@capsara/sdk 1.0.1

package/dist/client/capsara-client.js

@@ -0,0 +1,266 @@
+/** Primary interface for zero-knowledge encrypted file sharing. */
+import axios from 'axios';
+import { AuthService } from '../internal/services/auth-service.js';
+import { KeyManager } from '../internal/services/key-service.js';
+import { LimitsManager } from '../internal/services/limits-service.js';
+import { AccountClient } from '../internal/services/account-service.js';
+import { CapsaService } from '../internal/services/capsa-service.js';
+import { DownloadService } from '../internal/services/download-service.js';
+import { UploadService } from '../internal/services/upload-service.js';
+import { AuditService } from '../internal/services/audit-service.js';
+import { DecryptedCapsaCache } from '../internal/capsa-cache.js';
+import { generateKeyPair } from '../internal/crypto/key-generator.js';
+import { CapsaBuilder } from '../builder/capsa-builder.js';
+import { createAxiosConfig, configureRetryInterceptor, createHttpAgent, createHttpsAgent, DEFAULT_TIMEOUT_CONFIG, } from '../internal/config/http-client.js';
+export class CapsaraClient {
+    creatorId = null;
+    creatorPrivateKey = null;
+    authService;
+    keyManager;
+    limitsManager;
+    accountClient;
+    capsaService;
+    downloadService;
+    uploadService;
+    auditService;
+    capsaCache;
+    axiosInstance;
+    blobClient;
+    timeoutConfig;
+    retryConfig;
+    maxBatchSize;
+    logger;
+    refreshPromise = null;
+    inFlightCapsaFetches = new Map();
+    constructor(baseUrl, options) {
+        this.timeoutConfig = { ...DEFAULT_TIMEOUT_CONFIG, ...options?.timeout };
+        // eslint-disable-next-line no-console
+        this.logger = options?.retry?.logger ?? { log: (msg) => console.log(msg) };
+        this.retryConfig = {
+            maxRetries: options?.retry?.maxRetries ?? 3,
+            baseDelay: options?.retry?.baseDelay ?? 1000,
+            maxDelay: options?.retry?.maxDelay ?? 30000,
+            enableLogging: options?.retry?.enableLogging ?? false,
+            logger: this.logger,
+        };
+        this.maxBatchSize = options?.maxBatchSize ?? 150;
+        const axiosConfig = createAxiosConfig(baseUrl, this.timeoutConfig.apiTimeout, this.timeoutConfig, options?.userAgent);
+        this.axiosInstance = axios.create(axiosConfig);
+        configureRetryInterceptor(this.axiosInstance, options?.retry);
+        // No auth headers — SAS URL contains credentials
+        this.blobClient = axios.create({
+            timeout: this.timeoutConfig.downloadTimeout,
+            maxContentLength: 1024 * 1024 * 1024, // 1GB
+            maxBodyLength: 1024 * 1024 * 1024,
+            httpAgent: createHttpAgent(this.timeoutConfig),
+            httpsAgent: createHttpsAgent(this.timeoutConfig),
+        });
+        this.authService = new AuthService(baseUrl, {
+            expectedIssuer: options?.expectedIssuer,
+            expectedAudience: options?.expectedAudience,
+            timeout: options?.timeout,
+            retry: options?.retry,
+            userAgent: options?.userAgent,
+        });
+        this.axiosInstance.interceptors.request.use((config) => {
+            const token = this.authService.getToken();
+            if (token) {
+                config.headers.Authorization = `Bearer ${token}`;
+            }
+            return config;
+        });
+        // Automatic token refresh on 401
+        this.axiosInstance.interceptors.response.use((response) => response, async (error) => {
+            const axiosError = error;
+            const originalRequest = axiosError.config;
+            if (axiosError.response?.status === 401 &&
+                originalRequest &&
+                !originalRequest._retry &&
+                this.authService.canRefresh()) {
+                originalRequest._retry = true;
+                // Single-flight: coalesce concurrent refresh attempts into one request
+                if (!this.refreshPromise) {
+                    this.refreshPromise = this.authService.refresh().finally(() => {
+                        this.refreshPromise = null;
+                    });
+                }
+                const refreshed = await this.refreshPromise;
+                if (refreshed) {
+                    const newToken = this.authService.getToken();
+                    if (newToken) {
+                        originalRequest.headers.Authorization = `Bearer ${newToken}`;
+                    }
+                    return this.axiosInstance(originalRequest);
+                }
+                const refreshError = this.authService.getLastRefreshError();
+                if (refreshError) {
+                    return Promise.reject(refreshError);
+                }
+            }
+            if (error instanceof Error) {
+                return Promise.reject(error);
+            }
+            return Promise.reject(new Error(String(error)));
+        });
+        this.keyManager = new KeyManager(baseUrl, () => this.authService.getToken(), {
+            timeout: options?.timeout,
+            retry: options?.retry,
+        });
+        this.limitsManager = new LimitsManager(baseUrl, options?.timeout, options?.retry);
+        this.accountClient = new AccountClient(baseUrl, () => this.authService.getToken(), options?.timeout, options?.retry);
