@casfa/client 0.0.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/dist/api/claim.d.ts +21 -0
  2. package/dist/api/claim.d.ts.map +1 -0
  3. package/dist/api/delegates.d.ts +39 -0
  4. package/dist/api/delegates.d.ts.map +1 -0
  5. package/dist/api/depots.d.ts +68 -0
  6. package/dist/api/depots.d.ts.map +1 -0
  7. package/dist/api/filesystem.d.ts +55 -0
  8. package/dist/api/filesystem.d.ts.map +1 -0
  9. package/dist/api/index.d.ts +13 -3
  10. package/dist/api/index.d.ts.map +1 -0
  11. package/dist/api/index.js +355 -207
  12. package/dist/api/index.js.map +19 -1
  13. package/dist/api/info.d.ts +16 -0
  14. package/dist/api/info.d.ts.map +1 -0
  15. package/dist/api/nodes.d.ts +42 -0
  16. package/dist/api/nodes.d.ts.map +1 -0
  17. package/dist/api/oauth.d.ts +54 -0
  18. package/dist/api/oauth.d.ts.map +1 -0
  19. package/dist/api/requests.d.ts +33 -0
  20. package/dist/api/requests.d.ts.map +1 -0
  21. package/dist/api/tokens.d.ts +19 -0
  22. package/dist/api/tokens.d.ts.map +1 -0
  23. package/dist/client/delegates.d.ts +26 -0
  24. package/dist/client/delegates.d.ts.map +1 -0
  25. package/dist/client/depots.d.ts +28 -0
  26. package/dist/client/depots.d.ts.map +1 -0
  27. package/dist/client/filesystem.d.ts +39 -0
  28. package/dist/client/filesystem.d.ts.map +1 -0
  29. package/dist/client/helpers.d.ts +27 -0
  30. package/dist/client/helpers.d.ts.map +1 -0
  31. package/dist/client/index.d.ts +49 -0
  32. package/dist/client/index.d.ts.map +1 -0
  33. package/dist/client/nodes.d.ts +30 -0
  34. package/dist/client/nodes.d.ts.map +1 -0
  35. package/dist/client/oauth.d.ts +24 -0
  36. package/dist/client/oauth.d.ts.map +1 -0
  37. package/dist/client/tokens.d.ts +23 -0
  38. package/dist/client/tokens.d.ts.map +1 -0
  39. package/dist/index.d.ts +14 -294
  40. package/dist/index.d.ts.map +1 -0
  41. package/dist/index.js +414 -515
  42. package/dist/index.js.map +32 -1
  43. package/dist/store/index.d.ts +8 -0
  44. package/dist/store/index.d.ts.map +1 -0
  45. package/dist/store/jwt-refresh.d.ts +31 -0
  46. package/dist/store/jwt-refresh.d.ts.map +1 -0
  47. package/dist/store/token-checks.d.ts +33 -0
  48. package/dist/store/token-checks.d.ts.map +1 -0
  49. package/dist/store/token-selector.d.ts +29 -0
  50. package/dist/store/token-selector.d.ts.map +1 -0
  51. package/dist/store/token-store.d.ts +30 -0
  52. package/dist/store/token-store.d.ts.map +1 -0
  53. package/dist/types/client.d.ts +64 -0
  54. package/dist/types/client.d.ts.map +1 -0
  55. package/dist/types/index.d.ts +5 -142
  56. package/dist/types/index.d.ts.map +1 -0
  57. package/dist/types/index.js +14 -3
  58. package/dist/types/index.js.map +10 -1
  59. package/dist/types/tokens.d.ts +86 -0
  60. package/dist/types/tokens.d.ts.map +1 -0
  61. package/dist/utils/http.d.ts +32 -0
  62. package/dist/utils/http.d.ts.map +1 -0
  63. package/package.json +7 -3
  64. package/dist/index-cPO-6GxE.d.ts +0 -338
package/dist/api/index.js.map CHANGED
@@ -1 +1,19 @@
1
- {"version":3,"sources":["../../src/utils/http.ts","../../src/api/depots.ts","../../src/api/info.ts","../../src/api/nodes.ts","../../src/api/oauth.ts","../../src/api/requests.ts","../../src/api/tickets.ts","../../src/api/tokens.ts"],"sourcesContent":["/**\n * Fetch utilities for the stateful client.\n */\n\nimport type { ClientError, FetchResult } from \"../types/client.ts\";\n\n// ============================================================================\n// Error Handling\n// ============================================================================\n\n/**\n * Map HTTP status to error code.\n */\nexport const statusToErrorCode = (status: number): string => {\n switch (status) {\n case 401:\n return \"UNAUTHORIZED\";\n case 403:\n return \"FORBIDDEN\";\n case 404:\n return \"NOT_FOUND\";\n case 409:\n return \"CONFLICT\";\n case 400:\n case 422:\n return \"VALIDATION_ERROR\";\n case 429:\n return \"RATE_LIMITED\";\n default:\n return \"UNKNOWN\";\n }\n};\n\n/**\n * Create error from HTTP response.\n */\nexport const createErrorFromResponse = async (response: Response): Promise<ClientError> => {\n const code = statusToErrorCode(response.status);\n let message = response.statusText;\n let details: unknown;\n\n try {\n const body = (await response.json()) as Record<string, unknown>;\n if (typeof body.message === \"string\") {\n message = body.message;\n }\n if (typeof body.error === \"string\") {\n message = body.error;\n }\n details = body;\n } catch {\n // Response body is not JSON, use status text\n }\n\n return { code, message, status: response.status, details };\n};\n\n/**\n * Create a network error.\n */\nexport const createNetworkError = (err: unknown): ClientError => ({\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network request failed\",\n details: err,\n});\n\n// ============================================================================\n// Fetch Function\n// ============================================================================\n\nexport type FetchOptions = {\n method?: \"GET\" | \"POST\" | \"PUT\" | \"PATCH\" | \"DELETE\";\n headers?: Record<string, string>;\n body?: unknown;\n /** Expected response type */\n responseType?: \"json\" | \"blob\" | \"text\" | \"none\";\n};\n\n/**\n * Make a fetch request with error handling.\n */\nexport const fetchApi = async <T>(\n url: string,\n options: FetchOptions = {}\n): Promise<FetchResult<T>> => {\n const { method = \"GET\", headers = {}, body, responseType = \"json\" } = options;\n\n const requestHeaders: Record<string, string> = { ...headers };\n\n // Add content-type for JSON body\n if (body !== undefined && !requestHeaders[\"Content-Type\"]) {\n requestHeaders[\"Content-Type\"] = \"application/json\";\n }\n\n try {\n const response = await fetch(url, {\n method,\n headers: requestHeaders,\n body: body !== undefined ? JSON.stringify(body) : undefined,\n });\n\n if (!response.ok) {\n const error = await createErrorFromResponse(response);\n return { ok: false, error };\n }\n\n // Parse response based on type\n let data: T;\n switch (responseType) {\n case \"json\":\n data = (await response.json()) as T;\n break;\n case \"blob\":\n data = (await response.blob()) as T;\n break;\n case \"text\":\n data = (await response.text()) as T;\n break;\n case \"none\":\n data = undefined as T;\n break;\n }\n\n return { ok: true, data, status: response.status };\n } catch (err) {\n return { ok: false, error: createNetworkError(err) };\n }\n};\n\n/**\n * Make an authenticated fetch request.\n */\nexport const fetchWithAuth = async <T>(\n url: string,\n authHeader: string | null,\n options: FetchOptions = {}\n): Promise<FetchResult<T>> => {\n const headers = { ...options.headers };\n\n if (authHeader) {\n headers.Authorization = authHeader;\n }\n\n return fetchApi<T>(url, { ...options, headers });\n};\n","/**\n * Depot API functions.\n *\n * Token Requirement:\n * - All depot operations require Access Token with canManageDepot permission.\n */\n\nimport type {\n CreateDepot,\n CreateDepotResponse,\n DepotCommit,\n DepotDetail,\n DepotListItem,\n ListDepotsQuery,\n UpdateDepot,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type ListDepotsResponse = {\n depots: DepotListItem[];\n nextCursor?: string;\n};\n\nexport type CommitDepotResponse = {\n depotId: string;\n root: string;\n updatedAt: number;\n};\n\n// ============================================================================\n// Access Token APIs\n// ============================================================================\n\n/**\n * Create a new depot.\n * Requires Access Token with canManageDepot.\n */\nexport const createDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: CreateDepot\n): Promise<FetchResult<CreateDepotResponse>> => {\n return fetchWithAuth<CreateDepotResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * List depots.\n * Requires Access Token.\n */\nexport const listDepots = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params?: ListDepotsQuery\n): Promise<FetchResult<ListDepotsResponse>> => {\n const query = new URLSearchParams();\n if (params?.limit) query.set(\"limit\", String(params.limit));\n if (params?.cursor) query.set(\"cursor\", params.cursor);\n\n const queryString = query.toString();\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots${queryString ? `?${queryString}` : \"\"}`;\n\n return fetchWithAuth<ListDepotsResponse>(url, `Bearer ${accessTokenBase64}`);\n};\n\n/**\n * Get depot details.\n * Requires Access Token.\n */\nexport const getDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string\n): Promise<FetchResult<DepotDetail>> => {\n return fetchWithAuth<DepotDetail>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}`,\n `Bearer ${accessTokenBase64}`\n );\n};\n\n/**\n * Update depot metadata.\n * Requires Access Token with canManageDepot.\n */\nexport const updateDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string,\n params: UpdateDepot\n): Promise<FetchResult<DepotDetail>> => {\n return fetchWithAuth<DepotDetail>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"PATCH\",\n body: params,\n }\n );\n};\n\n/**\n * Delete a depot.\n * Requires Access Token with canManageDepot.\n */\nexport const deleteDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string\n): Promise<FetchResult<void>> => {\n return fetchWithAuth<void>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"DELETE\",\n responseType: \"none\",\n }\n );\n};\n\n/**\n * Commit new root to depot.\n * Requires Access Token with canManageDepot.\n */\nexport const commitDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string,\n params: DepotCommit\n): Promise<FetchResult<CommitDepotResponse>> => {\n return fetchWithAuth<CommitDepotResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}/commit`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n","/**\n * Service info API.\n */\n\nimport type { ServiceInfo } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchApi } from \"../utils/http.ts\";\n\n/**\n * Fetch service info from /api/info.\n */\nexport const fetchServiceInfo = async (baseUrl: string): Promise<FetchResult<ServiceInfo>> => {\n return fetchApi<ServiceInfo>(`${baseUrl}/api/info`);\n};\n\n/**\n * Health check.\n */\nexport const healthCheck = async (baseUrl: string): Promise<FetchResult<{ status: string }>> => {\n return fetchApi<{ status: string }>(`${baseUrl}/api/health`);\n};\n","/**\n * Node API functions.\n *\n * Token Requirement:\n * - GET /nodes/:nodeKey: Access Token (with X-CAS-Index-Path header)\n * - POST /nodes/prepare: Access Token with canUpload\n * - PUT /nodes/:nodeKey: Access Token with canUpload\n */\n\nimport type { NodeMetadata, PrepareNodes, PrepareNodesResponse } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type NodeUploadResult = {\n nodeKey: string;\n status: \"created\" | \"exists\";\n};\n\n// ============================================================================\n// Access Token APIs\n// ============================================================================\n\n/**\n * Get node content.\n * Requires Access Token with scope covering the index path.\n *\n * @param indexPath - The CAS index path for scope verification (e.g., \"depot:MAIN:0:1\")\n */\nexport const getNode = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string,\n indexPath: string\n): Promise<FetchResult<Uint8Array>> => {\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/${encodeURIComponent(nodeKey)}`;\n\n try {\n const response = await fetch(url, {\n headers: {\n Authorization: `Bearer ${accessTokenBase64}`,\n \"X-CAS-Index-Path\": indexPath,\n },\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({ message: response.statusText }));\n return {\n ok: false,\n error: {\n code: String(response.status),\n message: (error as { message?: string }).message ?? response.statusText,\n status: response.status,\n },\n };\n }\n\n const data = new Uint8Array(await response.arrayBuffer());\n return { ok: true, data, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n\n/**\n * Get node metadata.\n * Requires Access Token with scope covering the index path.\n */\nexport const getNodeMetadata = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string,\n indexPath: string\n): Promise<FetchResult<NodeMetadata>> => {\n return fetchWithAuth<NodeMetadata>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/${encodeURIComponent(nodeKey)}/metadata`,\n `Bearer ${accessTokenBase64}`,\n {\n headers: {\n \"X-CAS-Index-Path\": indexPath,\n },\n }\n );\n};\n\n/**\n * Prepare nodes for upload.