@hubspot/app-connect-sdk 1.0.0-alpha.3 → 1.0.0-alpha.4

package/dist/server/sha256-B7y8GBFB.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sha256-B7y8GBFB.js","names":[],"sources":["../../src/shared/encoding/base64.ts","../../src/server/utils/jwk-utils.ts","../../src/server/utils/jwt-utils.ts","../../src/server/utils/dpop-utils.ts","../../src/shared/encoding/sha256.ts"],"sourcesContent":["/**\n * Base64url encoding and decoding helpers shared by the browser and\n * server halves of `@hubspot/app-connect-sdk`.\n *\n * Base64url (RFC 4648 §5) replaces `+`/`/` with `-`/`_` and drops `=`\n * padding. JWT, DPoP, and JWK thumbprints all use this variant.\n */\n\n/**\n * Encodes a binary buffer as a base64url string (RFC 4648 §5).\n */\nexport function base64url(input: ArrayBuffer | Uint8Array): string {\n  const bytes = input instanceof Uint8Array ? input : new Uint8Array(input);\n  let binary = '';\n  for (const byte of bytes) {\n    binary += String.fromCharCode(byte);\n  }\n  return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\n/**\n * Decodes a base64url string into a `Uint8Array`. Tolerates missing\n * padding by re-adding it before delegating to `atob`.\n */\nexport function base64urlDecode(encoded: string): Uint8Array<ArrayBuffer> {\n  const padLen = (4 - (encoded.length % 4)) % 4;\n  const padded =\n    encoded.replace(/-/g, '+').replace(/_/g, '/') + '='.repeat(padLen);\n  const binary = atob(padded);\n  const out = new Uint8Array(new ArrayBuffer(binary.length));\n  for (let i = 0; i < binary.length; i++) {\n    out[i] = binary.charCodeAt(i) ?? 0;\n  }\n  return out;\n}\n\n/**\n * Decodes a *standard* base64 string (with `+`/`/` and required `=`\n * padding) into an `ArrayBuffer`. Used for PKCS8-encoded private keys\n * stored in environment variables.\n */\nexport function base64StandardToArrayBuffer(b64: string): ArrayBuffer {\n  const bin = atob(b64);\n  const buf = new ArrayBuffer(bin.length);\n  const view = new Uint8Array(buf);\n  for (let i = 0; i < bin.length; i++) {\n    view[i] = bin.charCodeAt(i) ?? 0;\n  }\n  return buf;\n}\n","import { base64url } from './base64-utils.ts';\n\nexport interface GetJwkThumbprintOptions {\n  /** EC P-256 public JWK whose thumbprint to compute. */\n  publicKeyJwk: JsonWebKey;\n}\n\n/**\n * Computes the RFC 7638 JWK thumbprint of an EC P-256 public JWK.\n * Per §3.2 the canonical form contains only `crv`, `kty`, `x`, `y`,\n * sorted lexicographically — no whitespace, no other members. The\n * SHA-256 of this canonical UTF-8 JSON, base64url-encoded, is the\n * stable identifier (`jkt`) DPoP uses to bind tokens to public keys.