@credal/sdk 0.1.10 → 0.1.12

package/dist/esm/core/fetcher/Fetcher.mjs

@@ -8,21 +8,153 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 import { toJson } from "../json.mjs";
+import { createLogger } from "../logging/logger.mjs";
 import { createRequestUrl } from "./createRequestUrl.mjs";
 import { EndpointSupplier } from "./EndpointSupplier.mjs";
 import { getErrorResponseBody } from "./getErrorResponseBody.mjs";
 import { getFetchFn } from "./getFetchFn.mjs";
 import { getRequestBody } from "./getRequestBody.mjs";
 import { getResponseBody } from "./getResponseBody.mjs";
+import { Headers } from "./Headers.mjs";
 import { makeRequest } from "./makeRequest.mjs";
 import { abortRawResponse, toRawResponse, unknownRawResponse } from "./RawResponse.mjs";
 import { requestWithRetries } from "./requestWithRetries.mjs";
+const SENSITIVE_HEADERS = new Set([
+    "authorization",
+    "www-authenticate",
+    "x-api-key",
+    "api-key",
+    "apikey",
+    "x-api-token",
+    "x-auth-token",
+    "auth-token",
+    "cookie",
+    "set-cookie",
+    "proxy-authorization",
+    "proxy-authenticate",
+    "x-csrf-token",
+    "x-xsrf-token",
+    "x-session-token",
+    "x-access-token",
+]);
+function redactHeaders(headers) {
+    const filtered = {};
+    for (const [key, value] of headers instanceof Headers ? headers.entries() : Object.entries(headers)) {
+        if (SENSITIVE_HEADERS.has(key.toLowerCase())) {
+            filtered[key] = "[REDACTED]";
+        }
+        else {
+            filtered[key] = value;
+        }
+    }
+    return filtered;
+}
+const SENSITIVE_QUERY_PARAMS = new Set([
+    "api_key",
+    "api-key",
+    "apikey",
+    "token",
+    "access_token",
+    "access-token",
+    "auth_token",
+    "auth-token",
+    "password",
+    "passwd",
+    "secret",
+    "api_secret",
+    "api-secret",
+    "apisecret",
+    "key",
+    "session",
+    "session_id",
+    "session-id",
+]);
+function redactQueryParameters(queryParameters) {
+    if (queryParameters == null) {
+        return queryParameters;
+    }
+    const redacted = {};
+    for (const [key, value] of Object.entries(queryParameters)) {
+        if (SENSITIVE_QUERY_PARAMS.has(key.toLowerCase())) {
+            redacted[key] = "[REDACTED]";
+        }
+        else {
+            redacted[key] = value;
+        }
+    }
+    return redacted;
+}
+function redactUrl(url) {
+    const protocolIndex = url.indexOf("://");
+    if (protocolIndex === -1)
+        return url;
+    const afterProtocol = protocolIndex + 3;
+    // Find the first delimiter that marks the end of the authority section
+    const pathStart = url.indexOf("/", afterProtocol);
+    let queryStart = url.indexOf("?", afterProtocol);
+    let fragmentStart = url.indexOf("#", afterProtocol);
+    const firstDelimiter = Math.min(pathStart === -1 ? url.length : pathStart, queryStart === -1 ? url.length : queryStart, fragmentStart === -1 ? url.length : fragmentStart);
+    // Find the LAST @ before the delimiter (handles multiple @ in credentials)
+    let atIndex = -1;
+    for (let i = afterProtocol; i < firstDelimiter; i++) {
+        if (url[i] === "@") {
+            atIndex = i;
+        }
+    }
+    if (atIndex !== -1) {
+        url = `${url.slice(0, afterProtocol)}[REDACTED]@${url.slice(atIndex + 1)}`;
+    }
+    // Recalculate queryStart since url might have changed
+    queryStart = url.indexOf("?");
+    if (queryStart === -1)
+        return url;
+    fragmentStart = url.indexOf("#", queryStart);
+    const queryEnd = fragmentStart !== -1 ? fragmentStart : url.length;
+    const queryString = url.slice(queryStart + 1, queryEnd);
+    if (queryString.length === 0)
+        return url;
+    // FAST PATH: Quick check if any sensitive keywords present
+    // Using indexOf is faster than regex for simple substring matching
