Main SDK entry point
  * Factory function and client class for the Blink SDK
@@ -1647,6 +1732,7 @@ interface BlinkClient {
     realtime: BlinkRealtime;
     notifications: BlinkNotifications;
     analytics: BlinkAnalytics;
+    functions: BlinkFunctions;
 }
 /**
  * Create a new Blink client instance

package/dist/index.d.ts

@@ -61,6 +61,39 @@ interface BlinkClientConfig {
     projectId: string;
     authRequired?: boolean;
     auth?: BlinkAuthConfig;
+    /**
+     * Publishable key (client-safe).
+     *
+     * Used for **public endpoints** when no user JWT is present (e.g. analytics ingest, storage upload,
+     * optional public DB reads). Never use for privileged operations.
+     */
+    publishableKey?: string;
+    /**
+     * Secret key (server-only, privileged). Permanent, never expires.
+     *
+     * Used in **server runtimes** (Edge Functions, Workers) for privileged operations that require
+     * service-role access (e.g. raw SQL, bypassing row-level security).
+     *
+     * Format: `blnk_sk_{projectId-last-8}_{random}` (similar to Stripe's `sk_live_...`)
+     *
+     * **Security**: Never expose this key in client-side code. It is injected by the platform
+     * into edge function environments as `BLINK_SECRET_KEY`.
+     *
+     * When present, this key takes precedence over user JWTs for all requests.
+     *
+     * @example
+     * // Edge function (Deno)
+     * const blink = createClient({
+     *   projectId: Deno.env.get('BLINK_PROJECT_ID')!,
+     *   secretKey: Deno.env.get('BLINK_SECRET_KEY'),
+     * })
+     */
+    secretKey?: string;
+    /**
+     * @deprecated Use `secretKey` instead. Service tokens are JWT-based and expire after 365 days.
+     * Secret keys are permanent and never expire.
+     */
+    serviceToken?: string;
     /**
      * Storage adapter for cross-platform token persistence
      *
@@ -281,6 +314,9 @@ declare class BlinkError extends Error {
     constructor(message: string, code?: string | undefined, status?: number | undefined, details?: any);
 }
 interface StorageUploadOptions {
+    /**
+     * @deprecated Blink storage uploads are add-only by default. This option is ignored.
+     */
     upsert?: boolean;
     onProgress?: (percent: number) => void;
 }
@@ -737,7 +773,7 @@ interface BlinkNotifications {
  */
 
 interface RequestOptions {
-    method?: 'GET' | 'POST' | 'PATCH' | 'DELETE';
+    method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
     headers?: Record<string, string>;
     body?: any;
     searchParams?: Record<string, string>;
@@ -752,9 +788,14 @@ declare class HttpClient {
     private readonly authUrl;
     private readonly coreUrl;
     readonly projectId: string;
+    private readonly publishableKey?;
+    private readonly secretKey?;
     private getToken;
     private getValidToken?;
     constructor(config: BlinkClientConfig, getToken: () => string | null, getValidToken?: () => Promise<string | null>);
+    private shouldAttachPublishableKey;
+    private shouldSkipSecretKey;
+    private getAuthorizationHeader;
     /**
      * Make an authenticated request to the Blink API
      */
@@ -836,7 +877,7 @@ declare class HttpClient {
         signal?: AbortSignal;
     }): Promise<BlinkResponse<any>>;
     /**
-     * Stream AI text generation with Vercel AI SDK data stream format
+     * Stream AI text generation - uses Vercel AI SDK's pipeUIMessageStreamToResponse (Data Stream Protocol)
      */
     streamAiText(prompt: string, options: {
         model?: string | undefined;
@@ -860,7 +901,7 @@ declare class HttpClient {
         signal?: AbortSignal;
     }): Promise<BlinkResponse<any>>;
     /**
-     * Stream AI object generation with Vercel AI SDK data stream format
+     * Stream AI object generation - uses Vercel AI SDK's pipeTextStreamToResponse
      */
     streamAiObject(prompt: string, options: {
         model?: string | undefined;
@@ -941,10 +982,10 @@ declare class HttpClient {
     private parseResponse;
     private handleErrorResponse;
     /**
-     * Parse Vercel AI SDK data stream format
-     * Handles text chunks (0:"text"), partial objects (2:[...]), and metadata (d:, e:)
+     * Parse Vercel AI SDK v5 Data Stream Protocol (Server-Sent Events)
+     * Supports all event types from the UI Message Stream protocol
      */
-    private parseDataStream;
+    private parseDataStreamProtocol;
 }
 
 /**
@@ -1633,6 +1674,50 @@ declare class BlinkAnalyticsImpl implements BlinkAnalytics {
     private detectChannel;
 }
 
+/**
+ * Blink Functions - Edge function invocation helper
+ * Provides a simple interface for calling Blink Edge Functions with automatic JWT attachment
+ */
+
+interface FunctionsInvokeOptions {
+    method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    body?: any;
+    headers?: Record<string, string>;
+    searchParams?: Record<string, string>;
+}
+interface FunctionsInvokeResponse<T = any> {
+    data: T;
+    status: number;
+    headers: Headers;
+}
+interface BlinkFunctions {
+    /**
+     * Invoke a Blink Edge Function.
+     *
+     * Automatically attaches the user's JWT for authenticated requests.
+     * The function URL is constructed as: https://{projectSuffix}--{functionSlug}.functions.blink.new
+     *
+     * @param functionSlug - The slug of the edge function to invoke
+     * @param options - Request options (method, body, headers, etc.)
+     * @returns The function response
+     *
+     * @example
+     * // Simple POST request
+     * const { data } = await blink.functions.invoke('my-function', {
+     *   method: 'POST',
+     *   body: { message: 'Hello' }
+     * })
+     *
+     * @example
+     * // GET request with query params
+     * const { data } = await blink.functions.invoke('my-function', {
+     *   method: 'GET',
+     *   searchParams: { limit: '10' }
+     * })
+     */
+    invoke<T = any>(functionSlug: string, options?: FunctionsInvokeOptions): Promise<FunctionsInvokeResponse<T>>;
+}
+
 /**
  * Blink Client - Main SDK entry point
  * Factory function and client class for the Blink SDK
@@ -1647,6 +1732,7 @@ interface BlinkClient {
     realtime: BlinkRealtime;
     notifications: BlinkNotifications;
     analytics: BlinkAnalytics;
+    functions: BlinkFunctions;
 }
 /**
  * Create a new Blink client instance