+        this.capsaService = new CapsaService({
+            axiosInstance: this.axiosInstance,
+            keyManager: this.keyManager,
+        });
+        this.downloadService = new DownloadService({
+            axiosInstance: this.axiosInstance,
+            blobClient: this.blobClient,
+            retryConfig: this.retryConfig,
+            logger: this.logger,
+        });
+        this.uploadService = new UploadService({
+            baseUrl,
+            keyManager: this.keyManager,
+            getToken: () => this.authService.getToken(),
+            timeoutConfig: this.timeoutConfig,
+            retryConfig: this.retryConfig,
+            logger: this.logger,
+            maxBatchSize: this.maxBatchSize,
+            userAgent: options?.userAgent,
+        });
+        this.auditService = new AuditService({ axiosInstance: this.axiosInstance });
+        this.capsaCache = new DecryptedCapsaCache({ ttl: options?.cacheTTL ?? 5 * 60 * 1000 });
+        if (options?.credentials) {
+            this.login(options.credentials).catch(() => { });
+        }
+        if (options?.accessToken) {
+            this.authService.setToken(options.accessToken);
+        }
+    }
+    async login(credentials) {
+        const response = await this.authService.login(credentials);
+        this.creatorId = response.party.id;
+        return response;
+    }
+    async logout() {
+        this.capsaCache.clearAll();
+        return this.authService.logout();
+    }
+    isAuthenticated() {
+        return this.authService.isAuthenticated();
+    }
+    setPrivateKey(privateKey) {
+        this.creatorPrivateKey = privateKey;
+    }
+    async createCapsaBuilder() {
+        if (!this.creatorId || !this.creatorPrivateKey) {
+            throw new Error('Creator identity not set. Call login() and setPrivateKey() first.');
+        }
+        const limits = await this.limitsManager.getLimits();
+        return new CapsaBuilder(this.creatorId, this.creatorPrivateKey, limits);
+    }
+    async sendCapsas(builders) {
+        if (!this.creatorId) {
+            throw new Error('Creator identity not set. Call login() and setPrivateKey() first.');
+        }
+        return this.uploadService.sendCapsas(builders, this.creatorId);
+    }
+    async getCapsa(capsaId, options) {
+        if (options?.decrypt === false) {
+            return this.capsaService.getCapsa(capsaId);
+        }
+        // Deduplicates concurrent requests for the same capsaId
+        return this.getOrCreateCapsaFetch(capsaId, options);
+    }
+    getOrCreateCapsaFetch(capsaId, options) {
+        const existing = this.inFlightCapsaFetches.get(capsaId);
+        if (existing) {
+            return existing;
+        }
+        // Must set in map synchronously before any await to prevent races
+        const fetchPromise = this.fetchAndDecryptCapsa(capsaId, options).finally(() => {
+            this.inFlightCapsaFetches.delete(capsaId);
+        });
+        this.inFlightCapsaFetches.set(capsaId, fetchPromise);
+        return fetchPromise;
+    }
+    async fetchAndDecryptCapsa(capsaId, options) {
+        if (!this.creatorPrivateKey) {
+            throw new Error('Private key required. Call setPrivateKey() first.');
+        }
+        const verifySignature = options?.verifySignature !== false; // default true
+        const decrypted = await this.capsaService.getDecryptedCapsa(capsaId, this.creatorPrivateKey, verifySignature);
+        // Zeroed on cache eviction
+        const masterKeyBuffer = decrypted._masterKey;
+        if (masterKeyBuffer) {
+            this.capsaCache.set(capsaId, masterKeyBuffer, decrypted.files.map(f => ({
+                fileId: f.fileId,
+                iv: f.iv,
+                authTag: f.authTag,
+                compressed: f.compressed,
+                encryptedFilename: f.encryptedFilename,
+                filenameIV: f.filenameIV,
+                filenameAuthTag: f.filenameAuthTag,
+            })));
+        }
+        return decrypted;
+    }
+    async listCapsas(filters) {
+        return this.capsaService.listCapsas(filters);
+    }
+    async deleteCapsa(capsaId) {
+        this.capsaCache.clear(capsaId);
+        return this.capsaService.deleteCapsa(capsaId);
+    }
+    async downloadFile(capsaId, fileId) {
+        let masterKey = this.capsaCache.getMasterKey(capsaId);
+        let fileMetadata = this.capsaCache.getFileMetadata(capsaId, fileId);
+        if (!masterKey || !fileMetadata) {
+            await this.getCapsa(capsaId);
+            masterKey = this.capsaCache.getMasterKey(capsaId);
+            fileMetadata = this.capsaCache.getFileMetadata(capsaId, fileId);
+        }
+        if (!masterKey || !fileMetadata) {
+            throw new Error(`File ${fileId} not found in capsa ${capsaId}`);
+        }
+        return this.downloadService.downloadAndDecryptFile(capsaId, fileId, masterKey, fileMetadata);
+    }
+    async getAuditEntries(capsaId, filters) {
+        return this.auditService.getAuditEntries(capsaId, filters);
+    }
+    async createAuditEntry(capsaId, entry) {
+        return this.auditService.createAuditEntry(capsaId, entry);
+    }
+    async getCurrentPublicKey() {
+        return this.accountClient.getCurrentPublicKey();
+    }
+    async addPublicKey(publicKey, fingerprint, reason) {