+    const lower = queryString.toLowerCase();
+    const hasSensitive = lower.includes("token") ||
+        lower.includes("key") ||
+        lower.includes("password") ||
+        lower.includes("passwd") ||
+        lower.includes("secret") ||
+        lower.includes("session") ||
+        lower.includes("auth");
+    if (!hasSensitive) {
+        return url;
+    }
+    // SLOW PATH: Parse and redact
+    const redactedParams = [];
+    const params = queryString.split("&");
+    for (const param of params) {
+        const equalIndex = param.indexOf("=");
+        if (equalIndex === -1) {
+            redactedParams.push(param);
+            continue;
+        }
+        const key = param.slice(0, equalIndex);
+        let shouldRedact = SENSITIVE_QUERY_PARAMS.has(key.toLowerCase());
+        if (!shouldRedact && key.includes("%")) {
+            try {
+                const decodedKey = decodeURIComponent(key);
+                shouldRedact = SENSITIVE_QUERY_PARAMS.has(decodedKey.toLowerCase());
+            }
+            catch (_a) { }
+        }
+        redactedParams.push(shouldRedact ? `${key}=[REDACTED]` : param);
+    }
+    return url.slice(0, queryStart + 1) + redactedParams.join("&") + url.slice(queryEnd);
+}
 function getHeaders(args) {
     return __awaiter(this, void 0, void 0, function* () {
         var _a;
-        const newHeaders = {};
+        const newHeaders = new Headers();
+        newHeaders.set("Accept", args.responseType === "json" ? "application/json" : args.responseType === "text" ? "text/plain" : "*/*");
         if (args.body !== undefined && args.contentType != null) {
-            newHeaders["Content-Type"] = args.contentType;
+            newHeaders.set("Content-Type", args.contentType);
         }
         if (args.headers == null) {
             return newHeaders;
@@ -30,31 +162,52 @@ function getHeaders(args) {
         for (const [key, value] of Object.entries(args.headers)) {
             const result = yield EndpointSupplier.get(value, { endpointMetadata: (_a = args.endpointMetadata) !== null && _a !== void 0 ? _a : {} });
             if (typeof result === "string") {
-                newHeaders[key] = result;
+                newHeaders.set(key, result);
                 continue;
             }
             if (result == null) {
                 continue;
             }
-            newHeaders[key] = `${result}`;
+            newHeaders.set(key, `${result}`);
         }
         return newHeaders;
     });
 }
 export function fetcherImpl(args) {
     return __awaiter(this, void 0, void 0, function* () {
-        var _a;
+        var _a, _b, _c;
         const url = createRequestUrl(args.url, args.queryParameters);
         const requestBody = yield getRequestBody({
             body: args.body,
-            type: args.requestType === "json" ? "json" : "other",
+            type: (_a = args.requestType) !== null && _a !== void 0 ? _a : "other",
         });
-        const fetchFn = yield getFetchFn();
+        const fetchFn = (_b = args.fetchFn) !== null && _b !== void 0 ? _b : (yield getFetchFn());
+        const headers = yield getHeaders(args);
+        const logger = createLogger(args.logging);
+        if (logger.isDebug()) {
+            const metadata = {
+                method: args.method,
+                url: redactUrl(url),
+                headers: redactHeaders(headers),
+                queryParameters: redactQueryParameters(args.queryParameters),
+                hasBody: requestBody != null,
+            };
+            logger.debug("Making HTTP request", metadata);
+        }
         try {
             const response = yield requestWithRetries(() => __awaiter(this, void 0, void 0, function* () {
-                return makeRequest(fetchFn, url, args.method, yield getHeaders(args), requestBody, args.timeoutMs, args.abortSignal, args.withCredentials, args.duplex);
