@casfa/client 0.2.0 → 0.3.0

package/dist/client/index.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Stateful CASFA Client
+ *
+ * A closure-based client that manages JWT auth.
+ * Root delegate is auto-created by the server on first JWT request.
+ */
+import type { ServiceInfo } from "@casfa/protocol";
+import type { ClientConfig, OnAuthRequiredCallback, OnTokenChangeCallback, TokenStorageProvider } from "../types/client.ts";
+import type { StoredAccessToken, StoredRootDelegate, TokenState } from "../types/tokens.ts";
+import { type DelegateMethods } from "./delegates.ts";
+import { type DepotMethods } from "./depots.ts";
+import { type FsMethods } from "./filesystem.ts";
+import { type NodeMethods } from "./nodes.ts";
+import { type OAuthMethods } from "./oauth.ts";
+import { type TokenMethods } from "./tokens.ts";
+export type { DelegateMethods, DepotMethods, FsMethods, NodeMethods, OAuthMethods, TokenMethods };
+export type { ClientConfig, OnAuthRequiredCallback, OnTokenChangeCallback, TokenStorageProvider };
+/**
+ * The stateful CASFA client.
+ */
+export type CasfaClient = {
+    /** Get current token state */
+    getState: () => TokenState;
+    /** Get server info */
+    getServerInfo: () => ServiceInfo | null;
+    /** Set root delegate metadata (e.g., from external source) */
+    setRootDelegate: (delegate: StoredRootDelegate) => void;
+    /** Get current auth token (JWT — server auto-creates root delegate) */
+    getAccessToken: () => Promise<StoredAccessToken | null>;
+    /** Clear all tokens and logout */
+    logout: () => void;
+    /** OAuth methods */
+    oauth: OAuthMethods;
+    /** Token management methods */
+    tokens: TokenMethods;
+    /** Delegate management methods */
+    delegates: DelegateMethods;
+    /** Depot methods */
+    depots: DepotMethods;
+    /** Filesystem methods */
+    fs: FsMethods;
+    /** Node methods */
+    nodes: NodeMethods;
+};
+/**
+ * Create a stateful CASFA client.
+ */
+export declare const createClient: (config: ClientConfig) => Promise<CasfaClient>;
+//# sourceMappingURL=index.d.ts.map

package/dist/client/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAKnD,OAAO,KAAK,EACV,YAAY,EACZ,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAC5F,OAAO,EAAyB,KAAK,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAC7E,OAAO,EAAsB,KAAK,YAAY,EAAE,MAAM,aAAa,CAAC;AACpE,OAAO,EAAmB,KAAK,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAClE,OAAO,EAAqB,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AACjE,OAAO,EAAsB,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,EAAsB,KAAK,YAAY,EAAE,MAAM,aAAa,CAAC;AAMpE,YAAY,EAAE,eAAe,EAAE,YAAY,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC;AAElG,YAAY,EAAE,YAAY,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,CAAC;AAMlG;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG;IACxB,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,UAAU,CAAC;IAC3B,sBAAsB;IACtB,aAAa,EAAE,MAAM,WAAW,GAAG,IAAI,CAAC;IAExC,8DAA8D;IAC9D,eAAe,EAAE,CAAC,QAAQ,EAAE,kBAAkB,KAAK,IAAI,CAAC;IACxD,uEAAuE;IACvE,cAAc,EAAE,MAAM,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IACxD,kCAAkC;IAClC,MAAM,EAAE,MAAM,IAAI,CAAC;IAEnB,oBAAoB;IACpB,KAAK,EAAE,YAAY,CAAC;IACpB,+BAA+B;IAC/B,MAAM,EAAE,YAAY,CAAC;IACrB,kCAAkC;IAClC,SAAS,EAAE,eAAe,CAAC;IAC3B,oBAAoB;IACpB,MAAM,EAAE,YAAY,CAAC;IACrB,yBAAyB;IACzB,EAAE,EAAE,SAAS,CAAC;IACd,mBAAmB;IACnB,KAAK,EAAE,WAAW,CAAC;CACpB,CAAC;AAMF;;GAEG;AACH,eAAO,MAAM,YAAY,GAAU,QAAQ,YAAY,KAAG,OAAO,CAAC,WAAW,CAuD5E,CAAC"}

