@healthcloudai/hc-safe-cdx 0.1.1 → 0.1.3

package/README.md

@@ -2,23 +2,28 @@
 
 Safe CDX connector provides a thin TypeScript wrapper around Safe CDX API routes.
 
-The connector is designed to work with the shared `HttpClient` from `@healthcloudai/hc-http`, the same way as other Health Cloud connector modules. It does not implement its own transport layer for standard API calls.
+The connector follows the same shared-client pattern used by other Health Cloud connector modules:
 
-Standard Safe CDX API calls are executed through the injected `HttpClient`.
+- `HttpClient` handles HTTP transport.
+- `HCLoginClient` provides the authenticated request headers.
+- `HCSafeCDXClient` builds Safe CDX URLs, wraps request payloads, and exposes one method per Safe CDX route.
+
+Safe CDX has its own API host. The connector uses `HCLoginClient` for authentication only; it does not use `loginClient.getBaseUrl()` for Safe CDX routes.
 
 Image upload is handled separately because the upload target is a pre-signed S3 URL, not a Safe CDX API route.
 
 ## Installation
 
 ```sh
-npm install @healthcloudai/hc-safe-cdx @healthcloudai/hc-http
+npm install @healthcloudai/hc-safe-cdx @healthcloudai/hc-http @healthcloudai/hc-login-connector
 ```
 
 ## Import
 
 ```ts
 import { FetchClient } from "@healthcloudai/hc-http";
-import { SafeCDXClient } from "@healthcloudai/hc-safe-cdx";
+import { HCLoginClient } from "@healthcloudai/hc-login-connector";
+import { HCSafeCDXClient } from "@healthcloudai/hc-safe-cdx";
 ```
 
 ## Basic Setup
@@ -26,47 +31,85 @@ import { SafeCDXClient } from "@healthcloudai/hc-safe-cdx";
 ```ts
 const http = new FetchClient();
 
-const safeCdx = new SafeCDXClient(http, {
+const loginClient = new HCLoginClient(http);
+
+// Configure and authenticate the login client first.
+// Exact login/configuration calls depend on the login connector setup used by the app.
+
+const safeCdx = new HCSafeCDXClient(http, loginClient, {
   environment: "dev",
   defaultLanguage: "en",
   defaultImageType: "jpg",
 });
+```
+
+The connector does not perform login. The consuming application should authenticate through the Health Cloud login connector first. Safe CDX then reuses the authenticated headers from `loginClient.getAuthHeader()`.
+
+There is no `setAccessToken()` step in this version of the client.
+
+## Dependency Notes
+
+Because `HCSafeCDXClient` accepts `HCLoginClient` in the constructor, `@healthcloudai/hc-login-connector` should be included as a package dependency.
+
+Example package configuration:
 
-safeCdx.setAccessToken(patientAccessToken);
+```json
+{
+  "dependencies": {
+    "@healthcloudai/hc-http": "^0.x.x",
+    "@healthcloudai/hc-login-connector": "^0.x.x"
+  }
+}
 ```
 
-The connector requires a logged-in patient token.
+In a workspace setup, use the same dependency versioning strategy already used by the other connector packages.
+
+Example:
 
-The connector does not perform login. Login should be handled through the patient authentication flow first. After login, the patient token should be passed to Safe CDX by calling `setAccessToken()`.
+```json
+{
+  "dependencies": {
+    "@healthcloudai/hc-http": "workspace:*",
+    "@healthcloudai/hc-login-connector": "workspace:*"
+  }
+}
+```
 
 ## How the Client Works
 
-The client follows the same structure as the other Health Cloud connector modules:
+The client receives both the HTTP client and the login client:
 
 ```ts
 const http = new FetchClient();
-const safeCdx = new SafeCDXClient(http, config);
+const loginClient = new HCLoginClient(http);
+
+const safeCdx = new HCSafeCDXClient(http, loginClient, {
+  environment: "dev",
+});
 ```
 
 The shared `HttpClient` is responsible for executing HTTP requests.
 
