@corti/sdk 1.0.0-alpha → 1.0.0-alpha.1

package/dist/esm/api/types/index.mjs

@@ -22,6 +22,7 @@ export * from "./AgentsCreateMcpServerAuthorizationType.mjs";
 export * from "./AgentsCreateMcpServerTransportType.mjs";
 export * from "./AgentsDataPart.mjs";
 export * from "./AgentsDataPartKind.mjs";
+export * from "./AgentsErrorResponse.mjs";
 export * from "./AgentsExpert.mjs";
 export * from "./AgentsExpertReference.mjs";
 export * from "./AgentsExpertReferenceType.mjs";
@@ -51,13 +52,18 @@ export * from "./AgentsTaskStatus.mjs";
 export * from "./AgentsTaskStatusState.mjs";
 export * from "./AgentsTextPart.mjs";
 export * from "./AgentsTextPartKind.mjs";
+export * from "./AgentsValidationError.mjs";
+export * from "./AgentsValidationErrorErrorsItem.mjs";
+export * from "./AgentsValidationErrorResponse.mjs";
 export * from "./AuthTokenRequestAuthorizationCode.mjs";
 export * from "./AuthTokenRequestAuthorizationPkce.mjs";
 export * from "./AuthTokenRequestClientCredentials.mjs";
 export * from "./AuthTokenRequestRefresh.mjs";
 export * from "./AuthTokenRequestRopc.mjs";
 export * from "./AuthTokenResponse.mjs";
+export * from "./CodesFilter.mjs";
 export * from "./CodesGeneralReadResponse.mjs";
+export * from "./CodesGeneralReadResponseAlternativesItem.mjs";
 export * from "./CodesGeneralReadResponseEvidencesItem.mjs";
 export * from "./CodesGeneralResponse.mjs";
 export * from "./CommonAiContext.mjs";
@@ -122,7 +128,6 @@ export * from "./RecordingsCreateResponse.mjs";
 export * from "./RecordingsListResponse.mjs";
 export * from "./StreamConfig.mjs";
 export * from "./StreamConfigMessage.mjs";
-export * from "./StreamConfigMessageType.mjs";
 export * from "./StreamConfigMode.mjs";
 export * from "./StreamConfigModeType.mjs";
 export * from "./StreamConfigParticipant.mjs";
@@ -131,27 +136,19 @@ export * from "./StreamConfigStatusMessage.mjs";
 export * from "./StreamConfigStatusMessageType.mjs";
 export * from "./StreamConfigTranscription.mjs";
 export * from "./StreamEndedMessage.mjs";
-export * from "./StreamEndedMessageType.mjs";
 export * from "./StreamEndMessage.mjs";
-export * from "./StreamEndMessageType.mjs";
 export * from "./StreamErrorDetail.mjs";
 export * from "./StreamErrorMessage.mjs";
-export * from "./StreamErrorMessageType.mjs";
 export * from "./StreamFact.mjs";
 export * from "./StreamFactsMessage.mjs";
-export * from "./StreamFactsMessageType.mjs";
 export * from "./StreamFlushedMessage.mjs";
-export * from "./StreamFlushedMessageType.mjs";
 export * from "./StreamFlushMessage.mjs";
-export * from "./StreamFlushMessageType.mjs";
 export * from "./StreamParticipant.mjs";
 export * from "./StreamSupportedLanguage.mjs";
 export * from "./StreamTranscript.mjs";
 export * from "./StreamTranscriptMessage.mjs";
-export * from "./StreamTranscriptMessageType.mjs";
 export * from "./StreamTranscriptTime.mjs";
 export * from "./StreamUsageMessage.mjs";
-export * from "./StreamUsageMessageType.mjs";
 export * from "./TemplatesDocumentationModeEnum.mjs";
 export * from "./TemplatesFormatRule.mjs";
 export * from "./TemplatesItem.mjs";
@@ -165,25 +162,17 @@ export * from "./TemplatesWritingStyle.mjs";
 export * from "./TranscribeCommand.mjs";
 export * from "./TranscribeCommandData.mjs";
 export * from "./TranscribeCommandMessage.mjs";
-export * from "./TranscribeCommandMessageType.mjs";
 export * from "./TranscribeCommandVariable.mjs";
-export * from "./TranscribeCommandVariableType.mjs";
 export * from "./TranscribeConfig.mjs";
 export * from "./TranscribeConfigMessage.mjs";
-export * from "./TranscribeConfigMessageType.mjs";
 export * from "./TranscribeConfigStatusMessage.mjs";
 export * from "./TranscribeConfigStatusMessageType.mjs";
 export * from "./TranscribeEndedMessage.mjs";
-export * from "./TranscribeEndedMessageType.mjs";
 export * from "./TranscribeEndMessage.mjs";
-export * from "./TranscribeEndMessageType.mjs";
 export * from "./TranscribeErrorMessage.mjs";
 export * from "./TranscribeErrorMessageError.mjs";
-export * from "./TranscribeErrorMessageType.mjs";
 export * from "./TranscribeFlushedMessage.mjs";
-export * from "./TranscribeFlushedMessageType.mjs";
 export * from "./TranscribeFlushMessage.mjs";
-export * from "./TranscribeFlushMessageType.mjs";
 export * from "./TranscribeFormatting.mjs";
 export * from "./TranscribeFormattingDates.mjs";
 export * from "./TranscribeFormattingMeasurements.mjs";
@@ -194,9 +183,7 @@ export * from "./TranscribeFormattingTimes.mjs";
 export * from "./TranscribeSupportedLanguage.mjs";
 export * from "./TranscribeTranscriptData.mjs";
 export * from "./TranscribeTranscriptMessage.mjs";
-export * from "./TranscribeTranscriptMessageType.mjs";
 export * from "./TranscribeUsageMessage.mjs";
-export * from "./TranscribeUsageMessageType.mjs";
 export * from "./TranscriptsData.mjs";
 export * from "./TranscriptsListItem.mjs";
 export * from "./TranscriptsListResponse.mjs";