package/dist/client/nodes.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Node methods for the stateful client.
+ */
+import type { BatchClaimRequest, BatchClaimResponse, CheckNodes, CheckNodesResponse, ClaimNodeResponse, NodeMetadata } from "@casfa/protocol";
+import * as api from "../api/index.ts";
+import type { TokenSelector } from "../store/token-selector.ts";
+import type { FetchResult } from "../types/client.ts";
+export type NodeMethods = {
+    /** Get node content */
+    get: (nodeKey: string) => Promise<FetchResult<Uint8Array>>;
+    /** Get node content via navigation path (~0/~1/...) */
+    getNavigated: (nodeKey: string, indexPath: string) => Promise<FetchResult<Uint8Array>>;
+    /** Get node metadata */
+    getMetadata: (nodeKey: string) => Promise<FetchResult<NodeMetadata>>;
+    /** Check nodes status on the server */
+    check: (params: CheckNodes) => Promise<FetchResult<CheckNodesResponse>>;
+    /** Upload a node */
+    put: (nodeKey: string, content: Uint8Array) => Promise<FetchResult<api.NodeUploadResult>>;
+    /** Claim ownership of a node via PoP (legacy single claim) */
+    claim: (nodeKey: string, pop: string) => Promise<FetchResult<ClaimNodeResponse>>;
+    /** Batch claim ownership of nodes (PoP + path-based) */
+    batchClaim: (params: BatchClaimRequest) => Promise<FetchResult<BatchClaimResponse>>;
+};
+export type NodeDeps = {
+    baseUrl: string;
+    realm: string;
+    tokenSelector: TokenSelector;
+};
+export declare const createNodeMethods: ({ baseUrl, realm, tokenSelector }: NodeDeps) => NodeMethods;
+//# sourceMappingURL=nodes.d.ts.map

package/dist/client/nodes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nodes.d.ts","sourceRoot":"","sources":["../../src/client/nodes.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EACV,iBAAiB,EACjB,kBAAkB,EAClB,UAAU,EACV,kBAAkB,EAClB,iBAAiB,EACjB,YAAY,EACb,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,GAAG,MAAM,iBAAiB,CAAC;AACvC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD,MAAM,MAAM,WAAW,GAAG;IACxB,uBAAuB;IACvB,GAAG,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;IAC3D,uDAAuD;IACvD,YAAY,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC;IACvF,wBAAwB;IACxB,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IACrE,uCAAuC;IACvC,KAAK,EAAE,CAAC,MAAM,EAAE,UAAU,KAAK,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACxE,oBAAoB;IACpB,GAAG,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,KAAK,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC1F,8DAA8D;IAC9D,KAAK,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACjF,wDAAwD;IACxD,UAAU,EAAE,CAAC,MAAM,EAAE,iBAAiB,KAAK,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,CAAC;CACrF,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,aAAa,CAAC;CAC9B,CAAC;AAMF,eAAO,MAAM,iBAAiB,GAAI,mCAAmC,QAAQ,KAAG,WAuB/E,CAAC"}

package/dist/client/oauth.d.ts

@@ -0,0 +1,24 @@
+/**
+ * OAuth methods for the stateful client.
+ */
+import * as api from "../api/index.ts";
+import type { RefreshManager } from "../store/jwt-refresh.ts";
+import type { TokenStore } from "../store/token-store.ts";
+import type { FetchResult } from "../types/client.ts";
+export type OAuthMethods = {
+    /** Get Cognito configuration */
+    getConfig: () => Promise<FetchResult<api.CognitoConfig>>;
+    /** Login with email and password */
+    login: (email: string, password: string) => Promise<FetchResult<api.UserInfo>>;
+    /** Exchange authorization code for tokens */
+    exchangeCode: (code: string, redirectUri: string, codeVerifier?: string) => Promise<FetchResult<api.UserInfo>>;
+    /** Get current user info */
+    getMe: () => Promise<FetchResult<api.UserInfo>>;
+};
+export type OAuthDeps = {
+    baseUrl: string;
+    store: TokenStore;
+    refreshManager: RefreshManager;
+};
+export declare const createOAuthMethods: ({ baseUrl, store, refreshManager, }: OAuthDeps) => OAuthMethods;
+//# sourceMappingURL=oauth.d.ts.map

