@djangocfg/api 2.1.456 → 2.1.459
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/auth.cjs +2109 -2380
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.d.cts +24 -5
- package/dist/auth.d.ts +24 -5
- package/dist/auth.mjs +2229 -290
- package/dist/auth.mjs.map +1 -1
- package/dist/clients.cjs +1906 -2024
- package/dist/clients.cjs.map +1 -1
- package/dist/clients.mjs +2090 -14
- package/dist/clients.mjs.map +1 -1
- package/dist/hooks.cjs +1026 -1672
- package/dist/hooks.cjs.map +1 -1
- package/dist/hooks.mjs +1543 -4
- package/dist/hooks.mjs.map +1 -1
- package/dist/index.cjs +1892 -2015
- package/dist/index.cjs.map +1 -1
- package/dist/index.mjs +2105 -20
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
- package/src/_api/generated/helpers/auth.ts +24 -12
- package/src/auth/constants.ts +5 -5
- package/src/auth/context/AuthContext.tsx +67 -28
- package/src/auth/context/types.ts +13 -0
- package/src/auth/hooks/index.ts +5 -1
- package/src/auth/hooks/useAuthRedirect.ts +17 -0
- package/src/auth/hooks/useTwoFactor.ts +4 -2
package/dist/hooks.mjs
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
"use client";
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
__name
|
|
5
|
-
} from "./chunk-2G67QRNU.mjs";
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
|
|
6
4
|
|
|
7
5
|
// src/hooks/useApiKey.ts
|
|
8
6
|
import { useCallback, useState } from "react";
|
|
@@ -10,6 +8,1547 @@ import { useCallback, useState } from "react";
|
|
|
10
8
|
// src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRegenerateCreate.ts
|
|
11
9
|
import useSWRMutation from "swr/mutation";
|
|
12
10
|
|
|
11
|
+
// src/_api/generated/core/bodySerializer.gen.ts
|
|
12
|
+
var jsonBodySerializer = {
|
|
13
|
+
bodySerializer: /* @__PURE__ */ __name((body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value), "bodySerializer")
|
|
14
|
+
};
|
|
15
|
+
|
|
16
|
+
// src/_api/generated/core/params.gen.ts
|
|
17
|
+
var extraPrefixesMap = {
|
|
18
|
+
$body_: "body",
|
|
19
|
+
$headers_: "headers",
|
|
20
|
+
$path_: "path",
|
|
21
|
+
$query_: "query"
|
|
22
|
+
};
|
|
23
|
+
var extraPrefixes = Object.entries(extraPrefixesMap);
|
|
24
|
+
|
|
25
|
+
// src/_api/generated/core/serverSentEvents.gen.ts
|
|
26
|
+
function createSseClient({
|
|
27
|
+
onRequest,
|
|
28
|
+
onSseError,
|
|
29
|
+
onSseEvent,
|
|
30
|
+
responseTransformer,
|
|
31
|
+
responseValidator,
|
|
32
|
+
sseDefaultRetryDelay,
|
|
33
|
+
sseMaxRetryAttempts,
|
|
34
|
+
sseMaxRetryDelay,
|
|
35
|
+
sseSleepFn,
|
|
36
|
+
url,
|
|
37
|
+
...options
|
|
38
|
+
}) {
|
|
39
|
+
let lastEventId;
|
|
40
|
+
const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
|
|
41
|
+
const createStream = /* @__PURE__ */ __name(async function* () {
|
|
42
|
+
let retryDelay = sseDefaultRetryDelay ?? 3e3;
|
|
43
|
+
let attempt = 0;
|
|
44
|
+
const signal = options.signal ?? new AbortController().signal;
|
|
45
|
+
while (true) {
|
|
46
|
+
if (signal.aborted) break;
|
|
47
|
+
attempt++;
|
|
48
|
+
const headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers);
|
|
49
|
+
if (lastEventId !== void 0) {
|
|
50
|
+
headers.set("Last-Event-ID", lastEventId);
|
|
51
|
+
}
|
|
52
|
+
try {
|
|
53
|
+
const requestInit = {
|
|
54
|
+
redirect: "follow",
|
|
55
|
+
...options,
|
|
56
|
+
body: options.serializedBody,
|
|
57
|
+
headers,
|
|
58
|
+
signal
|
|
59
|
+
};
|
|
60
|
+
let request = new Request(url, requestInit);
|
|
61
|
+
if (onRequest) {
|
|
62
|
+
request = await onRequest(url, requestInit);
|
|
63
|
+
}
|
|
64
|
+
const _fetch = options.fetch ?? globalThis.fetch;
|
|
65
|
+
const response = await _fetch(request);
|
|
66
|
+
if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
|
|
67
|
+
if (!response.body) throw new Error("No body in SSE response");
|
|
68
|
+
const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
|
|
69
|
+
let buffer = "";
|
|
70
|
+
const abortHandler = /* @__PURE__ */ __name(() => {
|
|
71
|
+
try {
|
|
72
|
+
reader.cancel();
|
|
73
|
+
} catch {
|
|
74
|
+
}
|
|
75
|
+
}, "abortHandler");
|
|
76
|
+
signal.addEventListener("abort", abortHandler);
|
|
77
|
+
try {
|
|
78
|
+
while (true) {
|
|
79
|
+
const { done, value } = await reader.read();
|
|
80
|
+
if (done) break;
|
|
81
|
+
buffer += value;
|
|
82
|
+
buffer = buffer.replace(/\r\n?/g, "\n");
|
|
83
|
+
const chunks = buffer.split("\n\n");
|
|
84
|
+
buffer = chunks.pop() ?? "";
|
|
85
|
+
for (const chunk of chunks) {
|
|
86
|
+
const lines = chunk.split("\n");
|
|
87
|
+
const dataLines = [];
|
|
88
|
+
let eventName;
|
|
89
|
+
for (const line of lines) {
|
|
90
|
+
if (line.startsWith("data:")) {
|
|
91
|
+
dataLines.push(line.replace(/^data:\s*/, ""));
|
|
92
|
+
} else if (line.startsWith("event:")) {
|
|
93
|
+
eventName = line.replace(/^event:\s*/, "");
|
|
94
|
+
} else if (line.startsWith("id:")) {
|
|
95
|
+
lastEventId = line.replace(/^id:\s*/, "");
|
|
96
|
+
} else if (line.startsWith("retry:")) {
|
|
97
|
+
const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
|
|
98
|
+
if (!Number.isNaN(parsed)) {
|
|
99
|
+
retryDelay = parsed;
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
let data;
|
|
104
|
+
let parsedJson = false;
|
|
105
|
+
if (dataLines.length) {
|
|
106
|
+
const rawData = dataLines.join("\n");
|
|
107
|
+
try {
|
|
108
|
+
data = JSON.parse(rawData);
|
|
109
|
+
parsedJson = true;
|
|
110
|
+
} catch {
|
|
111
|
+
data = rawData;
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
if (parsedJson) {
|
|
115
|
+
if (responseValidator) {
|
|
116
|
+
await responseValidator(data);
|
|
117
|
+
}
|
|
118
|
+
if (responseTransformer) {
|
|
119
|
+
data = await responseTransformer(data);
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
onSseEvent?.({
|
|
123
|
+
data,
|
|
124
|
+
event: eventName,
|
|
125
|
+
id: lastEventId,
|
|
126
|
+
retry: retryDelay
|
|
127
|
+
});
|
|
128
|
+
if (dataLines.length) {
|
|
129
|
+
yield data;
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
} finally {
|
|
134
|
+
signal.removeEventListener("abort", abortHandler);
|
|
135
|
+
reader.releaseLock();
|
|
136
|
+
}
|
|
137
|
+
break;
|
|
138
|
+
} catch (error) {
|
|
139
|
+
onSseError?.(error);
|
|
140
|
+
if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
|
|
141
|
+
break;
|
|
142
|
+
}
|
|
143
|
+
const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
|
|
144
|
+
await sleep(backoff);
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
}, "createStream");
|
|
148
|
+
const stream = createStream();
|
|
149
|
+
return { stream };
|
|
150
|
+
}
|
|
151
|
+
__name(createSseClient, "createSseClient");
|
|
152
|
+
|
|
153
|
+
// src/_api/generated/core/pathSerializer.gen.ts
|
|
154
|
+
var separatorArrayExplode = /* @__PURE__ */ __name((style) => {
|
|
155
|
+
switch (style) {
|
|
156
|
+
case "label":
|
|
157
|
+
return ".";
|
|
158
|
+
case "matrix":
|
|
159
|
+
return ";";
|
|
160
|
+
case "simple":
|
|
161
|
+
return ",";
|
|
162
|
+
default:
|
|
163
|
+
return "&";
|
|
164
|
+
}
|
|
165
|
+
}, "separatorArrayExplode");
|
|
166
|
+
var separatorArrayNoExplode = /* @__PURE__ */ __name((style) => {
|
|
167
|
+
switch (style) {
|
|
168
|
+
case "form":
|
|
169
|
+
return ",";
|
|
170
|
+
case "pipeDelimited":
|
|
171
|
+
return "|";
|
|
172
|
+
case "spaceDelimited":
|
|
173
|
+
return "%20";
|
|
174
|
+
default:
|
|
175
|
+
return ",";
|
|
176
|
+
}
|
|
177
|
+
}, "separatorArrayNoExplode");
|
|
178
|
+
var separatorObjectExplode = /* @__PURE__ */ __name((style) => {
|
|
179
|
+
switch (style) {
|
|
180
|
+
case "label":
|
|
181
|
+
return ".";
|
|
182
|
+
case "matrix":
|
|
183
|
+
return ";";
|
|
184
|
+
case "simple":
|
|
185
|
+
return ",";
|
|
186
|
+
default:
|
|
187
|
+
return "&";
|
|
188
|
+
}
|
|
189
|
+
}, "separatorObjectExplode");
|
|
190
|
+
var serializeArrayParam = /* @__PURE__ */ __name(({
|
|
191
|
+
allowReserved,
|
|
192
|
+
explode,
|
|
193
|
+
name,
|
|
194
|
+
style,
|
|
195
|
+
value
|
|
196
|
+
}) => {
|
|
197
|
+
if (!explode) {
|
|
198
|
+
const joinedValues2 = (allowReserved ? value : value.map((v) => encodeURIComponent(v))).join(separatorArrayNoExplode(style));
|
|
199
|
+
switch (style) {
|
|
200
|
+
case "label":
|
|
201
|
+
return `.${joinedValues2}`;
|
|
202
|
+
case "matrix":
|
|
203
|
+
return `;${name}=${joinedValues2}`;
|
|
204
|
+
case "simple":
|
|
205
|
+
return joinedValues2;
|
|
206
|
+
default:
|
|
207
|
+
return `${name}=${joinedValues2}`;
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
const separator = separatorArrayExplode(style);
|
|
211
|
+
const joinedValues = value.map((v) => {
|
|
212
|
+
if (style === "label" || style === "simple") {
|
|
213
|
+
return allowReserved ? v : encodeURIComponent(v);
|
|
214
|
+
}
|
|
215
|
+
return serializePrimitiveParam({
|
|
216
|
+
allowReserved,
|
|
217
|
+
name,
|
|
218
|
+
value: v
|
|
219
|
+
});
|
|
220
|
+
}).join(separator);
|
|
221
|
+
return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
|
|
222
|
+
}, "serializeArrayParam");
|
|
223
|
+
var serializePrimitiveParam = /* @__PURE__ */ __name(({
|
|
224
|
+
allowReserved,
|
|
225
|
+
name,
|
|
226
|
+
value
|
|
227
|
+
}) => {
|
|
228
|
+
if (value === void 0 || value === null) {
|
|
229
|
+
return "";
|
|
230
|
+
}
|
|
231
|
+
if (typeof value === "object") {
|
|
232
|
+
throw new Error(
|
|
233
|
+
"Deeply-nested arrays/objects aren\u2019t supported. Provide your own `querySerializer()` to handle these."