+The `HCLoginClient` is responsible for the authenticated request headers.
+
 The Safe CDX client is responsible for:
 
+- resolving the Safe CDX environment host
 - building Safe CDX URLs
-- resolving the environment host
-- adding the authorization header
+- adding auth headers from `HCLoginClient`
+- adding optional API key headers when configured
 - wrapping POST request payloads into `{ Data: payload }`
 - validating `ApiResponse` results where the backend returns `{ IsOK, Data, ErrorMessage }`
-- exposing one SDK method per API route
+- exposing one SDK method per Safe CDX route
 
-The Safe CDX client does not create its own internal `fetch` helpers for standard API routes.
+The Safe CDX client does not create its own internal `fetch` helpers for standard Safe CDX API routes.
 
 ## Environment Configuration
 
 The connector supports the following environments:
 
 ```ts
-const safeCdx = new SafeCDXClient(http, {
+const safeCdx = new HCSafeCDXClient(http, loginClient, {
   environment: "dev",
 });
 ```
@@ -77,35 +120,54 @@ Available environments:
 "dev" | "uat" | "prod"
 ```
 
-Environment host mapping is handled internally by the client.
+Safe CDX environment host mapping is handled internally by the connector:
 
-## Authorization
+```txt
+dev  -> dev-api-hcs.healthcloud-services.com
+uat  -> uat-api-hcs.healthcloud-services.com
+prod -> api-hcs.healthcloud-services.com
+```
 
-Safe CDX API calls require a Bearer token.
+These hosts are separate from the login connector base URL.
 
-```ts
-safeCdx.setAccessToken(patientAccessToken);
-```
+## Authentication
 
-The token may be passed with or without the `Bearer` prefix.
+Safe CDX API calls require authenticated Health Cloud headers.
 
-Both examples are valid:
+The connector gets those headers from:
 
 ```ts
-safeCdx.setAccessToken("eyJ...");
+loginClient.getAuthHeader()
 ```
 
+This means the login connector must be configured and authenticated before Safe CDX methods are called.
+
+Example flow:
+
 ```ts
-safeCdx.setAccessToken("Bearer eyJ...");
+const http = new FetchClient();
+
+const loginClient = new HCLoginClient(http);
+
+// loginClient.configure(...)
+// await loginClient.loginPatient(...)
+
+const safeCdx = new HCSafeCDXClient(http, loginClient, {
+  environment: "dev",
+});
 ```
 
-The client normalizes the value internally and sends it as:
+Safe CDX does not manually receive a token. It does not expose `setAccessToken()`. Auth is inherited from the configured login client.
+
+## Optional API Key Header
+
+If an API key header is required by the environment, it can be set on the Safe CDX client:
 
 ```ts
-Authorization: Bearer <token>
+safeCdx.setApiKey("x-api-key", apiKeyValue);
 ```
 
-If no token is set before calling an API method, the client throws a `SafeCDXError`.
+When configured, the API key header is added to Safe CDX API calls together with the login auth headers.
 
 ## Request Payload Wrapping
 
@@ -115,29 +177,38 @@ The SDK wraps the payload internally as:
 
 ```ts
 {
-  "Data": payload
+  Data: payload
 }
 ```
 
 Correct:
 
 ```ts
-await safeCdx.scan2Ddm({
-  // scan payload
+await safeCdx.submitAnswers({
+  UserTestResultId: userTestResultId,
+  Result: [
+    {
+      Analyte: "Purchase",
+      ReportedValue: "drug store",
+      StoredValue: "drug store",
+      Score: "0",
+    },
+  ],
 });
 ```
 
 Incorrect:
 