package/dist/esm/auth/OAuthAuthProvider.d.mts

@@ -1,99 +1 @@
-import type * as Corti from "../api/index.mjs";
-import type { BaseClientOptions } from "../BaseClient.mjs";
-import * as core from "../core/index.mjs";
-import { CLIENT_ID_PARAM, CLIENT_SECRET_PARAM, CODE_PARAM, CODE_VERIFIER_PARAM, PASSWORD_PARAM, REDIRECT_URI_PARAM, USERNAME_PARAM } from "../custom/utils/oauthAuthHelpers.mjs";
-/** Patch: Re-export for consumers; implementation shared with OAuthRopcAuthProvider, OAuthAuthCodeAuthProvider and OAuthPkceAuthProvider. */
-export { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, CLIENT_SECRET_PARAM, CLIENT_SECRET_REQUIRED_ERROR_MESSAGE, CODE_PARAM, CODE_VERIFIER_PARAM, getExpiresAt, PASSWORD_PARAM, PASSWORD_REQUIRED_ERROR_MESSAGE, REDIRECT_URI_PARAM, USERNAME_PARAM, USERNAME_REQUIRED_ERROR_MESSAGE, } from "../custom/utils/oauthAuthHelpers.mjs";
-declare const TOKEN_PARAM: "token";
-export declare class OAuthAuthProvider implements core.AuthProvider {
-    private readonly options;
-    /**
-     * Patch: Use CortiAuth (real token endpoint) instead of AuthClient (fake-token).
-     */
-    private readonly authClient;
-    private accessToken;
-    private expiresAt;
-    private refreshPromise;
-    private storedRefreshToken;
-    private refreshExpiresAt;
-    constructor(options: OAuthAuthProvider.Options & OAuthAuthProvider.ClientCredentials);
-    static canCreate(options?: Partial<OAuthAuthProvider.ClientCredentials & BaseClientOptions>): boolean;
-    private clientIdSupplier;
-    private clientSecretSupplier;
-    getAuthRequest({ endpointMetadata, }?: {
-        endpointMetadata?: core.EndpointMetadata;
-    }): Promise<core.AuthRequest>;
-    private getToken;
-    private refresh;
-}
-export declare class OAuthTokenOverrideAuthProvider implements core.AuthProvider {
-    private readonly authClient;
-    private readonly _tokenSupplier;
-    private readonly _clientIdSupplier;
-    private readonly _refreshAccessToken;
-    private accessToken;
-    private expiresAt;
-    private storedRefreshToken;
-    private refreshExpiresAt;
-    private _seedPromise;
-    constructor(options: OAuthAuthProvider.TokenOverride & BaseClientOptions);
-    static canCreate(options?: Partial<OAuthAuthProvider.TokenOverride & BaseClientOptions>): options is OAuthAuthProvider.TokenOverride & BaseClientOptions;
-    getAuthRequest({ endpointMetadata, }?: {
-        endpointMetadata?: core.EndpointMetadata;
-    }): Promise<core.AuthRequest>;
-}
-export declare namespace OAuthAuthProvider {
-    const AUTH_SCHEME: "OAuth";
-    /** Patch: Message extended to mention ROPC (clientId, username, password). */
-    const AUTH_CONFIG_ERROR_MESSAGE: string;
-    type ClientCredentials = {
-        [CLIENT_ID_PARAM]: core.Supplier<string>;
-        [CLIENT_SECRET_PARAM]: core.Supplier<string>;
-    };
-    /**
-     * Patch: tokenType and expiresIn made optional — the provider only strictly needs accessToken.
-     * Mirrors AuthTokenResponse but relaxes the two required fields so custom refresh functions
-     * don't need to return fields the provider doesn't use.
-     */
-    type ExpectedTokenResponse = Omit<Corti.AuthTokenResponse, "tokenType" | "expiresIn"> & {
-        tokenType?: string;
-        expiresIn?: number;
-    };
-    /** Patch: Custom refresh function — sync or async, receives the last known refresh token. */
-    type RefreshAccessTokenFunction = (refreshToken?: string) => Promise<OAuthAuthProvider.ExpectedTokenResponse> | OAuthAuthProvider.ExpectedTokenResponse;
-    type TokenOverride = {
-        [TOKEN_PARAM]?: core.Supplier<string>;
-        /** Patch: Custom callback called to obtain/renew the access token. Takes priority over built-in clientId+refreshToken path. */
-        refreshAccessToken?: OAuthAuthProvider.RefreshAccessTokenFunction;
-        expiresIn?: number;
-        refreshToken?: string;
-        refreshExpiresIn?: number;
-        clientId?: core.Supplier<string>;
-        /** Patch: Pre-seeded token response from resolveClientOptions — avoids a second refreshAccessToken call on first API request. */
-        initialTokenResponse?: Promise<OAuthAuthProvider.ExpectedTokenResponse>;
-    };
-    /** Patch: ROPC grant credentials (clientId + username + password) */
-    type RopcCredentials = {
-        [CLIENT_ID_PARAM]: core.Supplier<string>;
-        [USERNAME_PARAM]: core.Supplier<string>;
-        [PASSWORD_PARAM]: core.Supplier<string>;
-    };
-    /** Patch: Authorization code credentials (clientId + clientSecret + code + redirectUri) */
-    type AuthCodeCredentials = {
-        [CLIENT_ID_PARAM]: core.Supplier<string>;
-        [CLIENT_SECRET_PARAM]: core.Supplier<string>;
-        [CODE_PARAM]: core.Supplier<string>;
-        [REDIRECT_URI_PARAM]: core.Supplier<string>;
-    };
-    /** Patch: PKCE credentials (clientId + code + redirectUri; no clientSecret) */
-    type PkceCredentials = {
-        [CLIENT_ID_PARAM]: core.Supplier<string>;
-        [CODE_PARAM]: core.Supplier<string>;
-        [REDIRECT_URI_PARAM]: core.Supplier<string>;
-        [CODE_VERIFIER_PARAM]?: core.Supplier<string>;
-    };
-    /** Patch: Include RopcCredentials, AuthCodeCredentials and PkceCredentials so CortiClient can use those auth flows. */
-    type AuthOptions = ClientCredentials | TokenOverride | RopcCredentials | AuthCodeCredentials | PkceCredentials;
-    type Options = BaseClientOptions & AuthOptions;
-    function createInstance(options: Options): core.AuthProvider;
-}
+export * from "../custom/overrides/OAuthAuthProvider.mjs";

