@executor-js/plugin-onepassword 0.0.1-beta.6 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -10
- package/dist/api/group.d.ts +19 -20
- package/dist/api/handlers.d.ts +2 -2
- package/dist/{chunk-57NB4OW6.js → chunk-HWMHIFQL.js} +161 -126
- package/dist/chunk-HWMHIFQL.js.map +1 -0
- package/dist/core.js +3 -1
- package/dist/index.js +1 -1
- package/dist/promise.d.ts +4 -0
- package/dist/react/OnePasswordSettings.d.ts +1 -0
- package/dist/react/atoms.d.ts +22 -0
- package/dist/react/client.d.ts +349 -0
- package/dist/react/index.d.ts +2 -0
- package/dist/react/secret-provider-plugin.d.ts +2 -0
- package/dist/sdk/errors.d.ts +4 -6
- package/dist/sdk/index.d.ts +1 -1
- package/dist/sdk/plugin.d.ts +26 -12
- package/dist/sdk/plugin.test.d.ts +1 -0
- package/dist/sdk/service.d.ts +1 -1
- package/dist/sdk/types.d.ts +23 -68
- package/package.json +8 -13
- package/dist/chunk-57NB4OW6.js.map +0 -1
package/README.md
CHANGED
|
@@ -1,29 +1,31 @@
|
|
|
1
|
-
# @executor/plugin-onepassword
|
|
1
|
+
# @executor-js/plugin-onepassword
|
|
2
2
|
|
|
3
3
|
[1Password](https://1password.com) integration for the executor. Provides a secret source that resolves values from a 1Password vault, backed by either the desktop app (connect.sock) or a service account token.
|
|
4
4
|
|
|
5
5
|
## Install
|
|
6
6
|
|
|
7
7
|
```sh
|
|
8
|
-
bun add @executor/sdk @executor/plugin-onepassword
|
|
8
|
+
bun add @executor-js/sdk @executor-js/plugin-onepassword
|
|
9
9
|
# or
|
|
10
|
-
npm install @executor/sdk @executor/plugin-onepassword
|
|
10
|
+
npm install @executor-js/sdk @executor-js/plugin-onepassword
|
|
11
11
|
```
|
|
12
12
|
|
|
13
13
|
## Usage
|
|
14
14
|
|
|
15
15
|
```ts
|
|
16
|
-
import { createExecutor } from "@executor/sdk";
|
|
17
|
-
import { onepasswordPlugin } from "@executor/plugin-onepassword";
|
|
16
|
+
import { createExecutor } from "@executor-js/sdk";
|
|
17
|
+
import { onepasswordPlugin } from "@executor-js/plugin-onepassword";
|
|
18
18
|
|
|
19
19
|
const executor = await createExecutor({
|
|
20
|
-
|
|
20
|
+
onElicitation: "accept-all",
|
|
21
21
|
plugins: [onepasswordPlugin()] as const,
|
|
22
22
|
});
|
|
23
23
|
|
|
24
24
|
// Point the plugin at your account
|
|
25
25
|
await executor.onepassword.configure({
|
|
26
26
|
auth: { kind: "desktop-app", accountName: "my-account" },
|
|
27
|
+
vaultId: "my-vault-id",
|
|
28
|
+
name: "Personal",
|
|
27
29
|
});
|
|
28
30
|
|
|
29
31
|
// Inspect connection / list vaults
|
|
@@ -34,20 +36,38 @@ const vaults = await executor.onepassword.listVaults({
|
|
|
34
36
|
});
|
|
35
37
|
```
|
|
36
38
|
|
|
37
|
-
For CI and headless environments, use a service-account token instead of the desktop app:
|
|
39
|
+
For CI and headless environments, use a service-account token instead of the desktop app. Store the token through the executor's secret store first, then reference it by id:
|
|
38
40
|
|
|
39
41
|
```ts
|
|
42
|
+
import { createExecutor } from "@executor-js/sdk";
|
|
43
|
+
import { onepasswordPlugin } from "@executor-js/plugin-onepassword";
|
|
44
|
+
import { fileSecretsPlugin } from "@executor-js/plugin-file-secrets";
|
|
45
|
+
|
|
46
|
+
const executor = await createExecutor({
|
|
47
|
+
onElicitation: "accept-all",
|
|
48
|
+
plugins: [fileSecretsPlugin(), onepasswordPlugin()] as const,
|
|
49
|
+
});
|
|
50
|
+
|
|
51
|
+
await executor.secrets.set({
|
|
52
|
+
id: "op-token",
|
|
53
|
+
name: "1Password service account",
|
|
54
|
+
value: process.env.OP_SERVICE_ACCOUNT_TOKEN!,
|
|
55
|
+
scope: executor.scopes[0]!.id,
|
|
56
|
+
});
|
|
57
|
+
|
|
40
58
|
await executor.onepassword.configure({
|
|
41
|
-
auth: { kind: "service-account",
|
|
59
|
+
auth: { kind: "service-account", tokenSecretId: "op-token" },
|
|
60
|
+
vaultId: "my-vault-id",
|
|
61
|
+
name: "CI",
|
|
42
62
|
});
|
|
43
63
|
```
|
|
44
64
|
|
|
45
65
|
## Using with Effect
|
|
46
66
|
|
|
47
|
-
If you're building on `@executor/sdk` (the raw Effect entry), import this plugin from its `/core` subpath instead:
|
|
67
|
+
If you're building on `@executor-js/sdk/core` (the raw Effect entry), import this plugin from its `/core` subpath instead — it returns the Effect-shaped plugin with `Effect.Effect<...>`-returning methods rather than promisified wrappers:
|
|
48
68
|
|
|
49
69
|
```ts
|
|
50
|
-
import { onepasswordPlugin } from "@executor/plugin-onepassword";
|
|
70
|
+
import { onepasswordPlugin } from "@executor-js/plugin-onepassword/core";
|
|
51
71
|
```
|
|
52
72
|
|
|
53
73
|
## Status
|
package/dist/api/group.d.ts
CHANGED
|
@@ -1,22 +1,21 @@
|
|
|
1
|
-
import { HttpApiEndpoint, HttpApiGroup } from "
|
|
1
|
+
import { HttpApiEndpoint, HttpApiGroup } from "effect/unstable/httpapi";
|
|
2
|
+
import { Schema } from "effect";
|
|
3
|
+
import { InternalError } from "@executor-js/api";
|
|
2
4
|
import { OnePasswordError } from "../sdk/errors";
|
|
3
5
|
import { OnePasswordConfig, Vault, ConnectionStatus } from "../sdk/types";
|
|
4
|
-
declare const
|
|
5
|
-
|
|
6
|
-
}
|
|
7
|
-
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
}
|
|
15
|
-
readonly authKind: "desktop-app"
|
|
16
|
-
readonly account:
|
|
17
|
-
}
|
|
18
|
-
readonly vaults:
|
|
19
|
-
}
|
|
20
|
-
export declare class OnePasswordGroup extends OnePasswordGroup_base {
|
|
21
|
-
}
|
|
22
|
-
export {};
|
|
6
|
+
export declare const OnePasswordGroup: HttpApiGroup.HttpApiGroup<"onepassword", HttpApiEndpoint.HttpApiEndpoint<"getConfig", "GET", "/scopes/:scopeId/onepassword/config", HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
7
|
+
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
8
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.NullOr<typeof OnePasswordConfig>>, HttpApiEndpoint.Json<typeof OnePasswordError | typeof InternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"configure", "PUT", "/scopes/:scopeId/onepassword/config", HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
9
|
+
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
10
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<typeof OnePasswordConfig>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Void>, HttpApiEndpoint.Json<typeof OnePasswordError | typeof InternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"removeConfig", "DELETE", "/scopes/:scopeId/onepassword/config", HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
11
|
+
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
12
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Void>, HttpApiEndpoint.Json<typeof OnePasswordError | typeof InternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"status", "GET", "/scopes/:scopeId/onepassword/status", HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
13
|
+
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
14
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<typeof ConnectionStatus>, HttpApiEndpoint.Json<typeof OnePasswordError | typeof InternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"listVaults", "GET", "/scopes/:scopeId/onepassword/vaults", HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
15
|
+
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
16
|
+
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
17
|
+
readonly authKind: Schema.Literals<readonly ["desktop-app", "service-account"]>;
|
|
18
|
+
readonly account: Schema.String;
|
|
19
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
20
|
+
readonly vaults: Schema.$Array<typeof Vault>;
|
|
21
|
+
}>>, HttpApiEndpoint.Json<typeof OnePasswordError | typeof InternalError>, never, never>, false>;
|
package/dist/api/handlers.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { Context } from "effect";
|
|
2
2
|
import type { OnePasswordExtension } from "../sdk/plugin";
|
|
3
|
-
declare const OnePasswordExtensionService_base: Context.
