@corti/sdk 0.4.0 → 0.5.0-rc

package/README.md

@@ -38,29 +38,23 @@ const client = new CortiClient({
 
 // Or using a bearer token
 const client = new CortiClient({
-    environment: CortiEnvironment.Eu,
-    tenantName: "YOUR_TENANT_NAME",
     auth: {
-        accessToken: "YOUR_ACCESS_TOKEN",
-        // Optional: refresh token for automatic token refresh
-        refreshToken: "YOUR_REFRESH_TOKEN",
-        expiresIn: 3600,
-        refreshExpiresIn: 86400,
+        accessToken: "YOUR_ACCESS_TOKEN"
     },
 });
 
 // Or using just a refresh function (no initial access token needed)
 const client = new CortiClient({
-    environment: CortiEnvironment.Eu,
-    tenantName: "YOUR_TENANT_NAME",
     auth: {
+        // refreshToken will be undefined for the first call, then it will be the refreshToken returned from the previous token request
         refreshAccessToken: async (refreshToken?: string) => {
             // Your custom logic to get a new access token
-            const response = await fetch("https://your-auth-server/refresh", {
+            const response = await fetch("https://your-auth-server/token", {
                 method: "POST", 
                 headers: { "Content-Type": "application/json" },
-                body: JSON.stringify({ refreshToken: refreshToken }),
+                body: JSON.stringify({ refreshToken }),
             });
+
             return response.json();
         },
     },

package/dist/cjs/Client.js

@@ -64,8 +64,8 @@ class CortiClient {
                 "Tenant-Name": _options === null || _options === void 0 ? void 0 : _options.tenantName,
                 "X-Fern-Language": "JavaScript",
                 "X-Fern-SDK-Name": "@corti/sdk",
-                "X-Fern-SDK-Version": "0.4.0",
-                "User-Agent": "@corti/sdk/0.4.0",
+                "X-Fern-SDK-Version": "0.5.0-rc",
+                "User-Agent": "@corti/sdk/0.5.0-rc",
                 "X-Fern-Runtime": core.RUNTIME.type,
                 "X-Fern-Runtime-Version": core.RUNTIME.version,
             }, _options === null || _options === void 0 ? void 0 : _options.headers) });

package/dist/cjs/custom/CortiClient.d.ts

@@ -14,7 +14,6 @@
  *
  * All the patches marked with `// Patch: ...` comments.
  */
-import * as environments from "../environments.js";
 import * as core from "../core/index.js";
 import { Interactions } from "../api/resources/interactions/client/Client.js";
 import { Recordings } from "../api/resources/recordings/client/Client.js";
@@ -28,37 +27,48 @@ import { Agents } from "../api/resources/agents/client/Client.js";
  */
 import { Stream } from "./CustomStream.js";
 import { Transcribe } from "./CustomTranscribe.js";
-/**
- * Patch: added custom RefreshBearerProvider
- */
+import { Environment, CortiInternalEnvironment } from "./utils/getEnvironmentFromString.js";
 import { BearerOptions } from "./RefreshBearerProvider.js";
 export declare namespace CortiClient {
     /**
-     * Patch: added new public interface for `Options` (+ `ClientCredentials` interface)
+     * Patch: added new public type for `Options` + internal interfaces to create it
      */
     interface ClientCredentials {
         clientId: core.Supplier<string>;
         clientSecret: core.Supplier<string>;
     }
-    interface Options {
+    interface BaseOptions {
+        /** Additional headers to include in requests. */
+        headers?: Record<string, string | core.Supplier<string | undefined> | undefined>;
+    }
+    interface OptionsWithClientCredentials extends BaseOptions {
         /**
          * Patch: allow to pass a custom string-based environment
          * */
-        environment: core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls> | string;
+        environment: Environment;
         /** Override the Tenant-Name header */
         tenantName: core.Supplier<string>;
-        /** Additional headers to include in requests. */
-        headers?: Record<string, string | core.Supplier<string | undefined> | undefined>;
-        auth: ClientCredentials | BearerOptions;
+        auth: ClientCredentials;
+    }
+    interface OptionsWithBearerToken extends BaseOptions {
+        /**
+         * Patch: allow to pass a custom string-based environment
+         * */
+        environment?: Environment;
+        /** Override the Tenant-Name header */
+        tenantName?: core.Supplier<string>;
+        auth: BearerOptions;
     }
+    type Options = OptionsWithClientCredentials | OptionsWithBearerToken;
     /**
      * Patch:
      *  - renamed `Options` to `InternalOptions`
      *  - added `token` field to support BearerProvider
      *  - made clientId and clientSecret optional
+     *  - updated environment type to CortiInternalEnvironment
      */
     interface InternalOptions {
-        environment: core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls>;
+        environment: CortiInternalEnvironment;
         /** Specify a custom URL to connect the client to. */
         baseUrl?: core.Supplier<string>;
         clientId?: core.Supplier<string>;

