npm - @corti/sdk - Versions diffs - 1.0.0-alpha → 1.0.0-alpha.1 - Mend

@corti/sdk 1.0.0-alpha → 1.0.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (399) hide show

package/dist/esm/custom/auth/OAuthAuthCodeAuthProvider.mjs ADDED Viewed

@@ -0,0 +1,127 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import * as core from "../../core/index.mjs";
+import * as errors from "../../errors/index.mjs";
+import { CortiAuth } from "./CortiAuth.mjs";
+import { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, CLIENT_SECRET_PARAM, CLIENT_SECRET_REQUIRED_ERROR_MESSAGE, CODE_PARAM, CODE_REQUIRED_ERROR_MESSAGE, getExpiresAt, REDIRECT_URI_PARAM, REDIRECT_URI_REQUIRED_ERROR_MESSAGE, } from "../utils/oauthAuthHelpers.mjs";
+export class OAuthAuthCodeAuthProvider {
+    constructor(options) {
+        this.options = options;
+        this.authClient = new CortiAuth(options);
+        this.expiresAt = new Date();
+    }
+    static canCreate(options) {
+        return ((options === null || options === void 0 ? void 0 : options[CLIENT_ID_PARAM]) != null &&
+            (options === null || options === void 0 ? void 0 : options[CLIENT_SECRET_PARAM]) != null &&
+            (options === null || options === void 0 ? void 0 : options[CODE_PARAM]) != null &&
+            (options === null || options === void 0 ? void 0 : options[REDIRECT_URI_PARAM]) != null);
+    }
+    clientIdSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CLIENT_ID_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: CLIENT_ID_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    clientSecretSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CLIENT_SECRET_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: CLIENT_SECRET_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    codeSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CODE_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: CODE_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    redirectUriSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[REDIRECT_URI_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: REDIRECT_URI_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    getAuthRequest() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const token = yield this.getToken({ endpointMetadata });
+            return {
+                headers: {
+                    Authorization: `Bearer ${token}`,
+                },
+            };
+        });
+    }
+    getToken() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
+            if (this.accessToken && this.expiresAt > new Date()) {
+                return this.accessToken;
+            }
+            if (this.refreshPromise != null) {
+                return this.refreshPromise;
+            }
+            return this.refresh({ endpointMetadata });
+        });
+    }
+    refresh() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
+            this.refreshPromise = (() => __awaiter(this, void 0, void 0, function* () {
+                try {
+                    const clientId = yield this.clientIdSupplier({ endpointMetadata });
+                    const clientSecret = yield this.clientSecretSupplier({ endpointMetadata });
+                    let tokenResponse;
+                    if (clientId &&
+                        this.storedRefreshToken &&
+                        this.refreshExpiresAt &&
+                        this.refreshExpiresAt > new Date()) {
+                        tokenResponse = yield this.authClient.refreshToken({
+                            clientId,
+                            refreshToken: this.storedRefreshToken,
+                            clientSecret,
+                        });
+                    }
+                    else {
+                        const code = yield this.codeSupplier({ endpointMetadata });
+                        const redirectUri = yield this.redirectUriSupplier({ endpointMetadata });
+                        tokenResponse = yield this.authClient.getCodeFlowToken({
+                            clientId,
+                            clientSecret,
+                            code,
+                            redirectUri,
+                        });
+                    }
+                    this.accessToken = tokenResponse.accessToken;
+                    this.expiresAt = getExpiresAt(tokenResponse.expiresIn, BUFFER_IN_MINUTES);
+                    if (tokenResponse.refreshToken) {
+                        this.storedRefreshToken = tokenResponse.refreshToken;
+                        this.refreshExpiresAt = tokenResponse.refreshExpiresIn
+                            ? getExpiresAt(tokenResponse.refreshExpiresIn, BUFFER_IN_MINUTES)
+                            : undefined;
+                    }
+                    return this.accessToken;
+                }
+                finally {
+                    this.refreshPromise = undefined;
+                }
+            }))();
+            return this.refreshPromise;
+        });
+    }
+}