package/dist/client/oauth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/client/oauth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,GAAG,MAAM,iBAAiB,CAAC;AACvC,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAOtD,MAAM,MAAM,YAAY,GAAG;IACzB,gCAAgC;IAChC,SAAS,EAAE,MAAM,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;IACzD,oCAAoC;IACpC,KAAK,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC/E,6CAA6C;IAC7C,YAAY,EAAE,CACZ,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,CAAC,EAAE,MAAM,KAClB,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;IACxC,4BAA4B;IAC5B,KAAK,EAAE,MAAM,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;CACjD,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,UAAU,CAAC;IAClB,cAAc,EAAE,cAAc,CAAC;CAChC,CAAC;AAMF,eAAO,MAAM,kBAAkB,GAAI,qCAIhC,SAAS,KAAG,YAsCb,CAAC"}

package/dist/client/tokens.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Token management methods for the stateful client.
+ *
+ * Root delegates are auto-created by the server's auth middleware on
+ * first JWT request. This module provides token refresh operations.
+ */
+import type { RefreshManager } from "../store/jwt-refresh.ts";
+import type { TokenSelector } from "../store/token-selector.ts";
+import type { TokenStore } from "../store/token-store.ts";
+import type { FetchResult } from "../types/client.ts";
+export type TokenMethods = {
+    /** Refresh the user's JWT (OAuth token refresh). */
+    refresh: () => Promise<FetchResult<void>>;
+};
+export type TokenDeps = {
+    baseUrl: string;
+    realm: string;
+    store: TokenStore;
+    refreshManager: RefreshManager;
+    tokenSelector: TokenSelector;
+};
+export declare const createTokenMethods: ({ refreshManager }: TokenDeps) => TokenMethods;
+//# sourceMappingURL=tokens.d.ts.map

package/dist/client/tokens.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../src/client/tokens.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAMtD,MAAM,MAAM,YAAY,GAAG;IACzB,oDAAoD;IACpD,OAAO,EAAE,MAAM,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;CAC3C,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,UAAU,CAAC;IAClB,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,EAAE,aAAa,CAAC;CAC9B,CAAC;AAMF,eAAO,MAAM,kBAAkB,GAAI,oBAAoB,SAAS,KAAG,YAkBlE,CAAC"}