|
|
3
|
+
declare const OnePasswordExtensionService_base: Context.ServiceClass<OnePasswordExtensionService, "OnePasswordExtensionService", OnePasswordExtension>;
|
|
4
4
|
export declare class OnePasswordExtensionService extends OnePasswordExtensionService_base {
|
|
5
5
|
}
|
|
6
|
-
export declare const OnePasswordHandlers: import("effect/Layer").Layer<import("
|
|
6
|
+
export declare const OnePasswordHandlers: import("effect/Layer").Layer<import("effect/unstable/httpapi/HttpApiGroup").ApiGroup<"executor", "onepassword">, never, import("effect/unstable/http/HttpRouter").Request<"Requires", OnePasswordExtensionService>>;
|
|
7
7
|
export {};
|
|
@@ -12,7 +12,7 @@ var ServiceAccountAuth = class extends Schema.Class("ServiceAccountAuth")({
|
|
|
12
12
|
tokenSecretId: Schema.String
|
|
13
13
|
}) {
|
|
14
14
|
};
|
|
15
|
-
var OnePasswordAuth = Schema.Union(DesktopAppAuth, ServiceAccountAuth);
|
|
15
|
+
var OnePasswordAuth = Schema.Union([DesktopAppAuth, ServiceAccountAuth]);
|
|
16
16
|
var OnePasswordConfig = class extends Schema.Class("OnePasswordConfig")({
|
|
17
17
|
auth: OnePasswordAuth,
|
|
18
18
|
/** Vault to scope operations to */
|
|
@@ -35,18 +35,20 @@ var ConnectionStatus = class extends Schema.Class("ConnectionStatus")({
|
|
|
35
35
|
|
|
36
36
|
// src/sdk/errors.ts
|
|
37
37
|
import { Schema as Schema2 } from "effect";
|
|
38
|
-
var OnePasswordError = class extends Schema2.
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
38
|
+
var OnePasswordError = class extends Schema2.TaggedErrorClass()(
|
|
39
|
+
"OnePasswordError",
|
|
40
|
+
{
|
|
41
|
+
operation: Schema2.String,
|
|
42
|
+
message: Schema2.String
|
|
43
|
+
},
|
|
44
|
+
{ httpApiStatus: 502 }
|
|
45
|
+
) {
|
|
42
46
|
};
|
|
43
47
|
|
|
44
48
|
// src/sdk/service.ts
|
|
45
49
|
import { Context, Duration, Effect } from "effect";
|
|
46
50
|
import * as op from "@1password/op-js";
|
|
47
|
-
var OnePasswordServiceTag = class extends Context.
|
|
48
|
-
"@executor-js/plugin-onepassword/OnePasswordService"
|
|
49
|
-
)() {
|
|
51
|
+
var OnePasswordServiceTag = class extends Context.Service()("@executor-js/plugin-onepassword/OnePasswordService") {
|
|
50
52
|
};
|
|
51
53
|
var DEFAULT_TIMEOUT_MS = 15e3;
|
|
52
54
|
var loadOnePasswordSdk = () => Effect.tryPromise({
|
|
@@ -65,16 +67,18 @@ var makeTimeoutMessage = (operation, timeoutMs) => [
|
|
|
65
67
|
"4. Make sure no other app or terminal is waiting for 1Password approval (only one prompt at a time)",
|
|
66
68
|
"5. Try quitting 1Password completely and reopening it, then retry"
|
|
67
69
|
].join("\n");
|
|
70
|
+
var timeoutWithOnePasswordError = (operation, timeoutMs) => Effect.timeoutOrElse({
|
|
71
|
+
duration: Duration.millis(timeoutMs),
|
|
72
|
+
orElse: () => Effect.fail(
|
|
73
|
+
new OnePasswordError({
|
|
74
|
+
operation,
|
|
75
|
+
message: makeTimeoutMessage(operation, timeoutMs)
|
|
76
|
+
})
|
|
77
|
+
)
|
|
78
|
+
});
|
|
68
79
|
var makeNativeSdkService = (auth, timeoutMs = DEFAULT_TIMEOUT_MS) => Effect.gen(function* () {
|
|
69
|
-
const timeout = Duration.millis(timeoutMs);
|
|
70
80
|
const sdk = yield* loadOnePasswordSdk().pipe(
|
|
71
|
-
|
|
72
|
-
duration: timeout,
|
|
73
|
-
onTimeout: () => new OnePasswordError({
|
|
74
|
-
operation: "sdk module load",
|
|
75
|
-
message: makeTimeoutMessage("sdk module load", timeoutMs)
|
|
76
|
-
})
|
|
77
|
-
})
|
|
81
|
+
timeoutWithOnePasswordError("sdk module load", timeoutMs)
|
|
78
82
|
);
|
|
79
83
|
const client = yield* Effect.tryPromise({
|
|
80
84
|
try: () => sdk.createClient({
|
|
@@ -87,13 +91,7 @@ var makeNativeSdkService = (auth, timeoutMs = DEFAULT_TIMEOUT_MS) => Effect.gen(
|
|
|
87
91
|
message: cause instanceof Error ? cause.message : String(cause)
|
|
88
92
|
})
|
|
89
93
|
}).pipe(
|
|
90
|
-
|
|
91
|
-
duration: timeout,
|
|
92
|
-
onTimeout: () => new OnePasswordError({
|
|
93
|
-
operation: "client setup",
|
|
94
|
-
message: makeTimeoutMessage("client setup", timeoutMs)
|
|
95
|
-
})
|
|
96
|
-
})
|
|
94
|
+
timeoutWithOnePasswordError("client setup", timeoutMs)
|
|
97
95
|
);
|
|
98
96
|
const wrap = (fn, operation) => Effect.tryPromise({
|
|
99
97
|
try: fn,
|
|
@@ -102,13 +100,7 @@ var makeNativeSdkService = (auth, timeoutMs = DEFAULT_TIMEOUT_MS) => Effect.gen(
|
|
|
102
100
|
message: cause instanceof Error ? cause.message : String(cause)
|
|
103
101
|
})
|
|
104
102
|
}).pipe(
|
|
105
|
-
|
|
106
|
-
duration: timeout,
|
|
107
|
-
onTimeout: () => new OnePasswordError({
|
|
108
|
-
operation,
|
|
109
|
-
message: makeTimeoutMessage(operation, timeoutMs)
|
|
110
|
-
})
|
|
111
|
-
}),
|
|
103
|
+
timeoutWithOnePasswordError(operation, timeoutMs),
|
|
112
104
|
Effect.withSpan(`onepassword.sdk.${operation}`)
|
|
113
105
|
);
|
|
114
106
|
return OnePasswordServiceTag.of({
|
|
@@ -150,7 +142,7 @@ var makeOnePasswordService = (auth, options) => {
|
|
|
150
142
|
return makeNativeSdkService(auth, timeoutMs);
|
|
151
143
|
}
|
|
152
144
|
return makeCliService(auth).pipe(
|
|
153
|
-
Effect.
|
|
145
|
+
Effect.catch(
|
|
154
146
|
(cliError) => (
|
|
155
147
|
// CLI unavailable (e.g. `op` not installed) — fall back to SDK
|
|
156
148
|
makeNativeSdkService(auth, timeoutMs).pipe(Effect.mapError(() => cliError))
|
|
@@ -163,12 +155,41 @@ var makeOnePasswordService = (auth, options) => {
|
|
|
163
155
|
import { Effect as Effect2, Schema as Schema3 } from "effect";
|
|
164
156
|
import {
|
|
165
157
|
definePlugin,
|
|
166
|
-
|
|
167
|
-
} from "@executor-js/sdk";
|
|
168
|
-
var PLUGIN_KEY = "onepassword";
|
|
158
|
+
StorageError
|
|
159
|
+
} from "@executor-js/sdk/core";
|
|
169
160
|
var CREDENTIAL_FIELD = "credential";
|
|
170
161
|
var DEFAULT_TIMEOUT_MS2 = 15e3;
|
|
171
162
|
var CONFIG_KEY = "config";
|
|
163
|
+
var decodeConfig = Schema3.decodeUnknownSync(OnePasswordConfig);
|
|
164
|
+
var blobStorageError = (operation) => (cause) => new StorageError({
|
|
165
|
+
message: `onepassword blob ${operation}: ${cause instanceof Error ? cause.message : String(cause)}`,
|
|
166
|
+
cause
|
|
167
|
+
});
|
|
168
|
+
var makeOnePasswordStore = (blobs, writeScope) => ({
|
|
169
|
+
getConfig: () => blobs.get(CONFIG_KEY).pipe(
|
|
170
|
+
Effect2.mapError(blobStorageError("read")),
|
|
171
|
+
Effect2.flatMap((raw) => {
|
|
172
|
+
if (raw === null) return Effect2.succeed(null);
|
|
173
|
+
return Effect2.try({
|
|
174
|
+
try: () => decodeConfig(JSON.parse(raw)),
|
|
175
|
+
catch: (cause) => new OnePasswordError({
|
|
176
|
+
operation: "config decode",
|
|
177
|
+
message: cause instanceof Error ? cause.message : String(cause)
|
|
178
|
+
})
|
|
179
|
+
});
|
|
180
|
+
})
|
|
181
|
+
),
|
|
182
|
+
saveConfig: (config) => blobs.put(
|
|
183
|
+
CONFIG_KEY,
|
|
184
|
+
JSON.stringify({
|
|
185
|
+
auth: config.auth,
|
|
186
|
+
vaultId: config.vaultId,
|
|
187
|
+
name: config.name
|
|
188
|
+
}),
|
|
189
|
+
{ scope: writeScope }
|
|
190
|
+
).pipe(Effect2.mapError(blobStorageError("write"))),
|
|
191
|
+
deleteConfig: () => blobs.delete(CONFIG_KEY, { scope: writeScope }).pipe(Effect2.mapError(blobStorageError("delete")))
|
|
192
|
+
});
|
|
172
193
|
var resolveAuth = (auth, ctx) => {
|
|
173
194
|
if (auth.kind === "desktop-app") {
|
|
174
195
|
return Effect2.succeed({
|
|
@@ -176,27 +197,45 @@ var resolveAuth = (auth, ctx) => {
|
|
|
176
197
|
accountName: auth.accountName
|
|
177
198
|
});
|
|
178
199
|
}
|
|
179
|
-
return ctx.secrets.
