@glubean/auth 0.1.2

package/dist/api_key.d.ts

@@ -0,0 +1,11 @@
+import type { ConfigureHttpOptions } from "@glubean/sdk";
+/**
+ * API Key authentication — header or query param.
+ *
+ * @param prefixUrlVar - Var key for the base URL
+ * @param headerOrParam - Header name or query param name
+ * @param secretKey - Secret key for the API key value
+ * @param location - "header" (default) or "query"
+ */
+export declare function apiKey(prefixUrlVar: string, headerOrParam: string, secretKey: string, location?: "header" | "query"): ConfigureHttpOptions;
+//# sourceMappingURL=api_key.d.ts.map

package/dist/api_key.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api_key.d.ts","sourceRoot":"","sources":["../src/api_key.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEzD;;;;;;;GAOG;AACH,wBAAgB,MAAM,CACpB,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,EACjB,QAAQ,GAAE,QAAQ,GAAG,OAAkB,GACtC,oBAAoB,CAiCtB"}

package/dist/api_key.js

@@ -0,0 +1,42 @@
+/**
+ * API Key authentication — header or query param.
+ *
+ * @param prefixUrlVar - Var key for the base URL
+ * @param headerOrParam - Header name or query param name
+ * @param secretKey - Secret key for the API key value
+ * @param location - "header" (default) or "query"
+ */
+export function apiKey(prefixUrlVar, headerOrParam, secretKey, location = "header") {
+    if (location === "query") {
+        const MARKER = "X-Glubean-ApiKey-Query";
+        return {
+            prefixUrl: prefixUrlVar,
+            headers: { [MARKER]: `{{${secretKey}}}` },
+            hooks: {
+                beforeRequest: [
+                    (request) => {
+                        const keyValue = request.headers.get(MARKER);
+                        if (!keyValue)
+                            return request;
+                        const url = new URL(request.url);
+                        url.searchParams.set(headerOrParam, keyValue);
+                        const headers = new Headers(request.headers);
+                        headers.delete(MARKER);
+                        return new Request(url.toString(), {
+                            method: request.method,
+                            headers,
+                            body: request.body,
+                            redirect: request.redirect,
+                            signal: request.signal,
+                        });
+                    },
+                ],
+            },
+        };
+    }
+    return {
+        prefixUrl: prefixUrlVar,
+        headers: { [headerOrParam]: `{{${secretKey}}}` },
+    };
+}
+//# sourceMappingURL=api_key.js.map

package/dist/api_key.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api_key.js","sourceRoot":"","sources":["../src/api_key.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM,CACpB,YAAoB,EACpB,aAAqB,EACrB,SAAiB,EACjB,WAA+B,QAAQ;IAEvC,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,wBAAwB,CAAC;QACxC,OAAO;YACL,SAAS,EAAE,YAAY;YACvB,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,EAAE,KAAK,SAAS,IAAI,EAAE;YACzC,KAAK,EAAE;gBACL,aAAa,EAAE;oBACb,CAAC,OAAgB,EAAW,EAAE;wBAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;wBAC7C,IAAI,CAAC,QAAQ;4BAAE,OAAO,OAAO,CAAC;wBAE9B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;wBACjC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;wBAC9C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;wBAC7C,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;wBACvB,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;4BACjC,MAAM,EAAE,OAAO,CAAC,MAAM;4BACtB,OAAO;4BACP,IAAI,EAAE,OAAO,CAAC,IAAI;4BAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;yBACvB,CAAC,CAAC;oBACL,CAAC;iBACF;aACF;SACF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,SAAS,EAAE,YAAY;QACvB,OAAO,EAAE,EAAE,CAAC,aAAa,CAAC,EAAE,KAAK,SAAS,IAAI,EAAE;KACjD,CAAC;AACJ,CAAC"}

package/dist/basic.d.ts

@@ -0,0 +1,13 @@
+import type { ConfigureHttpOptions } from "@glubean/sdk";
+/**
+ * HTTP Basic authentication.
+ *
+ * Uses a beforeRequest hook to compute `Authorization: Basic base64(user:pass)`
+ * from resolved secret values.
+ *
+ * @param prefixUrlVar - Var key for the base URL
+ * @param usernameSecret - Secret key for the username
+ * @param passwordSecret - Secret key for the password
+ */
+export declare function basicAuth(prefixUrlVar: string, usernameSecret: string, passwordSecret: string): ConfigureHttpOptions;
+//# sourceMappingURL=basic.d.ts.map