|
|
234
|
+
);
|
|
235
|
+
}
|
|
236
|
+
return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;
|
|
237
|
+
}, "serializePrimitiveParam");
|
|
238
|
+
var serializeObjectParam = /* @__PURE__ */ __name(({
|
|
239
|
+
allowReserved,
|
|
240
|
+
explode,
|
|
241
|
+
name,
|
|
242
|
+
style,
|
|
243
|
+
value,
|
|
244
|
+
valueOnly
|
|
245
|
+
}) => {
|
|
246
|
+
if (value instanceof Date) {
|
|
247
|
+
return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;
|
|
248
|
+
}
|
|
249
|
+
if (style !== "deepObject" && !explode) {
|
|
250
|
+
let values = [];
|
|
251
|
+
Object.entries(value).forEach(([key, v]) => {
|
|
252
|
+
values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
|
|
253
|
+
});
|
|
254
|
+
const joinedValues2 = values.join(",");
|
|
255
|
+
switch (style) {
|
|
256
|
+
case "form":
|
|
257
|
+
return `${name}=${joinedValues2}`;
|
|
258
|
+
case "label":
|
|
259
|
+
return `.${joinedValues2}`;
|
|
260
|
+
case "matrix":
|
|
261
|
+
return `;${name}=${joinedValues2}`;
|
|
262
|
+
default:
|
|
263
|
+
return joinedValues2;
|
|
264
|
+
}
|
|
265
|
+
}
|
|
266
|
+
const separator = separatorObjectExplode(style);
|
|
267
|
+
const joinedValues = Object.entries(value).map(
|
|
268
|
+
([key, v]) => serializePrimitiveParam({
|
|
269
|
+
allowReserved,
|
|
270
|
+
name: style === "deepObject" ? `${name}[${key}]` : key,
|
|
271
|
+
value: v
|
|
272
|
+
})
|
|
273
|
+
).join(separator);
|
|
274
|
+
return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
|
|
275
|
+
}, "serializeObjectParam");
|
|
276
|
+
|
|
277
|
+
// src/_api/generated/core/utils.gen.ts
|
|
278
|
+
var PATH_PARAM_RE = /\{[^{}]+\}/g;
|
|
279
|
+
var defaultPathSerializer = /* @__PURE__ */ __name(({ path, url: _url }) => {
|
|
280
|
+
let url = _url;
|
|
281
|
+
const matches = _url.match(PATH_PARAM_RE);
|
|
282
|
+
if (matches) {
|
|
283
|
+
for (const match of matches) {
|
|
284
|
+
let explode = false;
|
|
285
|
+
let name = match.substring(1, match.length - 1);
|
|
286
|
+
let style = "simple";
|
|
287
|
+
if (name.endsWith("*")) {
|
|
288
|
+
explode = true;
|
|
289
|
+
name = name.substring(0, name.length - 1);
|
|
290
|
+
}
|
|
291
|
+
if (name.startsWith(".")) {
|
|
292
|
+
name = name.substring(1);
|
|
293
|
+
style = "label";
|
|
294
|
+
} else if (name.startsWith(";")) {
|
|
295
|
+
name = name.substring(1);
|
|
296
|
+
style = "matrix";
|
|
297
|
+
}
|
|
298
|
+
const value = path[name];
|
|
299
|
+
if (value === void 0 || value === null) {
|
|
300
|
+
continue;
|
|
301
|
+
}
|
|
302
|
+
if (Array.isArray(value)) {
|
|
303
|
+
url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
|
|
304
|
+
continue;
|
|
305
|
+
}
|
|
306
|
+
if (typeof value === "object") {
|
|
307
|
+
url = url.replace(
|
|
308
|
+
match,
|
|
309
|
+
serializeObjectParam({
|
|
310
|
+
explode,
|
|
311
|
+
name,
|
|
312
|
+
style,
|
|
313
|
+
value,
|
|
314
|
+
valueOnly: true
|
|
315
|
+
})
|
|
316
|
+
);
|
|
317
|
+
continue;
|
|
318
|
+
}
|
|
319
|
+
if (style === "matrix") {
|
|
320
|
+
url = url.replace(
|
|
321
|
+
match,
|
|
322
|
+
`;${serializePrimitiveParam({
|
|
323
|
+
name,
|
|
324
|
+
value
|
|
325
|
+
})}`
|
|
326
|
+
);
|
|
327
|
+
continue;
|
|
328
|
+
}
|
|
329
|
+
const replaceValue = encodeURIComponent(
|
|
330
|
+
style === "label" ? `.${value}` : value
|
|
331
|
+
);
|
|
332
|
+
url = url.replace(match, replaceValue);
|
|
333
|
+
}
|
|
334
|
+
}
|
|
335
|
+
return url;
|
|
336
|
+
}, "defaultPathSerializer");
|
|
337
|
+
var getUrl = /* @__PURE__ */ __name(({
|
|
338
|
+
baseUrl,
|
|
339
|
+
path,
|
|
340
|
+
query,
|
|
341
|
+
querySerializer,
|
|
342
|
+
url: _url
|
|
343
|
+
}) => {
|
|
344
|
+
const pathUrl = _url.startsWith("/") ? _url : `/${_url}`;
|
|
345
|
+
let url = (baseUrl ?? "") + pathUrl;
|
|
346
|
+
if (path) {
|
|
347
|
+
url = defaultPathSerializer({ path, url });
|
|
348
|
+
}
|
|
349
|
+
let search = query ? querySerializer(query) : "";
|
|
350
|
+
if (search.startsWith("?")) {
|
|
351
|
+
search = search.substring(1);
|
|
352
|
+
}
|
|
353
|
+
if (search) {
|
|
354
|
+
url += `?${search}`;
|
|
355
|
+
}
|
|
356
|
+
return url;
|
|
357
|
+
}, "getUrl");
|
|
358
|
+
function getValidRequestBody(options) {
|
|
359
|
+
const hasBody = options.body !== void 0;
|
|
360
|
+
const isSerializedBody = hasBody && options.bodySerializer;
|
|
361
|
+
if (isSerializedBody) {
|
|
362
|
+
if ("serializedBody" in options) {
|
|
363
|
+
const hasSerializedBody = options.serializedBody !== void 0 && options.serializedBody !== "";
|
|
364
|
+
return hasSerializedBody ? options.serializedBody : null;
|
|
365
|
+
}
|
|
366
|
+
return options.body !== "" ? options.body : null;
|
|
367
|
+
}
|
|
368
|
+
if (hasBody) {
|
|
369
|
+
return options.body;
|
|
370
|
+
}
|
|
371
|
+
return void 0;
|
|
372
|
+
}
|
|
373
|
+
__name(getValidRequestBody, "getValidRequestBody");
|
|
374
|
+
|
|
375
|
+
// src/_api/generated/core/auth.gen.ts
|
|
376
|
+
var getAuthToken = /* @__PURE__ */ __name(async (auth2, callback) => {
|
|
377
|
+
const token = typeof callback === "function" ? await callback(auth2) : callback;
|
|
378
|
+
if (!token) {
|
|
379
|
+
return;
|
|
380
|
+
}
|
|
381
|
+
if (auth2.scheme === "bearer") {
|
|
382
|
+
return `Bearer ${token}`;
|
|
383
|
+
}
|
|
384
|
+
if (auth2.scheme === "basic") {
|
|
385
|
+
return `Basic ${btoa(token)}`;
|
|
386
|
+
}
|
|
387
|
+
return token;
|
|
388
|
+
}, "getAuthToken");
|
|
389
|
+
|
|
390
|
+
// src/_api/generated/client/utils.gen.ts
|
|
391
|
+
var createQuerySerializer = /* @__PURE__ */ __name(({
|
|
392
|
+
parameters = {},
|
|
393
|
+
...args
|
|
394
|
+
} = {}) => {
|
|
395
|
+
const querySerializer = /* @__PURE__ */ __name((queryParams) => {
|
|
396
|
+
const search = [];
|
|
397
|
+
if (queryParams && typeof queryParams === "object") {
|
|
398
|
+
for (const name in queryParams) {
|
|
399
|
+
const value = queryParams[name];
|
|
400
|
+
if (value === void 0 || value === null) {
|
|
401
|
+
continue;
|
|
402
|
+
}
|
|
403
|
+
const options = parameters[name] || args;
|
|
404
|
+
if (Array.isArray(value)) {
|
|
405
|
+
const serializedArray = serializeArrayParam({
|
|
406
|
+
allowReserved: options.allowReserved,
|
|
407
|
+
explode: true,
|
|
408
|
+
name,
|
|
409
|
+
style: "form",
|
|
410
|
+
value,
|
|
411
|
+
...options.array
|
|
412
|
+
});
|
|
413
|
+
if (serializedArray) search.push(serializedArray);
|
|
414
|
+
} else if (typeof value === "object") {
|
|
415
|
+
const serializedObject = serializeObjectParam({
|
|
416
|
+
allowReserved: options.allowReserved,
|
|
417
|
+
explode: true,
|
|
418
|
+
name,
|
|
419
|
+
style: "deepObject",
|
|
420
|
+
value,
|
|
421
|
+
...options.object
|
|
422
|
+
});
|
|
423
|
+
if (serializedObject) search.push(serializedObject);
|
|
424
|
+
} else {
|
|
425
|
+
const serializedPrimitive = serializePrimitiveParam({
|
|
426
|
+
allowReserved: options.allowReserved,
|
|
427
|
+
name,
|
|
428
|
+
value
|
|
429
|
+
});
|
|
430
|
+
if (serializedPrimitive) search.push(serializedPrimitive);
|
|
431
|
+
}
|
|
432
|
+
}
|
|
433
|
+
}
|
|
434
|
+
return search.join("&");
|
|
435
|
+
}, "querySerializer");
|
|
436
|
+
return querySerializer;
|
|
437
|
+
}, "createQuerySerializer");
|
|
438
|
+
var getParseAs = /* @__PURE__ */ __name((contentType) => {