|
|
180
|
-
Effect2.map((token) => ({ kind: "service-account", token })),
|
|
200
|
+
return ctx.secrets.get(auth.tokenSecretId).pipe(
|
|
181
201
|
Effect2.mapError(
|
|
182
|
-
(
|
|
202
|
+
(err) => "_tag" in err && err._tag === "SecretOwnedByConnectionError" ? new OnePasswordError({
|
|
183
203
|
operation: "auth resolution",
|
|
184
|
-
message: `
|
|
185
|
-
})
|
|
186
|
-
)
|
|
204
|
+
message: `Service account token secret "${auth.tokenSecretId}" not found`
|
|
205
|
+
}) : err
|
|
206
|
+
),
|
|
207
|
+
Effect2.flatMap((token) => {
|
|
208
|
+
if (token === null) {
|
|
209
|
+
return Effect2.fail(
|
|
210
|
+
new OnePasswordError({
|
|
211
|
+
operation: "auth resolution",
|
|
212
|
+
message: `Service account token secret "${auth.tokenSecretId}" not found`
|
|
213
|
+
})
|
|
214
|
+
);
|
|
215
|
+
}
|
|
216
|
+
return Effect2.succeed({
|
|
217
|
+
kind: "service-account",
|
|
218
|
+
token
|
|
219
|
+
});
|
|
220
|
+
})
|
|
187
221
|
);
|
|
188
222
|
};
|
|
189
|
-
var getServiceFromConfig = (config, ctx, timeoutMs) => resolveAuth(config.auth, ctx).pipe(
|
|
190
|
-
Effect2.flatMap(
|
|
223
|
+
var getServiceFromConfig = (config, ctx, timeoutMs, preferSdk) => resolveAuth(config.auth, ctx).pipe(
|
|
224
|
+
Effect2.flatMap(
|
|
225
|
+
(resolved) => makeOnePasswordService(resolved, { timeoutMs, preferSdk })
|
|
226
|
+
)
|
|
191
227
|
);
|
|
192
|
-
var makeProvider = (
|
|
228
|
+
var makeProvider = (ctx, timeoutMs, preferSdk) => ({
|
|
193
229
|
key: "onepassword",
|
|
194
230
|
writable: false,
|
|
195
|
-
|
|
231
|
+
// 1Password vaults are named in the stored config; the executor-scope
|
|
232
|
+
// arg isn't used for routing here. A future refactor could let the
|
|
233
|
+
// plugin store per-scope vault bindings and pick based on `scope`.
|
|
234
|
+
get: (secretId, _scope) => ctx.storage.getConfig().pipe(
|
|
196
235
|
Effect2.flatMap((config) => {
|
|
197
236
|
if (!config) return Effect2.succeed(null);
|
|
198
237
|
const uri = secretId.startsWith("op://") ? secretId : `op://${config.vaultId}/${secretId}/${CREDENTIAL_FIELD}`;
|
|
199
|
-
return getServiceFromConfig(config, ctx, timeoutMs).pipe(
|
|
238
|
+
return getServiceFromConfig(config, ctx, timeoutMs, preferSdk).pipe(
|
|
200
239
|
Effect2.flatMap((svc) => svc.resolveSecret(uri)),
|
|
201
240
|
Effect2.map((v) => v),
|
|
202
241
|
Effect2.orElseSucceed(() => null)
|
|
@@ -204,95 +243,90 @@ var makeProvider = (getConfig, ctx, timeoutMs) => ({
|
|
|
204
243
|
}),
|
|
205
244
|
Effect2.orElseSucceed(() => null)
|
|
206
245
|
),
|
|
207
|
-
list: () => getConfig().pipe(
|
|
246
|
+
list: () => ctx.storage.getConfig().pipe(
|
|
208
247
|
Effect2.flatMap((config) => {
|
|
209
|
-
if (!config)
|
|
210
|
-
|
|
248
|
+
if (!config)
|
|
249
|
+
return Effect2.succeed(
|
|
250
|
+
[]
|
|
251
|
+
);
|
|
252
|
+
return getServiceFromConfig(config, ctx, timeoutMs, preferSdk).pipe(
|
|
211
253
|
Effect2.flatMap((svc) => svc.listItems(config.vaultId)),
|
|
212
|
-
Effect2.map(
|
|
254
|
+
Effect2.map(
|
|
255
|
+
(items) => items.map((item2) => ({ id: item2.id, name: item2.title }))
|
|
256
|
+
)
|
|
213
257
|
);
|
|
214
258
|
}),
|
|
215
|
-
Effect2.orElseSucceed(
|
|
259
|
+
Effect2.orElseSucceed(
|
|
260
|
+
() => []
|
|
261
|
+
)
|
|
216
262
|
)
|
|
217
263
|
});
|
|
218
|
-
var
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
return
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
);
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
return definePlugin({
|
|
247
|
-
key: PLUGIN_KEY,
|
|
248
|
-
init: (ctx) => Effect2.gen(function* () {
|
|
249
|
-
const getConfig = () => loadConfig(kv);
|
|
250
|
-
yield* ctx.secrets.addProvider(makeProvider(getConfig, ctx, timeoutMs));
|
|
251
|
-
const extension = {
|
|
252
|
-
configure: (config) => saveConfig(kv, config),
|
|
253
|
-
getConfig: () => getConfig(),
|
|
254
|
-
removeConfig: () => deleteConfig(kv),
|
|
255
|
-
status: () => Effect2.gen(function* () {
|
|
256
|
-
const config = yield* getConfig();
|
|
257
|
-
if (!config) {
|
|
264
|
+
var onepasswordPlugin = definePlugin(
|
|
265
|
+
(options) => {
|
|
266
|
+
const timeoutMs = options?.timeoutMs ?? DEFAULT_TIMEOUT_MS2;
|
|
267
|
+
const preferSdk = options?.preferSdk;
|
|
268
|
+
return {
|
|
269
|
+
id: "onepassword",
|
|
270
|
+
storage: ({ blobs, scopes }) => makeOnePasswordStore(blobs, scopes.at(-1).id),
|
|
271
|
+
extension: (ctx) => {
|
|
272
|
+
return {
|
|
273
|
+
configure: (config) => ctx.storage.saveConfig(config),
|
|
274
|
+
getConfig: () => ctx.storage.getConfig(),
|
|
275
|
+
removeConfig: () => ctx.storage.deleteConfig(),
|
|
276
|
+
status: () => Effect2.gen(function* () {
|
|
277
|
+
const config = yield* ctx.storage.getConfig();
|
|
278
|
+
if (!config) {
|
|
279
|
+
return new ConnectionStatus({
|
|
280
|
+
connected: false,
|
|
281
|
+
error: "Not configured"
|
|
282
|
+
});
|
|
283
|
+
}
|
|
284
|
+
const svc = yield* getServiceFromConfig(
|
|
285
|
+
config,
|
|
286
|
+
ctx,
|
|
287
|
+
timeoutMs,
|
|
288
|
+
preferSdk
|
|
289
|
+
);
|
|
290
|
+
const vaults = yield* svc.listVaults();
|
|
291
|
+
const vault2 = vaults.find((v) => v.id === config.vaultId);
|
|
258
292
|
return new ConnectionStatus({
|
|
259
|
-
connected:
|
|
260
|
-
|
|
293
|
+
connected: true,
|
|
294
|
+
vaultName: vault2?.title
|
|
261
295
|
});
|
|
262
|
-
}
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
vaultName: vault2?.title
|
|
269
|
-
});
|
|
270
|
-
}),
|
|
271
|
-
listVaults: (auth) => Effect2.gen(function* () {
|
|
272
|
-
const resolved = yield* resolveAuth(auth, ctx);
|
|
273
|
-
const svc = yield* makeOnePasswordService(resolved, {
|
|
274
|
-
timeoutMs,
|
|
275
|
-
preferSdk: options.preferSdk
|
|
276
|
-
});
|
|
277
|
-
const vaults = yield* svc.listVaults();
|
|
278
|
-
return vaults.map((v) => new Vault({ id: v.id, name: v.title })).sort((a, b) => a.name.localeCompare(b.name));
|
|
279
|
-
}),
|
|
280
|
-
resolve: (uri) => Effect2.gen(function* () {
|
|
281
|
-
const config = yield* getConfig();
|
|
282
|
-
if (!config) {
|
|
283
|
-
return yield* new OnePasswordError({
|
|
284
|
-
operation: "resolve",
|
|
285
|
-
message: "1Password is not configured"
|
|
296
|
+