+                return makeRequest(fetchFn, url, args.method, headers, requestBody, args.timeoutMs, args.abortSignal, args.withCredentials, args.duplex);
             }), args.maxRetries);
             if (response.status >= 200 && response.status < 400) {
+                if (logger.isDebug()) {
+                    const metadata = {
+                        method: args.method,
+                        url: redactUrl(url),
+                        statusCode: response.status,
+                        responseHeaders: redactHeaders(response.headers),
+                    };
+                    logger.debug("HTTP request succeeded", metadata);
+                }
                 return {
                     ok: true,
                     body: (yield getResponseBody(response, args.responseType)),
@@ -63,6 +216,15 @@ export function fetcherImpl(args) {
                 };
             }
             else {
+                if (logger.isError()) {
+                    const metadata = {
+                        method: args.method,
+                        url: redactUrl(url),
+                        statusCode: response.status,
+                        responseHeaders: redactHeaders(Object.fromEntries(response.headers.entries())),
+                    };
+                    logger.error("HTTP request failed with error status", metadata);
+                }
                 return {
                     ok: false,
                     error: {
@@ -75,7 +237,14 @@ export function fetcherImpl(args) {
             }
         }
         catch (error) {
-            if ((_a = args.abortSignal) === null || _a === void 0 ? void 0 : _a.aborted) {
+            if ((_c = args.abortSignal) === null || _c === void 0 ? void 0 : _c.aborted) {
+                if (logger.isError()) {
+                    const metadata = {
+                        method: args.method,
+                        url: redactUrl(url),
+                    };
+                    logger.error("HTTP request was aborted", metadata);
+                }
                 return {
                     ok: false,
                     error: {
@@ -86,6 +255,14 @@ export function fetcherImpl(args) {
                 };
             }
             else if (error instanceof Error && error.name === "AbortError") {
+                if (logger.isError()) {
+                    const metadata = {
+                        method: args.method,
+                        url: redactUrl(url),
+                        timeoutMs: args.timeoutMs,
+                    };
+                    logger.error("HTTP request timed out", metadata);
+                }
                 return {
                     ok: false,
                     error: {
@@ -95,6 +272,14 @@ export function fetcherImpl(args) {
                 };
             }
             else if (error instanceof Error) {
+                if (logger.isError()) {
+                    const metadata = {
+                        method: args.method,
+                        url: redactUrl(url),
+                        errorMessage: error.message,
+                    };
+                    logger.error("HTTP request failed with error", metadata);
+                }
                 return {
                     ok: false,
                     error: {
@@ -104,6 +289,14 @@ export function fetcherImpl(args) {
                     rawResponse: unknownRawResponse,
                 };
             }
+            if (logger.isError()) {
+                const metadata = {
+                    method: args.method,
+                    url: redactUrl(url),
+                    error: toJson(error),
+                };
+                logger.error("HTTP request failed with unknown error", metadata);
+            }
             return {
                 ok: false,
                 error: {

