@executor-js/plugin-onepassword 1.4.33 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{OnePasswordSettings-7A7INNUA.js → OnePasswordSettings-KMRJZYUZ.js} +53 -50
- package/dist/OnePasswordSettings-KMRJZYUZ.js.map +1 -0
- package/dist/api/group.d.ts +5 -16
- package/dist/api/handlers.d.ts +6 -16
- package/dist/api/index.d.ts +11 -32
- package/dist/{chunk-TRGRRIAX.js → chunk-OYHEG6OK.js} +27 -3
- package/dist/chunk-OYHEG6OK.js.map +1 -0
- package/dist/{chunk-RJVQZBUT.js → chunk-WFBABLCL.js} +45 -87
- package/dist/chunk-WFBABLCL.js.map +1 -0
- package/dist/client.js +1 -1
- package/dist/core.js +10 -4
- package/dist/index.js +2 -2
- package/dist/react/atoms.d.ts +7 -13
- package/dist/react/client.d.ts +5 -16
- package/dist/sdk/index.d.ts +1 -1
- package/dist/sdk/plugin.d.ts +17 -37
- package/dist/sdk/types.d.ts +44 -6
- package/package.json +4 -3
- package/dist/OnePasswordSettings-7A7INNUA.js.map +0 -1
- package/dist/chunk-RJVQZBUT.js.map +0 -1
- package/dist/chunk-TRGRRIAX.js.map +0 -1
|
@@ -2,16 +2,15 @@ import {
|
|
|
2
2
|
ConnectionStatus,
|
|
3
3
|
OnePasswordConfig,
|
|
4
4
|
OnePasswordError,
|
|
5
|
+
RedactedOnePasswordConfig,
|
|
5
6
|
Vault
|
|
6
|
-
} from "./chunk-
|
|
7
|
+
} from "./chunk-OYHEG6OK.js";
|
|
7
8
|
|
|
8
9
|
// src/react/OnePasswordSettings.tsx
|
|
9
10
|
import { useState } from "react";
|
|
10
11
|
import { useAtomSet, useAtomValue } from "@effect/atom-react";
|
|
11
12
|
import * as Exit from "effect/Exit";
|
|
12
13
|
import * as AsyncResult from "effect/unstable/reactivity/AsyncResult";
|
|
13
|
-
import { ReactivityKey as ReactivityKey2 } from "@executor-js/react/api/reactivity-keys";
|
|
14
|
-
import { useScope } from "@executor-js/react/api/scope-context";
|
|
15
14
|
import { Button } from "@executor-js/react/components/button";
|
|
16
15
|
import { Input } from "@executor-js/react/components/input";
|
|
17
16
|
import { Label } from "@executor-js/react/components/label";
|
|
@@ -43,13 +42,15 @@ import { ReactivityKey } from "@executor-js/react/api/reactivity-keys";
|
|
|
43
42
|
|
|
44
43
|
// src/react/client.ts
|
|
45
44
|
import { createPluginAtomClient } from "@executor-js/sdk/client";
|
|
46
|
-
import {
|
|
45
|
+
import {
|
|
46
|
+
getExecutorApiBaseUrl,
|
|
47
|
+
getExecutorServerAuthorizationHeader
|
|
48
|
+
} from "@executor-js/react/api/server-connection";
|
|
47
49
|
|
|
48
50
|
// src/api/group.ts
|
|
49
51
|
import { HttpApiEndpoint, HttpApiGroup } from "effect/unstable/httpapi";
|
|
50
52
|
import { Schema } from "effect";
|
|
51
|
-
import { InternalError
|
|
52
|
-
var ScopeParams = { scopeId: ScopeId };
|
|
53
|
+
import { InternalError } from "@executor-js/sdk/shared";
|
|
53
54
|
var ConfigurePayload = OnePasswordConfig;
|
|
54
55
|
var ListVaultsParams = Schema.Struct({
|
|
55
56
|
authKind: Schema.Literals(["desktop-app", "service-account"]),
|
|
@@ -58,35 +59,30 @@ var ListVaultsParams = Schema.Struct({
|
|
|
58
59
|
var ListVaultsResponse = Schema.Struct({
|
|
59
60
|
vaults: Schema.Array(Vault)
|
|
60
61
|
});
|
|
61
|
-
var GetConfigResponse = Schema.NullOr(
|
|
62
|
+
var GetConfigResponse = Schema.NullOr(RedactedOnePasswordConfig);
|
|
62
63
|
var OnePasswordGroup = HttpApiGroup.make("onepassword").add(
|
|
63
|
-
HttpApiEndpoint.get("getConfig", "/
|
|
64
|
-
params: ScopeParams,
|
|
64
|
+
HttpApiEndpoint.get("getConfig", "/onepassword/config", {
|
|
65
65
|
success: GetConfigResponse,
|
|
66
66
|
error: [InternalError, OnePasswordError]
|
|
67
67
|
})
|
|
68
68
|
).add(
|
|
69
|
-
HttpApiEndpoint.put("configure", "/
|
|
70
|
-
params: ScopeParams,
|
|
69
|
+
HttpApiEndpoint.put("configure", "/onepassword/config", {
|
|
71
70
|
payload: ConfigurePayload,
|
|
72
71
|
success: Schema.Void,
|
|
73
72
|
error: [InternalError, OnePasswordError]
|
|
74
73
|
})
|
|
75
74
|
).add(
|
|
76
|
-
HttpApiEndpoint.delete("removeConfig", "/
|
|
77
|
-
params: ScopeParams,
|
|
75
|
+
HttpApiEndpoint.delete("removeConfig", "/onepassword/config", {
|
|
78
76
|
success: Schema.Void,
|
|
79
77
|
error: [InternalError, OnePasswordError]
|
|
80
78
|
})
|
|
81
79
|
).add(
|
|
82
|
-
HttpApiEndpoint.get("status", "/
|
|
83
|
-
params: ScopeParams,
|
|
80
|
+
HttpApiEndpoint.get("status", "/onepassword/status", {
|
|
84
81
|
success: ConnectionStatus,
|
|
85
82
|
error: [InternalError, OnePasswordError]
|
|
86
83
|
})
|
|
87
84
|
).add(
|
|
88
|
-
HttpApiEndpoint.get("listVaults", "/
|
|
89
|
-
params: ScopeParams,
|
|
85
|
+
HttpApiEndpoint.get("listVaults", "/onepassword/vaults", {
|
|
90
86
|
query: ListVaultsParams,
|
|
91
87
|
success: ListVaultsResponse,
|
|
92
88
|
error: [InternalError, OnePasswordError]
|
|
@@ -95,21 +91,24 @@ var OnePasswordGroup = HttpApiGroup.make("onepassword").add(
|
|
|
95
91
|
|
|
96
92
|
// src/react/client.ts
|
|
97
93
|
var OnePasswordClient = createPluginAtomClient(OnePasswordGroup, {
|
|
98
|
-
baseUrl:
|
|
94
|
+
baseUrl: getExecutorApiBaseUrl,
|
|
95
|
+
authorizationHeader: getExecutorServerAuthorizationHeader
|
|
99
96
|
});
|
|
100
97
|
|
|
101
98
|
// src/react/atoms.ts
|
|
102
|
-
var onepasswordWriteKeys = [ReactivityKey.
|
|
103
|
-
var onepasswordConfigAtom =
|
|
104
|
-
params: { scopeId },
|
|
99
|
+
var onepasswordWriteKeys = [ReactivityKey.providers];
|
|
100
|
+
var onepasswordConfigAtom = OnePasswordClient.query("onepassword", "getConfig", {
|
|
105
101
|
timeToLive: "30 seconds",
|
|
106
|
-
reactivityKeys: [ReactivityKey.
|
|
102
|
+
reactivityKeys: [ReactivityKey.providers]
|
|
103
|
+
});
|
|
104
|
+
var onepasswordStatusAtom = OnePasswordClient.query("onepassword", "status", {
|
|
105
|
+
timeToLive: "15 seconds",
|
|
106
|
+
reactivityKeys: [ReactivityKey.providers]
|
|
107
107
|
});
|
|
108
|
-
var onepasswordVaultsAtom = (authKind, account
|
|
109
|
-
params: { scopeId },
|
|
108
|
+
var onepasswordVaultsAtom = (authKind, account) => OnePasswordClient.query("onepassword", "listVaults", {
|
|
110
109
|
query: { authKind, account },
|
|
111
110
|
timeToLive: "30 seconds",
|
|
112
|
-
reactivityKeys: [ReactivityKey.