package/dist/index.d.ts

@@ -1,298 +1,18 @@
-import { ServiceInfo, CreateDepot, CreateDepotResponse, ListDepotsQuery, DepotDetail, UpdateDepot, DepotCommit, NodeMetadata, PrepareNodes, PrepareNodesResponse, CreateTicket, CreateTicketResponse, ListTicketsQuery, TicketDetail, TicketSubmit, CreateToken } from '@casfa/protocol';
-import { TokenState, StoredUserToken, StoredDelegateToken, StoredAccessToken, TokenStorageProvider, OnTokenChangeCallback, OnAuthRequiredCallback, FetchResult, ClientConfig } from './types/index.js';
-export { ClientError, emptyTokenState } from './types/index.js';
-import { L as ListDepotsResponse, C as CommitDepotResponse, N as NodeUploadResult, a as CognitoConfig, U as UserInfo, b as ListTicketsResponse, S as SubmitTicketResponse, c as ListTokensParams, d as ListTokensResponse, D as DelegateTokenParams } from './index-cPO-6GxE.js';
-export { i as api } from './index-cPO-6GxE.js';
-
 /**
- * Token store - manages the three-tier token state.
+ * @casfa/client - CASFA client library
  *
- * Provides a closure-based store for token state management with
- * automatic persistence and change notifications.
- */
-
-type TokenStore = {
-    /** Get current token state (immutable snapshot) */
-    getState: () => TokenState;
-    /** Set user JWT token */
-    setUser: (token: StoredUserToken | null) => void;
-    /** Set delegate token */
-    setDelegate: (token: StoredDelegateToken | null) => void;
-    /** Set access token */
-    setAccess: (token: StoredAccessToken | null) => void;
-    /** Clear all tokens */
-    clear: () => void;
-    /** Initialize from storage provider */
-    initialize: () => Promise<void>;
-};
-type TokenStoreConfig = {
-    storage?: TokenStorageProvider;
-    onTokenChange?: OnTokenChangeCallback;
-    onAuthRequired?: OnAuthRequiredCallback;
-};
-/**
- * Create a token store instance.
- */
-declare const createTokenStore: (config?: TokenStoreConfig) => TokenStore;
-
-/**
- * Token selector and auto-issuer.
+ * A stateful client that manages two-tier token hierarchy:
+ * - User JWT: OAuth login token, highest authority, used for root operations
+ * - Root Delegate: metadata-only entity (no RT/AT), anchor of delegate tree
  *
- * Implements the "maximum authority" principle:
- * - When issuing tokens, prefer User JWT (depth=0) over Delegate Token
- * - Check issuer consistency before using existing tokens
- * - Re-issue tokens when issuer is not maximized
- */
-
-type TokenSelectorConfig = {
-    store: TokenStore;
-    baseUrl: string;
-    realm: string;
-    serverInfo: ServiceInfo | null;
-    defaultTokenTtl?: number;
-};
-type TokenSelector = {
-    /**
-     * Get or issue an Access Token.
-     * - If valid Access Token exists and is from max issuer, return it
-     * - Otherwise, issue a new one using User JWT or Delegate Token
-     */
-    ensureAccessToken: () => Promise<StoredAccessToken | null>;
-    /**
-     * Get or issue a Delegate Token.
-     * - If valid Delegate Token exists, return it
-     * - If User JWT exists, issue a new one
-     */
-    ensureDelegateToken: () => Promise<StoredDelegateToken | null>;
-};
-/**
- * Create a token selector instance.
- */
-declare const createTokenSelector: (config: TokenSelectorConfig) => TokenSelector;
-
-/**
- * Depot methods for the stateful client.
- */
-
-type DepotMethods = {
-    /** Create a new depot */
-    create: (params: CreateDepot) => Promise<FetchResult<CreateDepotResponse>>;
-    /** List depots */
-    list: (params?: ListDepotsQuery) => Promise<FetchResult<ListDepotsResponse>>;
-    /** Get depot details */
-    get: (depotId: string) => Promise<FetchResult<DepotDetail>>;
-    /** Update depot */
-    update: (depotId: string, params: UpdateDepot) => Promise<FetchResult<DepotDetail>>;
-    /** Delete depot */
-    delete: (depotId: string) => Promise<FetchResult<void>>;
-    /** Commit new root */
-    commit: (depotId: string, params: DepotCommit) => Promise<FetchResult<CommitDepotResponse>>;
-};
-
-/**
- * Node methods for the stateful client.
- */
-
-type NodeMethods = {
-    /** Get node content */
-    get: (nodeKey: string, indexPath: string) => Promise<FetchResult<Uint8Array>>;
-    /** Get node metadata */
-    getMetadata: (nodeKey: string, indexPath: string) => Promise<FetchResult<NodeMetadata>>;
-    /** Prepare nodes for upload */
-    prepare: (params: PrepareNodes) => Promise<FetchResult<PrepareNodesResponse>>;
-    /** Upload a node */