|
|
439
|
+
if (!contentType) {
|
|
440
|
+
return "stream";
|
|
441
|
+
}
|
|
442
|
+
const cleanContent = contentType.split(";")[0]?.trim();
|
|
443
|
+
if (!cleanContent) {
|
|
444
|
+
return;
|
|
445
|
+
}
|
|
446
|
+
if (cleanContent.startsWith("application/json") || cleanContent.endsWith("+json")) {
|
|
447
|
+
return "json";
|
|
448
|
+
}
|
|
449
|
+
if (cleanContent === "multipart/form-data") {
|
|
450
|
+
return "formData";
|
|
451
|
+
}
|
|
452
|
+
if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
|
|
453
|
+
return "blob";
|
|
454
|
+
}
|
|
455
|
+
if (cleanContent.startsWith("text/")) {
|
|
456
|
+
return "text";
|
|
457
|
+
}
|
|
458
|
+
return;
|
|
459
|
+
}, "getParseAs");
|
|
460
|
+
var checkForExistence = /* @__PURE__ */ __name((options, name) => {
|
|
461
|
+
if (!name) {
|
|
462
|
+
return false;
|
|
463
|
+
}
|
|
464
|
+
if (options.headers.has(name) || options.query?.[name] || options.headers.get("Cookie")?.includes(`${name}=`)) {
|
|
465
|
+
return true;
|
|
466
|
+
}
|
|
467
|
+
return false;
|
|
468
|
+
}, "checkForExistence");
|
|
469
|
+
async function setAuthParams(options) {
|
|
470
|
+
for (const auth2 of options.security ?? []) {
|
|
471
|
+
if (checkForExistence(options, auth2.name)) {
|
|
472
|
+
continue;
|
|
473
|
+
}
|
|
474
|
+
const token = await getAuthToken(auth2, options.auth);
|
|
475
|
+
if (!token) {
|
|
476
|
+
continue;
|
|
477
|
+
}
|
|
478
|
+
const name = auth2.name ?? "Authorization";
|
|
479
|
+
switch (auth2.in) {
|
|
480
|
+
case "query":
|
|
481
|
+
if (!options.query) {
|
|
482
|
+
options.query = {};
|
|
483
|
+
}
|
|
484
|
+
options.query[name] = token;
|
|
485
|
+
break;
|
|
486
|
+
case "cookie":
|
|
487
|
+
options.headers.append("Cookie", `${name}=${token}`);
|
|
488
|
+
break;
|
|
489
|
+
case "header":
|
|
490
|
+
default:
|
|
491
|
+
options.headers.set(name, token);
|
|
492
|
+
break;
|
|
493
|
+
}
|
|
494
|
+
}
|
|
495
|
+
}
|
|
496
|
+
__name(setAuthParams, "setAuthParams");
|
|
497
|
+
var buildUrl = /* @__PURE__ */ __name((options) => getUrl({
|
|
498
|
+
baseUrl: options.baseUrl,
|
|
499
|
+
path: options.path,
|
|
500
|
+
query: options.query,
|
|
501
|
+
querySerializer: typeof options.querySerializer === "function" ? options.querySerializer : createQuerySerializer(options.querySerializer),
|
|
502
|
+
url: options.url
|
|
503
|
+
}), "buildUrl");
|
|
504
|
+
var mergeConfigs = /* @__PURE__ */ __name((a, b) => {
|
|
505
|
+
const config = { ...a, ...b };
|
|
506
|
+
if (config.baseUrl?.endsWith("/")) {
|
|
507
|
+
config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);
|
|
508
|
+
}
|
|
509
|
+
config.headers = mergeHeaders(a.headers, b.headers);
|
|
510
|
+
return config;
|
|
511
|
+
}, "mergeConfigs");
|
|
512
|
+
var headersEntries = /* @__PURE__ */ __name((headers) => {
|
|
513
|
+
const entries = [];
|
|
514
|
+
headers.forEach((value, key) => {
|
|
515
|
+
entries.push([key, value]);
|
|
516
|
+
});
|
|
517
|
+
return entries;
|
|
518
|
+
}, "headersEntries");
|
|
519
|
+
var mergeHeaders = /* @__PURE__ */ __name((...headers) => {
|
|
520
|
+
const mergedHeaders = new Headers();
|
|
521
|
+
for (const header of headers) {
|
|
522
|
+
if (!header) {
|
|
523
|
+
continue;
|
|
524
|
+
}
|
|
525
|
+
const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);
|
|
526
|
+
for (const [key, value] of iterator) {
|
|
527
|
+
if (value === null) {
|
|
528
|
+
mergedHeaders.delete(key);
|
|
529
|
+
} else if (Array.isArray(value)) {
|
|
530
|
+
for (const v of value) {
|
|
531
|
+
mergedHeaders.append(key, v);
|
|
532
|
+
}
|
|
533
|
+
} else if (value !== void 0) {
|
|
534
|
+
mergedHeaders.set(
|
|
535
|
+
key,
|
|
536
|
+
typeof value === "object" ? JSON.stringify(value) : value
|
|
537
|
+
);
|
|
538
|
+
}
|
|
539
|
+
}
|
|
540
|
+
}
|
|
541
|
+
return mergedHeaders;
|
|
542
|
+
}, "mergeHeaders");
|
|
543
|
+
var Interceptors = class {
|
|
544
|
+
static {
|
|
545
|
+
__name(this, "Interceptors");
|
|
546
|
+
}
|
|
547
|
+
fns = [];
|
|
548
|
+
clear() {
|
|
549
|
+
this.fns = [];
|
|
550
|
+
}
|
|
551
|
+
eject(id) {
|
|
552
|
+
const index = this.getInterceptorIndex(id);
|
|
553
|
+
if (this.fns[index]) {
|
|
554
|
+
this.fns[index] = null;
|
|
555
|
+
}
|
|
556
|
+
}
|
|
557
|
+
exists(id) {
|
|
558
|
+
const index = this.getInterceptorIndex(id);
|
|
559
|
+
return Boolean(this.fns[index]);
|
|
560
|
+
}
|
|
561
|
+
getInterceptorIndex(id) {
|
|
562
|
+
if (typeof id === "number") {
|
|
563
|
+
return this.fns[id] ? id : -1;
|
|
564
|
+
}
|
|
565
|
+
return this.fns.indexOf(id);
|
|
566
|
+
}
|
|
567
|
+
update(id, fn) {
|
|
568
|
+
const index = this.getInterceptorIndex(id);
|
|
569
|
+
if (this.fns[index]) {
|
|
570
|
+
this.fns[index] = fn;
|
|
571
|
+
return id;
|
|
572
|
+
}
|
|
573
|
+
return false;
|
|
574
|
+
}
|
|
575
|
+
use(fn) {
|
|
576
|
+
this.fns.push(fn);
|
|
577
|
+
return this.fns.length - 1;
|
|
578
|
+
}
|
|
579
|
+
};
|
|
580
|
+
var createInterceptors = /* @__PURE__ */ __name(() => ({
|
|
581
|
+
error: new Interceptors(),
|
|
582
|
+
request: new Interceptors(),
|
|
583
|
+
response: new Interceptors()
|
|
584
|
+
}), "createInterceptors");
|
|
585
|
+
var defaultQuerySerializer = createQuerySerializer({
|
|
586
|
+
allowReserved: false,
|
|
587
|
+
array: {
|
|
588
|
+
explode: true,
|
|
589
|
+
style: "form"
|
|
590
|
+
},
|
|
591
|
+
object: {
|
|
592
|
+
explode: true,
|
|
593
|
+
style: "deepObject"
|
|
594
|
+
}
|
|
595
|
+
});
|
|
596
|
+
var defaultHeaders = {
|
|
597
|
+
"Content-Type": "application/json"
|
|
598
|
+
};
|
|
599
|
+
var createConfig = /* @__PURE__ */ __name((override = {}) => ({
|
|
600
|
+
...jsonBodySerializer,
|
|
601
|
+
headers: defaultHeaders,
|
|
602
|
+
parseAs: "auto",
|
|
603
|
+
querySerializer: defaultQuerySerializer,
|
|
604
|
+
...override
|
|
605
|
+
}), "createConfig");
|
|
606
|
+
|
|
607
|
+
// src/_api/generated/client/client.gen.ts
|
|
608
|
+
var createClient = /* @__PURE__ */ __name((config = {}) => {
|
|
609
|
+
let _config = mergeConfigs(createConfig(), config);
|
|
610
|
+
const getConfig = /* @__PURE__ */ __name(() => ({ ..._config }), "getConfig");
|
|
611
|
+
const setConfig = /* @__PURE__ */ __name((config2) => {
|
|
612
|
+
_config = mergeConfigs(_config, config2);
|
|
613
|
+
return getConfig();
|
|
614
|
+
}, "setConfig");
|
|
615
|
+
const interceptors = createInterceptors();
|
|
616
|
+
const beforeRequest = /* @__PURE__ */ __name(async (options) => {
|
|
617
|
+
const opts = {
|
|
618
|
+
..._config,
|
|
619
|
+
...options,
|
|
620
|
+
fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,
|
|
621
|
+
headers: mergeHeaders(_config.headers, options.headers),
|
|
622
|
+
serializedBody: void 0
|
|
623
|
+
};
|
|
624
|
+
if (opts.security) {
|
|
625
|
+
await setAuthParams(opts);
|
|
626
|
+
}
|
|
627
|
+
if (opts.requestValidator) {
|
|
628
|
+
await opts.requestValidator(opts);
|
|
629
|
+
}
|
|
630
|
+
if (opts.body !== void 0 && opts.bodySerializer) {
|
|
631
|
+
opts.serializedBody = opts.bodySerializer(opts.body);
|
|
632
|
+
}
|
|
633
|
+
if (opts.body === void 0 || opts.serializedBody === "") {
|
|
634
|
+
opts.headers.delete("Content-Type");
|
|
635
|
+
}
|
|
636
|
+
const resolvedOpts = opts;