}),
|
|
297
|
+
listVaults: (auth) => Effect2.gen(function* () {
|
|
298
|
+
const resolved = yield* resolveAuth(auth, ctx);
|
|
299
|
+
const svc = yield* makeOnePasswordService(resolved, {
|
|
300
|
+
timeoutMs,
|
|
301
|
+
preferSdk
|
|
286
302
|
});
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
303
|
+
const vaults = yield* svc.listVaults();
|
|
304
|
+
return vaults.map((v) => new Vault({ id: v.id, name: v.title })).sort((a, b) => a.name.localeCompare(b.name));
|
|
305
|
+
}),
|
|
306
|
+
resolve: (uri) => Effect2.gen(function* () {
|
|
307
|
+
const config = yield* ctx.storage.getConfig();
|
|
308
|
+
if (!config) {
|
|
309
|
+
return yield* Effect2.fail(
|
|
310
|
+
new OnePasswordError({
|
|
311
|
+
operation: "resolve",
|
|
312
|
+
message: "1Password is not configured"
|
|
313
|
+
})
|
|
314
|
+
);
|
|
315
|
+
}
|
|
316
|
+
const svc = yield* getServiceFromConfig(
|
|
317
|
+
config,
|
|
318
|
+
ctx,
|
|
319
|
+
timeoutMs,
|
|
320
|
+
preferSdk
|
|
321
|
+
);
|
|
322
|
+
return yield* svc.resolveSecret(uri);
|
|
323
|
+
})
|
|
324
|
+
};
|
|
325
|
+
},
|
|
326
|
+
secretProviders: (ctx) => [makeProvider(ctx, timeoutMs, preferSdk)]
|
|
327
|
+
};
|
|
328
|
+
}
|
|
329
|
+
);
|
|
296
330
|
|
|
297
331
|
export {
|
|
298
332
|
DesktopAppAuth,
|
|
@@ -306,6 +340,7 @@ export {
|
|
|
306
340
|
makeNativeSdkService,
|
|
307
341
|
makeCliService,
|
|
308
342
|
makeOnePasswordService,
|
|
343
|
+
makeOnePasswordStore,
|
|
309
344
|
onepasswordPlugin
|
|
310
345
|
};
|
|
311
|
-
//# sourceMappingURL=chunk-
|
|
346
|
+
//# sourceMappingURL=chunk-HWMHIFQL.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/sdk/types.ts","../src/sdk/errors.ts","../src/sdk/service.ts","../src/sdk/plugin.ts"],"sourcesContent":["import { Schema } from \"effect\";\n\n// ---------------------------------------------------------------------------\n// Auth — how to talk to 1Password\n// ---------------------------------------------------------------------------\n\nexport class DesktopAppAuth extends Schema.Class<DesktopAppAuth>(\"DesktopAppAuth\")({\n kind: Schema.Literal(\"desktop-app\"),\n /** 1Password account domain, e.g. \"my.1password.com\" */\n accountName: Schema.String,\n}) {}\n\nexport class ServiceAccountAuth extends Schema.Class<ServiceAccountAuth>(\"ServiceAccountAuth\")({\n kind: Schema.Literal(\"service-account\"),\n /** The service account token (stored as a secret) */\n tokenSecretId: Schema.String,\n}) {}\n\nexport const OnePasswordAuth = Schema.Union([DesktopAppAuth, ServiceAccountAuth]);\nexport type OnePasswordAuth = typeof OnePasswordAuth.Type;\n\n// ---------------------------------------------------------------------------\n// Stored config — persisted via KV\n// ---------------------------------------------------------------------------\n\nexport class OnePasswordConfig extends Schema.Class<OnePasswordConfig>(\"OnePasswordConfig\")({\n auth: OnePasswordAuth,\n /** Vault to scope operations to */\n vaultId: Schema.String,\n /** Human label */\n name: Schema.String,\n}) {}\n\n// ---------------------------------------------------------------------------\n// Vault\n// ---------------------------------------------------------------------------\n\nexport class Vault extends Schema.Class<Vault>(\"Vault\")({\n id: Schema.String,\n name: Schema.String,\n}) {}\n\n// ---------------------------------------------------------------------------\n// Connection status\n// ---------------------------------------------------------------------------\n\nexport class ConnectionStatus extends Schema.Class<ConnectionStatus>(\"ConnectionStatus\")({\n connected: Schema.Boolean,\n vaultName: Schema.optional(Schema.String),\n error: Schema.optional(Schema.String),\n}) {}\n","import { Schema } from \"effect\";\n\nexport class OnePasswordError extends Schema.TaggedErrorClass<OnePasswordError>()(\n \"OnePasswordError\",\n {\n operation: Schema.String,\n message: Schema.String,\n },\n { httpApiStatus: 502 },\n) {}\n","import { Context, Duration, Effect } from \"effect\";\nimport * as op from \"@1password/op-js\";\n\nimport { OnePasswordError } from \"./errors\";\n\n// ---------------------------------------------------------------------------\n// Canonical service interface — all backends (SDK, CLI) implement this\n// ---------------------------------------------------------------------------\n\nexport interface OnePasswordVault {\n readonly id: string;\n readonly title: string;\n}\n\nexport interface OnePasswordItem {\n readonly id: string;\n readonly title: string;\n}\n\nexport interface OnePasswordService {\n /** Resolve a secret by op:// URI */\n readonly resolveSecret: (uri: string) => Effect.Effect<string, OnePasswordError>;\n\n /** List accessible vaults */\n readonly listVaults: () => Effect.Effect<ReadonlyArray<OnePasswordVault>, OnePasswordError>;\n\n /** List items in a vault */\n readonly listItems: (\n vaultId: string,\n ) => Effect.Effect<ReadonlyArray<OnePasswordItem>, OnePasswordError>;\n}\n\nexport class OnePasswordServiceTag extends Context.Service<\n OnePasswordServiceTag,\n OnePasswordService\n>()(\"@executor-js/plugin-onepassword/OnePasswordService\") {}\n\n// ---------------------------------------------------------------------------\n// Resolved auth — raw credentials ready for any backend\n// ---------------------------------------------------------------------------\n\nexport type ResolvedAuth =\n | { readonly kind: \"desktop-app\"; readonly accountName: string }\n | { readonly kind: \"service-account\"; readonly token: string };\n\n// ---------------------------------------------------------------------------\n// SDK backend — uses @1password/sdk native IPC\n// ---------------------------------------------------------------------------\n\nconst DEFAULT_TIMEOUT_MS = 15_000;\ntype OnePasswordSdkModule = typeof import(\"@1password/sdk\");\n\nconst loadOnePasswordSdk = (): Effect.Effect<OnePasswordSdkModule, OnePasswordError> =>\n Effect.tryPromise({\n try: () => import(\"@1password/sdk\"),\n catch: (cause) =>\n new OnePasswordError({\n operation: \"sdk module load\",\n message: cause instanceof Error ? cause.message : String(cause),\n }),\n });\n\nconst makeTimeoutMessage = (operation: string, timeoutMs: number): string =>\n [\n `${operation}: timed out after ${Math.floor(timeoutMs / 1000)}s.