package/dist/esm/auth/OAuthAuthProvider.mjs

@@ -1,239 +1,2 @@
-// This file was auto-generated by Fern from our API Definition.
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-import * as core from "../core/index.mjs";
-import { CortiAuth } from "../custom/CortiAuth.mjs";
-import { OAuthAuthCodeAuthProvider } from "../custom/OAuthAuthCodeAuthProvider.mjs";
-import { OAuthPkceAuthProvider } from "../custom/OAuthPkceAuthProvider.mjs";
-import { OAuthRopcAuthProvider } from "../custom/OAuthRopcAuthProvider.mjs";
-import { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, CLIENT_SECRET_PARAM, CLIENT_SECRET_REQUIRED_ERROR_MESSAGE, CODE_PARAM, CODE_VERIFIER_PARAM, getExpiresAt, PASSWORD_PARAM, REDIRECT_URI_PARAM, USERNAME_PARAM, } from "../custom/utils/oauthAuthHelpers.mjs";
-import * as errors from "../errors/index.mjs";
-/** Patch: Re-export for consumers; implementation shared with OAuthRopcAuthProvider, OAuthAuthCodeAuthProvider and OAuthPkceAuthProvider. */
-export { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, CLIENT_SECRET_PARAM, CLIENT_SECRET_REQUIRED_ERROR_MESSAGE, CODE_PARAM, CODE_VERIFIER_PARAM, getExpiresAt, PASSWORD_PARAM, PASSWORD_REQUIRED_ERROR_MESSAGE, REDIRECT_URI_PARAM, USERNAME_PARAM, USERNAME_REQUIRED_ERROR_MESSAGE, } from "../custom/utils/oauthAuthHelpers.mjs";
-const TOKEN_PARAM = "token";
-const TOKEN_PARAM_REQUIRED_ERROR_MESSAGE = `${TOKEN_PARAM} is required. Please provide it in options.`;
-export class OAuthAuthProvider {
-    constructor(options) {
-        this.options = options;
-        /**
-         * Patch: Use CortiAuth (real token endpoint) instead of AuthClient (fake-token).
-         */
-        this.authClient = new CortiAuth(options);
-        this.expiresAt = new Date();
-    }
-    static canCreate(options) {
-        return (options === null || options === void 0 ? void 0 : options[CLIENT_ID_PARAM]) != null && (options === null || options === void 0 ? void 0 : options[CLIENT_SECRET_PARAM]) != null;
-    }
-    clientIdSupplier() {
-        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
-            const supplier = this.options[CLIENT_ID_PARAM];
-            if (supplier == null) {
-                throw new errors.CortiError({
-                    message: CLIENT_ID_REQUIRED_ERROR_MESSAGE,
-                });
-            }
-            return core.EndpointSupplier.get(supplier, { endpointMetadata });
-        });
-    }
-    clientSecretSupplier() {
-        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
-            const supplier = this.options[CLIENT_SECRET_PARAM];
-            if (supplier == null) {
-                throw new errors.CortiError({
-                    message: CLIENT_SECRET_REQUIRED_ERROR_MESSAGE,
-                });
-            }
-            return core.EndpointSupplier.get(supplier, { endpointMetadata });
-        });
-    }
-    getAuthRequest() {
-        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
-            const token = yield this.getToken({ endpointMetadata });
-            return {
-                headers: {
-                    Authorization: `Bearer ${token}`,
-                },
-            };
-        });
-    }
-    getToken() {
-        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
-            if (this.accessToken && this.expiresAt > new Date()) {
-                return this.accessToken;
-            }
-            // If a refresh is already in progress, return the existing promise
-            if (this.refreshPromise != null) {
-                return this.refreshPromise;
-            }
-            return this.refresh({ endpointMetadata });
-        });
-    }
-    refresh() {
-        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
-            this.refreshPromise = (() => __awaiter(this, void 0, void 0, function* () {
-                try {
-                    const clientId = yield this.clientIdSupplier({ endpointMetadata });
-                    const clientSecret = yield this.clientSecretSupplier({ endpointMetadata });
-                    const tokenResponse = clientId && this.storedRefreshToken && this.refreshExpiresAt && this.refreshExpiresAt > new Date()
-                        ? yield this.authClient.refreshToken({
-                            clientId,