|
|
637
|
+
const url = buildUrl(resolvedOpts);
|
|
638
|
+
return { opts: resolvedOpts, url };
|
|
639
|
+
}, "beforeRequest");
|
|
640
|
+
const request = /* @__PURE__ */ __name(async (options) => {
|
|
641
|
+
const throwOnError = options.throwOnError ?? _config.throwOnError;
|
|
642
|
+
const responseStyle = options.responseStyle ?? _config.responseStyle;
|
|
643
|
+
let request2;
|
|
644
|
+
let response;
|
|
645
|
+
try {
|
|
646
|
+
const { opts, url } = await beforeRequest(options);
|
|
647
|
+
const requestInit = {
|
|
648
|
+
redirect: "follow",
|
|
649
|
+
...opts,
|
|
650
|
+
body: getValidRequestBody(opts)
|
|
651
|
+
};
|
|
652
|
+
request2 = new Request(url, requestInit);
|
|
653
|
+
for (const fn of interceptors.request.fns) {
|
|
654
|
+
if (fn) {
|
|
655
|
+
request2 = await fn(request2, opts);
|
|
656
|
+
}
|
|
657
|
+
}
|
|
658
|
+
const _fetch = opts.fetch;
|
|
659
|
+
response = await _fetch(request2);
|
|
660
|
+
for (const fn of interceptors.response.fns) {
|
|
661
|
+
if (fn) {
|
|
662
|
+
response = await fn(response, request2, opts);
|
|
663
|
+
}
|
|
664
|
+
}
|
|
665
|
+
const result = {
|
|
666
|
+
request: request2,
|
|
667
|
+
response
|
|
668
|
+
};
|
|
669
|
+
if (response.ok) {
|
|
670
|
+
const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
|
|
671
|
+
if (response.status === 204 || response.headers.get("Content-Length") === "0") {
|
|
672
|
+
let emptyData;
|
|
673
|
+
switch (parseAs) {
|
|
674
|
+
case "arrayBuffer":
|
|
675
|
+
case "blob":
|
|
676
|
+
case "text":
|
|
677
|
+
emptyData = await response[parseAs]();
|
|
678
|
+
break;
|
|
679
|
+
case "formData":
|
|
680
|
+
emptyData = new FormData();
|
|
681
|
+
break;
|
|
682
|
+
case "stream":
|
|
683
|
+
emptyData = response.body;
|
|
684
|
+
break;
|
|
685
|
+
case "json":
|
|
686
|
+
default:
|
|
687
|
+
emptyData = {};
|
|
688
|
+
break;
|
|
689
|
+
}
|
|
690
|
+
return opts.responseStyle === "data" ? emptyData : {
|
|
691
|
+
data: emptyData,
|
|
692
|
+
...result
|
|
693
|
+
};
|
|
694
|
+
}
|
|
695
|
+
let data;
|
|
696
|
+
switch (parseAs) {
|
|
697
|
+
case "arrayBuffer":
|
|
698
|
+
case "blob":
|
|
699
|
+
case "formData":
|
|
700
|
+
case "text":
|
|
701
|
+
data = await response[parseAs]();
|
|
702
|
+
break;
|
|
703
|
+
case "json": {
|
|
704
|
+
const text = await response.text();
|
|
705
|
+
data = text ? JSON.parse(text) : {};
|
|
706
|
+
break;
|
|
707
|
+
}
|
|
708
|
+
case "stream":
|
|
709
|
+
return opts.responseStyle === "data" ? response.body : {
|
|
710
|
+
data: response.body,
|
|
711
|
+
...result
|
|
712
|
+
};
|
|
713
|
+
}
|
|
714
|
+
if (parseAs === "json") {
|
|
715
|
+
if (opts.responseValidator) {
|
|
716
|
+
await opts.responseValidator(data);
|
|
717
|
+
}
|
|
718
|
+
if (opts.responseTransformer) {
|
|
719
|
+
data = await opts.responseTransformer(data);
|
|
720
|
+
}
|
|
721
|
+
}
|
|
722
|
+
return opts.responseStyle === "data" ? data : {
|
|
723
|
+
data,
|
|
724
|
+
...result
|
|
725
|
+
};
|
|
726
|
+
}
|
|
727
|
+
const textError = await response.text();
|
|
728
|
+
let jsonError;
|
|
729
|
+
try {
|
|
730
|
+
jsonError = JSON.parse(textError);
|
|
731
|
+
} catch {
|
|
732
|
+
}
|
|
733
|
+
throw jsonError ?? textError;
|
|
734
|
+
} catch (error) {
|
|
735
|
+
let finalError = error;
|
|
736
|
+
for (const fn of interceptors.error.fns) {
|
|
737
|
+
if (fn) {
|
|
738
|
+
finalError = await fn(finalError, response, request2, options);
|
|
739
|
+
}
|
|
740
|
+
}
|
|
741
|
+
finalError = finalError || {};
|
|
742
|
+
if (throwOnError) {
|
|
743
|
+
throw finalError;
|
|
744
|
+
}
|
|
745
|
+
return responseStyle === "data" ? void 0 : {
|
|
746
|
+
error: finalError,
|
|
747
|
+
request: request2,
|
|
748
|
+
response
|
|
749
|
+
};
|
|
750
|
+
}
|
|
751
|
+
}, "request");
|
|
752
|
+
const makeMethodFn = /* @__PURE__ */ __name((method) => (options) => request({ ...options, method }), "makeMethodFn");
|
|
753
|
+
const makeSseFn = /* @__PURE__ */ __name((method) => async (options) => {
|
|
754
|
+
const { opts, url } = await beforeRequest(options);
|
|
755
|
+
return createSseClient({
|
|
756
|
+
...opts,
|
|
757
|
+
body: opts.body,
|
|
758
|
+
method,
|
|
759
|
+
onRequest: /* @__PURE__ */ __name(async (url2, init) => {
|
|
760
|
+
let request2 = new Request(url2, init);
|
|
761
|
+
for (const fn of interceptors.request.fns) {
|
|
762
|
+
if (fn) {
|
|
763
|
+
request2 = await fn(request2, opts);
|
|
764
|
+
}
|
|
765
|
+
}
|
|
766
|
+
return request2;
|
|
767
|
+
}, "onRequest"),
|
|
768
|
+
serializedBody: getValidRequestBody(opts),
|
|
769
|
+
url
|
|
770
|
+
});
|
|
771
|
+
}, "makeSseFn");
|
|
772
|
+
const _buildUrl = /* @__PURE__ */ __name((options) => buildUrl({ ..._config, ...options }), "_buildUrl");
|
|
773
|
+
return {
|
|
774
|
+
buildUrl: _buildUrl,
|
|
775
|
+
connect: makeMethodFn("CONNECT"),
|
|
776
|
+
delete: makeMethodFn("DELETE"),
|
|
777
|
+
get: makeMethodFn("GET"),
|
|
778
|
+
getConfig,
|
|
779
|
+
head: makeMethodFn("HEAD"),
|
|
780
|
+
interceptors,
|
|
781
|
+
options: makeMethodFn("OPTIONS"),
|
|
782
|
+
patch: makeMethodFn("PATCH"),
|
|
783
|
+
post: makeMethodFn("POST"),
|
|
784
|
+
put: makeMethodFn("PUT"),
|
|
785
|
+
request,
|
|
786
|
+
setConfig,
|
|
787
|
+
sse: {
|
|
788
|
+
connect: makeSseFn("CONNECT"),
|
|
789
|
+
delete: makeSseFn("DELETE"),
|
|
790
|
+
get: makeSseFn("GET"),
|
|
791
|
+
head: makeSseFn("HEAD"),
|
|
792
|
+
options: makeSseFn("OPTIONS"),
|
|
793
|
+
patch: makeSseFn("PATCH"),
|
|
794
|
+
post: makeSseFn("POST"),
|
|
795
|
+
put: makeSseFn("PUT"),
|
|
796
|
+
trace: makeSseFn("TRACE")
|
|
797
|
+
},
|
|
798
|
+
trace: makeMethodFn("TRACE")
|
|
799
|
+
};
|
|
800
|
+
}, "createClient");
|
|
801
|
+
|
|
802
|
+
// src/_api/generated/helpers/errors.ts
|
|
803
|
+
var APIError = class extends Error {
|
|
804
|
+
constructor(statusCode, statusText, response, url, message) {
|
|
805
|
+
super(message || `HTTP ${statusCode}: ${statusText}`);
|
|
806
|
+
this.statusCode = statusCode;
|
|
807
|
+
this.statusText = statusText;
|
|
808
|
+
this.response = response;
|
|
809
|
+
this.url = url;
|
|
810
|
+
this.name = "APIError";
|
|
811
|
+
}
|
|
812
|
+
static {
|
|
813
|
+
__name(this, "APIError");
|
|
814
|
+
}
|
|
815
|
+
get details() {
|
|
816
|
+
if (typeof this.response === "object" && this.response !== null) {
|
|
817
|
+
return this.response;
|
|
818
|
+
}
|
|
819
|
+
return null;
|
|
820
|
+
}
|
|
821
|
+
get fieldErrors() {
|
|
822
|
+
const details = this.details;
|
|
823
|
+
if (!details) return null;
|
|
824
|
+
const fieldErrors = {};
|
|
825
|
+
for (const [key, value] of Object.entries(details)) {
|
|
826
|
+
if (Array.isArray(value)) fieldErrors[key] = value;
|
|
827
|
+
}
|
|
828
|
+
return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
|
|
829
|
+
}
|
|
830
|
+
get errorMessage() {
|
|
831
|
+
const details = this.details;
|
|
832
|
+
if (!details) return this.message;
|
|
833
|
+
if (details.detail) {
|
|
834
|
+
return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
|
|
835
|
+
}
|
|
836
|
+
if (details.error) return String(details.error);
|
|
837
|
+
if (details.message) return String(details.message);
|
|
838
|
+
const fieldErrors = this.fieldErrors;
|
|
839
|