`,\n \"Troubleshooting:\",\n \"1. Make sure the 1Password desktop app is open and unlocked\",\n \"2. Check for an approval prompt in the 1Password app — it may be behind other windows\",\n \"3. Ensure 'Developer > Connect with 1Password CLI' is enabled in 1Password Settings\",\n \"4. Make sure no other app or terminal is waiting for 1Password approval (only one prompt at a time)\",\n \"5. Try quitting 1Password completely and reopening it, then retry\",\n ].join(\"\\n\");\n\nconst timeoutWithOnePasswordError = (operation: string, timeoutMs: number) =>\n Effect.timeoutOrElse({\n duration: Duration.millis(timeoutMs),\n orElse: () =>\n Effect.fail(\n new OnePasswordError({\n operation,\n message: makeTimeoutMessage(operation, timeoutMs),\n }),\n ),\n });\n\nexport const makeNativeSdkService = (\n auth: ResolvedAuth,\n timeoutMs: number = DEFAULT_TIMEOUT_MS,\n): Effect.Effect<OnePasswordService, OnePasswordError> =>\n Effect.gen(function* () {\n const sdk = yield* loadOnePasswordSdk().pipe(\n timeoutWithOnePasswordError(\"sdk module load\", timeoutMs),\n );\n\n const client = yield* Effect.tryPromise({\n try: () =>\n sdk.createClient({\n auth: auth.kind === \"desktop-app\" ? new sdk.DesktopAuth(auth.accountName) : auth.token,\n integrationName: \"Executor\",\n integrationVersion: \"0.0.0\",\n }),\n catch: (cause) =>\n new OnePasswordError({\n operation: \"client setup\",\n message: cause instanceof Error ? cause.message : String(cause),\n }),\n }).pipe(\n timeoutWithOnePasswordError(\"client setup\", timeoutMs),\n );\n\n const wrap = <A>(fn: () => Promise<A>, operation: string): Effect.Effect<A, OnePasswordError> =>\n Effect.tryPromise({\n try: fn,\n catch: (cause) =>\n new OnePasswordError({\n operation,\n message: cause instanceof Error ? cause.message : String(cause),\n }),\n }).pipe(\n timeoutWithOnePasswordError(operation, timeoutMs),\n Effect.withSpan(`onepassword.sdk.${operation}`),\n );\n\n return OnePasswordServiceTag.of({\n resolveSecret: (uri) => wrap(() => client.secrets.resolve(uri), \"secret resolution\"),\n\n listVaults: () =>\n wrap(() => client.vaults.list({ decryptDetails: true }), \"vault listing\").pipe(\n Effect.map((vaults) => vaults.map((v) => ({ id: v.id, title: v.title }))),\n ),\n\n listItems: (vaultId) =>\n wrap(() => client.items.list(vaultId), \"item listing\").pipe(\n Effect.map((items) => items.map((i) => ({ id: i.id, title: i.title }))),\n ),\n });\n }).pipe(Effect.withSpan(\"onepassword.sdk.make_service\"));\n\n// ---------------------------------------------------------------------------\n// CLI backend — uses @1password/op-js (shells out to `op` CLI)\n// ---------------------------------------------------------------------------\n\nexport const makeCliService = (\n auth: ResolvedAuth,\n): Effect.Effect<OnePasswordService, OnePasswordError> =>\n Effect.sync(() => {\n // Configure auth\n if (auth.kind === \"service-account\") {\n op.setServiceAccount(auth.token);\n } else {\n op.setGlobalFlags({ account: auth.accountName });\n }\n\n const wrapSync = <A>(fn: () => A, operation: string): Effect.Effect<A, OnePasswordError> =>\n Effect.try({\n try: fn,\n catch: (cause) =>\n new OnePasswordError({\n operation,\n message: cause instanceof Error ? cause.message : String(cause),\n }),\n }).pipe(Effect.withSpan(`onepassword.cli.${operation}`));\n\n return OnePasswordServiceTag.of({\n resolveSecret: (uri) => wrapSync(() => op.read.parse(uri), \"secret resolution\"),\n\n listVaults: () =>\n wrapSync(() => op.vault.list(), \"vault listing\").pipe(\n Effect.map((vaults) => vaults.map((v) => ({ id: v.id, title: v.name }))),\n ),\n\n listItems: (vaultId) =>\n wrapSync(() => op.item.list({ vault: vaultId }), \"item listing\").pipe(\n Effect.map((items) => items.map((i) => ({ id: i.id, title: i.title }))),\n ),\n });\n }).pipe(Effect.withSpan(\"onepassword.cli.make_service\"));\n\n// ---------------------------------------------------------------------------\n// Smart factory — tries CLI first (avoids IPC hang), falls back to SDK\n// ---------------------------------------------------------------------------\n\nexport const makeOnePasswordService = (\n auth: ResolvedAuth,\n options?: { readonly preferSdk?: boolean; readonly timeoutMs?: number },\n): Effect.Effect<OnePasswordService, OnePasswordError> => {\n const timeoutMs = options?.timeoutMs ?? DEFAULT_TIMEOUT_MS;\n\n if (options?.preferSdk) {\n return makeNativeSdkService(auth, timeoutMs);\n }\n\n // Default: prefer CLI to avoid the IPC hang bug\n return makeCliService(auth).pipe(\n Effect.catch((cliError: OnePasswordError) =>\n // CLI unavailable (e.g. `op` not installed) — fall back to SDK\n makeNativeSdkService(auth, timeoutMs).pipe(Effect.mapError(() => cliError)),\n ),\n );\n};\n","import { Effect, Schema } from \"effect\";\n\nimport {\n definePlugin,\n StorageError,\n type PluginCtx,\n type PluginBlobStore,\n type SecretProvider,\n type StorageFailure,\n} from \"@executor-js/sdk/core\";\n\nimport { OnePasswordConfig, Vault, ConnectionStatus } from \"./types\";\nimport type { OnePasswordAuth } from \"./types\";\nimport { OnePasswordError } from \"./errors\";\nimport {\n makeOnePasswordService,\n type ResolvedAuth,\n type OnePasswordService,\n} from \"./service\";\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst CREDENTIAL_FIELD = \"credential\";\nconst DEFAULT_TIMEOUT_MS = 15_000;\nconst CONFIG_KEY = \"config\";\n\n// ---------------------------------------------------------------------------\n// Shared failure alias.\n//\n// Every extension method either touches storage (`ctx.storage` blobs or\n// `ctx.secrets`) or reaches the 1Password backend. Storage I/O surfaces\n// as `StorageFailure`; the HTTP edge (`withCapture`) translates\n// `StorageError` to `InternalError({ traceId })`. Domain problems (not\n// configured, service-account token missing, backend RPC failure) stay\n// as `OnePasswordError` and encode to 502 via the schema annotation on\n// the class.