package/dist/esm/custom/auth/OAuthPkceAuthProvider.d.mts ADDED Viewed

@@ -0,0 +1,23 @@
+import type { OAuthAuthProvider } from "../../auth/OAuthAuthProvider.mjs";
+import type { BaseClientOptions } from "../../BaseClient.mjs";
+import * as core from "../../core/index.mjs";
+export declare class OAuthPkceAuthProvider implements core.AuthProvider {
+    private readonly options;
+    private readonly authClient;
+    private accessToken;
+    private expiresAt;
+    private refreshPromise;
+    private storedRefreshToken;
+    private refreshExpiresAt;
+    constructor(options: BaseClientOptions & OAuthAuthProvider.PkceCredentials);
+    static canCreate(options?: Partial<OAuthAuthProvider.PkceCredentials & BaseClientOptions>): options is BaseClientOptions & OAuthAuthProvider.PkceCredentials;
+    private clientIdSupplier;
+    private codeSupplier;
+    private redirectUriSupplier;
+    private codeVerifierSupplier;
+    getAuthRequest({ endpointMetadata, }?: {
+        endpointMetadata?: core.EndpointMetadata;
+    }): Promise<core.AuthRequest>;
+    private getToken;
+    private refresh;
+}

package/dist/esm/custom/auth/OAuthPkceAuthProvider.mjs ADDED Viewed

@@ -0,0 +1,127 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import * as core from "../../core/index.mjs";
+import * as errors from "../../errors/index.mjs";
+import { CortiAuth } from "./CortiAuth.mjs";
+import { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, CLIENT_SECRET_PARAM, CODE_PARAM, CODE_REQUIRED_ERROR_MESSAGE, CODE_VERIFIER_PARAM, getExpiresAt, REDIRECT_URI_PARAM, REDIRECT_URI_REQUIRED_ERROR_MESSAGE, } from "../utils/oauthAuthHelpers.mjs";
+export class OAuthPkceAuthProvider {
+    constructor(options) {
+        this.options = options;
+        this.authClient = new CortiAuth(options);
+        this.expiresAt = new Date();
+    }
+    static canCreate(options) {
+        const opts = options;
+        return ((opts === null || opts === void 0 ? void 0 : opts[CLIENT_ID_PARAM]) != null &&
+            (opts === null || opts === void 0 ? void 0 : opts[CLIENT_SECRET_PARAM]) == null &&
+            (opts === null || opts === void 0 ? void 0 : opts[CODE_PARAM]) != null &&
+            (opts === null || opts === void 0 ? void 0 : opts[REDIRECT_URI_PARAM]) != null);
+    }
+    clientIdSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CLIENT_ID_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: CLIENT_ID_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    codeSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CODE_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: CODE_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    redirectUriSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[REDIRECT_URI_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: REDIRECT_URI_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    codeVerifierSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CODE_VERIFIER_PARAM];
+            if (supplier == null) {
+                return undefined;
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    getAuthRequest() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const token = yield this.getToken({ endpointMetadata });
+            return {
+                headers: {
+                    Authorization: `Bearer ${token}`,
+                },
+            };
+        });
+    }
+    getToken() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
+            if (this.accessToken && this.expiresAt > new Date()) {
+                return this.accessToken;
+            }
+            if (this.refreshPromise != null) {
+                return this.refreshPromise;
+            }
+            return this.refresh({ endpointMetadata });
+        });
+    }
+    refresh() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
+            this.refreshPromise = (() => __awaiter(this, void 0, void 0, function* () {
+                try {
+                    const clientId = yield this.clientIdSupplier({ endpointMetadata });
+                    let tokenResponse;
+                    if (clientId &&
+                        this.storedRefreshToken &&
+                        this.refreshExpiresAt &&
+                        this.refreshExpiresAt > new Date()) {
+                        tokenResponse = yield this.authClient.refreshToken({
+                            clientId,
+                            refreshToken: this.storedRefreshToken,
+                        });
+                    }
+                    else {
+                        const code = yield this.codeSupplier({ endpointMetadata });
+                        const redirectUri = yield this.redirectUriSupplier({ endpointMetadata });
+                        const codeVerifier = yield this.codeVerifierSupplier({ endpointMetadata });
+                        tokenResponse = yield this.authClient.getPkceFlowToken({
+                            clientId,
+                            code,
+                            redirectUri,
+                            codeVerifier,
+                        });
+                    }
+                    this.accessToken = tokenResponse.accessToken;
+                    this.expiresAt = getExpiresAt(tokenResponse.expiresIn, BUFFER_IN_MINUTES);
+                    if (tokenResponse.refreshToken) {
+                        this.storedRefreshToken = tokenResponse.refreshToken;
+                        this.refreshExpiresAt = tokenResponse.refreshExpiresIn
+                            ? getExpiresAt(tokenResponse.refreshExpiresIn, BUFFER_IN_MINUTES)
+                            : undefined;
+                    }
+                    return this.accessToken;
+                }
+                finally {
+                    this.refreshPromise = undefined;
+                }
+            }))();
+            return this.refreshPromise;
+        });
+    }
+}