|
|
111
|
+
reactivityKeys: [ReactivityKey.providers]
|
|
113
112
|
});
|
|
114
113
|
var configureOnePassword = OnePasswordClient.mutation("onepassword", "configure");
|
|
115
114
|
var removeOnePasswordConfig = OnePasswordClient.mutation("onepassword", "removeConfig");
|
|
@@ -118,8 +117,7 @@ var removeOnePasswordConfig = OnePasswordClient.mutation("onepassword", "removeC
|
|
|
118
117
|
import { Fragment, jsx, jsxs } from "react/jsx-runtime";
|
|
119
118
|
function VaultPicker(props) {
|
|
120
119
|
const account = props.accountName.trim();
|
|
121
|
-
const
|
|
122
|
-
const vaultsResult = useAtomValue(onepasswordVaultsAtom(props.authKind, account, scopeId));
|
|
120
|
+
const vaultsResult = useAtomValue(onepasswordVaultsAtom(props.authKind, account));
|
|
123
121
|
const { vaults, isLoading, error } = AsyncResult.matchWithError(
|
|
124
122
|
vaultsResult,
|
|
125
123
|
{
|
|
@@ -140,8 +138,9 @@ function VaultPicker(props) {
|
|
|
140
138
|
}),
|
|
141
139
|
onSuccess: ({ value }) => {
|
|
142
140
|
const v = value.vaults;
|
|
143
|
-
|
|
144
|
-
|
|
141
|
+
const defaultVault = v[0];
|
|
142
|
+
if (defaultVault && (!props.vaultId || v.length === 1 && props.vaultId !== defaultVault.id)) {
|
|
143
|
+
queueMicrotask(() => props.onVaultSelect(defaultVault.id, defaultVault.name));
|
|
145
144
|
}
|
|
146
145
|
return { vaults: [...v], isLoading: false, error: null };
|
|
147
146
|
}
|
|
@@ -150,8 +149,9 @@ function VaultPicker(props) {
|
|
|
150
149
|
if (!account) {
|
|
151
150
|
return /* @__PURE__ */ jsx("p", { className: "text-[11px] text-muted-foreground/50 py-1", children: "Enter account details to load vaults." });
|
|
152
151
|
}
|
|
152
|
+
const singleVault = vaults.length === 1 ? vaults[0] : null;
|
|
153
153
|
return /* @__PURE__ */ jsxs("div", { className: "grid gap-2", children: [
|
|
154
|
-
/* @__PURE__ */ jsxs(
|
|
154
|
+
singleVault ? /* @__PURE__ */ jsx("div", { className: "flex h-9 items-center rounded-md border border-input bg-muted/30 px-3 text-[13px] text-foreground", children: /* @__PURE__ */ jsx("span", { className: "truncate", children: singleVault.name }) }) : /* @__PURE__ */ jsxs(
|
|
155
155
|
Select,
|
|
156
156
|
{
|
|
157
157
|
disabled: isLoading || vaults.length === 0,
|
|
@@ -179,7 +179,6 @@ function ConfigDialog(props) {
|
|
|
179
179
|
const [vaultName, setVaultName] = useState(props.initial?.name ?? "");
|
|
180
180
|
const [saving, setSaving] = useState(false);
|
|
181
181
|
const [error, setError] = useState(null);
|
|
182
|
-
const scopeId = useScope();
|
|
183
182
|
const doConfigure = useAtomSet(configureOnePassword, { mode: "promiseExit" });
|
|
184
183
|
const reset = () => {
|
|
185
184
|
if (!isEdit) {
|
|
@@ -195,11 +194,14 @@ function ConfigDialog(props) {
|
|
|
195
194
|
if (!accountName.trim() || !vaultId.trim()) return;
|
|
196
195
|
setSaving(true);
|
|
197
196
|
setError(null);
|
|
198
|
-
const auth = authKind === "desktop-app" ? { kind: "desktop-app", accountName: accountName.trim() } : { kind: "service-account",
|
|
197
|
+
const auth = authKind === "desktop-app" ? { kind: "desktop-app", accountName: accountName.trim() } : { kind: "service-account", token: accountName.trim() };
|
|
199
198
|
const exit = await doConfigure({
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
199
|
+
payload: {
|
|
200
|
+
auth,
|
|
201
|
+
vaultId: vaultId.trim(),
|
|
202
|
+
name: vaultName.trim() || "1Password"
|
|
203
|
+
},
|
|
204
|
+
reactivityKeys: onepasswordWriteKeys
|
|
203
205
|
});
|
|
204
206
|
if (Exit.isFailure(exit)) {
|
|
205
207
|
setError("Failed to save configuration");
|
|
@@ -241,17 +243,17 @@ function ConfigDialog(props) {
|
|
|
241
243
|
)
|
|
242
244
|
] }),
|
|
243
245
|
/* @__PURE__ */ jsxs("div", { className: "grid gap-1.5", children: [
|
|
244
|
-
/* @__PURE__ */ jsx(Label, { className: "text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground", children: authKind === "desktop-app" ? "Account domain" : "
|
|
246
|
+
/* @__PURE__ */ jsx(Label, { className: "text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground", children: authKind === "desktop-app" ? "Account domain" : "Service account token" }),
|
|
245
247
|
/* @__PURE__ */ jsx(
|
|
246
248
|
Input,
|
|
247
249
|
{
|
|
248
|
-
placeholder: authKind === "desktop-app" ? "my.1password.com" : "
|
|
250
|
+
placeholder: authKind === "desktop-app" ? "my.1password.com" : "ops_...",
|
|
249
251
|
value: accountName,
|
|
250
252
|
onChange: (e) => setAccountName(e.target.value),
|
|
251
253
|
className: "font-mono text-[13px] h-9"
|
|
252
254
|
}
|
|
253
255
|
),
|
|
254
|
-
/* @__PURE__ */ jsx("p", { className: "text-[11px] text-muted-foreground/60 leading-relaxed", children: authKind === "desktop-app" ? "Requires the 1Password desktop app with biometric unlock." : "
|
|
256
|
+
/* @__PURE__ */ jsx("p", { className: "text-[11px] text-muted-foreground/60 leading-relaxed", children: authKind === "desktop-app" ? "Requires the 1Password desktop app with biometric unlock." : "The token is stored in this provider's owner-scoped config and never surfaced again." })
|
|
255
257
|
] }),
|
|
256
258
|
/* @__PURE__ */ jsxs("div", { className: "grid gap-1.5", children: [
|
|
257
259
|
/* @__PURE__ */ jsx(Label, { className: "text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground", children: "Vault" }),
|
|
@@ -266,8 +268,7 @@ function ConfigDialog(props) {
|
|
|
266
268
|
setVaultName(name);
|
|
267
269
|
}
|
|
268
270
|
}
|
|
269
|
-
)
|
|
270
|
-
vaultId && /* @__PURE__ */ jsx("p", { className: "font-mono text-[10px] text-muted-foreground/50", children: vaultId })
|
|
271
|
+
)
|
|
271
272
|
] }),
|
|
272
273
|
/* @__PURE__ */ jsxs("div", { className: "grid gap-1.5", children: [
|
|
273
274
|
/* @__PURE__ */ jsx(Label, { className: "text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground", children: "Display name" }),
|
|
@@ -301,15 +302,18 @@ function ConfigDialog(props) {
|
|
|
301
302
|
}
|
|
302
303
|
function OnePasswordSettings() {
|
|
303
304
|
const [configOpen, setConfigOpen] = useState(false);
|
|
304
|
-
const
|
|
305
|
-
const configResult = useAtomValue(onepasswordConfigAtom(scopeId));
|
|
305
|
+
const configResult = useAtomValue(onepasswordConfigAtom);
|
|
306
306
|
const doRemove = useAtomSet(removeOnePasswordConfig, { mode: "promiseExit" });
|
|
307
307
|
const handleRemove = async () => {
|
|
308
|
-
await doRemove({
|
|
308
|
+
await doRemove({ reactivityKeys: onepasswordWriteKeys });
|
|
309
309
|
};
|
|
310
310
|
const config = AsyncResult.match(
|
|
311
311
|
configResult,
|
|
312
|
-
{
|
|
312
|
+
{
|
|
313
|
+
onInitial: () => null,
|
|
314
|
+
onFailure: () => null,
|
|
315
|
+
onSuccess: ({ value }) => value
|
|
316
|
+
}
|
|
313
317
|
);
|
|
314
318
|
const isLoading = AsyncResult.match(
|
|
315
319
|
configResult,
|
|
@@ -333,10 +337,7 @@ function OnePasswordSettings() {
|
|
|
333
337
|
/* @__PURE__ */ jsx("span", { className: "text-muted-foreground/60", children: "Auth" }),
|
|
334
338
|
/* @__PURE__ */ jsx("span", { className: "font-mono text-foreground/80 truncate", children: config.auth.kind === "desktop-app" ? config.auth.accountName : "service-account" }),
|
|
335
339
|
/* @__PURE__ */ jsx("span", { className: "text-muted-foreground/60", children: "Vault" }),
|
|
336
|
-
/* @__PURE__ */
|
|
337
|
-
/* @__PURE__ */ jsx("span", { className: "text-foreground/80 truncate", children: config.name }),
|
|
338
|
-
/* @__PURE__ */ jsx("span", { className: "font-mono text-[10px] text-muted-foreground/40 truncate", children: config.vaultId })
|
|
339
|
-
] })
|
|
340
|
+
/* @__PURE__ */ jsx("div", { className: "flex items-center gap-2 min-w-0", children: /* @__PURE__ */ jsx("span", { className: "text-foreground/80 truncate", children: config.name }) })
|
|
340
341
|
] }) : /* @__PURE__ */ jsx(CardStackEntryDescription, { children: "Resolve secrets from your 1Password vault." }) }),
|
|
341
342
|
/* @__PURE__ */ jsx(CardStackEntryActions, { children: config ? /* @__PURE__ */ jsxs(Fragment, { children: [
|
|
342
343
|
/* @__PURE__ */ jsx(
|
|
@@ -377,7 +378,9 @@ function OnePasswordSettings() {
|
|
|
377
378
|
onOpenChange: setConfigOpen,
|
|
378
379
|
initial: config ? {
|
|
379
380
|
authKind: config.auth.kind,
|
|
380
|
-
|
|
381
|
+
// Service-account tokens are never surfaced (redacted); the
|
|
382
|
+
// user re-enters the token when editing that auth method.