-    put: (nodeKey: string, content: Uint8Array) => Promise<FetchResult<NodeUploadResult>>;
-};
-
-/**
- * JWT refresh management with promise deduplication.
- */
-
-type RefreshManager = {
-    /**
-     * Ensure user token is valid, refreshing if needed.
-     * Returns the valid user token or null if refresh failed.
-     */
-    ensureValidUserToken: () => Promise<StoredUserToken | null>;
-    /**
-     * Schedule proactive refresh before expiration.
-     */
-    scheduleProactiveRefresh: () => void;
-    /**
-     * Cancel any scheduled refresh.
-     */
-    cancelScheduledRefresh: () => void;
-};
-type RefreshManagerConfig = {
-    store: TokenStore;
-    baseUrl: string;
-    onAuthRequired?: OnAuthRequiredCallback;
-};
-/**
- * Create a refresh manager for JWT token refresh.
- */
-declare const createRefreshManager: (config: RefreshManagerConfig) => RefreshManager;
-
-/**
- * OAuth methods for the stateful client.
- */
-
-type OAuthMethods = {
-    /** Get Cognito configuration */
-    getConfig: () => Promise<FetchResult<CognitoConfig>>;
-    /** Login with email and password */
-    login: (email: string, password: string) => Promise<FetchResult<UserInfo>>;
-    /** Exchange authorization code for tokens */
-    exchangeCode: (code: string, redirectUri: string, codeVerifier?: string) => Promise<FetchResult<UserInfo>>;
-    /** Get current user info */
-    getMe: () => Promise<FetchResult<UserInfo>>;
-};
-
-/**
- * Ticket methods for the stateful client.
+ * Root operations use JWT directly via the server's unified auth middleware.
  *
- * Design Principle: All Realm data operations use Access Token.
- * Delegate Token is only for issuing tokens.
- *
- * Two-step Ticket creation flow:
- *   1. Issue Access Token using tokens.delegate() (requires Delegate Token)
- *   2. Create Ticket using tickets.create() (requires Access Token)
- */
-
-type TicketMethods = {
-    /**
-     * Create a new ticket and bind a pre-issued Access Token.
-     * Requires Access Token.
-     *
-     * Note: The Access Token to bind must be issued first using tokens.delegate().
-     *
-     * @param params.accessTokenId - Pre-issued Access Token ID to bind (for Tool use)
-     */
-    create: (params: CreateTicket) => Promise<FetchResult<CreateTicketResponse>>;
-    /** List tickets */
-    list: (params?: ListTicketsQuery) => Promise<FetchResult<ListTicketsResponse>>;
-    /** Get ticket details */
-    get: (ticketId: string) => Promise<FetchResult<TicketDetail>>;
-    /** Submit ticket */
-    submit: (ticketId: string, params: TicketSubmit) => Promise<FetchResult<SubmitTicketResponse>>;
-};
-
-/**
- * Token management methods for the stateful client.
- */
-
-type TokenMethods = {
-    /** Create a new token (User JWT required) */
-    create: (params: CreateToken) => Promise<FetchResult<StoredDelegateToken | StoredAccessToken>>;
-    /** List tokens (User JWT required) */
-    list: (params?: ListTokensParams) => Promise<FetchResult<ListTokensResponse>>;
-    /** Revoke a token (User JWT required) */
-    revoke: (tokenId: string) => Promise<FetchResult<void>>;
-    /** Delegate a token using current Delegate Token */
-    delegate: (params: DelegateTokenParams) => Promise<FetchResult<StoredDelegateToken | StoredAccessToken>>;
-};
-
-/**
- * Stateful CASFA Client
- *
- * A closure-based client that manages three-tier token hierarchy:
- * - User JWT: OAuth login token, highest authority
- * - Delegate Token: Re-delegation token, can issue child tokens
- * - Access Token: Data access token, used for CAS operations
- */
-
-/**
- * The stateful CASFA client.
- */
-type CasfaClient = {
-    /** Get current token state */
-    getState: () => TokenState;
-    /** Get server info */
-    getServerInfo: () => ServiceInfo | null;
-    /** Set delegate token (e.g., from external source) */
-    setDelegateToken: (token: StoredDelegateToken) => void;
-    /** Set access token (e.g., from external source) */
-    setAccessToken: (token: StoredAccessToken) => void;
-    /** Clear all tokens and logout */
-    logout: () => void;
-    /** OAuth methods */
-    oauth: OAuthMethods;
-    /** Token management methods */
-    tokens: TokenMethods;
-    /** Ticket methods */
-    tickets: TicketMethods;
-    /** Depot methods */
-    depots: DepotMethods;
-    /** Node methods */
-    nodes: NodeMethods;
-};
-/**
- * Create a stateful CASFA client.
- */
