@hubspot/app-connect-sdk 1.0.0-alpha.2 → 1.0.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (532) hide show
  1. package/.turbo/turbo-tsdown.log +41 -510
  2. package/build/tsconfig.browser.tsbuildinfo +1 -1
  3. package/build/tsconfig.server.tsbuildinfo +1 -1
  4. package/dist/browser/{HubSpotAppConnect-BW45gyDs.js → HubSpotAppConnect-COQgPrFn.js} +5 -3
  5. package/dist/browser/HubSpotAppConnect-COQgPrFn.js.map +1 -0
  6. package/dist/browser/{create-vctOhpX9.js → create-hzqjIhmO.js} +54 -25
  7. package/dist/browser/create-hzqjIhmO.js.map +1 -0
  8. package/dist/browser/index.js +1 -1
  9. package/dist/browser/react/lovable.js +2 -2
  10. package/dist/browser/react.js +1 -1
  11. package/dist/server/api-client.d.ts +60625 -197
  12. package/dist/server/api-client.js +5826 -100
  13. package/dist/server/api-client.js.map +1 -0
  14. package/dist/server/{api-client-core/client.js → binary-data-BOalJzKu.js} +58 -3
  15. package/dist/server/binary-data-BOalJzKu.js.map +1 -0
  16. package/dist/server/lovable.d.ts +117 -6
  17. package/dist/server/lovable.js +1458 -3
  18. package/dist/server/lovable.js.map +1 -0
  19. package/dist/server/oauth.d.ts +128 -6
  20. package/dist/server/oauth.js +1 -4
  21. package/dist/server/sha256-B7y8GBFB.js +228 -0
  22. package/dist/server/sha256-B7y8GBFB.js.map +1 -0
  23. package/dist/server/{types.d.ts → types-5gfN91Fq.d.ts} +2 -2
  24. package/dist/server/{api-client-core/types.d.ts → types-DEOUH4wE.d.ts} +2 -2
  25. package/package.json +4 -10
  26. package/src/browser/app-connect-controller/connect-start.ts +2 -1
  27. package/src/browser/app-connect-controller/init.test.ts +167 -0
  28. package/src/browser/app-connect-controller/init.ts +70 -19
  29. package/src/browser/react/components/AppConnectHeader/AppConnectHeader.tsx +3 -5
  30. package/src/browser/react/components/ConnectButton/ConnectButton.tsx +2 -1
  31. package/src/server/api-client-core/plugins/fetch-transport.ts +5 -1
  32. package/src/server/constants.ts +29 -4
  33. package/src/server/hono/hono-request-handler.ts +42 -15
  34. package/src/server/hono/hubspot-connect-routes/auth-complete.test.ts +285 -0
  35. package/src/server/hono/hubspot-connect-routes/{auth-callback.ts → auth-complete.ts} +73 -30
  36. package/src/server/hono/hubspot-connect-routes/auth-init-session.test.ts +114 -30
  37. package/src/server/hono/hubspot-connect-routes/auth-init-session.ts +33 -10
  38. package/src/server/hono/hubspot-connect-routes/auth-logout.test.ts +13 -0
  39. package/src/server/hono/hubspot-connect-routes/auth-logout.ts +18 -0
  40. package/src/server/hono/hubspot-connect-routes/auth-refresh.test.ts +6 -0
  41. package/src/server/hono/hubspot-connect-routes/auth-refresh.ts +6 -0
  42. package/src/server/hono/hubspot-connect-routes/hubspot-connect-routes.ts +9 -2
  43. package/src/server/hono/hubspot-connect-routes/utils.ts +57 -1
  44. package/src/server/hono/types.ts +15 -9
  45. package/src/server/hono/utils/cookie-utils.ts +27 -2
  46. package/src/server/hono/utils/cors-middleware.test.ts +79 -0
  47. package/src/server/hono/utils/cors-middleware.ts +95 -0
  48. package/src/server/sanitize-request.ts +25 -11
  49. package/src/server/types.ts +2 -2
  50. package/src/shared/constants.ts +31 -3
  51. package/src/shared/wire-types.ts +19 -0
  52. package/tsdown.config.ts +1 -1
  53. package/.turbo/turbo-format$colon$check.log +0 -4
  54. package/.turbo/turbo-lint.log +0 -2
  55. package/.turbo/turbo-test.log +0 -76
  56. package/dist/browser/HubSpotAppConnect-BW45gyDs.js.map +0 -1
  57. package/dist/browser/create-vctOhpX9.js.map +0 -1
  58. package/dist/server/api-client-core/apis/account/account-info-types.generated.d.ts +0 -111
  59. package/dist/server/api-client-core/apis/account/account-info.generated.d.ts +0 -7
  60. package/dist/server/api-client-core/apis/account/account-info.generated.js +0 -9
  61. package/dist/server/api-client-core/apis/account/account-info.generated.js.map +0 -1
  62. package/dist/server/api-client-core/apis/account/audit-logs-types.generated.d.ts +0 -247
  63. package/dist/server/api-client-core/apis/account/audit-logs.generated.d.ts +0 -7
  64. package/dist/server/api-client-core/apis/account/audit-logs.generated.js +0 -28
  65. package/dist/server/api-client-core/apis/account/audit-logs.generated.js.map +0 -1
  66. package/dist/server/api-client-core/apis/auth/oauth-types.generated.d.ts +0 -121
  67. package/dist/server/api-client-core/apis/auth/oauth.generated.d.ts +0 -7
  68. package/dist/server/api-client-core/apis/auth/oauth.generated.js +0 -19
  69. package/dist/server/api-client-core/apis/auth/oauth.generated.js.map +0 -1
  70. package/dist/server/api-client-core/apis/automation/actions-types.generated.d.ts +0 -933
  71. package/dist/server/api-client-core/apis/automation/actions.generated.d.ts +0 -7
  72. package/dist/server/api-client-core/apis/automation/actions.generated.js +0 -121
  73. package/dist/server/api-client-core/apis/automation/actions.generated.js.map +0 -1
  74. package/dist/server/api-client-core/apis/automation/sequences-types.generated.d.ts +0 -422
  75. package/dist/server/api-client-core/apis/automation/sequences.generated.d.ts +0 -7
  76. package/dist/server/api-client-core/apis/automation/sequences.generated.js +0 -22
  77. package/dist/server/api-client-core/apis/automation/sequences.generated.js.map +0 -1
  78. package/dist/server/api-client-core/apis/business-units-types.generated.d.ts +0 -75
  79. package/dist/server/api-client-core/apis/business-units.generated.d.ts +0 -7
  80. package/dist/server/api-client-core/apis/business-units.generated.js +0 -12
  81. package/dist/server/api-client-core/apis/business-units.generated.js.map +0 -1
  82. package/dist/server/api-client-core/apis/cms/authors-types.generated.d.ts +0 -551
  83. package/dist/server/api-client-core/apis/cms/authors.generated.d.ts +0 -7
  84. package/dist/server/api-client-core/apis/cms/authors.generated.js +0 -163
  85. package/dist/server/api-client-core/apis/cms/authors.generated.js.map +0 -1
  86. package/dist/server/api-client-core/apis/cms/blog-settings-types.generated.d.ts +0 -366
  87. package/dist/server/api-client-core/apis/cms/blog-settings.generated.d.ts +0 -7
  88. package/dist/server/api-client-core/apis/cms/blog-settings.generated.js +0 -43
  89. package/dist/server/api-client-core/apis/cms/blog-settings.generated.js.map +0 -1
  90. package/dist/server/api-client-core/apis/cms/cms-content-audit-types.generated.d.ts +0 -157
  91. package/dist/server/api-client-core/apis/cms/cms-content-audit.generated.d.ts +0 -7
  92. package/dist/server/api-client-core/apis/cms/cms-content-audit.generated.js +0 -18
  93. package/dist/server/api-client-core/apis/cms/cms-content-audit.generated.js.map +0 -1
  94. package/dist/server/api-client-core/apis/cms/domains-types.generated.d.ts +0 -193
  95. package/dist/server/api-client-core/apis/cms/domains.generated.d.ts +0 -7
  96. package/dist/server/api-client-core/apis/cms/domains.generated.js +0 -20
  97. package/dist/server/api-client-core/apis/cms/domains.generated.js.map +0 -1
  98. package/dist/server/api-client-core/apis/cms/hubdb-types.generated.d.ts +0 -1097
  99. package/dist/server/api-client-core/apis/cms/hubdb.generated.d.ts +0 -7
  100. package/dist/server/api-client-core/apis/cms/hubdb.generated.js +0 -192
  101. package/dist/server/api-client-core/apis/cms/hubdb.generated.js.map +0 -1
  102. package/dist/server/api-client-core/apis/cms/media-bridge-types.generated.d.ts +0 -1780
  103. package/dist/server/api-client-core/apis/cms/media-bridge.generated.d.ts +0 -7
  104. package/dist/server/api-client-core/apis/cms/media-bridge.generated.js +0 -185
  105. package/dist/server/api-client-core/apis/cms/media-bridge.generated.js.map +0 -1
  106. package/dist/server/api-client-core/apis/cms/pages-types.generated.d.ts +0 -1768
  107. package/dist/server/api-client-core/apis/cms/pages.generated.d.ts +0 -7
  108. package/dist/server/api-client-core/apis/cms/pages.generated.js +0 -331
  109. package/dist/server/api-client-core/apis/cms/pages.generated.js.map +0 -1
  110. package/dist/server/api-client-core/apis/cms/posts-types.generated.d.ts +0 -1090
  111. package/dist/server/api-client-core/apis/cms/posts.generated.d.ts +0 -7
  112. package/dist/server/api-client-core/apis/cms/posts.generated.js +0 -201
  113. package/dist/server/api-client-core/apis/cms/posts.generated.js.map +0 -1
  114. package/dist/server/api-client-core/apis/cms/site-search-types.generated.d.ts +0 -200
  115. package/dist/server/api-client-core/apis/cms/site-search.generated.d.ts +0 -7
  116. package/dist/server/api-client-core/apis/cms/site-search.generated.js +0 -32
  117. package/dist/server/api-client-core/apis/cms/site-search.generated.js.map +0 -1
  118. package/dist/server/api-client-core/apis/cms/source-code-types.generated.d.ts +0 -218
  119. package/dist/server/api-client-core/apis/cms/source-code.generated.d.ts +0 -7
  120. package/dist/server/api-client-core/apis/cms/source-code.generated.js +0 -52
  121. package/dist/server/api-client-core/apis/cms/source-code.generated.js.map +0 -1
  122. package/dist/server/api-client-core/apis/cms/tags-types.generated.d.ts +0 -515
  123. package/dist/server/api-client-core/apis/cms/tags.generated.d.ts +0 -7
  124. package/dist/server/api-client-core/apis/cms/tags.generated.js +0 -163
  125. package/dist/server/api-client-core/apis/cms/tags.generated.js.map +0 -1
  126. package/dist/server/api-client-core/apis/cms/url-mappings-types.generated.d.ts +0 -177
  127. package/dist/server/api-client-core/apis/cms/url-mappings.generated.d.ts +0 -7
  128. package/dist/server/api-client-core/apis/cms/url-mappings.generated.js +0 -14
  129. package/dist/server/api-client-core/apis/cms/url-mappings.generated.js.map +0 -1
  130. package/dist/server/api-client-core/apis/cms/url-redirects-types.generated.d.ts +0 -226
  131. package/dist/server/api-client-core/apis/cms/url-redirects.generated.d.ts +0 -7
  132. package/dist/server/api-client-core/apis/cms/url-redirects.generated.js +0 -26
  133. package/dist/server/api-client-core/apis/cms/url-redirects.generated.js.map +0 -1
  134. package/dist/server/api-client-core/apis/communication-preferences/subscriptions-types.generated.d.ts +0 -802
  135. package/dist/server/api-client-core/apis/communication-preferences/subscriptions.generated.d.ts +0 -7
  136. package/dist/server/api-client-core/apis/communication-preferences/subscriptions.generated.js +0 -74
  137. package/dist/server/api-client-core/apis/communication-preferences/subscriptions.generated.js.map +0 -1
  138. package/dist/server/api-client-core/apis/conversations/custom-channels-types.generated.d.ts +0 -551
  139. package/dist/server/api-client-core/apis/conversations/custom-channels.generated.d.ts +0 -7
  140. package/dist/server/api-client-core/apis/conversations/custom-channels.generated.js +0 -80
  141. package/dist/server/api-client-core/apis/conversations/custom-channels.generated.js.map +0 -1
  142. package/dist/server/api-client-core/apis/conversations/visitor-identification-types.generated.d.ts +0 -60
  143. package/dist/server/api-client-core/apis/conversations/visitor-identification.generated.d.ts +0 -7
  144. package/dist/server/api-client-core/apis/conversations/visitor-identification.generated.js +0 -6
  145. package/dist/server/api-client-core/apis/conversations/visitor-identification.generated.js.map +0 -1
  146. package/dist/server/api-client-core/apis/conversations-types.generated.d.ts +0 -908
  147. package/dist/server/api-client-core/apis/conversations.generated.d.ts +0 -7
  148. package/dist/server/api-client-core/apis/conversations.generated.js +0 -108
  149. package/dist/server/api-client-core/apis/conversations.generated.js.map +0 -1
  150. package/dist/server/api-client-core/apis/crm/app-uninstalls-types.generated.d.ts +0 -37
  151. package/dist/server/api-client-core/apis/crm/app-uninstalls.generated.d.ts +0 -7
  152. package/dist/server/api-client-core/apis/crm/app-uninstalls.generated.js +0 -6
  153. package/dist/server/api-client-core/apis/crm/app-uninstalls.generated.js.map +0 -1
  154. package/dist/server/api-client-core/apis/crm/appointments-types.generated.d.ts +0 -989
  155. package/dist/server/api-client-core/apis/crm/appointments.generated.d.ts +0 -7
  156. package/dist/server/api-client-core/apis/crm/appointments.generated.js +0 -118
  157. package/dist/server/api-client-core/apis/crm/appointments.generated.js.map +0 -1
  158. package/dist/server/api-client-core/apis/crm/associations-schema-types.generated.d.ts +0 -329
  159. package/dist/server/api-client-core/apis/crm/associations-schema.generated.d.ts +0 -7
  160. package/dist/server/api-client-core/apis/crm/associations-schema.generated.js +0 -60
  161. package/dist/server/api-client-core/apis/crm/associations-schema.generated.js.map +0 -1
  162. package/dist/server/api-client-core/apis/crm/associations-types.generated.d.ts +0 -661
  163. package/dist/server/api-client-core/apis/crm/associations.generated.d.ts +0 -7
  164. package/dist/server/api-client-core/apis/crm/associations.generated.js +0 -83
  165. package/dist/server/api-client-core/apis/crm/associations.generated.js.map +0 -1
  166. package/dist/server/api-client-core/apis/crm/calling-extensions-types.generated.d.ts +0 -466
  167. package/dist/server/api-client-core/apis/crm/calling-extensions.generated.d.ts +0 -7
  168. package/dist/server/api-client-core/apis/crm/calling-extensions.generated.js +0 -42
  169. package/dist/server/api-client-core/apis/crm/calling-extensions.generated.js.map +0 -1
  170. package/dist/server/api-client-core/apis/crm/calls-types.generated.d.ts +0 -850
  171. package/dist/server/api-client-core/apis/crm/calls.generated.d.ts +0 -7
  172. package/dist/server/api-client-core/apis/crm/calls.generated.js +0 -66
  173. package/dist/server/api-client-core/apis/crm/calls.generated.js.map +0 -1
  174. package/dist/server/api-client-core/apis/crm/carts-types.generated.d.ts +0 -850
  175. package/dist/server/api-client-core/apis/crm/carts.generated.d.ts +0 -7
  176. package/dist/server/api-client-core/apis/crm/carts.generated.js +0 -66
  177. package/dist/server/api-client-core/apis/crm/carts.generated.js.map +0 -1
  178. package/dist/server/api-client-core/apis/crm/commerce-payments-types.generated.d.ts +0 -850
  179. package/dist/server/api-client-core/apis/crm/commerce-payments.generated.d.ts +0 -7
  180. package/dist/server/api-client-core/apis/crm/commerce-payments.generated.js +0 -66
  181. package/dist/server/api-client-core/apis/crm/commerce-payments.generated.js.map +0 -1
  182. package/dist/server/api-client-core/apis/crm/commerce-subscriptions-types.generated.d.ts +0 -847