\n * Returns which nodes need to be uploaded vs already exist.\n * Requires Access Token with canUpload.\n */\nexport const prepareNodes = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: PrepareNodes\n): Promise<FetchResult<PrepareNodesResponse>> => {\n return fetchWithAuth<PrepareNodesResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/prepare`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * Upload a node.\n * Requires Access Token with canUpload.\n */\nexport const putNode = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string,\n content: Uint8Array\n): Promise<FetchResult<NodeUploadResult>> => {\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/${encodeURIComponent(nodeKey)}`;\n\n try {\n const response = await fetch(url, {\n method: \"PUT\",\n headers: {\n Authorization: `Bearer ${accessTokenBase64}`,\n \"Content-Type\": \"application/octet-stream\",\n },\n body: content,\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({ message: response.statusText }));\n return {\n ok: false,\n error: {\n code: String(response.status),\n message: (error as { message?: string }).message ?? response.statusText,\n status: response.status,\n },\n };\n }\n\n const data = (await response.json()) as NodeUploadResult;\n return { ok: true, data, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n","/**\n * OAuth API functions.\n */\n\nimport type { Login, Refresh, TokenExchange } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport type { StoredUserToken } from \"../types/tokens.ts\";\nimport { fetchApi, fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type CognitoConfig = {\n region: string;\n userPoolId: string;\n clientId: string;\n domain: string;\n};\n\nexport type TokenResponse = {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n idToken?: string;\n};\n\nexport type UserInfo = {\n userId: string;\n email: string;\n role: string;\n};\n\n// ============================================================================\n// Public OAuth API\n// ============================================================================\n\n/**\n * Get Cognito configuration.\n */\nexport const getOAuthConfig = async (baseUrl: string): Promise<FetchResult<CognitoConfig>> => {\n return fetchApi<CognitoConfig>(`${baseUrl}/api/oauth/config`);\n};\n\n/**\n * Exchange authorization code for tokens.\n */\nexport const exchangeCode = async (\n baseUrl: string,\n params: TokenExchange\n): Promise<FetchResult<TokenResponse>> => {\n return fetchApi<TokenResponse>(`${baseUrl}/api/oauth/token`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * Login with email and password.\n */\nexport const login = async (\n baseUrl: string,\n params: Login\n): Promise<FetchResult<TokenResponse>> => {\n return fetchApi<TokenResponse>(`${baseUrl}/api/oauth/login`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * Refresh access token.\n */\nexport const refresh = async (\n baseUrl: string,\n params: Refresh\n): Promise<FetchResult<TokenResponse>> => {\n return fetchApi<TokenResponse>(`${baseUrl}/api/oauth/refresh`, {\n method: \"POST\",\n body: params,\n });\n};\n\n// ============================================================================\n// Authenticated OAuth API\n// ============================================================================\n\n/**\n * Get current user info.\n * Requires User JWT.\n */\nexport const getMe = async (\n baseUrl: string,\n userAccessToken: string\n): Promise<FetchResult<UserInfo>> => {\n return fetchWithAuth<UserInfo>(`${baseUrl}/api/oauth/me`, `Bearer ${userAccessToken}`);\n};\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\n/**\n * Convert token response to stored user token.\n */\nexport const tokenResponseToStoredUserToken = (\n response: TokenResponse,\n userId: string\n): StoredUserToken => ({\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId,\n expiresAt: Date.now() + response.expiresIn * 1000,\n});\n","/**\n * Client Authorization Request API functions.\n *\n * For CLI/desktop apps to request tokens through user approval.\n */\n\nimport type {\n ApproveRequest,\n ApproveRequestResponse,\n CreateAuthRequest,\n CreateAuthRequestResponse,\n DenyRequest,\n DenyRequestResponse,\n PollRequestResponse,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchApi, fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Public APIs (No auth required)\n// ============================================================================\n\n/**\n * Create an authorization request.\n * No auth required - called by CLI/desktop clients.\n */\nexport const createAuthRequest = async (\n baseUrl: string,\n params: CreateAuthRequest\n): Promise<FetchResult<CreateAuthRequestResponse>> => {\n return fetchApi<CreateAuthRequestResponse>(`${baseUrl}/api/tokens/requests`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * Poll authorization request status.\n * No auth required - called by CLI/desktop clients.\n */\nexport const pollAuthRequest = async (\n baseUrl: string,\n requestId: string\n): Promise<FetchResult<PollRequestResponse>> => {\n return fetchApi<PollRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}/poll`\n );\n};\n\n// ============================================================================\n// User JWT APIs (For approving/rejecting requests)\n// ============================================================================\n\n/**\n * Get authorization request details.\n * Requires User JWT.\n */\nexport const getAuthRequest = async (\n baseUrl: string,\n userAccessToken: string,\n requestId: string\n): Promise<FetchResult<PollRequestResponse>> => {\n return fetchWithAuth<PollRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}`,\n `Bearer ${userAccessToken}`\n );\n};\n\n/**\n * Approve an authorization request.\n * Requires User JWT.\n */\nexport const approveAuthRequest = async (\n baseUrl: string,\n userAccessToken: string,\n requestId: string,\n params?: ApproveRequest\n): Promise<FetchResult<ApproveRequestResponse>> => {\n return fetchWithAuth<ApproveRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}/approve`,\n `Bearer ${userAccessToken}`,\n {\n method: \"POST\",\n body: params ?? {},\n }\n );\n};\n\n/**\n * Reject an authorization request.\n * Requires User JWT.\n */\nexport const rejectAuthRequest = async (\n baseUrl: string,\n userAccessToken: string,\n requestId: string,\n params?: DenyRequest\n): Promise<FetchResult<DenyRequestResponse>> => {\n return fetchWithAuth<DenyRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}/reject`,\n `Bearer ${userAccessToken}`,\n {\n method: \"POST\",\n body: params ?? {},\n }\n );\n};\n","/**\n * Ticket API functions.\n *\n * Token Requirement:\n * - POST /api/realm/{realmId}/tickets: Access Token (create ticket, bind pre-issued token)\n * - GET /api/realm/{realmId}/tickets: Access Token (list)\n * - GET /api/realm/{realmId}/tickets/:ticketId: Access Token (get detail)\n * - POST /api/realm/{realmId}/tickets/:ticketId/submit: Access Token (submit)\n *\n * Design Principle: All Realm data operations use Access Token.\n * Delegate Token is only for issuing tokens.\n *\n * Two-step Ticket creation flow:\n * 1. Issue Access Token using Delegate Token (POST /api/tokens/delegate)\n * 2. Create Ticket and bind the token (POST /api/realm/{realmId}/tickets)\n */\n\nimport type {\n CreateTicket,\n CreateTicketResponse,\n ListTicketsQuery,\n TicketDetail,\n TicketListItem,\n TicketSubmit,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type ListTicketsResponse = {\n tickets: TicketListItem[];\n nextCursor?: string;\n};\n\nexport type SubmitTicketResponse = {\n ticketId: string;\n status: \"submitted\";\n root: string;\n submittedAt: number;\n};\n\n// ============================================================================\n// Access Token APIs\n// ============================================================================\n\n/**\n * Create a new ticket and bind a pre-issued Access Token.\n * Requires Access Token.\n *\n * @param accessTokenBase64 - Caller's Access Token (for authentication)\n * @param params.accessTokenId - Pre-issued Access Token ID to bind (for Tool use)\n */\nexport const createTicket = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: CreateTicket\n): Promise<FetchResult<CreateTicketResponse>> => {\n return fetchWithAuth<CreateTicketResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/tickets`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * List tickets.\n * Requires Access Token.\n */\nexport const listTickets = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params?: ListTicketsQuery\n): Promise<FetchResult<ListTicketsResponse>> => {\n const query = new URLSearchParams();\n if (params?.limit) query.set(\"limit\", String(params.limit));\n if (params?.cursor) query.set(\"cursor\", params.cursor);\n if (params?.status) query.set(\"status\", params.status);\n\n const queryString = query.toString();\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/tickets${queryString ? `?${queryString}` : \"\"}`;\n\n return fetchWithAuth<ListTicketsResponse>(url, `Bearer ${accessTokenBase64}`);\n};\n\n/**\n * Get ticket details.\n * Requires Access Token.\n */\nexport const getTicket = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n ticketId: string\n): Promise<FetchResult<TicketDetail>> => {\n return fetchWithAuth<TicketDetail>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/tickets/${encodeURIComponent(ticketId)}`,\n `Bearer ${accessTokenBase64}`\n );\n};\n\n/**\n * Submit a ticket.\n * Requires Access Token.\n */\nexport const submitTicket = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n ticketId: string,\n params: TicketSubmit\n): Promise<FetchResult<SubmitTicketResponse>> => {\n return fetchWithAuth<SubmitTicketResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/tickets/${encodeURIComponent(ticketId)}/submit`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n","/**\n * Token management API functions.\n *\n * Token Requirement:\n * - POST /api/tokens: User JWT\n * - GET /api/tokens: User JWT\n * - GET /api/tokens/:tokenId: User JWT\n * - POST /api/tokens/:tokenId/revoke: User JWT\n * - POST /api/tokens/delegate: Delegate Token\n */\n\nimport type {\n CreateToken,\n CreateTokenResponse,\n RevokeTokenResponse,\n TokenDetail,\n TokenListItem,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type ListTokensParams = {\n limit?: number;\n cursor?: string;\n type?: \"delegate\" | \"access\";\n};\n\nexport type ListTokensResponse = {\n tokens: TokenListItem[];\n nextCursor?: string;\n};\n\n// ============================================================================\n// User JWT APIs\n// ============================================================================\n\n/**\n * Create a new Delegate Token.\n * Requires User JWT.\n */\nexport const createToken = async (\n baseUrl: string,\n userAccessToken: string,\n params: CreateToken\n): Promise<FetchResult<CreateTokenResponse>> => {\n return fetchWithAuth<CreateTokenResponse>(`${baseUrl}/api/tokens`, `Bearer ${userAccessToken}`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * List Delegate Tokens.\n * Requires User JWT.\n */\nexport const listTokens = async (\n baseUrl: string,\n userAccessToken: string,\n params?: ListTokensParams\n): Promise<FetchResult<ListTokensResponse>> => {\n const query = new URLSearchParams();\n if (params?.limit) query.set(\"limit\", String(params.limit));\n if (params?.cursor) query.set(\"cursor\", params.cursor);\n if (params?.type) query.set(\"type\", params.type);\n\n const queryString = query.toString();\n const url = `${baseUrl}/api/tokens${queryString ? `?${queryString}` : \"\"}`;\n\n return fetchWithAuth<ListTokensResponse>(url, `Bearer ${userAccessToken}`);\n};\n\n/**\n * Get token details.\n * Requires User JWT.\n */\nexport const getToken = async (\n baseUrl: string,\n userAccessToken: string,\n tokenId: string\n): Promise<FetchResult<TokenDetail>> => {\n return fetchWithAuth<TokenDetail>(\n `${baseUrl}/api/tokens/${encodeURIComponent(tokenId)}`,\n `Bearer ${userAccessToken}`\n );\n};\n\n/**\n * Revoke a token.\n * Requires User JWT.