\n// ---------------------------------------------------------------------------\n\nexport type OnePasswordExtensionFailure = OnePasswordError | StorageFailure;\n\n// ---------------------------------------------------------------------------\n// Plugin extension — public API on executor.onepassword\n// ---------------------------------------------------------------------------\n\nexport interface OnePasswordExtension {\n /** Configure the 1Password connection */\n readonly configure: (\n config: OnePasswordConfig,\n ) => Effect.Effect<void, StorageFailure>;\n\n /** Get current configuration (if any) */\n readonly getConfig: () => Effect.Effect<\n OnePasswordConfig | null,\n OnePasswordExtensionFailure\n >;\n\n /** Remove the 1Password configuration */\n readonly removeConfig: () => Effect.Effect<void, StorageFailure>;\n\n /** Check connection status */\n readonly status: () => Effect.Effect<\n ConnectionStatus,\n OnePasswordExtensionFailure\n >;\n\n /** List accessible vaults (requires auth) */\n readonly listVaults: (\n auth: OnePasswordAuth,\n ) => Effect.Effect<ReadonlyArray<Vault>, OnePasswordExtensionFailure>;\n\n /** Resolve a secret directly by op:// URI */\n readonly resolve: (\n uri: string,\n ) => Effect.Effect<string, OnePasswordExtensionFailure>;\n}\n\n// ---------------------------------------------------------------------------\n// Typed config store — single blob, JSON encoded. Blob I/O failures surface\n// as `StorageError` (HTTP edge translates to `InternalError`); decode\n// failures stay `OnePasswordError` — the blob's contents are a plugin\n// concern, not an infrastructure one.\n// ---------------------------------------------------------------------------\n\nexport interface OnePasswordStore {\n readonly getConfig: () => Effect.Effect<\n OnePasswordConfig | null,\n StorageError | OnePasswordError\n >;\n readonly saveConfig: (\n config: OnePasswordConfig,\n ) => Effect.Effect<void, StorageError>;\n readonly deleteConfig: () => Effect.Effect<void, StorageError>;\n}\n\nconst decodeConfig = Schema.decodeUnknownSync(OnePasswordConfig);\n\nconst blobStorageError = (operation: string) =>\n (cause: unknown): StorageError =>\n new StorageError({\n message: `onepassword blob ${operation}: ${\n cause instanceof Error ? cause.message : String(cause)\n }`,\n cause,\n });\n\nexport const makeOnePasswordStore = (\n blobs: PluginBlobStore,\n /** Scope id that owns the single 1Password config blob. Default is the\n * outermost scope (org/workspace) so the config is visible across\n * every per-user scope via the blob store's fall-through read. */\n writeScope: string,\n): OnePasswordStore => ({\n getConfig: () =>\n blobs.get(CONFIG_KEY).pipe(\n Effect.mapError(blobStorageError(\"read\")),\n Effect.flatMap((raw) => {\n if (raw === null) return Effect.succeed(null);\n return Effect.try({\n try: () => decodeConfig(JSON.parse(raw)),\n catch: (cause) =>\n new OnePasswordError({\n operation: \"config decode\",\n message: cause instanceof Error ? cause.message : String(cause),\n }),\n });\n }),\n ),\n\n saveConfig: (config) =>\n blobs\n .put(\n CONFIG_KEY,\n JSON.stringify({\n auth: config.auth,\n vaultId: config.vaultId,\n name: config.name,\n }),\n { scope: writeScope },\n )\n .pipe(Effect.mapError(blobStorageError(\"write\"))),\n\n deleteConfig: () =>\n blobs\n .delete(CONFIG_KEY, { scope: writeScope })\n .pipe(Effect.mapError(blobStorageError(\"delete\"))),\n});\n\n// ---------------------------------------------------------------------------\n// Helpers — auth resolution + service construction\n// ---------------------------------------------------------------------------\n\nconst resolveAuth = (\n auth: OnePasswordAuth,\n ctx: PluginCtx<OnePasswordStore>,\n): Effect.Effect<ResolvedAuth, OnePasswordError | StorageFailure> => {\n if (auth.kind === \"desktop-app\") {\n return Effect.succeed({\n kind: \"desktop-app\" as const,\n accountName: auth.accountName,\n });\n }\n return ctx.secrets.get(auth.tokenSecretId).pipe(\n Effect.mapError((err) =>\n \"_tag\" in err && err._tag === \"SecretOwnedByConnectionError\"\n ? new OnePasswordError({\n operation: \"auth resolution\",\n message: `Service account token secret \"${auth.tokenSecretId}\" not found`,\n })\n : err,\n ),\n Effect.flatMap((token) => {\n if (token === null) {\n return Effect.fail(\n new OnePasswordError({\n operation: \"auth resolution\",\n message: `Service account token secret \"${auth.tokenSecretId}\" not found`,\n }),\n );\n }\n return Effect.succeed({\n kind: \"service-account\" as const,\n token,\n });\n }),\n );\n};\n\nconst getServiceFromConfig = (\n config: OnePasswordConfig,\n ctx: PluginCtx<OnePasswordStore>,\n timeoutMs: number,\n preferSdk: boolean | undefined,\n): Effect.Effect<OnePasswordService, OnePasswordError | StorageFailure> =>\n resolveAuth(config.auth, ctx).pipe(\n Effect.flatMap((resolved) =>\n makeOnePasswordService(resolved, { timeoutMs, preferSdk }),\n ),\n );\n\n// ---------------------------------------------------------------------------\n// SecretProvider — read-only, resolves op:// URIs or vaultId-based lookups\n// ---------------------------------------------------------------------------\n\nconst makeProvider = (\n ctx: PluginCtx<OnePasswordStore>,\n timeoutMs: number,\n preferSdk: boolean | undefined,\n): SecretProvider => ({\n key: \"onepassword\",\n writable: false,\n\n // 1Password vaults are named in the stored config; the executor-scope\n // arg isn't used for routing here. A future refactor could let the\n // plugin store per-scope vault bindings and pick based on `scope`.