npm - @choiceform/shared-auth - Versions diffs - 0.1.4 → 0.1.5 - Mend

@choiceform/shared-auth 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +0 -5
package/dist/components/auth-sync.d.ts.map +1 -1
package/dist/components/auth-sync.js +7 -5
package/dist/store/actions.js +1 -1
package/dist/store/state.d.ts.map +1 -1
package/dist/store/state.js +6 -2
package/dist/store/utils.js +1 -1
package/package.json +9 -7
package/LICENSE.md +0 -149

package/README.md CHANGED Viewed

@@ -487,11 +487,6 @@ A: 不配置 `VITE_AUTH_API_URL` 环境变量即可。功能会静默跳过。
 ## 更新日志
-### v0.1.4
-- 🔧 改进：移除所有 token 编码，保持与 URL 传入的 token 格式完全一致
-- 📝 改进：所有 API 请求中的 token 不再进行 `encodeURIComponent` 编码
 ### v0.1.2
 - ✨ 新增：登录时自动获取并设置伴生团队功能

package/dist/components/auth-sync.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth-sync.d.ts","sourceRoot":"","sources":["../../src/components/auth-sync.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;~~AAoS3C~~;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,QAAQ,CAAC,EAAE,IAAI,EAAE,EAAE;IAAE,IAAI,EAAE,YAAY,CAAA;CAAE,QA0FxD"}
1	+ {"version":3,"file":"auth-sync.d.ts","sourceRoot":"","sources":["../../src/components/auth-sync.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAuS3C;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,QAAQ,CAAC,EAAE,IAAI,EAAE,EAAE;IAAE,IAAI,EAAE,YAAY,CAAA;CAAE,QA0FxD"}

package/dist/components/auth-sync.js CHANGED Viewed

@@ -114,14 +114,16 @@ async function setupCompanionTeam(auth, token, refetchSession) {
             }
             return;
         }
-        // 4. 获取组织信息
+        // 4. Token 编码（与 fetchSessionWithToken 保持一致）
+        const encodedToken = encodeURIComponent(oneAuthToken);
+        // 5. 获取组织信息
         const myOrganizationUrl = `${oneAuthBaseUrl}/v1/organizations/me`;
         if (isDev) {
             console.log("[AuthSync] Fetching organization from:", myOrganizationUrl);
         }
         const orgResponse = await fetch(myOrganizationUrl, {
             headers: {
-                Authorization: `Bearer ${oneAuthToken}`,
+                Authorization: `Bearer ${encodedToken}`,
                 "Content-Type": "application/json",
             },
         });
@@ -156,7 +158,7 @@ async function setupCompanionTeam(auth, token, refetchSession) {
         const setActiveOrgResponse = await fetch(setActiveOrgUrl, {
             method: "POST",
             headers: {
-                Authorization: `Bearer ${oneAuthToken}`,
+                Authorization: `Bearer ${encodedToken}`,
                 "Content-Type": "application/json",
             },
             body: JSON.stringify({ organizationId: organization.id }),
@@ -176,7 +178,7 @@ async function setupCompanionTeam(auth, token, refetchSession) {
                 const setActiveTeamResponse = await fetch(setActiveTeamUrl, {
                     method: "POST",
                     headers: {
-                        Authorization: `Bearer ${oneAuthToken}`,
+                        Authorization: `Bearer ${encodedToken}`,
                         "Content-Type": "application/json",
                     },
                     body: JSON.stringify({ teamId: firstTeam.id }),
@@ -197,7 +199,7 @@ async function setupCompanionTeam(auth, token, refetchSession) {
                     const getSessionUrl = `${authBaseURL}/v1/auth/get-session`;
                     const sessionResponse = await fetch(getSessionUrl, {
                         headers: {
-                            Authorization: `Bearer ${oneAuthToken}`,
+                            Authorization: `Bearer ${encodedToken}`,
                             "Content-Type": "application/json",
                         },
                     });

package/dist/store/actions.js CHANGED Viewed

@@ -104,7 +104,7 @@ export function createAuthActions(authStore, tokenStorage, config, authClient) {
                 const response = await fetch(endpoint, {
                     method: "GET",
                     headers: {
-                        Authorization: `Bearer ${token}`,
+                        Authorization: `Bearer ${encodeURIComponent(token)}`,
                         "Content-Type": "application/json",
                     },
                 });