|
|
383
|
+
accountName: config.auth.kind === "desktop-app" ? config.auth.accountName : "",
|
|
381
384
|
vaultId: config.vaultId,
|
|
382
385
|
name: config.name
|
|
383
386
|
} : void 0
|
|
@@ -388,4 +391,4 @@ function OnePasswordSettings() {
|
|
|
388
391
|
export {
|
|
389
392
|
OnePasswordSettings as default
|
|
390
393
|
};
|
|
391
|
-
//# sourceMappingURL=OnePasswordSettings-
|
|
394
|
+
//# sourceMappingURL=OnePasswordSettings-KMRJZYUZ.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/react/OnePasswordSettings.tsx","../src/react/atoms.ts","../src/react/client.ts","../src/api/group.ts"],"sourcesContent":["import { useState } from \"react\";\nimport { useAtomSet, useAtomValue } from \"@effect/atom-react\";\nimport * as Exit from \"effect/Exit\";\nimport * as AsyncResult from \"effect/unstable/reactivity/AsyncResult\";\nimport { Button } from \"@executor-js/react/components/button\";\nimport { Input } from \"@executor-js/react/components/input\";\nimport { Label } from \"@executor-js/react/components/label\";\nimport {\n Select,\n SelectContent,\n SelectItem,\n SelectTrigger,\n SelectValue,\n} from \"@executor-js/react/components/select\";\nimport {\n Dialog,\n DialogContent,\n DialogHeader,\n DialogTitle,\n DialogDescription,\n DialogFooter,\n DialogClose,\n} from \"@executor-js/react/components/dialog\";\nimport {\n CardStackEntry,\n CardStackEntryActions,\n CardStackEntryContent,\n CardStackEntryDescription,\n} from \"@executor-js/react/components/card-stack\";\n\nimport {\n onepasswordConfigAtom,\n onepasswordVaultsAtom,\n configureOnePassword,\n removeOnePasswordConfig,\n onepasswordWriteKeys,\n} from \"./atoms\";\nimport type { RedactedOnePasswordConfig } from \"../sdk/types\";\n\n// ---------------------------------------------------------------------------\n// Vault picker\n// ---------------------------------------------------------------------------\n\nfunction VaultPicker(props: {\n authKind: \"desktop-app\" | \"service-account\";\n accountName: string;\n vaultId: string;\n onVaultSelect: (id: string, name: string) => void;\n}) {\n const account = props.accountName.trim();\n const vaultsResult = useAtomValue(onepasswordVaultsAtom(props.authKind, account));\n\n const { vaults, isLoading, error } = AsyncResult.matchWithError(\n vaultsResult as AsyncResult.AsyncResult<\n { vaults: ReadonlyArray<{ id: string; name: string }> },\n Error\n >,\n {\n onInitial: () => ({\n vaults: [] as { id: string; name: string }[],\n isLoading: true,\n error: null,\n }),\n onError: () => ({\n vaults: [] as { id: string; name: string }[],\n isLoading: false,\n error: \"Failed to list vaults\",\n }),\n onDefect: () => ({\n vaults: [] as { id: string; name: string }[],\n isLoading: false,\n error: \"Failed to list vaults\",\n }),\n onSuccess: ({ value }) => {\n const v = value.vaults;\n const defaultVault = v[0];\n if (\n defaultVault &&\n (!props.vaultId || (v.length === 1 && props.vaultId !== defaultVault.id))\n ) {\n queueMicrotask(() => props.onVaultSelect(defaultVault.id, defaultVault.name));\n }\n return { vaults: [...v], isLoading: false, error: null };\n },\n },\n );\n\n if (!account) {\n return (\n <p className=\"text-[11px] text-muted-foreground/50 py-1\">\n Enter account details to load vaults.\n </p>\n );\n }\n\n const singleVault = vaults.length === 1 ? vaults[0] : null;\n\n return (\n <div className=\"grid gap-2\">\n {singleVault ? (\n <div className=\"flex h-9 items-center rounded-md border border-input bg-muted/30 px-3 text-[13px] text-foreground\">\n <span className=\"truncate\">{singleVault.name}</span>\n </div>\n ) : (\n <Select\n disabled={isLoading || vaults.length === 0}\n value={props.vaultId}\n onValueChange={(id) => {\n const v = vaults.find((vault) => vault.id === id);\n if (v) props.onVaultSelect(v.id, v.name);\n }}\n >\n <SelectTrigger className=\"h-9 text-[13px]\">\n <SelectValue placeholder={isLoading ? \"Loading…\" : \"Select a vault\"} />\n </SelectTrigger>\n <SelectContent>\n {vaults.map((v) => (\n <SelectItem key={v.id} value={v.id}>\n {v.name}\n </SelectItem>\n ))}\n </SelectContent>\n </Select>\n )}\n {error && (\n <div className=\"rounded-md border border-destructive/20 bg-destructive/5 px-2.5 py-1.5\">\n <p className=\"text-[11px] text-destructive leading-relaxed whitespace-pre-line\">\n {error}\n </p>\n </div>\n )}\n </div>\n );\n}\n\n// ---------------------------------------------------------------------------\n// Config dialog\n// ---------------------------------------------------------------------------\n\nfunction ConfigDialog(props: {\n open: boolean;\n onOpenChange: (v: boolean) => void;\n initial?: {\n authKind: string;\n accountName: string;\n vaultId: string;\n name: string;\n };\n}) {\n const isEdit = !!props.initial;\n const [authKind, setAuthKind] = useState<\"desktop-app\" | \"service-account\">(\n (props.initial?.authKind as \"desktop-app\" | \"service-account\") ?? \"desktop-app\",\n );\n const [accountName, setAccountName] = useState(props.initial?.accountName ?? \"my.1password.com\");\n const [vaultId, setVaultId] = useState(props.initial?.vaultId ?? \"\");\n const [vaultName, setVaultName] = useState(props.initial?.name ?? \"\");\n const [saving, setSaving] = useState(false);\n const [error, setError] = useState<string | null>(null);\n\n const doConfigure = useAtomSet(configureOnePassword, { mode: \"promiseExit\" });\n\n const reset = () => {\n if (!isEdit) {\n setAuthKind(\"desktop-app\");\n setAccountName(\"my.1password.com\");\n setVaultId(\"\");\n setVaultName(\"\");\n }\n setError(null);\n setSaving(false);\n };\n\n const handleSave = async () => {\n if (!accountName.trim() || !vaultId.trim()) return;\n setSaving(true);\n setError(null);\n\n const auth =\n authKind === \"desktop-app\"\n ? { kind: \"desktop-app\" as const, accountName: accountName.trim() }\n : { kind: \"service-account\" as const, token: accountName.trim() };\n\n const exit = await doConfigure({\n payload: {\n auth,\n vaultId: vaultId.trim(),\n name: vaultName.trim() || \"1Password\",\n },\n reactivityKeys: onepasswordWriteKeys,\n });\n if (Exit.isFailure(exit)) {\n setError(\"Failed to save configuration\");\n setSaving(false);\n return;\n }\n\n props.onOpenChange(false);\n reset();\n };\n\n return (\n <Dialog\n open={props.open}\n onOpenChange={(v) => {\n if (!v) reset();\n props.onOpenChange(v);\n }}\n >\n <DialogContent className=\"sm:max-w-[420px]\">\n <DialogHeader>\n <DialogTitle className=\"font-display text-xl\">\n {isEdit ? \"Edit 1Password\" : \"Connect 1Password\"}\n </DialogTitle>\n <DialogDescription className=\"text-[13px] leading-relaxed\">\n Link a vault to resolve secrets via the 1Password desktop app or a service account.\n </DialogDescription>\n </DialogHeader>\n\n <div className=\"grid gap-5 py-3\">\n {/* Auth method */}\n <div className=\"grid gap-1.5\">\n <Label className=\"text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground\">\n Auth method\n </Label>\n <Select\n value={authKind}\n onValueChange={(v) => setAuthKind(v as \"desktop-app\" | \"service-account\")}\n >\n <SelectTrigger className=\"h-9 text-[13px]\">\n <SelectValue />\n </SelectTrigger>\n <SelectContent>\n <SelectItem value=\"desktop-app\">Desktop App (biometric)</SelectItem>\n <SelectItem value=\"service-account\">Service Account</SelectItem>\n </SelectContent>\n </Select>\n </div>\n\n {/* Account / token */}\n <div className=\"grid gap-1.5\">\n <Label className=\"text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground\">\n {authKind === \"desktop-app\" ? \"Account domain\" : \"Service account token\"}\n </Label>\n <Input\n placeholder={authKind === \"desktop-app\" ? \"my.1password.com\" : \"ops_...