package/dist/esm/custom/auth/OAuthRopcAuthProvider.d.mts ADDED Viewed

@@ -0,0 +1,22 @@
+import type { OAuthAuthProvider } from "../../auth/OAuthAuthProvider.mjs";
+import type { BaseClientOptions } from "../../BaseClient.mjs";
+import * as core from "../../core/index.mjs";
+export declare class OAuthRopcAuthProvider implements core.AuthProvider {
+    private readonly options;
+    private readonly authClient;
+    private accessToken;
+    private expiresAt;
+    private refreshPromise;
+    private storedRefreshToken;
+    private refreshExpiresAt;
+    constructor(options: BaseClientOptions & OAuthAuthProvider.RopcCredentials);
+    static canCreate(options?: Partial<OAuthAuthProvider.RopcCredentials & BaseClientOptions>): options is BaseClientOptions & OAuthAuthProvider.RopcCredentials;
+    private clientIdSupplier;
+    private usernameSupplier;
+    private passwordSupplier;
+    getAuthRequest({ endpointMetadata, }?: {
+        endpointMetadata?: core.EndpointMetadata;
+    }): Promise<core.AuthRequest>;
+    private getToken;
+    private refresh;
+}

package/dist/esm/custom/auth/OAuthRopcAuthProvider.mjs ADDED Viewed

@@ -0,0 +1,100 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import * as core from "../../core/index.mjs";
+import * as errors from "../../errors/index.mjs";
+import { CortiAuth } from "./CortiAuth.mjs";
+import { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, getExpiresAt, PASSWORD_PARAM, PASSWORD_REQUIRED_ERROR_MESSAGE, USERNAME_PARAM, USERNAME_REQUIRED_ERROR_MESSAGE, } from "../utils/oauthAuthHelpers.mjs";
+export class OAuthRopcAuthProvider {
+    constructor(options) {
+        this.options = options;
+        this.authClient = new CortiAuth(options);
+        this.expiresAt = new Date();
+    }
+    static canCreate(options) {
+        return ((options === null || options === void 0 ? void 0 : options[CLIENT_ID_PARAM]) != null && (options === null || options === void 0 ? void 0 : options[USERNAME_PARAM]) != null && (options === null || options === void 0 ? void 0 : options[PASSWORD_PARAM]) != null);
+    }
+    clientIdSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[CLIENT_ID_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: CLIENT_ID_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    usernameSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[USERNAME_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: USERNAME_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    passwordSupplier() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const supplier = this.options[PASSWORD_PARAM];
+            if (supplier == null) {
+                throw new errors.CortiError({ message: PASSWORD_REQUIRED_ERROR_MESSAGE });
+            }
+            return core.EndpointSupplier.get(supplier, { endpointMetadata });
+        });
+    }
+    getAuthRequest() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata, } = {}) {
+            const token = yield this.getToken({ endpointMetadata });
+            return {
+                headers: {
+                    Authorization: `Bearer ${token}`,
+                },
+            };
+        });
+    }
+    getToken() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
+            if (this.accessToken && this.expiresAt > new Date()) {
+                return this.accessToken;
+            }
+            if (this.refreshPromise != null) {
+                return this.refreshPromise;
+            }
+            return this.refresh({ endpointMetadata });
+        });
+    }
+    refresh() {
+        return __awaiter(this, arguments, void 0, function* ({ endpointMetadata } = {}) {
+            this.refreshPromise = (() => __awaiter(this, void 0, void 0, function* () {
+                try {
+                    const clientId = yield this.clientIdSupplier({ endpointMetadata });
+                    const tokenResponse = clientId && this.storedRefreshToken && this.refreshExpiresAt && this.refreshExpiresAt > new Date()
+                        ? yield this.authClient.refreshToken({ clientId, refreshToken: this.storedRefreshToken })
+                        : yield this.authClient.getRopcFlowToken({
+                            clientId,
+                            username: yield this.usernameSupplier({ endpointMetadata }),
+                            password: yield this.passwordSupplier({ endpointMetadata }),
+                        });
+                    this.accessToken = tokenResponse.accessToken;
+                    this.expiresAt = getExpiresAt(tokenResponse.expiresIn, BUFFER_IN_MINUTES);
+                    if (tokenResponse.refreshToken) {
+                        this.storedRefreshToken = tokenResponse.refreshToken;
+                        this.refreshExpiresAt = tokenResponse.refreshExpiresIn
+                            ? getExpiresAt(tokenResponse.refreshExpiresIn, BUFFER_IN_MINUTES)
+                            : undefined;
+                    }
+                    return this.accessToken;
+                }
+                finally {
+                    this.refreshPromise = undefined;
+                }
+            }))();
+            return this.refreshPromise;
+        });
+    }
+}