package/dist/store/state.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../src/store/state.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAEzC;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE;IAAE,eAAe,EAAE,MAAM,CAAA;CAAE;;;~~oBAuBnD~~,MAAM,GAAG,IAAI;~~eAclB~~,MAAM,GAAG,IAAI;;;EAavB;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC,cAAc,CAAC,CAAA"}
1	+ {"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../src/store/state.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAEzC;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE;IAAE,eAAe,EAAE,MAAM,CAAA;CAAE;;;oBAyBnD,MAAM,GAAG,IAAI;eAelB,MAAM,GAAG,IAAI;;;EAavB;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC,cAAc,CAAC,CAAA"}

package/dist/store/state.js CHANGED Viewed

@@ -7,7 +7,10 @@ export function createAuthStore(config) {
     // 从 localStorage 读取初始 token
     const getStoredToken = () => {
         try {
-            return localStorage.getItem(tokenStorageKey);
+            const stored = localStorage.getItem(tokenStorageKey);
+            if (!stored)
+                return null;
+            return decodeURIComponent(stored);
         }
         catch {
             return null;
@@ -26,7 +29,8 @@ export function createAuthStore(config) {
         save(token) {
             try {
                 if (token) {
-                    localStorage.setItem(tokenStorageKey, token);
+                    const encodedToken = encodeURIComponent(token);
+                    localStorage.setItem(tokenStorageKey, encodedToken);
                     authStore.token.set(token);
                 }
                 else {

package/dist/store/utils.js CHANGED Viewed

@@ -89,7 +89,7 @@ export async function getAuthHeaders(authStore, tokenStorage, authActions, authC
         return {};
     }
     return {
-        Authorization: `Bearer ${token}`,
+        Authorization: `Bearer ${encodeURIComponent(token)}`,
     };
 }
 /**

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@choiceform/shared-auth",
-  "version": "0.1.4",
+  "version": "0.1.5",
   "description": "Shared authentication package for Choiceform projects",
   "type": "module",
   "main": "./dist/index.js",
@@ -16,6 +16,12 @@
     "dist",
     "README.md"
   ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "clean": "rimraf dist",
+    "prepublishOnly": "pnpm run build"
+  },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/choiceform/automation.git",
@@ -51,10 +57,6 @@
     "@types/react-dom": "18.2.22",
     "typescript": "^5.5.3",
     "rimraf": "^6.0.1"
-  },
-  "scripts": {
-    "build": "tsc",
-    "dev": "tsc --watch",
-    "clean": "rimraf dist"
   }
-}
+}