package/dist/esm/core/fetcher/getRequestBody.d.mts

@@ -1,7 +1,7 @@
 export declare namespace GetRequestBody {
     interface Args {
         body: unknown;
-        type: "json" | "file" | "bytes" | "other";
+        type: "json" | "file" | "bytes" | "form" | "other";
     }
 }
 export declare function getRequestBody({ body, type }: GetRequestBody.Args): Promise<BodyInit | undefined>;

package/dist/esm/core/fetcher/getRequestBody.mjs

@@ -8,8 +8,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 import { toJson } from "../json.mjs";
+import { toQueryString } from "../url/qs.mjs";
 export function getRequestBody(_a) {
     return __awaiter(this, arguments, void 0, function* ({ body, type }) {
+        if (type === "form") {
+            return toQueryString(body, { arrayFormat: "repeat", encode: true });
+        }
         if (type.includes("json")) {
             return toJson(body);
         }

package/dist/esm/core/fetcher/makeRequest.d.mts

@@ -1 +1 @@
-export declare const makeRequest: (fetchFn: (url: string, init: RequestInit) => Promise<Response>, url: string, method: string, headers: Record<string, string>, requestBody: BodyInit | undefined, timeoutMs?: number, abortSignal?: AbortSignal, withCredentials?: boolean, duplex?: "half") => Promise<Response>;
+export declare const makeRequest: (fetchFn: (url: string, init: RequestInit) => Promise<Response>, url: string, method: string, headers: Headers | Record<string, string>, requestBody: BodyInit | undefined, timeoutMs?: number, abortSignal?: AbortSignal, withCredentials?: boolean, duplex?: "half") => Promise<Response>;

package/dist/esm/core/fetcher/makeRequest.mjs

@@ -10,14 +10,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 import { anySignal, getTimeoutSignal } from "./signals.mjs";
 export const makeRequest = (fetchFn, url, method, headers, requestBody, timeoutMs, abortSignal, withCredentials, duplex) => __awaiter(void 0, void 0, void 0, function* () {
     const signals = [];
-    // Add timeout signal
     let timeoutAbortId;
     if (timeoutMs != null) {
         const { signal, abortId } = getTimeoutSignal(timeoutMs);
         timeoutAbortId = abortId;
         signals.push(signal);
     }
-    // Add arbitrary signal
     if (abortSignal != null) {
         signals.push(abortSignal);
     }

package/dist/esm/core/fetcher/requestWithRetries.mjs

@@ -12,25 +12,20 @@ const MAX_RETRY_DELAY = 60000; // in milliseconds
 const DEFAULT_MAX_RETRIES = 2;
 const JITTER_FACTOR = 0.2; // 20% random jitter
 function addPositiveJitter(delay) {
-    // Generate a random value between 0 and +JITTER_FACTOR
     const jitterMultiplier = 1 + Math.random() * JITTER_FACTOR;
     return delay * jitterMultiplier;
 }
 function addSymmetricJitter(delay) {
-    // Generate a random value in a JITTER_FACTOR-sized percentage range around delay
     const jitterMultiplier = 1 + (Math.random() - 0.5) * JITTER_FACTOR;
     return delay * jitterMultiplier;
 }
 function getRetryDelayFromHeaders(response, retryAttempt) {
-    // Check for Retry-After header first (RFC 7231), with no jitter
     const retryAfter = response.headers.get("Retry-After");
     if (retryAfter) {
-        // Parse as number of seconds...
         const retryAfterSeconds = parseInt(retryAfter, 10);
         if (!Number.isNaN(retryAfterSeconds) && retryAfterSeconds > 0) {
             return Math.min(retryAfterSeconds * 1000, MAX_RETRY_DELAY);
         }
-        // ...or as an HTTP date; both are valid
         const retryAfterDate = new Date(retryAfter);
         if (!Number.isNaN(retryAfterDate.getTime())) {
             const delay = retryAfterDate.getTime() - Date.now();
@@ -39,19 +34,16 @@ function getRetryDelayFromHeaders(response, retryAttempt) {
             }
         }
     }
-    // Then check for industry-standard X-RateLimit-Reset header, with positive jitter
     const rateLimitReset = response.headers.get("X-RateLimit-Reset");
     if (rateLimitReset) {
         const resetTime = parseInt(rateLimitReset, 10);
         if (!Number.isNaN(resetTime)) {
-            // Assume Unix timestamp in epoch seconds
             const delay = resetTime * 1000 - Date.now();
             if (delay > 0) {
                 return addPositiveJitter(Math.min(delay, MAX_RETRY_DELAY));
             }
         }
     }
-    // Fall back to exponential backoff, with symmetric jitter
     return addSymmetricJitter(Math.min(INITIAL_RETRY_DELAY * Math.pow(2, retryAttempt), MAX_RETRY_DELAY));
 }
 export function requestWithRetries(requestFn_1) {
@@ -59,7 +51,6 @@ export function requestWithRetries(requestFn_1) {
         let response = yield requestFn();
         for (let i = 0; i < maxRetries; ++i) {
             if ([408, 429].includes(response.status) || response.status >= 500) {
-                // Get delay with appropriate jitter applied
                 const delay = getRetryDelayFromHeaders(response, i);
                 yield new Promise((resolve) => setTimeout(resolve, delay));
                 response = yield requestFn();

