npm - @hanzo/iam - Versions diffs - 0.4.1 → 0.5.0 - Mend

@hanzo/iam 0.4.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/src/client.ts CHANGED Viewed

@@ -7,6 +7,7 @@ import type {
   IamApiResponse,
   IamUser,
   IamOrganization,
+  IamInvitation,
   IamProject,
   OidcDiscovery,
   TokenResponse,
@@ -252,12 +253,30 @@ export class IamClient {
   /** List organizations (for the configured owner). */
   async getOrganizations(token?: string): Promise<IamOrganization[]> {
+    // Try the admin-level endpoint first (returns full org details).
+    // Falls back to the public get-organization-names endpoint which
+    // returns all org names without requiring admin privileges.
     const owner = this.orgName ?? "admin";
-    const resp = await this.request<IamApiResponse<IamOrganization[]>>(
-      "/api/get-organizations",
-      { params: { owner }, token },
-    );
-    return resp.data ?? [];
+    try {
+      const resp = await this.request<IamApiResponse<IamOrganization[]>>(
+        "/api/get-organizations",
+        { params: { owner }, token },
+      );
+      if (resp.data && resp.data.length > 0) return resp.data;
+    } catch {
+      // Admin endpoint failed — fall through to public endpoint
+    }
+    // Public fallback: get-organization-names (no auth required)
+    try {
+      const resp = await this.request<IamApiResponse<IamOrganization[]>>(
+        "/api/get-organization-names",
+        { params: { owner }, token },
+      );
+      return resp.data ?? [];
+    } catch {
+      return [];
+    }
   }
   /** Get a specific organization. */
@@ -289,6 +308,88 @@ export class IamClient {
     return org ? [org] : [];
   }
+  /** Create a new organization. */
+  async createOrganization(
+    org: Partial<IamOrganization>,
+    token?: string,
+  ): Promise<IamApiResponse<IamOrganization>> {
+    return this.request<IamApiResponse<IamOrganization>>(
+      "/api/add-organization",
+      { method: "POST", body: org, token },
+    );
+  }
+  /** Update an existing organization. */
+  async updateOrganization(
+    org: Partial<IamOrganization>,
+    token?: string,
+  ): Promise<IamApiResponse<IamOrganization>> {
+    return this.request<IamApiResponse<IamOrganization>>(
+      "/api/update-organization",
+      { method: "POST", body: org, token },
+    );
+  }
+  /** Delete an organization by owner and name. */
+  async deleteOrganization(
+    org: { owner: string; name: string },
+    token?: string,
+  ): Promise<IamApiResponse<IamOrganization>> {
+    return this.request<IamApiResponse<IamOrganization>>(
+      "/api/delete-organization",
+      { method: "POST", body: org, token },
+    );
+  }
+  // -----------------------------------------------------------------------
+  // Invitation
+  // -----------------------------------------------------------------------
+  /** List invitations for an owner (organization). */
+  async getInvitations(
+    owner: string,
+    token?: string,
+  ): Promise<IamInvitation[]> {
+    const resp = await this.request<IamApiResponse<IamInvitation[]>>(
+      "/api/get-invitations",
+      { params: { owner }, token },
+    );
+    return resp.data ?? [];
+  }
+  /** Create a new invitation. */
+  async createInvitation(
+    invitation: Partial<IamInvitation>,
+    token?: string,
+  ): Promise<IamApiResponse<IamInvitation>> {
+    return this.request<IamApiResponse<IamInvitation>>(
+      "/api/add-invitation",
+      { method: "POST", body: invitation, token },
+    );
+  }
+  /** Send an invitation by owner and name. */
+  async sendInvitation(
+    invitation: { owner: string; name: string },
+    token?: string,
+  ): Promise<IamApiResponse<IamInvitation>> {
+    return this.request<IamApiResponse<IamInvitation>>(
+      "/api/send-invitation",
+      { method: "POST", body: invitation, token },
+    );
+  }
+  /** Verify an invitation code. */
+  async verifyInvitation(
+    code: string,
+    token?: string,
+  ): Promise<IamApiResponse<IamInvitation>> {
+    return this.request<IamApiResponse<IamInvitation>>(
+      "/api/verify-invitation",
+      { params: { code }, token },
+    );
+  }
   // -----------------------------------------------------------------------
   // Project
   // -----------------------------------------------------------------------