package/dist/basic.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"basic.d.ts","sourceRoot":"","sources":["../src/basic.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAIzD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CACvB,YAAY,EAAE,MAAM,EACpB,cAAc,EAAE,MAAM,EACtB,cAAc,EAAE,MAAM,GACrB,oBAAoB,CA2BtB"}

package/dist/basic.js

@@ -0,0 +1,40 @@
+const MARKER = "X-Glubean-Basic-Auth";
+/**
+ * HTTP Basic authentication.
+ *
+ * Uses a beforeRequest hook to compute `Authorization: Basic base64(user:pass)`
+ * from resolved secret values.
+ *
+ * @param prefixUrlVar - Var key for the base URL
+ * @param usernameSecret - Secret key for the username
+ * @param passwordSecret - Secret key for the password
+ */
+export function basicAuth(prefixUrlVar, usernameSecret, passwordSecret) {
+    return {
+        prefixUrl: prefixUrlVar,
+        headers: {
+            [MARKER]: `{{${usernameSecret}}}:{{${passwordSecret}}}`,
+        },
+        hooks: {
+            beforeRequest: [
+                (request) => {
+                    const credentials = request.headers.get(MARKER);
+                    if (!credentials)
+                        return request;
+                    const encoded = Buffer.from(credentials).toString("base64");
+                    const headers = new Headers(request.headers);
+                    headers.delete(MARKER);
+                    headers.set("Authorization", `Basic ${encoded}`);
+                    return new Request(request.url, {
+                        method: request.method,
+                        headers,
+                        body: request.body,
+                        redirect: request.redirect,
+                        signal: request.signal,
+                    });
+                },
+            ],
+        },
+    };
+}
+//# sourceMappingURL=basic.js.map

package/dist/basic.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"basic.js","sourceRoot":"","sources":["../src/basic.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,GAAG,sBAAsB,CAAC;AAEtC;;;;;;;;;GASG;AACH,MAAM,UAAU,SAAS,CACvB,YAAoB,EACpB,cAAsB,EACtB,cAAsB;IAEtB,OAAO;QACL,SAAS,EAAE,YAAY;QACvB,OAAO,EAAE;YACP,CAAC,MAAM,CAAC,EAAE,KAAK,cAAc,QAAQ,cAAc,IAAI;SACxD;QACD,KAAK,EAAE;YACL,aAAa,EAAE;gBACb,CAAC,OAAgB,EAAW,EAAE;oBAC5B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBAChD,IAAI,CAAC,WAAW;wBAAE,OAAO,OAAO,CAAC;oBAEjC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;oBAC5D,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;oBAC7C,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBACvB,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,OAAO,EAAE,CAAC,CAAC;oBACjD,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;wBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,OAAO;wBACP,IAAI,EAAE,OAAO,CAAC,IAAI;wBAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;qBACvB,CAAC,CAAC;gBACL,CAAC;aACF;SACF;KACF,CAAC;AACJ,CAAC"}

package/dist/bearer.d.ts

@@ -0,0 +1,9 @@
+import type { ConfigureHttpOptions } from "@glubean/sdk";
+/**
+ * Bearer token authentication.
+ *
+ * @param prefixUrlVar - Var key for the base URL
+ * @param tokenSecret - Secret key for the bearer token
+ */
+export declare function bearer(prefixUrlVar: string, tokenSecret: string): ConfigureHttpOptions;
+//# sourceMappingURL=bearer.d.ts.map

package/dist/bearer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bearer.d.ts","sourceRoot":"","sources":["../src/bearer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEzD;;;;;GAKG;AACH,wBAAgB,MAAM,CACpB,YAAY,EAAE,MAAM,EACpB,WAAW,EAAE,MAAM,GAClB,oBAAoB,CAOtB"}

package/dist/bearer.js

@@ -0,0 +1,15 @@
+/**
+ * Bearer token authentication.
+ *
+ * @param prefixUrlVar - Var key for the base URL
+ * @param tokenSecret - Secret key for the bearer token
+ */
+export function bearer(prefixUrlVar, tokenSecret) {
+    return {
+        prefixUrl: prefixUrlVar,
+        headers: {
+            Authorization: `Bearer {{${tokenSecret}}}`,
+        },
+    };
+}
+//# sourceMappingURL=bearer.js.map