package/dist/esm/core/fetcher/signals.d.mts

@@ -2,10 +2,4 @@ export declare function getTimeoutSignal(timeoutMs: number): {
     signal: AbortSignal;
     abortId: NodeJS.Timeout;
 };
-/**
- * Returns an abort signal that is getting aborted when
- * at least one of the specified abort signals is aborted.
- *
- * Requires at least node.js 18.
- */
 export declare function anySignal(...args: AbortSignal[] | [AbortSignal[]]): AbortSignal;

package/dist/esm/core/fetcher/signals.mjs

@@ -4,26 +4,14 @@ export function getTimeoutSignal(timeoutMs) {
     const abortId = setTimeout(() => controller.abort(TIMEOUT), timeoutMs);
     return { signal: controller.signal, abortId };
 }
-/**
- * Returns an abort signal that is getting aborted when
- * at least one of the specified abort signals is aborted.
- *
- * Requires at least node.js 18.
- */
 export function anySignal(...args) {
-    // Allowing signals to be passed either as array
-    // of signals or as multiple arguments.
     const signals = (args.length === 1 && Array.isArray(args[0]) ? args[0] : args);
     const controller = new AbortController();
     for (const signal of signals) {
         if (signal.aborted) {
-            // Exiting early if one of the signals
-            // is already aborted.
             controller.abort(signal === null || signal === void 0 ? void 0 : signal.reason);
             break;
         }
-        // Listening for signals and removing the listeners
-        // when at least one symbol is aborted.
         signal.addEventListener("abort", () => controller.abort(signal === null || signal === void 0 ? void 0 : signal.reason), {
             signal: controller.signal,
         });

package/dist/esm/core/headers.mjs

@@ -3,11 +3,12 @@ export function mergeHeaders(...headersArray) {
     for (const [key, value] of headersArray
         .filter((headers) => headers != null)
         .flatMap((headers) => Object.entries(headers))) {
+        const insensitiveKey = key.toLowerCase();
         if (value != null) {
-            result[key] = value;
+            result[insensitiveKey] = value;
         }
-        else if (key in result) {
-            delete result[key];
+        else if (insensitiveKey in result) {
+            delete result[insensitiveKey];
         }
     }
     return result;
@@ -17,8 +18,9 @@ export function mergeOnlyDefinedHeaders(...headersArray) {
     for (const [key, value] of headersArray
         .filter((headers) => headers != null)
         .flatMap((headers) => Object.entries(headers))) {
+        const insensitiveKey = key.toLowerCase();
         if (value != null) {
-            result[key] = value;
+            result[insensitiveKey] = value;
         }
     }
     return result;

package/dist/esm/core/index.d.mts

@@ -3,6 +3,7 @@ export * from "./base64.mjs";
 export * from "./fetcher/index.mjs";
 export * as file from "./file/index.mjs";
 export * from "./form-data-utils/index.mjs";
+export * as logging from "./logging/index.mjs";
 export * from "./runtime/index.mjs";
 export * from "./stream/index.mjs";
 export * as url from "./url/index.mjs";

package/dist/esm/core/index.mjs

@@ -3,6 +3,7 @@ export * from "./base64.mjs";
 export * from "./fetcher/index.mjs";
 export * as file from "./file/index.mjs";
 export * from "./form-data-utils/index.mjs";
+export * as logging from "./logging/index.mjs";
 export * from "./runtime/index.mjs";
 export * from "./stream/index.mjs";
 export * as url from "./url/index.mjs";

package/dist/esm/core/logging/exports.d.mts

@@ -0,0 +1,18 @@
+import * as logger from "./logger.mjs";
+export declare namespace logging {
+    /**
+     * Configuration for logger instances.
+     */
+    type LogConfig = logger.LogConfig;
+    type LogLevel = logger.LogLevel;
+    const LogLevel: typeof logger.LogLevel;
+    type ILogger = logger.ILogger;
+    /**
+     * Console logger implementation that outputs to the console.
+     */
+    type ConsoleLogger = logger.ConsoleLogger;
+    /**
+     * Console logger implementation that outputs to the console.
+     */
+    const ConsoleLogger: typeof logger.ConsoleLogger;
+}