package/src/index.ts CHANGED Viewed

@@ -14,7 +14,7 @@
  * });
  *
  * const billing = new BillingClient({
- *   commerceUrl: "https://commerce.hanzo.ai",
+ *   commerceUrl: "https://commerce-api.hanzo.ai/api",
  * });
  * ```
  */
@@ -43,6 +43,7 @@ export type {
   IamJwtClaims,
   IamUser,
   IamOrganization,
+  IamInvitation,
   IamProject,
   Subscription,
   Plan,

package/src/nextauth.ts CHANGED Viewed

@@ -1,17 +1,17 @@
 /**
- * NextAuth.js / Auth.js provider for IAM (OIDC-based).
+ * NextAuth.js provider for Hanzo IAM (OIDC-based).
  *
- * Provides a canonical NextAuth/Auth.js provider configuration
- * so all Next.js apps can share one implementation.
+ * Consolidates the HanzoIamProvider and IamProvider implementations
+ * so all Next.js apps can share one canonical implementation.
  *
  * @example
  * ```ts
  * // next-auth config
- * import { IamProvider } from "@hanzo/iam/nextauth";
+ * import { HanzoIamProvider } from "@hanzo/iam/nextauth";
  *
  * export default NextAuth({
  *   providers: [
- *     IamProvider({
+ *     HanzoIamProvider({
  *       serverUrl: process.env.IAM_SERVER_URL!,
  *       clientId: process.env.IAM_CLIENT_ID!,
  *       clientSecret: process.env.IAM_CLIENT_SECRET!,
@@ -23,7 +23,7 @@
  * @packageDocumentation
  */
-export interface IamProfile extends Record<string, unknown> {
+interface HanzoIamProfile extends Record<string, unknown> {
   sub: string;
   name: string;
   email: string;
@@ -35,7 +35,7 @@ export interface IamProfile extends Record<string, unknown> {
 }
 /**
- * NextAuth.js / Auth.js compatible OAuth provider for IAM.
+ * NextAuth.js / Auth.js compatible OAuth provider for Hanzo IAM.
  *
  * Uses standard OIDC well-known endpoint for automatic configuration.
  * JWT id_token validation (issuer, audience, signature) is handled by
@@ -43,7 +43,7 @@ export interface IamProfile extends Record<string, unknown> {
  *
  * Pass `checks: ["state", "pkce"]` in options for PKCE alignment.
  */
-export function IamProvider<P extends IamProfile>(
+export function HanzoIamProvider<P extends HanzoIamProfile>(
   options: {
     serverUrl: string;
     clientId: string;
@@ -59,8 +59,8 @@ export function IamProvider<P extends IamProfile>(
   const checks = options.checks ?? ["state"];
   return {
-    id: "iam",
-    name: "IAM",
+    id: "hanzo-iam",
+    name: "Hanzo IAM",
     type: "oauth",
     wellKnown: `${issuer}/.well-known/openid-configuration`,
     idToken: true,
@@ -88,8 +88,6 @@ export function IamProvider<P extends IamProfile>(
   };
 }
-// Backwards-compatible aliases
-/** @deprecated Use IamProvider instead */
-export { IamProvider as HanzoIamProvider };
-/** @deprecated Use IamProfile instead */
-export type { IamProfile as HanzoIamProfile };
+// Re-export with alias for backwards compat
+export { HanzoIamProvider as IamProvider };
+export type { HanzoIamProfile };