package/dist/cjs/custom/CortiClient.js

@@ -78,18 +78,23 @@ const Client_js_7 = require("../api/resources/agents/client/Client.js");
 const CustomStream_js_1 = require("./CustomStream.js");
 const CustomTranscribe_js_1 = require("./CustomTranscribe.js");
 /**
- * Patch: added custom RefreshBearerProvider
- */
-const RefreshBearerProvider_js_1 = require("./RefreshBearerProvider.js");
-/**
- * Patch: added SDK_VERSION import
+ * Patch: added SDK_VERSION import and custom code imports
  */
 const version_js_1 = require("../version.js");
 const getEnvironmentFromString_js_1 = require("./utils/getEnvironmentFromString.js");
+const resolveClientOptions_js_1 = require("./utils/resolveClientOptions.js");
+const RefreshBearerProvider_js_1 = require("./RefreshBearerProvider.js");
 class CortiClient {
     constructor(_options) {
+        /**
+         * Patch: resolve tenantName and environment from options or token
+         */
+        const { tenantName, environment, initialTokenResponse } = (0, resolveClientOptions_js_1.resolveClientOptions)(_options);
+        /**
+         * Patch: redefining options based on new schema
+         */
         this._options = Object.assign(Object.assign({}, _options), { headers: (0, headers_js_1.mergeHeaders)({
-                "Tenant-Name": _options === null || _options === void 0 ? void 0 : _options.tenantName,
+                "Tenant-Name": tenantName,
                 "X-Fern-Language": "JavaScript",
                 "X-Fern-SDK-Name": "@corti/sdk",
                 /**
@@ -99,7 +104,7 @@ class CortiClient {
                 "User-Agent": `@corti/sdk/${version_js_1.SDK_VERSION}`,
                 "X-Fern-Runtime": core.RUNTIME.type,
                 "X-Fern-Runtime-Version": core.RUNTIME.version,
-            }, _options === null || _options === void 0 ? void 0 : _options.headers), clientId: "clientId" in _options.auth ? _options.auth.clientId : undefined, clientSecret: "clientSecret" in _options.auth ? _options.auth.clientSecret : undefined, token: "accessToken" in _options.auth ? _options.auth.accessToken : undefined, environment: (0, getEnvironmentFromString_js_1.getEnvironment)(_options.environment) });
+            }, _options === null || _options === void 0 ? void 0 : _options.headers), clientId: "clientId" in _options.auth ? _options.auth.clientId : undefined, clientSecret: "clientSecret" in _options.auth ? _options.auth.clientSecret : undefined, token: "accessToken" in _options.auth ? _options.auth.accessToken : undefined, tenantName, environment: (0, getEnvironmentFromString_js_1.getEnvironment)(environment) });
         /**
          * Patch: if `clientId` is provided, use OAuthTokenProvider, otherwise use BearerProvider
          */
@@ -112,7 +117,7 @@ class CortiClient {
                  */
                 authClient: new CortiAuth_js_1.Auth(this._options),
             }) :
-            new RefreshBearerProvider_js_1.RefreshBearerProvider(_options.auth);
+            new RefreshBearerProvider_js_1.RefreshBearerProvider(Object.assign(Object.assign({}, _options.auth), { initialTokenResponse }));
     }
     get interactions() {
         var _a;

package/dist/cjs/custom/RefreshBearerProvider.d.ts

@@ -2,8 +2,9 @@
  * RefreshBearerProvider used as a replacement of OAuthTokenProvider, in case when accessToken from outside of library was used instead of Client credentials.
  */
 import * as api from "../api/index.js";
-type ExpectedTokenResponse = Omit<api.GetTokenResponse, 'tokenType'> & {
+export type ExpectedTokenResponse = Omit<api.GetTokenResponse, "tokenType" | "expiresIn"> & {
     tokenType?: string;
+    expiresIn?: number;
 };
 type RefreshAccessTokenFunction = (refreshToken?: string) => Promise<ExpectedTokenResponse> | ExpectedTokenResponse;
 export type BearerOptions = Partial<Omit<api.GetTokenResponse, 'accessToken'>> & ({
@@ -20,9 +21,13 @@ export declare class RefreshBearerProvider {
     private _refreshAccessToken;
     private _expiresAt;
     private _refreshExpiresAt;
-    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, }: BearerOptions);
+    private _initialTokenResponse;
+    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, initialTokenResponse, }: BearerOptions & {
+        initialTokenResponse?: Promise<ExpectedTokenResponse>;
+    });
     getToken(): Promise<string>;
     private refresh;
     private getExpiresAt;
+    private parseTokenExpiry;
 }
 export {};