package/LICENSE.md DELETED Viewed

@@ -1,149 +0,0 @@
-# License
-Portions of this software are licensed as follows:
-- Content of branches other than the main branch are not licensed.
-- Source code files that contain `.ee.` in their filename or `.ee` in their directory name are NOT licensed under the Sustainable Use License. To use source code files that contain `.ee.` in their filename or `.ee` in their directory name you must hold a valid Rungraf Enterprise License specifically allowing you access to such source code files and as defined in "LICENSE_EE.md".
-- All third party components incorporated into the Rungraf software are licensed under the original license provided by the owner of the applicable component.
-- Content outside of the above mentioned files or restrictions is available under the "Sustainable Use License" as defined below.
----
-## Sustainable Use License
-**Version 1.0**
-### Acceptance
-By using the software, you agree to all of the terms and conditions below.
-### Copyright License
-The licensor grants you a non-exclusive, royalty-free, worldwide, non-sublicensable, non-transferable license to use, copy, distribute, make available, and prepare derivative works of the software, in each case subject to the limitations below.
-### Limitations
-You may use or modify the software only for your own internal business purposes or for non-commercial or personal use. You may distribute the software or provide it to others only if you do so free of charge for non-commercial purposes. You may not alter, remove, or obscure any licensing, copyright, or other notices of the licensor in the software. Any use of the licensor's trademarks is subject to applicable law.
-### Patents
-The licensor grants you a license, under any patent claims the licensor can license, or becomes able to license, to make, have made, use, sell, offer for sale, import and have imported the software, in each case subject to the limitations and conditions in this license. This license does not cover any patent claims that you cause to be infringed by modifications or additions to the software. If you or your company make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
-### Notices
-You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms. If you modify the software, you must include in any modified copies of the software a prominent notice stating that you have modified the software.
-### No Other Rights
-These terms do not imply any licenses other than those expressly granted in these terms.
-### Termination
-If you use the software in violation of these terms, such use is not licensed, and your license will automatically terminate. If the licensor provides you with a notice of your violation, and you cease all violation of this license no later than 30 days after you receive that notice, your license will be reinstated retroactively. However, if you violate these terms after such reinstatement, any additional violation of these terms will cause your license to terminate automatically and permanently.
-### No Liability
-As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
-### Definitions
-- The **"licensor"** is the entity offering these terms, which is the Rungraf project and its contributors.
-- The **"software"** is the software the licensor makes available under these terms, including any portion of it.
-- **"You"** refers to the individual or entity agreeing to these terms.
-- **"Your company"** is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. Control means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.
-- **"Your license"** is the license granted to you for the software under these terms.
-- **"Use"** means anything you do with the software requiring your license.
-- **"Trademark"** means trademarks, service marks, and similar rights.
----
-## Additional Terms for Rungraf
-In addition to the Sustainable Use License terms above, the following specific limitations apply to Rungraf:
-### Multi-Tenant SaaS Restriction
-You may NOT use Rungraf to operate a multi-tenant Software-as-a-Service (SaaS) offering where you provide Rungraf as a hosted service to multiple external customers or organizations, unless you obtain a separate commercial license from the Rungraf project.
-**Examples of PROHIBITED use without commercial license:**
-- Operating "AI Agent Platform as a Service" for multiple paying customers
-- Providing Rungraf as a white-labeled workflow automation service
-- Running a marketplace where multiple organizations build AI Agents on your hosted Rungraf instance
-**Examples of PERMITTED use:**
-- Deploying Rungraf within your organization for your employees and internal use
-- Embedding Rungraf in your product where each customer gets their own dedicated Rungraf instance
-- Using Rungraf as a backend service for your own application (single-tenant)
-**Workspace Definition:** Within Rungraf, one workspace represents one tenant. A workspace provides an isolated environment for each tenant's AI Agents, workflows, data, and configurations.
-### Branding and Attribution
-When using Rungraf's frontend interface, you may not remove, alter, or obscure the Rungraf logo, branding, or copyright notices displayed in the user interface. This restriction applies only to the visual frontend components.
-**Frontend Definition:** The "frontend" of Rungraf includes all components located in the `packages/client/` directory when running from source code, or the "client" Docker image when running via containers.
-**Examples of PERMITTED use:**
-- Using only Rungraf's backend APIs with your own custom frontend (no branding requirement)
-- Forking and customizing the codebase while maintaining attribution
-- White-labeling with a separate commercial license
-**Examples of PROHIBITED use:**
-- Using the Rungraf frontend with logos and branding removed
-- Distributing modified versions without proper attribution
-### Core Engine Protection
-The Rungraf AI Agent Runtime (located in `packages/runner/`) and Expression Engine may be used and modified for your own purposes, but you may NOT:
-- Extract the Agent Runtime as a standalone product and sell it separately
-- Use Rungraf's core orchestration engine to build a competing workflow automation platform for sale
-- Offer the Expression Engine as a standalone commercial service
-**Examples of PERMITTED use:**
-- Integrating Rungraf into your product's backend
-- Modifying the runtime for your specific use case
-- Contributing improvements back to the open source project
-**Examples of PROHIBITED use:**
-- Packaging the Elixir Agent Runtime as "SuperAgent Engine" and selling it
-- Building a competitor workflow platform using Rungraf's core code
----
-## Fair Code Principles
-Rungraf follows the [Fair Code](https://faircode.io) principles. We believe in:
-1. **Transparency**: Source code is publicly available for review and contribution
-2. **Sustainability**: Protecting the project's ability to fund ongoing development
-3. **Community**: Encouraging contributions while preventing exploitation
-4. **Freedom**: Allowing use for internal business purposes and non-commercial projects
----
-## Getting a Commercial License
-If your use case falls under the restrictions above, you can obtain a commercial Rungraf Enterprise License. Enterprise licenses include:
-- Multi-tenant SaaS deployment rights
-- White-labeling permissions
-- Priority support and SLA guarantees
-- Enterprise features (SSO, advanced RBAC, audit logs)
-- Custom development support
-Contact us for enterprise licensing:
-- **Email**: [enterprise@rungraf.io](mailto:enterprise@rungraf.io)
-- **Website**: [https://rungraf.io/enterprise](https://rungraf.io/enterprise)
----
-**© 2024-2025 Rungraf Project**
-This software is provided "as is", without warranty of any kind, express or implied.