+
if (fieldErrors) {
|
|
840
|
+
const firstField = Object.keys(fieldErrors)[0];
|
|
841
|
+
if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
|
|
842
|
+
}
|
|
843
|
+
return this.message;
|
|
844
|
+
}
|
|
845
|
+
get isValidationError() {
|
|
846
|
+
return this.statusCode === 400;
|
|
847
|
+
}
|
|
848
|
+
get isAuthError() {
|
|
849
|
+
return this.statusCode === 401;
|
|
850
|
+
}
|
|
851
|
+
get isPermissionError() {
|
|
852
|
+
return this.statusCode === 403;
|
|
853
|
+
}
|
|
854
|
+
get isNotFoundError() {
|
|
855
|
+
return this.statusCode === 404;
|
|
856
|
+
}
|
|
857
|
+
get isServerError() {
|
|
858
|
+
return this.statusCode >= 500 && this.statusCode < 600;
|
|
859
|
+
}
|
|
860
|
+
};
|
|
861
|
+
|
|
862
|
+
// src/_api/generated/helpers/auth.ts
|
|
863
|
+
var ACCESS_KEY = "cfg.access_token";
|
|
864
|
+
var REFRESH_KEY = "cfg.refresh_token";
|
|
865
|
+
var API_KEY_KEY = "cfg.api_key";
|
|
866
|
+
var isBrowser = typeof window !== "undefined";
|
|
867
|
+
var localStorageBackend = {
|
|
868
|
+
get(key) {
|
|
869
|
+
if (!isBrowser) return null;
|
|
870
|
+
try {
|
|
871
|
+
return window.localStorage.getItem(key);
|
|
872
|
+
} catch {
|
|
873
|
+
return null;
|
|
874
|
+
}
|
|
875
|
+
},
|
|
876
|
+
set(key, value) {
|
|
877
|
+
if (!isBrowser) return;
|
|
878
|
+
try {
|
|
879
|
+
if (value === null) window.localStorage.removeItem(key);
|
|
880
|
+
else window.localStorage.setItem(key, value);
|
|
881
|
+
} catch {
|
|
882
|
+
}
|
|
883
|
+
}
|
|
884
|
+
};
|
|
885
|
+
var COOKIE_MAX_AGE = 60 * 60 * 24 * 30;
|
|
886
|
+
var cookieBackend = {
|
|
887
|
+
get(key) {
|
|
888
|
+
if (!isBrowser) return null;
|
|
889
|
+
try {
|
|
890
|
+
const re = new RegExp(`(?:^|;\\s*)${encodeURIComponent(key)}=([^;]*)`);
|
|
891
|
+
const m = document.cookie.match(re);
|
|
892
|
+
return m ? decodeURIComponent(m[1]) : null;
|
|
893
|
+
} catch {
|
|
894
|
+
return null;
|
|
895
|
+
}
|
|
896
|
+
},
|
|
897
|
+
set(key, value) {
|
|
898
|
+
if (!isBrowser) return;
|
|
899
|
+
try {
|
|
900
|
+
const k = encodeURIComponent(key);
|
|
901
|
+
const secure = window.location.protocol === "https:" ? "; Secure" : "";
|
|
902
|
+
if (value === null) {
|
|
903
|
+
document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;
|
|
904
|
+
} else {
|
|
905
|
+
const v = encodeURIComponent(value);
|
|
906
|
+
document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;
|
|
907
|
+
}
|
|
908
|
+
} catch {
|
|
909
|
+
}
|
|
910
|
+
}
|
|
911
|
+
};
|
|
912
|
+
var _storage = localStorageBackend;
|
|
913
|
+
var _storageMode = "localStorage";
|
|
914
|
+
function detectLocale() {
|
|
915
|
+
try {
|
|
916
|
+
if (typeof document !== "undefined") {
|
|
917
|
+
const m = document.cookie.match(/(?:^|;\s*)NEXT_LOCALE=([^;]*)/);
|
|
918
|
+
if (m) return decodeURIComponent(m[1]);
|
|
919
|
+
}
|
|
920
|
+
if (typeof navigator !== "undefined" && navigator.language) {
|
|
921
|
+
return navigator.language;
|
|
922
|
+
}
|
|
923
|
+
} catch {
|
|
924
|
+
}
|
|
925
|
+
return null;
|
|
926
|
+
}
|
|
927
|
+
__name(detectLocale, "detectLocale");
|
|
928
|
+
function defaultBaseUrl() {
|
|
929
|
+
if (typeof window !== "undefined") {
|
|
930
|
+
try {
|
|
931
|
+
if (typeof process !== "undefined" && process.env) {
|
|
932
|
+
if (process.env.NEXT_PUBLIC_STATIC_BUILD === "true") return "";
|
|
933
|
+
if (process.env.NEXT_PUBLIC_API_PROXY_URL !== void 0)
|
|
934
|
+
return process.env.NEXT_PUBLIC_API_PROXY_URL;
|
|
935
|
+
return process.env.NEXT_PUBLIC_API_URL || "";
|
|
936
|
+
}
|
|
937
|
+
} catch {
|
|
938
|
+
}
|
|
939
|
+
return "";
|
|
940
|
+
}
|
|
941
|
+
try {
|
|
942
|
+
if (typeof process !== "undefined" && process.env) {
|
|
943
|
+
if (process.env.NEXT_PUBLIC_STATIC_BUILD === "true") return "";
|
|
944
|
+
return process.env.NEXT_PUBLIC_API_URL || "";
|
|
945
|
+
}
|
|
946
|
+
} catch {
|
|
947
|
+
}
|
|
948
|
+
return "";
|
|
949
|
+
}
|
|
950
|
+
__name(defaultBaseUrl, "defaultBaseUrl");
|
|
951
|
+
function defaultApiKey() {
|
|
952
|
+
try {
|
|
953
|
+
if (typeof process !== "undefined" && process.env?.NEXT_PUBLIC_API_KEY) {
|
|
954
|
+
return process.env.NEXT_PUBLIC_API_KEY;
|
|
955
|
+
}
|
|
956
|
+
} catch {
|
|
957
|
+
}
|
|
958
|
+
return null;
|
|
959
|
+
}
|
|
960
|
+
__name(defaultApiKey, "defaultApiKey");
|
|
961
|
+
var _localeOverride = null;
|
|
962
|
+
var _apiKeyOverride = null;
|
|
963
|
+
var _baseUrlOverride = null;
|
|
964
|
+
var _withCredentials = true;
|
|
965
|
+
var _onUnauthorized = null;
|
|
966
|
+
var _refreshHandler = null;
|
|
967
|
+
var _refreshInflight = null;
|
|
968
|
+
var RETRY_MARKER = "X-Auth-Retry";
|
|
969
|
+
function jwtExpMs(token) {
|
|
970
|
+
try {
|
|
971
|
+
const payload = token.split(".")[1];
|
|
972
|
+
if (!payload) return null;
|
|
973
|
+
const json = JSON.parse(atob(payload.replace(/-/g, "+").replace(/_/g, "/")));
|
|
974
|
+
return typeof json.exp === "number" ? json.exp * 1e3 : null;
|
|
975
|
+
} catch {
|
|
976
|
+
return null;
|
|
977
|
+
}
|
|
978
|
+
}
|
|
979
|
+
__name(jwtExpMs, "jwtExpMs");
|
|
980
|
+
function computeSnapshot() {
|
|
981
|
+
const access = _storage.get(ACCESS_KEY);
|
|
982
|
+
const refresh = _storage.get(REFRESH_KEY);
|
|
983
|
+
const now = Date.now();
|
|
984
|
+
const accessExp = access ? jwtExpMs(access) : null;
|
|
985
|
+
const accessAlive = access !== null && (accessExp === null || accessExp > now);
|
|
986
|
+
const refreshExp = refresh ? jwtExpMs(refresh) : null;
|
|
987
|
+
const refreshAlive = refresh !== null && (refreshExp === null || refreshExp > now);
|
|
988
|
+
return {
|
|
989
|
+
status: accessAlive || refreshAlive ? "authenticated" : "anonymous",
|
|
990
|
+
accessExpiresAt: accessExp
|
|
991
|
+
};
|
|
992
|
+
}
|
|
993
|
+
__name(computeSnapshot, "computeSnapshot");
|
|
994
|
+
var SERVER_SNAPSHOT = { status: "anonymous", accessExpiresAt: null };
|
|
995
|
+
var SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;
|
|
996
|
+
var _snapshot = computeSnapshot();
|
|
997
|
+
var _sessionListeners = /* @__PURE__ */ new Set();
|
|
998
|
+
var _expiryTimer = null;
|
|
999
|
+
var _storageListenerInstalled = false;
|
|
1000
|
+
function scheduleExpiryFlip() {
|
|
1001
|
+
if (!isBrowser) return;
|
|
1002
|
+
if (_expiryTimer !== null) {
|
|
1003
|
+
clearTimeout(_expiryTimer);
|
|
1004
|
+
_expiryTimer = null;
|
|
1005
|
+
}
|
|
1006
|
+
if (_sessionListeners.size === 0) return;
|
|
1007
|
+
const now = Date.now();
|
|
1008
|
+
const exps = [];
|
|
1009
|
+
const access = _storage.get(ACCESS_KEY);
|
|
1010
|
+
const refresh = _storage.get(REFRESH_KEY);
|
|
1011
|
+
const accessExp = access ? jwtExpMs(access) : null;
|
|
1012
|
+
const refreshExp = refresh ? jwtExpMs(refresh) : null;
|
|
1013
|
+
if (accessExp !== null && accessExp > now) exps.push(accessExp);
|
|
1014
|
+
if (refreshExp !== null && refreshExp > now) exps.push(refreshExp);
|
|
1015
|
+
if (!exps.length) return;
|
|
1016
|
+
const delay = Math.min(Math.min(...exps) - now + 250, 2147483647);
|
|
1017
|
+
_expiryTimer = setTimeout(notifySessionChanged, delay);
|
|
1018
|
+
}
|
|
1019
|
+
__name(scheduleExpiryFlip, "scheduleExpiryFlip");
|
|
1020
|
+
function notifySessionChanged() {
|
|
1021
|
+
const next = computeSnapshot();