 ```ts
-await safeCdx.scan2Ddm({
+await safeCdx.submitAnswers({
   Data: {
-    // scan payload
-  }
+    UserTestResultId: userTestResultId,
+    Result: [],
+  },
 });
 ```
 
-The caller should not manually add the `Data` wrapper unless a specific method type explicitly requires it.
+The caller should not manually add the `Data` wrapper.
 
 ## API Response Handling
 
@@ -155,6 +226,8 @@ For these endpoints, the client validates `IsOK`.
 
 If `IsOK` is `false`, the client throws `SafeCDXError`.
 
+This validation exists because an HTTP `200` response does not always mean the backend operation succeeded. The HTTP client validates the transport layer, while the Safe CDX client validates the API response envelope.
+
 Some endpoints return a raw service result instead of the standard `ApiResponse` envelope. Those methods return the raw result directly.
 
 Raw result methods include:
@@ -189,13 +262,15 @@ A typical flow looks like this:
 ```ts
 const http = new FetchClient();
 
-const safeCdx = new SafeCDXClient(http, {
+const loginClient = new HCLoginClient(http);
+
+// Configure and authenticate loginClient first.
+
+const safeCdx = new HCSafeCDXClient(http, loginClient, {
   environment: "dev",
   defaultLanguage: "en",
   defaultImageType: "jpg",
 });
-
-safeCdx.setAccessToken(patientAccessToken);
 ```
 
 ### 1. Get available test profiles
@@ -336,13 +411,6 @@ Resolves a test profile by GTIN barcode.
 
 `language` is optional. If not provided, the client uses `defaultLanguage` from config when available.
 
-### scan2Ddm
-
-```ts
-const scan = await safeCdx.scan2Ddm(payload);
-```
-
-Scans a 2D data matrix barcode and resolves the related test data.
 
 ### getTestProfile
 
@@ -513,6 +581,8 @@ const result = await safeCdx.submitAnswers(payload);
 
 Submits analyte answers for a test attempt.
 
+`Result` should contain at least one answer item. The connector does not generate analyte answers automatically.
+
 ### finalizeTest
 
 ```ts
@@ -521,38 +591,20 @@ const result = await safeCdx.finalizeTest(payload);
 
 Finalizes a test attempt with CTA, indication, and decision results.
 
-## Error Handling
-
-The connector throws `SafeCDXError` for connector-level errors.
-
-Examples:
-
-- invalid environment
-- missing access token
-- failed `ApiResponse` validation
-- failed image upload
-
-```ts
-try {
-  const profile = await safeCdx.getTestProfileByGTIN("850024942325");
-} catch (error) {
-  if (error instanceof SafeCDXError) {
-    console.error(error.message);
-    console.error(error.response);
-  }
-
-  throw error;
-}
-```
+The payload should include:
 
-HTTP-level errors from the shared `HttpClient` may also be thrown depending on the `HttpClient` implementation.
+- `UserTestResultId`
+- `ctaResult`
+- `indicationResult`
+- `decisionResult`
 
-For example, `FetchClient` from `@healthcloudai/hc-http` throws an HTTP error when the response status is not successful.
 
 ## Notes
 
 - The connector does not perform login.
-- The connector expects a valid patient token to be set before API calls.
+- The connector uses `HCLoginClient` for authenticated request headers.
+- The connector does not use `loginClient.getBaseUrl()` for Safe CDX API routes.
+- Safe CDX routes use the Safe CDX environment host from `SafeCDXConfig`.
 - Standard Safe CDX API methods use the shared `HttpClient`.
 - POST payloads are wrapped internally as `{ Data: payload }`.
 - The caller should pass only the inner payload to SDK methods.