\n */\nexport const revokeToken = async (\n baseUrl: string,\n userAccessToken: string,\n tokenId: string\n): Promise<FetchResult<RevokeTokenResponse>> => {\n return fetchWithAuth<RevokeTokenResponse>(\n `${baseUrl}/api/tokens/${encodeURIComponent(tokenId)}/revoke`,\n `Bearer ${userAccessToken}`,\n { method: \"POST\" }\n );\n};\n\n// ============================================================================\n// Delegate Token APIs\n// ============================================================================\n\nexport type DelegateTokenParams = {\n name: string;\n type: \"delegate\" | \"access\";\n expiresIn?: number;\n canUpload?: boolean;\n canManageDepot?: boolean;\n scope?: string[];\n};\n\n/**\n * Delegate (re-issue) a token using existing Delegate Token.\n * Requires Delegate Token.\n */\nexport const delegateToken = async (\n baseUrl: string,\n delegateTokenBase64: string,\n params: DelegateTokenParams\n): Promise<FetchResult<CreateTokenResponse>> => {\n return fetchWithAuth<CreateTokenResponse>(\n `${baseUrl}/api/tokens/delegate`,\n `Bearer ${delegateTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n"],"mappings":";AAaO,IAAM,oBAAoB,CAAC,WAA2B;AAC3D,UAAQ,QAAQ;AAAA,IACd,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AAAA,IACL,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF;AAKO,IAAM,0BAA0B,OAAO,aAA6C;AACzF,QAAM,OAAO,kBAAkB,SAAS,MAAM;AAC9C,MAAI,UAAU,SAAS;AACvB,MAAI;AAEJ,MAAI;AACF,UAAM,OAAQ,MAAM,SAAS,KAAK;AAClC,QAAI,OAAO,KAAK,YAAY,UAAU;AACpC,gBAAU,KAAK;AAAA,IACjB;AACA,QAAI,OAAO,KAAK,UAAU,UAAU;AAClC,gBAAU,KAAK;AAAA,IACjB;AACA,cAAU;AAAA,EACZ,QAAQ;AAAA,EAER;AAEA,SAAO,EAAE,MAAM,SAAS,QAAQ,SAAS,QAAQ,QAAQ;AAC3D;AAKO,IAAM,qBAAqB,CAAC,SAA+B;AAAA,EAChE,MAAM;AAAA,EACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,EAC9C,SAAS;AACX;AAiBO,IAAM,WAAW,OACtB,KACA,UAAwB,CAAC,MACG;AAC5B,QAAM,EAAE,SAAS,OAAO,UAAU,CAAC,GAAG,MAAM,eAAe,OAAO,IAAI;AAEtE,QAAM,iBAAyC,EAAE,GAAG,QAAQ;AAG5D,MAAI,SAAS,UAAa,CAAC,eAAe,cAAc,GAAG;AACzD,mBAAe,cAAc,IAAI;AAAA,EACnC;AAEA,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC;AAAA,MACA,SAAS;AAAA,MACT,MAAM,SAAS,SAAY,KAAK,UAAU,IAAI,IAAI;AAAA,IACpD,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,wBAAwB,QAAQ;AACpD,aAAO,EAAE,IAAI,OAAO,MAAM;AAAA,IAC5B;AAGA,QAAI;AACJ,YAAQ,cAAc;AAAA,MACpB,KAAK;AACH,eAAQ,MAAM,SAAS,KAAK;AAC5B;AAAA,MACF,KAAK;AACH,eAAQ,MAAM,SAAS,KAAK;AAC5B;AAAA,MACF,KAAK;AACH,eAAQ,MAAM,SAAS,KAAK;AAC5B;AAAA,MACF,KAAK;AACH,eAAO;AACP;AAAA,IACJ;AAEA,WAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,EACnD,SAAS,KAAK;AACZ,WAAO,EAAE,IAAI,OAAO,OAAO,mBAAmB,GAAG,EAAE;AAAA,EACrD;AACF;AAKO,IAAM,gBAAgB,OAC3B,KACA,YACA,UAAwB,CAAC,MACG;AAC5B,QAAM,UAAU,EAAE,GAAG,QAAQ,QAAQ;AAErC,MAAI,YAAY;AACd,YAAQ,gBAAgB;AAAA,EAC1B;AAEA,SAAO,SAAY,KAAK,EAAE,GAAG,SAAS,QAAQ,CAAC;AACjD;;;ACtGO,IAAM,cAAc,OACzB,SACA,OACA,mBACA,WAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC;AAAA,IACjD,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAMO,IAAM,aAAa,OACxB,SACA,OACA,mBACA,WAC6C;AAC7C,QAAM,QAAQ,IAAI,gBAAgB;AAClC,MAAI,QAAQ,MAAO,OAAM,IAAI,SAAS,OAAO,OAAO,KAAK,CAAC;AAC1D,MAAI,QAAQ,OAAQ,OAAM,IAAI,UAAU,OAAO,MAAM;AAErD,QAAM,cAAc,MAAM,SAAS;AACnC,QAAM,MAAM,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,UAAU,cAAc,IAAI,WAAW,KAAK,EAAE;AAE3G,SAAO,cAAkC,KAAK,UAAU,iBAAiB,EAAE;AAC7E;AAMO,IAAM,WAAW,OACtB,SACA,OACA,mBACA,YACsC;AACtC,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,WAAW,mBAAmB,OAAO,CAAC;AAAA,IACvF,UAAU,iBAAiB;AAAA,EAC7B;AACF;AAMO,IAAM,cAAc,OACzB,SACA,OACA,mBACA,SACA,WACsC;AACtC,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,WAAW,mBAAmB,OAAO,CAAC;AAAA,IACvF,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAMO,IAAM,cAAc,OACzB,SACA,OACA,mBACA,YAC+B;AAC/B,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,WAAW,mBAAmB,OAAO,CAAC;AAAA,IACvF,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,cAAc;AAAA,IAChB;AAAA,EACF;AACF;AAMO,IAAM,cAAc,OACzB,SACA,OACA,mBACA,SACA,WAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,WAAW,mBAAmB,OAAO,CAAC;AAAA,IACvF,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;;;AC/IO,IAAM,mBAAmB,OAAO,YAAuD;AAC5F,SAAO,SAAsB,GAAG,OAAO,WAAW;AACpD;AAKO,IAAM,cAAc,OAAO,YAA8D;AAC9F,SAAO,SAA6B,GAAG,OAAO,aAAa;AAC7D;;;ACYO,IAAM,UAAU,OACrB,SACA,OACA,mBACA,SACA,cACqC;AACrC,QAAM,MAAM,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,UAAU,mBAAmB,OAAO,CAAC;AAElG,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,SAAS;AAAA,QACP,eAAe,UAAU,iBAAiB;AAAA,QAC1C,oBAAoB;AAAA,MACtB;AAAA,IACF,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,EAAE,SAAS,SAAS,WAAW,EAAE;AAClF,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,UACL,MAAM,OAAO,SAAS,MAAM;AAAA,UAC5B,SAAU,MAA+B,WAAW,SAAS;AAAA,UAC7D,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAEA,UAAM,OAAO,IAAI,WAAW,MAAM,SAAS,YAAY,CAAC;AACxD,WAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,EACnD,SAAS,KAAK;AACZ,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA,EACF;AACF;AAMO,IAAM,kBAAkB,OAC7B,SACA,OACA,mBACA,SACA,cACuC;AACvC,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,UAAU,mBAAmB,OAAO,CAAC;AAAA,IACtF,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,SAAS;AAAA,QACP,oBAAoB;AAAA,MACtB;AAAA,IACF;AAAA,EACF;AACF;AAOO,IAAM,eAAe,OAC1B,SACA,OACA,mBACA,WAC+C;AAC/C,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC;AAAA,IACjD,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAMO,IAAM,UAAU,OACrB,SACA,OACA,mBACA,SACA,YAC2C;AAC3C,QAAM,MAAM,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,UAAU,mBAAmB,OAAO,CAAC;AAElG,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe,UAAU,iBAAiB;AAAA,QAC1C,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,IACR,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,QAAQ,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,EAAE,SAAS,SAAS,WAAW,EAAE;AAClF,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,UACL,MAAM,OAAO,SAAS,MAAM;AAAA,UAC5B,SAAU,MAA+B,WAAW,SAAS;AAAA,UAC7D,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAEA,UAAM,OAAQ,MAAM,SAAS,KAAK;AAClC,WAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,EACnD,SAAS,KAAK;AACZ,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA,EACF;AACF;;;AC3HO,IAAM,iBAAiB,OAAO,YAAyD;AAC5F,SAAO,SAAwB,GAAG,OAAO,mBAAmB;AAC9D;AAKO,IAAM,eAAe,OAC1B,SACA,WACwC;AACxC,SAAO,SAAwB,GAAG,OAAO,oBAAoB;AAAA,IAC3D,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AACH;AAKO,IAAM,QAAQ,OACnB,SACA,WACwC;AACxC,SAAO,SAAwB,GAAG,OAAO,oBAAoB;AAAA,IAC3D,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AACH;AAKO,IAAM,UAAU,OACrB,SACA,WACwC;AACxC,SAAO,SAAwB,GAAG,OAAO,sBAAsB;AAAA,IAC7D,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AACH;AAUO,IAAM,QAAQ,OACnB,SACA,oBACmC;AACnC,SAAO,cAAwB,GAAG,OAAO,iBAAiB,UAAU,eAAe,EAAE;AACvF;AASO,IAAM,iCAAiC,CAC5C,UACA,YACqB;AAAA,EACrB,aAAa,SAAS;AAAA,EACtB,cAAc,SAAS;AAAA,EACvB;AAAA,EACA,WAAW,KAAK,IAAI,IAAI,SAAS,YAAY;AAC/C;;;ACvFO,IAAM,oBAAoB,OAC/B,SACA,WACoD;AACpD,SAAO,SAAoC,GAAG,OAAO,wBAAwB;AAAA,IAC3E,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AACH;AAMO,IAAM,kBAAkB,OAC7B,SACA,cAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO,wBAAwB,mBAAmB,SAAS,CAAC;AAAA,EACjE;AACF;AAUO,IAAM,iBAAiB,OAC5B,SACA,iBACA,cAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO,wBAAwB,mBAAmB,SAAS,CAAC;AAAA,IAC/D,UAAU,eAAe;AAAA,EAC3B;AACF;AAMO,IAAM,qBAAqB,OAChC,SACA,iBACA,WACA,WACiD;AACjD,SAAO;AAAA,IACL,GAAG,OAAO,wBAAwB,mBAAmB,SAAS,CAAC;AAAA,IAC/D,UAAU,eAAe;AAAA,IACzB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM,UAAU,CAAC;AAAA,IACnB;AAAA,EACF;AACF;AAMO,IAAM,oBAAoB,OAC/B,SACA,iBACA,WACA,WAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO,wBAAwB,mBAAmB,SAAS,CAAC;AAAA,IAC/D,UAAU,eAAe;AAAA,IACzB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM,UAAU,CAAC;AAAA,IACnB;AAAA,EACF;AACF;;;ACnDO,IAAM,eAAe,OAC1B,SACA,OACA,mBACA,WAC+C;AAC/C,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC;AAAA,IACjD,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAMO,IAAM,cAAc,OACzB,SACA,OACA,mBACA,WAC8C;AAC9C,QAAM,QAAQ,IAAI,gBAAgB;AAClC,MAAI,QAAQ,MAAO,OAAM,IAAI,SAAS,OAAO,OAAO,KAAK,CAAC;AAC1D,MAAI,QAAQ,OAAQ,OAAM,IAAI,UAAU,OAAO,MAAM;AACrD,MAAI,QAAQ,OAAQ,OAAM,IAAI,UAAU,OAAO,MAAM;AAErD,QAAM,cAAc,MAAM,SAAS;AACnC,QAAM,MAAM,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,WAAW,cAAc,IAAI,WAAW,KAAK,EAAE;AAE5G,SAAO,cAAmC,KAAK,UAAU,iBAAiB,EAAE;AAC9E;AAMO,IAAM,YAAY,OACvB,SACA,OACA,mBACA,aACuC;AACvC,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,YAAY,mBAAmB,QAAQ,CAAC;AAAA,IACzF,UAAU,iBAAiB;AAAA,EAC7B;AACF;AAMO,IAAM,eAAe,OAC1B,SACA,OACA,mBACA,UACA,WAC+C;AAC/C,SAAO;AAAA,IACL,GAAG,OAAO,cAAc,mBAAmB,KAAK,CAAC,YAAY,mBAAmB,QAAQ,CAAC;AAAA,IACzF,UAAU,iBAAiB;AAAA,IAC3B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;;;ACnFO,IAAM,cAAc,OACzB,SACA,iBACA,WAC8C;AAC9C,SAAO,cAAmC,GAAG,OAAO,eAAe,UAAU,eAAe,IAAI;AAAA,IAC9F,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AACH;AAMO,IAAM,aAAa,OACxB,SACA,iBACA,WAC6C;AAC7C,QAAM,QAAQ,IAAI,gBAAgB;AAClC,MAAI,QAAQ,MAAO,OAAM,IAAI,SAAS,OAAO,OAAO,KAAK,CAAC;AAC1D,MAAI,QAAQ,OAAQ,OAAM,IAAI,UAAU,OAAO,MAAM;AACrD,MAAI,QAAQ,KAAM,OAAM,IAAI,QAAQ,OAAO,IAAI;AAE/C,QAAM,cAAc,MAAM,SAAS;AACnC,QAAM,MAAM,GAAG,OAAO,cAAc,cAAc,IAAI,WAAW,KAAK,EAAE;AAExE,SAAO,cAAkC,KAAK,UAAU,eAAe,EAAE;AAC3E;AAMO,IAAM,WAAW,OACtB,SACA,iBACA,YACsC;AACtC,SAAO;AAAA,IACL,GAAG,OAAO,eAAe,mBAAmB,OAAO,CAAC;AAAA,IACpD,UAAU,eAAe;AAAA,EAC3B;AACF;AAMO,IAAM,cAAc,OACzB,SACA,iBACA,YAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO,eAAe,mBAAmB,OAAO,CAAC;AAAA,IACpD,UAAU,eAAe;AAAA,IACzB,EAAE,QAAQ,OAAO;AAAA,EACnB;AACF;AAmBO,IAAM,gBAAgB,OAC3B,SACA,qBACA,WAC8C;AAC9C,SAAO;AAAA,IACL,GAAG,OAAO;AAAA,IACV,UAAU,mBAAmB;AAAA,IAC7B;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,IACR;AAAA,EACF;AACF;","names":[]}
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/utils/http.ts", "../src/api/claim.ts", "../src/api/delegates.ts", "../src/api/depots.ts", "../src/api/filesystem.ts", "../src/api/info.ts", "../src/api/nodes.ts", "../src/api/oauth.ts", "../src/api/requests.ts", "../src/api/tokens.ts"],
4
+ "sourcesContent": [
5
+ "/**\n * Fetch utilities for the stateful client.\n */\n\nimport type { ClientError, FetchResult } from \"../types/client.ts\";\n\n// ============================================================================\n// Error Handling\n// ============================================================================\n\n/**\n * Map HTTP status to error code.\n */\nexport const statusToErrorCode = (status: number): string => {\n switch (status) {\n case 401:\n return \"UNAUTHORIZED\";\n case 403:\n return \"FORBIDDEN\";\n case 404:\n return \"NOT_FOUND\";\n case 409:\n return \"CONFLICT\";\n case 400:\n case 422:\n return \"VALIDATION_ERROR\";\n case 429:\n return \"RATE_LIMITED\";\n default:\n return \"UNKNOWN\";\n }\n};\n\n/**\n * Create error from HTTP response.\n */\nexport const createErrorFromResponse = async (response: Response): Promise<ClientError> => {\n const code = statusToErrorCode(response.status);\n let message = response.statusText;\n let details: unknown = null;\n\n try {\n const body = (await response.json()) as Record<string, unknown>;\n // Prefer body.message (descriptive) over body.error (may be a code like \"validation_error\")\n if (typeof body.message === \"string\") {\n message = body.message;\n } else if (typeof body.error === \"string\") {\n // Only use body.error as message if body.message is absent\n message = body.error;\n }\n // Handle Zod validation error objects (from @hono/zod-validator default hook)\n if (body.error && typeof body.error === \"object\" && \"issues\" in (body.error as object)) {\n const issues = (\n body.error as { issues: Array<{ message: string; path?: Array<string | number> }> }\n ).issues;\n if (Array.isArray(issues) && issues.length > 0) {\n message = issues\n .map((i) => (i.path?.length ? `${i.path.join(\".\")}: ${i.message}` : i.message))\n .join(\"; \");\n }\n }\n details = body;\n } catch {\n // Response body is not JSON, use status text\n }\n\n return { code, message, status: response.status, details };\n};\n\n/**\n * Create a network error.\n */\nexport const createNetworkError = (err: unknown): ClientError => ({\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network request failed\",\n details: err,\n});\n\n// ============================================================================\n// Fetch Function\n// ============================================================================\n\nexport type FetchOptions = {\n method?: \"GET\" | \"POST\" | \"PUT\" | \"PATCH\" | \"DELETE\";\n headers?: Record<string, string>;\n body?: unknown;\n /** Expected response type */\n responseType?: \"json\" | \"blob\" | \"text\" | \"none\";\n};\n\n/**\n * Make a fetch request with error handling.\n */\nexport const fetchApi = async <T>(\n url: string,\n options: FetchOptions = {}\n): Promise<FetchResult<T>> => {\n const { method = \"GET\", headers = {}, body, responseType = \"json\" } = options;\n\n const requestHeaders: Record<string, string> = { ...headers };\n\n // Add content-type for JSON body\n if (body !== undefined && !requestHeaders[\"Content-Type\"]) {\n requestHeaders[\"Content-Type\"] = \"application/json\";\n }\n\n try {\n const response = await fetch(url, {\n method,\n headers: requestHeaders,\n body: body !== undefined ? JSON.stringify(body) : undefined,\n });\n\n if (!response.ok) {\n const error = await createErrorFromResponse(response);\n return { ok: false, error };\n }\n\n // Parse response based on type\n let data: T;\n switch (responseType) {\n case \"json\":\n data = (await response.json()) as T;\n break;\n case \"blob\":\n data = (await response.blob()) as T;\n break;\n case \"text\":\n data = (await response.text()) as T;\n break;\n case \"none\":\n data = undefined as T;\n break;\n }\n\n return { ok: true, data, status: response.status };\n } catch (err) {\n return { ok: false, error: createNetworkError(err) };\n }\n};\n\n/**\n * Make an authenticated fetch request.\n */\nexport const fetchWithAuth = async <T>(\n url: string,\n authHeader: string | null,\n options: FetchOptions = {}\n): Promise<FetchResult<T>> => {\n const headers = { ...options.headers };\n\n if (authHeader) {\n headers.Authorization = authHeader;\n }\n\n return fetchApi<T>(url, { ...options, headers });\n};\n",