+        return this.accountClient.addPublicKey(publicKey, fingerprint, reason);
+    }
+    async getKeyHistory() {
+        return this.accountClient.getKeyHistory();
+    }
+    async rotateKey() {
+        return this.accountClient.rotateKey();
+    }
+    async getLimits() {
+        return this.limitsManager.getLimits();
+    }
+    static async generateKeyPair() {
+        return generateKeyPair();
+    }
+    clearCache() {
+        this.capsaCache.clearAll();
+    }
+    /** Release all resources and securely clear cached keys. */
+    async destroy() {
+        this.capsaCache.clearAll();
+        this.inFlightCapsaFetches.clear();
+        this.refreshPromise = null;
+        this.creatorId = null;
+        this.creatorPrivateKey = null;
+        // Fire-and-forget server-side logout
+        await this.authService.logout().catch(() => { });
+    }
+}
+//# sourceMappingURL=capsara-client.js.map

package/dist/client/capsara-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"capsara-client.js","sourceRoot":"","sources":["../../src/client/capsara-client.ts"],"names":[],"mappings":"AAAA,mEAAmE;AAEnE,OAAO,KAA8D,MAAM,OAAO,CAAC;AACnF,OAAO,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,qCAAqC,CAAC;AACjE,OAAO,EAAE,aAAa,EAAE,MAAM,wCAAwC,CAAC;AACvE,OAAO,EAAE,aAAa,EAA4C,MAAM,yCAAyC,CAAC;AAClH,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAC3E,OAAO,EAAE,aAAa,EAAE,MAAM,wCAAwC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAyB,MAAM,qCAAqC,CAAC;AAC7F,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAE3D,OAAO,EACL,iBAAiB,EACjB,yBAAyB,EACzB,eAAe,EACf,gBAAgB,EAChB,sBAAsB,GAEvB,MAAM,mCAAmC,CAAC;AAgC3C,MAAM,OAAO,aAAa;IAChB,SAAS,GAAkB,IAAI,CAAC;IAChC,iBAAiB,GAAkB,IAAI,CAAC;IACxC,WAAW,CAAc;IACzB,UAAU,CAAa;IACvB,aAAa,CAAgB;IAC7B,aAAa,CAAgB;IAC7B,YAAY,CAAe;IAC3B,eAAe,CAAkB;IACjC,aAAa,CAAgB;IAC7B,YAAY,CAAe;IAC3B,UAAU,CAAsB;IAChC,aAAa,CAAgB;IAC7B,UAAU,CAAgB;IAC1B,aAAa,CAAoB;IACjC,WAAW,CAAwB;IACnC,YAAY,CAAS;IACrB,MAAM,CAAc;IACpB,cAAc,GAA4B,IAAI,CAAC;IAC/C,oBAAoB,GAAyC,IAAI,GAAG,EAAE,CAAC;IAE/E,YAAY,OAAe,EAAE,OAA8B;QACzD,IAAI,CAAC,aAAa,GAAG,EAAE,GAAG,sBAAsB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;QACxE,sCAAsC;QACtC,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,KAAK,EAAE,MAAM,IAAI,EAAE,GAAG,EAAE,CAAC,GAAW,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QACnF,IAAI,CAAC,WAAW,GAAG;YACjB,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,IAAI,CAAC;YAC3C,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,IAAI,IAAI;YAC5C,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,IAAI,KAAK;YAC3C,aAAa,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,IAAI,KAAK;YACrD,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,GAAG,CAAC;QAEjD,MAAM,WAAW,GAAG,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACtH,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC/C,yBAAyB,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QAE9D,iDAAiD;QACjD,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC;YAC7B,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,eAAe;YAC3C,gBAAgB,EAAE,IAAI,GAAG,IAAI,GAAG,IAAI,EAAE,MAAM;YAC5C,aAAa,EAAE,IAAI,GAAG,IAAI,GAAG,IAAI;YACjC,SAAS,EAAE,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC;YAC9C,UAAU,EAAE,gBAAgB,CAAC,IAAI,CAAC,aAAa,CAAC;SACjD,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,OAAO,EAAE;YAC1C,cAAc,EAAE,OAAO,EAAE,cAAc;YACvC,gBAAgB,EAAE,OAAO,EAAE,gBAAgB;YAC3C,OAAO,EAAE,OAAO,EAAE,OAAO;YACzB,KAAK,EAAE,OAAO,EAAE,KAAK;YACrB,SAAS,EAAE,OAAO,EAAE,SAAS;SAC9B,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YACrD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,CAAC,OAAO,CAAC,aAAa,GAAG,UAAU,KAAK,EAAE,CAAC;YACnD,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,iCAAiC;QACjC,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAC1C,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,EACtB,KAAK,EAAE,KAAc,EAAE,EAAE;YACvB,MAAM,UAAU,GAAG,KAAuG,CAAC;YAC3H,MAAM,eAAe,GAAG,UAAU,CAAC,MAAM,CAAC;YAE1C,IACE,UAAU,CAAC,QAAQ,EAAE,MAAM,KAAK,GAAG;gBACnC,eAAe;gBACf,CAAC,eAAe,CAAC,MAAM;gBACvB,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,EAC7B,CAAC;gBACD,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC;gBAE9B,uEAAuE;gBACvE,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;oBACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;wBAC5D,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;oBAC7B,CAAC,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC;gBAC5C,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;oBAC7C,IAAI,QAAQ,EAAE,CAAC;wBACb,eAAe,CAAC,OAAO,CAAC,aAAa,GAAG,UAAU,QAAQ,EAAE,CAAC;oBAC/D,CAAC;oBACD,OAAO,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;gBAC7C,CAAC;gBAED,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,mBAAmB,EAAE,CAAC;gBAC5D,IAAI,YAAY,EAAE,CAAC;oBACjB,OAAO,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;YAED,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC/B,CAAC;YACD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAClD,CAAC,CACF,CAAC;QAEF,IAAI,CAAC,UAAU,GAAG,IAAI,UAAU,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE;YAC3E,OAAO,EAAE,OAAO,EAAE,OAAO;YACzB,KAAK,EAAE,OAAO,EAAE,KAAK;SACtB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QAClF,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QAErH,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC;YACnC,