npm - @crosspost/sdk - Versions diffs - 0.1.3 → 0.1.5 - Mend

@crosspost/sdk 0.1.3 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/LICENSE +21 -0
package/README.md +85 -93
package/dist/index.cjs +82 -169
package/dist/index.d.cts +18 -43
package/dist/index.d.ts +18 -43
package/dist/index.js +78 -150
package/package.json +2 -4
package/src/core/client.ts +3 -5
package/src/core/request.ts +1 -11
package/src/index.ts +3 -12
package/src/utils/error.ts +300 -0
package/src/utils/cookie.ts +0 -91
package/src/utils/error-utils.ts +0 -310

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2025 Open Crosspost
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md CHANGED Viewed

@@ -13,34 +13,22 @@ bun install @crosspost/sdk
 ```typescript
 import { ApiError, CrosspostClient, isAuthError, PlatformError } from '@crosspost/sdk';
-// Initialize the client with direct authentication
+// Initialize the client (authentication can be provided later)
 const client = new CrosspostClient({
   baseUrl: 'https://your-crosspost-api.com', // Optional: Defaults to official API
-  nearAuthData: {
-    accountId: 'your-account.near',
-    publicKey: 'ed25519:...',
-    signature: '...',
-    message: '...',
-  },
-});
-// Or initialize with cookie-based authentication (will auto-load from cookie if available)
-const cookieClient = new CrosspostClient({
-  baseUrl: 'https://your-crosspost-api.com',
-  // No nearAuthData provided - will check for cookie
 });
-// Set authentication explicitly (also stores in secure cookie)
-await cookieClient.setAuthentication({
+// Set authentication with fresh signature for the request
+client.setAuthentication({
   accountId: 'your-account.near',
   publicKey: 'ed25519:...',
   signature: '...',
   message: '...',
 });
-// Check if client is authenticated
-if (cookieClient.isAuthenticated()) {
-  console.log('Client is authenticated');
+// Check if client has authentication data set
+if (client.isAuthenticated()) {
+  console.log('Client has authentication data');
 }
 // NEAR Account Authorization
@@ -110,6 +98,7 @@ async function revokePlatformAuth(platform) {
 async function createPost() {
   try {
     const response = await client.post.createPost({
+      targets: [{ platform: 'twitter', userId: 'your-twitter-id' }],
       content: {
         text: 'Hello from Crosspost SDK!',
       },
@@ -178,13 +167,21 @@ constructor(config?: {
 ### Post API (client.post)
-- `createPost(request): Promise<CreatePostResponse>` - Creates a new post
-- `repost(request): Promise<RepostResponse>` - Reposts an existing post
-- `quotePost(request): Promise<QuotePostResponse>` - Quotes an existing post
-- `replyToPost(request): Promise<ReplyToPostResponse>` - Replies to a post
-- `likePost(request): Promise<LikePostResponse>` - Likes a post
-- `unlikePost(request): Promise<UnlikePostResponse>` - Unlikes a post
-- `deletePost(request): Promise<DeletePostResponse>` - Deletes a post
+Each post operation accepts a request object that includes:
+- `targets`: Array of `{ platform: string, userId: string }` specifying where to perform the action
+- Additional parameters specific to each operation
+Available methods:
+- `createPost(request: CreatePostRequest): Promise<CreatePostResponse>` - Creates posts on specified
+  platforms
+- `repost(request: RepostRequest): Promise<RepostResponse>` - Reposts an existing post
+- `quotePost(request: QuotePostRequest): Promise<QuotePostResponse>` - Quotes an existing post
+- `replyToPost(request: ReplyToPostRequest): Promise<ReplyToPostResponse>` - Replies to a post
+- `likePost(request: LikePostRequest): Promise<LikePostResponse>` - Likes a post
+- `unlikePost(request: UnlikePostRequest): Promise<UnlikePostResponse>` - Unlikes a post
+- `deletePost(request: DeletePostRequest): Promise<DeletePostResponse>` - Deletes posts
 ### Activity API (client.activity)
@@ -249,51 +246,81 @@ const result = await apiWrapper(
 ### Creating a Post
 ```typescript
-// Create a simple text post
+// Create a text post on Twitter
 const textPostResponse = await client.post.createPost({