|
|
1022
|
+
const changed = next.status !== _snapshot.status || next.accessExpiresAt !== _snapshot.accessExpiresAt;
|
|
1023
|
+
if (changed) _snapshot = next;
|
|
1024
|
+
scheduleExpiryFlip();
|
|
1025
|
+
if (!changed) return;
|
|
1026
|
+
for (const listener of Array.from(_sessionListeners)) {
|
|
1027
|
+
try {
|
|
1028
|
+
listener();
|
|
1029
|
+
} catch {
|
|
1030
|
+
}
|
|
1031
|
+
}
|
|
1032
|
+
if (isBrowser) {
|
|
1033
|
+
try {
|
|
1034
|
+
window.dispatchEvent(new Event(SESSION_SYNC_EVENT));
|
|
1035
|
+
} catch {
|
|
1036
|
+
}
|
|
1037
|
+
}
|
|
1038
|
+
}
|
|
1039
|
+
__name(notifySessionChanged, "notifySessionChanged");
|
|
1040
|
+
function ensureStorageSync() {
|
|
1041
|
+
if (!isBrowser || _storageListenerInstalled) return;
|
|
1042
|
+
_storageListenerInstalled = true;
|
|
1043
|
+
window.addEventListener("storage", (e) => {
|
|
1044
|
+
if (e.key === null || e.key === ACCESS_KEY || e.key === REFRESH_KEY) {
|
|
1045
|
+
notifySessionChanged();
|
|
1046
|
+
}
|
|
1047
|
+
});
|
|
1048
|
+
window.addEventListener(SESSION_SYNC_EVENT, () => notifySessionChanged());
|
|
1049
|
+
}
|
|
1050
|
+
__name(ensureStorageSync, "ensureStorageSync");
|
|
1051
|
+
var _sessionExpiredHandlers = /* @__PURE__ */ new Set();
|
|
1052
|
+
var _client = null;
|
|
1053
|
+
function pushClientConfig() {
|
|
1054
|
+
if (!_client) return;
|
|
1055
|
+
_client.setConfig({
|
|
1056
|
+
baseUrl: auth.getBaseUrl(),
|
|
1057
|
+
credentials: _withCredentials ? "include" : "same-origin"
|
|
1058
|
+
});
|
|
1059
|
+
}
|
|
1060
|
+
__name(pushClientConfig, "pushClientConfig");
|
|
1061
|
+
var auth = {
|
|
1062
|
+
// ── Storage mode ──────────────────────────────────────────────────
|
|
1063
|
+
getStorageMode() {
|
|
1064
|
+
return _storageMode;
|
|
1065
|
+
},
|
|
1066
|
+
setStorageMode(mode) {
|
|
1067
|
+
_storageMode = mode;
|
|
1068
|
+
_storage = mode === "cookie" ? cookieBackend : localStorageBackend;
|
|
1069
|
+
notifySessionChanged();
|
|
1070
|
+
},
|
|
1071
|
+
// ── Bearer token ──────────────────────────────────────────────────
|
|
1072
|
+
getToken() {
|
|
1073
|
+
return _storage.get(ACCESS_KEY);
|
|
1074
|
+
},
|
|
1075
|
+
setToken(token) {
|
|
1076
|
+
_storage.set(ACCESS_KEY, token);
|
|
1077
|
+
notifySessionChanged();
|
|
1078
|
+
},
|
|
1079
|
+
getRefreshToken() {
|
|
1080
|
+
return _storage.get(REFRESH_KEY);
|
|
1081
|
+
},
|
|
1082
|
+
setRefreshToken(token) {
|
|
1083
|
+
_storage.set(REFRESH_KEY, token);
|
|
1084
|
+
notifySessionChanged();
|
|
1085
|
+
},
|
|
1086
|
+
clearTokens() {
|
|
1087
|
+
_storage.set(ACCESS_KEY, null);
|
|
1088
|
+
_storage.set(REFRESH_KEY, null);
|
|
1089
|
+
notifySessionChanged();
|
|
1090
|
+
},
|
|
1091
|
+
/** Session-aware: token PRESENT and not past its `exp` (or a live refresh
|
|
1092
|
+
* token exists that can mint one). Prefer `getSnapshot().status` in React. */
|
|
1093
|
+
isAuthenticated() {
|
|
1094
|
+
return computeSnapshot().status === "authenticated";
|
|
1095
|
+
},
|
|
1096
|
+
// ── Session (the ONE write path for login/logout flows) ──────────
|
|
1097
|
+
/**
|
|
1098
|
+
* Persist a token pair atomically. Every login flow (OTP verify, 2FA,
|
|
1099
|
+
* OAuth callback) and the refresh handler should end here — do NOT
|
|
1100
|
+
* scatter `setToken`/`setRefreshToken` pairs through app code.
|
|
1101
|
+
* `refresh: undefined` keeps the current refresh token (access-only
|
|
1102
|
+
* rotation); `refresh: null` explicitly drops it.
|
|
1103
|
+
*/
|
|
1104
|
+
setSession(tokens) {
|
|
1105
|
+
_storage.set(ACCESS_KEY, tokens.access);
|
|
1106
|
+
if (tokens.refresh !== void 0) _storage.set(REFRESH_KEY, tokens.refresh);
|
|
1107
|
+
notifySessionChanged();
|
|
1108
|
+
},
|
|
1109
|
+
clearSession() {
|
|
1110
|
+
auth.clearTokens();
|
|
1111
|
+
},
|
|
1112
|
+
// ── Reactive snapshot (for useSyncExternalStore) ──────────────────
|
|
1113
|
+
/**
|
|
1114
|
+
* @example React:
|
|
1115
|
+
* const session = useSyncExternalStore(
|
|
1116
|
+
* auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,
|
|
1117
|
+
* );
|
|
1118
|
+
* const isAuthenticated = session.status === 'authenticated';
|
|
1119
|
+
*/
|
|
1120
|
+
getSnapshot() {
|
|
1121
|
+
return _snapshot;
|
|
1122
|
+
},
|
|
1123
|
+
getServerSnapshot() {
|
|
1124
|
+
return SERVER_SNAPSHOT;
|
|
1125
|
+
},
|
|
1126
|
+
subscribe(listener) {
|
|
1127
|
+
ensureStorageSync();
|
|
1128
|
+
_sessionListeners.add(listener);
|
|
1129
|
+
notifySessionChanged();
|
|
1130
|
+
return () => {
|
|
1131
|
+
_sessionListeners.delete(listener);
|
|
1132
|
+
if (_sessionListeners.size === 0 && _expiryTimer !== null) {
|
|
1133
|
+
clearTimeout(_expiryTimer);
|
|
1134
|
+
_expiryTimer = null;
|
|
1135
|
+
}
|
|
1136
|
+
};
|
|
1137
|
+
},
|
|
1138
|
+
/**
|
|
1139
|
+
* Fired on TERMINAL 401 — after the refresh+retry path is exhausted.
|
|
1140
|
+
* The store has already cleared the session before calling back, so
|
|
1141
|
+
* handlers only need to route to login (no clear-then-redirect
|
|
1142
|
+
* ordering to get wrong). Returns an unsubscribe function; multiple
|
|
1143
|
+
* handlers compose (unlike the legacy single-slot `onUnauthorized`).
|
|
1144
|
+
*/
|
|
1145
|
+
onSessionExpired(cb) {
|
|
1146
|
+
_sessionExpiredHandlers.add(cb);
|
|
1147
|
+
return () => {
|
|
1148
|
+
_sessionExpiredHandlers.delete(cb);
|
|
1149
|
+
};
|
|
1150
|
+
},
|
|
1151
|
+
// ── API key ───────────────────────────────────────────────────────
|
|
1152
|
+
getApiKey() {
|
|
1153
|
+
return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();
|
|
1154
|
+
},
|
|
1155
|
+
setApiKey(key) {
|
|
1156
|
+
_apiKeyOverride = key;
|
|
1157
|
+
},
|
|
1158
|
+
setApiKeyPersist(key) {
|
|
1159
|
+
_apiKeyOverride = key;
|
|
1160
|
+
_storage.set(API_KEY_KEY, key);
|
|
1161
|
+
},
|
|
1162
|
+
clearApiKey() {
|
|
1163
|
+
_apiKeyOverride = null;
|
|
1164
|
+
_storage.set(API_KEY_KEY, null);
|
|
1165
|
+
},
|
|
1166
|
+
// ── Locale ────────────────────────────────────────────────────────
|
|
1167
|
+
getLocale() {
|
|
1168
|
+
return _localeOverride ?? detectLocale();
|
|
1169
|
+
},
|
|
1170
|
+
setLocale(locale) {
|
|
1171
|
+
_localeOverride = locale;
|
|
1172
|
+
},
|
|
1173
|
+
// ── Base URL ──────────────────────────────────────────────────────
|
|
1174
|
+
getBaseUrl() {
|
|
1175
|
+
const url = _baseUrlOverride ?? defaultBaseUrl();
|
|
1176
|
+
return url.replace(/\/$/, "");
|
|
1177
|
+
},
|
|
1178
|
+
setBaseUrl(url) {
|
|
1179
|
+
_baseUrlOverride = url ? url.replace(/\/$/, "") : null;
|
|
1180
|
+
pushClientConfig();
|
|
1181
|
+
},
|
|
1182
|
+
// ── Credentials toggle ────────────────────────────────────────────
|
|
1183
|
+
getWithCredentials() {
|
|
1184
|
+
return _withCredentials;
|
|
1185
|
+
},
|
|
1186
|
+
setWithCredentials(value) {
|
|
1187
|
+
_withCredentials = value;
|
|
1188
|
+
pushClientConfig();
|
|
1189
|
+
},
|
|
1190
|
+
// ── 401 handler ───────────────────────────────────────────────────
|
|
1191
|
+
/**
|
|
1192
|
+
* Fired when the server returns 401 AND no refresh path recovers it
|
|
1193
|
+
* (no refresh token, no refresh handler, refresh failed, or retry
|
|
1194
|
+
* still 401). The app should clear local state and redirect to login.