package/dist/cjs/custom/RefreshBearerProvider.js

@@ -47,39 +47,66 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.RefreshBearerProvider = void 0;
 const core = __importStar(require("../core/index.js"));
+const decodeToken_js_1 = require("./utils/decodeToken.js");
 class RefreshBearerProvider {
-    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, }) {
+    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, initialTokenResponse, }) {
         this.BUFFER_IN_MINUTES = 2;
-        this._expiresAt = this.getExpiresAt(expiresIn, this.BUFFER_IN_MINUTES);
-        this._refreshExpiresAt = this.getExpiresAt(refreshExpiresIn, 0);
-        this._accessToken = accessToken || 'no_token';
+        this._accessToken = accessToken || "no_token";
         this._refreshToken = refreshToken;
+        this._initialTokenResponse = initialTokenResponse;
+        this._expiresAt = this.getExpiresAt(expiresIn, this._accessToken, this.BUFFER_IN_MINUTES);
+        this._refreshExpiresAt = this.getExpiresAt(refreshExpiresIn, this._refreshToken, 0);
         this._refreshAccessToken = refreshAccessToken;
     }
     getToken() {
         return __awaiter(this, void 0, void 0, function* () {
-            if (this._accessToken && this._expiresAt > new Date()) {
+            if (this._accessToken && this._accessToken !== "no_token" && this._expiresAt > new Date()) {
                 return core.Supplier.get(this._accessToken);
             }
+            if (this._initialTokenResponse) {
+                const tokenResponse = yield this._initialTokenResponse;
+                this._initialTokenResponse = undefined;
+                this._accessToken = tokenResponse.accessToken;
+                this._expiresAt = this.getExpiresAt(tokenResponse.expiresIn, tokenResponse.accessToken, this.BUFFER_IN_MINUTES);
+                this._refreshToken = tokenResponse.refreshToken;
+                this._refreshExpiresAt = this.getExpiresAt(tokenResponse.refreshExpiresIn, this._refreshToken, 0);
+                return this.getToken();
+            }
             return this.refresh();
         });
     }
     refresh() {
         return __awaiter(this, void 0, void 0, function* () {
-            if (!this._refreshAccessToken || this._refreshToken && this._refreshExpiresAt < new Date()) {
+            if (!this._refreshAccessToken || (this._refreshToken && this._refreshExpiresAt < new Date())) {
                 return core.Supplier.get(this._accessToken);
             }
             const tokenResponse = yield this._refreshAccessToken(this._refreshToken);
             this._accessToken = tokenResponse.accessToken;
-            this._expiresAt = this.getExpiresAt(tokenResponse.expiresIn, this.BUFFER_IN_MINUTES);
+            this._expiresAt = this.getExpiresAt(tokenResponse.expiresIn, tokenResponse.accessToken, this.BUFFER_IN_MINUTES);
             this._refreshToken = tokenResponse.refreshToken;
-            this._refreshExpiresAt = this.getExpiresAt(tokenResponse.refreshExpiresIn, 0);
+            this._refreshExpiresAt = this.getExpiresAt(tokenResponse.refreshExpiresIn, this._refreshToken, 0);
             return this._accessToken;
         });
     }
-    getExpiresAt(expiresInSeconds = 0, bufferInMinutes = this.BUFFER_IN_MINUTES) {
-        const now = new Date();
-        return new Date(now.getTime() + expiresInSeconds * 1000 - bufferInMinutes * 60 * 1000);
+    getExpiresAt(expiresIn, token, bufferInMinutes = this.BUFFER_IN_MINUTES) {
+        if (typeof expiresIn === "number") {
+            const now = new Date();
+            return new Date(now.getTime() + expiresIn * 1000 - bufferInMinutes * 60 * 1000);
+        }
+        return this.parseTokenExpiry(token, bufferInMinutes) || this.getExpiresAt(0, token, bufferInMinutes);
+    }
+    parseTokenExpiry(token, bufferInMinutes) {
+        if (!token || token === "no_token") {
+            return;
+        }
+        try {
+            const decoded = (0, decodeToken_js_1.decodeToken)(token);
+            if (decoded && typeof decoded.expiresAt === "number") {
+                const ms = decoded.expiresAt * 1000 - bufferInMinutes * 60 * 1000;
+                return new Date(ms);
+            }
+        }
+        catch (_a) { }
     }
 }
 exports.RefreshBearerProvider = RefreshBearerProvider;

package/dist/cjs/custom/utils/decodeToken.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Decodes a JWT token and extracts environment and tenant details from its issuer URL.
+ *
+ * This function assumes the JWT token follows the standard header.payload.signature format.
+ * It decodes the payload from base64 URL format, parses it as JSON, and then uses a regex
+ * to extract the `environment` and `tenant` from the issuer URL (iss field) if it matches the pattern:
+ * https://keycloak.{environment}.corti.app/realms/{tenant}.
+ *
+ * @param token - A JSON Web Token (JWT) string.
+ * @returns An object containing:
+ *  - `environment`: The extracted environment from the issuer URL.
+ *  - `tenant`: The extracted tenant from the issuer URL.
+ *  - `accessToken`: The original token string.
+ * If the issuer URL doesn't match the expected format, the function returns the full decoded token details.
+ *
+ * @throws Will throw an error if:
+ *  - The token format is invalid.
+ *  - The base64 decoding or URI decoding fails.
+ *  - The JSON payload is invalid.
+ *  - The token payload does not contain an issuer (iss) field.
+ */
+export declare function decodeToken(token: string): {
+    environment: string;
+    tenantName: string;
+    accessToken: string;
+    expiresAt: number | undefined;
+} | null;