\n */\nexport async function getJwkThumbprint(\n  options: GetJwkThumbprintOptions\n): Promise<string> {\n  const { publicKeyJwk } = options;\n  const canonical = JSON.stringify({\n    crv: publicKeyJwk.crv,\n    kty: publicKeyJwk.kty,\n    x: publicKeyJwk.x,\n    y: publicKeyJwk.y,\n  });\n  const digest = await crypto.subtle.digest(\n    'SHA-256',\n    new TextEncoder().encode(canonical)\n  );\n  return base64url(new Uint8Array(digest));\n}\n","import { base64url, base64urlDecode } from './base64-utils.ts';\n\ninterface EncodeAndSignJwtOptions {\n  header: Record<string, unknown>;\n  payload: Record<string, unknown>;\n  privateKey: CryptoKey;\n}\n\n/**\n * Low-level helper that encodes a JWS Compact Serialization JWT\n * (RFC 7519) and signs it with the supplied `privateKey` using\n * ES256 (P-256 + SHA-256). Returns the three-segment compact form.\n */\nexport async function encodeAndSignJwt(\n  options: EncodeAndSignJwtOptions\n): Promise<string> {\n  const { header, payload, privateKey } = options;\n\n  const encodedHeader = base64url(\n    new TextEncoder().encode(JSON.stringify(header))\n  );\n  const encodedPayload = base64url(\n    new TextEncoder().encode(JSON.stringify(payload))\n  );\n  const signingInput = `${encodedHeader}.${encodedPayload}`;\n  const signatureBuffer = await crypto.subtle.sign(\n    { name: 'ECDSA', hash: 'SHA-256' },\n    privateKey,\n    new TextEncoder().encode(signingInput)\n  );\n  return `${signingInput}.${base64url(new Uint8Array(signatureBuffer))}`;\n}\n\nasync function importPublicKey(jwk: JsonWebKey): Promise<CryptoKey> {\n  return crypto.subtle.importKey(\n    'jwk',\n    jwk,\n    { name: 'ECDSA', namedCurve: 'P-256' },\n    false,\n    ['verify']\n  );\n}\n\ninterface DecodeAndVerifyJwtOptions {\n  token: string;\n  publicKeyJwk: JsonWebKey;\n}\n\n/**\n * Verifies the ES256 signature on `token` against `publicKeyJwk` and\n * returns the decoded payload. Does not check `exp` — use\n * {@link verifyJwt} when expiry enforcement is desired.\n *\n * @throws {Error} When the token isn't three segments, when the\n *   signature fails verification, or when the payload isn't valid\n *   JSON.\n */\nexport async function decodeAndVerifyJwt(\n  options: DecodeAndVerifyJwtOptions\n): Promise<Record<string, unknown>> {\n  const { token, publicKeyJwk } = options;\n  const parts = token.split('.');\n  if (parts.length !== 3) throw new Error('Invalid JWT format');\n  const [encodedHeader, encodedPayload, encodedSignature] = parts as [\n    string,\n    string,\n    string,\n  ];\n  const publicKey = await importPublicKey(publicKeyJwk);\n  const valid = await crypto.subtle.verify(\n    { name: 'ECDSA', hash: 'SHA-256' },\n    publicKey,\n    base64urlDecode(encodedSignature),\n    new TextEncoder().encode(`${encodedHeader}.${encodedPayload}`)\n  );\n  if (!valid) throw new Error('JWT signature verification failed');\n  return JSON.parse(\n    new TextDecoder().decode(base64urlDecode(encodedPayload))\n  ) as Record<string, unknown>;\n}\n\nexport interface VerifyJwtOptions {\n  /** Compact-serialized JWT to verify. */\n  token: string;\n  /** Public key in JWK form. Caller is responsible for trusting it. */\n  publicKeyJwk: JsonWebKey;\n}\n\n/**\n * Verifies signature and (if present) `exp` (RFC 7519 §4.1.4) on a\n * JWT and returns its payload.