|
|
1195
|
+
*
|
|
1196
|
+
* NOT fired for 401 that gets transparently recovered by the refresh
|
|
1197
|
+
* handler — those are invisible to callers.
|
|
1198
|
+
*/
|
|
1199
|
+
onUnauthorized(cb) {
|
|
1200
|
+
_onUnauthorized = cb;
|
|
1201
|
+
},
|
|
1202
|
+
/**
|
|
1203
|
+
* Register the refresh strategy. The handler receives the current
|
|
1204
|
+
* refresh token and must call your refresh endpoint, returning
|
|
1205
|
+
* `{ access, refresh? }` on success or `null` on failure.
|
|
1206
|
+
*
|
|
1207
|
+
* @example
|
|
1208
|
+
* auth.setRefreshHandler(async (refresh) => {
|
|
1209
|
+
* const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });
|
|
1210
|
+
* return data ? { access: data.access, refresh: data.refresh } : null;
|
|
1211
|
+
* });
|
|
1212
|
+
*/
|
|
1213
|
+
setRefreshHandler(fn) {
|
|
1214
|
+
_refreshHandler = fn;
|
|
1215
|
+
},
|
|
1216
|
+
/**
|
|
1217
|
+
* Proactively run the registered refresh handler right now, reusing the
|
|
1218
|
+
* SAME single-flight promise as the 401-recovery interceptor. Callers
|
|
1219
|
+
* (e.g. an expiry timer / focus / reconnect) get token rotation,
|
|
1220
|
+
* de-duplication and rotated-token persistence for free — they must NOT
|
|
1221
|
+
* re-implement any of it. Returns the fresh access token, or null if
|
|
1222
|
+
* there is no handler / no refresh token / the refresh failed.
|
|
1223
|
+
*/
|
|
1224
|
+
refreshNow() {
|
|
1225
|
+
return tryRefresh();
|
|
1226
|
+
}
|
|
1227
|
+
};
|
|
1228
|
+
async function tryRefresh() {
|
|
1229
|
+
if (_refreshInflight) return _refreshInflight;
|
|
1230
|
+
if (!_refreshHandler) return null;
|
|
1231
|
+
const runRefresh = /* @__PURE__ */ __name(async () => {
|
|
1232
|
+
const refresh = auth.getRefreshToken();
|
|
1233
|
+
if (!refresh) return null;
|
|
1234
|
+
const result = await _refreshHandler(refresh);
|
|
1235
|
+
if (!result?.access) return null;
|
|
1236
|
+
auth.setToken(result.access);
|
|
1237
|
+
if (result.refresh) auth.setRefreshToken(result.refresh);
|
|
1238
|
+
return result.access;
|
|
1239
|
+
}, "runRefresh");
|
|
1240
|
+
_refreshInflight = (async () => {
|
|
1241
|
+
try {
|
|
1242
|
+
const locks = typeof navigator !== "undefined" ? navigator.locks : void 0;
|
|
1243
|
+
if (locks?.request) {
|
|
1244
|
+
return await locks.request(`${REFRESH_KEY}:refresh`, runRefresh);
|
|
1245
|
+
}
|
|
1246
|
+
return await runRefresh();
|
|
1247
|
+
} catch {
|
|
1248
|
+
return null;
|
|
1249
|
+
} finally {
|
|
1250
|
+
_refreshInflight = null;
|
|
1251
|
+
}
|
|
1252
|
+
})();
|
|
1253
|
+
return _refreshInflight;
|
|
1254
|
+
}
|
|
1255
|
+
__name(tryRefresh, "tryRefresh");
|
|
1256
|
+
function expireSession(response) {
|
|
1257
|
+
auth.clearTokens();
|
|
1258
|
+
for (const cb of Array.from(_sessionExpiredHandlers)) {
|
|
1259
|
+
try {
|
|
1260
|
+
cb(response);
|
|
1261
|
+
} catch {
|
|
1262
|
+
}
|
|
1263
|
+
}
|
|
1264
|
+
if (_onUnauthorized) {
|
|
1265
|
+
try {
|
|
1266
|
+
_onUnauthorized(response);
|
|
1267
|
+
} catch {
|
|
1268
|
+
}
|
|
1269
|
+
}
|
|
1270
|
+
}
|
|
1271
|
+
__name(expireSession, "expireSession");
|
|
1272
|
+
function dpopEnabled() {
|
|
1273
|
+
try {
|
|
1274
|
+
return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
|
|
1275
|
+
} catch {
|
|
1276
|
+
return false;
|
|
1277
|
+
}
|
|
1278
|
+
}
|
|
1279
|
+
__name(dpopEnabled, "dpopEnabled");
|
|
1280
|
+
var _DPOP_DB = "cfg-auth";
|
|
1281
|
+
var _DPOP_STORE = "keys";
|
|
1282
|
+
var _DPOP_KEY_ID = "dpop-ec-p256";
|
|
1283
|
+
function _idbOpen() {
|
|
1284
|
+
return new Promise((resolve, reject) => {
|
|
1285
|
+
const req = indexedDB.open(_DPOP_DB, 1);
|
|
1286
|
+
req.onupgradeneeded = () => req.result.createObjectStore(_DPOP_STORE);
|
|
1287
|
+
req.onsuccess = () => resolve(req.result);
|
|
1288
|
+
req.onerror = () => reject(req.error);
|
|
1289
|
+
});
|
|
1290
|
+
}
|
|
1291
|
+
__name(_idbOpen, "_idbOpen");
|
|
1292
|
+
function _idbGet(key) {
|
|
1293
|
+
return _idbOpen().then((db) => new Promise((resolve, reject) => {
|
|
1294
|
+
const tx = db.transaction(_DPOP_STORE, "readonly");
|
|
1295
|
+
const req = tx.objectStore(_DPOP_STORE).get(key);
|
|
1296
|
+
req.onsuccess = () => resolve(req.result);
|
|
1297
|
+
req.onerror = () => reject(req.error);
|
|
1298
|
+
}));
|
|
1299
|
+
}
|
|
1300
|
+
__name(_idbGet, "_idbGet");
|
|
1301
|
+
function _idbPut(key, value) {
|
|
1302
|
+
return _idbOpen().then((db) => new Promise((resolve, reject) => {
|
|
1303
|
+
const tx = db.transaction(_DPOP_STORE, "readwrite");
|
|
1304
|
+
tx.objectStore(_DPOP_STORE).put(value, key);
|
|
1305
|
+
tx.oncomplete = () => resolve();
|
|
1306
|
+
tx.onerror = () => reject(tx.error);
|
|
1307
|
+
}));
|
|
1308
|
+
}
|
|
1309
|
+
__name(_idbPut, "_idbPut");
|
|
1310
|
+
var _dpopKeyPromise = null;
|
|
1311
|
+
function _getDpopKeyPair() {
|
|
1312
|
+
if (_dpopKeyPromise) return _dpopKeyPromise;
|
|
1313
|
+
_dpopKeyPromise = (async () => {
|
|
1314
|
+
const existing = await _idbGet(_DPOP_KEY_ID).catch(() => void 0);
|
|
1315
|
+
if (existing) return existing;
|
|
1316
|
+
const pair = await crypto.subtle.generateKey(
|
|
1317
|
+
{ name: "ECDSA", namedCurve: "P-256" },
|
|
1318
|
+
false,
|
|
1319
|
+
// extractable:false — JS can sign but never export the private key
|
|
1320
|
+
["sign"]
|
|
1321
|
+
);
|
|
1322
|
+
await _idbPut(_DPOP_KEY_ID, pair).catch(() => {
|
|
1323
|
+
});
|
|
1324
|
+
return pair;
|
|
1325
|
+
})();
|
|
1326
|
+
return _dpopKeyPromise;
|
|
1327
|
+
}
|
|
1328
|
+
__name(_getDpopKeyPair, "_getDpopKeyPair");
|
|
1329
|
+
function _b64urlFromBytes(bytes) {
|
|
1330
|
+
const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
|
|
1331
|
+
let s = "";
|
|
1332
|
+
for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
|
|
1333
|
+
return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
1334
|
+
}
|
|
1335
|
+
__name(_b64urlFromBytes, "_b64urlFromBytes");
|
|
1336
|
+
function _b64urlFromString(str) {
|
|
1337
|
+
return _b64urlFromBytes(new TextEncoder().encode(str));
|
|
1338
|
+
}
|
|
1339
|
+
__name(_b64urlFromString, "_b64urlFromString");
|
|
1340
|
+
async function _publicJwk(pub) {
|
|
1341
|
+
const jwk = await crypto.subtle.exportKey("jwk", pub);
|
|
1342
|
+
return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
|
|
1343
|
+
}
|
|
1344
|
+
__name(_publicJwk, "_publicJwk");
|
|
1345
|
+
async function _makeDpopProof(method, url) {
|
|
1346
|
+
try {
|
|
1347
|
+
const pair = await _getDpopKeyPair();
|
|
1348
|
+
const jwk = await _publicJwk(pair.publicKey);
|
|
1349
|
+
const header = { typ: "dpop+jwt", alg: "ES256", jwk };
|
|
1350
|
+
const htu = url.split("#")[0].split("?")[0];
|
|
1351
|
+
const jti = crypto.randomUUID && crypto.randomUUID() || _b64urlFromBytes(crypto.getRandomValues(new Uint8Array(16)));
|
|
1352
|
+
const payload = { htm: method.toUpperCase(), htu, iat: Math.floor(Date.now() / 1e3), jti };
|
|
1353
|
+
const signingInput = `${_b64urlFromString(JSON.stringify(header))}.${_b64urlFromString(JSON.stringify(payload))}`;
|
|
1354
|
+
const sig = await crypto.subtle.sign(
|
|
1355
|
+
{ name: "ECDSA", hash: "SHA-256" },
|
|
1356
|
+
pair.privateKey,
|
|
1357
|
+
new TextEncoder().encode(signingInput)
|
|
1358
|
+
);
|
|
1359
|
+
return `${signingInput}.${_b64urlFromBytes(sig)}`;
|
|
1360
|
+