package/dist/bearer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bearer.js","sourceRoot":"","sources":["../src/bearer.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,MAAM,UAAU,MAAM,CACpB,YAAoB,EACpB,WAAmB;IAEnB,OAAO;QACL,SAAS,EAAE,YAAY;QACvB,OAAO,EAAE;YACP,aAAa,EAAE,YAAY,WAAW,IAAI;SAC3C;KACF,CAAC;AACJ,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,8 @@
+export { bearer } from "./bearer.js";
+export { basicAuth } from "./basic.js";
+export { apiKey } from "./api_key.js";
+export { oauth2 } from "./oauth2.js";
+export type { OAuth2ClientCredentialsOptions, OAuth2RefreshTokenOptions } from "./oauth2.js";
+export { withLogin } from "./with_login.js";
+export type { WithLoginOptions } from "./with_login.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,YAAY,EAAE,8BAA8B,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAC7F,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,YAAY,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/index.js

@@ -0,0 +1,6 @@
+export { bearer } from "./bearer.js";
+export { basicAuth } from "./basic.js";
+export { apiKey } from "./api_key.js";
+export { oauth2 } from "./oauth2.js";
+export { withLogin } from "./with_login.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/oauth2.d.ts

@@ -0,0 +1,23 @@
+import type { ConfigureHttpOptions } from "@glubean/sdk";
+export interface OAuth2ClientCredentialsOptions {
+    prefixUrl: string;
+    tokenUrl: string;
+    clientId: string;
+    clientSecret: string;
+    scope?: string;
+}
+export interface OAuth2RefreshTokenOptions {
+    prefixUrl: string;
+    tokenUrl: string;
+    refreshToken: string;
+    clientId: string;
+    clientSecret?: string;
+}
+declare function clientCredentials(opts: OAuth2ClientCredentialsOptions): ConfigureHttpOptions;
+declare function refreshToken(opts: OAuth2RefreshTokenOptions): ConfigureHttpOptions;
+export declare const oauth2: {
+    clientCredentials: typeof clientCredentials;
+    refreshToken: typeof refreshToken;
+};
+export {};
+//# sourceMappingURL=oauth2.d.ts.map

package/dist/oauth2.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth2.d.ts","sourceRoot":"","sources":["../src/oauth2.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAsB,MAAM,cAAc,CAAC;AAI7E,MAAM,WAAW,8BAA8B;IAC7C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,yBAAyB;IACxC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AA6BD,iBAAS,iBAAiB,CAAC,IAAI,EAAE,8BAA8B,GAAG,oBAAoB,CA+CrF;AAID,iBAAS,YAAY,CAAC,IAAI,EAAE,yBAAyB,GAAG,oBAAoB,CAuD3E;AAID,eAAO,MAAM,MAAM;;;CAAsC,CAAC"}