  183. package/dist/server/api-client-core/apis/crm/commerce-subscriptions.generated.d.ts +0 -7
  184. package/dist/server/api-client-core/apis/crm/commerce-subscriptions.generated.js +0 -66
  185. package/dist/server/api-client-core/apis/crm/commerce-subscriptions.generated.js.map +0 -1
  186. package/dist/server/api-client-core/apis/crm/communications-types.generated.d.ts +0 -850
  187. package/dist/server/api-client-core/apis/crm/communications.generated.d.ts +0 -7
  188. package/dist/server/api-client-core/apis/crm/communications.generated.js +0 -66
  189. package/dist/server/api-client-core/apis/crm/communications.generated.js.map +0 -1
  190. package/dist/server/api-client-core/apis/crm/companies-types.generated.d.ts +0 -884
  191. package/dist/server/api-client-core/apis/crm/companies.generated.d.ts +0 -7
  192. package/dist/server/api-client-core/apis/crm/companies.generated.js +0 -67
  193. package/dist/server/api-client-core/apis/crm/companies.generated.js.map +0 -1
  194. package/dist/server/api-client-core/apis/crm/contacts-types.generated.d.ts +0 -899
  195. package/dist/server/api-client-core/apis/crm/contacts.generated.d.ts +0 -7
  196. package/dist/server/api-client-core/apis/crm/contacts.generated.js +0 -70
  197. package/dist/server/api-client-core/apis/crm/contacts.generated.js.map +0 -1
  198. package/dist/server/api-client-core/apis/crm/contracts-types.generated.d.ts +0 -850
  199. package/dist/server/api-client-core/apis/crm/contracts.generated.d.ts +0 -7
  200. package/dist/server/api-client-core/apis/crm/contracts.generated.js +0 -66
  201. package/dist/server/api-client-core/apis/crm/contracts.generated.js.map +0 -1
  202. package/dist/server/api-client-core/apis/crm/courses-types.generated.d.ts +0 -853
  203. package/dist/server/api-client-core/apis/crm/courses.generated.d.ts +0 -7
  204. package/dist/server/api-client-core/apis/crm/courses.generated.js +0 -66
  205. package/dist/server/api-client-core/apis/crm/courses.generated.js.map +0 -1
  206. package/dist/server/api-client-core/apis/crm/crm-owners-types.generated.d.ts +0 -140
  207. package/dist/server/api-client-core/apis/crm/crm-owners.generated.d.ts +0 -7
  208. package/dist/server/api-client-core/apis/crm/crm-owners.generated.js +0 -20
  209. package/dist/server/api-client-core/apis/crm/crm-owners.generated.js.map +0 -1
  210. package/dist/server/api-client-core/apis/crm/custom-objects-types.generated.d.ts +0 -934
  211. package/dist/server/api-client-core/apis/crm/custom-objects.generated.d.ts +0 -7
  212. package/dist/server/api-client-core/apis/crm/custom-objects.generated.js +0 -101
  213. package/dist/server/api-client-core/apis/crm/custom-objects.generated.js.map +0 -1
  214. package/dist/server/api-client-core/apis/crm/deal-splits-types.generated.d.ts +0 -196
  215. package/dist/server/api-client-core/apis/crm/deal-splits.generated.d.ts +0 -7
  216. package/dist/server/api-client-core/apis/crm/deal-splits.generated.js +0 -9
  217. package/dist/server/api-client-core/apis/crm/deal-splits.generated.js.map +0 -1
  218. package/dist/server/api-client-core/apis/crm/deals-types.generated.d.ts +0 -872
  219. package/dist/server/api-client-core/apis/crm/deals.generated.d.ts +0 -7
  220. package/dist/server/api-client-core/apis/crm/deals.generated.js +0 -67
  221. package/dist/server/api-client-core/apis/crm/deals.generated.js.map +0 -1
  222. package/dist/server/api-client-core/apis/crm/discounts-types.generated.d.ts +0 -846
  223. package/dist/server/api-client-core/apis/crm/discounts.generated.d.ts +0 -7
  224. package/dist/server/api-client-core/apis/crm/discounts.generated.js +0 -66
  225. package/dist/server/api-client-core/apis/crm/discounts.generated.js.map +0 -1
  226. package/dist/server/api-client-core/apis/crm/emails-types.generated.d.ts +0 -850
  227. package/dist/server/api-client-core/apis/crm/emails.generated.d.ts +0 -7
  228. package/dist/server/api-client-core/apis/crm/emails.generated.js +0 -66
  229. package/dist/server/api-client-core/apis/crm/emails.generated.js.map +0 -1
  230. package/dist/server/api-client-core/apis/crm/exports-types.generated.d.ts +0 -281
  231. package/dist/server/api-client-core/apis/crm/exports.generated.d.ts +0 -7
  232. package/dist/server/api-client-core/apis/crm/exports.generated.js +0 -12
  233. package/dist/server/api-client-core/apis/crm/exports.generated.js.map +0 -1
  234. package/dist/server/api-client-core/apis/crm/feedback-submissions-types.generated.d.ts +0 -616
  235. package/dist/server/api-client-core/apis/crm/feedback-submissions.generated.d.ts +0 -7
  236. package/dist/server/api-client-core/apis/crm/feedback-submissions.generated.js +0 -55
  237. package/dist/server/api-client-core/apis/crm/feedback-submissions.generated.js.map +0 -1
  238. package/dist/server/api-client-core/apis/crm/fees-types.generated.d.ts +0 -850
  239. package/dist/server/api-client-core/apis/crm/fees.generated.d.ts +0 -7
  240. package/dist/server/api-client-core/apis/crm/fees.generated.js +0 -66
  241. package/dist/server/api-client-core/apis/crm/fees.generated.js.map +0 -1
  242. package/dist/server/api-client-core/apis/crm/goal-targets-types.generated.d.ts +0 -850
  243. package/dist/server/api-client-core/apis/crm/goal-targets.generated.d.ts +0 -7
  244. package/dist/server/api-client-core/apis/crm/goal-targets.generated.js +0 -66
  245. package/dist/server/api-client-core/apis/crm/goal-targets.generated.js.map +0 -1
  246. package/dist/server/api-client-core/apis/crm/imports-types.generated.d.ts +0 -371
  247. package/dist/server/api-client-core/apis/crm/imports.generated.d.ts +0 -7
  248. package/dist/server/api-client-core/apis/crm/imports.generated.js +0 -30
  249. package/dist/server/api-client-core/apis/crm/imports.generated.js.map +0 -1
  250. package/dist/server/api-client-core/apis/crm/invoices-types.generated.d.ts +0 -850
  251. package/dist/server/api-client-core/apis/crm/invoices.generated.d.ts +0 -7
  252. package/dist/server/api-client-core/apis/crm/invoices.generated.js +0 -66
  253. package/dist/server/api-client-core/apis/crm/invoices.generated.js.map +0 -1
  254. package/dist/server/api-client-core/apis/crm/leads-types.generated.d.ts +0 -850
  255. package/dist/server/api-client-core/apis/crm/leads.generated.d.ts +0 -7
  256. package/dist/server/api-client-core/apis/crm/leads.generated.js +0 -66
  257. package/dist/server/api-client-core/apis/crm/leads.generated.js.map +0 -1
  258. package/dist/server/api-client-core/apis/crm/limits-tracking-types.generated.d.ts +0 -331
  259. package/dist/server/api-client-core/apis/crm/limits-tracking.generated.d.ts +0 -7
  260. package/dist/server/api-client-core/apis/crm/limits-tracking.generated.js +0 -22
  261. package/dist/server/api-client-core/apis/crm/limits-tracking.generated.js.map +0 -1
  262. package/dist/server/api-client-core/apis/crm/line-items-types.generated.d.ts +0 -850
  263. package/dist/server/api-client-core/apis/crm/line-items.generated.d.ts +0 -7
  264. package/dist/server/api-client-core/apis/crm/line-items.generated.js +0 -66
  265. package/dist/server/api-client-core/apis/crm/line-items.generated.js.map +0 -1
  266. package/dist/server/api-client-core/apis/crm/listings-types.generated.d.ts +0 -853
  267. package/dist/server/api-client-core/apis/crm/listings.generated.d.ts +0 -7
  268. package/dist/server/api-client-core/apis/crm/listings.generated.js +0 -66
  269. package/dist/server/api-client-core/apis/crm/listings.generated.js.map +0 -1
  270. package/dist/server/api-client-core/apis/crm/lists-types.generated.d.ts +0 -2265
  271. package/dist/server/api-client-core/apis/crm/lists.generated.d.ts +0 -7
  272. package/dist/server/api-client-core/apis/crm/lists.generated.js +0 -105
  273. package/dist/server/api-client-core/apis/crm/lists.generated.js.map +0 -1
  274. package/dist/server/api-client-core/apis/crm/meetings-types.generated.d.ts +0 -850
  275. package/dist/server/api-client-core/apis/crm/meetings.generated.d.ts +0 -7
  276. package/dist/server/api-client-core/apis/crm/meetings.generated.js +0 -66
  277. package/dist/server/api-client-core/apis/crm/meetings.generated.js.map +0 -1
  278. package/dist/server/api-client-core/apis/crm/notes-types.generated.d.ts +0 -850
  279. package/dist/server/api-client-core/apis/crm/notes.generated.d.ts +0 -7
  280. package/dist/server/api-client-core/apis/crm/notes.generated.js +0 -66
  281. package/dist/server/api-client-core/apis/crm/notes.generated.js.map +0 -1
  282. package/dist/server/api-client-core/apis/crm/object-library-types.generated.d.ts +0 -60
  283. package/dist/server/api-client-core/apis/crm/object-library.generated.d.ts +0 -7
  284. package/dist/server/api-client-core/apis/crm/object-library.generated.js +0 -9
  285. package/dist/server/api-client-core/apis/crm/object-library.generated.js.map +0 -1
  286. package/dist/server/api-client-core/apis/crm/objects-types.generated.d.ts +0 -712
  287. package/dist/server/api-client-core/apis/crm/objects.generated.d.ts +0 -7
  288. package/dist/server/api-client-core/apis/crm/objects.generated.js +0 -76
  289. package/dist/server/api-client-core/apis/crm/objects.generated.js.map +0 -1
  290. package/dist/server/api-client-core/apis/crm/orders-types.generated.d.ts +0 -850
  291. package/dist/server/api-client-core/apis/crm/orders.generated.d.ts +0 -7
  292. package/dist/server/api-client-core/apis/crm/orders.generated.js +0 -66
  293. package/dist/server/api-client-core/apis/crm/orders.generated.js.map +0 -1
  294. package/dist/server/api-client-core/apis/crm/partner-clients-types.generated.d.ts +0 -725
  295. package/dist/server/api-client-core/apis/crm/partner-clients.generated.d.ts +0 -7
  296. package/dist/server/api-client-core/apis/crm/partner-clients.generated.js +0 -71
  297. package/dist/server/api-client-core/apis/crm/partner-clients.generated.js.map +0 -1
  298. package/dist/server/api-client-core/apis/crm/partner-services-types.generated.d.ts +0 -725
  299. package/dist/server/api-client-core/apis/crm/partner-services.generated.d.ts +0 -7
  300. package/dist/server/api-client-core/apis/crm/partner-services.generated.js +0 -71
  301. package/dist/server/api-client-core/apis/crm/partner-services.generated.js.map +0 -1
  302. package/dist/server/api-client-core/apis/crm/pipelines-types.generated.d.ts +0 -430
  303. package/dist/server/api-client-core/apis/crm/pipelines.generated.d.ts +0 -7
  304. package/dist/server/api-client-core/apis/crm/pipelines.generated.js +0 -94
  305. package/dist/server/api-client-core/apis/crm/pipelines.generated.js.map +0 -1
  306. package/dist/server/api-client-core/apis/crm/postal-mail-types.generated.d.ts +0 -844
  307. package/dist/server/api-client-core/apis/crm/postal-mail.generated.d.ts +0 -7
  308. package/dist/server/api-client-core/apis/crm/postal-mail.generated.js +0 -66
  309. package/dist/server/api-client-core/apis/crm/postal-mail.generated.js.map +0 -1
  310. package/dist/server/api-client-core/apis/crm/products-types.generated.d.ts +0 -850
  311. package/dist/server/api-client-core/apis/crm/products.generated.d.ts +0 -7
  312. package/dist/server/api-client-core/apis/crm/products.generated.js +0 -66
  313. package/dist/server/api-client-core/apis/crm/products.generated.js.map +0 -1
  314. package/dist/server/api-client-core/apis/crm/projects-types.generated.d.ts +0 -881
  315. package/dist/server/api-client-core/apis/crm/projects.generated.d.ts +0 -7
  316. package/dist/server/api-client-core/apis/crm/projects.generated.js +0 -67
  317. package/dist/server/api-client-core/apis/crm/projects.generated.js.map +0 -1
  318. package/dist/server/api-client-core/apis/crm/properties-types.generated.d.ts +0 -603
  319. package/dist/server/api-client-core/apis/crm/properties.generated.d.ts +0 -7
  320. package/dist/server/api-client-core/apis/crm/properties.generated.js +0 -86
  321. package/dist/server/api-client-core/apis/crm/properties.generated.js.map +0 -1
  322. package/dist/server/api-client-core/apis/crm/property-validations-types.generated.d.ts +0 -121
  323. package/dist/server/api-client-core/apis/crm/property-validations.generated.d.ts +0 -7
  324. package/dist/server/api-client-core/apis/crm/property-validations.generated.js +0 -25
  325. package/dist/server/api-client-core/apis/crm/property-validations.generated.js.map +0 -1
  326. package/dist/server/api-client-core/apis/crm/public-app-crm-cards-types.generated.d.ts +0 -486
  327. package/dist/server/api-client-core/apis/crm/public-app-crm-cards.generated.d.ts +0 -7
  328. package/dist/server/api-client-core/apis/crm/public-app-crm-cards.generated.js +0 -34
  329. package/dist/server/api-client-core/apis/crm/public-app-crm-cards.generated.js.map +0 -1
  330. package/dist/server/api-client-core/apis/crm/public-app-feature-flags-types.generated.d.ts +0 -247
  331. package/dist/server/api-client-core/apis/crm/public-app-feature-flags.generated.d.ts +0 -7
  332. package/dist/server/api-client-core/apis/crm/public-app-feature-flags.generated.js +0 -69
  333. package/dist/server/api-client-core/apis/crm/public-app-feature-flags.generated.js.map +0 -1
  334. package/dist/server/api-client-core/apis/crm/quotes-types.generated.d.ts +0 -850
  335. package/dist/server/api-client-core/apis/crm/quotes.generated.d.ts +0 -7
  336. package/dist/server/api-client-core/apis/crm/quotes.generated.js +0 -66
  337. package/dist/server/api-client-core/apis/crm/quotes.generated.js.map +0 -1
  338. package/dist/server/api-client-core/apis/crm/schemas-types.generated.d.ts +0 -669
  339. package/dist/server/api-client-core/apis/crm/schemas.generated.d.ts +0 -7
  340. package/dist/server/api-client-core/apis/crm/schemas.generated.js +0 -41
  341. package/dist/server/api-client-core/apis/crm/schemas.generated.js.map +0 -1
  342. package/dist/server/api-client-core/apis/crm/services-types.generated.d.ts +0 -853
  343. package/dist/server/api-client-core/apis/crm/services.generated.d.ts +0 -7
  344. package/dist/server/api-client-core/apis/crm/services.generated.js +0 -66
  345. package/dist/server/api-client-core/apis/crm/services.generated.js.map +0 -1
  346. package/dist/server/api-client-core/apis/crm/tasks-types.generated.d.ts +0 -850
  347. package/dist/server/api-client-core/apis/crm/tasks.generated.d.ts +0 -7
  348. package/dist/server/api-client-core/apis/crm/tasks.generated.js +0 -66
  349. package/dist/server/api-client-core/apis/crm/tasks.generated.js.map +0 -1
  350. package/dist/server/api-client-core/apis/crm/taxes-types.generated.d.ts +0 -850
  351. package/dist/server/api-client-core/apis/crm/taxes.generated.d.ts +0 -7
  352. package/dist/server/api-client-core/apis/crm/taxes.generated.js +0 -66