\"}\n value={accountName}\n onChange={(e) => setAccountName((e.target as HTMLInputElement).value)}\n className=\"font-mono text-[13px] h-9\"\n />\n <p className=\"text-[11px] text-muted-foreground/60 leading-relaxed\">\n {authKind === \"desktop-app\"\n ? \"Requires the 1Password desktop app with biometric unlock.\"\n : \"The token is stored in this provider's owner-scoped config and never surfaced again.\"}\n </p>\n </div>\n\n {/* Vault */}\n <div className=\"grid gap-1.5\">\n <Label className=\"text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground\">\n Vault\n </Label>\n <VaultPicker\n authKind={authKind}\n accountName={accountName}\n vaultId={vaultId}\n onVaultSelect={(id, name) => {\n setVaultId(id);\n setVaultName(name);\n }}\n />\n </div>\n\n {/* Display name */}\n <div className=\"grid gap-1.5\">\n <Label className=\"text-[11px] font-medium uppercase tracking-[0.08em] text-muted-foreground\">\n Display name\n </Label>\n <Input\n placeholder=\"1Password\"\n value={vaultName}\n onChange={(e) => setVaultName((e.target as HTMLInputElement).value)}\n className=\"text-[13px] h-9\"\n />\n </div>\n\n {error && (\n <div className=\"rounded-md border border-destructive/20 bg-destructive/5 px-3 py-2\">\n <p className=\"text-[12px] text-destructive whitespace-pre-line\">{error}</p>\n </div>\n )}\n </div>\n\n <DialogFooter>\n <DialogClose asChild>\n <Button variant=\"ghost\" size=\"sm\">\n Cancel\n </Button>\n </DialogClose>\n <Button\n size=\"sm\"\n onClick={handleSave}\n disabled={!accountName.trim() || !vaultId.trim() || saving}\n >\n {saving ? \"Saving…\" : isEdit ? \"Update\" : \"Connect\"}\n </Button>\n </DialogFooter>\n </DialogContent>\n </Dialog>\n );\n}\n\n// ---------------------------------------------------------------------------\n// Settings card\n// ---------------------------------------------------------------------------\n\nexport default function OnePasswordSettings() {\n const [configOpen, setConfigOpen] = useState(false);\n const configResult = useAtomValue(onepasswordConfigAtom);\n const doRemove = useAtomSet(removeOnePasswordConfig, { mode: \"promiseExit\" });\n\n const handleRemove = async () => {\n await doRemove({ reactivityKeys: onepasswordWriteKeys });\n };\n\n const config: RedactedOnePasswordConfig | null = AsyncResult.match(\n configResult as AsyncResult.AsyncResult<RedactedOnePasswordConfig | null, unknown>,\n {\n onInitial: () => null,\n onFailure: () => null,\n onSuccess: ({ value }) => value,\n },\n );\n const isLoading = AsyncResult.match(\n configResult as AsyncResult.AsyncResult<RedactedOnePasswordConfig | null, unknown>,\n {\n onInitial: () => true,\n onFailure: () => false,\n onSuccess: () => false,\n },\n );\n const isError = AsyncResult.match(\n configResult as AsyncResult.AsyncResult<RedactedOnePasswordConfig | null, unknown>,\n {\n onInitial: () => false,\n onFailure: () => true,\n onSuccess: () => false,\n },\n );\n\n return (\n <>\n <CardStackEntry>\n <CardStackEntryContent>\n {isLoading ? (\n <CardStackEntryDescription>Loading…</CardStackEntryDescription>\n ) : isError ? (\n <CardStackEntryDescription className=\"text-destructive\">\n Failed to load configuration\n </CardStackEntryDescription>\n ) : config ? (\n <div className=\"grid grid-cols-[auto_1fr] gap-x-6 gap-y-1 text-[12px]\">\n <span className=\"text-muted-foreground/60\">Auth</span>\n <span className=\"font-mono text-foreground/80 truncate\">\n {config.auth.kind === \"desktop-app\" ? config.auth.accountName : \"service-account\"}\n </span>\n <span className=\"text-muted-foreground/60\">Vault</span>\n <div className=\"flex items-center gap-2 min-w-0\">\n <span className=\"text-foreground/80 truncate\">{config.name}</span>\n </div>\n </div>\n ) : (\n <CardStackEntryDescription>\n Resolve secrets from your 1Password vault.\n </CardStackEntryDescription>\n )}\n </CardStackEntryContent>\n <CardStackEntryActions>\n {config ? (\n <>\n <Button\n variant=\"ghost\"\n size=\"sm\"\n className=\"h-7 px-2.5 text-[12px]\"\n onClick={() => setConfigOpen(true)}\n >\n Edit\n </Button>\n <Button\n variant=\"ghost\"\n size=\"sm\"\n className=\"h-7 px-2.5 text-[12px] text-destructive/70 hover:text-destructive\"\n onClick={handleRemove}\n >\n Disconnect\n </Button>\n </>\n ) : (\n !isLoading &&\n !isError && (\n <Button\n variant=\"link\"\n size=\"sm\"\n className=\"h-7 px-0 text-[12px] shrink-0\"\n onClick={() => setConfigOpen(true)}\n >\n Add 1Password\n </Button>\n )\n )}\n </CardStackEntryActions>\n </CardStackEntry>\n\n {configOpen && (\n <ConfigDialog\n open={configOpen}\n onOpenChange={setConfigOpen}\n initial={\n config\n ? {\n authKind: config.auth.kind,\n // Service-account tokens are never surfaced (redacted); the\n // user re-enters the token when editing that auth method.\n accountName: config.auth.kind === \"desktop-app\" ? config.auth.accountName : \"\",\n vaultId: config.vaultId,\n name: config.name,\n }\n : undefined\n }\n />\n )}\n </>\n );\n}\n","import { ReactivityKey } from \"@executor-js/react/api/reactivity-keys\";\nimport { OnePasswordClient } from \"./client\";\n\n// 1Password is a CredentialProvider in v2 — its owner-scoped config lives in\n// the `providers` reactivity family (the v1 `secrets` key is gone).\nexport const onepasswordWriteKeys = [ReactivityKey.providers] as const;\n\n// ---------------------------------------------------------------------------\n// Query atoms\n//\n// v2: the 1Password config is a single owner-partitioned binding the server\n// derives from the executor's owner — there are no owner path params here; the\n// server reads the acting owner from the executor binding.\n// ---------------------------------------------------------------------------\n\nexport const onepasswordConfigAtom = OnePasswordClient.query(\"onepassword\", \"getConfig\", {\n timeToLive: \"30 seconds\",\n reactivityKeys: [ReactivityKey.providers],\n});\n\nexport const onepasswordStatusAtom = OnePasswordClient.query(\"onepassword\", \"status\", {\n timeToLive: \"15 seconds\",\n reactivityKeys: [ReactivityKey.providers],\n});\n\n// ---------------------------------------------------------------------------\n// Query atoms — vaults\n// ---------------------------------------------------------------------------\n\nexport const onepasswordVaultsAtom = (\n authKind: \"desktop-app\" | \"service-account\",\n account: string,\n) =>\n OnePasswordClient.query(\"onepassword\", \"listVaults\", {\n query: { authKind, account },\n timeToLive: \"30 seconds\",\n reactivityKeys: [ReactivityKey.providers],\n });\n\n// ---------------------------------------------------------------------------\n// Mutation atoms\n// ---------------------------------------------------------------------------\n\nexport const configureOnePassword = OnePasswordClient.mutation(\"onepassword\", \"configure\");\n\nexport const removeOnePasswordConfig = OnePasswordClient.mutation(\"onepassword\", \"removeConfig\");\n","import { createPluginAtomClient } from \"@executor-js/sdk/client\";\nimport {\n getExecutorApiBaseUrl,\n getExecutorServerAuthorizationHeader,\n} from \"@executor-js/react/api/server-connection\";\nimport { OnePasswordGroup } from \"../api/group\";\n\nexport const OnePasswordClient = createPluginAtomClient(OnePasswordGroup, {\n baseUrl: getExecutorApiBaseUrl,\n authorizationHeader: getExecutorServerAuthorizationHeader,\n});\n","import { HttpApiEndpoint, HttpApiGroup } from \"effect/unstable/httpapi\";\nimport { Schema } from \"effect\";\nimport { InternalError } from \"@executor-js/sdk/shared\";\n\nimport { OnePasswordError } from \"../sdk/errors\";\nimport {\n OnePasswordConfig,\n RedactedOnePasswordConfig,\n Vault,\n ConnectionStatus,\n} from \"../sdk/types\";\n\n// ---------------------------------------------------------------------------\n// Payloads\n//\n// v2: config is a single per-owner binding the extension derives from the\n// executor's owner binding — there are no scope segments in the path. The\n// configure payload carries the full config (including the service-account\n// token); reads return the redacted projection so the token never leaves the\n// plugin.