@flamingo-stack/openframe-frontend-core 0.0.217 → 0.0.218

package/dist/index.js

@@ -35,6 +35,15 @@ import {
   AllowedDomainsInput,
   AppHeader,
   AppLayout,
+  AppLayoutDrawerBody,
+  AppLayoutDrawerClose,
+  AppLayoutDrawerContent,
+  AppLayoutDrawerDescription,
+  AppLayoutDrawerFooter,
+  AppLayoutDrawerHeader,
+  AppLayoutDrawerRoot,
+  AppLayoutDrawerTitle,
+  AppLayoutDrawerTrigger,
   ApprovalBatchMessage,
   ApprovalRequestMessage,
   ArgRow,
@@ -221,6 +230,7 @@ import {
   Header,
   HeaderButton,
   HeaderGlobalSearch,
+  HeaderMingoButton,
   HeaderOrganizationFilter,
   HeaderSkeleton,
   HiddenTagsPopup,
@@ -663,6 +673,7 @@ import {
   safeHref,
   sanitizeTitleForChat,
   scrollElementIntoView,
+  setEmbedAuthAdapter,
   setEmbedProxyAuth,
   shellLabels,
   shouldProxyImage,
@@ -679,6 +690,7 @@ import {
   transformWebinarToProgram,
   truncateString,
   urlPathLooksLikeSvg,
+  useAppLayoutDrawerContainer,
   useBoardCollapse,
   useChat,
   useChatAttachmentImageGallery,
@@ -713,7 +725,7 @@ import {
   validateEmailDomain,
   validateEmailDomainList,
   validatePhoneNumber
-} from "./chunk-ENBGG2K2.js";
+} from "./chunk-V5JY5RSY.js";
 import "./chunk-LXC6P2EO.js";
 import "./chunk-EL5YVPD5.js";
 import {
@@ -1043,6 +1055,15 @@ export {
   AllowedDomainsInput,
   AppHeader,
   AppLayout,
+  AppLayoutDrawerRoot as AppLayoutDrawer,
+  AppLayoutDrawerBody,
+  AppLayoutDrawerClose,
+  AppLayoutDrawerContent,
+  AppLayoutDrawerDescription,
+  AppLayoutDrawerFooter,
+  AppLayoutDrawerHeader,
+  AppLayoutDrawerTitle,
+  AppLayoutDrawerTrigger,
   ApprovalBatchMessage,
   ApprovalRequestMessage,
   ArchiveIcon,
@@ -1306,6 +1327,7 @@ export {
   Header,
   HeaderButton,
   HeaderGlobalSearch,
+  HeaderMingoButton,
   HeaderOrganizationFilter,
   HeaderSkeleton,
   HiddenTagsPopup,
@@ -1899,6 +1921,7 @@ export {
   sanitizeTitleForChat,
   scrollElementIntoView,
   setEmbedProxyAuth as setChatProxyAuth,
+  setEmbedAuthAdapter,
   setEmbedProxyAuth,
   setNestedValue,
   shellLabels,
@@ -1925,6 +1948,7 @@ export {
   urlPathLooksLikeSvg,
   useAccessCodeIntegration,
   useApiParams,
+  useAppLayoutDrawerContainer,
   useAuthenticatedImage,
   useAutoLimitTags,
   useBatchImages,