  353. package/dist/server/api-client-core/apis/crm/taxes.generated.js.map +0 -1
  354. package/dist/server/api-client-core/apis/crm/tickets-types.generated.d.ts +0 -884
  355. package/dist/server/api-client-core/apis/crm/tickets.generated.d.ts +0 -7
  356. package/dist/server/api-client-core/apis/crm/tickets.generated.js +0 -67
  357. package/dist/server/api-client-core/apis/crm/tickets.generated.js.map +0 -1
  358. package/dist/server/api-client-core/apis/crm/timeline-types.generated.d.ts +0 -187
  359. package/dist/server/api-client-core/apis/crm/timeline.generated.d.ts +0 -7
  360. package/dist/server/api-client-core/apis/crm/timeline.generated.js +0 -12
  361. package/dist/server/api-client-core/apis/crm/timeline.generated.js.map +0 -1
  362. package/dist/server/api-client-core/apis/crm/transcriptions-types.generated.d.ts +0 -152
  363. package/dist/server/api-client-core/apis/crm/transcriptions.generated.d.ts +0 -7
  364. package/dist/server/api-client-core/apis/crm/transcriptions.generated.js +0 -15
  365. package/dist/server/api-client-core/apis/crm/transcriptions.generated.js.map +0 -1
  366. package/dist/server/api-client-core/apis/crm/users-types.generated.d.ts +0 -850
  367. package/dist/server/api-client-core/apis/crm/users.generated.d.ts +0 -7
  368. package/dist/server/api-client-core/apis/crm/users.generated.js +0 -66
  369. package/dist/server/api-client-core/apis/crm/users.generated.js.map +0 -1
  370. package/dist/server/api-client-core/apis/crm/video-conferencing-extension-types.generated.d.ts +0 -72
  371. package/dist/server/api-client-core/apis/crm/video-conferencing-extension.generated.d.ts +0 -7
  372. package/dist/server/api-client-core/apis/crm/video-conferencing-extension.generated.js +0 -13
  373. package/dist/server/api-client-core/apis/crm/video-conferencing-extension.generated.js.map +0 -1
  374. package/dist/server/api-client-core/apis/events/manage-event-definitions-types.generated.d.ts +0 -1005
  375. package/dist/server/api-client-core/apis/events/manage-event-definitions.generated.d.ts +0 -7
  376. package/dist/server/api-client-core/apis/events/manage-event-definitions.generated.js +0 -39
  377. package/dist/server/api-client-core/apis/events/manage-event-definitions.generated.js.map +0 -1
  378. package/dist/server/api-client-core/apis/events/send-event-completions-types.generated.d.ts +0 -94
  379. package/dist/server/api-client-core/apis/events/send-event-completions.generated.d.ts +0 -7
  380. package/dist/server/api-client-core/apis/events/send-event-completions.generated.js +0 -9
  381. package/dist/server/api-client-core/apis/events/send-event-completions.generated.js.map +0 -1
  382. package/dist/server/api-client-core/apis/events-types.generated.d.ts +0 -137
  383. package/dist/server/api-client-core/apis/events.generated.d.ts +0 -7
  384. package/dist/server/api-client-core/apis/events.generated.js +0 -23
  385. package/dist/server/api-client-core/apis/events.generated.js.map +0 -1
  386. package/dist/server/api-client-core/apis/files-types.generated.d.ts +0 -791
  387. package/dist/server/api-client-core/apis/files.generated.d.ts +0 -7
  388. package/dist/server/api-client-core/apis/files.generated.js +0 -119
  389. package/dist/server/api-client-core/apis/files.generated.js.map +0 -1
  390. package/dist/server/api-client-core/apis/marketing/campaigns-public-api-types.generated.d.ts +0 -989
  391. package/dist/server/api-client-core/apis/marketing/campaigns-public-api.generated.d.ts +0 -7
  392. package/dist/server/api-client-core/apis/marketing/campaigns-public-api.generated.js +0 -139
  393. package/dist/server/api-client-core/apis/marketing/campaigns-public-api.generated.js.map +0 -1
  394. package/dist/server/api-client-core/apis/marketing/marketing-emails-types.generated.d.ts +0 -883
  395. package/dist/server/api-client-core/apis/marketing/marketing-emails.generated.d.ts +0 -7
  396. package/dist/server/api-client-core/apis/marketing/marketing-emails.generated.js +0 -108
  397. package/dist/server/api-client-core/apis/marketing/marketing-emails.generated.js.map +0 -1
  398. package/dist/server/api-client-core/apis/marketing/marketing-events-types.generated.d.ts +0 -1788
  399. package/dist/server/api-client-core/apis/marketing/marketing-events.generated.d.ts +0 -7
  400. package/dist/server/api-client-core/apis/marketing/marketing-events.generated.js +0 -176
  401. package/dist/server/api-client-core/apis/marketing/marketing-events.generated.js.map +0 -1
  402. package/dist/server/api-client-core/apis/marketing/single-send-types.generated.d.ts +0 -123
  403. package/dist/server/api-client-core/apis/marketing/single-send.generated.d.ts +0 -7
  404. package/dist/server/api-client-core/apis/marketing/single-send.generated.js +0 -6
  405. package/dist/server/api-client-core/apis/marketing/single-send.generated.js.map +0 -1
  406. package/dist/server/api-client-core/apis/marketing/transactional-single-send-types.generated.d.ts +0 -257
  407. package/dist/server/api-client-core/apis/marketing/transactional-single-send.generated.d.ts +0 -7
  408. package/dist/server/api-client-core/apis/marketing/transactional-single-send.generated.js +0 -20
  409. package/dist/server/api-client-core/apis/marketing/transactional-single-send.generated.js.map +0 -1
  410. package/dist/server/api-client-core/apis/meta/origins-types.generated.d.ts +0 -77
  411. package/dist/server/api-client-core/apis/meta/origins.generated.d.ts +0 -7
  412. package/dist/server/api-client-core/apis/meta/origins.generated.js +0 -15
  413. package/dist/server/api-client-core/apis/meta/origins.generated.js.map +0 -1
  414. package/dist/server/api-client-core/apis/scheduler/meetings-types.generated.d.ts +0 -913
  415. package/dist/server/api-client-core/apis/scheduler/meetings.generated.d.ts +0 -7
  416. package/dist/server/api-client-core/apis/scheduler/meetings.generated.js +0 -34
  417. package/dist/server/api-client-core/apis/scheduler/meetings.generated.js.map +0 -1
  418. package/dist/server/api-client-core/apis/settings/multicurrency-types.generated.d.ts +0 -404
  419. package/dist/server/api-client-core/apis/settings/multicurrency.generated.d.ts +0 -7
  420. package/dist/server/api-client-core/apis/settings/multicurrency.generated.js +0 -38
  421. package/dist/server/api-client-core/apis/settings/multicurrency.generated.js.map +0 -1
  422. package/dist/server/api-client-core/apis/settings/tax-rates-types.generated.d.ts +0 -111
  423. package/dist/server/api-client-core/apis/settings/tax-rates.generated.d.ts +0 -7
  424. package/dist/server/api-client-core/apis/settings/tax-rates.generated.js +0 -13
  425. package/dist/server/api-client-core/apis/settings/tax-rates.generated.js.map +0 -1
  426. package/dist/server/api-client-core/apis/settings/user-provisioning-types.generated.d.ts +0 -297
  427. package/dist/server/api-client-core/apis/settings/user-provisioning.generated.d.ts +0 -7
  428. package/dist/server/api-client-core/apis/settings/user-provisioning.generated.js +0 -31
  429. package/dist/server/api-client-core/apis/settings/user-provisioning.generated.js.map +0 -1
  430. package/dist/server/api-client-core/apis/webhooks-journal-types.generated.d.ts +0 -643
  431. package/dist/server/api-client-core/apis/webhooks-journal.generated.d.ts +0 -7
  432. package/dist/server/api-client-core/apis/webhooks-journal.generated.js +0 -75
  433. package/dist/server/api-client-core/apis/webhooks-journal.generated.js.map +0 -1
  434. package/dist/server/api-client-core/apis/webhooks-types.generated.d.ts +0 -1016
  435. package/dist/server/api-client-core/apis/webhooks.generated.d.ts +0 -7
  436. package/dist/server/api-client-core/apis/webhooks.generated.js +0 -105
  437. package/dist/server/api-client-core/apis/webhooks.generated.js.map +0 -1
  438. package/dist/server/api-client-core/binary-data.d.ts +0 -33
  439. package/dist/server/api-client-core/binary-data.js +0 -29
  440. package/dist/server/api-client-core/binary-data.js.map +0 -1
  441. package/dist/server/api-client-core/client.d.ts +0 -14
  442. package/dist/server/api-client-core/client.js.map +0 -1
  443. package/dist/server/api-client-core/codegen-helpers/file-op-wrappers.js +0 -25
  444. package/dist/server/api-client-core/codegen-helpers/file-op-wrappers.js.map +0 -1
  445. package/dist/server/api-client-core/errors.d.ts +0 -27
  446. package/dist/server/api-client-core/errors.js +0 -33
  447. package/dist/server/api-client-core/errors.js.map +0 -1
  448. package/dist/server/api-client-core/op.d.ts +0 -37
  449. package/dist/server/api-client-core/op.js +0 -44
  450. package/dist/server/api-client-core/op.js.map +0 -1
  451. package/dist/server/api-client-core/pagination.d.ts +0 -60
  452. package/dist/server/api-client-core/pagination.js +0 -103
  453. package/dist/server/api-client-core/pagination.js.map +0 -1
  454. package/dist/server/api-client-core/plugins/fetch-transport.js +0 -72
  455. package/dist/server/api-client-core/plugins/fetch-transport.js.map +0 -1
  456. package/dist/server/constants.js +0 -46
  457. package/dist/server/constants.js.map +0 -1
  458. package/dist/server/deno/start.d.ts +0 -12
  459. package/dist/server/deno/start.js +0 -21
  460. package/dist/server/deno/start.js.map +0 -1
  461. package/dist/server/hono/hono-request-handler.js +0 -54
  462. package/dist/server/hono/hono-request-handler.js.map +0 -1
  463. package/dist/server/hono/hubspot-connect-routes/auth-callback.js +0 -125
  464. package/dist/server/hono/hubspot-connect-routes/auth-callback.js.map +0 -1
  465. package/dist/server/hono/hubspot-connect-routes/auth-init-session.js +0 -90
  466. package/dist/server/hono/hubspot-connect-routes/auth-init-session.js.map +0 -1
  467. package/dist/server/hono/hubspot-connect-routes/auth-logout.js +0 -97
  468. package/dist/server/hono/hubspot-connect-routes/auth-logout.js.map +0 -1
  469. package/dist/server/hono/hubspot-connect-routes/auth-refresh.js +0 -101
  470. package/dist/server/hono/hubspot-connect-routes/auth-refresh.js.map +0 -1
  471. package/dist/server/hono/hubspot-connect-routes/cimd-client-metadata-types.d.ts +0 -16
  472. package/dist/server/hono/hubspot-connect-routes/cimd-client-metadata-types.js +0 -13
  473. package/dist/server/hono/hubspot-connect-routes/cimd-client-metadata-types.js.map +0 -1
  474. package/dist/server/hono/hubspot-connect-routes/cimd-public-routes.js +0 -42
  475. package/dist/server/hono/hubspot-connect-routes/cimd-public-routes.js.map +0 -1
  476. package/dist/server/hono/hubspot-connect-routes/constants.js +0 -8
  477. package/dist/server/hono/hubspot-connect-routes/constants.js.map +0 -1
  478. package/dist/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.js +0 -43
  479. package/dist/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.js.map +0 -1
  480. package/dist/server/hono/hubspot-connect-routes/hubspot-connect-routes.js +0 -35
  481. package/dist/server/hono/hubspot-connect-routes/hubspot-connect-routes.js.map +0 -1
  482. package/dist/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.js +0 -34
  483. package/dist/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.js.map +0 -1
  484. package/dist/server/hono/hubspot-connect-routes/oauth-client.js +0 -104
  485. package/dist/server/hono/hubspot-connect-routes/oauth-client.js.map +0 -1
  486. package/dist/server/hono/hubspot-connect-routes/utils.js +0 -73
  487. package/dist/server/hono/hubspot-connect-routes/utils.js.map +0 -1
  488. package/dist/server/hono/index.js +0 -4
  489. package/dist/server/hono/types.d.ts +0 -28
  490. package/dist/server/hono/utils/cookie-utils.js +0 -29
  491. package/dist/server/hono/utils/cookie-utils.js.map +0 -1
  492. package/dist/server/import-app-keys.js +0 -42
  493. package/dist/server/import-app-keys.js.map +0 -1
  494. package/dist/server/lovable/create-app-function-start.d.ts +0 -26
  495. package/dist/server/lovable/create-app-function-start.js +0 -28
  496. package/dist/server/lovable/create-app-function-start.js.map +0 -1
  497. package/dist/server/lovable/hubspot-connect/index.d.ts +0 -15
  498. package/dist/server/lovable/hubspot-connect/index.js +0 -20
  499. package/dist/server/lovable/hubspot-connect/index.js.map +0 -1
  500. package/dist/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.js +0 -29
  501. package/dist/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.js.map +0 -1
  502. package/dist/server/proxy.js +0 -68
  503. package/dist/server/proxy.js.map +0 -1
  504. package/dist/server/sanitize-request.js +0 -41
  505. package/dist/server/sanitize-request.js.map +0 -1
  506. package/dist/server/secure-start-core.d.ts +0 -23
  507. package/dist/server/secure-start-core.js +0 -28
  508. package/dist/server/secure-start-core.js.map +0 -1
  509. package/dist/server/shared/constants.js +0 -17
  510. package/dist/server/shared/constants.js.map +0 -1
  511. package/dist/server/shared/encoding/base64.js +0 -45
  512. package/dist/server/shared/encoding/base64.js.map +0 -1
  513. package/dist/server/shared/encoding/sha256.d.ts +0 -10
  514. package/dist/server/shared/encoding/sha256.js +0 -15
  515. package/dist/server/shared/encoding/sha256.js.map +0 -1
  516. package/dist/server/shared/logger.d.ts +0 -15
  517. package/dist/server/shared/logger.js +0 -16
  518. package/dist/server/shared/logger.js.map +0 -1
  519. package/dist/server/utils/cookie-utils.js +0 -21
  520. package/dist/server/utils/cookie-utils.js.map +0 -1
  521. package/dist/server/utils/dpop-utils.d.ts +0 -67
  522. package/dist/server/utils/dpop-utils.js +0 -75
  523. package/dist/server/utils/dpop-utils.js.map +0 -1
  524. package/dist/server/utils/env-utils.js +0 -54
  525. package/dist/server/utils/env-utils.js.map +0 -1
  526. package/dist/server/utils/jwk-utils.d.ts +0 -16
  527. package/dist/server/utils/jwk-utils.js +0 -24
  528. package/dist/server/utils/jwk-utils.js.map +0 -1
  529. package/dist/server/utils/jwt-utils.d.ts +0 -39
  530. package/dist/server/utils/jwt-utils.js +0 -87
  531. package/dist/server/utils/jwt-utils.js.map +0 -1
  532. package/src/server/hono/hubspot-connect-routes/auth-callback.test.ts +0 -225
@@ -1,72 +0,0 @@
1
- import { isBinaryData } from "../binary-data.js";
2
- //#region src/server/api-client-core/plugins/fetch-transport.ts
3
- const BASE_URL = "https://api.hubapi.com";
4
- function appendRecordToUrlSearchParams(params, record) {
5
- for (const [key, value] of Object.entries(record)) {
6
- if (value == null) continue;
7
- if (Array.isArray(value)) for (const item of value) params.append(key, String(item));
8
- else params.append(key, String(value));
9
- }
10
- }
11
- /**
12
- * Transport plugin that executes HTTP requests using the Fetch API.