} catch {
|
|
1361
|
+
return null;
|
|
1362
|
+
}
|
|
1363
|
+
}
|
|
1364
|
+
__name(_makeDpopProof, "_makeDpopProof");
|
|
1365
|
+
function installAuthOnClient(client2) {
|
|
1366
|
+
if (_client) return;
|
|
1367
|
+
_client = client2;
|
|
1368
|
+
client2.setConfig({
|
|
1369
|
+
baseUrl: auth.getBaseUrl(),
|
|
1370
|
+
credentials: _withCredentials ? "include" : "same-origin"
|
|
1371
|
+
});
|
|
1372
|
+
client2.interceptors.request.use(async (request) => {
|
|
1373
|
+
const token = auth.getToken();
|
|
1374
|
+
if (token) request.headers.set("Authorization", `Bearer ${token}`);
|
|
1375
|
+
const locale = auth.getLocale();
|
|
1376
|
+
if (locale) request.headers.set("Accept-Language", locale);
|
|
1377
|
+
const apiKey = auth.getApiKey();
|
|
1378
|
+
if (apiKey && !request.headers.has("X-API-Key")) request.headers.set("X-API-Key", apiKey);
|
|
1379
|
+
try {
|
|
1380
|
+
const tz = Intl.DateTimeFormat().resolvedOptions().timeZone;
|
|
1381
|
+
if (tz) request.headers.set("X-Timezone", tz);
|
|
1382
|
+
} catch {
|
|
1383
|
+
}
|
|
1384
|
+
request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
|
|
1385
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
1386
|
+
const proof = await _makeDpopProof(request.method, request.url);
|
|
1387
|
+
if (proof) request.headers.set("DPoP", proof);
|
|
1388
|
+
}
|
|
1389
|
+
return request;
|
|
1390
|
+
});
|
|
1391
|
+
client2.interceptors.error.use((err, res, req) => {
|
|
1392
|
+
if (err instanceof APIError) return err;
|
|
1393
|
+
const url = req?.url ?? "";
|
|
1394
|
+
const status = res?.status ?? 0;
|
|
1395
|
+
const statusText = res?.statusText ?? "";
|
|
1396
|
+
return new APIError(status, statusText, err, url);
|
|
1397
|
+
});
|
|
1398
|
+
client2.interceptors.response.use(async (response, request) => {
|
|
1399
|
+
if (response.status !== 401) return response;
|
|
1400
|
+
if (request.headers.get(RETRY_MARKER)) {
|
|
1401
|
+
expireSession(response);
|
|
1402
|
+
return response;
|
|
1403
|
+
}
|
|
1404
|
+
const newToken = await tryRefresh();
|
|
1405
|
+
if (!newToken) {
|
|
1406
|
+
expireSession(response);
|
|
1407
|
+
return response;
|
|
1408
|
+
}
|
|
1409
|
+
const retry = request.clone();
|
|
1410
|
+
retry.headers.set("Authorization", `Bearer ${newToken}`);
|
|
1411
|
+
retry.headers.set(RETRY_MARKER, "1");
|
|
1412
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
1413
|
+
const proof = await _makeDpopProof(retry.method, retry.url);
|
|
1414
|
+
if (proof) retry.headers.set("DPoP", proof);
|
|
1415
|
+
}
|
|
1416
|
+
try {
|
|
1417
|
+
const retried = await fetch(retry);
|
|
1418
|
+
if (retried.status === 401) expireSession(retried);
|
|
1419
|
+
return retried;
|
|
1420
|
+
} catch {
|
|
1421
|
+
return response;
|
|
1422
|
+
}
|
|
1423
|
+
});
|
|
1424
|
+
}
|
|
1425
|
+
__name(installAuthOnClient, "installAuthOnClient");
|
|
1426
|
+
var REFRESH_ENDPOINT = "/cfg/accounts/token/refresh/";
|
|
1427
|
+
auth.setRefreshHandler(async (refresh) => {
|
|
1428
|
+
try {
|
|
1429
|
+
const url = `${auth.getBaseUrl()}${REFRESH_ENDPOINT}`;
|
|
1430
|
+
const headers = { "Content-Type": "application/json" };
|
|
1431
|
+
if (dpopEnabled() && typeof window !== "undefined") {
|
|
1432
|
+
const proof = await _makeDpopProof("POST", url);
|
|
1433
|
+
if (proof) headers["DPoP"] = proof;
|
|
1434
|
+
}
|
|
1435
|
+
const res = await fetch(url, {
|
|
1436
|
+
method: "POST",
|
|
1437
|
+
headers,
|
|
1438
|
+
credentials: auth.getWithCredentials() ? "include" : "same-origin",
|
|
1439
|
+
body: JSON.stringify({ refresh })
|
|
1440
|
+
});
|
|
1441
|
+
if (!res.ok) return null;
|
|
1442
|
+
const data = await res.json();
|
|
1443
|
+
return data?.access ? { access: data.access, refresh: data.refresh ?? refresh } : null;
|
|
1444
|
+
} catch {
|
|
1445
|
+
return null;
|
|
1446
|
+
}
|
|
1447
|
+
});
|
|
1448
|
+
|
|
1449
|
+
// src/_api/generated/client.gen.ts
|
|
1450
|
+
var client = createClient(createConfig({ baseUrl: "http://localhost:8000" }));
|
|
1451
|
+
installAuthOnClient(client);
|
|
1452
|
+
|
|
1453
|
+
// src/_api/generated/sdk.gen.ts
|
|
1454
|
+
var CfgAccountsApiKey = class {
|
|
1455
|
+
static {
|
|
1456
|
+
__name(this, "CfgAccountsApiKey");
|
|
1457
|
+
}
|
|
1458
|
+
/**
|
|
1459
|
+
* Get API key details
|
|
1460
|
+
*
|
|
1461
|
+
* Retrieve the current user's API key (masked) and metadata.
|
|
1462
|
+
*/
|
|
1463
|
+
static cfgAccountsApiKeyRetrieve(options) {
|
|
1464
|
+
return (options?.client ?? client).get({
|
|
1465
|
+
security: [
|
|
1466
|
+
{ scheme: "bearer", type: "http" },
|
|
1467
|
+
{
|
|
1468
|
+
in: "cookie",
|
|
1469
|
+
name: "sessionid",
|
|
1470
|
+
type: "apiKey"
|
|
1471
|
+
},
|
|
1472
|
+
{ name: "X-API-Key", type: "apiKey" }
|
|
1473
|
+
],
|
|
1474
|
+
url: "/cfg/accounts/api-key/",
|
|
1475
|
+
...options
|
|
1476
|
+
});
|
|
1477
|
+
}
|
|
1478
|
+
/**
|
|
1479
|
+
* Regenerate API key
|
|
1480
|
+
*
|
|
1481
|
+
* Generate a new API key. The full key is returned only once.
|
|
1482
|
+
*/
|
|
1483
|
+
static cfgAccountsApiKeyRegenerateCreate(options) {
|
|
1484
|
+
return (options.client ?? client).post({
|
|
1485
|
+
security: [
|
|
1486
|
+
{ scheme: "bearer", type: "http" },
|
|
1487
|
+
{
|
|
1488
|
+
in: "cookie",
|
|
1489
|
+
name: "sessionid",
|
|
1490
|
+
type: "apiKey"
|
|
1491
|
+
},
|
|
1492
|
+
{ name: "X-API-Key", type: "apiKey" }
|
|
1493
|
+
],
|
|
1494
|
+
url: "/cfg/accounts/api-key/regenerate/",
|
|
1495
|
+
...options,
|
|
1496
|
+
headers: {
|
|
1497
|
+
"Content-Type": "application/json",
|
|
1498
|
+
...options.headers
|
|
1499
|
+
}
|
|
1500
|
+
});
|
|
1501
|
+
}
|
|
1502
|
+
/**
|
|
1503
|
+
* Reveal API key
|
|
1504
|
+
*
|
|
1505
|
+
* Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.
|
|
1506
|
+
*/
|
|
1507
|
+
static cfgAccountsApiKeyRevealCreate(options) {
|
|
1508
|
+
return (options.client ?? client).post({
|
|
1509
|
+
security: [
|
|
1510
|
+
{ scheme: "bearer", type: "http" },
|
|
1511
|
+
{
|
|
1512
|
+
in: "cookie",
|
|
1513
|
+
name: "sessionid",
|
|
1514
|
+
type: "apiKey"
|
|
1515
|
+
},
|
|
1516
|
+
{ name: "X-API-Key", type: "apiKey" }
|
|
1517
|
+
],
|
|
1518
|
+
url: "/cfg/accounts/api-key/reveal/",
|
|
1519
|
+
...options,
|
|
1520
|
+
headers: {
|
|
1521
|
+
"Content-Type": "application/json",
|
|
1522
|
+
...options.headers
|
|
1523
|
+
}
|
|
1524
|
+
});
|
|
1525
|
+
}
|
|
1526
|
+
/**
|
|
1527
|
+
* Test API key
|
|
1528
|
+
*
|
|
1529
|
+
* Test whether an API key is valid without consuming it.
|
|
1530
|
+
*/
|
|
1531
|
+
static cfgAccountsApiKeyTestCreate(options) {
|
|
1532
|
+
return (options.client ?? client).post({
|
|
1533
|
+
security: [
|
|
1534
|
+
{ scheme: "bearer", type: "http" },
|
|
1535
|
+
{
|
|
1536
|
+
in: "cookie",
|
|
1537
|
+
name: "sessionid",
|
|
1538
|
+
type: "apiKey"
|
|
1539
|
+
},
|
|
1540
|
+
{ name: "X-API-Key", type: "apiKey" }
|
|
1541
|
+
],
|
|
1542
|
+
url: "/cfg/accounts/api-key/test/",
|
|
1543
|
+
...options,
|
|
1544
|
+
headers: {
|
|
1545
|
+
"Content-Type": "application/json",
|
|
1546
|
+
...options.headers
|
|
1547
|
+
}
|
|
1548
|
+
});
|
|
1549
|
+
}
|
|
1550
|
+
};
|
|
1551
|
+
|
|
13
1552
|
// src/_api/generated/_cfg_accounts/schemas/APIKeyRegenerate.ts
|
|
14
1553
|
import { z } from "zod";
|
|
15
1554
|
var APIKeyRegenerateSchema = z.object({
|