package/dist/oauth2.js

@@ -0,0 +1,122 @@
+// ── Helpers ──────────────────────────────────────────────────────────────────
+const TOKEN_URL_H = "X-Glubean-OAuth2-TokenUrl";
+const CLIENT_ID_H = "X-Glubean-OAuth2-ClientId";
+const CLIENT_SECRET_H = "X-Glubean-OAuth2-ClientSecret";
+const REFRESH_TOKEN_H = "X-Glubean-OAuth2-RefreshToken";
+function rebuildRequest(request, headers) {
+    return new Request(request.url, {
+        method: request.method,
+        headers,
+        body: request.body,
+        redirect: request.redirect,
+        signal: request.signal,
+    });
+}
+function cleanMarkers(request, ...names) {
+    const h = new Headers(request.headers);
+    for (const n of names)
+        h.delete(n);
+    return h;
+}
+function clientCredentials(opts) {
+    let cached = null;
+    return {
+        prefixUrl: opts.prefixUrl,
+        headers: {
+            [TOKEN_URL_H]: `{{${opts.tokenUrl}}}`,
+            [CLIENT_ID_H]: `{{${opts.clientId}}}`,
+            [CLIENT_SECRET_H]: `{{${opts.clientSecret}}}`,
+        },
+        hooks: {
+            beforeRequest: [
+                async (request) => {
+                    const markers = [TOKEN_URL_H, CLIENT_ID_H, CLIENT_SECRET_H];
+                    if (cached && cached.expiresAt > Date.now() + 30_000) {
+                        const h = cleanMarkers(request, ...markers);
+                        h.set("Authorization", `Bearer ${cached.accessToken}`);
+                        return rebuildRequest(request, h);
+                    }
+                    const body = new URLSearchParams({
+                        grant_type: "client_credentials",
+                        client_id: request.headers.get(CLIENT_ID_H) ?? "",
+                        client_secret: request.headers.get(CLIENT_SECRET_H) ?? "",
+                    });
+                    if (opts.scope)
+                        body.set("scope", opts.scope);
+                    const res = await fetch(request.headers.get(TOKEN_URL_H) ?? opts.tokenUrl, {
+                        method: "POST",
+                        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+                        body,
+                    });
+                    if (!res.ok) {
+                        throw new Error(`OAuth2 client_credentials failed (${res.status}): ${await res.text()}`);
+                    }
+                    const data = (await res.json());
+                    cached = { accessToken: data.access_token, expiresAt: Date.now() + (data.expires_in ?? 3600) * 1000 };
+                    const h = cleanMarkers(request, ...markers);
+                    h.set("Authorization", `Bearer ${cached.accessToken}`);
+                    return rebuildRequest(request, h);
+                },
+            ],
+        },
+    };
+}
+// ── Refresh Token ───────────────────────────────────────────────────────────
+function refreshToken(opts) {
+    let accessToken = null;
+    const headers = {
+        [TOKEN_URL_H]: `{{${opts.tokenUrl}}}`,
+        [REFRESH_TOKEN_H]: `{{${opts.refreshToken}}}`,
+        [CLIENT_ID_H]: `{{${opts.clientId}}}`,
+    };
+    if (opts.clientSecret)
+        headers[CLIENT_SECRET_H] = `{{${opts.clientSecret}}}`;
+    const allMarkers = [TOKEN_URL_H, REFRESH_TOKEN_H, CLIENT_ID_H, CLIENT_SECRET_H];
+    async function fetchToken(request) {
+        const body = new URLSearchParams({
+            grant_type: "refresh_token",
+            refresh_token: request.headers.get(REFRESH_TOKEN_H) ?? "",
+            client_id: request.headers.get(CLIENT_ID_H) ?? "",
+        });
+        const secret = request.headers.get(CLIENT_SECRET_H);
+        if (secret)
+            body.set("client_secret", secret);
+        const res = await fetch(request.headers.get(TOKEN_URL_H) ?? opts.tokenUrl, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body,
+        });
+        if (!res.ok) {
+            throw new Error(`OAuth2 refresh_token failed (${res.status}): ${await res.text()}`);
+        }
+        return (await res.json()).access_token;
+    }
+    return {
+        prefixUrl: opts.prefixUrl,
+        headers,
+        hooks: {
+            beforeRequest: [
+                async (request) => {
+                    if (!accessToken)
+                        accessToken = await fetchToken(request);
+                    const h = cleanMarkers(request, ...allMarkers);
+                    h.set("Authorization", `Bearer ${accessToken}`);
+                    return rebuildRequest(request, h);
+                },
+            ],
+            afterResponse: [
+                async (request, _options, response) => {
+                    if (response.status !== 401)
+                        return;
+                    accessToken = await fetchToken(request);
+                    const h = cleanMarkers(request, ...allMarkers);
+                    h.set("Authorization", `Bearer ${accessToken}`);
+                    return fetch(request.url, { method: request.method, headers: h, body: request.body, redirect: request.redirect, signal: request.signal });
+                },
+            ],
+        },
+    };
+}
+// ── Public API ───────────────────────────────────────────────────────────────
+export const oauth2 = { clientCredentials, refreshToken };
+//# sourceMappingURL=oauth2.js.map