13
- *
14
- * This is the terminal middleware in the chain — it builds the actual HTTP
15
- * request from the operation descriptor and returns a normalized response.
16
- * It handles path-parameter interpolation, query-string serialization,
17
- * Bearer-token auth, and content-type negotiation (JSON, form-urlencoded, multipart).
18
- */
19
- function fetchTransportPlugin(options) {
20
- return { activate(api) {
21
- api.addMiddleware(async (ctx) => {
22
- const { operation } = ctx;
23
- let url = `${BASE_URL}${operation.path}`;
24
- if (operation.pathParams) for (const [key, value] of Object.entries(operation.pathParams)) url = url.replace(`{${key}}`, encodeURIComponent(String(value)));
25
- if (operation.queryParams) {
26
- const params = new URLSearchParams();
27
- appendRecordToUrlSearchParams(params, operation.queryParams);
28
- const qs = params.toString();
29
- if (qs) url += `?${qs}`;
30
- }
31
- const headers = {
32
- ...operation.headers ?? {},
33
- Authorization: `Bearer ${options.getAccessToken()}`
34
- };
35
- const init = {
36
- method: operation.method.toUpperCase(),
37
- headers
38
- };
39
- if (operation.contentType === "multipart/form-data" && operation.body) {
40
- const formData = new FormData();
41
- for (const [key, value] of Object.entries(operation.body)) {
42
- if (value == null) continue;
43
- if (isBinaryData(value)) formData.append(key, value.source);
44
- else formData.append(key, String(value));
45
- }
46
- init.body = formData;
47
- } else if (operation.contentType === "application/x-www-form-urlencoded") {
48
- headers["Content-Type"] = "application/x-www-form-urlencoded";
49
- if (operation.body) {
50
- const params = new URLSearchParams();
51
- appendRecordToUrlSearchParams(params, operation.body);
52
- const encoded = params.toString();
53
- if (encoded) init.body = encoded;
54
- }
55
- } else {
56
- headers["Content-Type"] = "application/json";
57
- if (operation.body) init.body = JSON.stringify(operation.body);
58
- }
59
- const response = await fetch(url, init);
60
- return {
61
- status: response.status,
62
- statusText: response.statusText,
63
- headers: Object.fromEntries(response.headers.entries()),
64
- bodyJson: response.status === 204 ? void 0 : await response.json()
65
- };
66
- });
67
- } };
68
- }
69
- //#endregion
70
- export { fetchTransportPlugin };
71
-
72
- //# sourceMappingURL=fetch-transport.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"fetch-transport.js","names":[],"sources":["../../../../src/server/api-client-core/plugins/fetch-transport.ts"],"sourcesContent":["import { isBinaryData } from '../binary-data.ts';\nimport type { Plugin } from '../types.ts';\n\nconst BASE_URL = 'https://api.hubapi.com';\n\nexport interface FetchTransportPluginOptions {\n getAccessToken: () => string;\n}\n\nfunction appendRecordToUrlSearchParams(\n params: URLSearchParams,\n record: Record<string, unknown>\n): void {\n for (const [key, value] of Object.entries(record)) {\n if (value == null) continue;\n if (Array.isArray(value)) {\n for (const item of value) {\n params.append(key, String(item as string));\n }\n } else {\n params.append(key, String(value));\n }\n }\n}\n\n/**\n * Transport plugin that executes HTTP requests using the Fetch API.\n *\n * This is the terminal middleware in the chain — it builds the actual HTTP\n * request from the operation descriptor and returns a normalized response.\n * It handles path-parameter interpolation, query-string serialization,\n * Bearer-token auth, and content-type negotiation (JSON, form-urlencoded, multipart).\n */\nexport function fetchTransportPlugin(\n options: FetchTransportPluginOptions\n): Plugin {\n return {\n activate(api) {\n api.addMiddleware(async (ctx) => {\n const { operation } = ctx;\n\n // Interpolate path parameters (e.g. \"/contacts/{contactId}\" → \"/contacts/123\")\n let url = `${BASE_URL}${operation.path}`;\n if (operation.pathParams) {\n for (const [key, value] of Object.entries(operation.pathParams)) {\n url = url.replace(`{${key}}`, encodeURIComponent(String(value)));\n }\n }\n\n // Serialize query parameters, supporting repeated keys for array values\n if (operation.queryParams) {\n const params = new URLSearchParams();\n appendRecordToUrlSearchParams(params, operation.queryParams);\n const qs = params.toString();\n if (qs) url += `?${qs}`;\n }\n\n const headers: Record<string, string> = {\n ...(operation.headers ?? {}),\n Authorization: `Bearer ${options.getAccessToken()}`,\n };\n\n const init: RequestInit = {\n method: operation.method.toUpperCase(),\n headers,\n };\n\n // For file uploads the API expects multipart/form-data; BinaryData\n // values are appended as Blobs while everything else is stringified.\n // Form bodies use application/x-www-form-urlencoded. Otherwise JSON.\n if (operation.contentType === 'multipart/form-data' && operation.body) {\n const formData = new FormData();\n for (const [key, value] of Object.entries(\n operation.body as Record<string, unknown>\n )) {\n if (value == null) continue;\n if (isBinaryData(value)) {\n formData.append(key, value.source as Blob);\n } else {\n formData.append(key, String(value));\n }\n }\n init.body = formData;\n } else if (\n operation.contentType === 'application/x-www-form-urlencoded'\n ) {\n headers['Content-Type'] = 'application/x-www-form-urlencoded';\n if (operation.body) {\n const params = new URLSearchParams();\n appendRecordToUrlSearchParams(\n params,\n operation.body as Record<string, unknown>\n );\n const encoded = params.toString();\n if (encoded) init.body = encoded;\n }\n } else {\n headers['Content-Type'] = 'application/json';\n if (operation.body) {\n init.body = JSON.stringify(operation.body);\n }\n }\n const response = await fetch(url, init);\n\n return {\n status: response.status,\n statusText: response.statusText,\n headers: Object.fromEntries(response.headers.entries()),\n // 204 No Content responses have no body to parse\n bodyJson: response.status === 204 ? undefined : await response.json(),\n };\n });\n },\n };\n}\n"],"mappings":";;AAGA,MAAM,WAAW;AAMjB,SAAS,8BACP,QACA,QACM;CACN,KAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,OAAO,EAAE;EACjD,IAAI,SAAS,MAAM;EACnB,IAAI,MAAM,QAAQ,MAAM,EACtB,KAAK,MAAM,QAAQ,OACjB,OAAO,OAAO,KAAK,OAAO,KAAe,CAAC;OAG5C,OAAO,OAAO,KAAK,OAAO,MAAM,CAAC;;;;;;;;;;;AAavC,SAAgB,qBACd,SACQ;CACR,OAAO,EACL,SAAS,KAAK;EACZ,IAAI,cAAc,OAAO,QAAQ;GAC/B,MAAM,EAAE,cAAc;GAGtB,IAAI,MAAM,GAAG,WAAW,UAAU;GAClC,IAAI,UAAU,YACZ,KAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,UAAU,WAAW,EAC7D,MAAM,IAAI,QAAQ,IAAI,IAAI,IAAI,mBAAmB,OAAO,MAAM,CAAC,CAAC;GAKpE,IAAI,UAAU,aAAa;IACzB,MAAM,SAAS,IAAI,iBAAiB;IACpC,8BAA8B,QAAQ,UAAU,YAAY;IAC5D,MAAM,KAAK,OAAO,UAAU;IAC5B,IAAI,IAAI,OAAO,IAAI;;GAGrB,MAAM,UAAkC;IACtC,GAAI,UAAU,WAAW,EAAE;IAC3B,eAAe,UAAU,QAAQ,gBAAgB;IAClD;GAED,MAAM,OAAoB;IACxB,QAAQ,UAAU,OAAO,aAAa;IACtC;IACD;GAKD,IAAI,UAAU,gBAAgB,yBAAyB,UAAU,MAAM;IACrE,MAAM,WAAW,IAAI,UAAU;IAC/B,KAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAChC,UAAU,KACX,EAAE;KACD,IAAI,SAAS,MAAM;KACnB,IAAI,aAAa,MAAM,EACrB,SAAS,OAAO,KAAK,MAAM,OAAe;UAE1C,SAAS,OAAO,KAAK,OAAO,MAAM,CAAC;;IAGvC,KAAK,OAAO;UACP,IACL,UAAU,gBAAgB,qCAC1B;IACA,QAAQ,kBAAkB;IAC1B,IAAI,UAAU,MAAM;KAClB,MAAM,SAAS,IAAI,iBAAiB;KACpC,8BACE,QACA,UAAU,KACX;KACD,MAAM,UAAU,OAAO,UAAU;KACjC,IAAI,SAAS,KAAK,OAAO;;UAEtB;IACL,QAAQ,kBAAkB;IAC1B,IAAI,UAAU,MACZ,KAAK,OAAO,KAAK,UAAU,UAAU,KAAK;;GAG9C,MAAM,WAAW,MAAM,MAAM,KAAK,KAAK;GAEvC,OAAO;IACL,QAAQ,SAAS;IACjB,YAAY,SAAS;IACrB,SAAS,OAAO,YAAY,SAAS,QAAQ,SAAS,CAAC;IAEvD,UAAU,SAAS,WAAW,MAAM,KAAA,IAAY,MAAM,SAAS,MAAM;IACtE;IACD;IAEL"}
@@ -1,46 +0,0 @@
1
- //#region src/server/constants.ts
2
- /**
3
- * Cookie name carrying the DPoP-bound access token. Uses the
4
- * `__Host-` prefix so the browser only accepts it from a `Secure`
5
- * response with `Path=/` — a defense-in-depth against subdomain
6
- * cookie injection.
7
- */
8
- const HUBSPOT_ACCESS_TOKEN_COOKIE_NAME = "__Host-hs_access_token";
9
- /**
10
- * Cookie carrying the opaque app-session ID. Hashed before being put
11
- * on the wire as a DPoP `sid` claim.
12
- */
13
- const HUBSPOT_APP_SID_COOKIE_NAME = "__Host-hs_app_sid";
14
- /**
15
- * Prefix used for refresh-token cookies. Each session gets its own
16
- * cookie name (`hs_refresh_<sidHash>`) so multiple devices/tabs can
17
- * coexist without overwriting each other's refresh tokens.
18
- */
19
- const HUBSPOT_REFRESH_COOKIE_PREFIX = "hs_refresh_";
20
- const PROTECTED_COOKIE_NAMES = new Set([HUBSPOT_ACCESS_TOKEN_COOKIE_NAME, HUBSPOT_APP_SID_COOKIE_NAME]);
21
- /**
22
- * Returns `true` for cookies the SDK manages internally
23
- * (access token, session ID, any refresh-token cookie). The
24
- * `sanitizeRequest` helper uses this to strip these cookies from the
25
- * request before user code sees it, ensuring user route handlers
26
- * cannot accidentally leak them in logs or proxy them upstream.