package/dist/utils/embed-authed-fetch.d.ts

@@ -1,3 +1,75 @@
+/**
+ * Hosts that have their own auth model (cookie sessions, app-specific
+ * JWT in localStorage, OAuth access tokens, …) can register an adapter
+ * to override the lib's default `embedProxyAuth` flow. When set, the
+ * adapter's `getHeaders()` result is merged onto every `embedAuthedFetch`
+ * call AFTER the default proxy-auth header step (so adapter headers
+ * win over both caller and proxy values), and `credentials` overrides
+ * the default `'same-origin'` behaviour.
+ *
+ * Default (no adapter): MPH-style proxy-impersonation — bearer + act-as
+ * read from localStorage, `credentials: 'same-origin'`. No consumer
+ * needs to touch this unless they want a different auth model.
+ *
+ * Use cases:
+ *   - openframe-frontend has its own JWT in `localStorage.of_access_token`
+ *     and cookie-based session; register an adapter to attach the JWT
+ *     and request `credentials: 'include'` so cookies travel cross-origin
+ *     to the openframe gateway.
+ *   - Future embed hosts with OAuth access tokens, signed URLs, etc.
+ *
+ * Lifetime: setter is module-level (intentionally — `embedAuthedFetch`
+ * is a plain utility, not a hook, so it can't read React context). Host
+ * runtime providers should call `setEmbedAuthAdapter(...)` on mount and
+ * `setEmbedAuthAdapter(null)` on unmount. Multiple hosts registering at
+ * once is a programming error (one chat panel per app).
+ */
+export interface EmbedAuthAdapter {
+    /** Headers merged onto every embedded-fetch call. Return `{}` to add
+     *  nothing. Called per-request so reactive token refresh sees the latest
+     *  value from your auth store / storage. Values typed as
+     *  `string | undefined` so the common narrowed shape
+     *  `{ Authorization: token ? 'Bearer …' : undefined }` (or a conditional
+     *  `token ? { Authorization: … } : {}`) assigns cleanly — `undefined`
+     *  values are filtered before being merged into the request headers. */
+    getHeaders?: () => Record<string, string | undefined>;
+    /** `RequestInit.credentials` mode. Default when no adapter: callers'
+     *  `init.credentials` or `'same-origin'`. Use `'include'` for cookie
+     *  auth against a different origin (CORS + `SameSite=None` required). */
+    credentials?: RequestCredentials;
+    /**
+     * Optional 401 self-heal. When a request comes back `401`,
+     * `embedAuthedFetch` calls this once, and — if it resolves `true` —
+     * retries the SAME request exactly once with freshly-recomputed
+     * headers (so a rotated bearer from `getHeaders()` is picked up).
+     * Resolve `false` to surface the 401 to the caller unchanged.
+     *
+     * This is the capability the openframe `apiClient` has had all along
+     * (refresh-the-access-token-then-retry); registering it here gives the
+     * embedded chat/ticket surfaces the same self-healing auth instead of
+     * dying on an expired token. Concurrent 401s are de-duplicated by the
+     * wrapper, so this fires at most once per refresh cycle even when a
+     * stampede of chat requests all expire together — your implementation
+     * does NOT need its own in-flight guard (though a token-refresh manager
+     * that already dedups is harmless).
+     *
+     * Keep it idempotent and side-effect-light: on failure the wrapper just
+     * returns the original 401 — logout/redirect decisions belong to the
+     * host's own auth layer, not to this fetch wrapper.
+     */
+    refresh?: () => Promise<boolean>;
+}
+/**
+ * Register a host-owned auth adapter for `embedAuthedFetch`. Pass `null`
+ * to clear (typically on provider unmount).
+ *
+ * Module-level state — there is one chat panel per app, so a single
+ * registration is sufficient. Calling this twice with different non-null
+ * adapters replaces the previous one (the most recent registration wins);
+ * a `console.warn` flags the overwrite so duplicate-provider mounts get
+ * caught in dev.
+ */
+export declare function setEmbedAuthAdapter(adapter: EmbedAuthAdapter | null): void;
 /**
  * `fetch` wrapper that attaches embed-proxy bearer headers (when
  * present in sessionStorage) and forces `credentials: 'same-origin'`
@@ -16,6 +88,14 @@
  * the current window's origin; cross-origin URLs throw before the bearer
  * leaves the page. This is a defense-in-depth guard for future call sites
  * — there is no legitimate cross-origin use of this fetch wrapper.
+ *
+ * **401 self-heal:** when a registered adapter supplies `refresh`, a `401`
+ * response triggers a single token refresh + retry of the same request
+ * (see `EmbedAuthAdapter.refresh`). This is the openframe `apiClient`'s
+ * refresh-then-retry behaviour, lifted into the lib so embedded surfaces
+ * no longer need a host-side `window.fetch` monkey-patch to survive an
+ * expired access token mid-chat. With no adapter (or no `refresh`), the
+ * 401 passes straight through unchanged.
  */
 export declare function embedAuthedFetch(url: string, init?: RequestInit): Promise<Response>;
 //# sourceMappingURL=embed-authed-fetch.d.ts.map

package/dist/utils/embed-authed-fetch.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"embed-authed-fetch.d.ts","sourceRoot":"","sources":["../../src/utils/embed-authed-fetch.ts"],"names":[],"mappings":"AAwBA;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,QAAQ,CAAC,CAoCvF"}
+{"version":3,"file":"embed-authed-fetch.d.ts","sourceRoot":"","sources":["../../src/utils/embed-authed-fetch.ts"],"names":[],"mappings":"AA4BA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;;;4EAMwE;IACxE,UAAU,CAAC,EAAE,MAAM,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAA;IACrD;;6EAEyE;IACzE,WAAW,CAAC,EAAE,kBAAkB,CAAA;IAChC;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAA;CACjC;AA0BD;;;;;;;;;GASG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,gBAAgB,GAAG,IAAI,GAAG,IAAI,CAS1E;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,QAAQ,CAAC,CAkCvF"}

package/dist/utils/index.cjs

@@ -2599,6 +2599,23 @@ function applyProxyAuth(url, baseHeaders = { "Content-Type": "application/json"
 }
 