6
+ "/**\n * Claim API functions.\n *\n * Token Requirement:\n * - POST /api/realm/{realmId}/nodes/{key}/claim: Access Token with canUpload (legacy)\n * - POST /api/realm/{realmId}/nodes/claim: Access Token with canUpload (batch)\n */\n\nimport type {\n BatchClaimRequest,\n BatchClaimResponse,\n ClaimNodeRequest,\n ClaimNodeResponse,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n/**\n * Claim ownership of a CAS node via Proof-of-Possession (legacy single claim).\n * Requires Access Token with canUpload permission.\n */\nexport const claimNode = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string,\n params: ClaimNodeRequest\n): Promise<FetchResult<ClaimNodeResponse>> => {\n return fetchWithAuth<ClaimNodeResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/${encodeURIComponent(nodeKey)}/claim`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * Batch claim ownership of CAS nodes.\n * Supports PoP and path-based claims in a single request.\n * Requires Access Token with canUpload permission.\n */\nexport const batchClaimNodes = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: BatchClaimRequest\n): Promise<FetchResult<BatchClaimResponse>> => {\n return fetchWithAuth<BatchClaimResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/claim`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n",
7
+ "/**\n * Delegate management API functions.\n *\n * Token Requirement:\n * - All delegate operations require Access Token.\n *\n * Routes:\n * - POST /api/realm/{realmId}/delegates — create child delegate\n * - GET /api/realm/{realmId}/delegates — list delegates\n * - GET /api/realm/{realmId}/delegates/:delegateId — get delegate detail\n * - POST /api/realm/{realmId}/delegates/:delegateId/revoke — revoke delegate\n */\n\nimport type {\n CreateDelegateRequest,\n CreateDelegateResponse,\n DelegateDetail,\n DelegateListItem,\n ListDelegatesQuery,\n RevokeDelegateResponse,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type ListDelegatesResponse = {\n delegates: DelegateListItem[];\n nextCursor: string | null;\n};\n\n// ============================================================================\n// Access Token APIs\n// ============================================================================\n\n/**\n * Create a child delegate.\n * Requires Access Token from parent delegate.\n */\nexport const createDelegate = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: CreateDelegateRequest\n): Promise<FetchResult<CreateDelegateResponse>> => {\n return fetchWithAuth<CreateDelegateResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/delegates`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * List child delegates.\n * Requires Access Token.\n */\nexport const listDelegates = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params?: ListDelegatesQuery\n): Promise<FetchResult<ListDelegatesResponse>> => {\n const query = new URLSearchParams();\n if (params?.limit) query.set(\"limit\", String(params.limit));\n if (params?.cursor) query.set(\"cursor\", params.cursor);\n if (params?.includeRevoked) query.set(\"includeRevoked\", \"true\");\n\n const queryString = query.toString();\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/delegates${queryString ? `?${queryString}` : \"\"}`;\n\n return fetchWithAuth<ListDelegatesResponse>(url, `Bearer ${accessTokenBase64}`);\n};\n\n/**\n * Get delegate details.\n * Requires Access Token.\n */\nexport const getDelegate = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n delegateId: string\n): Promise<FetchResult<DelegateDetail>> => {\n return fetchWithAuth<DelegateDetail>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/delegates/${encodeURIComponent(delegateId)}`,\n `Bearer ${accessTokenBase64}`\n );\n};\n\n/**\n * Revoke a delegate.\n * Requires Access Token.\n */\nexport const revokeDelegate = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n delegateId: string\n): Promise<FetchResult<RevokeDelegateResponse>> => {\n return fetchWithAuth<RevokeDelegateResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/delegates/${encodeURIComponent(delegateId)}/revoke`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n }\n );\n};\n",
8
+ "/**\n * Depot API functions.\n *\n * Token Requirement:\n * - All depot operations require Access Token with canManageDepot permission.\n */\n\nimport type {\n CreateDepot,\n CreateDepotResponse,\n DepotCommit,\n DepotDetail,\n DepotListItem,\n ListDepotsQuery,\n UpdateDepot,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type ListDepotsResponse = {\n depots: DepotListItem[];\n nextCursor: string | null;\n};\n\nexport type CommitDiffEntry = {\n type: \"added\" | \"removed\" | \"modified\" | \"moved\";\n path: string;\n kind: \"file\" | \"dir\" | null;\n /** Destination path for moved entries */\n pathTo: string | null;\n};\n\nexport type CommitDepotResponse = {\n depotId: string;\n root: string;\n updatedAt: number;\n /** Previous root before this commit (null if first commit) */\n previousRoot: string | null;\n};\n\n// ============================================================================\n// Conflict Types\n// ============================================================================\n\n/** 409 Conflict error body returned when expectedRoot doesn't match server root */\nexport type CommitConflictInfo = {\n code: \"CONFLICT\";\n message: string;\n /** Current server root that doesn't match expectedRoot */\n currentRoot: string;\n /** The expectedRoot the client sent */\n expectedRoot: string | null;\n};\n\n/** Type guard for commit conflict errors */\nexport function isCommitConflict(error: unknown): error is CommitConflictInfo {\n return (\n typeof error === \"object\" &&\n error !== null &&\n \"code\" in error &&\n (error as { code: unknown }).code === \"CONFLICT\" &&\n \"currentRoot\" in error\n );\n}\n\n// ============================================================================\n// Access Token APIs\n// ============================================================================\n\n/**\n * Create a new depot.\n * Requires Access Token with canManageDepot.\n */\nexport const createDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: CreateDepot\n): Promise<FetchResult<CreateDepotResponse>> => {\n return fetchWithAuth<CreateDepotResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * List depots.\n * Requires Access Token.\n */\nexport const listDepots = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params?: ListDepotsQuery\n): Promise<FetchResult<ListDepotsResponse>> => {\n const query = new URLSearchParams();\n if (params?.limit) query.set(\"limit\", String(params.limit));\n if (params?.cursor) query.set(\"cursor\", params.cursor);\n\n const queryString = query.toString();\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots${queryString ? `?${queryString}` : \"\"}`;\n\n return fetchWithAuth<ListDepotsResponse>(url, `Bearer ${accessTokenBase64}`);\n};\n\n/**\n * Get depot details.\n * Requires Access Token.\n */\nexport const getDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string\n): Promise<FetchResult<DepotDetail>> => {\n return fetchWithAuth<DepotDetail>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}`,\n `Bearer ${accessTokenBase64}`\n );\n};\n\n/**\n * Update depot metadata.\n * Requires Access Token with canManageDepot.\n */\nexport const updateDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string,\n params: UpdateDepot\n): Promise<FetchResult<DepotDetail>> => {\n return fetchWithAuth<DepotDetail>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"PATCH\",\n body: params,\n }\n );\n};\n\n/**\n * Delete a depot.\n * Requires Access Token with canManageDepot.\n */\nexport const deleteDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string\n): Promise<FetchResult<void>> => {\n return fetchWithAuth<void>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"DELETE\",\n responseType: \"none\",\n }\n );\n};\n\n/**\n * Commit new root to depot.\n * Requires Access Token with canManageDepot.\n */\nexport const commitDepot = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n depotId: string,\n params: DepotCommit\n): Promise<FetchResult<CommitDepotResponse>> => {\n return fetchWithAuth<CommitDepotResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/depots/${encodeURIComponent(depotId)}/commit`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n",
9
+ "/**\n * Filesystem API functions for @casfa/client.\n *\n * All filesystem operations are mounted under:\n * /api/realm/{realmId}/nodes/fs/{nodeKey}/{op}\n *\n * Where nodeKey is the depot's current root node.\n *\n * Token Requirements:\n * - Read ops (stat, ls, read): Access Token (nodeKey must pass Direct Authorization Check)\n * - Write ops (write, mkdir, rm, mv, cp, rewrite): Access Token with canUpload\n */\n\nimport type {\n FsCpResponse,\n FsLsResponse,\n FsMkdirResponse,\n FsMvResponse,\n FsRewriteEntry,\n FsRewriteResponse,\n FsRmResponse,\n FsStatResponse,\n FsWriteResponse,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\nfunction buildFsUrl(baseUrl: string, realm: string, rootKey: string, op: string): string {\n return `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/fs/${encodeURIComponent(rootKey)}/${op}`;\n}\n\n// ============================================================================\n// Read Operations\n// ============================================================================\n\n/**\n * GET /fs/stat — Get file/directory metadata.\n */\nexport const fsStat = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n path?: string\n): Promise<FetchResult<FsStatResponse>> => {\n const params = new URLSearchParams();\n if (path) params.set(\"path\", path);\n const qs = params.toString();\n const url = `${buildFsUrl(baseUrl, realm, rootKey, \"stat\")}${qs ? `?${qs}` : \"\"}`;\n\n return fetchWithAuth<FsStatResponse>(url, `Bearer ${accessTokenBase64}`);\n};\n\n/**\n * GET /fs/ls — List directory contents with pagination.\n */\nexport const fsLs = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n path?: string,\n opts?: { limit?: number; cursor?: string }\n): Promise<FetchResult<FsLsResponse>> => {\n const params = new URLSearchParams();\n if (path) params.set(\"path\", path);\n if (opts?.limit) params.set(\"limit\", String(opts.limit));\n if (opts?.cursor) params.set(\"cursor\", opts.cursor);\n const qs = params.toString();\n const url = `${buildFsUrl(baseUrl, realm, rootKey, \"ls\")}${qs ? `?${qs}` : \"\"}`;\n\n return fetchWithAuth<FsLsResponse>(url, `Bearer ${accessTokenBase64}`);\n};\n\n/**\n * GET /fs/read — Read file content as Blob.\n */\nexport const fsRead = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n path: string\n): Promise<FetchResult<Blob>> => {\n const params = new URLSearchParams({ path });\n const url = `${buildFsUrl(baseUrl, realm, rootKey, \"read\")}?