package/dist/esm/core/logging/exports.mjs

@@ -0,0 +1,9 @@
+import * as logger from "./logger.mjs";
+export var logging;
+(function (logging) {
+    logging.LogLevel = logger.LogLevel;
+    /**
+     * Console logger implementation that outputs to the console.
+     */
+    logging.ConsoleLogger = logger.ConsoleLogger;
+})(logging || (logging = {}));

package/dist/esm/core/logging/index.d.mts

@@ -0,0 +1 @@
+export * from "./logger.mjs";

package/dist/esm/core/logging/index.mjs

@@ -0,0 +1 @@
+export * from "./logger.mjs";

package/dist/esm/core/logging/logger.d.mts

@@ -0,0 +1,126 @@
+export declare const LogLevel: {
+    readonly Debug: "debug";
+    readonly Info: "info";
+    readonly Warn: "warn";
+    readonly Error: "error";
+};
+export type LogLevel = (typeof LogLevel)[keyof typeof LogLevel];
+export interface ILogger {
+    /**
+     * Logs a debug message.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    debug(message: string, ...args: unknown[]): void;
+    /**
+     * Logs an info message.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    info(message: string, ...args: unknown[]): void;
+    /**
+     * Logs a warning message.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    warn(message: string, ...args: unknown[]): void;
+    /**
+     * Logs an error message.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    error(message: string, ...args: unknown[]): void;
+}
+/**
+ * Configuration for logger initialization.
+ */
+export interface LogConfig {
+    /**
+     * Minimum log level to output.
+     * @default LogLevel.Info
+     */
+    level?: LogLevel;
+    /**
+     * Logger implementation to use.
+     * @default new ConsoleLogger()
+     */
+    logger?: ILogger;
+    /**
+     * Whether logging should be silenced.
+     * @default true
+     */
+    silent?: boolean;
+}
+/**
+ * Default console-based logger implementation.
+ */
+export declare class ConsoleLogger implements ILogger {
+    debug(message: string, ...args: unknown[]): void;
+    info(message: string, ...args: unknown[]): void;
+    warn(message: string, ...args: unknown[]): void;
+    error(message: string, ...args: unknown[]): void;
+}
+/**
+ * Logger class that provides level-based logging functionality.
+ */
+export declare class Logger {
+    private readonly level;
+    private readonly logger;
+    private readonly silent;
+    /**
+     * Creates a new logger instance.
+     * @param config - Logger configuration
+     */
+    constructor(config: Required<LogConfig>);
+    /**
+     * Checks if a log level should be output based on configuration.
+     * @param level - The log level to check
+     * @returns True if the level should be logged
+     */
+    shouldLog(level: LogLevel): boolean;
+    /**
+     * Checks if debug logging is enabled.
+     * @returns True if debug logs should be output
+     */
+    isDebug(): boolean;
+    /**
+     * Logs a debug message if debug logging is enabled.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    debug(message: string, ...args: unknown[]): void;
+    /**
+     * Checks if info logging is enabled.
+     * @returns True if info logs should be output
+     */
+    isInfo(): boolean;
+    /**
+     * Logs an info message if info logging is enabled.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    info(message: string, ...args: unknown[]): void;
+    /**
+     * Checks if warning logging is enabled.
+     * @returns True if warning logs should be output
+     */
+    isWarn(): boolean;
+    /**
+     * Logs a warning message if warning logging is enabled.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    warn(message: string, ...args: unknown[]): void;
+    /**
+     * Checks if error logging is enabled.
+     * @returns True if error logs should be output
+     */
+    isError(): boolean;
+    /**
+     * Logs an error message if error logging is enabled.
+     * @param message - The message to log
+     * @param args - Additional arguments to log
+     */
+    error(message: string, ...args: unknown[]): void;
+}
+export declare function createLogger(config?: LogConfig | Logger): Logger;