package/dist/index.cjs

@@ -67,46 +67,52 @@ function assertApiResponse(envelope, route) {
   return envelope;
 }
 var HCSafeCDXClient = class {
-  constructor(httpClient, config) {
+  constructor(httpClient, authClient, config) {
     var _a;
     if (!ENV_HOST[config.environment]) {
       throw new SafeCDXError(`Invalid environment: ${config.environment}`);
     }
     this.http = httpClient;
+    this.auth = authClient;
     this.host = ENV_HOST[config.environment];
     this.defaultLanguage = config.defaultLanguage;
     this.defaultImageType = (_a = config.defaultImageType) != null ? _a : "jpg";
   }
-  setAccessToken(token) {
-    const trimmedToken = token == null ? void 0 : token.trim();
-    if (!trimmedToken) {
-      throw new SafeCDXError("Access token is required.");
+  setApiKey(headerName, value) {
+    const trimmedHeaderName = headerName == null ? void 0 : headerName.trim();
+    const trimmedValue = value == null ? void 0 : value.trim();
+    if (!trimmedHeaderName) {
+      throw new SafeCDXError("API key header name is required.");
     }
-    this.accessToken = trimmedToken;
+    if (!trimmedValue) {
+      throw new SafeCDXError("API key value is required.");
+    }
+    this.apiKeyHeaderName = trimmedHeaderName;
+    this.apiKeyValue = trimmedValue;
   }
   // ---------------------------------------------------------------------------
   // Private helpers
   // ---------------------------------------------------------------------------
-  getAuthorizationHeader() {
-    if (!this.accessToken) {
-      throw new SafeCDXError(
-        "SafeCDX requires an access token. Call setAccessToken() first."
-      );
-    }
-    const token = this.accessToken.replace(/^Bearer\s+/i, "").trim();
-    return `Bearer ${token}`;
-  }
   getAuthHeaders() {
     return {
-      Authorization: this.getAuthorizationHeader()
+      ...this.auth.getAuthHeader(),
+      ...this.getApiKeyHeader()
     };
   }
-  getJsonAuthHeaders() {
+  getJsonHeaders() {
     return {
-      Authorization: this.getAuthorizationHeader(),
+      ...this.getAuthHeaders(),
       "Content-Type": "application/json"
     };
   }
+  getApiKeyHeader() {
+    if (!this.apiKeyHeaderName || !this.apiKeyValue) {
+      return {};
+    }
+    return {
+      [this.apiKeyHeaderName]: this.apiKeyValue
+    };
+  }
   url(route, query) {
     return buildUrl(this.host, route, query);
   }
@@ -126,18 +132,6 @@ var HCSafeCDXClient = class {
     );
     return assertApiResponse(envelope, "gs1/:gtin");
   }
-  /**
-   * POST scan/2ddm
-   * Scans a 2D data matrix barcode and resolves a UserTestResultId.
-   */
-  async scan2Ddm(payload) {
-    const envelope = await this.http.post(
-      this.url("scan/2ddm"),
-      wrapData(payload),
-      this.getJsonAuthHeaders()
-    );
-    return assertApiResponse(envelope, "scan/2ddm");
-  }
   // ---------------------------------------------------------------------------
   // Test Profiles
   // ---------------------------------------------------------------------------
@@ -149,7 +143,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/profile"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/profile");
   }
@@ -163,7 +157,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/profiles/by-account"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/profiles/by-account");
   }
@@ -186,14 +180,16 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("upload/url"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "upload/url");
   }
   /**
    * PUT preSignedURL — direct S3 upload, not a SafeCDX API route.
    * preSignedURL comes from createUploadUrl() response: Data.preSignedURL.
-   
+   *
+   * This intentionally does not use the shared HttpClient because the existing
+   * HttpClient.put() is JSON-oriented and stringifies the request body.
    */
   async uploadImage(preSignedURL, image, contentType = "image/jpeg") {
     const response = await fetch(preSignedURL, {
@@ -234,7 +230,7 @@ var HCSafeCDXClient = class {
     return this.http.post(
       this.url("cvml/status"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
   }
   /**
@@ -263,7 +259,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/pending"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/pending");
   }
@@ -275,7 +271,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/last"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/last");
   }
@@ -287,7 +283,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/history"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/history");
   }
@@ -303,7 +299,7 @@ var HCSafeCDXClient = class {
     return this.http.post(
       this.url("test/result/details"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
   }
   /**
@@ -314,7 +310,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/pdf"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/pdf");
   }
@@ -330,7 +326,7 @@ var HCSafeCDXClient = class {
     return this.http.post(
       this.url("test/result/image/capture"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
   }
   /**
@@ -341,7 +337,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/analytics"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/analytics");
   }
@@ -360,7 +356,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/resume"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/resume");
   }
@@ -372,7 +368,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/answers"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/answers");
   }
@@ -384,7 +380,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/finalize"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/finalize");
   }

