@corvushold/guard-sdk 0.13.3 → 0.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.cjs +78 -1
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +507 -1
  4. package/dist/index.d.ts +507 -1
  5. package/dist/index.js +78 -1
  6. package/dist/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -279,7 +279,7 @@ var HttpClient = class {
279
279
 
280
280
  // package.json
281
281
  var package_default = {
282
- version: "0.13.3"};
282
+ version: "0.14.0"};
283
283
 
284
284
  // src/client.ts
285
285
  function isTenantSelectionRequired(data) {
@@ -303,6 +303,7 @@ var GuardClient = class {
303
303
  const authHeaderInterceptor = async (input, init) => {
304
304
  const headers = new Headers(init.headers || {});
305
305
  if (mode === "bearer") {
306
+ headers.set("X-Auth-Mode", "bearer");
306
307
  const token = await Promise.resolve(this.storage.getAccessToken());
307
308
  if (token && !headers.has("authorization")) {
308
309
  headers.set("authorization", `Bearer ${token}`);
@@ -310,6 +311,9 @@ var GuardClient = class {
310
311
  } else if (mode === "cookie") {
311
312
  headers.set("X-Auth-Mode", "cookie");
312
313
  }
314
+ if (this.tenantId && !headers.has("X-Tenant-ID")) {
315
+ headers.set("X-Tenant-ID", String(this.tenantId));
316
+ }
313
317
  return [input, { ...init, headers }];
314
318
  };
315
319
  const defaultHeaders = { ...opts.defaultHeaders ?? {} };
@@ -554,6 +558,55 @@ var GuardClient = class {
554
558
  async unverifyUserEmail(id) {
555
559
  return this.request(`/api/v1/auth/admin/users/${encodeURIComponent(id)}/unverify-email`, { method: "POST" });
556
560
  }
561
+ // ==============================
562
+ // Invitations (Admin-only endpoints)
563
+ // ==============================
564
+ // Admin: List invitations for a tenant
565
+ async listInvitations(params = {}) {
566
+ const tenant = params.tenant_id ?? this.tenantId;
567
+ const qs = this.buildQuery({ tenant_id: tenant, status: params.status });
568
+ return this.request(`/api/v1/auth/admin/invitations${qs}`, { method: "GET" });
569
+ }
570
+ // Admin: Create invitation
571
+ async createInvitation(body) {
572
+ const tenant = body.tenant_id ?? this.tenantId;
573
+ const payload = { ...body, tenant_id: tenant };
574
+ return this.request("/api/v1/auth/admin/invitations", {
575
+ method: "POST",
576
+ body: JSON.stringify(payload)
577
+ });
578
+ }
579
+ // Admin: Revoke invitation
580
+ async revokeInvitation(id) {
581
+ return this.request(`/api/v1/auth/admin/invitations/${encodeURIComponent(id)}/revoke`, { method: "POST" });
582
+ }
583
+ // Admin: Delete invitation
584
+ async deleteInvitation(id) {
585
+ return this.request(`/api/v1/auth/admin/invitations/${encodeURIComponent(id)}`, { method: "DELETE" });
586
+ }
587
+ // Public: Get invitation by token (for accept flow)
588
+ async getInvitation(params) {
589
+ const qs = this.buildQuery({ token: params.token });
590
+ return this.request(`/api/v1/auth/invitations${qs}`, { method: "GET" });
591
+ }
592
+ // Public: Accept invitation
593
+ async acceptInvitation(body) {
594
+ const res = await this.request("/api/v1/auth/invitations/accept", {
595
+ method: "POST",
596
+ body: JSON.stringify(body)
597
+ });
598
+ if (res.meta.status === 200 || res.meta.status === 201) this.persistTokensFrom(res.data);
599
+ return res;
600
+ }
601
+ // Admin: Create user directly
602
+ async adminCreateUser(body) {
603
+ const tenant = body.tenant_id ?? this.tenantId;
604
+ const payload = { ...body, tenant_id: tenant };
605
+ return this.request("/api/v1/auth/admin/users", {
606
+ method: "POST",
607
+ body: JSON.stringify(payload)
608
+ });
609
+ }
557
610
  // Sessions: List sessions. When includeAll=false, filter to active (non-revoked, not expired) client-side to match example app UX.
558
611
  async listSessions(options = {}) {
559
612
  const res = await this.request("/api/v1/auth/sessions", { method: "GET", cache: "no-store" });
@@ -971,6 +1024,30 @@ var GuardClient = class {
971
1024
  return this.request(`/api/v1/auth/admin/fga/acl/tuples`, { method: "DELETE", body: JSON.stringify(payload) });
972
1025
  }
973
1026
  // ==============================
1027
+ // OAuth Client Management (Admin)
1028
+ // ==============================
1029
+ async listOAuthClients() {
1030
+ return this.request("/api/v1/auth/admin/oauth-clients", { method: "GET" });
1031
+ }
1032
+ async createOAuthClient(body) {
1033
+ return this.request("/api/v1/auth/admin/oauth-clients", {
1034
+ method: "POST",
1035
+ body: JSON.stringify(body)
1036
+ });
1037
+ }
1038
+ async getOAuthClient(id) {
1039
+ return this.request(`/api/v1/auth/admin/oauth-clients/${encodeURIComponent(id)}`, { method: "GET" });
1040
+ }
1041
+ async updateOAuthClient(id, body) {
1042
+ return this.request(`/api/v1/auth/admin/oauth-clients/${encodeURIComponent(id)}`, {
1043
+ method: "PATCH",
1044
+ body: JSON.stringify(body)
1045
+ });
1046
+ }
1047
+ async deleteOAuthClient(id) {
1048
+ return this.request(`/api/v1/auth/admin/oauth-clients/${encodeURIComponent(id)}`, { method: "DELETE" });
1049
+ }
1050
+ // ==============================
974
1051
  // OAuth2 Discovery (RFC 8414)
975
1052
  // ==============================
976
1053
  /**