-                            refreshToken: this.storedRefreshToken,
-                        })
-                        : yield this.authClient.getToken({ clientId, clientSecret });
-                    this.accessToken = tokenResponse.accessToken;
-                    this.expiresAt = getExpiresAt(tokenResponse.expiresIn, BUFFER_IN_MINUTES);
-                    if (tokenResponse.refreshToken) {
-                        this.storedRefreshToken = tokenResponse.refreshToken;
-                        this.refreshExpiresAt = tokenResponse.refreshExpiresIn
-                            ? getExpiresAt(tokenResponse.refreshExpiresIn, BUFFER_IN_MINUTES)
-                            : undefined;
-                    }
-                    return this.accessToken;
-                }
-                finally {
-                    this.refreshPromise = undefined;
-                }
-            }))();
-            return this.refreshPromise;
-        });
-    }
-}
-export class OAuthTokenOverrideAuthProvider {
-    constructor(options) {
-        this._tokenSupplier = options[TOKEN_PARAM];
-        this._clientIdSupplier = options.clientId;
-        // Patch: store custom refresh callback
-        this._refreshAccessToken = options.refreshAccessToken;
-        this.expiresAt = options.expiresIn ? getExpiresAt(options.expiresIn, BUFFER_IN_MINUTES) : undefined;
-        this.storedRefreshToken = options.refreshToken;
-        this.refreshExpiresAt = options.refreshExpiresIn
-            ? getExpiresAt(options.refreshExpiresIn, BUFFER_IN_MINUTES)
-            : undefined;
-        if (options.clientId && options.refreshToken) {
-            this.authClient = new CortiAuth(options);
-        }
-        // Patch: pre-seed token from discovery promise so getAuthRequest doesn't call refreshAccessToken again
-        if (options.initialTokenResponse) {
-            this._seedPromise = options.initialTokenResponse
-                .then((resp) => {
-                this.accessToken = resp.accessToken;
-                this.expiresAt = resp.expiresIn ? getExpiresAt(resp.expiresIn, BUFFER_IN_MINUTES) : undefined;
-                if (resp.refreshToken) {
-                    this.storedRefreshToken = resp.refreshToken;
-                    this.refreshExpiresAt = resp.refreshExpiresIn
-                        ? getExpiresAt(resp.refreshExpiresIn, BUFFER_IN_MINUTES)
-                        : undefined;
-                }
-            })
-                .finally(() => {
-                this._seedPromise = undefined;
-            });
-        }
-    }
-    static canCreate(options) {
-        // Patch: either token or refreshAccessToken is sufficient
-        return (options === null || options === void 0 ? void 0 : options[TOKEN_PARAM]) != null || (options === null || options === void 0 ? void 0 : options.refreshAccessToken) != null;
-    }
-    getAuthRequest() {
-        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
-            // Patch: await seed promise so the initial token from resolveClientOptions is set before checking expiry
-            if (this._seedPromise) {
-                yield this._seedPromise;
-            }
-            const isExpiredOrAbsent = !this.accessToken || (this.expiresAt != null && this.expiresAt <= new Date());
-            // Patch: custom refreshAccessToken takes priority — call it when token is absent or expired
-            if (this._refreshAccessToken && isExpiredOrAbsent) {
-                const result = yield this._refreshAccessToken(this.storedRefreshToken);
-                this.accessToken = result.accessToken;
-                this.expiresAt = result.expiresIn ? getExpiresAt(result.expiresIn, BUFFER_IN_MINUTES) : undefined;
-                if (result.refreshToken) {
-                    this.storedRefreshToken = result.refreshToken;
-                    this.refreshExpiresAt = result.refreshExpiresIn
-                        ? getExpiresAt(result.refreshExpiresIn, BUFFER_IN_MINUTES)
-                        : undefined;
-                }
-                return { headers: { Authorization: `Bearer ${this.accessToken}` } };
-            }
-            // Built-in: if access token is expired and we have a valid SDK refresh token, use it