package/dist/index.d.cts

@@ -1,3 +1,4 @@
+import { HCLoginClient } from '@healthcloudai/hc-login-connector';
 import { HttpClient } from '@healthcloudai/hc-http';
 
 type Environment = "dev" | "uat" | "prod";
@@ -66,10 +67,6 @@ interface ScanUpcAnalyte {
     Image: string | null;
     Responses: unknown[];
 }
-interface Scan2DdmRequest {
-    Code: string;
-    ExternalQuestionnaireResultId?: string;
-}
 interface ScanUpcOrderableData {
     _id: string | null;
     ShortName: string | null;
@@ -256,26 +253,23 @@ interface FinalizeTestRequest {
 
 declare class HCSafeCDXClient {
     private readonly http;
+    private readonly auth;
     private readonly host;
-    private accessToken;
-    private defaultLanguage;
-    private defaultImageType;
-    constructor(httpClient: HttpClient, config: SafeCDXConfig);
-    setAccessToken(token: string): void;
-    private getAuthorizationHeader;
+    private readonly defaultLanguage;
+    private readonly defaultImageType;
+    private apiKeyHeaderName?;
+    private apiKeyValue?;
+    constructor(httpClient: HttpClient, authClient: HCLoginClient, config: SafeCDXConfig);
+    setApiKey(headerName: string, value: string): void;
     private getAuthHeaders;
-    private getJsonAuthHeaders;
+    private getJsonHeaders;
+    private getApiKeyHeader;
     private url;
     /**
      * GET gs1/:gtin
      * Resolves a test profile by GTIN barcode and creates a UserTestResultId.
      */
     getTestProfileByGTIN(gtin: string, language?: string): Promise<ApiResponse<GetTestProfileByGTINData>>;
-    /**
-     * POST scan/2ddm
-     * Scans a 2D data matrix barcode and resolves a UserTestResultId.
-     */
-    scan2Ddm(payload: Scan2DdmRequest): Promise<ApiResponse<ScanUpcResponseData>>;
     /**
      * POST test/profile
      * Returns the full test profile for a given GTIN.
@@ -295,7 +289,9 @@ declare class HCSafeCDXClient {
     /**
      * PUT preSignedURL — direct S3 upload, not a SafeCDX API route.
      * preSignedURL comes from createUploadUrl() response: Data.preSignedURL.
-     
+     *
+     * This intentionally does not use the shared HttpClient because the existing
+     * HttpClient.put() is JSON-oriented and stringifies the request body.
      */
     uploadImage(preSignedURL: string, image: BodyInit, contentType?: string): Promise<void>;
     /**
@@ -368,4 +364,4 @@ declare class ConfigError extends Error {
     constructor(message: string);
 }
 