27
- */
28
- function isProtectedCookieName(cookieName) {
29
- return PROTECTED_COOKIE_NAMES.has(cookieName) || cookieName.startsWith("hs_refresh_");
30
- }
31
- /**
32
- * Cookie carrying the PKCE code verifier between `init-session` and
33
- * `callback`. `Lax` SameSite so it accompanies the redirect back from
34
- * HubSpot.
35
- */
36
- const TEMP_COOKIE_PKCE_VERIFIER = "__hs_pkce_verifier";
37
- /**
38
- * Cookie carrying the OAuth `state` value between `init-session` and
39
- * `callback`. Compared against the `state` query parameter as the
40
- * primary CSRF defense.
41
- */
42
- const TEMP_COOKIE_OAUTH_STATE = "__hs_oauth_state";
43
- //#endregion
44
- export { HUBSPOT_ACCESS_TOKEN_COOKIE_NAME, HUBSPOT_APP_SID_COOKIE_NAME, HUBSPOT_REFRESH_COOKIE_PREFIX, TEMP_COOKIE_OAUTH_STATE, TEMP_COOKIE_PKCE_VERIFIER, isProtectedCookieName };
45
-
46
- //# sourceMappingURL=constants.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"constants.js","names":[],"sources":["../../src/server/constants.ts"],"sourcesContent":["/**\n * Cookie name carrying the DPoP-bound access token. Uses the\n * `__Host-` prefix so the browser only accepts it from a `Secure`\n * response with `Path=/` — a defense-in-depth against subdomain\n * cookie injection.\n */\nexport const HUBSPOT_ACCESS_TOKEN_COOKIE_NAME = '__Host-hs_access_token';\n\n/**\n * Cookie carrying the opaque app-session ID. Hashed before being put\n * on the wire as a DPoP `sid` claim.\n */\nexport const HUBSPOT_APP_SID_COOKIE_NAME = '__Host-hs_app_sid';\n\n/**\n * Prefix used for refresh-token cookies. Each session gets its own\n * cookie name (`hs_refresh_<sidHash>`) so multiple devices/tabs can\n * coexist without overwriting each other's refresh tokens.\n */\nexport const HUBSPOT_REFRESH_COOKIE_PREFIX = 'hs_refresh_';\n\nconst PROTECTED_COOKIE_NAMES = new Set([\n HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,\n HUBSPOT_APP_SID_COOKIE_NAME,\n]);\n\n/**\n * Returns `true` for cookies the SDK manages internally\n * (access token, session ID, any refresh-token cookie). The\n * `sanitizeRequest` helper uses this to strip these cookies from the\n * request before user code sees it, ensuring user route handlers\n * cannot accidentally leak them in logs or proxy them upstream.\n */\nexport function isProtectedCookieName(cookieName: string): boolean {\n return (\n PROTECTED_COOKIE_NAMES.has(cookieName) ||\n cookieName.startsWith(HUBSPOT_REFRESH_COOKIE_PREFIX)\n );\n}\n\n/**\n * Cookie carrying the PKCE code verifier between `init-session` and\n * `callback`. `Lax` SameSite so it accompanies the redirect back from\n * HubSpot.\n */\nexport const TEMP_COOKIE_PKCE_VERIFIER = '__hs_pkce_verifier';\n\n/**\n * Cookie carrying the OAuth `state` value between `init-session` and\n * `callback`. Compared against the `state` query parameter as the\n * primary CSRF defense.\n */\nexport const TEMP_COOKIE_OAUTH_STATE = '__hs_oauth_state';\n"],"mappings":";;;;;;;AAMA,MAAa,mCAAmC;;;;;AAMhD,MAAa,8BAA8B;;;;;;AAO3C,MAAa,gCAAgC;AAE7C,MAAM,yBAAyB,IAAI,IAAI,CACrC,kCACA,4BACD,CAAC;;;;;;;;AASF,SAAgB,sBAAsB,YAA6B;CACjE,OACE,uBAAuB,IAAI,WAAW,IACtC,WAAW,WAAA,cAAyC;;;;;;;AASxD,MAAa,4BAA4B;;;;;;AAOzC,MAAa,0BAA0B"}
@@ -1,12 +0,0 @@
1
- import { SecureStartContext, SecureStartLoader } from "../secure-start-core.js";
2
-
3
- //#region src/server/deno/start.d.ts
4
- /**
5
- * Deno entrypoint helper. Reads `HUBSPOT_APP_PRIVATE_KEY` from `Deno.env`
6
- * when CIMD or DPoP is enabled, imports the supplied loader, and invokes
7
- * `start` with `AppKeys` or `null`.
8
- */
9
- declare function secureStart(loader: SecureStartLoader): Promise<void>;
10
- //#endregion
11
- export { secureStart };
12
- //# sourceMappingURL=start.d.ts.map
@@ -1,21 +0,0 @@
1
- import { runSecureStart } from "../secure-start-core.js";
2
- //#region src/server/deno/start.ts
3
- const denoSecureStartAdapter = {
4
- readEnv: (key) => Deno.env.get(key),
5
- deleteEnv: (key) => {
6
- Deno.env.delete(key);
7
- },
8
- exit: (code) => Deno.exit(code)
9
- };
10
- /**
11
- * Deno entrypoint helper. Reads `HUBSPOT_APP_PRIVATE_KEY` from `Deno.env`
12
- * when CIMD or DPoP is enabled, imports the supplied loader, and invokes
13
- * `start` with `AppKeys` or `null`.
14
- */
15
- function secureStart(loader) {
16
- return runSecureStart(loader, denoSecureStartAdapter);
17
- }
18
- //#endregion
19
- export { secureStart };
20
-
21
- //# sourceMappingURL=start.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"start.js","names":[],"sources":["../../../src/server/deno/start.ts"],"sourcesContent":["import {\n runSecureStart,\n type SecureStartAdapter,\n type SecureStartContext,\n type SecureStartLoader,\n} from '../secure-start-core.ts';\n\nexport type { SecureStartContext, SecureStartLoader };\n\nconst denoSecureStartAdapter: SecureStartAdapter = {\n readEnv: (key) => Deno.env.get(key),\n deleteEnv: (key) => {\n Deno.env.delete(key);\n },\n exit: (code) => Deno.exit(code),\n};\n\n/**\n * Deno entrypoint helper. Reads `HUBSPOT_APP_PRIVATE_KEY` from `Deno.env`\n * when CIMD or DPoP is enabled, imports the supplied loader, and invokes\n * `start` with `AppKeys` or `null`.\n */\nexport function secureStart(loader: SecureStartLoader): Promise<void> {\n return runSecureStart(loader, denoSecureStartAdapter);\n}\n"],"mappings":";;AASA,MAAM,yBAA6C;CACjD,UAAU,QAAQ,KAAK,IAAI,IAAI,IAAI;CACnC,YAAY,QAAQ;EAClB,KAAK,IAAI,OAAO,IAAI;;CAEtB,OAAO,SAAS,KAAK,KAAK,KAAK;CAChC;;;;;;AAOD,SAAgB,YAAY,QAA0C;CACpE,OAAO,eAAe,QAAQ,uBAAuB"}
@@ -1,54 +0,0 @@
1
- import { createHubSpotClient } from "../api-client-core/client.js";
2
- import { noopLogger } from "../shared/logger.js";
3
- import { fetchTransportPlugin } from "../api-client-core/plugins/fetch-transport.js";
4
- import { HUBSPOT_ACCESS_TOKEN_COOKIE_NAME, HUBSPOT_APP_SID_COOKIE_NAME } from "../constants.js";
5
- import { createHubSpotProxy } from "../proxy.js";
6
- import { parseCookies } from "../utils/cookie-utils.js";
7
- import { sanitizeRequest } from "../sanitize-request.js";
8
- import { Hono } from "hono";
9
- //#region src/server/hono/hono-request-handler.ts
10
- /**
11
- * Wraps a Hono app so its `fetch` handler additionally:
12
- *
13
- * - Strips SDK-managed cookies (access token, refresh, sid) from the
14
- * request before the app sees them, via `sanitizeRequest`.
15
- * - Exposes a `hubSpotProxy` on the Hono context so route handlers
16
- * can issue authenticated calls to HubSpot's API on behalf of the
17
- * browser session.
18
- */
19
- function createAppConnectRequestHandler(options) {
20
- const { registerRoutes, appKeys, logger = noopLogger } = options;
21
- const app = new Hono();
22
- registerRoutes(app);
23
- return (request) => {
24
- const cookie = request.headers.get("Cookie");
25
- if (!cookie) throw new Error("Missing auth cookies");
26
- const cookies = parseCookies(cookie);
27
- const accessToken = cookies[HUBSPOT_ACCESS_TOKEN_COOKIE_NAME];
28
- const sessionId = cookies[HUBSPOT_APP_SID_COOKIE_NAME];
29
- if (!accessToken || !sessionId) return new Response(null, {
30
- status: 401,
31
- statusText: "Unauthorized",
32
- headers: { "Content-Type": "application/json" }
33
- });
34
- const hubSpotProxy = createHubSpotProxy({
35
- userCredentials: {
36
- accessToken,
37
- sessionId
38
- },
39
- appKeys,
40
- logger
41
- });
42
- const hubSpotClient = createHubSpotClient({ plugins: [fetchTransportPlugin({ getAccessToken: () => accessToken })] });
43
- const sanitizedRequest = sanitizeRequest(request);
44
- const honoBindings = {
45
- hubSpotProxy,
46
- hubSpotClient
47
- };
48
- return app.fetch(sanitizedRequest, honoBindings);
49
- };
50
- }
51
- //#endregion
52
- export { createAppConnectRequestHandler };
53
-
54
- //# sourceMappingURL=hono-request-handler.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"hono-request-handler.js","names":[],"sources":["../../../src/server/hono/hono-request-handler.ts"],"sourcesContent":["import { Hono } from 'hono';\n\nimport { noopLogger, type Logger } from '../../shared/logger.ts';\nimport { createHubSpotClient } from '../api-client-core/client.ts';\nimport { fetchTransportPlugin } from '../api-client-core/plugins/fetch-transport.ts';\nimport {\n HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,\n HUBSPOT_APP_SID_COOKIE_NAME,\n} from '../constants.ts';\nimport { createHubSpotProxy } from '../proxy.ts';\nimport { sanitizeRequest } from '../sanitize-request.ts';\nimport type { AppKeys, UserCredentials } from '../types.ts';\nimport { parseCookies } from '../utils/cookie-utils.ts';\nimport type { AppConnectHonoBindings, AppConnectHonoEnv } from './types.ts';\n\n/**\n * Web-standard fetch handler signature returned by\n * {@link createAppConnectRequestHandler}.\n */\nexport type AppConnectFetchHandler = (\n request: Request\n) => Response | Promise<Response>;\n\n/**\n * Callback used to attach application routes to the SDK-owned Hono\n * app instance.\n */\nexport type RegisterAppConnectRoutesFunction = (\n app: Hono<AppConnectHonoEnv>\n) => void;\n\n/**\n * Options accepted by {@link createAppConnectRequestHandler}.\n */\nexport interface CreateAppConnectRequestHandlerOptions {\n /** Registers application routes on the SDK-owned Hono app. */\n registerRoutes: RegisterAppConnectRoutesFunction;\n /**\n * Imported app keys from `secureStart`, or `null` when CIMD and DPoP\n * are both disabled.\n */\n appKeys: AppKeys | null;\n /**\n * Optional logger. When omitted the SDK uses a no-op logger so\n * server-side state never leaks into the host application's\n * console.\n */\n logger?: Logger;\n}\n\n/**\n * Wraps a Hono app so its `fetch` handler additionally:\n *\n * - Strips SDK-managed cookies (access token, refresh, sid) from the\n * request before the app sees them, via `sanitizeRequest`.\n * - Exposes a `hubSpotProxy` on the Hono context so route handlers\n * can issue authenticated calls to HubSpot's API on behalf of the\n * browser session.\n */\nexport function createAppConnectRequestHandler(\n options: CreateAppConnectRequestHandlerOptions\n): AppConnectFetchHandler {\n const { registerRoutes, appKeys, logger = noopLogger } = options;\n const app = new Hono<AppConnectHonoEnv>();\n registerRoutes(app);\n\n return (request: Request) => {\n const cookie = request.headers.get('Cookie');\n if (!cookie) {\n throw new Error('Missing auth cookies');\n }\n const cookies = parseCookies(cookie);\n const accessToken = cookies[HUBSPOT_ACCESS_TOKEN_COOKIE_NAME];\n const sessionId = cookies[HUBSPOT_APP_SID_COOKIE_NAME];\n if (!accessToken || !sessionId) {\n // Return 401 Unauthorized\n return new Response(null, {\n status: 401,\n statusText: 'Unauthorized',\n headers: {\n 'Content-Type': 'application/json',\n },\n });\n }\n const userCredentials: UserCredentials = { accessToken, sessionId };\n\n const hubSpotProxy = createHubSpotProxy({\n userCredentials,\n appKeys,\n logger,\n });\n\n const hubSpotClient = createHubSpotClient({\n plugins: [fetchTransportPlugin({ getAccessToken: () => accessToken })],\n });\n\n const sanitizedRequest = sanitizeRequest(request);\n\n const honoBindings: AppConnectHonoBindings = {\n hubSpotProxy,\n hubSpotClient,\n };\n\n return app.fetch(sanitizedRequest, honoBindings);\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AA2DA,SAAgB,+BACd,SACwB;CACxB,MAAM,EAAE,gBAAgB,SAAS,SAAS,eAAe;CACzD,MAAM,MAAM,IAAI,MAAyB;CACzC,eAAe,IAAI;CAEnB,QAAQ,YAAqB;EAC3B,MAAM,SAAS,QAAQ,QAAQ,IAAI,SAAS;EAC5C,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,uBAAuB;EAEzC,MAAM,UAAU,aAAa,OAAO;EACpC,MAAM,cAAc,QAAQ;EAC5B,MAAM,YAAY,QAAQ;EAC1B,IAAI,CAAC,eAAe,CAAC,WAEnB,OAAO,IAAI,SAAS,MAAM;GACxB,QAAQ;GACR,YAAY;GACZ,SAAS,EACP,gBAAgB,oBACjB;GACF,CAAC;EAIJ,MAAM,eAAe,mBAAmB;GACtC,iBAAA;IAHyC;IAAa;IAGvC;GACf;GACA;GACD,CAAC;EAEF,MAAM,gBAAgB,oBAAoB,EACxC,SAAS,CAAC,qBAAqB,EAAE,sBAAsB,aAAa,CAAC,CAAC,EACvE,CAAC;EAEF,MAAM,mBAAmB,gBAAgB,QAAQ;EAEjD,MAAM,eAAuC;GAC3C;GACA;GACD;EAED,OAAO,IAAI,MAAM,kBAAkB,aAAa"}