package/dist/cjs/custom/utils/decodeToken.js

@@ -0,0 +1,77 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeToken = decodeToken;
+/**
+ * Decodes a JWT token and extracts environment and tenant details from its issuer URL.
+ *
+ * This function assumes the JWT token follows the standard header.payload.signature format.
+ * It decodes the payload from base64 URL format, parses it as JSON, and then uses a regex
+ * to extract the `environment` and `tenant` from the issuer URL (iss field) if it matches the pattern:
+ * https://keycloak.{environment}.corti.app/realms/{tenant}.
+ *
+ * @param token - A JSON Web Token (JWT) string.
+ * @returns An object containing:
+ *  - `environment`: The extracted environment from the issuer URL.
+ *  - `tenant`: The extracted tenant from the issuer URL.
+ *  - `accessToken`: The original token string.
+ * If the issuer URL doesn't match the expected format, the function returns the full decoded token details.
+ *
+ * @throws Will throw an error if:
+ *  - The token format is invalid.
+ *  - The base64 decoding or URI decoding fails.
+ *  - The JSON payload is invalid.
+ *  - The token payload does not contain an issuer (iss) field.
+ */
+function decodeToken(token) {
+    // Validate the token structure (should contain at least header and payload parts)
+    const parts = token ? token.split('.') : '';
+    if (parts.length < 2) {
+        return null;
+    }
+    // Retrieve the payload (second part) of the JWT token
+    const base64Url = parts[1];
+    // Replace URL-safe characters to match standard base64 encoding
+    const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+    // Decode the base64 string into a JSON string
+    let jsonPayload;
+    try {
+        jsonPayload = decodeURIComponent(atob(base64)
+            .split('')
+            .map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))
+            .join(''));
+    }
+    catch (error) {
+        return null;
+    }
+    // Parse the JSON string to obtain token details
+    let tokenDetails;
+    try {
+        tokenDetails = JSON.parse(jsonPayload);
+    }
+    catch (error) {
+        return null;
+    }
+    // Extract the issuer URL from the token details
+    const issuerUrl = tokenDetails.iss;
+    if (!issuerUrl) {
+        return null;
+    }
+    // Regex to extract environment and tenant from issuer URL:
+    // Expected format: https://keycloak.{environment}.corti.app/realms/{tenant}
+    // Note: Unnecessary escapes in character classes have been removed.
+    const regex = /^https:\/\/(keycloak|auth)\.([^.]+)\.corti\.app\/realms\/([^/]+)/;
+    const match = issuerUrl.match(regex);
+    // If the issuer URL matches the expected pattern, return the extracted values along with the token
+    if (match) {
+        const expiresAt = tokenDetails.exp && typeof tokenDetails.exp === 'number'
+            ? tokenDetails.exp
+            : undefined;
+        return {
+            environment: match[2],
+            tenantName: match[3],
+            accessToken: token,
+            expiresAt,
+        };
+    }
+    return null;
+}

package/dist/cjs/custom/utils/getEnvironmentFromString.d.ts

@@ -1,6 +1,5 @@
 import * as core from "../../core/index.js";
 import * as environments from "../../environments.js";
-type Environment = core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls> | string;
-type CortiEnvironment = core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls>;
-export declare function getEnvironment(environment: Environment): CortiEnvironment;
-export {};
+export type Environment = CortiInternalEnvironment | string;
+export type CortiInternalEnvironment = core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls>;
+export declare function getEnvironment(environment: Environment): CortiInternalEnvironment;

package/dist/cjs/custom/utils/resolveClientOptions.d.ts

@@ -0,0 +1,11 @@
+import * as core from "../../core/index.js";
+import { CortiClient } from "../CortiClient.js";
+import { Environment } from "./getEnvironmentFromString.js";
+import { ExpectedTokenResponse } from "../RefreshBearerProvider.js";
+type ResolvedClientOptions = {
+    environment: Environment;
+    tenantName: core.Supplier<string>;
+    initialTokenResponse?: Promise<ExpectedTokenResponse>;
+};
+export declare function resolveClientOptions(options: CortiClient.Options): ResolvedClientOptions;
+export {};

package/dist/cjs/custom/utils/resolveClientOptions.js

@@ -0,0 +1,109 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveClientOptions = resolveClientOptions;
+const core = __importStar(require("../../core/index.js"));
+const decodeToken_js_1 = require("./decodeToken.js");
+const index_js_1 = require("../../core/schemas/index.js");
+const getEnvironmentFromString_js_1 = require("./getEnvironmentFromString.js");
+function isClientCredentialsOptions(options) {
+    return "clientId" in options.auth;
+}
+function resolveClientOptions(options) {
+    if (isClientCredentialsOptions(options)) {
+        return {
+            tenantName: options.tenantName,
+            environment: options.environment,
+        };
+    }
+    if ("accessToken" in options.auth && options.auth.accessToken) {
+        const decoded = (0, decodeToken_js_1.decodeToken)(options.auth.accessToken);
+        if (!decoded) {
+            throw new index_js_1.ParseError([
+                {
+                    path: ["auth", "accessToken"],
+                    message: "Invalid access token format",
+                },
+            ]);
+        }
+        return {
+            tenantName: options.tenantName || decoded.tenantName,
+            environment: options.environment || decoded.environment,
+        };
+    }
+    /**
+     * This branch -- is when we have "refreshAccessToken" defined but no accessToken.
+     * Trying to avoid initial request at all cost
+     */
+    if (options.tenantName && options.environment) {
+        return {
+            tenantName: options.tenantName,
+            environment: options.environment,
+        };
+    }
+    const tokenResponsePromise = (() => __awaiter(this, void 0, void 0, function* () {
+        const tokenResponse = yield core.Supplier.get(options.auth.refreshAccessToken);
+        const decoded = (0, decodeToken_js_1.decodeToken)(tokenResponse.accessToken);
+        if (!decoded) {
+            throw new index_js_1.ParseError([
+                {
+                    path: ["auth", "refreshAccessToken"],
+                    message: "Returned invalid access token format",
+                },
+            ]);
+        }
+        return {
+            tokenResponse,
+            tenantName: decoded.tenantName,
+            environment: decoded.environment,
+        };
+    }))();
+    return {
+        tenantName: options.tenantName ||
+            tokenResponsePromise.then(({ tenantName }) => tenantName),
+        environment: options.environment ||
+            tokenResponsePromise.then(({ environment }) => core.Supplier.get((0, getEnvironmentFromString_js_1.getEnvironment)(environment))),
+        initialTokenResponse: tokenResponsePromise.then((result) => result.tokenResponse),
+    };
+}