\n// ---------------------------------------------------------------------------\n\nconst ConfigurePayload = OnePasswordConfig;\n\nconst ListVaultsParams = Schema.Struct({\n authKind: Schema.Literals([\"desktop-app\", \"service-account\"]),\n account: Schema.String,\n});\n\n// ---------------------------------------------------------------------------\n// Responses\n// ---------------------------------------------------------------------------\n\nconst ListVaultsResponse = Schema.Struct({\n vaults: Schema.Array(Vault),\n});\n\nconst GetConfigResponse = Schema.NullOr(RedactedOnePasswordConfig);\n\n// ---------------------------------------------------------------------------\n// Group\n//\n// Plugin SDK errors (OnePasswordError) are declared once per endpoint via the\n// `error` field — the error carries its own 502 status via `HttpApiSchema`\n// annotations in errors.ts.\n//\n// `InternalError` is the shared opaque 500 schema translated at the HTTP edge\n// by `withCapture`. Storage failures on `ctx.storage` flow through as\n// `StorageFailure` in the typed channel and are captured + downgraded to\n// `InternalError({ traceId })` at Layer composition.\n// ---------------------------------------------------------------------------\n\nexport const OnePasswordGroup = HttpApiGroup.make(\"onepassword\")\n .add(\n HttpApiEndpoint.get(\"getConfig\", \"/onepassword/config\", {\n success: GetConfigResponse,\n error: [InternalError, OnePasswordError],\n }),\n )\n .add(\n HttpApiEndpoint.put(\"configure\", \"/onepassword/config\", {\n payload: ConfigurePayload,\n success: Schema.Void,\n error: [InternalError, OnePasswordError],\n }),\n )\n .add(\n HttpApiEndpoint.delete(\"removeConfig\", \"/onepassword/config\", {\n success: Schema.Void,\n error: [InternalError, OnePasswordError],\n }),\n )\n .add(\n HttpApiEndpoint.get(\"status\", \"/onepassword/status\", {\n success: ConnectionStatus,\n error: [InternalError, OnePasswordError],\n }),\n )\n .add(\n HttpApiEndpoint.get(\"listVaults\", \"/onepassword/vaults\", {\n query: ListVaultsParams,\n success: ListVaultsResponse,\n error: [InternalError, OnePasswordError],\n }),\n );\n"],"mappings":";;;;;;;;;AAAA,SAAS,gBAAgB;AACzB,SAAS,YAAY,oBAAoB;AACzC,YAAY,UAAU;AACtB,YAAY,iBAAiB;AAC7B,SAAS,cAAc;AACvB,SAAS,aAAa;AACtB,SAAS,aAAa;AACtB;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;;;AC5BP,SAAS,qBAAqB;;;ACA9B,SAAS,8BAA8B;AACvC;AAAA,EACE;AAAA,EACA;AAAA,OACK;;;ACJP,SAAS,iBAAiB,oBAAoB;AAC9C,SAAS,cAAc;AACvB,SAAS,qBAAqB;AAoB9B,IAAM,mBAAmB;AAEzB,IAAM,mBAAmB,OAAO,OAAO;AAAA,EACrC,UAAU,OAAO,SAAS,CAAC,eAAe,iBAAiB,CAAC;AAAA,EAC5D,SAAS,OAAO;AAClB,CAAC;AAMD,IAAM,qBAAqB,OAAO,OAAO;AAAA,EACvC,QAAQ,OAAO,MAAM,KAAK;AAC5B,CAAC;AAED,IAAM,oBAAoB,OAAO,OAAO,yBAAyB;AAe1D,IAAM,mBAAmB,aAAa,KAAK,aAAa,EAC5D;AAAA,EACC,gBAAgB,IAAI,aAAa,uBAAuB;AAAA,IACtD,SAAS;AAAA,IACT,OAAO,CAAC,eAAe,gBAAgB;AAAA,EACzC,CAAC;AACH,EACC;AAAA,EACC,gBAAgB,IAAI,aAAa,uBAAuB;AAAA,IACtD,SAAS;AAAA,IACT,SAAS,OAAO;AAAA,IAChB,OAAO,CAAC,eAAe,gBAAgB;AAAA,EACzC,CAAC;AACH,EACC;AAAA,EACC,gBAAgB,OAAO,gBAAgB,uBAAuB;AAAA,IAC5D,SAAS,OAAO;AAAA,IAChB,OAAO,CAAC,eAAe,gBAAgB;AAAA,EACzC,CAAC;AACH,EACC;AAAA,EACC,gBAAgB,IAAI,UAAU,uBAAuB;AAAA,IACnD,SAAS;AAAA,IACT,OAAO,CAAC,eAAe,gBAAgB;AAAA,EACzC,CAAC;AACH,EACC;AAAA,EACC,gBAAgB,IAAI,cAAc,uBAAuB;AAAA,IACvD,OAAO;AAAA,IACP,SAAS;AAAA,IACT,OAAO,CAAC,eAAe,gBAAgB;AAAA,EACzC,CAAC;AACH;;;AD7EK,IAAM,oBAAoB,uBAAuB,kBAAkB;AAAA,EACxE,SAAS;AAAA,EACT,qBAAqB;AACvB,CAAC;;;ADLM,IAAM,uBAAuB,CAAC,cAAc,SAAS;AAUrD,IAAM,wBAAwB,kBAAkB,MAAM,eAAe,aAAa;AAAA,EACvF,YAAY;AAAA,EACZ,gBAAgB,CAAC,cAAc,SAAS;AAC1C,CAAC;AAEM,IAAM,wBAAwB,kBAAkB,MAAM,eAAe,UAAU;AAAA,EACpF,YAAY;AAAA,EACZ,gBAAgB,CAAC,cAAc,SAAS;AAC1C,CAAC;AAMM,IAAM,wBAAwB,CACnC,UACA,YAEA,kBAAkB,MAAM,eAAe,cAAc;AAAA,EACnD,OAAO,EAAE,UAAU,QAAQ;AAAA,EAC3B,YAAY;AAAA,EACZ,gBAAgB,CAAC,cAAc,SAAS;AAC1C,CAAC;AAMI,IAAM,uBAAuB,kBAAkB,SAAS,eAAe,WAAW;AAElF,IAAM,0BAA0B,kBAAkB,SAAS,eAAe,cAAc;;;AD4CzF,SAiSM,UAjSN,KAeE,YAfF;AA9CN,SAAS,YAAY,OAKlB;AACD,QAAM,UAAU,MAAM,YAAY,KAAK;AACvC,QAAM,eAAe,aAAa,sBAAsB,MAAM,UAAU,OAAO,CAAC;AAEhF,QAAM,EAAE,QAAQ,WAAW,MAAM,IAAgB;AAAA,IAC/C;AAAA,IAIA;AAAA,MACE,WAAW,OAAO;AAAA,QAChB,QAAQ,CAAC;AAAA,QACT,WAAW;AAAA,QACX,OAAO;AAAA,MACT;AAAA,MACA,SAAS,OAAO;AAAA,QACd,QAAQ,CAAC;AAAA,QACT,WAAW;AAAA,QACX,OAAO;AAAA,MACT;AAAA,MACA,UAAU,OAAO;AAAA,QACf,QAAQ,CAAC;AAAA,QACT,WAAW;AAAA,QACX,OAAO;AAAA,MACT;AAAA,MACA,WAAW,CAAC,EAAE,MAAM,MAAM;AACxB,cAAM,IAAI,MAAM;AAChB,cAAM,eAAe,EAAE,CAAC;AACxB,YACE,iBACC,CAAC,MAAM,WAAY,EAAE,WAAW,KAAK,MAAM,YAAY,aAAa,KACrE;AACA,yBAAe,MAAM,MAAM,cAAc,aAAa,IAAI,aAAa,IAAI,CAAC;AAAA,QAC9E;AACA,eAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,WAAW,OAAO,OAAO,KAAK;AAAA,MACzD;AAAA,IACF;AAAA,EACF;AAEA,MAAI,CAAC,SAAS;AACZ,WACE,oBAAC,OAAE,WAAU,6CAA4C,mDAEzD;AAAA,EAEJ;AAEA,QAAM,cAAc,OAAO,WAAW,IAAI,OAAO,CAAC,IAAI;AAEtD,SACE,qBAAC,SAAI,WAAU,cACZ;AAAA,kBACC,oBAAC,SAAI,WAAU,qGACb,8BAAC,UAAK,WAAU,YAAY,sBAAY,MAAK,GAC/C,IAEA;AAAA,MAAC;AAAA;AAAA,QACC,UAAU,aAAa,OAAO,WAAW;AAAA,QACzC,OAAO,MAAM;AAAA,QACb,eAAe,CAAC,OAAO;AACrB,gBAAM,IAAI,OAAO,KAAK,CAAC,UAAU,MAAM,OAAO,EAAE;AAChD,cAAI,EAAG,OAAM,cAAc,EAAE,IAAI,EAAE,IAAI;AAAA,QACzC;AAAA,QAEA;AAAA,8BAAC,iBAAc,WAAU,mBACvB,8BAAC,eAAY,aAAa,YAAY,kBAAa,kBAAkB,GACvE;AAAA,UACA,oBAAC,iBACE,iBAAO,IAAI,CAAC,MACX,oBAAC,cAAsB,OAAO,EAAE,IAC7B,YAAE,QADY,EAAE,EAEnB,CACD,GACH;AAAA;AAAA;AAAA,IACF;AAAA,IAED,SACC,oBAAC,SAAI,WAAU,0EACb,8BAAC,OAAE,WAAU,oEACV,iBACH,GACF;AAAA,KAEJ;AAEJ;AAMA,SAAS,aAAa,OASnB;AACD,QAAM,SAAS,CAAC,CAAC,MAAM;AACvB,QAAM,CAAC,UAAU,WAAW,IAAI;AAAA,IAC7B,MAAM,SAAS,YAAkD;AAAA,EACpE;AACA,QAAM,CAAC,aAAa,cAAc,IAAI,SAAS,MAAM,SAAS,eAAe,kBAAkB;AAC/F,QAAM,CAAC,SAAS,UAAU,IAAI,SAAS,MAAM,SAAS,WAAW,EAAE;AACnE,QAAM,CAAC,WAAW,YAAY,IAAI,SAAS,MAAM,SAAS,QAAQ,EAAE;AACpE,QAAM,CAAC,QAAQ,SAAS,IAAI,SAAS,KAAK;AAC1C,QAAM,CAAC,OAAO,QAAQ,IAAI,SAAwB,IAAI;AAEtD,QAAM,cAAc,WAAW,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAE5E,QAAM,QAAQ,MAAM;AAClB,QAAI,CAAC,QAAQ;AACX,kBAAY,aAAa;AACzB,qBAAe,kBAAkB;AACjC,iBAAW,EAAE;AACb,mBAAa,EAAE;AAAA,IACjB;AACA,aAAS,IAAI;AACb,cAAU,KAAK;AAAA,EACjB;AAEA,QAAM,aAAa,YAAY;AAC7B,QAAI,CAAC,YAAY,KAAK,KAAK,CAAC,QAAQ,KAAK,EAAG;AAC5C,cAAU,IAAI;AACd,aAAS,IAAI;AAEb,UAAM,OACJ,aAAa,gBACT,EAAE,MAAM,eAAwB,aAAa,YAAY,KAAK,EAAE,IAChE,EAAE,MAAM,mBAA4B,OAAO,YAAY,KAAK,EAAE;AAEpE,UAAM,OAAO,MAAM,YAAY;AAAA,MAC7B,SAAS;AAAA,QACP;AAAA,QACA,SAAS,QAAQ,KAAK;AAAA,QACtB,MAAM,UAAU,KAAK,KAAK;AAAA,MAC5B;AAAA,MACA,gBAAgB;AAAA,IAClB,CAAC;AACD,QAAS,eAAU,IAAI,GAAG;AACxB,eAAS,8BAA8B;AACvC,gBAAU,KAAK;AACf;AAAA,IACF;AAEA,UAAM,aAAa,KAAK;AACxB,UAAM;AAAA,EACR;AAEA,SACE;AAAA,IAAC;AAAA;AAAA,MACC,MAAM,MAAM;AAAA,MACZ,cAAc,CAAC,MAAM;AACnB,YAAI,CAAC,EAAG,OAAM;AACd,cAAM,aAAa,CAAC;AAAA,MACtB;AAAA,MAEA,+BAAC,iBAAc,WAAU,oBACvB;AAAA,6BAAC,gBACC;AAAA,8BAAC,eAAY,WAAU,wBACpB,mBAAS,mBAAmB,qBAC/B;AAAA,UACA,oBAAC,qBAAkB,WAAU,+BAA8B,iGAE3D;AAAA,WACF;AAAA,QAEA,qBAAC,SAAI,WAAU,mBAEb;AAAA,+BAAC,SAAI,WAAU,gBACb;AAAA,gCAAC,SAAM,WAAU,6EAA4E,yBAE7F;AAAA,YACA;AAAA,cAAC;AAAA;AAAA,gBACC,OAAO;AAAA,gBACP,eAAe,CAAC,MAAM,YAAY,CAAsC;AAAA,gBAExE;AAAA,sCAAC,iBAAc,WAAU,mBACvB,8BAAC,eAAY,GACf;AAAA,kBACA,qBAAC,iBACC;AAAA,wCAAC,cAAW,OAAM,eAAc,qCAAuB;AAAA,oBACvD,oBAAC,cAAW,OAAM,mBAAkB,6BAAe;AAAA,qBACrD;AAAA;AAAA;AAAA,YACF;AAAA,aACF;AAAA,UAGA,qBAAC,SAAI,WAAU,gBACb;AAAA,gCAAC,SAAM,WAAU,6EACd,uBAAa,gBAAgB,mBAAmB,yBACnD;AAAA,YACA;AAAA,cAAC;AAAA;AAAA,gBACC,aAAa,aAAa,gBAAgB,qBAAqB;AAAA,gBAC/D,OAAO;AAAA,gBACP,UAAU,CAAC,MAAM,eAAgB,EAAE,OAA4B,KAAK;AAAA,gBACpE,WAAU;AAAA;AAAA,YACZ;AAAA,YACA,oBAAC,OAAE,WAAU,wDACV,uBAAa,gBACV,8DACA,wFACN;AAAA,aACF;AAAA,UAGA,qBAAC,SAAI,WAAU,gBACb;AAAA,gCAAC,SAAM,WAAU,6EAA4E,mBAE7F;AAAA,YACA;AAAA,cAAC;AAAA;AAAA,gBACC;AAAA,gBACA;AAAA