\n *\n * @throws {Error} When the signature fails or when `exp` has passed.\n */\nexport async function verifyJwt(\n  options: VerifyJwtOptions\n): Promise<Record<string, unknown>> {\n  const { token, publicKeyJwk } = options;\n  const payload = await decodeAndVerifyJwt({ token, publicKeyJwk });\n  const now = Math.floor(Date.now() / 1000);\n  if (typeof payload['exp'] === 'number' && payload['exp'] < now) {\n    throw new Error('JWT expired');\n  }\n  return payload;\n}\n\nexport interface SignJwtOptions {\n  /** ES256 private key as a non-extractable WebCrypto key. */\n  privateKey: CryptoKey;\n  /**\n   * Custom claims merged onto an `iat` claim (and `exp` when\n   * `ttlSeconds` is supplied). Caller-provided keys override the\n   * standard ones.\n   */\n  payload: Record<string, unknown>;\n  /**\n   * Lifetime of the token in seconds. When set, the JWT's `exp` claim\n   * is computed as `iat + ttlSeconds`. When omitted, no `exp` is added\n   * (the caller is responsible for one if needed).\n   */\n  ttlSeconds?: number;\n}\n\n/**\n * Signs a JWT (RFC 7519) with `alg=ES256, typ=JWT` and returns the\n * compact serialization. Always sets `iat` to the current second; the\n * caller controls every other claim via `payload`.\n */\nexport async function signJwt(options: SignJwtOptions): Promise<string> {\n  const { privateKey, payload, ttlSeconds } = options;\n  const now = Math.floor(Date.now() / 1000);\n  const payloadWithStandardClaims =\n    ttlSeconds !== undefined\n      ? { iat: now, exp: now + ttlSeconds, ...payload }\n      : { iat: now, ...payload };\n  return encodeAndSignJwt({\n    header: { alg: 'ES256', typ: 'JWT' },\n    payload: payloadWithStandardClaims,\n    privateKey,\n  });\n}\n","import { type AppKeys } from '../types.ts';\nimport { base64urlDecode } from './base64-utils.ts';\nimport { getJwkThumbprint } from './jwk-utils.ts';\nimport { decodeAndVerifyJwt, encodeAndSignJwt } from './jwt-utils.ts';\n\n/**\n * Claims that go into a DPoP proof JWT (RFC 9449 §4.2). Extra\n * properties pass through to the encoder unchanged so callers can\n * include implementation-specific claims.\n */\nexport interface DpopClaims {\n  /** HTTP method of the protected request, uppercase. */\n  htm: string;\n  /** Target URI of the protected request, fully-qualified. */\n  htu: string;\n  /** Unique proof identifier (RFC 9449 §4.2, recommended UUID). */\n  jti: string;\n  /** Issuance time, Unix epoch seconds. */\n  iat: number;\n  /**\n   * Hash of the access token presented alongside this proof, if any\n   * (RFC 9449 §4.2). Required for resource-server DPoP.\n   */\n  ath?: string;\n  /**\n   * App session ID hash. Custom HubSpot extension that lets the auth\n   * server bind tokens to the browser session that minted them.\n   */\n  sid?: string;\n  [key: string]: unknown;\n}\n\nfunction ecPublicJwkForDpopHeader(jwk: JsonWebKey): JsonWebKey {\n  if (\n    jwk.kty !== 'EC' ||\n    jwk.crv !== 'P-256' ||\n    typeof jwk.x !