package/dist/cjs/version.d.ts

@@ -1 +1 @@
-export declare const SDK_VERSION = "0.4.0";
+export declare const SDK_VERSION = "0.5.0-rc";

package/dist/cjs/version.js

@@ -1,4 +1,4 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SDK_VERSION = void 0;
-exports.SDK_VERSION = "0.4.0";
+exports.SDK_VERSION = "0.5.0-rc";

package/dist/esm/Client.mjs

@@ -28,8 +28,8 @@ export class CortiClient {
                 "Tenant-Name": _options === null || _options === void 0 ? void 0 : _options.tenantName,
                 "X-Fern-Language": "JavaScript",
                 "X-Fern-SDK-Name": "@corti/sdk",
-                "X-Fern-SDK-Version": "0.4.0",
-                "User-Agent": "@corti/sdk/0.4.0",
+                "X-Fern-SDK-Version": "0.5.0-rc",
+                "User-Agent": "@corti/sdk/0.5.0-rc",
                 "X-Fern-Runtime": core.RUNTIME.type,
                 "X-Fern-Runtime-Version": core.RUNTIME.version,
             }, _options === null || _options === void 0 ? void 0 : _options.headers) });

package/dist/esm/custom/CortiClient.d.mts

@@ -14,7 +14,6 @@
  *
  * All the patches marked with `// Patch: ...` comments.
  */
-import * as environments from "../environments.mjs";
 import * as core from "../core/index.mjs";
 import { Interactions } from "../api/resources/interactions/client/Client.mjs";
 import { Recordings } from "../api/resources/recordings/client/Client.mjs";
@@ -28,37 +27,48 @@ import { Agents } from "../api/resources/agents/client/Client.mjs";
  */
 import { Stream } from "./CustomStream.mjs";
 import { Transcribe } from "./CustomTranscribe.mjs";
-/**
- * Patch: added custom RefreshBearerProvider
- */
+import { Environment, CortiInternalEnvironment } from "./utils/getEnvironmentFromString.mjs";
 import { BearerOptions } from "./RefreshBearerProvider.mjs";
 export declare namespace CortiClient {
     /**
-     * Patch: added new public interface for `Options` (+ `ClientCredentials` interface)
+     * Patch: added new public type for `Options` + internal interfaces to create it
      */
     interface ClientCredentials {
         clientId: core.Supplier<string>;
         clientSecret: core.Supplier<string>;
     }
-    interface Options {
+    interface BaseOptions {
+        /** Additional headers to include in requests. */
+        headers?: Record<string, string | core.Supplier<string | undefined> | undefined>;
+    }
+    interface OptionsWithClientCredentials extends BaseOptions {
         /**
          * Patch: allow to pass a custom string-based environment
          * */
-        environment: core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls> | string;
+        environment: Environment;
         /** Override the Tenant-Name header */
         tenantName: core.Supplier<string>;
-        /** Additional headers to include in requests. */
-        headers?: Record<string, string | core.Supplier<string | undefined> | undefined>;
-        auth: ClientCredentials | BearerOptions;
+        auth: ClientCredentials;
+    }
+    interface OptionsWithBearerToken extends BaseOptions {
+        /**
+         * Patch: allow to pass a custom string-based environment
+         * */
+        environment?: Environment;
+        /** Override the Tenant-Name header */
+        tenantName?: core.Supplier<string>;
+        auth: BearerOptions;
     }
+    type Options = OptionsWithClientCredentials | OptionsWithBearerToken;
     /**
      * Patch:
      *  - renamed `Options` to `InternalOptions`
      *  - added `token` field to support BearerProvider
      *  - made clientId and clientSecret optional
+     *  - updated environment type to CortiInternalEnvironment
      */
     interface InternalOptions {
-        environment: core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls>;
+        environment: CortiInternalEnvironment;
         /** Specify a custom URL to connect the client to. */
         baseUrl?: core.Supplier<string>;
         clientId?: core.Supplier<string>;