,gBACA;AAAA,gBACA,eAAe,CAAC,IAAI,SAAS;AAC3B,6BAAW,EAAE;AACb,+BAAa,IAAI;AAAA,gBACnB;AAAA;AAAA,YACF;AAAA,aACF;AAAA,UAGA,qBAAC,SAAI,WAAU,gBACb;AAAA,gCAAC,SAAM,WAAU,6EAA4E,0BAE7F;AAAA,YACA;AAAA,cAAC;AAAA;AAAA,gBACC,aAAY;AAAA,gBACZ,OAAO;AAAA,gBACP,UAAU,CAAC,MAAM,aAAc,EAAE,OAA4B,KAAK;AAAA,gBAClE,WAAU;AAAA;AAAA,YACZ;AAAA,aACF;AAAA,UAEC,SACC,oBAAC,SAAI,WAAU,sEACb,8BAAC,OAAE,WAAU,oDAAoD,iBAAM,GACzE;AAAA,WAEJ;AAAA,QAEA,qBAAC,gBACC;AAAA,8BAAC,eAAY,SAAO,MAClB,8BAAC,UAAO,SAAQ,SAAQ,MAAK,MAAK,oBAElC,GACF;AAAA,UACA;AAAA,YAAC;AAAA;AAAA,cACC,MAAK;AAAA,cACL,SAAS;AAAA,cACT,UAAU,CAAC,YAAY,KAAK,KAAK,CAAC,QAAQ,KAAK,KAAK;AAAA,cAEnD,mBAAS,iBAAY,SAAS,WAAW;AAAA;AAAA,UAC5C;AAAA,WACF;AAAA,SACF;AAAA;AAAA,EACF;AAEJ;AAMe,SAAR,sBAAuC;AAC5C,QAAM,CAAC,YAAY,aAAa,IAAI,SAAS,KAAK;AAClD,QAAM,eAAe,aAAa,qBAAqB;AACvD,QAAM,WAAW,WAAW,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAE5E,QAAM,eAAe,YAAY;AAC/B,UAAM,SAAS,EAAE,gBAAgB,qBAAqB,CAAC;AAAA,EACzD;AAEA,QAAM,SAAuD;AAAA,IAC3D;AAAA,IACA;AAAA,MACE,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,MACjB,WAAW,CAAC,EAAE,MAAM,MAAM;AAAA,IAC5B;AAAA,EACF;AACA,QAAM,YAAwB;AAAA,IAC5B;AAAA,IACA;AAAA,MACE,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,IACnB;AAAA,EACF;AACA,QAAM,UAAsB;AAAA,IAC1B;AAAA,IACA;AAAA,MACE,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,MACjB,WAAW,MAAM;AAAA,IACnB;AAAA,EACF;AAEA,SACE,iCACE;AAAA,yBAAC,kBACC;AAAA,0BAAC,yBACE,sBACC,oBAAC,6BAA0B,2BAAQ,IACjC,UACF,oBAAC,6BAA0B,WAAU,oBAAmB,0CAExD,IACE,SACF,qBAAC,SAAI,WAAU,yDACb;AAAA,4BAAC,UAAK,WAAU,4BAA2B,kBAAI;AAAA,QAC/C,oBAAC,UAAK,WAAU,yCACb,iBAAO,KAAK,SAAS,gBAAgB,OAAO,KAAK,cAAc,mBAClE;AAAA,QACA,oBAAC,UAAK,WAAU,4BAA2B,mBAAK;AAAA,QAChD,oBAAC,SAAI,WAAU,mCACb,8BAAC,UAAK,WAAU,+BAA+B,iBAAO,MAAK,GAC7D;AAAA,SACF,IAEA,oBAAC,6BAA0B,wDAE3B,GAEJ;AAAA,MACA,oBAAC,yBACE,mBACC,iCACE;AAAA;AAAA,UAAC;AAAA;AAAA,YACC,SAAQ;AAAA,YACR,MAAK;AAAA,YACL,WAAU;AAAA,YACV,SAAS,MAAM,cAAc,IAAI;AAAA,YAClC;AAAA;AAAA,QAED;AAAA,QACA;AAAA,UAAC;AAAA;AAAA,YACC,SAAQ;AAAA,YACR,MAAK;AAAA,YACL,WAAU;AAAA,YACV,SAAS;AAAA,YACV;AAAA;AAAA,QAED;AAAA,SACF,IAEA,CAAC,aACD,CAAC,WACC;AAAA,QAAC;AAAA;AAAA,UACC,SAAQ;AAAA,UACR,MAAK;AAAA,UACL,WAAU;AAAA,UACV,SAAS,MAAM,cAAc,IAAI;AAAA,UAClC;AAAA;AAAA,MAED,GAGN;AAAA,OACF;AAAA,IAEC,cACC;AAAA,MAAC;AAAA;AAAA,QACC,MAAM;AAAA,QACN,cAAc;AAAA,QACd,SACE,SACI;AAAA,UACE,UAAU,OAAO,KAAK;AAAA;AAAA;AAAA,UAGtB,aAAa,OAAO,KAAK,SAAS,gBAAgB,OAAO,KAAK,cAAc;AAAA,UAC5E,SAAS,OAAO;AAAA,UAChB,MAAM,OAAO;AAAA,QACf,IACA;AAAA;AAAA,IAER;AAAA,KAEJ;AAEJ;","names":[]}
|
package/dist/api/group.d.ts
CHANGED
|
@@ -2,41 +2,30 @@ import { HttpApiEndpoint, HttpApiGroup } from "effect/unstable/httpapi";
|
|
|
2
2
|
import { Schema } from "effect";
|
|
3
3
|
import { InternalError } from "@executor-js/sdk/shared";
|
|
4
4
|
import { OnePasswordError } from "../sdk/errors";
|
|
5
|
-
export declare const OnePasswordGroup: HttpApiGroup.HttpApiGroup<"onepassword", HttpApiEndpoint.HttpApiEndpoint<"getConfig", "GET", "/
|
|
6
|
-
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
7
|
-
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.NullOr<Schema.Struct<{
|
|
5
|
+
export declare const OnePasswordGroup: HttpApiGroup.HttpApiGroup<"onepassword", HttpApiEndpoint.HttpApiEndpoint<"getConfig", "GET", "/onepassword/config", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.NullOr<Schema.Struct<{
|
|
8
6
|
readonly auth: Schema.Union<readonly [Schema.Struct<{
|
|
9
7
|
readonly kind: Schema.Literal<"desktop-app">;
|
|
10
8
|
readonly accountName: Schema.String;
|
|
11
9
|
}>, Schema.Struct<{
|
|
12
10
|
readonly kind: Schema.Literal<"service-account">;
|
|
13
|
-
readonly tokenSecretId: Schema.String;
|
|
14
11
|
}>]>;
|
|
15
12
|
readonly vaultId: Schema.String;
|
|
16
13
|
readonly name: Schema.String;
|
|
17
|
-
}>>>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"configure", "PUT", "/
|
|
18
|
-
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
19
|
-
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
14
|
+
}>>>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"configure", "PUT", "/onepassword/config", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
20
15
|
readonly auth: Schema.Union<readonly [Schema.Struct<{
|
|
21
16
|
readonly kind: Schema.Literal<"desktop-app">;
|
|
22
17
|
readonly accountName: Schema.String;
|
|
23
18
|
}>, Schema.Struct<{
|
|
24
19
|
readonly kind: Schema.Literal<"service-account">;
|
|
25
|
-
readonly
|
|
20
|
+
readonly token: Schema.String;
|
|
26
21
|
}>]>;
|
|
27
22
|
readonly vaultId: Schema.String;
|
|
28
23
|
readonly name: Schema.String;
|
|
29
|
-
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Void>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"removeConfig", "DELETE", "/
|
|
30
|
-
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
31
|
-
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Void>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"status", "GET", "/scopes/:scopeId/onepassword/status", HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
32
|
-
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
33
|
-
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
24
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Void>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"removeConfig", "DELETE", "/onepassword/config", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Void>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"status", "GET", "/onepassword/status", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
34
25
|
readonly connected: Schema.Boolean;
|
|
35
26
|
readonly vaultName: Schema.optional<Schema.String>;
|
|
36
27
|
readonly error: Schema.optional<Schema.String>;
|
|
37
|
-
}>>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"listVaults", "GET", "/
|
|
38
|
-
scopeId: Schema.brand<Schema.String, "ScopeId">;
|
|
39
|
-
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
28
|
+
}>>, HttpApiEndpoint.Json<typeof InternalError | typeof OnePasswordError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"listVaults", "GET", "/onepassword/vaults", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
40
29
|
readonly authKind: Schema.Literals<readonly ["desktop-app", "service-account"]>;
|
|
41
30
|
readonly account: Schema.String;
|
|
42
31
|
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
package/dist/api/handlers.d.ts
CHANGED
|
@@ -1,28 +1,18 @@
|
|
|
1
1
|
import { Context, Effect } from "effect";
|
|
2
2
|
declare const OnePasswordExtensionService_base: Context.ServiceClass<OnePasswordExtensionService, "OnePasswordExtensionService", {
|
|
3
|
-
configure: (config: import("../promise").OnePasswordConfig
|
|
4
|
-
getConfig: () => Effect.Effect<
|
|
5
|
-
|
|
6
|
-
readonly auth: {
|
|
7
|
-
readonly kind: "desktop-app";
|
|
8
|
-
readonly accountName: string;
|
|
9
|
-
} | {
|
|
10
|
-
readonly kind: "service-account";
|
|
11
|
-
readonly tokenSecretId: string;
|
|
12
|
-
};
|
|
13
|
-
readonly vaultId: string;
|
|
14
|
-
} | null, import("@executor-js/sdk").StorageError | import("../promise").OnePasswordError, never>;
|
|
15
|
-
removeConfig: (targetScope: string) => Effect.Effect<void, import("@executor-js/sdk").StorageError, never>;
|
|
3
|
+
configure: (config: import("../promise").OnePasswordConfig) => Effect.Effect<void, import("@executor-js/sdk").StorageError, never>;
|
|
4
|
+
getConfig: () => Effect.Effect<import("../sdk").RedactedOnePasswordConfig | null, import("@executor-js/sdk").StorageError | import("../promise").OnePasswordError>;
|
|
5
|
+
removeConfig: () => Effect.Effect<void, import("@executor-js/sdk").StorageError, never>;
|
|
16
6
|
status: () => Effect.Effect<{
|
|
17
7
|
readonly connected: boolean;
|
|
18
8
|
readonly error?: string | undefined;
|
|
19
9
|
readonly vaultName?: string | undefined;
|
|
20
|
-
}, import("@executor-js/sdk").