\n get: (secretId, _scope) =>\n ctx.storage.getConfig().pipe(\n Effect.flatMap((config) => {\n if (!config) return Effect.succeed(null as string | null);\n\n const uri = secretId.startsWith(\"op://\")\n ? secretId\n : `op://${config.vaultId}/${secretId}/${CREDENTIAL_FIELD}`;\n\n return getServiceFromConfig(config, ctx, timeoutMs, preferSdk).pipe(\n Effect.flatMap((svc) => svc.resolveSecret(uri)),\n Effect.map((v): string | null => v),\n Effect.orElseSucceed(() => null),\n );\n }),\n Effect.orElseSucceed(() => null),\n ),\n\n list: () =>\n ctx.storage.getConfig().pipe(\n Effect.flatMap((config) => {\n if (!config)\n return Effect.succeed(\n [] as ReadonlyArray<{ id: string; name: string }>,\n );\n return getServiceFromConfig(config, ctx, timeoutMs, preferSdk).pipe(\n Effect.flatMap((svc) => svc.listItems(config.vaultId)),\n Effect.map(\n (items): ReadonlyArray<{ id: string; name: string }> =>\n items.map((item) => ({ id: item.id, name: item.title })),\n ),\n );\n }),\n Effect.orElseSucceed(\n () => [] as ReadonlyArray<{ id: string; name: string }>,\n ),\n ),\n});\n\n// ---------------------------------------------------------------------------\n// Plugin factory\n// ---------------------------------------------------------------------------\n\nexport interface OnePasswordPluginOptions {\n /** Request timeout in ms (default: 15000) */\n readonly timeoutMs?: number;\n /** Force use of the native SDK instead of the CLI (default: false) */\n readonly preferSdk?: boolean;\n}\n\nexport const onepasswordPlugin = definePlugin(\n (options?: OnePasswordPluginOptions) => {\n const timeoutMs = options?.timeoutMs ?? DEFAULT_TIMEOUT_MS;\n const preferSdk = options?.preferSdk;\n\n return {\n id: \"onepassword\" as const,\n storage: ({ blobs, scopes }) =>\n makeOnePasswordStore(blobs, scopes.at(-1)!.id as string),\n\n extension: (ctx) => {\n return {\n configure: (config) => ctx.storage.saveConfig(config),\n\n getConfig: () => ctx.storage.getConfig(),\n\n removeConfig: () => ctx.storage.deleteConfig(),\n\n status: () =>\n Effect.gen(function* () {\n const config = yield* ctx.storage.getConfig();\n if (!config) {\n return new ConnectionStatus({\n connected: false,\n error: \"Not configured\",\n });\n }\n const svc = yield* getServiceFromConfig(\n config,\n ctx,\n timeoutMs,\n preferSdk,\n );\n const vaults = yield* svc.listVaults();\n const vault = vaults.find((v) => v.id === config.vaultId);\n return new ConnectionStatus({\n connected: true,\n vaultName: vault?.title,\n });\n }),\n\n listVaults: (auth) =>\n Effect.gen(function* () {\n const resolved = yield* resolveAuth(auth, ctx);\n const svc = yield* makeOnePasswordService(resolved, {\n timeoutMs,\n preferSdk,\n });\n const vaults = yield* svc.listVaults();\n return vaults\n .map((v) => new Vault({ id: v.id, name: v.title }))\n .sort((a, b) => a.name.localeCompare(b.name));\n }),\n\n resolve: (uri) =>\n Effect.gen(function* () {\n const config = yield* ctx.storage.getConfig();\n if (!config) {\n return yield* Effect.fail(\n new OnePasswordError({\n operation: \"resolve\",\n message: \"1Password is not configured\",\n }),\n );\n }\n const svc = yield* getServiceFromConfig(\n config,\n ctx,\n timeoutMs,\n preferSdk,\n );\n return yield* svc.resolveSecret(uri);\n }),\n } satisfies OnePasswordExtension;\n },\n\n secretProviders: (ctx) => [makeProvider(ctx, timeoutMs, preferSdk)],\n };\n },\n);\n"],"mappings":";AAAA,SAAS,cAAc;AAMhB,IAAM,iBAAN,cAA6B,OAAO,MAAsB,gBAAgB,EAAE;AAAA,EACjF,MAAM,OAAO,QAAQ,aAAa;AAAA;AAAA,EAElC,aAAa,OAAO;AACtB,CAAC,EAAE;AAAC;AAEG,IAAM,qBAAN,cAAiC,OAAO,MAA0B,oBAAoB,EAAE;AAAA,EAC7F,MAAM,OAAO,QAAQ,iBAAiB;AAAA;AAAA,EAEtC,eAAe,OAAO;AACxB,CAAC,EAAE;AAAC;AAEG,IAAM,kBAAkB,OAAO,MAAM,CAAC,gBAAgB,kBAAkB,CAAC;AAOzE,IAAM,oBAAN,cAAgC,OAAO,MAAyB,mBAAmB,EAAE;AAAA,EAC1F,MAAM;AAAA;AAAA,EAEN,SAAS,OAAO;AAAA;AAAA,EAEhB,MAAM,OAAO;AACf,CAAC,EAAE;AAAC;AAMG,IAAM,QAAN,cAAoB,OAAO,MAAa,OAAO,EAAE;AAAA,EACtD,IAAI,OAAO;AAAA,EACX,MAAM,OAAO;AACf,CAAC,EAAE;AAAC;AAMG,IAAM,mBAAN,cAA+B,OAAO,MAAwB,kBAAkB,EAAE;AAAA,EACvF,WAAW,OAAO;AAAA,EAClB,WAAW,OAAO,SAAS,OAAO,MAAM;AAAA,EACxC,OAAO,OAAO,SAAS,OAAO,MAAM;AACtC,CAAC,EAAE;AAAC;;;AClDJ,SAAS,UAAAA,eAAc;AAEhB,IAAM,mBAAN,cAA+BA,QAAO,iBAAmC;AAAA,EAC9E;AAAA,EACA;AAAA,IACE,WAAWA,QAAO;AAAA,IAClB,SAASA,QAAO;AAAA,EAClB;AAAA,EACA,EAAE,eAAe,IAAI;AACvB,EAAE;AAAC;;;ACTH,SAAS,SAAS,UAAU,cAAc;AAC1C,YAAY,QAAQ;AA+Bb,IAAM,wBAAN,cAAoC,QAAQ,QAGjD,EAAE,oDAAoD,EAAE;AAAC;AAc3D,IAAM,qBAAqB;AAG3B,IAAM,qBAAqB,MACzB,OAAO,WAAW;AAAA,EAChB,KAAK,MAAM,OAAO,gBAAgB;AAAA,EAClC,OAAO,CAAC,UACN,IAAI,iBAAiB;AAAA,IACnB,WAAW;AAAA,IACX,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,EAChE,CAAC;AACL,CAAC;AAEH,IAAM,qBAAqB,CAAC,WAAmB,cAC7C;AAAA,EACE,GAAG,SAAS,qBAAqB,KAAK,MAAM,YAAY,GAAI,CAAC;AAAA,EAC7D;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,EAAE,KAAK,IAAI;AAEb,IAAM,8BAA8B,CAAC,WAAmB,cACtD,OAAO,cAAc;AAAA,EACnB,UAAU,SAAS,OAAO,SAAS;AAAA,EACnC,QAAQ,MACN,OAAO;AAAA,IACL,IAAI,iBAAiB;AAAA,MACnB;AAAA,MACA,SAAS,mBAAmB,WAAW,SAAS;AAAA,IAClD,CAAC;AAAA,EACH;AACJ,CAAC;AAEI,IAAM,uBAAuB,CAClC,MACA,YAAoB,uBAEpB,OAAO,IAAI,aAAa;AACtB,QAAM,MAAM,OAAO,mBAAmB,EAAE;AAAA,IACtC,4BAA4B,mBAAmB,SAAS;AAAA,EAC1D;AAEA,QAAM,SAAS,OAAO,OAAO,WAAW;AAAA,IACtC,KAAK,MACH,IAAI,aAAa;AAAA,MACf,MAAM,KAAK,SAAS,gBAAgB,IAAI,IAAI,YAAY,KAAK,WAAW,IAAI,KAAK;AAAA,MACjF,iBAAiB;AAAA,MACjB,oBAAoB;AAAA,IACtB,CAAC;AAAA,IACH,OAAO,CAAC,UACN,IAAI,iBAAiB;AAAA,MACnB,WAAW;AAAA,MACX,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,IAChE,CAAC;AAAA,EACL,CAAC,EAAE;AAAA,IACD,4BAA4B,gBAAgB,SAAS;AAAA,EACvD;AAEA,QAAM,OAAO,CAAI,IAAsB,cACrC,OAAO,WAAW;AAAA,IAChB,KAAK;AAAA,IACL,OAAO,CAAC,UACN,IAAI,iBAAiB;AAAA,MACnB;AAAA,MACA,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,IAChE,CAAC;AAAA,EACL,CAAC,EAAE;AAAA,IACD,4BAA4B,WAAW,SAAS;AAAA,IAChD,OAAO,SAAS,mBAAmB,SAAS,EAAE;AAAA,EAChD;AAEF,SAAO,sBAAsB,GAAG;AAAA,IAC9B,eAAe,CAAC,QAAQ,KAAK,MAAM,OAAO,QAAQ,QAAQ,GAAG,GAAG,mBAAmB;AAAA,IAEnF,YAAY,MACV,KAAK,MAAM,OAAO,OAAO,KAAK,EAAE,gBAAgB,KAAK,CAAC,GAAG,eAAe,EAAE;AAAA,MACxE,OAAO,IAAI,CAAC,WAAW,OAAO,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;AAAA,IAC1E;AAAA,IAEF,WAAW,CAAC,YACV,KAAK,MAAM,OAAO,MAAM,KAAK,OAAO,GAAG,cAAc,EAAE;AAAA,MACrD,OAAO,IAAI,CAAC,UAAU,MAAM,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;AAAA,IACxE;AAAA,EACJ,CAAC;AACH,CAAC,EAAE,KAAK,OAAO,SAAS,8BAA8B,CAAC;AAMlD,IAAM,iBAAiB,CAC5B,SAEA,OAAO,KAAK,MAAM;AAEhB,MAAI,KAAK,SAAS,mBAAmB;AACnC,IAAG,qBAAkB,KAAK,KAAK;AAAA,EACjC,OAAO;AACL,IAAG,kBAAe,EAAE,SAAS,KAAK,YAAY,CAAC;AAAA,EACjD;AAEA,QAAM,WAAW,CAAI,IAAa,cAChC,OAAO,IAAI;AAAA,IACT,KAAK;AAAA,IACL,OAAO,CAAC,UACN,IAAI,iBAAiB;AAAA,MACnB;AAAA,MACA,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,IAChE,CAAC;AAAA,EACL,CAAC,EAAE,KAAK,OAAO,SAAS,mBAAmB,SAAS,EAAE,CAAC;AAEzD,SAAO,sBAAsB,GAAG;AAAA,IAC9B,eAAe,CAAC,QAAQ,SAAS,MAAS,QAAK,MAAM,GAAG,GAAG,mBAAmB;AAAA,IAE9E,YAAY,MACV,SAAS,MAAS,SAAM,KAAK,GAAG,eAAe,EAAE;AAAA,MAC/C,OAAO,IAAI,CAAC,WAAW,OAAO,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,