== 'string' ||\n    typeof jwk.y !== 'string'\n  ) {\n    throw new Error('Expected P-256 EC public JWK');\n  }\n  return {\n    kty: 'EC',\n    crv: 'P-256',\n    x: jwk.x,\n    y: jwk.y,\n  };\n}\n\nexport interface SignDpopProofOptions {\n  /** App key material produced by `secureStart`. */\n  appKeys: AppKeys;\n  /** Claims to include in the DPoP proof. */\n  claims: DpopClaims;\n}\n\n/**\n * Mints a DPoP proof JWT (RFC 9449) signed with the app's private\n * key. The header is set to `typ=dpop+jwt`, `alg=ES256`, and embeds\n * the public JWK so the receiver can verify the signature without\n * out-of-band key distribution.\n */\nexport async function signDpopProof(\n  options: SignDpopProofOptions\n): Promise<string> {\n  const { appKeys, claims } = options;\n  const publicJwk = ecPublicJwkForDpopHeader(appKeys.appPublicKeyJwk);\n  return encodeAndSignJwt({\n    header: { alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk },\n    payload: claims,\n    privateKey: appKeys.appPrivateKey,\n  });\n}\n\n/**\n * Result of a successful {@link verifyDpopProof} call.\n */\nexport interface VerifiedDpopProof {\n  /** Public JWK extracted from the proof's header. */\n  publicKeyJwk: JsonWebKey;\n  /** RFC 7638 JWK thumbprint of `publicKeyJwk`. */\n  jkt: string;\n  /** Decoded claims from the proof's payload. */\n  claims: DpopClaims;\n}\n\nexport interface VerifyDpopProofOptions {\n  /** The compact-serialized DPoP proof. */\n  proof: string;\n  /** Expected HTTP method (RFC 9449 `htm` claim). */\n  htm: string;\n  /** Expected request URI (RFC 9449 `htu` claim). */\n  htu: string;\n  /** Expected access-token hash (RFC 9449 `ath` claim). */\n  ath?: string;\n  /** Expected app-session-ID hash (`sid` claim). */\n  sid?: string;\n}\n\ninterface DpopProofHeader {\n  typ?: string;\n  alg?: string;\n  jwk?: JsonWebKey;\n}\n\n/**\n * Verifies a DPoP proof JWT and returns the embedded public JWK,\n * its thumbprint, and the decoded claims.\n *\n * Enforces RFC 9449's required checks:\n *\n * - `typ=dpop+jwt`, `alg=ES256`, and a JWK in the header.\n * - Signature is valid against the embedded JWK.\n * - `htm`, `htu`, and (when supplied) `ath`/`sid` match.\n * - `iat` is within ±5 minutes of \"now\".\n *\n * @throws {Error} If any of the above checks fail.\n */\nexport async function verifyDpopProof(\n  options: VerifyDpopProofOptions\n): Promise<VerifiedDpopProof> {\n  const { proof, htm, htu, ath, sid } = options;\n  const parts = proof.split('.');\n  if (parts.length !== 3) throw new Error('Invalid DPoP proof format');\n\n  const encodedHeader = parts[0];\n  if (!encodedHeader) throw new Error('Missing DPoP header');\n\n  const header = JSON.parse(\n    new TextDecoder().decode(base64urlDecode(encodedHeader))\n  ) as DpopProofHeader;\n\n  if (header.typ !== 'dpop+jwt') throw new Error('Invalid DPoP typ header');\n  if (header.alg !