|
|
10
|
+
}, import("@executor-js/sdk").StorageError | import("../promise").OnePasswordError, never>;
|
|
21
11
|
listVaults: (auth: import("../promise").OnePasswordAuth) => Effect.Effect<{
|
|
22
12
|
readonly id: string;
|
|
23
13
|
readonly name: string;
|
|
24
|
-
}[], import("
|
|
25
|
-
resolve: (uri: string) => Effect.Effect<string, import("@executor-js/sdk").
|
|
14
|
+
}[], import("../promise").OnePasswordError, never>;
|
|
15
|
+
resolve: (uri: string) => Effect.Effect<string, import("@executor-js/sdk").StorageError | import("../promise").OnePasswordError, never>;
|
|
26
16
|
}>;
|
|
27
17
|
export declare class OnePasswordExtensionService extends OnePasswordExtensionService_base {
|
|
28
18
|
}
|
package/dist/api/index.d.ts
CHANGED
|
@@ -3,64 +3,43 @@ import { OnePasswordExtensionService } from "./handlers";
|
|
|
3
3
|
export { OnePasswordGroup } from "./group";
|
|
4
4
|
export { OnePasswordHandlers, OnePasswordExtensionService } from "./handlers";
|
|
5
5
|
export declare const onepasswordHttpPlugin: import("@executor-js/sdk/core").ConfiguredPlugin<"onepassword", {
|
|
6
|
-
configure: (config: import("../promise").OnePasswordConfig
|
|
7
|
-
getConfig: () => import("effect/Effect").Effect<
|
|
8
|
-
|
|
9
|
-
readonly auth: {
|
|
10
|
-
readonly kind: "desktop-app";
|
|
11
|
-
readonly accountName: string;
|
|
12
|
-
} | {
|
|
13
|
-
readonly kind: "service-account";
|
|
14
|
-
readonly tokenSecretId: string;
|
|
15
|
-
};
|
|
16
|
-
readonly vaultId: string;
|
|
17
|
-
} | null, import("@executor-js/sdk/core").StorageError | import("../promise").OnePasswordError, never>;
|
|
18
|
-
removeConfig: (targetScope: string) => import("effect/Effect").Effect<void, import("@executor-js/sdk/core").StorageError, never>;
|
|
6
|
+
configure: (config: import("../promise").OnePasswordConfig) => import("effect/Effect").Effect<void, import("@executor-js/sdk/core").StorageError, never>;
|
|
7
|
+
getConfig: () => import("effect/Effect").Effect<import("../sdk").RedactedOnePasswordConfig | null, import("@executor-js/sdk/core").StorageError | import("../promise").OnePasswordError>;
|
|
8
|
+
removeConfig: () => import("effect/Effect").Effect<void, import("@executor-js/sdk/core").StorageError, never>;
|
|
19
9
|
status: () => import("effect/Effect").Effect<{
|
|
20
10
|
readonly connected: boolean;
|
|
21
11
|
readonly error?: string | undefined;
|
|
22
12
|
readonly vaultName?: string | undefined;
|
|
23
|
-
}, import("@executor-js/sdk/core").
|
|
13
|
+
}, import("@executor-js/sdk/core").StorageError | import("../promise").OnePasswordError, never>;
|
|
24
14
|
listVaults: (auth: import("../promise").OnePasswordAuth) => import("effect/Effect").Effect<{
|
|
25
15
|
readonly id: string;
|
|
26
16
|
readonly name: string;
|
|
27
|
-
}[], import("
|
|
28
|
-
resolve: (uri: string) => import("effect/Effect").Effect<string, import("@executor-js/sdk/core").
|
|
29
|
-
}, import("../sdk").OnePasswordStore, OnePasswordPluginOptions,
|
|
30
|
-
scopeId: import("effect/Schema").brand<import("effect/Schema").String, "ScopeId">;
|
|
31
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").NullOr<import("effect/Schema").Struct<{
|
|
17
|
+
}[], import("../promise").OnePasswordError, never>;
|
|
18
|
+
resolve: (uri: string) => import("effect/Effect").Effect<string, import("@executor-js/sdk/core").StorageError | import("../promise").OnePasswordError, never>;
|
|
19
|
+
}, import("../sdk").OnePasswordStore, OnePasswordPluginOptions, typeof OnePasswordExtensionService, import("effect/Layer").Layer<import("effect/unstable/httpapi/HttpApiGroup").ApiGroup<"executor", "onepassword">, never, import("effect/unstable/http/HttpRouter").Request<"Requires", OnePasswordExtensionService>>, import("effect/unstable/httpapi/HttpApiGroup").HttpApiGroup<"onepassword", import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"getConfig", "GET", "/onepassword/config", import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").NullOr<import("effect/Schema").Struct<{
|
|
32
20
|
readonly auth: import("effect/Schema").Union<readonly [import("effect/Schema").Struct<{
|
|
33
21
|
readonly kind: import("effect/Schema").Literal<"desktop-app">;
|
|
34
22
|
readonly accountName: import("effect/Schema").String;
|
|
35
23
|
}>, import("effect/Schema").Struct<{
|
|
36
24
|
readonly kind: import("effect/Schema").Literal<"service-account">;
|
|
37
|
-
readonly tokenSecretId: import("effect/Schema").String;
|
|
38
25
|
}>]>;
|
|
39
26
|
readonly vaultId: import("effect/Schema").String;
|
|
40
27
|
readonly name: import("effect/Schema").String;
|
|
41
|
-
}>>>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"configure", "PUT", "/
|
|
42
|
-
scopeId: import("effect/Schema").brand<import("effect/Schema").String, "ScopeId">;
|
|
43
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Struct<{
|
|
28
|
+
}>>>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"configure", "PUT", "/onepassword/config", import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Struct<{
|
|
44
29
|
readonly auth: import("effect/Schema").Union<readonly [import("effect/Schema").Struct<{
|
|
45
30
|
readonly kind: import("effect/Schema").Literal<"desktop-app">;
|
|
46
31
|
readonly accountName: import("effect/Schema").String;
|
|
47
32
|
}>, import("effect/Schema").Struct<{
|
|
48
33
|
readonly kind: import("effect/Schema").Literal<"service-account">;
|
|
49
|
-
readonly
|
|
34
|
+
readonly token: import("effect/Schema").String;
|
|
50
35
|
}>]>;
|
|
51
36
|
readonly vaultId: import("effect/Schema").String;
|
|
52
37
|
readonly name: import("effect/Schema").String;
|
|
53
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Void>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"removeConfig", "DELETE", "/
|
|
54
|
-
scopeId: import("effect/Schema").brand<import("effect/Schema").String, "ScopeId">;
|
|
55
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Void>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"status", "GET", "/scopes/:scopeId/onepassword/status", import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<import("effect/Schema").Struct<{
|
|
56
|
-
scopeId: import("effect/Schema").brand<import("effect/Schema").String, "ScopeId">;
|
|
57
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Struct<{
|
|
38
|
+
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Void>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"removeConfig", "DELETE", "/onepassword/config", import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Void>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"status", "GET", "/onepassword/status", import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Struct<{
|
|
58
39
|
readonly connected: import("effect/Schema").Boolean;
|
|
59
40
|
readonly vaultName: import("effect/Schema").optional<import("effect/Schema").String>;
|
|
60
41
|
readonly error: import("effect/Schema").optional<import("effect/Schema").String>;
|
|
61
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"listVaults", "GET", "/
|
|
62
|
-
scopeId: import("effect/Schema").brand<import("effect/Schema").String, "ScopeId">;
|
|
63
|
-
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<import("effect/Schema").Struct<{
|
|
42
|
+
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<typeof import("@executor-js/api").InternalError | typeof import("../promise").OnePasswordError>, never, never> | import("effect/unstable/httpapi/HttpApiEndpoint").HttpApiEndpoint<"listVaults", "GET", "/onepassword/vaults", import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<import("effect/Schema").Struct<{