${params}`;\n\n // Custom fetch — need Blob response, fetchWithAuth only does JSON\n try {\n const response = await fetch(url, {\n headers: { Authorization: `Bearer ${accessTokenBase64}` },\n });\n\n if (!response.ok) {\n let message = response.statusText;\n try {\n const body = (await response.json()) as Record<string, unknown>;\n if (typeof body.message === \"string\") message = body.message;\n } catch {\n // ignore\n }\n return {\n ok: false,\n error: { code: String(response.status), message, status: response.status },\n };\n }\n\n const blob = await response.blob();\n return { ok: true, data: blob, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n\n// ============================================================================\n// Write Operations\n// ============================================================================\n\n/**\n * POST /fs/write — Create or overwrite a file.\n * Body is raw binary. Path via query param, content-type via header.\n */\nexport const fsWrite = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n path: string,\n data: Blob | ArrayBuffer | Uint8Array,\n contentType = \"application/octet-stream\"\n): Promise<FetchResult<FsWriteResponse>> => {\n const params = new URLSearchParams({ path });\n const url = `${buildFsUrl(baseUrl, realm, rootKey, \"write\")}?${params}`;\n\n // eslint-disable-next-line @typescript-eslint/no-explicit-any -- Blob accepts Uint8Array at runtime\n const body: Blob = data instanceof Blob ? data : new Blob([data as any], { type: contentType });\n\n try {\n const response = await fetch(url, {\n method: \"POST\",\n headers: {\n Authorization: `Bearer ${accessTokenBase64}`,\n \"Content-Type\": contentType,\n \"Content-Length\": String(body.size),\n },\n body,\n });\n\n if (!response.ok) {\n let message = response.statusText;\n try {\n const body = (await response.json()) as Record<string, unknown>;\n if (typeof body.message === \"string\") message = body.message;\n } catch {\n // ignore\n }\n return {\n ok: false,\n error: { code: String(response.status), message, status: response.status },\n };\n }\n\n const result = (await response.json()) as FsWriteResponse;\n return { ok: true, data: result, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n\n/**\n * POST /fs/mkdir — Create a directory.\n */\nexport const fsMkdir = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n path: string\n): Promise<FetchResult<FsMkdirResponse>> => {\n const url = buildFsUrl(baseUrl, realm, rootKey, \"mkdir\");\n\n return fetchWithAuth<FsMkdirResponse>(url, `Bearer ${accessTokenBase64}`, {\n method: \"POST\",\n body: { path },\n });\n};\n\n/**\n * POST /fs/rm — Remove a file or directory.\n */\nexport const fsRm = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n path: string\n): Promise<FetchResult<FsRmResponse>> => {\n const url = buildFsUrl(baseUrl, realm, rootKey, \"rm\");\n\n return fetchWithAuth<FsRmResponse>(url, `Bearer ${accessTokenBase64}`, {\n method: \"POST\",\n body: { path },\n });\n};\n\n/**\n * POST /fs/mv — Move or rename a file/directory.\n */\nexport const fsMv = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n from: string,\n to: string\n): Promise<FetchResult<FsMvResponse>> => {\n const url = buildFsUrl(baseUrl, realm, rootKey, \"mv\");\n\n return fetchWithAuth<FsMvResponse>(url, `Bearer ${accessTokenBase64}`, {\n method: \"POST\",\n body: { from, to },\n });\n};\n\n/**\n * POST /fs/cp — Copy a file or directory.\n */\nexport const fsCp = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n from: string,\n to: string\n): Promise<FetchResult<FsCpResponse>> => {\n const url = buildFsUrl(baseUrl, realm, rootKey, \"cp\");\n\n return fetchWithAuth<FsCpResponse>(url, `Bearer ${accessTokenBase64}`, {\n method: \"POST\",\n body: { from, to },\n });\n};\n\n/**\n * POST /fs/rewrite — Batch rewrite directory tree.\n */\nexport const fsRewrite = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n rootKey: string,\n entries?: Record<string, FsRewriteEntry>,\n deletes?: string[]\n): Promise<FetchResult<FsRewriteResponse>> => {\n const url = buildFsUrl(baseUrl, realm, rootKey, \"rewrite\");\n\n return fetchWithAuth<FsRewriteResponse>(url, `Bearer ${accessTokenBase64}`, {\n method: \"POST\",\n body: { entries, deletes },\n });\n};\n",
10
+ "/**\n * Service info API.\n */\n\nimport type { ServiceInfo } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchApi } from \"../utils/http.ts\";\n\n/**\n * Fetch service info from /api/info.\n */\nexport const fetchServiceInfo = async (baseUrl: string): Promise<FetchResult<ServiceInfo>> => {\n return fetchApi<ServiceInfo>(`${baseUrl}/api/info`);\n};\n\n/**\n * Health check.\n */\nexport const healthCheck = async (baseUrl: string): Promise<FetchResult<{ status: string }>> => {\n return fetchApi<{ status: string }>(`${baseUrl}/api/health`);\n};\n",
11
+ "/**\n * Node API functions.\n *\n * Token Requirement:\n * - GET /nodes/raw/:nodeKey: Access Token (Direct Authorization Check)\n * - GET /nodes/metadata/:nodeKey: Access Token (Direct Authorization Check)\n * - POST /nodes/check: Access Token\n * - PUT /nodes/raw/:nodeKey: Access Token with canUpload\n */\n\nimport type { CheckNodes, CheckNodesResponse, NodeMetadata } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type NodeUploadResult = {\n nodeKey: string;\n status: \"created\" | \"exists\";\n};\n\n// ============================================================================\n// Access Token APIs\n// ============================================================================\n\n/**\n * Get node content.\n * Requires Access Token with Direct Authorization on the nodeKey.\n */\nexport const getNode = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string\n): Promise<FetchResult<Uint8Array>> => {\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/raw/${encodeURIComponent(nodeKey)}`;\n\n try {\n const headers: Record<string, string> = {\n Authorization: `Bearer ${accessTokenBase64}`,\n };\n\n const response = await fetch(url, { headers });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({ message: response.statusText }));\n return {\n ok: false,\n error: {\n code: String(response.status),\n message: (error as { message?: string }).message ?? response.statusText,\n status: response.status,\n },\n };\n }\n\n const data = new Uint8Array(await response.arrayBuffer());\n return { ok: true, data, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n\n/**\n * Get node content via navigation path (GET /nodes/raw/:key/~0/~1/...).\n * Requires Access Token with Direct Authorization on the starting nodeKey.\n */\nexport const getNodeNavigated = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string,\n indexPath: string\n): Promise<FetchResult<Uint8Array>> => {\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/raw/${encodeURIComponent(nodeKey)}/${indexPath}`;\n\n try {\n const headers: Record<string, string> = {\n Authorization: `Bearer ${accessTokenBase64}`,\n };\n\n const response = await fetch(url, { headers });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({ message: response.statusText }));\n return {\n ok: false,\n error: {\n code: String(response.status),\n message: (error as { message?: string }).message ?? response.statusText,\n status: response.status,\n },\n };\n }\n\n const data = new Uint8Array(await response.arrayBuffer());\n return { ok: true, data, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n\n/**\n * Get node metadata.\n * Requires Access Token with Direct Authorization on the nodeKey.\n */\nexport const getNodeMetadata = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string\n): Promise<FetchResult<NodeMetadata>> => {\n return fetchWithAuth<NodeMetadata>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/metadata/${encodeURIComponent(nodeKey)}`,\n `Bearer ${accessTokenBase64}`\n );\n};\n\n/**\n * Check nodes status on the server.\n * Returns three-way classification: missing, owned, unowned.\n * Requires Access Token.\n */\nexport const checkNodes = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n params: CheckNodes\n): Promise<FetchResult<CheckNodesResponse>> => {\n return fetchWithAuth<CheckNodesResponse>(\n `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/check`,\n `Bearer ${accessTokenBase64}`,\n {\n method: \"POST\",\n body: params,\n }\n );\n};\n\n/**\n * Upload a node.\n * Requires Access Token with canUpload.\n */\nexport const putNode = async (\n baseUrl: string,\n realm: string,\n accessTokenBase64: string,\n nodeKey: string,\n content: Uint8Array\n): Promise<FetchResult<NodeUploadResult>> => {\n const url = `${baseUrl}/api/realm/${encodeURIComponent(realm)}/nodes/raw/${encodeURIComponent(nodeKey)}`;\n\n try {\n const response = await fetch(url, {\n method: \"PUT\",\n headers: {\n Authorization: `Bearer ${accessTokenBase64}`,\n \"Content-Type\": \"application/octet-stream\",\n },\n // Uint8Array is valid as fetch body in all runtimes, but TS lib\n // variations (DOM vs Node vs ESNext) disagree on the exact type.\n body: content as any, // eslint-disable-line @typescript-eslint/no-explicit-any\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({ message: response.statusText }));\n return {\n ok: false,\n error: {\n code: String(response.status),\n message: (error as { message?: string }).message ?? response.statusText,\n status: response.status,\n },\n };\n }\n\n const data = (await response.json()) as NodeUploadResult;\n return { ok: true, data, status: response.status };\n } catch (err) {\n return {\n ok: false,\n error: {\n code: \"NETWORK_ERROR\",\n message: err instanceof Error ? err.message : \"Network error\",\n },\n };\n }\n};\n",
12
+ "/**\n * OAuth API functions.\n */\n\nimport type { Login, Refresh, TokenExchange } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport type { StoredUserToken } from \"../types/tokens.ts\";\nimport { fetchApi, fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Types\n// ============================================================================\n\nexport type CognitoConfig = {\n region: string;\n userPoolId: string;\n clientId: string;\n domain: string;\n};\n\nexport type TokenResponse = {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n idToken?: string;\n};\n\nexport type UserInfo = {\n userId: string;\n email: string;\n role: string;\n /** Root delegate ID for this user (null if none created yet) */\n rootDelegateId: string | null;\n};\n\n// ============================================================================\n// Public OAuth API\n// ============================================================================\n\n/**\n * Get Cognito configuration.\n */\nexport const getOAuthConfig = async (baseUrl: string): Promise<FetchResult<CognitoConfig>> => {\n return fetchApi<CognitoConfig>(`${baseUrl}/api/oauth/config`);\n};\n\n/**\n * Exchange authorization code for tokens.\n */\nexport const exchangeCode = async (\n baseUrl: string,\n params: TokenExchange\n): Promise<FetchResult<TokenResponse>> => {\n return fetchApi<TokenResponse>(`${baseUrl}/api/oauth/token`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * Login with email and password.\n */\nexport const login = async (\n baseUrl: string,\n params: Login\n): Promise<FetchResult<TokenResponse>> => {\n return fetchApi<TokenResponse>(`${baseUrl}/api/oauth/login`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * Refresh access token.\n */\nexport const refresh = async (\n baseUrl: string,\n params: Refresh\n): Promise<FetchResult<TokenResponse>> => {\n return fetchApi<TokenResponse>(`${baseUrl}/api/oauth/refresh`, {\n method: \"POST\",\n body: params,\n });\n};\n\n// ============================================================================\n// Authenticated OAuth API\n// ============================================================================\n\n/**\n * Get current user info.\n * Requires User JWT.\n */\nexport const getMe = async (\n baseUrl: string,\n userAccessToken: string\n): Promise<FetchResult<UserInfo>> => {\n return fetchWithAuth<UserInfo>(`${baseUrl}/api/oauth/me`, `Bearer ${userAccessToken}`);\n};\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\n/**\n * Convert token response to stored user token.\n *\n * Prefers idToken over accessToken for Bearer auth because\n * Cognito access tokens do not contain email/name claims.\n */\nexport const tokenResponseToStoredUserToken = (\n response: TokenResponse,\n userId: string\n): StoredUserToken => ({\n accessToken: response.idToken ?? response.accessToken,\n refreshToken: response.refreshToken,\n userId,\n expiresAt: Date.now() + response.expiresIn * 1000,\n});\n",
13