package/dist/esm/custom/CortiClient.mjs

@@ -42,18 +42,23 @@ import { Agents } from "../api/resources/agents/client/Client.mjs";
 import { Stream } from "./CustomStream.mjs";
 import { Transcribe } from "./CustomTranscribe.mjs";
 /**
- * Patch: added custom RefreshBearerProvider
+ * Patch: added SDK_VERSION import and custom code imports
  */
-import { RefreshBearerProvider } from "./RefreshBearerProvider.mjs";
-/**
- * Patch: added SDK_VERSION import
- */
-import { SDK_VERSION } from '../version.mjs';
+import { SDK_VERSION } from "../version.mjs";
 import { getEnvironment } from "./utils/getEnvironmentFromString.mjs";
+import { resolveClientOptions } from "./utils/resolveClientOptions.mjs";
+import { RefreshBearerProvider } from "./RefreshBearerProvider.mjs";
 export class CortiClient {
     constructor(_options) {
+        /**
+         * Patch: resolve tenantName and environment from options or token
+         */
+        const { tenantName, environment, initialTokenResponse } = resolveClientOptions(_options);
+        /**
+         * Patch: redefining options based on new schema
+         */
         this._options = Object.assign(Object.assign({}, _options), { headers: mergeHeaders({
-                "Tenant-Name": _options === null || _options === void 0 ? void 0 : _options.tenantName,
+                "Tenant-Name": tenantName,
                 "X-Fern-Language": "JavaScript",
                 "X-Fern-SDK-Name": "@corti/sdk",
                 /**
@@ -63,7 +68,7 @@ export class CortiClient {
                 "User-Agent": `@corti/sdk/${SDK_VERSION}`,
                 "X-Fern-Runtime": core.RUNTIME.type,
                 "X-Fern-Runtime-Version": core.RUNTIME.version,
-            }, _options === null || _options === void 0 ? void 0 : _options.headers), clientId: "clientId" in _options.auth ? _options.auth.clientId : undefined, clientSecret: "clientSecret" in _options.auth ? _options.auth.clientSecret : undefined, token: "accessToken" in _options.auth ? _options.auth.accessToken : undefined, environment: getEnvironment(_options.environment) });
+            }, _options === null || _options === void 0 ? void 0 : _options.headers), clientId: "clientId" in _options.auth ? _options.auth.clientId : undefined, clientSecret: "clientSecret" in _options.auth ? _options.auth.clientSecret : undefined, token: "accessToken" in _options.auth ? _options.auth.accessToken : undefined, tenantName, environment: getEnvironment(environment) });
         /**
          * Patch: if `clientId` is provided, use OAuthTokenProvider, otherwise use BearerProvider
          */
@@ -76,7 +81,7 @@ export class CortiClient {
                  */
                 authClient: new Auth(this._options),
             }) :
-            new RefreshBearerProvider(_options.auth);
+            new RefreshBearerProvider(Object.assign(Object.assign({}, _options.auth), { initialTokenResponse }));
     }
     get interactions() {
         var _a;

package/dist/esm/custom/RefreshBearerProvider.d.mts

@@ -2,8 +2,9 @@
  * RefreshBearerProvider used as a replacement of OAuthTokenProvider, in case when accessToken from outside of library was used instead of Client credentials.
  */
 import * as api from "../api/index.mjs";
-type ExpectedTokenResponse = Omit<api.GetTokenResponse, 'tokenType'> & {
+export type ExpectedTokenResponse = Omit<api.GetTokenResponse, "tokenType" | "expiresIn"> & {
     tokenType?: string;
+    expiresIn?: number;
 };
 type RefreshAccessTokenFunction = (refreshToken?: string) => Promise<ExpectedTokenResponse> | ExpectedTokenResponse;
 export type BearerOptions = Partial<Omit<api.GetTokenResponse, 'accessToken'>> & ({
@@ -20,9 +21,13 @@ export declare class RefreshBearerProvider {
     private _refreshAccessToken;
     private _expiresAt;
     private _refreshExpiresAt;
-    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, }: BearerOptions);
+    private _initialTokenResponse;
+    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, initialTokenResponse, }: BearerOptions & {
+        initialTokenResponse?: Promise<ExpectedTokenResponse>;
+    });
     getToken(): Promise<string>;
     private refresh;
     private getExpiresAt;
+    private parseTokenExpiry;
 }
 export {};