IACzE;AAAA,IAEF,WAAW,CAAC,YACV,SAAS,MAAS,QAAK,KAAK,EAAE,OAAO,QAAQ,CAAC,GAAG,cAAc,EAAE;AAAA,MAC/D,OAAO,IAAI,CAAC,UAAU,MAAM,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;AAAA,IACxE;AAAA,EACJ,CAAC;AACH,CAAC,EAAE,KAAK,OAAO,SAAS,8BAA8B,CAAC;AAMlD,IAAM,yBAAyB,CACpC,MACA,YACwD;AACxD,QAAM,YAAY,SAAS,aAAa;AAExC,MAAI,SAAS,WAAW;AACtB,WAAO,qBAAqB,MAAM,SAAS;AAAA,EAC7C;AAGA,SAAO,eAAe,IAAI,EAAE;AAAA,IAC1B,OAAO;AAAA,MAAM,CAAC;AAAA;AAAA,QAEZ,qBAAqB,MAAM,SAAS,EAAE,KAAK,OAAO,SAAS,MAAM,QAAQ,CAAC;AAAA;AAAA,IAC5E;AAAA,EACF;AACF;;;ACvMA,SAAS,UAAAC,SAAQ,UAAAC,eAAc;AAE/B;AAAA,EACE;AAAA,EACA;AAAA,OAKK;AAeP,IAAM,mBAAmB;AACzB,IAAMC,sBAAqB;AAC3B,IAAM,aAAa;AAsEnB,IAAM,eAAeC,QAAO,kBAAkB,iBAAiB;AAE/D,IAAM,mBAAmB,CAAC,cACxB,CAAC,UACC,IAAI,aAAa;AAAA,EACf,SAAS,oBAAoB,SAAS,KACpC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CACvD;AAAA,EACA;AACF,CAAC;AAEE,IAAM,uBAAuB,CAClC,OAIA,gBACsB;AAAA,EACtB,WAAW,MACT,MAAM,IAAI,UAAU,EAAE;AAAA,IACpBC,QAAO,SAAS,iBAAiB,MAAM,CAAC;AAAA,IACxCA,QAAO,QAAQ,CAAC,QAAQ;AACtB,UAAI,QAAQ,KAAM,QAAOA,QAAO,QAAQ,IAAI;AAC5C,aAAOA,QAAO,IAAI;AAAA,QAChB,KAAK,MAAM,aAAa,KAAK,MAAM,GAAG,CAAC;AAAA,QACvC,OAAO,CAAC,UACN,IAAI,iBAAiB;AAAA,UACnB,WAAW;AAAA,UACX,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,QAChE,CAAC;AAAA,MACL,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA,EAEF,YAAY,CAAC,WACX,MACG;AAAA,IACC;AAAA,IACA,KAAK,UAAU;AAAA,MACb,MAAM,OAAO;AAAA,MACb,SAAS,OAAO;AAAA,MAChB,MAAM,OAAO;AAAA,IACf,CAAC;AAAA,IACD,EAAE,OAAO,WAAW;AAAA,EACtB,EACC,KAAKA,QAAO,SAAS,iBAAiB,OAAO,CAAC,CAAC;AAAA,EAEpD,cAAc,MACZ,MACG,OAAO,YAAY,EAAE,OAAO,WAAW,CAAC,EACxC,KAAKA,QAAO,SAAS,iBAAiB,QAAQ,CAAC,CAAC;AACvD;AAMA,IAAM,cAAc,CAClB,MACA,QACmE;AACnE,MAAI,KAAK,SAAS,eAAe;AAC/B,WAAOA,QAAO,QAAQ;AAAA,MACpB,MAAM;AAAA,MACN,aAAa,KAAK;AAAA,IACpB,CAAC;AAAA,EACH;AACA,SAAO,IAAI,QAAQ,IAAI,KAAK,aAAa,EAAE;AAAA,IACzCA,QAAO;AAAA,MAAS,CAAC,QACf,UAAU,OAAO,IAAI,SAAS,iCAC1B,IAAI,iBAAiB;AAAA,QACnB,WAAW;AAAA,QACX,SAAS,iCAAiC,KAAK,aAAa;AAAA,MAC9D,CAAC,IACD;AAAA,IACN;AAAA,IACAA,QAAO,QAAQ,CAAC,UAAU;AACxB,UAAI,UAAU,MAAM;AAClB,eAAOA,QAAO;AAAA,UACZ,IAAI,iBAAiB;AAAA,YACnB,WAAW;AAAA,YACX,SAAS,iCAAiC,KAAK,aAAa;AAAA,UAC9D,CAAC;AAAA,QACH;AAAA,MACF;AACA,aAAOA,QAAO,QAAQ;AAAA,QACpB,MAAM;AAAA,QACN;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AACF;AAEA,IAAM,uBAAuB,CAC3B,QACA,KACA,WACA,cAEA,YAAY,OAAO,MAAM,GAAG,EAAE;AAAA,EAC5BA,QAAO;AAAA,IAAQ,CAAC,aACd,uBAAuB,UAAU,EAAE,WAAW,UAAU,CAAC;AAAA,EAC3D;AACF;AAMF,IAAM,eAAe,CACnB,KACA,WACA,eACoB;AAAA,EACpB,KAAK;AAAA,EACL,UAAU;AAAA;AAAA;AAAA;AAAA,EAKV,KAAK,CAAC,UAAU,WACd,IAAI,QAAQ,UAAU,EAAE;AAAA,IACtBA,QAAO,QAAQ,CAAC,WAAW;AACzB,UAAI,CAAC,OAAQ,QAAOA,QAAO,QAAQ,IAAqB;AAExD,YAAM,MAAM,SAAS,WAAW,OAAO,IACnC,WACA,QAAQ,OAAO,OAAO,IAAI,QAAQ,IAAI,gBAAgB;AAE1D,aAAO,qBAAqB,QAAQ,KAAK,WAAW,SAAS,EAAE;AAAA,QAC7DA,QAAO,QAAQ,CAAC,QAAQ,IAAI,cAAc,GAAG,CAAC;AAAA,QAC9CA,QAAO,IAAI,CAAC,MAAqB,CAAC;AAAA,QAClCA,QAAO,cAAc,MAAM,IAAI;AAAA,MACjC;AAAA,IACF,CAAC;AAAA,IACDA,QAAO,cAAc,MAAM,IAAI;AAAA,EACjC;AAAA,EAEF,MAAM,MACJ,IAAI,QAAQ,UAAU,EAAE;AAAA,IACtBA,QAAO,QAAQ,CAAC,WAAW;AACzB,UAAI,CAAC;AACH,eAAOA,QAAO;AAAA,UACZ,CAAC;AAAA,QACH;AACF,aAAO,qBAAqB,QAAQ,KAAK,WAAW,SAAS,EAAE;AAAA,QAC7DA,QAAO,QAAQ,CAAC,QAAQ,IAAI,UAAU,OAAO,OAAO,CAAC;AAAA,QACrDA,QAAO;AAAA,UACL,CAAC,UACC,MAAM,IAAI,CAACC,WAAU,EAAE,IAAIA,MAAK,IAAI,MAAMA,MAAK,MAAM,EAAE;AAAA,QAC3D;AAAA,MACF;AAAA,IACF,CAAC;AAAA,IACDD,QAAO;AAAA,MACL,MAAM,CAAC;AAAA,IACT;AAAA,EACF;AACJ;AAaO,IAAM,oBAAoB;AAAA,EAC/B,CAAC,YAAuC;AACtC,UAAM,YAAY,SAAS,aAAaF;AACxC,UAAM,YAAY,SAAS;AAE3B,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,SAAS,CAAC,EAAE,OAAO,OAAO,MACxB,qBAAqB,OAAO,OAAO,GAAG,EAAE,EAAG,EAAY;AAAA,MAEzD,WAAW,CAAC,QAAQ;AAClB,eAAO;AAAA,UACL,WAAW,CAAC,WAAW,IAAI,QAAQ,WAAW,MAAM;AAAA,UAEpD,WAAW,MAAM,IAAI,QAAQ,UAAU;AAAA,UAEvC,cAAc,MAAM,IAAI,QAAQ,aAAa;AAAA,UAE7C,QAAQ,MACNE,QAAO,IAAI,aAAa;AACtB,kBAAM,SAAS,OAAO,IAAI,QAAQ,UAAU;AAC5C,gBAAI,CAAC,QAAQ;AACX,qBAAO,IAAI,iBAAiB;AAAA,gBAC1B,WAAW;AAAA,gBACX,OAAO;AAAA,cACT,CAAC;AAAA,YACH;AACA,kBAAM,MAAM,OAAO;AAAA,cACjB;AAAA,cACA;AAAA,cACA;AAAA,cACA;AAAA,YACF;AACA,kBAAM,SAAS,OAAO,IAAI,WAAW;AACrC,kBAAME,SAAQ,OAAO,KAAK,CAAC,MAAM,EAAE,OAAO,OAAO,OAAO;AACxD,mBAAO,IAAI,iBAAiB;AAAA,cAC1B,WAAW;AAAA,cACX,WAAWA,QAAO;AAAA,YACpB,CAAC;AAAA,UACH,CAAC;AAAA,UAEH,YAAY,CAAC,SACXF,QAAO,IAAI,aAAa;AACtB,kBAAM,WAAW,OAAO,YAAY,MAAM,GAAG;AAC7C,kBAAM,MAAM,OAAO,uBAAuB,UAAU;AAAA,cAClD;AAAA,cACA;AAAA,YACF,CAAC;AACD,kBAAM,SAAS,OAAO,IAAI,WAAW;AACrC,mBAAO,OACJ,IAAI,CAAC,MAAM,IAAI,MAAM,EAAE,IAAI,EAAE,IAAI,MAAM,EAAE,MAAM,CAAC,CAAC,EACjD,KAAK,CAAC,GAAG,MAAM,EAAE,KAAK,cAAc,EAAE,IAAI,CAAC;AAAA,UAChD,CAAC;AAAA,UAEH,SAAS,CAAC,QACRA,QAAO,IAAI,aAAa;AACtB,kBAAM,SAAS,OAAO,IAAI,QAAQ,UAAU;AAC5C,gBAAI,CAAC,QAAQ;AACX,qBAAO,OAAOA,QAAO;AAAA,gBACnB,IAAI,iBAAiB;AAAA,kBACnB,WAAW;AAAA,kBACX,SAAS;AAAA,gBACX,CAAC;AAAA,cACH;AAAA,YACF;AACA,kBAAM,MAAM,OAAO;AAAA,cACjB;AAAA,cACA;AAAA,cACA;AAAA,cACA;AAAA,YACF;AACA,mBAAO,OAAO,IAAI,cAAc,GAAG;AAAA,UACrC,CAAC;AAAA,QACL;AAAA,MACF;AAAA,MAEA,iBAAiB,CAAC,QAAQ,CAAC,aAAa,KAAK,WAAW,SAAS,CAAC;AAAA,IACpE;AAAA,EACF;AACF;","names":["Schema","Effect","Schema","DEFAULT_TIMEOUT_MS","Schema","Effect","item","vault"]}
|
package/dist/core.js
CHANGED
|
@@ -10,8 +10,9 @@ import {
|
|
|
10
10
|
makeCliService,
|
|
11
11
|
makeNativeSdkService,
|
|
12
12
|
makeOnePasswordService,
|
|
13
|
+
makeOnePasswordStore,
|
|
13
14
|
onepasswordPlugin
|
|
14
|
-
} from "./chunk-
|
|
15
|
+
} from "./chunk-HWMHIFQL.js";
|
|
15
16
|
export {
|
|
16
17
|
ConnectionStatus,
|
|
17
18
|
DesktopAppAuth,
|
|
@@ -24,6 +25,7 @@ export {
|
|
|
24
25
|
makeCliService,
|
|
25
26
|
makeNativeSdkService,
|
|
26
27
|
makeOnePasswordService,
|
|
28
|
+
makeOnePasswordStore,
|
|
27
29
|
onepasswordPlugin
|
|
28
30
|
};
|
|
29
31
|
//# sourceMappingURL=core.js.map
|
package/dist/index.js
CHANGED
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
export { onepasswordPlugin } from "./sdk/plugin";
|
|
2
|
+
export type { OnePasswordExtension, OnePasswordPluginOptions } from "./sdk/plugin";
|
|
3
|
+
export { OnePasswordConfig, ConnectionStatus, Vault, OnePasswordAuth, DesktopAppAuth, ServiceAccountAuth, } from "./sdk/types";
|
|
4
|
+
export { OnePasswordError } from "./sdk/errors";
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export default function OnePasswordSettings(): import("react/jsx-runtime").JSX.Element;
|