@@ -1,125 +0,0 @@
1
- import { base64urlDecode } from "../../shared/encoding/base64.js";
2
- import { HUBSPOT_ACCESS_TOKEN_COOKIE_NAME, HUBSPOT_REFRESH_COOKIE_PREFIX, TEMP_COOKIE_OAUTH_STATE, TEMP_COOKIE_PKCE_VERIFIER } from "../../constants.js";
3
- import { parseCookies } from "../../utils/cookie-utils.js";
4
- import { EXPIRES_AT_URL_PARAM } from "../../shared/constants.js";
5
- import { serializeCookie, setResponseCookie } from "../utils/cookie-utils.js";
6
- import { REFRESH_COOKIE_MAX_AGE_SEC } from "./constants.js";
7
- import { buildClientAssertion, buildClientAssertionFormParams, buildClientSecretFormParams, buildTokenEndpointDpopProof, requestOAuthToken } from "./oauth-client.js";
8
- import { buildCimdClientIdUrlFromRequest, buildOAuthRedirectUriFromRequest, clearTempCookie, isPositiveFiniteNumber, isSafeReturnPath } from "./utils.js";
9
- //#region src/server/hono/hubspot-connect-routes/auth-callback.ts
10
- async function handleAuthCallback(c, options) {
11
- const { appKeys, refreshCookiePath, basePath, hubspotConnectEnv } = options;
12
- const xForwardedProto = c.req.header("x-forwarded-proto") ?? void 0;
13
- const xForwardedHost = c.req.header("x-forwarded-host") ?? void 0;
14
- const requestHostHeader = c.req.header("host") ?? void 0;
15
- const code = c.req.query("code");
16
- const state = c.req.query("state");
17
- if (!code || !state) return c.text("Missing code or state", 400);
18
- if (hubspotConnectEnv.isAppPrivateKeyRequired && !appKeys) return c.text("Server misconfiguration: HUBSPOT_APP_PRIVATE_KEY is required when CIMD or DPoP is enabled", 500);
19
- const cookies = parseCookies(c.req.header("Cookie"));
20
- const expectedState = cookies[TEMP_COOKIE_OAUTH_STATE];
21
- const codeVerifier = cookies[TEMP_COOKIE_PKCE_VERIFIER];
22
- if (!expectedState || state !== decodeURIComponent(expectedState)) return c.text("State mismatch", 403);
23
- if (!codeVerifier) return c.text("Missing PKCE verifier", 400);
24
- let statePayload;
25
- try {
26
- statePayload = JSON.parse(new TextDecoder().decode(base64urlDecode(decodeURIComponent(state))));
27
- } catch {
28
- return c.text("Malformed state value", 400);
29
- }
30
- const returnPath = statePayload.return_path;
31
- if (!returnPath || !isSafeReturnPath(returnPath)) return c.text("Invalid return path in state", 400);
32
- const sessionId = statePayload.sid;
33
- if (!sessionId) return c.text("Missing app session cookie", 400);
34
- const decodedCodeVerifier = decodeURIComponent(codeVerifier);
35
- const clientId = hubspotConnectEnv.isCimdEnabled ? buildCimdClientIdUrlFromRequest({
36
- requestUrl: c.req.url,
37
- basePath,
38
- xForwardedProto,
39
- xForwardedHost,
40
- requestHostHeader
41
- }) : hubspotConnectEnv.hubspotClientId;
42
- const redirectUri = buildOAuthRedirectUriFromRequest({
43
- requestUrl: c.req.url,
44
- basePath,
45
- xForwardedProto,
46
- xForwardedHost,
47
- requestHostHeader
48
- });
49
- const tokenEndpointUrl = new URL("/oauth/v1/token", hubspotConnectEnv.hubspotOAuthApiOrigin).href;
50
- let dpopProof;
51
- if (hubspotConnectEnv.isDpopEnabled) dpopProof = await buildTokenEndpointDpopProof({
52
- appKeys,
53
- tokenEndpointUrl,
54
- sessionIdHash: sessionId
55
- });
56
- let formParams;
57
- if (hubspotConnectEnv.isCimdEnabled) formParams = {
58
- grant_type: "authorization_code",
59
- code,
60
- code_verifier: decodedCodeVerifier,
61
- redirect_uri: redirectUri,
62
- ...buildClientAssertionFormParams({
63
- clientId,
64
- clientAssertion: await buildClientAssertion({
65
- appKeys,
66
- clientId,
67
- audience: tokenEndpointUrl
68
- })
69
- })
70
- };
71
- else formParams = {
72
- grant_type: "authorization_code",
73
- code,
74
- code_verifier: decodedCodeVerifier,
75
- redirect_uri: redirectUri,
76
- ...buildClientSecretFormParams({
77
- clientId,
78
- clientSecret: hubspotConnectEnv.hubspotClientSecret
79
- })
80
- };
81
- const tokenResult = await requestOAuthToken({
82
- tokenEndpointUrl,
83
- isDpopEnabled: hubspotConnectEnv.isDpopEnabled,
84
- ...dpopProof !== void 0 ? { dpopProof } : {},
85
- formParams
86
- });
87
- if (!tokenResult.ok) return c.text(`Token exchange failed: ${tokenResult.errorText}`, 502);
88
- const { access_token: accessToken, refresh_token: refreshToken, expires_in } = tokenResult.body;
89
- if (!refreshToken) return c.text("Token response missing refresh_token", 502);
90
- if (!isPositiveFiniteNumber(expires_in)) return c.text("Token response missing or invalid expires_in", 502);
91
- const expiresAt = Date.now() + expires_in * 1e3;
92
- const refreshCookieName = `${HUBSPOT_REFRESH_COOKIE_PREFIX}${sessionId}`;
93
- setResponseCookie({
94
- c,
95
- value: serializeCookie({
96
- name: HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,
97
- value: accessToken,
98
- path: "/",
99
- maxAge: expires_in
100
- })
101
- });
102
- setResponseCookie({
103
- c,
104
- value: serializeCookie({
105
- name: refreshCookieName,
106
- value: refreshToken,
107
- path: refreshCookiePath,
108
- maxAge: REFRESH_COOKIE_MAX_AGE_SEC
109
- })
110
- });
111
- setResponseCookie({
112
- c,
113
- value: clearTempCookie(TEMP_COOKIE_PKCE_VERIFIER)
114
- });
115
- setResponseCookie({
116
- c,
117
- value: clearTempCookie(TEMP_COOKIE_OAUTH_STATE)
118
- });
119
- const separator = returnPath.includes("?") ? "&" : "?";
120
- return c.redirect(`${returnPath}${separator}${EXPIRES_AT_URL_PARAM}=${expiresAt}`, 302);
121
- }
122
- //#endregion
123
- export { handleAuthCallback };
124
-
125
- //# sourceMappingURL=auth-callback.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-callback.js","names":[],"sources":["../../../../src/server/hono/hubspot-connect-routes/auth-callback.ts"],"sourcesContent":["import type { Context } from 'hono';\n\nimport { EXPIRES_AT_URL_PARAM } from '../../../shared/constants.ts';\nimport {\n HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,\n HUBSPOT_REFRESH_COOKIE_PREFIX,\n TEMP_COOKIE_OAUTH_STATE,\n TEMP_COOKIE_PKCE_VERIFIER,\n} from '../../constants.ts';\nimport { base64urlDecode } from '../../utils/base64-utils.ts';\nimport { parseCookies } from '../../utils/cookie-utils.ts';\nimport { serializeCookie, setResponseCookie } from '../utils/cookie-utils.ts';\nimport { REFRESH_COOKIE_MAX_AGE_SEC } from './constants.ts';\nimport {\n buildClientAssertion,\n buildClientAssertionFormParams,\n buildClientSecretFormParams,\n buildTokenEndpointDpopProof,\n requestOAuthToken,\n} from './oauth-client.ts';\nimport type { HubSpotConnectOAuthRouteOptions } from './types.ts';\nimport {\n buildCimdClientIdUrlFromRequest,\n buildOAuthRedirectUriFromRequest,\n clearTempCookie,\n isPositiveFiniteNumber,\n isSafeReturnPath,\n} from './utils.ts';\n\ninterface OAuthStatePayload {\n return_path?: string;\n sid?: string;\n}\n\nexport async function handleAuthCallback(\n c: Context,\n options: HubSpotConnectOAuthRouteOptions\n) {\n const { appKeys, refreshCookiePath, basePath, hubspotConnectEnv } = options;\n const xForwardedProto = c.req.header('x-forwarded-proto') ?? undefined;\n const xForwardedHost = c.req.header('x-forwarded-host') ?? undefined;\n const requestHostHeader = c.req.header('host') ?? undefined;\n const code = c.req.query('code');\n const state = c.req.query('state');\n\n if (!code || !state) {\n return c.text('Missing code or state', 400);\n }\n\n if (hubspotConnectEnv.isAppPrivateKeyRequired && !appKeys) {\n return c.text(\n 'Server misconfiguration: HUBSPOT_APP_PRIVATE_KEY is required when CIMD or DPoP is enabled',\n 500\n );\n }\n\n const cookies = parseCookies(c.req.header('Cookie'));\n const expectedState = cookies[TEMP_COOKIE_OAUTH_STATE];\n const codeVerifier = cookies[TEMP_COOKIE_PKCE_VERIFIER];\n\n if (!expectedState || state !== decodeURIComponent(expectedState)) {\n return c.text('State mismatch', 403);\n }\n if (!codeVerifier) {\n return c.text('Missing PKCE verifier', 400);\n }\n\n let statePayload: OAuthStatePayload;\n try {\n statePayload = JSON.parse(\n new TextDecoder().decode(base64urlDecode(decodeURIComponent(state)))\n ) as OAuthStatePayload;\n } catch {\n return c.text('Malformed state value', 400);\n }\n const returnPath = statePayload.return_path;\n if (!returnPath || !isSafeReturnPath(returnPath)) {\n return c.text('Invalid return path in state', 400);\n }\n\n const sessionId = statePayload.sid;\n if (!sessionId) {\n return c.text('Missing app session cookie', 400);\n }\n\n const decodedCodeVerifier = decodeURIComponent(codeVerifier);\n\n const clientId = hubspotConnectEnv.isCimdEnabled\n ? buildCimdClientIdUrlFromRequest({\n requestUrl: c.req.url,\n basePath,\n xForwardedProto,\n xForwardedHost,\n requestHostHeader,\n })\n : hubspotConnectEnv.hubspotClientId;\n\n const redirectUri = buildOAuthRedirectUriFromRequest({\n requestUrl: c.req.url,\n basePath,\n xForwardedProto,\n xForwardedHost,\n requestHostHeader,\n });\n\n const tokenEndpointUrl = new URL(\n '/oauth/v1/token',\n hubspotConnectEnv.hubspotOAuthApiOrigin\n ).href;\n\n let dpopProof: string | undefined;\n if (hubspotConnectEnv.isDpopEnabled) {\n dpopProof = await buildTokenEndpointDpopProof({\n appKeys: appKeys!,\n tokenEndpointUrl,\n sessionIdHash: sessionId,\n });\n }\n\n let formParams: Record<string, string>;\n if (hubspotConnectEnv.isCimdEnabled) {\n const clientAssertion = await buildClientAssertion({\n appKeys: appKeys!,\n clientId,\n audience: tokenEndpointUrl,\n });\n formParams = {\n grant_type: 'authorization_code',\n code,\n code_verifier: decodedCodeVerifier,\n redirect_uri: redirectUri,\n ...buildClientAssertionFormParams({ clientId, clientAssertion }),\n };\n } else {\n formParams = {\n grant_type: 'authorization_code',\n code,\n code_verifier: decodedCodeVerifier,\n redirect_uri: redirectUri,\n ...buildClientSecretFormParams({\n clientId,\n clientSecret: hubspotConnectEnv.hubspotClientSecret,\n }),\n };\n }\n\n const tokenResult = await requestOAuthToken({\n tokenEndpointUrl,\n isDpopEnabled: hubspotConnectEnv.isDpopEnabled,\n ...(dpopProof !