package/dist/esm/custom/RefreshBearerProvider.mjs

@@ -11,38 +11,65 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 import * as core from "../core/index.mjs";
+import { decodeToken } from "./utils/decodeToken.mjs";
 export class RefreshBearerProvider {
-    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, }) {
+    constructor({ accessToken, refreshAccessToken, refreshToken, refreshExpiresIn, expiresIn, initialTokenResponse, }) {
         this.BUFFER_IN_MINUTES = 2;
-        this._expiresAt = this.getExpiresAt(expiresIn, this.BUFFER_IN_MINUTES);
-        this._refreshExpiresAt = this.getExpiresAt(refreshExpiresIn, 0);
-        this._accessToken = accessToken || 'no_token';
+        this._accessToken = accessToken || "no_token";
         this._refreshToken = refreshToken;
+        this._initialTokenResponse = initialTokenResponse;
+        this._expiresAt = this.getExpiresAt(expiresIn, this._accessToken, this.BUFFER_IN_MINUTES);
+        this._refreshExpiresAt = this.getExpiresAt(refreshExpiresIn, this._refreshToken, 0);
         this._refreshAccessToken = refreshAccessToken;
     }
     getToken() {
         return __awaiter(this, void 0, void 0, function* () {
-            if (this._accessToken && this._expiresAt > new Date()) {
+            if (this._accessToken && this._accessToken !== "no_token" && this._expiresAt > new Date()) {
                 return core.Supplier.get(this._accessToken);
             }
+            if (this._initialTokenResponse) {
+                const tokenResponse = yield this._initialTokenResponse;
+                this._initialTokenResponse = undefined;
+                this._accessToken = tokenResponse.accessToken;
+                this._expiresAt = this.getExpiresAt(tokenResponse.expiresIn, tokenResponse.accessToken, this.BUFFER_IN_MINUTES);
+                this._refreshToken = tokenResponse.refreshToken;
+                this._refreshExpiresAt = this.getExpiresAt(tokenResponse.refreshExpiresIn, this._refreshToken, 0);
+                return this.getToken();
+            }
             return this.refresh();
         });
     }
     refresh() {
         return __awaiter(this, void 0, void 0, function* () {
-            if (!this._refreshAccessToken || this._refreshToken && this._refreshExpiresAt < new Date()) {
+            if (!this._refreshAccessToken || (this._refreshToken && this._refreshExpiresAt < new Date())) {
                 return core.Supplier.get(this._accessToken);
             }
             const tokenResponse = yield this._refreshAccessToken(this._refreshToken);
             this._accessToken = tokenResponse.accessToken;
-            this._expiresAt = this.getExpiresAt(tokenResponse.expiresIn, this.BUFFER_IN_MINUTES);
+            this._expiresAt = this.getExpiresAt(tokenResponse.expiresIn, tokenResponse.accessToken, this.BUFFER_IN_MINUTES);
             this._refreshToken = tokenResponse.refreshToken;
-            this._refreshExpiresAt = this.getExpiresAt(tokenResponse.refreshExpiresIn, 0);
+            this._refreshExpiresAt = this.getExpiresAt(tokenResponse.refreshExpiresIn, this._refreshToken, 0);
             return this._accessToken;
         });
     }
-    getExpiresAt(expiresInSeconds = 0, bufferInMinutes = this.BUFFER_IN_MINUTES) {
-        const now = new Date();
-        return new Date(now.getTime() + expiresInSeconds * 1000 - bufferInMinutes * 60 * 1000);
+    getExpiresAt(expiresIn, token, bufferInMinutes = this.BUFFER_IN_MINUTES) {
+        if (typeof expiresIn === "number") {
+            const now = new Date();
+            return new Date(now.getTime() + expiresIn * 1000 - bufferInMinutes * 60 * 1000);
+        }
+        return this.parseTokenExpiry(token, bufferInMinutes) || this.getExpiresAt(0, token, bufferInMinutes);
+    }
+    parseTokenExpiry(token, bufferInMinutes) {
+        if (!token || token === "no_token") {
+            return;
+        }
+        try {
+            const decoded = decodeToken(token);
+            if (decoded && typeof decoded.expiresAt === "number") {
+                const ms = decoded.expiresAt * 1000 - bufferInMinutes * 60 * 1000;
+                return new Date(ms);
+            }
+        }
+        catch (_a) { }
     }
 }

package/dist/esm/custom/utils/decodeToken.d.mts

@@ -0,0 +1,27 @@
+/**
+ * Decodes a JWT token and extracts environment and tenant details from its issuer URL.
+ *
+ * This function assumes the JWT token follows the standard header.payload.signature format.
+ * It decodes the payload from base64 URL format, parses it as JSON, and then uses a regex
+ * to extract the `environment` and `tenant` from the issuer URL (iss field) if it matches the pattern:
+ * https://keycloak.{environment}.corti.app/realms/{tenant}.
+ *
+ * @param token - A JSON Web Token (JWT) string.
+ * @returns An object containing:
+ *  - `environment`: The extracted environment from the issuer URL.
+ *  - `tenant`: The extracted tenant from the issuer URL.
+ *  - `accessToken`: The original token string.
+ * If the issuer URL doesn't match the expected format, the function returns the full decoded token details.
+ *
+ * @throws Will throw an error if:
+ *  - The token format is invalid.
+ *  - The base64 decoding or URI decoding fails.
+ *  - The JSON payload is invalid.
+ *  - The token payload does not contain an issuer (iss) field.
+ */
+export declare function decodeToken(token: string): {
+    environment: string;
+    tenantName: string;
+    accessToken: string;
+    expiresAt: number | undefined;
+} | null;

package/dist/esm/custom/utils/decodeToken.mjs

@@ -0,0 +1,74 @@
+/**
+ * Decodes a JWT token and extracts environment and tenant details from its issuer URL.
+ *
+ * This function assumes the JWT token follows the standard header.payload.signature format.
+ * It decodes the payload from base64 URL format, parses it as JSON, and then uses a regex
+ * to extract the `environment` and `tenant` from the issuer URL (iss field) if it matches the pattern:
+ * https://keycloak.{environment}.corti.app/realms/{tenant}.
+ *
+ * @param token - A JSON Web Token (JWT) string.
+ * @returns An object containing:
+ *  - `environment`: The extracted environment from the issuer URL.
+ *  - `tenant`: The extracted tenant from the issuer URL.
+ *  - `accessToken`: The original token string.
+ * If the issuer URL doesn't match the expected format, the function returns the full decoded token details.
+ *
+ * @throws Will throw an error if:
+ *  - The token format is invalid.
+ *  - The base64 decoding or URI decoding fails.
+ *  - The JSON payload is invalid.
+ *  - The token payload does not contain an issuer (iss) field.
+ */
+export function decodeToken(token) {
+    // Validate the token structure (should contain at least header and payload parts)
+    const parts = token ? token.split('.') : '';
+    if (parts.length < 2) {
+        return null;
+    }
+    // Retrieve the payload (second part) of the JWT token
+    const base64Url = parts[1];
+    // Replace URL-safe characters to match standard base64 encoding
+    const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+    // Decode the base64 string into a JSON string
+    let jsonPayload;
+    try {
+        jsonPayload = decodeURIComponent(atob(base64)
+            .split('')
+            .map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))
+            .join(''));
+    }
+    catch (error) {
+        return null;
+    }
+    // Parse the JSON string to obtain token details
+    let tokenDetails;
+    try {
+        tokenDetails = JSON.parse(jsonPayload);
+    }
+    catch (error) {
+        return null;
+    }
+    // Extract the issuer URL from the token details
+    const issuerUrl = tokenDetails.iss;
+    if (!issuerUrl) {
+        return null;
+    }
+    // Regex to extract environment and tenant from issuer URL:
+    // Expected format: https://keycloak.{environment}.corti.app/realms/{tenant}
+    // Note: Unnecessary escapes in character classes have been removed.
+    const regex = /^https:\/\/(keycloak|auth)\.([^.]+)\.corti\.app\/realms\/([^/]+)/;
+    const match = issuerUrl.match(regex);
+    // If the issuer URL matches the expected pattern, return the extracted values along with the token
+    if (match) {
+        const expiresAt = tokenDetails.exp && typeof tokenDetails.exp === 'number'
+            ? tokenDetails.exp
+            : undefined;
+        return {
+            environment: match[2],
+            tenantName: match[3],
+            accessToken: token,
+            expiresAt,
+        };
+    }
+    return null;
+}