package/dist/oauth2.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth2.js","sourceRoot":"","sources":["../src/oauth2.ts"],"names":[],"mappings":"AAoBA,gFAAgF;AAEhF,MAAM,WAAW,GAAG,2BAA2B,CAAC;AAChD,MAAM,WAAW,GAAG,2BAA2B,CAAC;AAChD,MAAM,eAAe,GAAG,+BAA+B,CAAC;AACxD,MAAM,eAAe,GAAG,+BAA+B,CAAC;AAExD,SAAS,cAAc,CAAC,OAAgB,EAAE,OAAgB;IACxD,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;QAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO;QACP,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;KACvB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY,CAAC,OAAgB,EAAE,GAAG,KAAe;IACxD,MAAM,CAAC,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACnC,OAAO,CAAC,CAAC;AACX,CAAC;AAMD,SAAS,iBAAiB,CAAC,IAAoC;IAC7D,IAAI,MAAM,GAAuB,IAAI,CAAC;IAEtC,OAAO;QACL,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,OAAO,EAAE;YACP,CAAC,WAAW,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,IAAI;YACrC,CAAC,WAAW,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,IAAI;YACrC,CAAC,eAAe,CAAC,EAAE,KAAK,IAAI,CAAC,YAAY,IAAI;SAC9C;QACD,KAAK,EAAE;YACL,aAAa,EAAE;gBACb,KAAK,EAAE,OAAgB,EAAoB,EAAE;oBAC3C,MAAM,OAAO,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,eAAe,CAAU,CAAC;oBAErE,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,EAAE,CAAC;wBACrD,MAAM,CAAC,GAAG,YAAY,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,CAAC;wBAC5C,CAAC,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;wBACvD,OAAO,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;oBACpC,CAAC;oBAED,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;wBAC/B,UAAU,EAAE,oBAAoB;wBAChC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE;wBACjD,aAAa,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;qBAC1D,CAAC,CAAC;oBACH,IAAI,IAAI,CAAC,KAAK;wBAAE,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;oBAE9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE;wBACzE,MAAM,EAAE,MAAM;wBACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;wBAChE,IAAI;qBACL,CAAC,CAAC;oBACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;wBACZ,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,CAAC,MAAM,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC3F,CAAC;oBAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAkD,CAAC;oBACjF,MAAM,GAAG,EAAE,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC;oBAEtG,MAAM,CAAC,GAAG,YAAY,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,CAAC;oBAC5C,CAAC,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;oBACvD,OAAO,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBACpC,CAAC;aACF;SACF;KACF,CAAC;AACJ,CAAC;AAED,+EAA+E;AAE/E,SAAS,YAAY,CAAC,IAA+B;IACnD,IAAI,WAAW,GAAkB,IAAI,CAAC;IAEtC,MAAM,OAAO,GAA2B;QACtC,CAAC,WAAW,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,IAAI;QACrC,CAAC,eAAe,CAAC,EAAE,KAAK,IAAI,CAAC,YAAY,IAAI;QAC7C,CAAC,WAAW,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,IAAI;KACtC,CAAC;IACF,IAAI,IAAI,CAAC,YAAY;QAAE,OAAO,CAAC,eAAe,CAAC,GAAG,KAAK,IAAI,CAAC,YAAY,IAAI,CAAC;IAE7E,MAAM,UAAU,GAAG,CAAC,WAAW,EAAE,eAAe,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC;IAEhF,KAAK,UAAU,UAAU,CAAC,OAAgB;QACxC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAC/B,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;YACzD,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE;SAClD,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACpD,IAAI,MAAM;YAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAE9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE;YACzE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI;SACL,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,CAAC,MAAM,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,OAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA8B,CAAC,YAAY,CAAC;IACvE,CAAC;IAED,OAAO;QACL,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,OAAO;QACP,KAAK,EAAE;YACL,aAAa,EAAE;gBACb,KAAK,EAAE,OAAgB,EAAoB,EAAE;oBAC3C,IAAI,CAAC,WAAW;wBAAE,WAAW,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;oBAC1D,MAAM,CAAC,GAAG,YAAY,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,CAAC;oBAC/C,CAAC,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,EAAE,CAAC,CAAC;oBAChD,OAAO,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBACpC,CAAC;aACF;YACD,aAAa,EAAE;gBACb,KAAK,EAAE,OAAgB,EAAE,QAA4B,EAAE,QAAkB,EAA4B,EAAE;oBACrG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG;wBAAE,OAAO;oBACpC,WAAW,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;oBACxC,MAAM,CAAC,GAAG,YAAY,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,CAAC;oBAC/C,CAAC,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,EAAE,CAAC,CAAC;oBAChD,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC5I,CAAC;aACF;SACF;KACF,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,MAAM,MAAM,GAAG,EAAE,iBAAiB,EAAE,YAAY,EAAE,CAAC"}