+ "/**\n * Client Authorization Request API functions.\n *\n * For CLI/desktop apps to request tokens through user approval.\n */\n\nimport type {\n ApproveRequest,\n ApproveRequestResponse,\n CreateAuthRequest,\n CreateAuthRequestResponse,\n DenyRequest,\n DenyRequestResponse,\n PollRequestResponse,\n} from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchApi, fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Public APIs (No auth required)\n// ============================================================================\n\n/**\n * Create an authorization request.\n * No auth required - called by CLI/desktop clients.\n */\nexport const createAuthRequest = async (\n baseUrl: string,\n params: CreateAuthRequest\n): Promise<FetchResult<CreateAuthRequestResponse>> => {\n return fetchApi<CreateAuthRequestResponse>(`${baseUrl}/api/tokens/requests`, {\n method: \"POST\",\n body: params,\n });\n};\n\n/**\n * Poll authorization request status.\n * No auth required - called by CLI/desktop clients.\n */\nexport const pollAuthRequest = async (\n baseUrl: string,\n requestId: string\n): Promise<FetchResult<PollRequestResponse>> => {\n return fetchApi<PollRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}/poll`\n );\n};\n\n// ============================================================================\n// User JWT APIs (For approving/rejecting requests)\n// ============================================================================\n\n/**\n * Get authorization request details.\n * Requires User JWT.\n */\nexport const getAuthRequest = async (\n baseUrl: string,\n userAccessToken: string,\n requestId: string\n): Promise<FetchResult<PollRequestResponse>> => {\n return fetchWithAuth<PollRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}`,\n `Bearer ${userAccessToken}`\n );\n};\n\n/**\n * Approve an authorization request.\n * Requires User JWT.\n */\nexport const approveAuthRequest = async (\n baseUrl: string,\n userAccessToken: string,\n requestId: string,\n params?: ApproveRequest\n): Promise<FetchResult<ApproveRequestResponse>> => {\n return fetchWithAuth<ApproveRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}/approve`,\n `Bearer ${userAccessToken}`,\n {\n method: \"POST\",\n body: params ?? {},\n }\n );\n};\n\n/**\n * Reject an authorization request.\n * Requires User JWT.\n */\nexport const rejectAuthRequest = async (\n baseUrl: string,\n userAccessToken: string,\n requestId: string,\n params?: DenyRequest\n): Promise<FetchResult<DenyRequestResponse>> => {\n return fetchWithAuth<DenyRequestResponse>(\n `${baseUrl}/api/tokens/requests/${encodeURIComponent(requestId)}/reject`,\n `Bearer ${userAccessToken}`,\n {\n method: \"POST\",\n body: params ?? {},\n }\n );\n};\n",
14
+ "/**\n * Token API functions (new 2-tier model).\n *\n * Token Endpoint:\n * - POST /api/auth/refresh: Bearer RT → new RT + AT (child delegates only)\n *\n * Root delegates no longer need a dedicated endpoint — the server's\n * access-token-auth middleware auto-creates the root delegate on first\n * JWT-authenticated request.\n */\n\nimport type { RefreshTokenResponse } from \"@casfa/protocol\";\nimport type { FetchResult } from \"../types/client.ts\";\nimport { fetchWithAuth } from \"../utils/http.ts\";\n\n// ============================================================================\n// Refresh Token API (RT → new RT + AT, child delegates only)\n// ============================================================================\n\n/**\n * Rotate refresh token to get new RT + AT pair.\n * Uses Bearer auth with the refresh token.\n * Only valid for child delegates (depth > 0).\n */\nexport const refreshToken = async (\n baseUrl: string,\n refreshTokenBase64: string\n): Promise<FetchResult<RefreshTokenResponse>> => {\n return fetchWithAuth<RefreshTokenResponse>(\n `${baseUrl}/api/auth/refresh`,\n `Bearer ${refreshTokenBase64}`,\n {\n method: \"POST\",\n }\n );\n};\n"
15
+ ],
16
+ "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAaO,IAAM,oBAAoB,CAAC,WAA2B;AAAA,EAC3D,QAAQ;AAAA,SACD;AAAA,MACH,OAAO;AAAA,SACJ;AAAA,MACH,OAAO;AAAA,SACJ;AAAA,MACH,OAAO;AAAA,SACJ;AAAA,MACH,OAAO;AAAA,SACJ;AAAA,SACA;AAAA,MACH,OAAO;AAAA,SACJ;AAAA,MACH,OAAO;AAAA;AAAA,MAEP,OAAO;AAAA;AAAA;AAON,IAAM,0BAA0B,OAAO,aAA6C;AAAA,EACzF,MAAM,OAAO,kBAAkB,SAAS,MAAM;AAAA,EAC9C,IAAI,UAAU,SAAS;AAAA,EACvB,IAAI,UAAmB;AAAA,EAEvB,IAAI;AAAA,IACF,MAAM,OAAQ,MAAM,SAAS,KAAK;AAAA,IAElC,IAAI,OAAO,KAAK,YAAY,UAAU;AAAA,MACpC,UAAU,KAAK;AAAA,IACjB,EAAO,SAAI,OAAO,KAAK,UAAU,UAAU;AAAA,MAEzC,UAAU,KAAK;AAAA,IACjB;AAAA,IAEA,IAAI,KAAK,SAAS,OAAO,KAAK,UAAU,YAAY,YAAa,KAAK,OAAkB;AAAA,MACtF,MAAM,SACJ,KAAK,MACL;AAAA,MACF,IAAI,MAAM,QAAQ,MAAM,KAAK,OAAO,SAAS,GAAG;AAAA,QAC9C,UAAU,OACP,IAAI,CAAC,MAAO,EAAE,MAAM,SAAS,GAAG,EAAE,KAAK,KAAK,GAAG,MAAM,EAAE,YAAY,EAAE,OAAQ,EAC7E,KAAK,IAAI;AAAA,MACd;AAAA,IACF;AAAA,IACA,UAAU;AAAA,IACV,MAAM;AAAA,EAIR,OAAO,EAAE,MAAM,SAAS,QAAQ,SAAS,QAAQ,QAAQ;AAAA;AAMpD,IAAM,qBAAqB,CAAC,SAA+B;AAAA,EAChE,MAAM;AAAA,EACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,EAC9C,SAAS;AACX;AAiBO,IAAM,WAAW,OACtB,KACA,UAAwB,CAAC,MACG;AAAA,EAC5B,QAAQ,SAAS,OAAO,UAAU,CAAC,GAAG,MAAM,eAAe,WAAW;AAAA,EAEtE,MAAM,iBAAyC,KAAK,QAAQ;AAAA,EAG5D,IAAI,SAAS,aAAa,CAAC,eAAe,iBAAiB;AAAA,IACzD,eAAe,kBAAkB;AAAA,EACnC;AAAA,EAEA,IAAI;AAAA,IACF,MAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC;AAAA,MACA,SAAS;AAAA,MACT,MAAM,SAAS,YAAY,KAAK,UAAU,IAAI,IAAI;AAAA,IACpD,CAAC;AAAA,IAED,IAAI,CAAC,SAAS,IAAI;AAAA,MAChB,MAAM,QAAQ,MAAM,wBAAwB,QAAQ;AAAA,MACpD,OAAO,EAAE,IAAI,OAAO,MAAM;AAAA,IAC5B;AAAA,IAGA,IAAI;AAAA,IACJ,QAAQ;AAAA,WACD;AAAA,QACH,OAAQ,MAAM,SAAS,KAAK;AAAA,QAC5B;AAAA,WACG;AAAA,QACH,OAAQ,MAAM,SAAS,KAAK;AAAA,QAC5B;AAAA,WACG;AAAA,QACH,OAAQ,MAAM,SAAS,KAAK;AAAA,QAC5B;AAAA,WACG;AAAA,QACH,OAAO;AAAA,QACP;AAAA;AAAA,IAGJ,OAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,IACjD,OAAO,KAAK;AAAA,IACZ,OAAO,EAAE,IAAI,OAAO,OAAO,mBAAmB,GAAG,EAAE;AAAA;AAAA;AAOhD,IAAM,gBAAgB,OAC3B,KACA,YACA,UAAwB,CAAC,MACG;AAAA,EAC5B,MAAM,UAAU,KAAK,QAAQ,QAAQ;AAAA,EAErC,IAAI,YAAY;AAAA,IACd,QAAQ,gBAAgB;AAAA,EAC1B;AAAA,EAEA,OAAO,SAAY,KAAK,KAAK,SAAS,QAAQ,CAAC;AAAA;;;ACtI1C,IAAM,YAAY,OACvB,SACA,OACA,mBACA,SACA,WAC4C;AAAA,EAC5C,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,WAAW,mBAAmB,OAAO,WACrF,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;AAQK,IAAM,kBAAkB,OAC7B,SACA,OACA,mBACA,WAC6C;AAAA,EAC7C,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,iBAChD,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;;ACfK,IAAM,iBAAiB,OAC5B,SACA,OACA,mBACA,WACiD;AAAA,EACjD,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,eAChD,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;AAOK,IAAM,gBAAgB,OAC3B,SACA,OACA,mBACA,WACgD;AAAA,EAChD,MAAM,QAAQ,IAAI;AAAA,EAClB,IAAI,QAAQ;AAAA,IAAO,MAAM,IAAI,SAAS,OAAO,OAAO,KAAK,CAAC;AAAA,EAC1D,IAAI,QAAQ;AAAA,IAAQ,MAAM,IAAI,UAAU,OAAO,MAAM;AAAA,EACrD,IAAI,QAAQ;AAAA,IAAgB,MAAM,IAAI,kBAAkB,MAAM;AAAA,EAE9D,MAAM,cAAc,MAAM,SAAS;AAAA,EACnC,MAAM,MAAM,GAAG,qBAAqB,mBAAmB,KAAK,cAAc,cAAc,IAAI,gBAAgB;AAAA,EAE5G,OAAO,cAAqC,KAAK,UAAU,mBAAmB;AAAA;AAOzE,IAAM,cAAc,OACzB,SACA,OACA,mBACA,eACyC;AAAA,EACzC,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,eAAe,mBAAmB,UAAU,KAC5F,UAAU,mBACZ;AAAA;AAOK,IAAM,iBAAiB,OAC5B,SACA,OACA,mBACA,eACiD;AAAA,EACjD,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,eAAe,mBAAmB,UAAU,YAC5F,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,EACV,CACF;AAAA;;ACjCK,IAAM,cAAc,OACzB,SACA,OACA,mBACA,WAC8C;AAAA,EAC9C,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,YAChD,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;AAOK,IAAM,aAAa,OACxB,SACA,OACA,mBACA,WAC6C;AAAA,EAC7C,MAAM,QAAQ,IAAI;AAAA,EAClB,IAAI,QAAQ;AAAA,IAAO,MAAM,IAAI,SAAS,OAAO,OAAO,KAAK,CAAC;AAAA,EAC1D,IAAI,QAAQ;AAAA,IAAQ,MAAM,IAAI,UAAU,OAAO,MAAM;AAAA,EAErD,MAAM,cAAc,MAAM,SAAS;AAAA,EACnC,MAAM,MAAM,GAAG,qBAAqB,mBAAmB,KAAK,WAAW,cAAc,IAAI,gBAAgB;AAAA,EAEzG,OAAO,cAAkC,KAAK,UAAU,mBAAmB;AAAA;AAOtE,IAAM,WAAW,OACtB,SACA,OACA,mBACA,YACsC;AAAA,EACtC,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,YAAY,mBAAmB,OAAO,KACtF,UAAU,mBACZ;AAAA;AAOK,IAAM,cAAc,OACzB,SACA,OACA,mBACA,SACA,WACsC;AAAA,EACtC,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,YAAY,mBAAmB,OAAO,KACtF,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;AAOK,IAAM,cAAc,OACzB,SACA,OACA,mBACA,YAC+B;AAAA,EAC/B,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,YAAY,mBAAmB,OAAO,KACtF,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,cAAc;AAAA,EAChB,CACF;AAAA;AAOK,IAAM,cAAc,OACzB,SACA,OACA,mBACA,SACA,WAC8C;AAAA,EAC9C,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,YAAY,mBAAmB,OAAO,YACtF,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;;AC7JF,SAAS,UAAU,CAAC,SAAiB,OAAe,SAAiB,IAAoB;AAAA,EACvF,OAAO,GAAG,qBAAqB,mBAAmB,KAAK,cAAc,mBAAmB,OAAO,KAAK;AAAA;AAU/F,IAAM,SAAS,OACpB,SACA,OACA,mBACA,SACA,SACyC;AAAA,EACzC,MAAM,SAAS,IAAI;AAAA,EACnB,IAAI;AAAA,IAAM,OAAO,IAAI,QAAQ,IAAI;AAAA,EACjC,MAAM,KAAK,OAAO,SAAS;AAAA,EAC3B,MAAM,MAAM,GAAG,WAAW,SAAS,OAAO,SAAS,MAAM,IAAI,KAAK,IAAI,OAAO;AAAA,EAE7E,OAAO,cAA8B,KAAK,UAAU,mBAAmB;AAAA;AAMlE,IAAM,OAAO,OAClB,SACA,OACA,mBACA,SACA,MACA,SACuC;AAAA,EACvC,MAAM,SAAS,IAAI;AAAA,EACnB,IAAI;AAAA,IAAM,OAAO,IAAI,QAAQ,IAAI;AAAA,EACjC,IAAI,MAAM;AAAA,IAAO,OAAO,IAAI,SAAS,OAAO,KAAK,KAAK,CAAC;AAAA,EACvD,IAAI,MAAM;AAAA,IAAQ,OAAO,IAAI,UAAU,KAAK,MAAM;AAAA,EAClD,MAAM,KAAK,OAAO,SAAS;AAAA,EAC3B,MAAM,MAAM,GAAG,WAAW,SAAS,OAAO,SAAS,IAAI,IAAI,KAAK,IAAI,OAAO;AAAA,EAE3E,OAAO,cAA4B,KAAK,UAAU,mBAAmB;AAAA;AAMhE,IAAM,SAAS,OACpB,SACA,OACA,mBACA,SACA,SAC+B;AAAA,EAC/B,MAAM,SAAS,IAAI,gBAAgB,EAAE,KAAK,CAAC;AAAA,EAC3C,MAAM,MAAM,GAAG,WAAW,SAAS,OAAO,SAAS,MAAM,KAAK;AAAA,EAG9D,IAAI;AAAA,IACF,MAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,SAAS,EAAE,eAAe,UAAU,oBAAoB;AAAA,IAC1D,CAAC;AAAA,IAED,IAAI,CAAC,SAAS,IAAI;AAAA,MAChB,IAAI,UAAU,SAAS;AAAA,MACvB,IAAI;AAAA,QACF,MAAM,OAAQ,MAAM,SAAS,KAAK;AAAA,QAClC,IAAI,OAAO,KAAK,YAAY;AAAA,UAAU,UAAU,KAAK;AAAA,QACrD,MAAM;AAAA,MAGR,OAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO,EAAE,MAAM,OAAO,SAAS,MAAM,GAAG,SAAS,QAAQ,SAAS,OAAO;AAAA,MAC3E;AAAA,IACF;AAAA,IAEA,MAAM,OAAO,MAAM,SAAS,KAAK;AAAA,IACjC,OAAO,EAAE,IAAI,MAAM,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,IACvD,OAAO,KAAK;AAAA,IACZ,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA;AAAA;AAYG,IAAM,UAAU,OACrB,SACA,OACA,mBACA,SACA,MACA,MACA,cAAc,+BAC4B;AAAA,EAC1C,MAAM,SAAS,IAAI,gBAAgB,EAAE,KAAK,CAAC;AAAA,EAC3C,MAAM,MAAM,GAAG,WAAW,SAAS,OAAO,SAAS,OAAO,KAAK;AAAA,EAG/D,MAAM,OAAa,gBAAgB,OAAO,OAAO,IAAI,KAAK,CAAC,IAAW,GAAG,EAAE,MAAM,YAAY,CAAC;AAAA,EAE9F,IAAI;AAAA,IACF,MAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe,UAAU;AAAA,QACzB,gBAAgB;AAAA,QAChB,kBAAkB,OAAO,KAAK,IAAI;AAAA,MACpC;AAAA,MACA;AAAA,IACF,CAAC;AAAA,IAED,IAAI,CAAC,SAAS,IAAI;AAAA,MAChB,IAAI,UAAU,SAAS;AAAA,MACvB,IAAI;AAAA,QACF,MAAM,QAAQ,MAAM,SAAS,KAAK;AAAA,QAClC,IAAI,OAAO,MAAK,YAAY;AAAA,UAAU,UAAU,MAAK;AAAA,QACrD,MAAM;AAAA,MAGR,OAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO,EAAE,MAAM,OAAO,SAAS,MAAM,GAAG,SAAS,QAAQ,SAAS,OAAO;AAAA,MAC3E;AAAA,IACF;AAAA,IAEA,MAAM,SAAU,MAAM,SAAS,KAAK;AAAA,IACpC,OAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,QAAQ,SAAS,OAAO;AAAA,IACzD,OAAO,KAAK;AAAA,IACZ,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA;AAAA;AAOG,IAAM,UAAU,OACrB,SACA,OACA,mBACA,SACA,SAC0C;AAAA,EAC1C,MAAM,MAAM,WAAW,SAAS,OAAO,SAAS,OAAO;AAAA,EAEvD,OAAO,cAA+B,KAAK,UAAU,qBAAqB;AAAA,IACxE,QAAQ;AAAA,IACR,MAAM,EAAE,KAAK;AAAA,EACf,CAAC;AAAA;AAMI,IAAM,OAAO,OAClB,SACA,OACA,mBACA,SACA,SACuC;AAAA,EACvC,MAAM,MAAM,WAAW,SAAS,OAAO,SAAS,IAAI;AAAA,EAEpD,OAAO,cAA4B,KAAK,UAAU,qBAAqB;AAAA,IACrE,QAAQ;AAAA,IACR,MAAM,EAAE,KAAK;AAAA,EACf,CAAC;AAAA;AAMI,IAAM,OAAO,OAClB,SACA,OACA,mBACA,SACA,MACA,OACuC;AAAA,EACvC,MAAM,MAAM,WAAW,SAAS,OAAO,SAAS,IAAI;AAAA,EAEpD,OAAO,cAA4B,KAAK,UAAU,qBAAqB;AAAA,IACrE,QAAQ;AAAA,IACR,MAAM,EAAE,MAAM,GAAG;AAAA,EACnB,CAAC;AAAA;AAMI,IAAM,OAAO,OAClB,SACA,OACA,mBACA,SACA,MACA,OACuC;AAAA,EACvC,MAAM,MAAM,WAAW,SAAS,OAAO,SAAS,IAAI;AAAA,EAEpD,OAAO,cAA4B,KAAK,UAAU,qBAAqB;AAAA,IACrE,QAAQ;AAAA,IACR,MAAM,EAAE,MAAM,GAAG;AAAA,EACnB,CAAC;AAAA;AAMI,IAAM,YAAY,OACvB,SACA,OACA,mBACA,SACA,SACA,YAC4C;AAAA,EAC5C,MAAM,MAAM,WAAW,SAAS,OAAO,SAAS,SAAS;AAAA,EAEzD,OAAO,cAAiC,KAAK,UAAU,qBAAqB;AAAA,IAC1E,QAAQ;AAAA,IACR,MAAM,EAAE,SAAS,QAAQ;AAAA,EAC3B,CAAC;AAAA;;ACxQI,IAAM,mBAAmB,OAAO,YAAuD;AAAA,EAC5F,OAAO,SAAsB,GAAG,kBAAkB;AAAA;AAM7C,IAAM,cAAc,OAAO,YAA8D;AAAA,EAC9F,OAAO,SAA6B,GAAG,oBAAoB;AAAA;;ACYtD,IAAM,UAAU,OACrB,SACA,OACA,mBACA,YACqC;AAAA,EACrC,MAAM,MAAM,GAAG,qBAAqB,mBAAmB,KAAK,eAAe,mBAAmB,OAAO;AAAA,EAErG,IAAI;AAAA,IACF,MAAM,UAAkC;AAAA,MACtC,eAAe,UAAU;AAAA,IAC3B;AAAA,IAEA,MAAM,WAAW,MAAM,MAAM,KAAK,EAAE,QAAQ,CAAC;AAAA,IAE7C,IAAI,CAAC,SAAS,IAAI;AAAA,MAChB,MAAM,QAAQ,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,EAAE,SAAS,SAAS,WAAW,EAAE;AAAA,MAClF,OAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,UACL,MAAM,OAAO,SAAS,MAAM;AAAA,UAC5B,SAAU,MAA+B,WAAW,SAAS;AAAA,UAC7D,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAAA,IAEA,MAAM,OAAO,IAAI,WAAW,MAAM,SAAS,YAAY,CAAC;AAAA,IACxD,OAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,IACjD,OAAO,KAAK;AAAA,IACZ,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA;AAAA;AAQG,IAAM,mBAAmB,OAC9B,SACA,OACA,mBACA,SACA,cACqC;AAAA,EACrC,MAAM,MAAM,GAAG,qBAAqB,mBAAmB,KAAK,eAAe,mBAAmB,OAAO,KAAK;AAAA,EAE1G,IAAI;AAAA,IACF,MAAM,UAAkC;AAAA,MACtC,eAAe,UAAU;AAAA,IAC3B;AAAA,IAEA,MAAM,WAAW,MAAM,MAAM,KAAK,EAAE,QAAQ,CAAC;AAAA,IAE7C,IAAI,CAAC,SAAS,IAAI;AAAA,MAChB,MAAM,QAAQ,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,EAAE,SAAS,SAAS,WAAW,EAAE;AAAA,MAClF,OAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,UACL,MAAM,OAAO,SAAS,MAAM;AAAA,UAC5B,SAAU,MAA+B,WAAW,SAAS;AAAA,UAC7D,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAAA,IAEA,MAAM,OAAO,IAAI,WAAW,MAAM,SAAS,YAAY,CAAC;AAAA,IACxD,OAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,IACjD,OAAO,KAAK;AAAA,IACZ,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA;AAAA;AAQG,IAAM,kBAAkB,OAC7B,SACA,OACA,mBACA,YACuC;AAAA,EACvC,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,oBAAoB,mBAAmB,OAAO,KAC9F,UAAU,mBACZ;AAAA;AAQK,IAAM,aAAa,OACxB,SACA,OACA,mBACA,WAC6C;AAAA,EAC7C,OAAO,cACL,GAAG,qBAAqB,mBAAmB,KAAK,iBAChD,UAAU,qBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CACF;AAAA;AAOK,IAAM,UAAU,OACrB,SACA,OACA,mBACA,SACA,YAC2C;AAAA,EAC3C,MAAM,MAAM,GAAG,qBAAqB,mBAAmB,KAAK,eAAe,mBAAmB,OAAO;AAAA,EAErG,IAAI;AAAA,IACF,MAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe,UAAU;AAAA,QACzB,gBAAgB;AAAA,MAClB;AAAA,MAGA,MAAM;AAAA,IACR,CAAC;AAAA,IAED,IAAI,CAAC,SAAS,IAAI;AAAA,MAChB,MAAM,QAAQ,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,EAAE,SAAS,SAAS,WAAW,EAAE;AAAA,MAClF,OAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,UACL,MAAM,OAAO,SAAS,MAAM;AAAA,UAC5B,SAAU,MAA+B,WAAW,SAAS;AAAA,UAC7D,QAAQ,SAAS;AAAA,QACnB;AAAA,MACF;AAAA,IACF;AAAA,IAEA,MAAM,OAAQ,MAAM,SAAS,KAAK;AAAA,IAClC,OAAO,EAAE,IAAI,MAAM,MAAM,QAAQ,SAAS,OAAO;AAAA,IACjD,OAAO,KAAK;AAAA,IACZ,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,eAAe,QAAQ,IAAI,UAAU;AAAA,MAChD;AAAA,IACF;AAAA;AAAA;;AC7JG,IAAM,iBAAiB,OAAO,YAAyD;AAAA,EAC5F,OAAO,SAAwB,GAAG,0BAA0B;AAAA;AAMvD,IAAM,eAAe,OAC1B,SACA,WACwC;AAAA,EACxC,OAAO,SAAwB,GAAG,2BAA2B;AAAA,IAC3D,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AAAA;AAMI,IAAM,QAAQ,OACnB,SACA,WACwC;AAAA,EACxC,OAAO,SAAwB,GAAG,2BAA2B;AAAA,IAC3D,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AAAA;AAMI,IAAM,UAAU,OACrB,SACA,WACwC;AAAA,EACxC,OAAO,SAAwB,GAAG,6BAA6B;AAAA,IAC7D,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AAAA;AAWI,IAAM,QAAQ,OACnB,SACA,oBACmC;AAAA,EACnC,OAAO,cAAwB,GAAG,wBAAwB,UAAU,iBAAiB;AAAA;AAahF,IAAM,iCAAiC,CAC5C,UACA,YACqB;AAAA,EACrB,aAAa,SAAS,WAAW,SAAS;AAAA,EAC1C,cAAc,SAAS;AAAA,EACvB;AAAA,EACA,WAAW,KAAK,IAAI,IAAI,SAAS,YAAY;AAC/C;;AC5FO,IAAM,oBAAoB,OAC/B,SACA,WACoD;AAAA,EACpD,OAAO,SAAoC,GAAG,+BAA+B;AAAA,IAC3E,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AAAA;AAOI,IAAM,kBAAkB,OAC7B,SACA,cAC8C;AAAA,EAC9C,OAAO,SACL,GAAG,+BAA+B,mBAAmB,SAAS,QAChE;AAAA;AAWK,IAAM,iBAAiB,OAC5B,SACA,iBACA,cAC8C;AAAA,EAC9C,OAAO,cACL,GAAG,+BAA+B,mBAAmB,SAAS,KAC9D,UAAU,iBACZ;AAAA;AAOK,IAAM,qBAAqB,OAChC,SACA,iBACA,WACA,WACiD;AAAA,EACjD,OAAO,cACL,GAAG,+BAA+B,mBAAmB,SAAS,aAC9D,UAAU,mBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM,UAAU,CAAC;AAAA,EACnB,CACF;AAAA;AAOK,IAAM,oBAAoB,OAC/B,SACA,iBACA,WACA,WAC8C;AAAA,EAC9C,OAAO,cACL,GAAG,+BAA+B,mBAAmB,SAAS,YAC9D,UAAU,mBACV;AAAA,IACE,QAAQ;AAAA,IACR,MAAM,UAAU,CAAC;AAAA,EACnB,CACF;AAAA;;ACjFK,IAAM,eAAe,OAC1B,SACA,uBAC+C;AAAA,EAC/C,OAAO,cACL,GAAG,4BACH,UAAU,sBACV;AAAA,IACE,QAAQ;AAAA,EACV,CACF;AAAA;",
17
+ "debugId": "514FBDA2B32CF85B64756E2164756E21",
18
+ "names": []
19
+ }
package/dist/api/info.d.ts ADDED
@@ -0,0 +1,16 @@
1
+ /**
2
+ * Service info API.
3
+ */
4
+ import type { ServiceInfo } from "@casfa/protocol";
5
+ import type { FetchResult } from "../types/client.ts";
6
+ /**
7
+ * Fetch service info from /api/info.
8
+ */
9
+ export declare const fetchServiceInfo: (baseUrl: string) => Promise<FetchResult<ServiceInfo>>;
10
+ /**
11
+ * Health check.
12
+ */
13
+ export declare const healthCheck: (baseUrl: string) => Promise<FetchResult<{
14
+ status: string;
15
+ }>>;
16
+ //# sourceMappingURL=info.d.ts.map
package/dist/api/info.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"info.d.ts","sourceRoot":"","sources":["../../src/api/info.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAGtD;;GAEG;AACH,eAAO,MAAM,gBAAgB,GAAU,SAAS,MAAM,KAAG,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAExF,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,WAAW,GAAU,SAAS,MAAM,KAAG,OAAO,CAAC,WAAW,CAAC;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAE1F,CAAC"}
package/dist/api/nodes.d.ts ADDED
@@ -0,0 +1,42 @@
1
+ /**
2
+ * Node API functions.
3
+ *
4
+ * Token Requirement:
5
+ * - GET /nodes/raw/:nodeKey: Access Token (Direct Authorization Check)
6
+ * - GET /nodes/metadata/:nodeKey: Access Token (Direct Authorization Check)
7
+ * - POST /nodes/check: Access Token
8
+ * - PUT /nodes/raw/:nodeKey: Access Token with canUpload
9
+ */
10
+ import type { CheckNodes, CheckNodesResponse, NodeMetadata } from "@casfa/protocol";
11
+ import type { FetchResult } from "../types/client.ts";
12
+ export type NodeUploadResult = {
13
+ nodeKey: string;
14
+ status: "created" | "exists";
15
+ };
16
+ /**
17
+ * Get node content.
18
+ * Requires Access Token with Direct Authorization on the nodeKey.
19
+ */
20
+ export declare const getNode: (baseUrl: string, realm: string, accessTokenBase64: string, nodeKey: string) => Promise<FetchResult<Uint8Array>>;
21
+ /**
22
+ * Get node content via navigation path (GET /nodes/raw/:key/~0/~1/...).
23
+ * Requires Access Token with Direct Authorization on the starting nodeKey.
24
+ */
25
+ export declare const getNodeNavigated: (baseUrl: string, realm: string, accessTokenBase64: string, nodeKey: string, indexPath: string) => Promise<FetchResult<Uint8Array>>;
26
+ /**
27
+ * Get node metadata.
28
+ * Requires Access Token with Direct Authorization on the nodeKey.
29
+ */
30
+ export declare const getNodeMetadata: (baseUrl: string, realm: string, accessTokenBase64: string, nodeKey: string) => Promise<FetchResult<NodeMetadata>>;
31
+ /**
32
+ * Check nodes status on the server.
33
+ * Returns three-way classification: missing, owned, unowned.
34
+ * Requires Access Token.
35
+ */
36
+ export declare const checkNodes: (baseUrl: string, realm: string, accessTokenBase64: string, params: CheckNodes) => Promise<FetchResult<CheckNodesResponse>>;
37
+ /**
38
+ * Upload a node.
39
+ * Requires Access Token with canUpload.
40
+ */
41
+ export declare const putNode: (baseUrl: string, realm: string, accessTokenBase64: string, nodeKey: string, content: Uint8Array) => Promise<FetchResult<NodeUploadResult>>;
42
+ //# sourceMappingURL=nodes.d.ts.map
package/dist/api/nodes.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"nodes.d.ts","sourceRoot":"","sources":["../../src/api/nodes.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpF,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,SAAS,GAAG,QAAQ,CAAC;CAC9B,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,OAAO,GAClB,SAAS,MAAM,EACf,OAAO,MAAM,EACb,mBAAmB,MAAM,EACzB,SAAS,MAAM,KACd,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAiCjC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,gBAAgB,GAC3B,SAAS,MAAM,EACf,OAAO,MAAM,EACb,mBAAmB,MAAM,EACzB,SAAS,MAAM,EACf,WAAW,MAAM,KAChB,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAiCjC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,eAAe,GAC1B,SAAS,MAAM,EACf,OAAO,MAAM,EACb,mBAAmB,MAAM,EACzB,SAAS,MAAM,KACd,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,CAKnC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,MAAM,EACf,OAAO,MAAM,EACb,mBAAmB,MAAM,EACzB,QAAQ,UAAU,KACjB,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,CASzC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,OAAO,GAClB,SAAS,MAAM,EACf,OAAO,MAAM,EACb,mBAAmB,MAAM,EACzB,SAAS,MAAM,EACf,SAAS,UAAU,KAClB,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAsCvC,CAAC"}
package/dist/api/oauth.d.ts ADDED
@@ -0,0 +1,54 @@
1
+ /**
2
+ * OAuth API functions.
3
+ */
4
+ import type { Login, Refresh, TokenExchange } from "@casfa/protocol";
5
+ import type { FetchResult } from "../types/client.ts";
6
+ import type { StoredUserToken } from "../types/tokens.ts";
7
+ export type CognitoConfig = {
8
+ region: string;
9
+ userPoolId: string;
10
+ clientId: string;
11
+ domain: string;
12
+ };
13
+ export type TokenResponse = {
14
+ accessToken: string;
15
+ refreshToken: string;
16
+ expiresIn: number;
17
+ idToken?: string;
18
+ };
19
+ export type UserInfo = {
20
+ userId: string;
21
+ email: string;
22
+ role: string;
23
+ /** Root delegate ID for this user (null if none created yet) */
24
+ rootDelegateId: string | null;
25
+ };
26
+ /**
27
+ * Get Cognito configuration.
28
+ */
29
+ export declare const getOAuthConfig: (baseUrl: string) => Promise<FetchResult<CognitoConfig>>;
30
+ /**
31
+ * Exchange authorization code for tokens.
32
+ */
33
+ export declare const exchangeCode: (baseUrl: string, params: TokenExchange) => Promise<FetchResult<TokenResponse>>;
34
+ /**
35
+ * Login with email and password.
36
+ */
37
+ export declare const login: (baseUrl: string, params: Login) => Promise<FetchResult<TokenResponse>>;
38
+ /**
39
+ * Refresh access token.
40
+ */
41
+ export declare const refresh: (baseUrl: string, params: Refresh) => Promise<FetchResult<TokenResponse>>;
42
+ /**
43
+ * Get current user info.
44
+ * Requires User JWT.
45
+ */
46
+ export declare const getMe: (baseUrl: string, userAccessToken: string) => Promise<FetchResult<UserInfo>>;
47
+ /**
48
+ * Convert token response to stored user token.
49
+ *
50
+ * Prefers idToken over accessToken for Bearer auth because
51
+ * Cognito access tokens do not contain email/name claims.
52
+ */
53
+ export declare const tokenResponseToStoredUserToken: (response: TokenResponse, userId: string) => StoredUserToken;
54
+ //# sourceMappingURL=oauth.d.ts.map
package/dist/api/oauth.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/api/oauth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAO1D,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,gEAAgE;IAChE,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B,CAAC;AAMF;;GAEG;AACH,eAAO,MAAM,cAAc,GAAU,SAAS,MAAM,KAAG,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC,CAExF,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,MAAM,EACf,QAAQ,aAAa,KACpB,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC,CAKpC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,KAAK,GAChB,SAAS,MAAM,EACf,QAAQ,KAAK,KACZ,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC,CAKpC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,OAAO,GAClB,SAAS,MAAM,EACf,QAAQ,OAAO,KACd,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC,CAKpC,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,KAAK,GAChB,SAAS,MAAM,EACf,iBAAiB,MAAM,KACtB,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,CAE/B,CAAC;AAMF;;;;;GAKG;AACH,eAAO,MAAM,8BAA8B,GACzC,UAAU,aAAa,EACvB,QAAQ,MAAM,KACb,eAKD,CAAC"}
package/dist/api/requests.d.ts ADDED
@@ -0,0 +1,33 @@
1
+ /**
2
+ * Client Authorization Request API functions.
3
+ *
4
+ * For CLI/desktop apps to request tokens through user approval.
5
+ */
6
+ import type { ApproveRequest, ApproveRequestResponse, CreateAuthRequest, CreateAuthRequestResponse, DenyRequest, DenyRequestResponse, PollRequestResponse } from "@casfa/protocol";
7
+ import type { FetchResult } from "../types/client.ts";
8
+ /**
9
+ * Create an authorization request.
10
+ * No auth required - called by CLI/desktop clients.
11
+ */
12
+ export declare const createAuthRequest: (baseUrl: string, params: CreateAuthRequest) => Promise<FetchResult<CreateAuthRequestResponse>>;
13
+ /**
14
+ * Poll authorization request status.
15
+ * No auth required - called by CLI/desktop clients.
16
+ */
17
+ export declare const pollAuthRequest: (baseUrl: string, requestId: string) => Promise<FetchResult<PollRequestResponse>>;
18
+ /**
19
+ * Get authorization request details.
20
+ * Requires User JWT.
21
+ */
22
+ export declare const getAuthRequest: (baseUrl: string, userAccessToken: string, requestId: string) => Promise<FetchResult<PollRequestResponse>>;
23
+ /**
24
+ * Approve an authorization request.
25
+ * Requires User JWT.
26
+ */
27
+ export declare const approveAuthRequest: (baseUrl: string, userAccessToken: string, requestId: string, params?: ApproveRequest) => Promise<FetchResult<ApproveRequestResponse>>;
28
+ /**
29
+ * Reject an authorization request.
30
+ * Requires User JWT.