-declare const createClient: (config: ClientConfig) => Promise<CasfaClient>;
-
-/**
- * Token validity and issuer consistency checks.
- */
-
-/**
- * Default buffer time before expiration (60 seconds).
- */
-declare const DEFAULT_EXPIRY_BUFFER_MS = 60000;
-/**
- * Check if a token is valid (not expired with buffer).
- */
-declare const isTokenValid: (token: {
-    expiresAt: number;
-} | null, bufferMs?: number) => boolean;
-/**
- * Check if token is expiring soon and should be refreshed proactively.
- * Used for JWT refresh scheduling.
- */
-declare const isTokenExpiringSoon: (token: {
-    expiresAt: number;
-} | null, windowMs?: number) => boolean;
-/**
- * Check if user JWT is valid.
- */
-declare const isUserTokenValid: (userToken: StoredUserToken | null, bufferMs?: number) => boolean;
-/**
- * Check if delegate token is valid.
- */
-declare const isDelegateTokenValid: (delegateToken: StoredDelegateToken | null, bufferMs?: number) => boolean;
-/**
- * Check if access token is valid.
- */
-declare const isAccessTokenValid: (accessToken: StoredAccessToken | null, bufferMs?: number) => boolean;
-/**
- * Get the current max issuer ID.
- * Priority: User JWT (userId) > Delegate Token (tokenId)
- */
-declare const getMaxIssuerId: (state: TokenState) => string | null;
-/**
- * Check if access token is issued by the current max issuer.
- * If not, the access token should be re-issued.
- */
-declare const isAccessTokenFromMaxIssuer: (state: TokenState) => boolean;
-/**
- * Check if delegate token is issued by current user.
- * If user JWT exists but delegate token is from a different user,
- * we may want to re-issue the delegate token.
- */
-declare const isDelegateTokenFromCurrentUser: (state: TokenState) => boolean;
-/**
- * Determine if access token needs re-issue.
- * Returns true if:
- * - Access token is invalid/expired
- * - Access token's issuer is not the current max issuer
- */
-declare const shouldReissueAccessToken: (state: TokenState) => boolean;
-/**
- * Determine if delegate token needs re-issue.
- * Returns true if:
- * - Delegate token is invalid/expired
- * - User token exists but delegate token is not from current user
- */
-declare const shouldReissueDelegateToken: (state: TokenState) => boolean;
-
-export { type CasfaClient, ClientConfig, DEFAULT_EXPIRY_BUFFER_MS, type DepotMethods, FetchResult, type NodeMethods, type OAuthMethods, OnAuthRequiredCallback, OnTokenChangeCallback, type RefreshManager, StoredAccessToken, StoredDelegateToken, StoredUserToken, type TicketMethods, type TokenMethods, type TokenSelector, TokenState, TokenStorageProvider, type TokenStore, createClient, createRefreshManager, createTokenSelector, createTokenStore, getMaxIssuerId, isAccessTokenFromMaxIssuer, isAccessTokenValid, isDelegateTokenFromCurrentUser, isDelegateTokenValid, isTokenExpiringSoon, isTokenValid, isUserTokenValid, shouldReissueAccessToken, shouldReissueDelegateToken };
+ * @packageDocumentation
+ */
+export { type CasfaClient, type ClientConfig, createClient, type DelegateMethods, type DepotMethods, type FsMethods, type NodeMethods, type OAuthMethods, type OnAuthRequiredCallback, type OnTokenChangeCallback, type TokenMethods, type TokenStorageProvider, } from "./client/index.ts";
+export { createRefreshManager, createTokenSelector, createTokenStore, DEFAULT_EXPIRY_BUFFER_MS, isStoredAccessTokenValid, isTokenExpiringSoon, isTokenValid, isUserTokenValid, type RefreshManager, type TokenSelector, type TokenStore, } from "./store/index.ts";
+export type { ClientError, FetchResult } from "./types/client.ts";
+export type { StoredAccessToken, StoredRootDelegate, StoredUserToken, TokenState, } from "./types/tokens.ts";
+export { emptyTokenState } from "./types/tokens.ts";
+export * as api from "./api/index.ts";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAMH,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,YAAY,EACZ,KAAK,eAAe,EACpB,KAAK,YAAY,EACjB,KAAK,SAAS,EACd,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,YAAY,EACjB,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAM3B,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,wBAAwB,EACxB,mBAAmB,EACnB,YAAY,EACZ,gBAAgB,EAChB,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,UAAU,GAChB,MAAM,kBAAkB,CAAC;AAM1B,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAElE,YAAY,EACV,iBAAiB,EACjB,kBAAkB,EAClB,eAAe,EACf,UAAU,GACX,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAMpD,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC"}