package/dist/esm/custom/fetcher.d.mts ADDED Viewed

@@ -0,0 +1,3 @@
+import { type FetchFunction } from "../core/fetcher/Fetcher.mjs";
+/** Patch: withCredentials - wrap fetcherImpl to inject global default when not passed per-request */
+export declare const fetcher: FetchFunction;

package/dist/esm/custom/fetcher.mjs ADDED Viewed

@@ -0,0 +1,4 @@
+import { fetcherImpl } from "../core/fetcher/Fetcher.mjs";
+import { getDefaultWithCredentials } from "./utils/withCredentialsConfig.mjs";
+/** Patch: withCredentials - wrap fetcherImpl to inject global default when not passed per-request */
+export const fetcher = (args) => { var _a; return fetcherImpl(Object.assign(Object.assign({}, args), { withCredentials: (_a = args.withCredentials) !== null && _a !== void 0 ? _a : getDefaultWithCredentials() })); };

package/dist/esm/custom/index.d.mts CHANGED Viewed

@@ -1 +1,11 @@
+export * as Corti from "../api/index.mjs";
+export type { BaseClientOptions, BaseRequestOptions } from "../BaseClient.mjs";
+export { CortiEnvironment, type CortiEnvironmentUrls } from "../environments.mjs";
+export { CortiError, CortiTimeoutError } from "../errors/index.mjs";
+export * from "../exports.mjs";
+export * as serialization from "../serialization/index.mjs";
 export { CortiAuth } from "./CortiAuth.mjs";
+export { CortiClient } from "./CortiClient.mjs";
+export { decodeToken } from "./utils/decodeToken.mjs";
+export { type CortiInternalEnvironment, type Environment, getEnvironment } from "./utils/environment.mjs";
+export { generateCodeChallenge, generateCodeVerifier } from "./utils/pkceHelpers.mjs";

package/dist/esm/custom/index.mjs CHANGED Viewed

@@ -1 +1,11 @@
+export * as Corti from "../api/index.mjs";
+export { CortiEnvironment } from "../environments.mjs";
+export { CortiError, CortiTimeoutError } from "../errors/index.mjs";
+export * from "../exports.mjs";
+export * as serialization from "../serialization/index.mjs";
+// Custom additions / replacements
 export { CortiAuth } from "./CortiAuth.mjs";
+export { CortiClient } from "./CortiClient.mjs";
+export { decodeToken } from "./utils/decodeToken.mjs";
+export { getEnvironment } from "./utils/environment.mjs";
+export { generateCodeChallenge, generateCodeVerifier } from "./utils/pkceHelpers.mjs";