-            if (this.expiresAt != null &&
-                this.expiresAt <= new Date() &&
-                this._clientIdSupplier &&
-                this.storedRefreshToken &&
-                this.refreshExpiresAt &&
-                this.refreshExpiresAt > new Date() &&
-                this.authClient) {
-                const clientId = yield core.EndpointSupplier.get(this._clientIdSupplier, { endpointMetadata });
-                const tokenResponse = yield this.authClient.refreshToken({
-                    clientId,
-                    refreshToken: this.storedRefreshToken,
-                });
-                this.accessToken = tokenResponse.accessToken;
-                this.expiresAt = getExpiresAt(tokenResponse.expiresIn, BUFFER_IN_MINUTES);
-                if (tokenResponse.refreshToken) {
-                    this.storedRefreshToken = tokenResponse.refreshToken;
-                    this.refreshExpiresAt = tokenResponse.refreshExpiresIn
-                        ? getExpiresAt(tokenResponse.refreshExpiresIn, BUFFER_IN_MINUTES)
-                        : undefined;
-                }
-                return { headers: { Authorization: `Bearer ${this.accessToken}` } };
-            }
-            // Token not yet acquired — resolve from supplier (static token / initial value)
-            if (!this.accessToken) {
-                if (this._tokenSupplier == null) {
-                    throw new errors.CortiError({ message: TOKEN_PARAM_REQUIRED_ERROR_MESSAGE });
-                }
-                this.accessToken = yield core.EndpointSupplier.get(this._tokenSupplier, { endpointMetadata });
-            }
-            if (!this.accessToken) {
-                throw new errors.CortiError({ message: TOKEN_PARAM_REQUIRED_ERROR_MESSAGE });
-            }
-            return { headers: { Authorization: `Bearer ${this.accessToken}` } };
-        });
-    }
-}
-(function (OAuthAuthProvider) {
-    OAuthAuthProvider.AUTH_SCHEME = "OAuth";
-    /** Patch: Message extended to mention ROPC (clientId, username, password). */
-    OAuthAuthProvider.AUTH_CONFIG_ERROR_MESSAGE = `Insufficient options to create OAuthAuthProvider. Please provide '${CLIENT_ID_PARAM}' and '${CLIENT_SECRET_PARAM}', or ${TOKEN_PARAM}, or ROPC (${CLIENT_ID_PARAM}, username, password).`;
-    function createInstance(options) {
-        if (OAuthTokenOverrideAuthProvider.canCreate(options)) {
-            return new OAuthTokenOverrideAuthProvider(options);
-        }
-        /** Patch: ROPC provider before client credentials so ROPC auth is used when username+password provided. */
-        if (OAuthRopcAuthProvider.canCreate(options)) {
-            return new OAuthRopcAuthProvider(options);
-        }
-        /** Patch: PKCE provider before auth code — both have clientId+code+redirectUri, but PKCE has no clientSecret. */
-        if (OAuthPkceAuthProvider.canCreate(options)) {
-            return new OAuthPkceAuthProvider(options);
-        }
-        /** Patch: Auth code provider before client credentials — both have clientId+clientSecret, code+redirectUri distinguishes auth code. */
-        if (OAuthAuthCodeAuthProvider.canCreate(options)) {
-            return new OAuthAuthCodeAuthProvider(options);
-        }
-        if (OAuthAuthProvider.canCreate(options)) {
-            return new OAuthAuthProvider(options);
-        }
-        /** Patch: No credentials provided — proxy/passthrough mode; requests are sent without an Authorization header. */
-        const partialOptions = options;
-        const hasNoCredentials = partialOptions[CLIENT_ID_PARAM] == null &&
-            partialOptions[CLIENT_SECRET_PARAM] == null &&
-            partialOptions[TOKEN_PARAM] == null &&
-            partialOptions.refreshAccessToken == null &&
-            partialOptions[USERNAME_PARAM] == null;
-        if (hasNoCredentials) {
-            return new core.NoOpAuthProvider();
-        }
-        throw new errors.CortiError({
-            message: OAuthAuthProvider.AUTH_CONFIG_ERROR_MESSAGE,
-        });
-    }
-    OAuthAuthProvider.createInstance = createInstance;
-})(OAuthAuthProvider || (OAuthAuthProvider = {}));
+// Custom implementation lives in src/custom/overrides/OAuthAuthProvider.ts
+export * from "../custom/overrides/OAuthAuthProvider.mjs";