== undefined ? { dpopProof } : {}),\n formParams,\n });\n if (!tokenResult.ok) {\n return c.text(`Token exchange failed: ${tokenResult.errorText}`, 502);\n }\n\n const {\n access_token: accessToken,\n refresh_token: refreshToken,\n expires_in,\n } = tokenResult.body;\n if (!refreshToken) {\n return c.text('Token response missing refresh_token', 502);\n }\n if (!isPositiveFiniteNumber(expires_in)) {\n return c.text('Token response missing or invalid expires_in', 502);\n }\n\n const expiresAt = Date.now() + expires_in * 1000;\n const refreshCookieName = `${HUBSPOT_REFRESH_COOKIE_PREFIX}${sessionId}`;\n\n setResponseCookie({\n c,\n value: serializeCookie({\n name: HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,\n value: accessToken,\n path: '/',\n maxAge: expires_in,\n }),\n });\n setResponseCookie({\n c,\n value: serializeCookie({\n name: refreshCookieName,\n value: refreshToken,\n path: refreshCookiePath,\n maxAge: REFRESH_COOKIE_MAX_AGE_SEC,\n }),\n });\n setResponseCookie({ c, value: clearTempCookie(TEMP_COOKIE_PKCE_VERIFIER) });\n setResponseCookie({ c, value: clearTempCookie(TEMP_COOKIE_OAUTH_STATE) });\n\n const separator = returnPath.includes('?') ? '&' : '?';\n return c.redirect(\n `${returnPath}${separator}${EXPIRES_AT_URL_PARAM}=${expiresAt}`,\n 302\n );\n}\n"],"mappings":";;;;;;;;;AAkCA,eAAsB,mBACpB,GACA,SACA;CACA,MAAM,EAAE,SAAS,mBAAmB,UAAU,sBAAsB;CACpE,MAAM,kBAAkB,EAAE,IAAI,OAAO,oBAAoB,IAAI,KAAA;CAC7D,MAAM,iBAAiB,EAAE,IAAI,OAAO,mBAAmB,IAAI,KAAA;CAC3D,MAAM,oBAAoB,EAAE,IAAI,OAAO,OAAO,IAAI,KAAA;CAClD,MAAM,OAAO,EAAE,IAAI,MAAM,OAAO;CAChC,MAAM,QAAQ,EAAE,IAAI,MAAM,QAAQ;CAElC,IAAI,CAAC,QAAQ,CAAC,OACZ,OAAO,EAAE,KAAK,yBAAyB,IAAI;CAG7C,IAAI,kBAAkB,2BAA2B,CAAC,SAChD,OAAO,EAAE,KACP,6FACA,IACD;CAGH,MAAM,UAAU,aAAa,EAAE,IAAI,OAAO,SAAS,CAAC;CACpD,MAAM,gBAAgB,QAAQ;CAC9B,MAAM,eAAe,QAAQ;CAE7B,IAAI,CAAC,iBAAiB,UAAU,mBAAmB,cAAc,EAC/D,OAAO,EAAE,KAAK,kBAAkB,IAAI;CAEtC,IAAI,CAAC,cACH,OAAO,EAAE,KAAK,yBAAyB,IAAI;CAG7C,IAAI;CACJ,IAAI;EACF,eAAe,KAAK,MAClB,IAAI,aAAa,CAAC,OAAO,gBAAgB,mBAAmB,MAAM,CAAC,CAAC,CACrE;SACK;EACN,OAAO,EAAE,KAAK,yBAAyB,IAAI;;CAE7C,MAAM,aAAa,aAAa;CAChC,IAAI,CAAC,cAAc,CAAC,iBAAiB,WAAW,EAC9C,OAAO,EAAE,KAAK,gCAAgC,IAAI;CAGpD,MAAM,YAAY,aAAa;CAC/B,IAAI,CAAC,WACH,OAAO,EAAE,KAAK,8BAA8B,IAAI;CAGlD,MAAM,sBAAsB,mBAAmB,aAAa;CAE5D,MAAM,WAAW,kBAAkB,gBAC/B,gCAAgC;EAC9B,YAAY,EAAE,IAAI;EAClB;EACA;EACA;EACA;EACD,CAAC,GACF,kBAAkB;CAEtB,MAAM,cAAc,iCAAiC;EACnD,YAAY,EAAE,IAAI;EAClB;EACA;EACA;EACA;EACD,CAAC;CAEF,MAAM,mBAAmB,IAAI,IAC3B,mBACA,kBAAkB,sBACnB,CAAC;CAEF,IAAI;CACJ,IAAI,kBAAkB,eACpB,YAAY,MAAM,4BAA4B;EACnC;EACT;EACA,eAAe;EAChB,CAAC;CAGJ,IAAI;CACJ,IAAI,kBAAkB,eAMpB,aAAa;EACX,YAAY;EACZ;EACA,eAAe;EACf,cAAc;EACd,GAAG,+BAA+B;GAAE;GAAU,iBAAA,MAVlB,qBAAqB;IACxC;IACT;IACA,UAAU;IACX,CAAC;GAM+D,CAAC;EACjE;MAED,aAAa;EACX,YAAY;EACZ;EACA,eAAe;EACf,cAAc;EACd,GAAG,4BAA4B;GAC7B;GACA,cAAc,kBAAkB;GACjC,CAAC;EACH;CAGH,MAAM,cAAc,MAAM,kBAAkB;EAC1C;EACA,eAAe,kBAAkB;EACjC,GAAI,cAAc,KAAA,IAAY,EAAE,WAAW,GAAG,EAAE;EAChD;EACD,CAAC;CACF,IAAI,CAAC,YAAY,IACf,OAAO,EAAE,KAAK,0BAA0B,YAAY,aAAa,IAAI;CAGvE,MAAM,EACJ,cAAc,aACd,eAAe,cACf,eACE,YAAY;CAChB,IAAI,CAAC,cACH,OAAO,EAAE,KAAK,wCAAwC,IAAI;CAE5D,IAAI,CAAC,uBAAuB,WAAW,EACrC,OAAO,EAAE,KAAK,gDAAgD,IAAI;CAGpE,MAAM,YAAY,KAAK,KAAK,GAAG,aAAa;CAC5C,MAAM,oBAAoB,GAAG,gCAAgC;CAE7D,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO;GACP,MAAM;GACN,QAAQ;GACT,CAAC;EACH,CAAC;CACF,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO;GACP,MAAM;GACN,QAAQ;GACT,CAAC;EACH,CAAC;CACF,kBAAkB;EAAE;EAAG,OAAO,gBAAgB,0BAA0B;EAAE,CAAC;CAC3E,kBAAkB;EAAE;EAAG,OAAO,gBAAgB,wBAAwB;EAAE,CAAC;CAEzE,MAAM,YAAY,WAAW,SAAS,IAAI,GAAG,MAAM;CACnD,OAAO,EAAE,SACP,GAAG,aAAa,YAAY,qBAAqB,GAAG,aACpD,IACD"}
@@ -1,90 +0,0 @@
1
- import { base64url } from "../../shared/encoding/base64.js";
2
- import { sha256base64url } from "../../shared/encoding/sha256.js";
3
- import { HUBSPOT_APP_SID_COOKIE_NAME, TEMP_COOKIE_OAUTH_STATE, TEMP_COOKIE_PKCE_VERIFIER } from "../../constants.js";
4
- import { serializeCookie, setResponseCookie } from "../utils/cookie-utils.js";
5
- import { OAUTH_TEMP_MAX_AGE_SEC, SESSION_MAX_AGE_SEC } from "./constants.js";
6
- import { buildCimdClientIdUrlFromRequest, buildOAuthRedirectUriFromRequest, isSafeReturnPath } from "./utils.js";
7
- import { deriveHubSpotAuthorizeScopesFromClientMetadata } from "./fetch-hubspot-client-metadata.js";
8
- //#region src/server/hono/hubspot-connect-routes/auth-init-session.ts
9
- async function handleAuthInitSession(c, options) {
10
- const { hubspotConnectEnv, cimdClientMetadata } = options;
11
- const xForwardedProto = c.req.header("x-forwarded-proto") ?? void 0;
12
- const xForwardedHost = c.req.header("x-forwarded-host") ?? void 0;
13
- const requestHostHeader = c.req.header("host") ?? void 0;
14
- const returnPath = new URL(c.req.url).searchParams.get("return_path") ?? "/";
15
- if (!isSafeReturnPath(returnPath)) return c.text("Invalid return_path", 400);
16
- const sessionIdBytes = new Uint8Array(32);
17
- crypto.getRandomValues(sessionIdBytes);
18
- const sessionId = base64url(sessionIdBytes);
19
- const sessionIdHash = await sha256base64url(sessionId);
20
- const codeVerifierBytes = new Uint8Array(32);
21
- crypto.getRandomValues(codeVerifierBytes);
22
- const codeVerifier = base64url(codeVerifierBytes);
23
- const codeChallenge = await sha256base64url(codeVerifier);
24
- const stateValue = base64url(new TextEncoder().encode(JSON.stringify({
25
- return_path: returnPath,
26
- sid: sessionIdHash
27
- })));
28
- const clientId = hubspotConnectEnv.isCimdEnabled ? buildCimdClientIdUrlFromRequest({
29
- requestUrl: c.req.url,
30
- basePath: options.basePath,
31
- xForwardedProto,
32
- xForwardedHost,
33
- requestHostHeader
34
- }) : hubspotConnectEnv.hubspotClientId;
35
- const redirectUri = buildOAuthRedirectUriFromRequest({
36
- requestUrl: c.req.url,
37
- basePath: options.basePath,
38
- xForwardedProto,
39
- xForwardedHost,
40
- requestHostHeader
41
- });
42
- const authorizeUrl = new URL(hubspotConnectEnv.hubspotAuthorizationEndpoint);
43
- authorizeUrl.searchParams.set("response_type", "code");
44
- authorizeUrl.searchParams.set("client_id", clientId);
45
- authorizeUrl.searchParams.set("redirect_uri", redirectUri);
46
- authorizeUrl.searchParams.set("code_challenge", codeChallenge);
47
- authorizeUrl.searchParams.set("code_challenge_method", "S256");
48
- authorizeUrl.searchParams.set("state", stateValue);
49
- authorizeUrl.searchParams.set("sid", sessionIdHash);
50
- if (!hubspotConnectEnv.isCimdEnabled) {
51
- const scopesResult = deriveHubSpotAuthorizeScopesFromClientMetadata(cimdClientMetadata);
52
- if (!scopesResult.ok) return c.text(scopesResult.message, scopesResult.status);
53
- authorizeUrl.searchParams.set("scope", scopesResult.scope);
54
- if (scopesResult.optionalScope !== void 0) authorizeUrl.searchParams.set("optional_scope", scopesResult.optionalScope);
55
- }
56
- setResponseCookie({
57
- c,
58
- value: serializeCookie({
59
- name: HUBSPOT_APP_SID_COOKIE_NAME,
60
- value: sessionId,
61
- path: "/",
62
- maxAge: SESSION_MAX_AGE_SEC
63
- })
64
- });
65
- setResponseCookie({
66
- c,
67
- value: serializeCookie({
68
- name: TEMP_COOKIE_PKCE_VERIFIER,
69
- value: encodeURIComponent(codeVerifier),
70
- path: "/",
71
- sameSite: "Lax",
72
- maxAge: OAUTH_TEMP_MAX_AGE_SEC
73
- })
74
- });
75
- setResponseCookie({
76
- c,
77
- value: serializeCookie({
78
- name: TEMP_COOKIE_OAUTH_STATE,
79
- value: encodeURIComponent(stateValue),
80
- path: "/",
81
- sameSite: "Lax",
82
- maxAge: OAUTH_TEMP_MAX_AGE_SEC
83
- })
84
- });
85
- return c.json({ authorization_url: authorizeUrl.toString() });
86
- }
87
- //#endregion
88
- export { handleAuthInitSession };
89
-
90
- //# sourceMappingURL=auth-init-session.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-init-session.js","names":[],"sources":["../../../../src/server/hono/hubspot-connect-routes/auth-init-session.ts"],"sourcesContent":["import type { Context } from 'hono';\n\nimport {\n HUBSPOT_APP_SID_COOKIE_NAME,\n TEMP_COOKIE_OAUTH_STATE,\n TEMP_COOKIE_PKCE_VERIFIER,\n} from '../../constants.ts';\nimport { base64url } from '../../utils/base64-utils.ts';\nimport { sha256base64url } from '../../utils/crypto-utils.ts';\nimport { serializeCookie, setResponseCookie } from '../utils/cookie-utils.ts';\nimport { OAUTH_TEMP_MAX_AGE_SEC, SESSION_MAX_AGE_SEC } from './constants.ts';\nimport { deriveHubSpotAuthorizeScopesFromClientMetadata } from './fetch-hubspot-client-metadata.ts';\nimport type { HubSpotConnectOAuthRouteOptions } from './types.ts';\nimport {\n buildCimdClientIdUrlFromRequest,\n buildOAuthRedirectUriFromRequest,\n isSafeReturnPath,\n} from './utils.ts';\n\nexport async function handleAuthInitSession(\n c: Context,\n options: HubSpotConnectOAuthRouteOptions\n) {\n const { hubspotConnectEnv, cimdClientMetadata } = options;\n const xForwardedProto = c.req.header('x-forwarded-proto') ?? undefined;\n const xForwardedHost = c.req.header('x-forwarded-host') ?? undefined;\n const requestHostHeader = c.req.header('host') ?? undefined;\n const url = new URL(c.req.url);\n const returnPath = url.searchParams.get('return_path') ?? '/';\n if (!isSafeReturnPath(returnPath)) {\n return c.text('Invalid return_path', 400);\n }\n\n const sessionIdBytes = new Uint8Array(32);\n crypto.getRandomValues(sessionIdBytes);\n const sessionId = base64url(sessionIdBytes);\n const sessionIdHash = await sha256base64url(sessionId);\n\n const codeVerifierBytes = new Uint8Array(32);\n crypto.getRandomValues(codeVerifierBytes);\n const codeVerifier = base64url(codeVerifierBytes);\n const codeChallenge = await sha256base64url(codeVerifier);\n\n const stateValue = base64url(\n new TextEncoder().encode(\n JSON.stringify({\n return_path: returnPath,\n sid: sessionIdHash,\n })\n )\n );\n\n const clientId = hubspotConnectEnv.isCimdEnabled\n ? buildCimdClientIdUrlFromRequest({\n requestUrl: c.req.url,\n basePath: options.basePath,\n xForwardedProto,\n xForwardedHost,\n requestHostHeader,\n })\n : hubspotConnectEnv.hubspotClientId;\n\n const redirectUri = buildOAuthRedirectUriFromRequest({\n requestUrl: c.req.url,\n basePath: options.basePath,\n xForwardedProto,\n xForwardedHost,\n requestHostHeader,\n });\n\n const authorizeUrl = new URL(hubspotConnectEnv.hubspotAuthorizationEndpoint);\n authorizeUrl.searchParams.set('response_type', 'code');\n authorizeUrl.searchParams.set('client_id', clientId);\n authorizeUrl.searchParams.set('redirect_uri', redirectUri);\n authorizeUrl.searchParams.set('code_challenge', codeChallenge);\n authorizeUrl.searchParams.set('code_challenge_method', 'S256');\n authorizeUrl.searchParams.set('state', stateValue);\n authorizeUrl.searchParams.set('sid', sessionIdHash);\n\n if (!hubspotConnectEnv.isCimdEnabled) {\n const scopesResult =\n deriveHubSpotAuthorizeScopesFromClientMetadata(cimdClientMetadata);\n if (!scopesResult.ok) {\n return c.text(scopesResult.message, scopesResult.status as 500 | 502);\n }\n authorizeUrl.searchParams.set('scope', scopesResult.scope);\n if (scopesResult.optionalScope !