31
+ */
32
+ export declare const rejectAuthRequest: (baseUrl: string, userAccessToken: string, requestId: string, params?: DenyRequest) => Promise<FetchResult<DenyRequestResponse>>;
33
+ //# sourceMappingURL=requests.d.ts.map
package/dist/api/requests.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"requests.d.ts","sourceRoot":"","sources":["../../src/api/requests.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,cAAc,EACd,sBAAsB,EACtB,iBAAiB,EACjB,yBAAyB,EACzB,WAAW,EACX,mBAAmB,EACnB,mBAAmB,EACpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAC5B,SAAS,MAAM,EACf,QAAQ,iBAAiB,KACxB,OAAO,CAAC,WAAW,CAAC,yBAAyB,CAAC,CAKhD,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,eAAe,GAC1B,SAAS,MAAM,EACf,WAAW,MAAM,KAChB,OAAO,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAI1C,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,cAAc,GACzB,SAAS,MAAM,EACf,iBAAiB,MAAM,EACvB,WAAW,MAAM,KAChB,OAAO,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAK1C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,GAC7B,SAAS,MAAM,EACf,iBAAiB,MAAM,EACvB,WAAW,MAAM,EACjB,SAAS,cAAc,KACtB,OAAO,CAAC,WAAW,CAAC,sBAAsB,CAAC,CAS7C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAC5B,SAAS,MAAM,EACf,iBAAiB,MAAM,EACvB,WAAW,MAAM,EACjB,SAAS,WAAW,KACnB,OAAO,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAS1C,CAAC"}
package/dist/api/tokens.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ /**
2
+ * Token API functions (new 2-tier model).
3
+ *
4
+ * Token Endpoint:
5
+ * - POST /api/auth/refresh: Bearer RT → new RT + AT (child delegates only)
6
+ *
7
+ * Root delegates no longer need a dedicated endpoint — the server's
8
+ * access-token-auth middleware auto-creates the root delegate on first
9
+ * JWT-authenticated request.
10
+ */
11
+ import type { RefreshTokenResponse } from "@casfa/protocol";
12
+ import type { FetchResult } from "../types/client.ts";
13
+ /**
14
+ * Rotate refresh token to get new RT + AT pair.
15
+ * Uses Bearer auth with the refresh token.
16
+ * Only valid for child delegates (depth > 0).
17
+ */
18
+ export declare const refreshToken: (baseUrl: string, refreshTokenBase64: string) => Promise<FetchResult<RefreshTokenResponse>>;
19
+ //# sourceMappingURL=tokens.d.ts.map
package/dist/api/tokens.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../src/api/tokens.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAC5D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD;;;;GAIG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,MAAM,EACf,oBAAoB,MAAM,KACzB,OAAO,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAQ3C,CAAC"}
package/dist/client/delegates.d.ts ADDED
@@ -0,0 +1,26 @@
1
+ /**
2
+ * Delegate management methods for the stateful client.
3
+ */
4
+ import type { ClaimNodeResponse, CreateDelegateRequest, CreateDelegateResponse, DelegateDetail, ListDelegatesQuery, RevokeDelegateResponse } from "@casfa/protocol";
5
+ import * as api from "../api/index.ts";
6
+ import type { TokenSelector } from "../store/token-selector.ts";
7
+ import type { FetchResult } from "../types/client.ts";
8
+ export type DelegateMethods = {
9
+ /** Create a child delegate */
10
+ create: (params: CreateDelegateRequest) => Promise<FetchResult<CreateDelegateResponse>>;
11
+ /** List child delegates */
12
+ list: (params?: ListDelegatesQuery) => Promise<FetchResult<api.ListDelegatesResponse>>;
13
+ /** Get delegate details */
14
+ get: (delegateId: string) => Promise<FetchResult<DelegateDetail>>;
15
+ /** Revoke a delegate */
16
+ revoke: (delegateId: string) => Promise<FetchResult<RevokeDelegateResponse>>;
17
+ /** Claim ownership of a CAS node via PoP */
18
+ claimNode: (nodeKey: string, pop: string) => Promise<FetchResult<ClaimNodeResponse>>;
19
+ };
20
+ export type DelegateDeps = {
21
+ baseUrl: string;
22
+ realm: string;
23
+ tokenSelector: TokenSelector;
24
+ };
25
+ export declare const createDelegateMethods: ({ baseUrl, realm, tokenSelector, }: DelegateDeps) => DelegateMethods;
26
+ //# sourceMappingURL=delegates.d.ts.map
package/dist/client/delegates.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"delegates.d.ts","sourceRoot":"","sources":["../../src/client/delegates.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EACV,iBAAiB,EACjB,qBAAqB,EACrB,sBAAsB,EACtB,cAAc,EACd,kBAAkB,EAClB,sBAAsB,EACvB,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,GAAG,MAAM,iBAAiB,CAAC;AACvC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD,MAAM,MAAM,eAAe,GAAG;IAC5B,8BAA8B;IAC9B,MAAM,EAAE,CAAC,MAAM,EAAE,qBAAqB,KAAK,OAAO,CAAC,WAAW,CAAC,sBAAsB,CAAC,CAAC,CAAC;IACxF,2BAA2B;IAC3B,IAAI,EAAE,CAAC,MAAM,CAAC,EAAE,kBAAkB,KAAK,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACvF,2BAA2B;IAC3B,GAAG,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC,CAAC;IAClE,wBAAwB;IACxB,MAAM,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,sBAAsB,CAAC,CAAC,CAAC;IAC7E,4CAA4C;IAC5C,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC;CACtF,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,aAAa,CAAC;CAC9B,CAAC;AAMF,eAAO,MAAM,qBAAqB,GAAI,oCAInC,YAAY,KAAG,eAmBjB,CAAC"}
package/dist/client/depots.d.ts ADDED
@@ -0,0 +1,28 @@
1
+ /**
2
+ * Depot methods for the stateful client.
3
+ */
4
+ import type { CreateDepot, CreateDepotResponse, DepotCommit, DepotDetail, ListDepotsQuery, UpdateDepot } from "@casfa/protocol";
5
+ import * as api from "../api/index.ts";
6
+ import type { TokenSelector } from "../store/token-selector.ts";
7
+ import type { FetchResult } from "../types/client.ts";
8
+ export type DepotMethods = {
9
+ /** Create a new depot */
10
+ create: (params: CreateDepot) => Promise<FetchResult<CreateDepotResponse>>;
11
+ /** List depots */
12
+ list: (params?: ListDepotsQuery) => Promise<FetchResult<api.ListDepotsResponse>>;
13
+ /** Get depot details */
14
+ get: (depotId: string) => Promise<FetchResult<DepotDetail>>;
15
+ /** Update depot */
16
+ update: (depotId: string, params: UpdateDepot) => Promise<FetchResult<DepotDetail>>;
17
+ /** Delete depot */
18
+ delete: (depotId: string) => Promise<FetchResult<void>>;
19
+ /** Commit new root */
20
+ commit: (depotId: string, params: DepotCommit) => Promise<FetchResult<api.CommitDepotResponse>>;
21
+ };
22
+ export type DepotDeps = {
23
+ baseUrl: string;
24
+ realm: string;
25
+ tokenSelector: TokenSelector;
26
+ };
27
+ export declare const createDepotMethods: ({ baseUrl, realm, tokenSelector }: DepotDeps) => DepotMethods;
28
+ //# sourceMappingURL=depots.d.ts.map
package/dist/client/depots.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"depots.d.ts","sourceRoot":"","sources":["../../src/client/depots.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EACV,WAAW,EACX,mBAAmB,EACnB,WAAW,EACX,WAAW,EACX,eAAe,EACf,WAAW,EACZ,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,GAAG,MAAM,iBAAiB,CAAC;AACvC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD,MAAM,MAAM,YAAY,GAAG;IACzB,yBAAyB;IACzB,MAAM,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC3E,kBAAkB;IAClB,IAAI,EAAE,CAAC,MAAM,CAAC,EAAE,eAAe,KAAK,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACjF,wBAAwB;IACxB,GAAG,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC;IAC5D,mBAAmB;IACnB,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC;IACpF,mBAAmB;IACnB,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;IACxD,sBAAsB;IACtB,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC;CACjG,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,aAAa,CAAC;CAC9B,CAAC;AAMF,eAAO,MAAM,kBAAkB,GAAI,mCAAmC,SAAS,KAAG,YAoBjF,CAAC"}
package/dist/client/filesystem.d.ts ADDED
@@ -0,0 +1,39 @@
1
+ /**
2
+ * Filesystem methods for the stateful client.
3
+ *
4
+ * Provides high-level fs operations that automatically handle
5
+ * token management and root node resolution via depot.
6
+ */
7
+ import type { FsCpResponse, FsLsResponse, FsMkdirResponse, FsMvResponse, FsRewriteEntry, FsRewriteResponse, FsRmResponse, FsStatResponse, FsWriteResponse } from "@casfa/protocol";
8
+ import type { TokenSelector } from "../store/token-selector.ts";
9
+ import type { FetchResult } from "../types/client.ts";
10
+ export type FsMethods = {
11
+ /** Get file/directory metadata */
12
+ stat: (rootKey: string, path?: string) => Promise<FetchResult<FsStatResponse>>;
13
+ /** List directory contents with pagination */
14
+ ls: (rootKey: string, path?: string, opts?: {
15
+ limit?: number;
16
+ cursor?: string;
17
+ }) => Promise<FetchResult<FsLsResponse>>;
18
+ /** Read file content as Blob */
19
+ read: (rootKey: string, path: string) => Promise<FetchResult<Blob>>;
20
+ /** Write (create/overwrite) a file */
21
+ write: (rootKey: string, path: string, data: Blob | ArrayBuffer | Uint8Array, contentType?: string) => Promise<FetchResult<FsWriteResponse>>;
22
+ /** Create a directory */
23
+ mkdir: (rootKey: string, path: string) => Promise<FetchResult<FsMkdirResponse>>;
24
+ /** Remove a file or directory */
25
+ rm: (rootKey: string, path: string) => Promise<FetchResult<FsRmResponse>>;
26
+ /** Move or rename */
27
+ mv: (rootKey: string, from: string, to: string) => Promise<FetchResult<FsMvResponse>>;
28
+ /** Copy */
29
+ cp: (rootKey: string, from: string, to: string) => Promise<FetchResult<FsCpResponse>>;
30
+ /** Batch rewrite directory tree */
31
+ rewrite: (rootKey: string, entries?: Record<string, FsRewriteEntry>, deletes?: string[]) => Promise<FetchResult<FsRewriteResponse>>;
32
+ };
33
+ export type FsDeps = {
34
+ baseUrl: string;
35
+ realm: string;
36
+ tokenSelector: TokenSelector;
37
+ };
38
+ export declare const createFsMethods: ({ baseUrl, realm, tokenSelector }: FsDeps) => FsMethods;
39
+ //# sourceMappingURL=filesystem.d.ts.map
package/dist/client/filesystem.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"filesystem.d.ts","sourceRoot":"","sources":["../../src/client/filesystem.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,eAAe,EAChB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD,MAAM,MAAM,SAAS,GAAG;IACtB,kCAAkC;IAClC,IAAI,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC,CAAC;IAC/E,8CAA8C;IAC9C,EAAE,EAAE,CACF,OAAO,EAAE,MAAM,EACf,IAAI,CAAC,EAAE,MAAM,EACb,IAAI,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,KACvC,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IACxC,gCAAgC;IAChC,IAAI,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;IACpE,sCAAsC;IACtC,KAAK,EAAE,CACL,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,IAAI,GAAG,WAAW,GAAG,UAAU,EACrC,WAAW,CAAC,EAAE,MAAM,KACjB,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC;IAC3C,yBAAyB;IACzB,KAAK,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC;IAChF,iCAAiC;IACjC,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IAC1E,qBAAqB;IACrB,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IACtF,WAAW;IACX,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IACtF,mCAAmC;IACnC,OAAO,EAAE,CACP,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,EACxC,OAAO,CAAC,EAAE,MAAM,EAAE,KACf,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC;CAC9C,CAAC;AAEF,MAAM,MAAM,MAAM,GAAG;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,aAAa,CAAC;CAC9B,CAAC;AAMF,eAAO,MAAM,eAAe,GAAI,mCAAmC,MAAM,KAAG,SAiC3E,CAAC"}
package/dist/client/helpers.d.ts ADDED
@@ -0,0 +1,27 @@
1
+ /**
2
+ * Client helper functions for reducing boilerplate.
3
+ */
4
+ import type { FetchResult } from "../types/client.ts";
5
+ import type { StoredAccessToken, StoredUserToken } from "../types/tokens.ts";
6
+ export declare const ERRORS: {
7
+ readonly USER_REQUIRED: {
8
+ readonly code: "UNAUTHORIZED";
9
+ readonly message: "User login required";
10
+ };
11
+ readonly ACCESS_REQUIRED: {
12
+ readonly code: "FORBIDDEN";
13
+ readonly message: "Access token required";
14
+ };
15
+ };
16
+ export type TokenGetter<T> = () => Promise<T | null>;
17
+ /**
18
+ * Higher-order function for token-required operations.
19
+ * Reduces repetitive null checks and error returns.
20
+ */
21
+ export declare const withToken: <T>(getToken: TokenGetter<T>, error: {
22
+ code: string;
23
+ message: string;
24
+ }) => <R>(fn: (token: T) => Promise<FetchResult<R>>) => Promise<FetchResult<R>>;
25
+ export declare const withUserToken: (getToken: TokenGetter<StoredUserToken>) => <R>(fn: (token: StoredUserToken) => Promise<FetchResult<R>>) => Promise<FetchResult<R>>;
26
+ export declare const withAccessToken: (getToken: TokenGetter<StoredAccessToken>) => <R>(fn: (token: StoredAccessToken) => Promise<FetchResult<R>>) => Promise<FetchResult<R>>;
27
+ //# sourceMappingURL=helpers.d.ts.map
package/dist/client/helpers.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../src/client/helpers.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAM7E,eAAO,MAAM,MAAM;;;;;;;;;CAGT,CAAC;AAMX,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,MAAM,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAErD;;;GAGG;AACH,eAAO,MAAM,SAAS,GAAI,CAAC,EACzB,UAAU,WAAW,CAAC,CAAC,CAAC,EACxB,OAAO;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,MAEhC,CAAC,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,KAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAI9E,CAAC;AAEF,eAAO,MAAM,aAAa,GAAI,UAAU,WAAW,CAAC,eAAe,CAAC,MAN1D,CAAC,qFAOgC,CAAC;AAE5C,eAAO,MAAM,eAAe,GAAI,UAAU,WAAW,CAAC,iBAAiB,CAAC,MAT9D,CAAC,uFAUkC,CAAC"}