package/dist/esm/core/fetcher/index.d.mts

@@ -1,11 +1,2 @@
-export type { APIResponse } from "./APIResponse.mjs";
-export type { BinaryResponse } from "./BinaryResponse.mjs";
-export type { EndpointMetadata } from "./EndpointMetadata.mjs";
-export { EndpointSupplier } from "./EndpointSupplier.mjs";
-export type { Fetcher, FetchFunction } from "./Fetcher.mjs";
-export { fetcher } from "./Fetcher.mjs";
-export { getHeader } from "./getHeader.mjs";
-export { HttpResponsePromise } from "./HttpResponsePromise.mjs";
-export type { RawResponse, WithRawResponse } from "./RawResponse.mjs";
-export { abortRawResponse, toRawResponse, unknownRawResponse } from "./RawResponse.mjs";
-export { Supplier } from "./Supplier.mjs";
+/** Patch: withCredentials - re-export from custom barrel; fetcher uses global withCredentials default */
+export * from "../../custom/overrides/fetcher/index.mjs";

package/dist/esm/core/fetcher/index.mjs

@@ -1,6 +1,2 @@
-export { EndpointSupplier } from "./EndpointSupplier.mjs";
-export { fetcher } from "./Fetcher.mjs";
-export { getHeader } from "./getHeader.mjs";
-export { HttpResponsePromise } from "./HttpResponsePromise.mjs";
-export { abortRawResponse, toRawResponse, unknownRawResponse } from "./RawResponse.mjs";
-export { Supplier } from "./Supplier.mjs";
+/** Patch: withCredentials - re-export from custom barrel; fetcher uses global withCredentials default */
+export * from "../../custom/overrides/fetcher/index.mjs";