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC,CAAC;QAEH,IAAI,CAAC,eAAe,GAAG,IAAI,eAAe,CAAC;YACzC,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;YACrC,OAAO;YACP,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE;YAC3C,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,SAAS,EAAE,OAAO,EAAE,SAAS;SAC9B,CAAC,CAAC;QAEH,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAE5E,IAAI,CAAC,UAAU,GAAG,IAAI,mBAAmB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;QAEvF,IAAI,OAAO,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClD,CAAC;QACD,IAAI,OAAO,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,WAA4B;QACtC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3D,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,MAAM;QACV,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;IACnC,CAAC;IAED,eAAe;QACb,OAAO,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC;IAC5C,CAAC;IAED,aAAa,CAAC,UAAkB;QAC9B,IAAI,CAAC,iBAAiB,GAAG,UAAU,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,kBAAkB;QACtB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACvF,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;QACpD,OAAO,IAAI,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;IAC1E,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAAwB;QAQvC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACvF,CAAC;QACD,OAAO,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IACjE,CAAC;IAKD,KAAK,CAAC,QAAQ,CAAC,OAAe,EAAE,OAA0D;QACxF,IAAI,OAAO,EAAE,OAAO,KAAK,KAAK,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC7C,CAAC;QAED,wDAAwD;QACxD,OAAO,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAEO,qBAAqB,CAC3B,OAAe,EACf,OAAuC;QAEvC,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;YAC5E,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAErD,OAAO,YAAY,CAAC;IACtB,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAChC,OAAe,EACf,OAAuC;QAEvC,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,KAAK,KAAK,CAAC,CAAC,eAAe;QAC3E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,EAAE,eAAe,CAAC,CAAC;QAE9G,2BAA2B;QAC3B,MAAM,eAAe,GAAG,SAAS,CAAC,UAAU,CAAC;QAC7C,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,EAAE,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACtE,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;gBACtC,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,eAAe,EAAE,CAAC,CAAC,eAAe;aACnC,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,OAA0B;QACzC,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAe;QAC/B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,OAAe,EAAE,MAAc;QAChD,IAAI,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAEpE,IAAI,CAAC,SAAS,IAAI,CAAC,YAAY,EAAE,CAAC;YAChC,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC7B,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAClD,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,CAAC,SAAS,IAAI,CAAC,YAAY,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,QAAQ,MAAM,uBAAuB,OAAO,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,CAAC,eAAe,CAAC,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;IAC/F,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,OAAe,EAAE,OAAgC;QACrE,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,OAAe,EAAE,KAA8B;QACpE,OAAO,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,mBAAmB;QACvB,OAAO,IAAI,CAAC,aAAa,CAAC,mBAAmB,EAAE,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,WAAmB,EAAE,MAAe;QACxE,OAAO,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,SAAS,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;IACzE,CAAC;IAED,KAAK,CAAC,aAAa;QACjB,OAAO,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,SAAS;QACb,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,SAAS;QACb,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;IACxC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,eAAe;QAC1B,OAAO,eAAe,EAAE,CAAC;IAC3B,CAAC;IAED,UAAU;QACR,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;IAC7B,CAAC;IAED,4DAA4D;IAC5D,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,CAAC;QAClC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC3B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;QAE9B,qCAAqC;QACrC,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAClD,CAAC;CACF"}

package/dist/errors/account-error.d.ts

@@ -0,0 +1,73 @@
+/** Errors from account operations (webhooks, keys, licenses, appointments, delegates). */
+import { CapsaraError, type ApiErrorResponse, type AxiosLikeError } from './capsara-error.js';
+export declare class CapsaraAccountError extends CapsaraError {
+    constructor(message: string, code: string, statusCode: number, details?: Record<string, unknown>, response?: ApiErrorResponse);
+    /**
+     * Unauthorized - missing or invalid authentication
+     * HTTP 401 - UNAUTHORIZED
+     */
+    static unauthorized(): CapsaraAccountError;
+    /**
+     * Resource not found (webhook, license, appointment, etc.)
+     * HTTP 404 - NOT_FOUND
+     */
+    static notFound(resourceType: string, identifier?: string): CapsaraAccountError;
+    /**
+     * Webhook not found
+     * HTTP 404 - WEBHOOK_NOT_FOUND
+     */
+    static webhookNotFound(webhookId?: string): CapsaraAccountError;
+    /**
+     * License not found
+     * HTTP 404 - LICENSE_NOT_FOUND
+     */
+    static licenseNotFound(state?: string, licenseNumber?: string): CapsaraAccountError;