-export { type AnswerResult, type ApiResponse, ConfigError, type CreateUploadUrlData, type CreateUploadUrlRequest, type CtaResult, type DecisionResult, type DecisionResultItem, type Environment, type FinalizeTestRequest, type GetAnalyticsRequest, type GetImageCaptureUrlRequest, type GetLastResultsRequest, type GetPendingResultsRequest, type GetResultDetailsRequest, type GetResultPdfRequest, type GetTestHistoryRequest, type GetTestProfileByGTINData, type GetTestProfileRequest, type GetTestProfilesByAccountRequest, HCSafeCDXClient, type IndicationResult, type ResumeFlowRequest, type SafeCDXConfig, type Scan2DdmRequest, type ScanUpcAnalyte, type ScanUpcArticle, type ScanUpcBillingInfo, type ScanUpcInstruction, type ScanUpcOrderableData, type ScanUpcResponseData, type ScanUpcScanImageDetail, type ScanUpcTerritory, type ScanUpcTestResult, type SubmitAnswersRequest, type UpdateCvmlStatusRequest };
+export { type AnswerResult, type ApiResponse, ConfigError, type CreateUploadUrlData, type CreateUploadUrlRequest, type CtaResult, type DecisionResult, type DecisionResultItem, type Environment, type FinalizeTestRequest, type GetAnalyticsRequest, type GetImageCaptureUrlRequest, type GetLastResultsRequest, type GetPendingResultsRequest, type GetResultDetailsRequest, type GetResultPdfRequest, type GetTestHistoryRequest, type GetTestProfileByGTINData, type GetTestProfileRequest, type GetTestProfilesByAccountRequest, HCSafeCDXClient, type IndicationResult, type ResumeFlowRequest, type SafeCDXConfig, type ScanUpcAnalyte, type ScanUpcArticle, type ScanUpcBillingInfo, type ScanUpcInstruction, type ScanUpcOrderableData, type ScanUpcResponseData, type ScanUpcScanImageDetail, type ScanUpcTerritory, type ScanUpcTestResult, type SubmitAnswersRequest, type UpdateCvmlStatusRequest };

package/dist/index.d.ts

@@ -1,3 +1,4 @@
+import { HCLoginClient } from '@healthcloudai/hc-login-connector';
 import { HttpClient } from '@healthcloudai/hc-http';
 
 type Environment = "dev" | "uat" | "prod";
@@ -66,10 +67,6 @@ interface ScanUpcAnalyte {
     Image: string | null;
     Responses: unknown[];
 }
-interface Scan2DdmRequest {
-    Code: string;
-    ExternalQuestionnaireResultId?: string;
-}
 interface ScanUpcOrderableData {
     _id: string | null;
     ShortName: string | null;
@@ -256,26 +253,23 @@ interface FinalizeTestRequest {
 
 declare class HCSafeCDXClient {
     private readonly http;
+    private readonly auth;
     private readonly host;
-    private accessToken;
-    private defaultLanguage;
-    private defaultImageType;
-    constructor(httpClient: HttpClient, config: SafeCDXConfig);
-    setAccessToken(token: string): void;
-    private getAuthorizationHeader;
+    private readonly defaultLanguage;
+    private readonly defaultImageType;
+    private apiKeyHeaderName?;
+    private apiKeyValue?;
+    constructor(httpClient: HttpClient, authClient: HCLoginClient, config: SafeCDXConfig);
+    setApiKey(headerName: string, value: string): void;
     private getAuthHeaders;
-    private getJsonAuthHeaders;
+    private getJsonHeaders;
+    private getApiKeyHeader;
     private url;
     /**
      * GET gs1/:gtin
      * Resolves a test profile by GTIN barcode and creates a UserTestResultId.
      */
     getTestProfileByGTIN(gtin: string, language?: string): Promise<ApiResponse<GetTestProfileByGTINData>>;
-    /**
-     * POST scan/2ddm
-     * Scans a 2D data matrix barcode and resolves a UserTestResultId.
-     */
-    scan2Ddm(payload: Scan2DdmRequest): Promise<ApiResponse<ScanUpcResponseData>>;
     /**
      * POST test/profile
      * Returns the full test profile for a given GTIN.
@@ -295,7 +289,9 @@ declare class HCSafeCDXClient {
     /**
      * PUT preSignedURL — direct S3 upload, not a SafeCDX API route.
      * preSignedURL comes from createUploadUrl() response: Data.preSignedURL.
-     
+     *
+     * This intentionally does not use the shared HttpClient because the existing
+     * HttpClient.put() is JSON-oriented and stringifies the request body.
      */
     uploadImage(preSignedURL: string, image: BodyInit, contentType?: string): Promise<void>;
     /**
@@ -368,4 +364,4 @@ declare class ConfigError extends Error {
     constructor(message: string);
 }
 