package/dist/esm/custom/CortiClient.d.mts

@@ -1,9 +1,9 @@
 import type { OAuthAuthProvider } from "../auth/OAuthAuthProvider.mjs";
 import { CortiClient as BaseCortiClient } from "../Client.mjs";
 import type * as environments from "../environments.mjs";
-import { CortiAuth } from "./CortiAuth.mjs";
-import { CustomStream } from "./CustomStream.mjs";
-import { CustomTranscribe } from "./CustomTranscribe.mjs";
+import { CortiAuth } from "./auth/CortiAuth.mjs";
+import { CustomStream } from "./stream/CustomStream.mjs";
+import { CustomTranscribe } from "./transcribe/CustomTranscribe.mjs";
 import { type Environment } from "./utils/environment.mjs";
 type TokenDerivableAuth = {
     accessToken: string;
@@ -20,7 +20,15 @@ type TokenDerivableAuth = {
     refreshExpiresIn?: number;
     clientId?: string;
 };
-type OptionsBase = Omit<BaseCortiClient.Options, "clientId" | "clientSecret" | "token" | "environment" | "tenantName" | "baseUrl">;
+type OptionsBase = Omit<BaseCortiClient.Options, "clientId" | "clientSecret" | "token" | "environment" | "tenantName" | "baseUrl"> & {
+    withCredentials?: boolean;
+    /**
+     * When true, encodes the client's auth headers as WebSocket subprotocol pairs instead of
+     * HTTP headers on every WebSocket connection. Useful when connecting through a gateway
+     * that strips HTTP headers but passes WS protocols through.
+     */
+    encodeHeadersAsWsProtocols?: boolean;
+};
 export declare namespace CortiClient {
     type Auth = {
         clientId: string;
@@ -94,6 +102,9 @@ export declare namespace CortiClient {
 }
 export declare class CortiClient extends BaseCortiClient {
     protected _auth: CortiAuth | undefined;
+    protected _stream: CustomStream | undefined;
+    protected _transcribe: CustomTranscribe | undefined;
+    private readonly _encodeHeadersAsWsProtocols;
     constructor(options: CortiClient.Options);
     get auth(): CortiAuth;
     get stream(): CustomStream;

package/dist/esm/custom/CortiClient.mjs

@@ -1,8 +1,9 @@
 import { CortiClient as BaseCortiClient } from "../Client.mjs";
-import { CortiAuth } from "./CortiAuth.mjs";
-import { CustomStream } from "./CustomStream.mjs";
-import { CustomTranscribe } from "./CustomTranscribe.mjs";
+import { CortiAuth } from "./auth/CortiAuth.mjs";
+import { CustomStream } from "./stream/CustomStream.mjs";
+import { CustomTranscribe } from "./transcribe/CustomTranscribe.mjs";
 import { authToBaseOptions } from "./utils/authToBaseOptions.mjs";
+import { setDefaultWithCredentials } from "./utils/withCredentialsConfig.mjs";
 import { getEnvironment } from "./utils/environment.mjs";
 import { resolveClientOptions } from "./utils/resolveClientOptions.mjs";
 export class CortiClient extends BaseCortiClient {
@@ -11,6 +12,8 @@ export class CortiClient extends BaseCortiClient {
         const ctx = resolveClientOptions(options);
         const restOptions = Object.assign(Object.assign(Object.assign({}, opts), { tenantName: ctx.tenantName, environment: getEnvironment(ctx.environment) }), (ctx.initialTokenResponse != null ? { initialTokenResponse: ctx.initialTokenResponse } : {}));
         super(authToBaseOptions(opts.auth, restOptions));
+        setDefaultWithCredentials(options.withCredentials);
+        this._encodeHeadersAsWsProtocols = options.encodeHeadersAsWsProtocols;
     }
     get auth() {
         var _a;
@@ -18,10 +21,10 @@ export class CortiClient extends BaseCortiClient {
     }
     get stream() {
         var _a;
-        return ((_a = this._stream) !== null && _a !== void 0 ? _a : (this._stream = new CustomStream(this._options)));
+        return ((_a = this._stream) !== null && _a !== void 0 ? _a : (this._stream = new CustomStream(Object.assign(Object.assign({}, this._options), { encodeHeadersAsWsProtocols: this._encodeHeadersAsWsProtocols }))));
     }
     get transcribe() {
         var _a;
-        return ((_a = this._transcribe) !== null && _a !== void 0 ? _a : (this._transcribe = new CustomTranscribe(this._options)));
+        return ((_a = this._transcribe) !== null && _a !== void 0 ? _a : (this._transcribe = new CustomTranscribe(Object.assign(Object.assign({}, this._options), { encodeHeadersAsWsProtocols: this._encodeHeadersAsWsProtocols }))));
     }
 }