|
|
64
43
|
readonly authKind: import("effect/Schema").Literals<readonly ["desktop-app", "service-account"]>;
|
|
65
44
|
readonly account: import("effect/Schema").String;
|
|
66
45
|
}>>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").StringTree<never>, import("effect/unstable/httpapi/HttpApiEndpoint").Json<import("effect/Schema").Struct<{
|
|
@@ -7,8 +7,11 @@ var DesktopAppAuth = Schema.Struct({
|
|
|
7
7
|
});
|
|
8
8
|
var ServiceAccountAuth = Schema.Struct({
|
|
9
9
|
kind: Schema.Literal("service-account"),
|
|
10
|
-
/** The service account token
|
|
11
|
-
|
|
10
|
+
/** The service account token. Persisted in the plugin's owner-partitioned
|
|
11
|
+
* config blob — never surfaced to agents (`getConfig` redacts it). v1 stored
|
|
12
|
+
* this behind a separate secret id; v2 has no secrets table, so the
|
|
13
|
+
* plugin-owned config row carries it directly. */
|
|
14
|
+
token: Schema.String
|
|
12
15
|
});
|
|
13
16
|
var OnePasswordAuth = Schema.Union([DesktopAppAuth, ServiceAccountAuth]);
|
|
14
17
|
var OnePasswordConfig = Schema.Struct({
|
|
@@ -18,6 +21,24 @@ var OnePasswordConfig = Schema.Struct({
|
|
|
18
21
|
/** Human label */
|
|
19
22
|
name: Schema.String
|
|
20
23
|
});
|
|
24
|
+
var RedactedDesktopAppAuth = DesktopAppAuth;
|
|
25
|
+
var RedactedServiceAccountAuth = Schema.Struct({
|
|
26
|
+
kind: Schema.Literal("service-account")
|
|
27
|
+
});
|
|
28
|
+
var RedactedOnePasswordAuth = Schema.Union([
|
|
29
|
+
RedactedDesktopAppAuth,
|
|
30
|
+
RedactedServiceAccountAuth
|
|
31
|
+
]);
|
|
32
|
+
var RedactedOnePasswordConfig = Schema.Struct({
|
|
33
|
+
auth: RedactedOnePasswordAuth,
|
|
34
|
+
vaultId: Schema.String,
|
|
35
|
+
name: Schema.String
|
|
36
|
+
});
|
|
37
|
+
var redactConfig = (config) => ({
|
|
38
|
+
auth: config.auth.kind === "desktop-app" ? { kind: "desktop-app", accountName: config.auth.accountName } : { kind: "service-account" },
|
|
39
|
+
vaultId: config.vaultId,
|
|
40
|
+
name: config.name
|
|
41
|
+
});
|
|
21
42
|
var Vault = Schema.Struct({
|
|
22
43
|
id: Schema.String,
|
|
23
44
|
name: Schema.String
|
|
@@ -45,8 +66,11 @@ export {
|
|
|
45
66
|
ServiceAccountAuth,
|
|
46
67
|
OnePasswordAuth,
|
|
47
68
|
OnePasswordConfig,
|
|
69
|
+
RedactedOnePasswordAuth,
|
|
70
|
+
RedactedOnePasswordConfig,
|
|
71
|
+
redactConfig,
|
|
48
72
|
Vault,
|
|
49
73
|
ConnectionStatus,
|
|
50
74
|
OnePasswordError
|
|
51
75
|
};
|
|
52
|
-
//# sourceMappingURL=chunk-
|
|
76
|
+
//# sourceMappingURL=chunk-OYHEG6OK.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/sdk/types.ts","../src/sdk/errors.ts"],"sourcesContent":["import { Schema } from \"effect\";\n\n// ---------------------------------------------------------------------------\n// Auth — how to talk to 1Password\n// ---------------------------------------------------------------------------\n\nexport const DesktopAppAuth = Schema.Struct({\n kind: Schema.Literal(\"desktop-app\"),\n /** 1Password account domain, e.g. \"my.1password.com\" */\n accountName: Schema.String,\n});\nexport type DesktopAppAuth = typeof DesktopAppAuth.Type;\n\nexport const ServiceAccountAuth = Schema.Struct({\n kind: Schema.Literal(\"service-account\"),\n /** The service account token. Persisted in the plugin's owner-partitioned\n * config blob — never surfaced to agents (`getConfig` redacts it). v1 stored\n * this behind a separate secret id; v2 has no secrets table, so the\n * plugin-owned config row carries it directly. */\n token: Schema.String,\n});\nexport type ServiceAccountAuth = typeof ServiceAccountAuth.Type;\n\nexport const OnePasswordAuth = Schema.Union([DesktopAppAuth, ServiceAccountAuth]);\nexport type OnePasswordAuth = typeof OnePasswordAuth.Type;\n\n// ---------------------------------------------------------------------------\n// Stored config — persisted via KV\n// ---------------------------------------------------------------------------\n\nexport const OnePasswordConfig = Schema.Struct({\n auth: OnePasswordAuth,\n /** Vault to scope operations to */\n vaultId: Schema.String,\n /** Human label */\n name: Schema.String,\n});\nexport type OnePasswordConfig = typeof OnePasswordConfig.Type;\n\n// ---------------------------------------------------------------------------\n// Redacted config — what `getConfig` returns to agents / the UI. The\n// service-account token is stripped; only the auth kind + account metadata is\n// surfaced.\n// ---------------------------------------------------------------------------\n\nexport const RedactedDesktopAppAuth = DesktopAppAuth;\n\nexport const RedactedServiceAccountAuth = Schema.Struct({\n kind: Schema.Literal(\"service-account\"),\n});\n\nexport const RedactedOnePasswordAuth = Schema.Union([\n RedactedDesktopAppAuth,\n RedactedServiceAccountAuth,\n]);\n\nexport const RedactedOnePasswordConfig = Schema.Struct({\n auth: RedactedOnePasswordAuth,\n vaultId: Schema.String,\n name: Schema.String,\n});\nexport type RedactedOnePasswordConfig = typeof RedactedOnePasswordConfig.Type;\n\n/** Strip the service-account token from a stored config for external exposure. */\nexport const redactConfig = (config: OnePasswordConfig): RedactedOnePasswordConfig => ({\n auth:\n config.auth.kind === \"desktop-app\"\n ? { kind: \"desktop-app\", accountName: config.auth.accountName }\n : { kind: \"service-account\" },\n vaultId: config.vaultId,\n name: config.name,\n});\n\n// ---------------------------------------------------------------------------\n// Vault\n// ---------------------------------------------------------------------------\n\nexport const Vault = Schema.Struct({\n id: Schema.String,\n name: Schema.String,\n});\nexport type Vault = typeof Vault.Type;\n\n// ---------------------------------------------------------------------------\n// Connection status\n// ---------------------------------------------------------------------------\n\nexport const ConnectionStatus = Schema.Struct({\n connected: Schema.Boolean,\n vaultName: Schema.optional(Schema.String),\n error: Schema.optional(Schema.String),\n});\nexport type ConnectionStatus = typeof ConnectionStatus.Type;\n","import { Schema } from \"effect\";\n\nexport class OnePasswordError extends Schema.TaggedErrorClass<OnePasswordError>()(\n \"OnePasswordError\",\n {\n operation: Schema.String,\n message: Schema.String,\n },\n { httpApiStatus: 502 },\n) {}\n"],"mappings":";AAAA,SAAS,cAAc;AAMhB,IAAM,iBAAiB,OAAO,OAAO;AAAA,EAC1C,MAAM,OAAO,QAAQ,aAAa;AAAA;AAAA,EAElC,aAAa,OAAO;AACtB,CAAC;AAGM,IAAM,qBAAqB,OAAO,OAAO;AAAA,EAC9C,MAAM,OAAO,QAAQ,iBAAiB;AAAA;AAAA;AAAA;AAAA;AAAA,EAKtC,OAAO,OAAO;AAChB,CAAC;AAGM,IAAM,kBAAkB,OAAO,MAAM,CAAC,gBAAgB,kBAAkB,CAAC;AAOzE,IAAM,oBAAoB,OAAO,OAAO;AAAA,EAC7C,MAAM;AAAA;AAAA,EAEN,SAAS,OAAO;AAAA;AAAA,EAEhB,MAAM,OAAO;AACf,CAAC;AASM,IAAM,yBAAyB;AAE/B,IAAM,6BAA6B,OAAO,OAAO;AAAA,EACtD,MAAM,OAAO,QAAQ,iBAAiB;AACxC,CAAC;AAEM,IAAM,0BAA0B,OAAO,MAAM;AAAA,EAClD;AAAA,EACA;AACF,CAAC;AAEM,IAAM,4BAA4B,OAAO,OAAO;AAAA,EACrD,MAAM;AAAA,EACN,SAAS,OAAO;AAAA,EAChB,MAAM,OAAO;AACf,CAAC;AAIM,IAAM,eAAe,CAAC,YAA0D;AAAA,EACrF,MACE,OAAO,KAAK,SAAS,gBACjB,EAAE,MAAM,eAAe,aAAa,OAAO,KAAK,YAAY,IAC5D,EAAE,MAAM,kBAAkB;AAAA,EAChC,SAAS,OAAO;AAAA,EAChB,MAAM,OAAO;AACf;AAMO,IAAM,QAAQ,OAAO,OAAO;AAAA,EACjC,IAAI,OAAO;AAAA,EACX,MAAM,OAAO;AACf,CAAC;AAOM,IAAM,mBAAmB,OAAO,OAAO;AAAA,EAC5C,WAAW,OAAO;AAAA,EAClB,WAAW,OAAO,SAAS,OAAO,MAAM;AAAA,EACxC,OAAO,OAAO,SAAS,OAAO,MAAM;AACtC,CAAC;;;AC3FD,SAAS,UAAAA,eAAc;AAEhB,IAAM,mBAAN,cAA+BA,QAAO,iBAAmC;AAAA,EAC9E;AAAA,EACA;AAAA,IACE,WAAWA,QAAO;AAAA,IAClB,SAASA,QAAO;AAAA,EAClB;AAAA,EACA,EAAE,eAAe,IAAI;AACvB,EAAE;AAAC;","names":["Schema"]}
|