-export { type AnswerResult, type ApiResponse, ConfigError, type CreateUploadUrlData, type CreateUploadUrlRequest, type CtaResult, type DecisionResult, type DecisionResultItem, type Environment, type FinalizeTestRequest, type GetAnalyticsRequest, type GetImageCaptureUrlRequest, type GetLastResultsRequest, type GetPendingResultsRequest, type GetResultDetailsRequest, type GetResultPdfRequest, type GetTestHistoryRequest, type GetTestProfileByGTINData, type GetTestProfileRequest, type GetTestProfilesByAccountRequest, HCSafeCDXClient, type IndicationResult, type ResumeFlowRequest, type SafeCDXConfig, type Scan2DdmRequest, type ScanUpcAnalyte, type ScanUpcArticle, type ScanUpcBillingInfo, type ScanUpcInstruction, type ScanUpcOrderableData, type ScanUpcResponseData, type ScanUpcScanImageDetail, type ScanUpcTerritory, type ScanUpcTestResult, type SubmitAnswersRequest, type UpdateCvmlStatusRequest };
+export { type AnswerResult, type ApiResponse, ConfigError, type CreateUploadUrlData, type CreateUploadUrlRequest, type CtaResult, type DecisionResult, type DecisionResultItem, type Environment, type FinalizeTestRequest, type GetAnalyticsRequest, type GetImageCaptureUrlRequest, type GetLastResultsRequest, type GetPendingResultsRequest, type GetResultDetailsRequest, type GetResultPdfRequest, type GetTestHistoryRequest, type GetTestProfileByGTINData, type GetTestProfileRequest, type GetTestProfilesByAccountRequest, HCSafeCDXClient, type IndicationResult, type ResumeFlowRequest, type SafeCDXConfig, type ScanUpcAnalyte, type ScanUpcArticle, type ScanUpcBillingInfo, type ScanUpcInstruction, type ScanUpcOrderableData, type ScanUpcResponseData, type ScanUpcScanImageDetail, type ScanUpcTerritory, type ScanUpcTestResult, type SubmitAnswersRequest, type UpdateCvmlStatusRequest };