== undefined) {\n authorizeUrl.searchParams.set(\n 'optional_scope',\n scopesResult.optionalScope\n );\n }\n }\n\n setResponseCookie({\n c,\n value: serializeCookie({\n name: HUBSPOT_APP_SID_COOKIE_NAME,\n value: sessionId,\n path: '/',\n maxAge: SESSION_MAX_AGE_SEC,\n }),\n });\n setResponseCookie({\n c,\n value: serializeCookie({\n name: TEMP_COOKIE_PKCE_VERIFIER,\n value: encodeURIComponent(codeVerifier),\n path: '/',\n sameSite: 'Lax',\n maxAge: OAUTH_TEMP_MAX_AGE_SEC,\n }),\n });\n setResponseCookie({\n c,\n value: serializeCookie({\n name: TEMP_COOKIE_OAUTH_STATE,\n value: encodeURIComponent(stateValue),\n path: '/',\n sameSite: 'Lax',\n maxAge: OAUTH_TEMP_MAX_AGE_SEC,\n }),\n });\n\n return c.json({ authorization_url: authorizeUrl.toString() });\n}\n"],"mappings":";;;;;;;;AAmBA,eAAsB,sBACpB,GACA,SACA;CACA,MAAM,EAAE,mBAAmB,uBAAuB;CAClD,MAAM,kBAAkB,EAAE,IAAI,OAAO,oBAAoB,IAAI,KAAA;CAC7D,MAAM,iBAAiB,EAAE,IAAI,OAAO,mBAAmB,IAAI,KAAA;CAC3D,MAAM,oBAAoB,EAAE,IAAI,OAAO,OAAO,IAAI,KAAA;CAElD,MAAM,aAAa,IADH,IAAI,EAAE,IAAI,IACJ,CAAC,aAAa,IAAI,cAAc,IAAI;CAC1D,IAAI,CAAC,iBAAiB,WAAW,EAC/B,OAAO,EAAE,KAAK,uBAAuB,IAAI;CAG3C,MAAM,iBAAiB,IAAI,WAAW,GAAG;CACzC,OAAO,gBAAgB,eAAe;CACtC,MAAM,YAAY,UAAU,eAAe;CAC3C,MAAM,gBAAgB,MAAM,gBAAgB,UAAU;CAEtD,MAAM,oBAAoB,IAAI,WAAW,GAAG;CAC5C,OAAO,gBAAgB,kBAAkB;CACzC,MAAM,eAAe,UAAU,kBAAkB;CACjD,MAAM,gBAAgB,MAAM,gBAAgB,aAAa;CAEzD,MAAM,aAAa,UACjB,IAAI,aAAa,CAAC,OAChB,KAAK,UAAU;EACb,aAAa;EACb,KAAK;EACN,CAAC,CACH,CACF;CAED,MAAM,WAAW,kBAAkB,gBAC/B,gCAAgC;EAC9B,YAAY,EAAE,IAAI;EAClB,UAAU,QAAQ;EAClB;EACA;EACA;EACD,CAAC,GACF,kBAAkB;CAEtB,MAAM,cAAc,iCAAiC;EACnD,YAAY,EAAE,IAAI;EAClB,UAAU,QAAQ;EAClB;EACA;EACA;EACD,CAAC;CAEF,MAAM,eAAe,IAAI,IAAI,kBAAkB,6BAA6B;CAC5E,aAAa,aAAa,IAAI,iBAAiB,OAAO;CACtD,aAAa,aAAa,IAAI,aAAa,SAAS;CACpD,aAAa,aAAa,IAAI,gBAAgB,YAAY;CAC1D,aAAa,aAAa,IAAI,kBAAkB,cAAc;CAC9D,aAAa,aAAa,IAAI,yBAAyB,OAAO;CAC9D,aAAa,aAAa,IAAI,SAAS,WAAW;CAClD,aAAa,aAAa,IAAI,OAAO,cAAc;CAEnD,IAAI,CAAC,kBAAkB,eAAe;EACpC,MAAM,eACJ,+CAA+C,mBAAmB;EACpE,IAAI,CAAC,aAAa,IAChB,OAAO,EAAE,KAAK,aAAa,SAAS,aAAa,OAAoB;EAEvE,aAAa,aAAa,IAAI,SAAS,aAAa,MAAM;EAC1D,IAAI,aAAa,kBAAkB,KAAA,GACjC,aAAa,aAAa,IACxB,kBACA,aAAa,cACd;;CAIL,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO;GACP,MAAM;GACN,QAAQ;GACT,CAAC;EACH,CAAC;CACF,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO,mBAAmB,aAAa;GACvC,MAAM;GACN,UAAU;GACV,QAAQ;GACT,CAAC;EACH,CAAC;CACF,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO,mBAAmB,WAAW;GACrC,MAAM;GACN,UAAU;GACV,QAAQ;GACT,CAAC;EACH,CAAC;CAEF,OAAO,EAAE,KAAK,EAAE,mBAAmB,aAAa,UAAU,EAAE,CAAC"}
@@ -1,97 +0,0 @@
1
- import { HUBSPOT_ACCESS_TOKEN_COOKIE_NAME, HUBSPOT_APP_SID_COOKIE_NAME } from "../../constants.js";
2
- import { parseCookies } from "../../utils/cookie-utils.js";
3
- import { serializeCookie, setResponseCookie } from "../utils/cookie-utils.js";
4
- import { buildClientAssertion } from "./oauth-client.js";
5
- import { buildCimdClientIdUrlFromRequest } from "./utils.js";
6
- //#region src/server/hono/hubspot-connect-routes/auth-logout.ts
7
- async function revokeToken(options) {
8
- const { revokeEndpointUrl, body, logger } = options;
9
- try {
10
- const response = await fetch(revokeEndpointUrl, {
11
- method: "POST",
12
- headers: { "Content-Type": "application/x-www-form-urlencoded" },
13
- body
14
- });
15
- if (!response.ok) logger.warn(`HubSpot token revoke returned HTTP ${response.status} ${response.statusText}`);
16
- } catch (error) {
17
- logger.warn("HubSpot token revoke request failed", error);
18
- }
19
- }
20
- async function handleAuthLogout(c, options) {
21
- const { appKeys, refreshCookiePath, basePath, hubspotConnectEnv, logger } = options;
22
- const xForwardedProto = c.req.header("x-forwarded-proto") ?? void 0;
23
- const xForwardedHost = c.req.header("x-forwarded-host") ?? void 0;
24
- const requestHostHeader = c.req.header("host") ?? void 0;
25
- const cookies = parseCookies(c.req.header("Cookie"));
26
- const accessToken = cookies[HUBSPOT_ACCESS_TOKEN_COOKIE_NAME];
27
- const clientId = hubspotConnectEnv.isCimdEnabled ? buildCimdClientIdUrlFromRequest({
28
- requestUrl: c.req.url,
29
- basePath,
30
- xForwardedProto,
31
- xForwardedHost,
32
- requestHostHeader
33
- }) : hubspotConnectEnv.hubspotClientId;
34
- const revokeEndpointUrl = new URL("/oauth/v1/revoke", hubspotConnectEnv.hubspotOAuthApiOrigin).href;
35
- if (accessToken) if (hubspotConnectEnv.isCimdEnabled) {
36
- if (!appKeys) return c.json({ error: "Server misconfiguration: HUBSPOT_APP_PRIVATE_KEY is required when CIMD is enabled" }, 500);
37
- const clientAssertion = await buildClientAssertion({
38
- appKeys,
39
- clientId,
40
- audience: revokeEndpointUrl
41
- });
42
- await revokeToken({
43
- revokeEndpointUrl,
44
- body: new URLSearchParams({
45
- token: accessToken,
46
- token_type_hint: "access_token",
47
- client_id: clientId,
48
- client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
49
- client_assertion: clientAssertion
50
- }),
51
- logger
52
- });
53
- } else await revokeToken({
54
- revokeEndpointUrl,
55
- body: new URLSearchParams({
56
- token: accessToken,
57
- token_type_hint: "access_token",
58
- client_id: clientId,
59
- client_secret: hubspotConnectEnv.hubspotClientSecret
60
- }),
61
- logger
62
- });
63
- setResponseCookie({
64
- c,
65
- value: serializeCookie({
66
- name: HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,
67
- value: "",
68
- path: "/",
69
- maxAge: 0
70
- })
71
- });
72
- setResponseCookie({
73
- c,
74
- value: serializeCookie({
75
- name: HUBSPOT_APP_SID_COOKIE_NAME,
76
- value: "",
77
- path: "/",
78
- maxAge: 0
79
- })
80
- });
81
- Object.keys(cookies).forEach((cookieName) => {
82
- if (cookieName.startsWith("hs_refresh_")) setResponseCookie({
83
- c,
84
- value: serializeCookie({
85
- name: cookieName,
86
- value: "",
87
- path: refreshCookiePath,
88
- maxAge: 0
89
- })
90
- });
91
- });
92
- return c.json({ redirect_to: "/" });
93
- }
94
- //#endregion
95
- export { handleAuthLogout };
96
-
97
- //# sourceMappingURL=auth-logout.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-logout.js","names":[],"sources":["../../../../src/server/hono/hubspot-connect-routes/auth-logout.ts"],"sourcesContent":["import type { Context } from 'hono';\n\nimport type { Logger } from '../../../shared/logger.ts';\nimport {\n HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,\n HUBSPOT_APP_SID_COOKIE_NAME,\n HUBSPOT_REFRESH_COOKIE_PREFIX,\n} from '../../constants.ts';\nimport { parseCookies } from '../../utils/cookie-utils.ts';\nimport { serializeCookie, setResponseCookie } from '../utils/cookie-utils.ts';\nimport { buildClientAssertion } from './oauth-client.ts';\nimport type { HubSpotConnectOAuthRouteOptions } from './types.ts';\nimport { buildCimdClientIdUrlFromRequest } from './utils.ts';\n\nasync function revokeToken(options: {\n revokeEndpointUrl: string;\n body: URLSearchParams;\n logger: Logger;\n}): Promise<void> {\n const { revokeEndpointUrl, body, logger } = options;\n try {\n const response = await fetch(revokeEndpointUrl, {\n method: 'POST',\n headers: { 'Content-Type': 'application/x-www-form-urlencoded' },\n body,\n });\n if (!response.ok) {\n logger.warn(\n `HubSpot token revoke returned HTTP ${response.status} ${response.statusText}`\n );\n }\n } catch (error) {\n logger.warn('HubSpot token revoke request failed', error);\n }\n}\n\nexport async function handleAuthLogout(\n c: Context,\n options: HubSpotConnectOAuthRouteOptions\n) {\n const { appKeys, refreshCookiePath, basePath, hubspotConnectEnv, logger } =\n options;\n const xForwardedProto = c.req.header('x-forwarded-proto') ?? undefined;\n const xForwardedHost = c.req.header('x-forwarded-host') ?? undefined;\n const requestHostHeader = c.req.header('host') ?? undefined;\n const cookies = parseCookies(c.req.header('Cookie'));\n const accessToken = cookies[HUBSPOT_ACCESS_TOKEN_COOKIE_NAME];\n\n const clientId = hubspotConnectEnv.isCimdEnabled\n ? buildCimdClientIdUrlFromRequest({\n requestUrl: c.req.url,\n basePath,\n xForwardedProto,\n xForwardedHost,\n requestHostHeader,\n })\n : hubspotConnectEnv.hubspotClientId;\n\n const revokeEndpointUrl = new URL(\n '/oauth/v1/revoke',\n hubspotConnectEnv.hubspotOAuthApiOrigin\n ).href;\n\n if (accessToken) {\n if (hubspotConnectEnv.isCimdEnabled) {\n if (!appKeys) {\n return c.json(\n {\n error:\n 'Server misconfiguration: HUBSPOT_APP_PRIVATE_KEY is required when CIMD is enabled',\n },\n 500\n );\n }\n const clientAssertion = await buildClientAssertion({\n appKeys,\n clientId,\n audience: revokeEndpointUrl,\n });\n await revokeToken({\n revokeEndpointUrl,\n body: new URLSearchParams({\n token: accessToken,\n token_type_hint: 'access_token',\n client_id: clientId,\n client_assertion_type:\n 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',\n client_assertion: clientAssertion,\n }),\n logger,\n });\n } else {\n await revokeToken({\n revokeEndpointUrl,\n body: new URLSearchParams({\n token: accessToken,\n token_type_hint: 'access_token',\n client_id: clientId,\n client_secret: hubspotConnectEnv.hubspotClientSecret,\n }),\n logger,\n });\n }\n }\n\n setResponseCookie({\n c,\n value: serializeCookie({\n name: HUBSPOT_ACCESS_TOKEN_COOKIE_NAME,\n value: '',\n path: '/',\n maxAge: 0,\n }),\n });\n setResponseCookie({\n c,\n value: serializeCookie({\n name: HUBSPOT_APP_SID_COOKIE_NAME,\n value: '',\n path: '/',\n maxAge: 0,\n }),\n });\n\n Object.keys(cookies).forEach((cookieName) => {\n if (cookieName.startsWith(HUBSPOT_REFRESH_COOKIE_PREFIX)) {\n setResponseCookie({\n c,\n value: serializeCookie({\n name: cookieName,\n value: '',\n path: refreshCookiePath,\n maxAge: 0,\n }),\n });\n }\n });\n\n return c.json({ redirect_to: '/' });\n}\n"],"mappings":";;;;;;AAcA,eAAe,YAAY,SAIT;CAChB,MAAM,EAAE,mBAAmB,MAAM,WAAW;CAC5C,IAAI;EACF,MAAM,WAAW,MAAM,MAAM,mBAAmB;GAC9C,QAAQ;GACR,SAAS,EAAE,gBAAgB,qCAAqC;GAChE;GACD,CAAC;EACF,IAAI,CAAC,SAAS,IACZ,OAAO,KACL,sCAAsC,SAAS,OAAO,GAAG,SAAS,aACnE;UAEI,OAAO;EACd,OAAO,KAAK,uCAAuC,MAAM;;;AAI7D,eAAsB,iBACpB,GACA,SACA;CACA,MAAM,EAAE,SAAS,mBAAmB,UAAU,mBAAmB,WAC/D;CACF,MAAM,kBAAkB,EAAE,IAAI,OAAO,oBAAoB,IAAI,KAAA;CAC7D,MAAM,iBAAiB,EAAE,IAAI,OAAO,mBAAmB,IAAI,KAAA;CAC3D,MAAM,oBAAoB,EAAE,IAAI,OAAO,OAAO,IAAI,KAAA;CAClD,MAAM,UAAU,aAAa,EAAE,IAAI,OAAO,SAAS,CAAC;CACpD,MAAM,cAAc,QAAQ;CAE5B,MAAM,WAAW,kBAAkB,gBAC/B,gCAAgC;EAC9B,YAAY,EAAE,IAAI;EAClB;EACA;EACA;EACA;EACD,CAAC,GACF,kBAAkB;CAEtB,MAAM,oBAAoB,IAAI,IAC5B,oBACA,kBAAkB,sBACnB,CAAC;CAEF,IAAI,aACF,IAAI,kBAAkB,eAAe;EACnC,IAAI,CAAC,SACH,OAAO,EAAE,KACP,EACE,OACE,qFACH,EACD,IACD;EAEH,MAAM,kBAAkB,MAAM,qBAAqB;GACjD;GACA;GACA,UAAU;GACX,CAAC;EACF,MAAM,YAAY;GAChB;GACA,MAAM,IAAI,gBAAgB;IACxB,OAAO;IACP,iBAAiB;IACjB,WAAW;IACX,uBACE;IACF,kBAAkB;IACnB,CAAC;GACF;GACD,CAAC;QAEF,MAAM,YAAY;EAChB;EACA,MAAM,IAAI,gBAAgB;GACxB,OAAO;GACP,iBAAiB;GACjB,WAAW;GACX,eAAe,kBAAkB;GAClC,CAAC;EACF;EACD,CAAC;CAIN,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO;GACP,MAAM;GACN,QAAQ;GACT,CAAC;EACH,CAAC;CACF,kBAAkB;EAChB;EACA,OAAO,gBAAgB;GACrB,MAAM;GACN,OAAO;GACP,MAAM;GACN,QAAQ;GACT,CAAC;EACH,CAAC;CAEF,OAAO,KAAK,QAAQ,CAAC,SAAS,eAAe;EAC3C,IAAI,WAAW,WAAA,cAAyC,EACtD,kBAAkB;GAChB;GACA,OAAO,gBAAgB;IACrB,MAAM;IACN,OAAO;IACP,MAAM;IACN,QAAQ;IACT,CAAC;GACH,CAAC;GAEJ;CAEF,OAAO,EAAE,KAAK,EAAE,aAAa,KAAK,CAAC"}