package/dist/with_login.d.ts

@@ -0,0 +1,17 @@
+import type { HttpClient, TestBuilder } from "@glubean/sdk";
+export interface WithLoginOptions {
+    endpoint: string;
+    credentials: Record<string, string>;
+    extractToken: (body: any) => string;
+    headerName?: string;
+    headerPrefix?: string;
+}
+/**
+ * Builder transform that adds a login step.
+ *
+ * POSTs credentials → extracts token → creates `authedHttp` client.
+ */
+export declare function withLogin<S>(options: WithLoginOptions): (builder: TestBuilder<S>) => TestBuilder<S & {
+    authedHttp: HttpClient;
+}>;
+//# sourceMappingURL=with_login.d.ts.map

package/dist/with_login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"with_login.d.ts","sourceRoot":"","sources":["../src/with_login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAe,MAAM,cAAc,CAAC;AAEzE,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEpC,YAAY,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,MAAM,CAAC;IACpC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAQD;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,CAAC,EACzB,OAAO,EAAE,gBAAgB,GACxB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC,CAAC,GAAG;IAAE,UAAU,EAAE,UAAU,CAAA;CAAE,CAAC,CAsC1E"}

package/dist/with_login.js

@@ -0,0 +1,36 @@
+function resolveTemplate(template, ctx) {
+    return template.replace(/\{\{(\w+)\}\}/g, (_, key) => {
+        return ctx.secrets.get(key) ?? ctx.vars.get(key) ?? `{{${key}}}`;
+    });
+}
+/**
+ * Builder transform that adds a login step.
+ *
+ * POSTs credentials → extracts token → creates `authedHttp` client.
+ */
+export function withLogin(options) {
+    const { endpoint, credentials, extractToken, headerName = "Authorization", headerPrefix = "Bearer ", } = options;
+    return (builder) => {
+        return builder.step("login", async (ctx, state) => {
+            const resolved = {};
+            for (const [k, v] of Object.entries(credentials)) {
+                resolved[k] = resolveTemplate(v, ctx);
+            }
+            const response = await ctx.http
+                .post(resolveTemplate(endpoint, ctx), {
+                json: resolved,
+                throwHttpErrors: false,
+            })
+                .json();
+            const token = extractToken(response);
+            if (!token || typeof token !== "string") {
+                throw new Error("withLogin: extractToken() did not return a valid string token");
+            }
+            const authedHttp = ctx.http.extend({
+                headers: { [headerName]: `${headerPrefix}${token}` },
+            });
+            return { ...state, authedHttp };
+        });
+    };
+}
+//# sourceMappingURL=with_login.js.map

package/dist/with_login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"with_login.js","sourceRoot":"","sources":["../src/with_login.ts"],"names":[],"mappings":"AAWA,SAAS,eAAe,CAAC,QAAgB,EAAE,GAAgB;IACzD,OAAO,QAAQ,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,GAAW,EAAE,EAAE;QAC3D,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC;IACnE,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,SAAS,CACvB,OAAyB;IAEzB,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,YAAY,EACZ,UAAU,GAAG,eAAe,EAC5B,YAAY,GAAG,SAAS,GACzB,GAAG,OAAO,CAAC;IAEZ,OAAO,CAAC,OAAuB,EAAE,EAAE;QACjC,OAAO,OAAO,CAAC,IAAI,CACjB,OAAO,EACP,KAAK,EAAE,GAAgB,EAAE,KAAQ,EAA2C,EAAE;YAC5E,MAAM,QAAQ,GAA2B,EAAE,CAAC;YAC5C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBACjD,QAAQ,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YACxC,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,IAAI;iBAC5B,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE;gBACpC,IAAI,EAAE,QAAQ;gBACd,eAAe,EAAE,KAAK;aACvB,CAAC;iBACD,IAAI,EAAE,CAAC;YAEV,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;YACnF,CAAC;YAED,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC;gBACjC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,GAAG,YAAY,GAAG,KAAK,EAAE,EAAE;aACrD,CAAC,CAAC;YAEH,OAAO,EAAE,GAAG,KAAK,EAAE,UAAU,EAAE,CAAC;QAClC,CAAC,CACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,24 @@
+{
+  "name": "@glubean/auth",
+  "version": "0.1.2",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "@glubean/sdk": "0.1.2"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "test": "vitest run"
+  }
+}