package/dist/esm/custom/utils/getEnvironmentFromString.d.mts

@@ -1,6 +1,5 @@
 import * as core from "../../core/index.mjs";
 import * as environments from "../../environments.mjs";
-type Environment = core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls> | string;
-type CortiEnvironment = core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls>;
-export declare function getEnvironment(environment: Environment): CortiEnvironment;
-export {};
+export type Environment = CortiInternalEnvironment | string;
+export type CortiInternalEnvironment = core.Supplier<environments.CortiEnvironment | environments.CortiEnvironmentUrls>;
+export declare function getEnvironment(environment: Environment): CortiInternalEnvironment;

package/dist/esm/custom/utils/resolveClientOptions.d.mts

@@ -0,0 +1,11 @@
+import * as core from "../../core/index.mjs";
+import { CortiClient } from "../CortiClient.mjs";
+import { Environment } from "./getEnvironmentFromString.mjs";
+import { ExpectedTokenResponse } from "../RefreshBearerProvider.mjs";
+type ResolvedClientOptions = {
+    environment: Environment;
+    tenantName: core.Supplier<string>;
+    initialTokenResponse?: Promise<ExpectedTokenResponse>;
+};
+export declare function resolveClientOptions(options: CortiClient.Options): ResolvedClientOptions;
+export {};

package/dist/esm/custom/utils/resolveClientOptions.mjs

@@ -0,0 +1,73 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import * as core from "../../core/index.mjs";
+import { decodeToken } from "./decodeToken.mjs";
+import { ParseError } from "../../core/schemas/index.mjs";
+import { getEnvironment } from "./getEnvironmentFromString.mjs";
+function isClientCredentialsOptions(options) {
+    return "clientId" in options.auth;
+}
+export function resolveClientOptions(options) {
+    if (isClientCredentialsOptions(options)) {
+        return {
+            tenantName: options.tenantName,
+            environment: options.environment,
+        };
+    }
+    if ("accessToken" in options.auth && options.auth.accessToken) {
+        const decoded = decodeToken(options.auth.accessToken);
+        if (!decoded) {
+            throw new ParseError([
+                {
+                    path: ["auth", "accessToken"],
+                    message: "Invalid access token format",
+                },
+            ]);
+        }
+        return {
+            tenantName: options.tenantName || decoded.tenantName,
+            environment: options.environment || decoded.environment,
+        };
+    }
+    /**
+     * This branch -- is when we have "refreshAccessToken" defined but no accessToken.
+     * Trying to avoid initial request at all cost
+     */
+    if (options.tenantName && options.environment) {
+        return {
+            tenantName: options.tenantName,
+            environment: options.environment,
+        };
+    }
+    const tokenResponsePromise = (() => __awaiter(this, void 0, void 0, function* () {
+        const tokenResponse = yield core.Supplier.get(options.auth.refreshAccessToken);
+        const decoded = decodeToken(tokenResponse.accessToken);
+        if (!decoded) {
+            throw new ParseError([
+                {
+                    path: ["auth", "refreshAccessToken"],
+                    message: "Returned invalid access token format",
+                },
+            ]);
+        }
+        return {
+            tokenResponse,
+            tenantName: decoded.tenantName,
+            environment: decoded.environment,
+        };
+    }))();
+    return {
+        tenantName: options.tenantName ||
+            tokenResponsePromise.then(({ tenantName }) => tenantName),
+        environment: options.environment ||
+            tokenResponsePromise.then(({ environment }) => core.Supplier.get(getEnvironment(environment))),
+        initialTokenResponse: tokenResponsePromise.then((result) => result.tokenResponse),
+    };
+}

package/dist/esm/version.d.mts

@@ -1 +1 @@
-export declare const SDK_VERSION = "0.4.0";
+export declare const SDK_VERSION = "0.5.0-rc";

package/dist/esm/version.mjs

@@ -1 +1 @@
-export const SDK_VERSION = "0.4.0";
+export const SDK_VERSION = "0.5.0-rc";

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@corti/sdk",
-    "version": "0.4.0",
+    "version": "0.5.0-rc",
     "private": false,
     "repository": "github:corticph/corti-sdk-javascript",
     "license": "MIT",