+    /**
+     * Appointment not found
+     * HTTP 404 - APPOINTMENT_NOT_FOUND
+     */
+    static appointmentNotFound(carrierPartyId?: string): CapsaraAccountError;
+    /**
+     * Delegate not found
+     * HTTP 404 - DELEGATE_NOT_FOUND
+     */
+    static delegateNotFound(delegateId?: string): CapsaraAccountError;
+    /**
+     * Key not found
+     * HTTP 404 - KEY_NOT_FOUND
+     */
+    static keyNotFound(keyFingerprint?: string): CapsaraAccountError;
+    /**
+     * Invalid request body (validation error)
+     * HTTP 400 - VALIDATION_ERROR
+     */
+    static validationError(message: string, details?: Record<string, unknown>): CapsaraAccountError;
+    /**
+     * Missing required parameter
+     * HTTP 400 - MISSING_PARAM
+     */
+    static missingParam(paramName: string): CapsaraAccountError;
+    /**
+     * Resource already exists (duplicate)
+     * HTTP 409 - ALREADY_EXISTS
+     */
+    static alreadyExists(resourceType: string, identifier?: string): CapsaraAccountError;
+    /**
+     * Cannot delete active key
+     * HTTP 400 - CANNOT_DELETE_ACTIVE_KEY
+     */
+    static cannotDeleteActiveKey(): CapsaraAccountError;
+    /**
+     * Webhook limit exceeded
+     * HTTP 400 - WEBHOOK_LIMIT_EXCEEDED
+     */
+    static webhookLimitExceeded(limit: number): CapsaraAccountError;
+    /**
+     * Invalid webhook URL
+     * HTTP 400 - INVALID_WEBHOOK_URL
+     */
+    static invalidWebhookUrl(url?: string): CapsaraAccountError;
+    /** Maps an API error response to the appropriate factory method. */
+    static fromApiError(error: AxiosLikeError): CapsaraAccountError;
+}
+//# sourceMappingURL=account-error.d.ts.map

package/dist/errors/account-error.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-error.d.ts","sourceRoot":"","sources":["../../src/errors/account-error.ts"],"names":[],"mappings":"AAAA,0FAA0F;AAE1F,OAAO,EAAE,YAAY,EAAE,KAAK,gBAAgB,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAE9F,qBAAa,mBAAoB,SAAQ,YAAY;gBAEjD,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,QAAQ,CAAC,EAAE,gBAAgB;IAM7B;;;OAGG;IACH,MAAM,CAAC,YAAY,IAAI,mBAAmB;IAQ1C;;;OAGG;IACH,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAW/E;;;OAGG;IACH,MAAM,CAAC,eAAe,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAI/D;;;OAGG;IACH,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAKnF;;;OAGG;IACH,MAAM,CAAC,mBAAmB,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAIxE;;;OAGG;IACH,MAAM,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAIjE;;;OAGG;IACH,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAIhE;;;OAGG;IACH,MAAM,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,mBAAmB;IAS/F;;;OAGG;IACH,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,mBAAmB;IAS3D;;;OAGG;IACH,MAAM,CAAC,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAWpF;;;OAGG;IACH,MAAM,CAAC,qBAAqB,IAAI,mBAAmB;IAQnD;;;OAGG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,mBAAmB;IAS/D;;;OAGG;IACH,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,mBAAmB;IAS3D,oEAAoE;IACpE,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,cAAc,GAAG,mBAAmB;CA4FhE"}

package/dist/errors/account-error.js

@@ -0,0 +1,155 @@
+/** Errors from account operations (webhooks, keys, licenses, appointments, delegates). */
+import { CapsaraError } from './capsara-error.js';
+export class CapsaraAccountError extends CapsaraError {
+    constructor(message, code, statusCode, details, response) {
+        super(message, code, statusCode, details, response);
+        this.name = 'CapsaraAccountError';
+    }
+    /**
+     * Unauthorized - missing or invalid authentication
+     * HTTP 401 - UNAUTHORIZED
+     */
+    static unauthorized() {
+        return new CapsaraAccountError('Unauthorized', 'UNAUTHORIZED', 401);
+    }
+    /**
+     * Resource not found (webhook, license, appointment, etc.)
+     * HTTP 404 - NOT_FOUND
+     */
+    static notFound(resourceType, identifier) {
+        return new CapsaraAccountError(identifier
+            ? `${resourceType} with identifier ${identifier} not found`
+            : `${resourceType} not found`, 'NOT_FOUND', 404, { resourceType, identifier });
+    }
+    /**
+     * Webhook not found
+     * HTTP 404 - WEBHOOK_NOT_FOUND
+     */
+    static webhookNotFound(webhookId) {
+        return CapsaraAccountError.notFound('Webhook', webhookId);
+    }
+    /**
+     * License not found
+     * HTTP 404 - LICENSE_NOT_FOUND
+     */
+    static licenseNotFound(state, licenseNumber) {
+        const identifier = state && licenseNumber ? `${state}/${licenseNumber}` : undefined;
+        return CapsaraAccountError.notFound('License', identifier);
+    }
+    /**
+     * Appointment not found
+     * HTTP 404 - APPOINTMENT_NOT_FOUND
+     */
+    static appointmentNotFound(carrierPartyId) {
+        return CapsaraAccountError.notFound('Appointment', carrierPartyId);
+    }
+    /**
+     * Delegate not found
+     * HTTP 404 - DELEGATE_NOT_FOUND
+     */
+    static delegateNotFound(delegateId) {
+        return CapsaraAccountError.notFound('Delegate', delegateId);
+    }
+    /**
+     * Key not found
+     * HTTP 404 - KEY_NOT_FOUND
+     */
+    static keyNotFound(keyFingerprint) {
+        return CapsaraAccountError.notFound('Key', keyFingerprint);
+    }
+    /**
+     * Invalid request body (validation error)
