npm - @bloque/sdk-core - Versions diffs - 0.0.2 → 0.0.3 - Mend

@bloque/sdk-core 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/http-client.d.ts CHANGED Viewed

@@ -2,7 +2,9 @@ import type { BloqueConfig, RequestOptions } from './types';
 export declare class HttpClient {
     private readonly config;
     private readonly baseUrl;
+    private readonly publicRoutes;
     constructor(config: BloqueConfig);
+    private isPublicRoute;
     private validateConfig;
-    request<T>(options: RequestOptions): Promise<T>;
+    request<T, U = unknown>(options: RequestOptions<U>): Promise<T>;
 }

package/dist/index.cjs CHANGED Viewed

@@ -55,21 +55,46 @@ class BloqueConfigError extends Error {
         Object.setPrototypeOf(this, BloqueConfigError.prototype);
     }
 }
+const createLocalStorageAdapter = ()=>({
+        get: ()=>{
+            if ('undefined' == typeof localStorage) return null;
+            return localStorage.getItem('access_token');
+        },
+        set: (token)=>{
+            if ('undefined' != typeof localStorage) localStorage.setItem('access_token', token);
+        },
+        clear: ()=>{
+            if ('undefined' != typeof localStorage) localStorage.removeItem('access_token');
+        }
+    });
 class HttpClient {
     config;
     baseUrl;
+    publicRoutes = [
+        '/api/aliases',
+        '/api/origins/*/assert'
+    ];
     constructor(config){
         this.validateConfig(config);
         this.config = config;
-        this.baseUrl = API_BASE_URLS[config.mode];
+        this.baseUrl = API_BASE_URLS[config.mode ?? 'production'];
+    }
+    isPublicRoute(path) {
+        const pathWithoutQuery = path.split('?')[0];
+        return this.publicRoutes.some((route)=>{
+            const pattern = route.replace(/\*/g, '[^/]+');
+            const regex = new RegExp(`^${pattern}$`);
+            return regex.test(pathWithoutQuery);
+        });
     }
     validateConfig(config) {
         if (!config.apiKey || '' === config.apiKey.trim()) throw new BloqueConfigError('API key is required');
-        if (!config.mode) throw new BloqueConfigError('Mode is required');
+        if (!config.mode) config.mode = 'production';
         if (![
             'sandbox',
             'production'
         ].includes(config.mode)) throw new BloqueConfigError('Mode must be either "sandbox" or "production"');
+        if ('client' === config.runtime && !config.tokenStorage) config.tokenStorage = createLocalStorageAdapter();
     }
     async request(options) {
         const { method, path, body, headers = {} } = options;
@@ -79,6 +104,11 @@ class HttpClient {
             Authorization: this.config.apiKey,
             ...headers
         };
+        if ('client' === this.config.runtime && !this.isPublicRoute(path)) {
+            const token = this.config.tokenStorage?.get();
+            if (!token) throw new BloqueConfigError('Authentication token is missing');
+            requestHeaders.Authorization = `Bearer ${token}`;
+        }
         try {
             const response = await fetch(url, {
                 method,

package/dist/index.js CHANGED Viewed

@@ -23,21 +23,46 @@ class BloqueConfigError extends Error {
         Object.setPrototypeOf(this, BloqueConfigError.prototype);
     }
 }
+const createLocalStorageAdapter = ()=>({
+        get: ()=>{
+            if ('undefined' == typeof localStorage) return null;
+            return localStorage.getItem('access_token');
+        },
+        set: (token)=>{
+            if ('undefined' != typeof localStorage) localStorage.setItem('access_token', token);
+        },
+        clear: ()=>{
+            if ('undefined' != typeof localStorage) localStorage.removeItem('access_token');
+        }
+    });
 class HttpClient {
     config;
     baseUrl;
+    publicRoutes = [
+        '/api/aliases',
+        '/api/origins/*/assert'
+    ];
     constructor(config){
         this.validateConfig(config);
         this.config = config;
-        this.baseUrl = API_BASE_URLS[config.mode];
+        this.baseUrl = API_BASE_URLS[config.mode ?? 'production'];
+    }
+    isPublicRoute(path) {
+        const pathWithoutQuery = path.split('?')[0];
+        return this.publicRoutes.some((route)=>{
+            const pattern = route.replace(/\*/g, '[^/]+');
+            const regex = new RegExp(`^${pattern}$`);
+            return regex.test(pathWithoutQuery);
+        });
     }
     validateConfig(config) {
         if (!config.apiKey || '' === config.apiKey.trim()) throw new BloqueConfigError('API key is required');
-        if (!config.mode) throw new BloqueConfigError('Mode is required');
+        if (!config.mode) config.mode = 'production';
         if (![
             'sandbox',
             'production'
         ].includes(config.mode)) throw new BloqueConfigError('Mode must be either "sandbox" or "production"');
+        if ('client' === config.runtime && !config.tokenStorage) config.tokenStorage = createLocalStorageAdapter();
     }
     async request(options) {
         const { method, path, body, headers = {} } = options;
@@ -47,6 +72,11 @@ class HttpClient {
             Authorization: this.config.apiKey,
             ...headers
         };
+        if ('client' === this.config.runtime && !this.isPublicRoute(path)) {
+            const token = this.config.tokenStorage?.get();
+            if (!token) throw new BloqueConfigError('Authentication token is missing');
+            requestHeaders.Authorization = `Bearer ${token}`;
+        }
         try {
             const response = await fetch(url, {
                 method,