 // src/utils/embed-authed-fetch.ts
+var ADAPTER_GLOBAL_KEY = "__embedAuthedFetchAdapter__";
+function getRegisteredAuthAdapter() {
+  if (typeof globalThis === "undefined") return null;
+  return globalThis[ADAPTER_GLOBAL_KEY] ?? null;
+}
+function storeRegisteredAuthAdapter(adapter2) {
+  if (typeof globalThis === "undefined") return;
+  globalThis[ADAPTER_GLOBAL_KEY] = adapter2;
+}
+function setEmbedAuthAdapter(adapter2) {
+  if (adapter2 && getRegisteredAuthAdapter() && process.env.NODE_ENV !== "production") {
+    console.warn(
+      "[setEmbedAuthAdapter] overwriting a previously-registered auth adapter. Two chat-runtime providers should not coexist \u2014 verify mount order and pass `null` from the unmounting provider."
+    );
+  }
+  storeRegisteredAuthAdapter(adapter2);
+}
 function embedAuthedFetch(url, init = {}) {
   assertSameOrigin(url);
   let baseHeaders;
@@ -2616,14 +2633,55 @@ function embedAuthedFetch(url, init = {}) {
       Object.assign(baseHeaders, init.headers);
     }
   }
-  const { url: authedUrl, headers } = applyProxyAuth(url, baseHeaders);
-  return fetch(authedUrl, {
+  return fetchWithRefresh(url, init, baseHeaders, false);
+}
+var IN_FLIGHT_REFRESH_GLOBAL_KEY = "__embedAuthedFetchInFlightRefresh__";
+function getInFlightRefresh() {
+  if (typeof globalThis === "undefined") return null;
+  return globalThis[IN_FLIGHT_REFRESH_GLOBAL_KEY] ?? null;
+}
+function setInFlightRefresh(refresh) {
+  if (typeof globalThis === "undefined") return;
+  globalThis[IN_FLIGHT_REFRESH_GLOBAL_KEY] = refresh;
+}
+function dedupedRefresh() {
+  const adapter2 = getRegisteredAuthAdapter();
+  if (!adapter2?.refresh) return Promise.resolve(false);
+  let inFlightRefresh = getInFlightRefresh();
+  if (!inFlightRefresh) {
+    inFlightRefresh = Promise.resolve().then(() => adapter2.refresh()).catch(() => false).finally(() => {
+      setInFlightRefresh(null);
+    });
+    setInFlightRefresh(inFlightRefresh);
+  }
+  return inFlightRefresh;
+}
+async function fetchWithRefresh(url, init, baseHeaders, isRetry) {
+  const { url: authedUrl, headers } = applyProxyAuth(url, { ...baseHeaders });
+  const adapter2 = getRegisteredAuthAdapter();
+  if (adapter2?.getHeaders) {
+    for (const [k, v] of Object.entries(adapter2.getHeaders())) {
+      if (v !== void 0) headers[k] = v;
+    }
+  }
+  const credentials = adapter2?.credentials ?? init.credentials ?? "same-origin";
+  const response = await fetch(authedUrl, {
     ...init,
     headers,
-    // Always include Supabase auth cookies. `applyProxyAuth` handles
-    // the bearer header layer; cookies are the session-tier carrier.
-    credentials: init.credentials ?? "same-origin"
+    // Default `same-origin` carries Supabase cookies for the MPH proxy-
+    // auth model. Hosts on different origins (openframe-frontend ↔
+    // openframe gateway) register `credentials: 'include'` via the
+    // adapter to make their own cookies travel cross-origin (CORS +
+    // `SameSite=None` must be configured server-side for that to work).
+    credentials
   });
+  if (response.status === 401 && !isRetry && adapter2?.refresh) {
+    const refreshed = await dedupedRefresh();
+    if (refreshed) {
+      return fetchWithRefresh(url, init, baseHeaders, true);
+    }
+  }
+  return response;
 }
 function assertSameOrigin(url) {
   if (typeof window === "undefined") return;
@@ -2641,6 +2699,12 @@ function assertSameOrigin(url) {
     );
   }
   if (target.origin !== pageOrigin) {
+    if (process.env.NODE_ENV !== "production") {
+      console.warn(
+        `[embedAuthedFetch] cross-origin fetch to ${target.origin} allowed in dev (NODE_ENV !== 'production'). Production builds will reject this \u2014 wire a same-origin proxy before shipping.`
+      );
+      return;
+    }
     throw new Error(
       `embedAuthedFetch: refusing cross-origin fetch to ${target.origin} \u2014 pass a relative /api/* path instead`
     );
@@ -3291,6 +3355,7 @@ exports.platformSlogans = platformSlogans;
 exports.readLeadingDecisionFrame = readLeadingDecisionFrame;
 exports.sanitizeTitleForChat = sanitizeTitleForChat;
 exports.scrollElementIntoView = scrollElementIntoView;
+exports.setEmbedAuthAdapter = setEmbedAuthAdapter;
 exports.setEmbedProxyAuth = setEmbedProxyAuth;
 exports.shouldProxyImage = shouldProxyImage;
 exports.stripChatAttachmentMarkdown = stripChatAttachmentMarkdown;