+     * HTTP 400 - VALIDATION_ERROR
+     */
+    static validationError(message, details) {
+        return new CapsaraAccountError(message || 'Invalid request body', 'VALIDATION_ERROR', 400, details);
+    }
+    /**
+     * Missing required parameter
+     * HTTP 400 - MISSING_PARAM
+     */
+    static missingParam(paramName) {
+        return new CapsaraAccountError(`${paramName} is required`, 'MISSING_PARAM', 400, { paramName });
+    }
+    /**
+     * Resource already exists (duplicate)
+     * HTTP 409 - ALREADY_EXISTS
+     */
+    static alreadyExists(resourceType, identifier) {
+        return new CapsaraAccountError(identifier
+            ? `${resourceType} with identifier ${identifier} already exists`
+            : `${resourceType} already exists`, 'ALREADY_EXISTS', 409, { resourceType, identifier });
+    }
+    /**
+     * Cannot delete active key
+     * HTTP 400 - CANNOT_DELETE_ACTIVE_KEY
+     */
+    static cannotDeleteActiveKey() {
+        return new CapsaraAccountError('Cannot delete the currently active key', 'CANNOT_DELETE_ACTIVE_KEY', 400);
+    }
+    /**
+     * Webhook limit exceeded
+     * HTTP 400 - WEBHOOK_LIMIT_EXCEEDED
+     */
+    static webhookLimitExceeded(limit) {
+        return new CapsaraAccountError(`Webhook limit of ${limit} exceeded`, 'WEBHOOK_LIMIT_EXCEEDED', 400, { limit });
+    }
+    /**
+     * Invalid webhook URL
+     * HTTP 400 - INVALID_WEBHOOK_URL
+     */
+    static invalidWebhookUrl(url) {
+        return new CapsaraAccountError('Invalid webhook URL', 'INVALID_WEBHOOK_URL', 400, url ? { url } : undefined);
+    }
+    /** Maps an API error response to the appropriate factory method. */
+    static fromApiError(error) {
+        // Handle axios errors
+        if (error.response) {
+            const status = error.response.status;
+            const data = error.response.data;
+            const errorCode = data?.error?.code;
+            const errorMessage = data?.error?.message ?? data?.message ?? error.message ?? 'Unknown error';
+            const errorDetails = data?.error?.details ?? data?.details;
+            // Map known error codes to factory methods
+            switch (errorCode) {
+                case 'UNAUTHORIZED':
+                    return CapsaraAccountError.unauthorized();
+                case 'WEBHOOK_NOT_FOUND':
+                    return CapsaraAccountError.webhookNotFound((errorDetails?.webhookId ?? errorDetails?.identifier));
+                case 'LICENSE_NOT_FOUND':
+                    return CapsaraAccountError.licenseNotFound(errorDetails?.state, errorDetails?.licenseNumber);
+                case 'APPOINTMENT_NOT_FOUND':
+                    return CapsaraAccountError.appointmentNotFound((errorDetails?.carrierPartyId ?? errorDetails?.identifier));
+                case 'DELEGATE_NOT_FOUND':
+                    return CapsaraAccountError.delegateNotFound((errorDetails?.delegateId ?? errorDetails?.identifier));
+                case 'KEY_NOT_FOUND':
+                    return CapsaraAccountError.keyNotFound((errorDetails?.keyFingerprint ?? errorDetails?.identifier));
+                case 'NOT_FOUND':
+                    return CapsaraAccountError.notFound(errorDetails?.resourceType ?? 'Resource', errorDetails?.identifier);
+                case 'VALIDATION_ERROR':
+                    return CapsaraAccountError.validationError(errorMessage, errorDetails);
+                case 'MISSING_PARAM':
+                    return CapsaraAccountError.missingParam(errorDetails?.paramName ?? 'Parameter');
+                case 'ALREADY_EXISTS':
+                    return CapsaraAccountError.alreadyExists(errorDetails?.resourceType ?? 'Resource', errorDetails?.identifier);
+                case 'CANNOT_DELETE_ACTIVE_KEY':
+                    return CapsaraAccountError.cannotDeleteActiveKey();
+                case 'WEBHOOK_LIMIT_EXCEEDED':
+                    return CapsaraAccountError.webhookLimitExceeded(errorDetails?.limit ?? 10);
+                case 'INVALID_WEBHOOK_URL':
+                    return CapsaraAccountError.invalidWebhookUrl(errorDetails?.url);
+                default:
+                    // Generic account error with status code
+                    return new CapsaraAccountError(errorMessage, errorCode ?? 'ACCOUNT_ERROR', status, errorDetails);
+            }
+        }
+        // Handle non-axios errors
+        if (error instanceof CapsaraAccountError) {
+            return error;
+        }
+        // Generic error fallback
+        const errorMessage = error.message ?? 'Unknown account error';
+        return new CapsaraAccountError(errorMessage, 'ACCOUNT_ERROR', 500, { originalError: errorMessage });
+    }
+}
+//# sourceMappingURL=account-error.js.map