package/dist/types.d.ts CHANGED Viewed

@@ -1,12 +1,116 @@
-export type Mode = 'sandbox' | 'production';
+export type Mode =
+/**
+ * Production environment.
+ *
+ * Uses live endpoints and real data.
+ * This is the default mode.
+ */
+'production'
+/**
+ * Sandbox environment.
+ *
+ * Uses isolated endpoints and mock data for development and testing.
+ */
+ | 'sandbox';
+export type Runtime =
+/**
+ * Server runtime (default).
+ *
+ * Intended for backend environments such as Node.js, Bun,
+ * Deno, Edge runtimes, or any server-side execution context.
+ *
+ * Allows the use of private API keys.
+ */
+'server'
+/**
+ * Client runtime.
+ *
+ * Intended for browsers or frontend runtimes.
+ *
+ * In the current version of the SDK:
+ * - The client authenticates using the `auth` module.
+ * - The SDK automatically obtains and manages a JWT.
+ * - The JWT is used to authenticate all subsequent requests.
+ * - An authenticated client can execute any operation
+ *   exposed by the API.
+ *
+ * Authorization and security enforcement are handled
+ * exclusively by the backend.
+ */
+ | 'client';
+/**
+ * Interface that defines how the SDK stores and retrieves
+ * the JWT token when running in `client` runtime.
+ *
+ * This allows consumers to customize the storage mechanism
+ * (localStorage, sessionStorage, cookies, in-memory, etc.).
+ */
+export interface TokenStorage {
+    /**
+     * Retrieves the currently stored JWT.
+     *
+     * @returns The JWT token, or `null` if no token is stored.
+     */
+    get(): string | null;
+    /**
+     * Persists a JWT token.
+     *
+     * @param token The JWT token to store.
+     */
+    set(token: string): void;
+    /**
+     * Clears the stored JWT token.
+     */
+    clear(): void;
+}
+/**
+ * Main configuration object for the Bloque SDK.
+ *
+ * This configuration is resolved once when initializing
+ * the SDK (via `new SDK()` or `init()` in the modular API).
+ */
 export interface BloqueConfig {
+    /**
+     * Bloque API key.
+     *
+     * - In `server` runtime, a private API key is expected.
+     * - In `client` runtime, the API key is not used directly;
+     *   authentication is performed via JWT instead.
+     */
     apiKey: string;
-    mode: Mode;
+    /**
+     * SDK operation mode.
+     *
+     * - `production` (default): production environment.
+     * - `sandbox`: sandbox environment.
+     *
+     * If not specified, the SDK defaults to `production`.
+     */
+    mode?: Mode;
+    /**
+     * Runtime environment where the SDK is executed.
+     *
+     * - `server` (default): backend runtime using API keys.
+     * - `client`: frontend runtime using JWT authentication.
+     *
+     * If not specified, the SDK defaults to `server`.
+     */
+    runtime?: 'server' | 'client';
+    /**
+     * JWT token storage strategy.
+     *
+     * Only applies when `runtime` is set to `client`.
+     *
+     * By default, the SDK uses `localStorage` to persist
+     * the JWT token. This behavior can be overridden to
+     * use alternative storage mechanisms.
+     */
+    tokenStorage?: TokenStorage;
 }
-export interface RequestOptions {
+export interface RequestOptions<U = unknown> {
     method: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH';
     path: string;
-    body?: unknown;
+    body?: U;
     headers?: Record<string, string>;
 }
 export interface BloqueResponse<T> {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@bloque/sdk-core",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "Core utilities and types for Bloque SDK.",
   "type": "module",
   "keywords": [