package/dist/esm/custom/CortiWebSocketProxyClient.d.mts

@@ -1,45 +1,15 @@
+import { CustomProxyStream } from "./proxy/CustomProxyStream.mjs";
+import { CustomProxyTranscribe } from "./proxy/CustomProxyTranscribe.mjs";
 /**
- * Lightweight proxy client with only WebSocket resources (stream and transcribe).
- * Use this when you need direct WebSocket connections through your own proxy backend.
+ * Lightweight WebSocket-only client for proxy scenarios.
+ * No environment, tenantName, or auth required — supply the proxy URL at connect() time.
  *
- * No environment or tenantName required - proxy is required in connect().
+ * @example
+ * const socket = await CortiWebSocketProxyClient.stream.connect({
+ *     proxy: { url: "wss://my-proxy/stream" },
+ * });
  */
-import * as api from "../api/index.mjs";
-import { StreamSocket } from "./CustomStreamSocket.mjs";
-import { TranscribeSocket } from "./CustomTranscribeSocket.mjs";
-type ProxyOptions = {
-    url: string;
-    protocols?: string[];
-    queryParameters?: Record<string, string>;
-};
-/** Stream with proxy required */
-declare class ProxyStream {
-    private _stream;
-    constructor();
-    connect(args: {
-        proxy: ProxyOptions;
-        configuration?: api.StreamConfig;
-        headers?: Record<string, string>;
-        debug?: boolean;
-        reconnectAttempts?: number;
-    }): Promise<StreamSocket>;
-}
-/** Transcribe with proxy required */
-declare class ProxyTranscribe {
-    private _transcribe;
-    constructor();
-    connect(args: {
-        proxy: ProxyOptions;
-        configuration?: api.TranscribeConfig;
-        headers?: Record<string, string>;
-        debug?: boolean;
-        reconnectAttempts?: number;
-    }): Promise<TranscribeSocket>;
-}
 export declare class CortiWebSocketProxyClient {
-    private static _stream;
-    private static _transcribe;
-    static get stream(): ProxyStream;
-    static get transcribe(): ProxyTranscribe;
+    static readonly stream: CustomProxyStream;
+    static readonly transcribe: CustomProxyTranscribe;
 }
-export {};

package/dist/esm/custom/CortiWebSocketProxyClient.mjs

@@ -1,44 +1,15 @@
+import { CustomProxyStream } from "./proxy/CustomProxyStream.mjs";
+import { CustomProxyTranscribe } from "./proxy/CustomProxyTranscribe.mjs";
 /**
- * Lightweight proxy client with only WebSocket resources (stream and transcribe).
- * Use this when you need direct WebSocket connections through your own proxy backend.
+ * Lightweight WebSocket-only client for proxy scenarios.
+ * No environment, tenantName, or auth required — supply the proxy URL at connect() time.
  *
- * No environment or tenantName required - proxy is required in connect().
+ * @example
+ * const socket = await CortiWebSocketProxyClient.stream.connect({
+ *     proxy: { url: "wss://my-proxy/stream" },
+ * });
  */
-import * as environments from "../environments.mjs";
-import { Stream } from "./CustomStream.mjs";
-import { Transcribe } from "./CustomTranscribe.mjs";
-/** Stream with proxy required */
-class ProxyStream {
-    constructor() {
-        this._stream = new Stream({
-            environment: environments.CortiEnvironment.Eu,
-            tenantName: "",
-        });
-    }
-    connect(args) {
-        // id is not used in proxy mode, but required by the underlying type
-        return this._stream.connect(Object.assign(Object.assign({}, args), { id: "" }));
-    }
-}
-/** Transcribe with proxy required */
-class ProxyTranscribe {
-    constructor() {
-        this._transcribe = new Transcribe({
-            environment: environments.CortiEnvironment.Eu,
-            tenantName: "",
-        });
-    }
-    connect(args) {
-        return this._transcribe.connect(args);
-    }
-}
 export class CortiWebSocketProxyClient {
-    static get stream() {
-        var _a;
-        return ((_a = this._stream) !== null && _a !== void 0 ? _a : (this._stream = new ProxyStream()));
-    }
-    static get transcribe() {
-        var _a;
-        return ((_a = this._transcribe) !== null && _a !== void 0 ? _a : (this._transcribe = new ProxyTranscribe()));
-    }
 }
+CortiWebSocketProxyClient.stream = new CustomProxyStream();
+CortiWebSocketProxyClient.transcribe = new CustomProxyTranscribe();