-  content: {
+  targets: [{
+    platform: 'twitter',
+    userId: 'your-twitter-id',
+  }],
+  content: [{
     text: 'Hello from Crosspost SDK!',
-  },
+  }],
 });
-// Create a post with media
+// Create a post with media on multiple platforms
 const mediaPostResponse = await client.post.createPost({
-  content: {
+  targets: [
+    { platform: 'twitter', userId: 'your-twitter-id' },
+    { platform: 'facebook', userId: 'your-facebook-id' },
+  ],
+  content: [{
     text: 'Check out this image!',
-    media: [
-      {
-        type: 'image',
-        url: 'https://example.com/image.jpg',
-      },
-    ],
-  },
+    media: [{
+      data: imageBlob,
+      mimeType: 'image/jpeg',
+      altText: 'A beautiful sunset',
+    }],
+  }],
 });
 ```
 ### Post Interactions
 ```typescript
-// Like a post
+// Like a post on Twitter
 await client.post.likePost({
+  targets: [{
+    platform: 'twitter',
+    userId: 'your-twitter-id',
+  }],
+  platform: 'twitter',
   postId: '1234567890',
 });
-// Repost
+// Repost on multiple platforms
 await client.post.repost({
+  targets: [
+    { platform: 'twitter', userId: 'your-twitter-id' },
+    { platform: 'facebook', userId: 'your-facebook-id' },
+  ],
+  platform: 'twitter',
   postId: '1234567890',
 });
 // Reply to a post
 await client.post.replyToPost({
+  targets: [{
+    platform: 'twitter',
+    userId: 'your-twitter-id',
+  }],
+  platform: 'twitter',
   postId: '1234567890',
-  content: {
+  content: [{
     text: 'This is a reply!',
-  },
+  }],
 });
-// Delete a post
+// Delete posts
 await client.post.deletePost({
-  postId: '1234567890',
+  targets: [{
+    platform: 'twitter',
+    userId: 'your-twitter-id',
+  }],
+  posts: [{
+    platform: 'twitter',
+    userId: 'your-twitter-id',
+    postId: '1234567890',
+  }],
 });
 ```
@@ -330,56 +357,21 @@ const postRateLimit = await client.system.getEndpointRateLimit('post');
 ## Authentication and Security
-### Authentication Strategies
-The SDK supports two authentication strategies:
-1. **Direct Authentication**: Provide `nearAuthData` directly in the constructor.
-   ```typescript
-   const client = new CrosspostClient({
-     nearAuthData: {
-       accountId: 'your-account.near',
-       publicKey: 'ed25519:...',
-       signature: '...',
-       message: '...',
-     },
-   });
-   ```
-2. **Cookie-Based Authentication**: Automatically read/write authentication data from a secure
-   cookie.
-   ```typescript
-   // Initialize without auth data (will check for cookie)
-   const client = new CrosspostClient();
-   // Set authentication (also stores in cookie)
-   client.setAuthentication(nearAuthData);
-   ```
+### Authentication Strategy
-### Cookie Security
+The SDK uses direct authentication with per-request signatures:
-When using cookie-based authentication, the SDK stores authentication data in a secure cookie with
-the following settings:
-- **Name**: `__crosspost_auth`
-- **Secure**: `true` (only sent over HTTPS)
-- **SameSite**: `Lax` (sent with same-site requests and top-level navigations)
-- **Path**: `/` (available across the entire domain)
-- **Expires**: 30 days
-### CSRF Protection
-The SDK implements CSRF protection for state-changing requests (non-GET) using the Double Submit
-Cookie pattern:
-1. The backend API sets a CSRF token in a non-HttpOnly cookie (`XSRF-TOKEN`)
-2. The SDK reads this token and includes it in the `X-CSRF-Token` header for all state-changing
-   requests
-3. The backend validates that the token in the header matches the token in the cookie
-This protection is automatically enabled when using cookie-based authentication and requires no
-additional configuration from the client side.
-## License
+```typescript
+// Initialize the client
+const client = new CrosspostClient({
+  baseUrl: 'https://your-crosspost-api.com',
+});
-MIT
+// Before making authenticated requests, set fresh signature
+client.setAuthentication({
+  accountId: 'your-account.near',
+  publicKey: 'ed25519:...',
+  signature: '...',
+  message: '...',
+});
+```