package/dist/index.js

@@ -40,46 +40,52 @@ function assertApiResponse(envelope, route) {
   return envelope;
 }
 var HCSafeCDXClient = class {
-  constructor(httpClient, config) {
+  constructor(httpClient, authClient, config) {
     var _a;
     if (!ENV_HOST[config.environment]) {
       throw new SafeCDXError(`Invalid environment: ${config.environment}`);
     }
     this.http = httpClient;
+    this.auth = authClient;
     this.host = ENV_HOST[config.environment];
     this.defaultLanguage = config.defaultLanguage;
     this.defaultImageType = (_a = config.defaultImageType) != null ? _a : "jpg";
   }
-  setAccessToken(token) {
-    const trimmedToken = token == null ? void 0 : token.trim();
-    if (!trimmedToken) {
-      throw new SafeCDXError("Access token is required.");
+  setApiKey(headerName, value) {
+    const trimmedHeaderName = headerName == null ? void 0 : headerName.trim();
+    const trimmedValue = value == null ? void 0 : value.trim();
+    if (!trimmedHeaderName) {
+      throw new SafeCDXError("API key header name is required.");
     }
-    this.accessToken = trimmedToken;
+    if (!trimmedValue) {
+      throw new SafeCDXError("API key value is required.");
+    }
+    this.apiKeyHeaderName = trimmedHeaderName;
+    this.apiKeyValue = trimmedValue;
   }
   // ---------------------------------------------------------------------------
   // Private helpers
   // ---------------------------------------------------------------------------
-  getAuthorizationHeader() {
-    if (!this.accessToken) {
-      throw new SafeCDXError(
-        "SafeCDX requires an access token. Call setAccessToken() first."
-      );
-    }
-    const token = this.accessToken.replace(/^Bearer\s+/i, "").trim();
-    return `Bearer ${token}`;
-  }
   getAuthHeaders() {
     return {
-      Authorization: this.getAuthorizationHeader()
+      ...this.auth.getAuthHeader(),
+      ...this.getApiKeyHeader()
     };
   }
-  getJsonAuthHeaders() {
+  getJsonHeaders() {
     return {
-      Authorization: this.getAuthorizationHeader(),
+      ...this.getAuthHeaders(),
       "Content-Type": "application/json"
     };
   }
+  getApiKeyHeader() {
+    if (!this.apiKeyHeaderName || !this.apiKeyValue) {
+      return {};
+    }
+    return {
+      [this.apiKeyHeaderName]: this.apiKeyValue
+    };
+  }
   url(route, query) {
     return buildUrl(this.host, route, query);
   }
@@ -99,18 +105,6 @@ var HCSafeCDXClient = class {
     );
     return assertApiResponse(envelope, "gs1/:gtin");
   }
-  /**
-   * POST scan/2ddm
-   * Scans a 2D data matrix barcode and resolves a UserTestResultId.
-   */
-  async scan2Ddm(payload) {
-    const envelope = await this.http.post(
-      this.url("scan/2ddm"),
-      wrapData(payload),
-      this.getJsonAuthHeaders()
-    );
-    return assertApiResponse(envelope, "scan/2ddm");
-  }
   // ---------------------------------------------------------------------------
   // Test Profiles
   // ---------------------------------------------------------------------------
@@ -122,7 +116,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/profile"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/profile");
   }
@@ -136,7 +130,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/profiles/by-account"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/profiles/by-account");
   }
@@ -159,14 +153,16 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("upload/url"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "upload/url");
   }
   /**
    * PUT preSignedURL — direct S3 upload, not a SafeCDX API route.
    * preSignedURL comes from createUploadUrl() response: Data.preSignedURL.
-   
+   *
+   * This intentionally does not use the shared HttpClient because the existing
+   * HttpClient.put() is JSON-oriented and stringifies the request body.
    */
   async uploadImage(preSignedURL, image, contentType = "image/jpeg") {
     const response = await fetch(preSignedURL, {
@@ -207,7 +203,7 @@ var HCSafeCDXClient = class {
     return this.http.post(
       this.url("cvml/status"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
   }
   /**
@@ -236,7 +232,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/pending"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/pending");
   }
@@ -248,7 +244,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/last"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/last");
   }
@@ -260,7 +256,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/history"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/history");
   }
@@ -276,7 +272,7 @@ var HCSafeCDXClient = class {
     return this.http.post(
       this.url("test/result/details"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
   }
   /**
@@ -287,7 +283,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/pdf"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/pdf");
   }
@@ -303,7 +299,7 @@ var HCSafeCDXClient = class {
     return this.http.post(
       this.url("test/result/image/capture"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
   }
   /**
@@ -314,7 +310,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/result/analytics"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/result/analytics");
   }
@@ -333,7 +329,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/resume"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/resume");
   }
@@ -345,7 +341,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/answers"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/answers");
   }
@@ -357,7 +353,7 @@ var HCSafeCDXClient = class {
     const envelope = await this.http.post(
       this.url("test/finalize"),
       wrapData(payload),
-      this.getJsonAuthHeaders()
+      this.getJsonHeaders()
     );
     return assertApiResponse(envelope, "test/finalize");
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@healthcloudai/hc-safe-cdx",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Healthcheck Safe CDX connector.",
   "author": "Healthcheck Systems Inc",
   "license": "MIT",
@@ -33,7 +33,8 @@
     "prepublishOnly": "npm run build"
   },
   "dependencies": {
-    "@healthcloudai/hc-http": "^0.0.6"
+    "@healthcloudai/hc-http": "^0.0.6",
+    "@healthcloudai/hc-login-connector": "^0.0.15"
   },
   "peerDependencies": {
     "react-native": ">=0.70.0"