package/dist/errors/account-error.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-error.js","sourceRoot":"","sources":["../../src/errors/account-error.ts"],"names":[],"mappings":"AAAA,0FAA0F;AAE1F,OAAO,EAAE,YAAY,EAA8C,MAAM,oBAAoB,CAAC;AAE9F,MAAM,OAAO,mBAAoB,SAAQ,YAAY;IACnD,YACE,OAAe,EACf,IAAY,EACZ,UAAkB,EAClB,OAAiC,EACjC,QAA2B;QAE3B,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,YAAY;QACjB,OAAO,IAAI,mBAAmB,CAC5B,cAAc,EACd,cAAc,EACd,GAAG,CACJ,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,QAAQ,CAAC,YAAoB,EAAE,UAAmB;QACvD,OAAO,IAAI,mBAAmB,CAC5B,UAAU;YACR,CAAC,CAAC,GAAG,YAAY,oBAAoB,UAAU,YAAY;YAC3D,CAAC,CAAC,GAAG,YAAY,YAAY,EAC/B,WAAW,EACX,GAAG,EACH,EAAE,YAAY,EAAE,UAAU,EAAE,CAC7B,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,eAAe,CAAC,SAAkB;QACvC,OAAO,mBAAmB,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,eAAe,CAAC,KAAc,EAAE,aAAsB;QAC3D,MAAM,UAAU,GAAG,KAAK,IAAI,aAAa,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,aAAa,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QACpF,OAAO,mBAAmB,CAAC,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,mBAAmB,CAAC,cAAuB;QAChD,OAAO,mBAAmB,CAAC,QAAQ,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;IACrE,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,gBAAgB,CAAC,UAAmB;QACzC,OAAO,mBAAmB,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,WAAW,CAAC,cAAuB;QACxC,OAAO,mBAAmB,CAAC,QAAQ,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;IAC7D,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,eAAe,CAAC,OAAe,EAAE,OAAiC;QACvE,OAAO,IAAI,mBAAmB,CAC5B,OAAO,IAAI,sBAAsB,EACjC,kBAAkB,EAClB,GAAG,EACH,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,YAAY,CAAC,SAAiB;QACnC,OAAO,IAAI,mBAAmB,CAC5B,GAAG,SAAS,cAAc,EAC1B,eAAe,EACf,GAAG,EACH,EAAE,SAAS,EAAE,CACd,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,aAAa,CAAC,YAAoB,EAAE,UAAmB;QAC5D,OAAO,IAAI,mBAAmB,CAC5B,UAAU;YACR,CAAC,CAAC,GAAG,YAAY,oBAAoB,UAAU,iBAAiB;YAChE,CAAC,CAAC,GAAG,YAAY,iBAAiB,EACpC,gBAAgB,EAChB,GAAG,EACH,EAAE,YAAY,EAAE,UAAU,EAAE,CAC7B,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,qBAAqB;QAC1B,OAAO,IAAI,mBAAmB,CAC5B,wCAAwC,EACxC,0BAA0B,EAC1B,GAAG,CACJ,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAa;QACvC,OAAO,IAAI,mBAAmB,CAC5B,oBAAoB,KAAK,WAAW,EACpC,wBAAwB,EACxB,GAAG,EACH,EAAE,KAAK,EAAE,CACV,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,iBAAiB,CAAC,GAAY;QACnC,OAAO,IAAI,mBAAmB,CAC5B,qBAAqB,EACrB,qBAAqB,EACrB,GAAG,EACH,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAC1B,CAAC;IACJ,CAAC;IAED,oEAAoE;IACpE,MAAM,CAAC,YAAY,CAAC,KAAqB;QACvC,sBAAsB;QACtB,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;YACrC,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;YACjC,MAAM,SAAS,GAAG,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC;YACpC,MAAM,YAAY,GAAG,IAAI,EAAE,KAAK,EAAE,OAAO,IAAI,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,OAAO,IAAI,eAAe,CAAC;YAC/F,MAAM,YAAY,GAAG,IAAI,EAAE,KAAK,EAAE,OAAO,IAAI,IAAI,EAAE,OAAO,CAAC;YAE3D,2CAA2C;YAC3C,QAAQ,SAAS,EAAE,CAAC;gBAClB,KAAK,cAAc;oBACjB,OAAO,mBAAmB,CAAC,YAAY,EAAE,CAAC;gBAE5C,KAAK,mBAAmB;oBACtB,OAAO,mBAAmB,CAAC,eAAe,CACxC,CAAC,YAAY,EAAE,SAAS,IAAI,YAAY,EAAE,UAAU,CAAuB,CAC5E,CAAC;gBAEJ,KAAK,mBAAmB;oBACtB,OAAO,mBAAmB,CAAC,eAAe,CACxC,YAAY,EAAE,KAA2B,EACzC,YAAY,EAAE,aAAmC,CAClD,CAAC;gBAEJ,KAAK,uBAAuB;oBAC1B,OAAO,mBAAmB,CAAC,mBAAmB,CAC5C,CAAC,YAAY,EAAE,cAAc,IAAI,YAAY,EAAE,UAAU,CAAuB,CACjF,CAAC;gBAEJ,KAAK,oBAAoB;oBACvB,OAAO,mBAAmB,CAAC,gBAAgB,CACzC,CAAC,YAAY,EAAE,UAAU,IAAI,YAAY,EAAE,UAAU,CAAuB,CAC7E,CAAC;gBAEJ,KAAK,eAAe;oBAClB,OAAO,mBAAmB,CAAC,WAAW,CACpC,CAAC,YAAY,EAAE,cAAc,IAAI,YAAY,EAAE,UAAU,CAAuB,CACjF,CAAC;gBAEJ,KAAK,WAAW;oBACd,OAAO,mBAAmB,CAAC,QAAQ,CAChC,YAAY,EAAE,YAAuB,IAAI,UAAU,EACpD,YAAY,EAAE,UAAgC,CAC/C,CAAC;gBAEJ,KAAK,kBAAkB;oBACrB,OAAO,mBAAmB,CAAC,eAAe,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;gBAEzE,KAAK,eAAe;oBAClB,OAAO,mBAAmB,CAAC,YAAY,CAAE,YAAY,EAAE,SAAoB,IAAI,WAAW,CAAC,CAAC;gBAE9F,KAAK,gBAAgB;oBACnB,OAAO,mBAAmB,CAAC,aAAa,CACrC,YAAY,EAAE,YAAuB,IAAI,UAAU,EACpD,YAAY,EAAE,UAAgC,CAC/C,CAAC;gBAEJ,KAAK,0BAA0B;oBAC7B,OAAO,mBAAmB,CAAC,qBAAqB,EAAE,CAAC;gBAErD,KAAK,wBAAwB;oBAC3B,OAAO,mBAAmB,CAAC,oBAAoB,CAAE,YAAY,EAAE,KAAgB,IAAI,EAAE,CAAC,CAAC;gBAEzF,KAAK,qBAAqB;oBACxB,OAAO,mBAAmB,CAAC,iBAAiB,CAAC,YAAY,EAAE,GAAyB,CAAC,CAAC;gBAExF;oBACE,yCAAyC;oBACzC,OAAO,IAAI,mBAAmB,CAC5B,YAAY,EACZ,SAAS,IAAI,eAAe,EAC5B,MAAM,EACN,YAAY,CACb,CAAC;YACN,CAAC;QACH,CAAC;QAED,0BAA0B;QAC1B,IAAI,KAAK,YAAY,mBAAmB,EAAE,CAAC;YACzC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,yBAAyB;QACzB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,IAAI,uBAAuB,CAAC;QAC9D,OAAO,IAAI,mBAAmB,CAC5B,YAAY,EACZ,eAAe,EACf,GAAG,EACH,EAAE,aAAa,EAAE,YAAY,EAAE,CAChC,CAAC;IACJ,CAAC;CACF"}

package/dist/errors/audit-error.d.ts

@@ -0,0 +1,34 @@
+import { CapsaraError, type ApiErrorResponse, type AxiosLikeError, type StoredErrorResponse } from './capsara-error.js';
+/** Errors from audit trail operations. */
+export declare class CapsaraAuditError extends CapsaraError {
+    readonly response?: StoredErrorResponse;
+    constructor(message: string, code: string, statusCode: number, details?: Record<string, unknown>, response?: ApiErrorResponse);
+    /**
+     * Create error for insufficient permissions
+     * Thrown when recipient tries to add 'log' action (creator-only)
+     */
+    static insufficientPermissions(details?: Record<string, unknown>): CapsaraAuditError;
+    /**
+     * Create error for invalid audit action
+     * Thrown when action is not 'log' or 'processed'
+     */
+    static invalidAction(action?: string): CapsaraAuditError;
+    /**
+     * Create error for access denied
+     * Thrown when party is not in capsa keychain
+     */
+    static accessDenied(details?: Record<string, unknown>): CapsaraAuditError;
+    /**
+     * Create error for missing details field
+     * Thrown when 'log' action is used without details
+     */
+    static missingDetails(): CapsaraAuditError;
+    /**