package/dist/esm/custom/overrides/OAuthAuthProvider.d.mts ADDED Viewed

@@ -0,0 +1,99 @@
+import type * as Corti from "../../api/index.mjs";
+import type { BaseClientOptions } from "../../BaseClient.mjs";
+import * as core from "../../core/index.mjs";
+import { CLIENT_ID_PARAM, CLIENT_SECRET_PARAM, CODE_PARAM, CODE_VERIFIER_PARAM, PASSWORD_PARAM, REDIRECT_URI_PARAM, USERNAME_PARAM } from "../utils/oauthAuthHelpers.mjs";
+/** Patch: Re-export for consumers; implementation shared with OAuthRopcAuthProvider, OAuthAuthCodeAuthProvider and OAuthPkceAuthProvider. */
+export { BUFFER_IN_MINUTES, CLIENT_ID_PARAM, CLIENT_ID_REQUIRED_ERROR_MESSAGE, CLIENT_SECRET_PARAM, CLIENT_SECRET_REQUIRED_ERROR_MESSAGE, CODE_PARAM, CODE_VERIFIER_PARAM, getExpiresAt, PASSWORD_PARAM, PASSWORD_REQUIRED_ERROR_MESSAGE, REDIRECT_URI_PARAM, USERNAME_PARAM, USERNAME_REQUIRED_ERROR_MESSAGE, } from "../utils/oauthAuthHelpers.mjs";
+declare const TOKEN_PARAM: "token";
+export declare class OAuthAuthProvider implements core.AuthProvider {
+    private readonly options;
+    /**
+     * Patch: Use CortiAuth (real token endpoint) instead of AuthClient (fake-token).
+     */
+    private readonly authClient;
+    private accessToken;
+    private expiresAt;
+    private refreshPromise;
+    private storedRefreshToken;
+    private refreshExpiresAt;
+    constructor(options: OAuthAuthProvider.Options & OAuthAuthProvider.ClientCredentials);
+    static canCreate(options?: Partial<OAuthAuthProvider.ClientCredentials & BaseClientOptions>): boolean;
+    private clientIdSupplier;
+    private clientSecretSupplier;
+    getAuthRequest({ endpointMetadata, }?: {
+        endpointMetadata?: core.EndpointMetadata;
+    }): Promise<core.AuthRequest>;
+    private getToken;
+    private refresh;
+}
+export declare class OAuthTokenOverrideAuthProvider implements core.AuthProvider {
+    private readonly authClient;
+    private readonly _tokenSupplier;
+    private readonly _clientIdSupplier;
+    private readonly _refreshAccessToken;
+    private accessToken;
+    private expiresAt;
+    private storedRefreshToken;
+    private refreshExpiresAt;
+    private _seedPromise;
+    constructor(options: OAuthAuthProvider.TokenOverride & BaseClientOptions);
+    static canCreate(options?: Partial<OAuthAuthProvider.TokenOverride & BaseClientOptions>): options is OAuthAuthProvider.TokenOverride & BaseClientOptions;
+    getAuthRequest({ endpointMetadata, }?: {
+        endpointMetadata?: core.EndpointMetadata;
+    }): Promise<core.AuthRequest>;
+}
+export declare namespace OAuthAuthProvider {
+    const AUTH_SCHEME: "OAuth";
+    /** Patch: Message extended to mention ROPC (clientId, username, password). */
+    const AUTH_CONFIG_ERROR_MESSAGE: string;
+    type ClientCredentials = {
+        [CLIENT_ID_PARAM]: core.Supplier<string>;
+        [CLIENT_SECRET_PARAM]: core.Supplier<string>;
+    };
+    /**
+     * Patch: tokenType and expiresIn made optional — the provider only strictly needs accessToken.
+     * Mirrors AuthTokenResponse but relaxes the two required fields so custom refresh functions
+     * don't need to return fields the provider doesn't use.
+     */
+    type ExpectedTokenResponse = Omit<Corti.AuthTokenResponse, "tokenType" | "expiresIn"> & {
+        tokenType?: string;
+        expiresIn?: number;
+    };
+    /** Patch: Custom refresh function — sync or async, receives the last known refresh token. */
+    type RefreshAccessTokenFunction = (refreshToken?: string) => Promise<OAuthAuthProvider.ExpectedTokenResponse> | OAuthAuthProvider.ExpectedTokenResponse;
+    type TokenOverride = {
+        [TOKEN_PARAM]?: core.Supplier<string>;
+        /** Patch: Custom callback called to obtain/renew the access token. Takes priority over built-in clientId+refreshToken path. */
+        refreshAccessToken?: OAuthAuthProvider.RefreshAccessTokenFunction;
+        expiresIn?: number;
+        refreshToken?: string;
+        refreshExpiresIn?: number;
+        clientId?: core.Supplier<string>;
+        /** Patch: Pre-seeded token response from resolveClientOptions — avoids a second refreshAccessToken call on first API request. */
+        initialTokenResponse?: Promise<OAuthAuthProvider.ExpectedTokenResponse>;
+    };
+    /** Patch: ROPC grant credentials (clientId + username + password) */
+    type RopcCredentials = {
+        [CLIENT_ID_PARAM]: core.Supplier<string>;
+        [USERNAME_PARAM]: core.Supplier<string>;
+        [PASSWORD_PARAM]: core.Supplier<string>;
+    };
+    /** Patch: Authorization code credentials (clientId + clientSecret + code + redirectUri) */
+    type AuthCodeCredentials = {
+        [CLIENT_ID_PARAM]: core.Supplier<string>;
+        [CLIENT_SECRET_PARAM]: core.Supplier<string>;
+        [CODE_PARAM]: core.Supplier<string>;
+        [REDIRECT_URI_PARAM]: core.Supplier<string>;
+    };
+    /** Patch: PKCE credentials (clientId + code + redirectUri; no clientSecret) */
+    type PkceCredentials = {
+        [CLIENT_ID_PARAM]: core.Supplier<string>;
+        [CODE_PARAM]: core.Supplier<string>;
+        [REDIRECT_URI_PARAM]: core.Supplier<string>;
+        [CODE_VERIFIER_PARAM]?: core.Supplier<string>;
+    };
+    /** Patch: Include RopcCredentials, AuthCodeCredentials and PkceCredentials so CortiClient can use those auth flows. */
+    type AuthOptions = ClientCredentials | TokenOverride | RopcCredentials | AuthCodeCredentials | PkceCredentials;
+    type Options = BaseClientOptions & AuthOptions;
+    function createInstance(options: Options): core.AuthProvider;
+}