+     * Create error for capsa not found
+     * Thrown when capsa doesn't exist
+     */
+    static capsaNotFound(capsaId: string): CapsaraAuditError;
+    /** Maps an API error response to the appropriate factory method. */
+    static fromApiError(error: AxiosLikeError): CapsaraAuditError;
+}
+//# sourceMappingURL=audit-error.d.ts.map

package/dist/errors/audit-error.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-error.d.ts","sourceRoot":"","sources":["../../src/errors/audit-error.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,KAAK,gBAAgB,EAAE,KAAK,cAAc,EAAE,KAAK,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAExH,0CAA0C;AAC1C,qBAAa,iBAAkB,SAAQ,YAAY;IACjD,SAAwB,QAAQ,CAAC,EAAE,mBAAmB,CAAC;gBAGrD,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,QAAQ,CAAC,EAAE,gBAAgB;IAO7B;;;OAGG;IACH,MAAM,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,iBAAiB;IASpF;;;OAGG;IACH,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,iBAAiB;IASxD;;;OAGG;IACH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,iBAAiB;IASzE;;;OAGG;IACH,MAAM,CAAC,cAAc,IAAI,iBAAiB;IAQ1C;;;OAGG;IACH,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,iBAAiB;IASxD,oEAAoE;IACpE,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,cAAc,GAAG,iBAAiB;CA2D9D"}

package/dist/errors/audit-error.js

@@ -0,0 +1,93 @@
+import { CapsaraError } from './capsara-error.js';
+/** Errors from audit trail operations. */
+export class CapsaraAuditError extends CapsaraError {
+    constructor(message, code, statusCode, details, response) {
+        super(message, code, statusCode, details, response);
+        this.name = 'CapsaraAuditError';
+        Object.setPrototypeOf(this, CapsaraAuditError.prototype);
+    }
+    /**
+     * Create error for insufficient permissions
+     * Thrown when recipient tries to add 'log' action (creator-only)
+     */
+    static insufficientPermissions(details) {
+        return new CapsaraAuditError('You do not have permission to perform this action', 'INSUFFICIENT_PERMISSIONS', 403, details);
+    }
+    /**
+     * Create error for invalid audit action
+     * Thrown when action is not 'log' or 'processed'
+     */
+    static invalidAction(action) {
+        return new CapsaraAuditError('Invalid audit action', 'INVALID_AUDIT_ACTION', 400, { action });
+    }
+    /**
+     * Create error for access denied
+     * Thrown when party is not in capsa keychain
+     */
+    static accessDenied(details) {
+        return new CapsaraAuditError('You do not have access to this capsa', 'ACCESS_DENIED', 403, details);
+    }
+    /**
+     * Create error for missing details field
+     * Thrown when 'log' action is used without details
+     */
+    static missingDetails() {
+        return new CapsaraAuditError('Details field is required for log action', 'MISSING_DETAILS', 400);
+    }
+    /**
+     * Create error for capsa not found
+     * Thrown when capsa doesn't exist
+     */
+    static capsaNotFound(capsaId) {
+        return new CapsaraAuditError('Capsa not found or access denied', 'CAPSA_NOT_FOUND', 404, { capsaId });
+    }
+    /** Maps an API error response to the appropriate factory method. */
+    static fromApiError(error) {
+        // Extract error information
+        const errorCode = error.response?.data?.error?.code;
+        const errorMessage = error.response?.data?.error?.message;
+        const statusCode = error.response?.status ?? 500;
+        const details = error.response?.data?.error?.details;
+        const response = error.response;
+        // Map known error codes to factory methods
+        // Note: Factory methods don't include response, so add it after creation
+        let auditError;
+        switch (errorCode) {
+            case 'INSUFFICIENT_PERMISSIONS':
+                auditError = CapsaraAuditError.insufficientPermissions(details);
+                break;
+            case 'INVALID_AUDIT_ACTION':
+                auditError = CapsaraAuditError.invalidAction(details?.action);
+                break;
+            case 'ACCESS_DENIED':
+                auditError = CapsaraAuditError.accessDenied(details);
+                break;
+            case 'MISSING_DETAILS':
+                auditError = CapsaraAuditError.missingDetails();
+                break;
+            case 'ENVELOPE_NOT_FOUND':
+            case 'CAPSA_NOT_FOUND':
+                auditError = CapsaraAuditError.capsaNotFound((details?.capsaId ?? details?.envelopeId) ?? '');
+                break;
+            default:
+                // Generic audit error for unknown codes
+                return new CapsaraAuditError(errorMessage ?? 'An audit error occurred', errorCode ?? 'UNKNOWN_AUDIT_ERROR', statusCode, details, response);
+        }
+        // Add response to error created by factory method
+        if (response) {
+            Object.defineProperty(auditError, 'response', {
+                value: {
+                    status: response.status,
+                    statusText: response.statusText,
+                    headers: response.headers,
+                    data: response.data,
+                },
+                writable: false,
+                enumerable: true,
+                configurable: true,
+            });
+        }
+        return auditError;
+    }
+}
+//# sourceMappingURL=audit-error.js.map