== 'ES256') throw new Error('Unsupported DPoP algorithm');\n  const publicKeyJwk = header.jwk;\n  if (!publicKeyJwk) throw new Error('Missing jwk in DPoP header');\n\n  const payload = await decodeAndVerifyJwt({ token: proof, publicKeyJwk });\n  const claims = payload as unknown as DpopClaims;\n\n  if (claims.htm !== htm) {\n    throw new Error(`DPoP htm mismatch: expected ${htm}, got ${claims.htm}`);\n  }\n  if (claims.htu !== htu) {\n    throw new Error(`DPoP htu mismatch: expected ${htu}, got ${claims.htu}`);\n  }\n  if (ath !== undefined && claims.ath !== ath) {\n    throw new Error('DPoP ath mismatch');\n  }\n  if (sid !== undefined && claims.sid !== sid) {\n    throw new Error('DPoP sid mismatch');\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  if (Math.abs(now - claims.iat) > 300) {\n    throw new Error('DPoP proof expired or too far in future');\n  }\n\n  const jkt = await getJwkThumbprint({ publicKeyJwk });\n  return { publicKeyJwk, jkt, claims };\n}\n","import { base64url } from './base64.ts';\n\n/**\n * Hashes a UTF-8 string with SHA-256 and encodes the digest as\n * base64url. Used to compute DPoP `ath`/`sid` claims, JWK thumbprints\n * (RFC 7638), and PKCE code challenges.\n */\nexport async function sha256base64url(input: string): Promise<string> {\n  const digest = await crypto.subtle.digest(\n    'SHA-256',\n    new TextEncoder().encode(input)\n  );\n  return base64url(new Uint8Array(digest));\n}\n"],"mappings":";;;;;;;;;;;AAWA,SAAgB,UAAU,OAAyC;CACjE,MAAM,QAAQ,iBAAiB,aAAa,QAAQ,IAAI,WAAW,MAAM;CACzE,IAAI,SAAS;CACb,KAAK,MAAM,QAAQ,OACjB,UAAU,OAAO,aAAa,KAAK;CAErC,OAAO,KAAK,OAAO,CAAC,QAAQ,OAAO,IAAI,CAAC,QAAQ,OAAO,IAAI,CAAC,QAAQ,MAAM,GAAG;;;;;;AAO/E,SAAgB,gBAAgB,SAA0C;CACxE,MAAM,UAAU,IAAK,QAAQ,SAAS,KAAM;CAC5C,MAAM,SACJ,QAAQ,QAAQ,MAAM,IAAI,CAAC,QAAQ,MAAM,IAAI,GAAG,IAAI,OAAO,OAAO;CACpE,MAAM,SAAS,KAAK,OAAO;CAC3B,MAAM,MAAM,IAAI,WAAW,IAAI,YAAY,OAAO,OAAO,CAAC;CAC1D,KAAK,IAAI,IAAI,GAAG,IAAI,OAAO,QAAQ,KACjC,IAAI,KAAK,OAAO,WAAW,EAAE,IAAI;CAEnC,OAAO;;;;;;;AAQT,SAAgB,4BAA4B,KAA0B;CACpE,MAAM,MAAM,KAAK,IAAI;CACrB,MAAM,MAAM,IAAI,YAAY,IAAI,OAAO;CACvC,MAAM,OAAO,IAAI,WAAW,IAAI;CAChC,KAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,KAC9B,KAAK,KAAK,IAAI,WAAW,EAAE,IAAI;CAEjC,OAAO;;;;;;;;;;;AClCT,eAAsB,iBACpB,SACiB;CACjB,MAAM,EAAE,iBAAiB;CACzB,MAAM,YAAY,KAAK,UAAU;EAC/B,KAAK,aAAa;EAClB,KAAK,aAAa;EAClB,GAAG,aAAa;EAChB,GAAG,aAAa;EACjB,CAAC;CACF,MAAM,SAAS,MAAM,OAAO,OAAO,OACjC,WACA,IAAI,aAAa,CAAC,OAAO,UAAU,CACpC;CACD,OAAO,UAAU,IAAI,WAAW,OAAO,CAAC;;;;;;;;;ACf1C,eAAsB,iBACpB,SACiB;CACjB,MAAM,EAAE,QAAQ,SAAS,eAAe;CAQxC,MAAM,eAAe,GANC,UACpB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,OAAO,CAAC,CAKb,CAAC,GAHf,UACrB,IAAI,aAAa,CAAC,OAAO,KAAK,UAAU,QAAQ,CAAC,CAEI;CACvD,MAAM,kBAAkB,MAAM,OAAO,OAAO,KAC1C;EAAE,MAAM;EAAS,MAAM;EAAW,EAClC,YACA,IAAI,aAAa,CAAC,OAAO,aAAa,CACvC;CACD,OAAO,GAAG,aAAa,GAAG,UAAU,IAAI,WAAW,gBAAgB,CAAC;;AAGtE,eAAe,gBAAgB,KAAqC;CAClE,OAAO,OAAO,OAAO,UACnB,OACA,KACA;EAAE,MAAM;EAAS,YAAY;EAAS,EACtC,OACA,CAAC,SAAS,CACX;;;;;;;;;;;AAiBH,eAAsB,mBACpB,SACkC;CAClC,MAAM,EAAE,OAAO,iBAAiB;CAChC,MAAM,QAAQ,MAAM,MAAM,IAAI;CAC9B,IAAI,MAAM,WAAW,GAAG,MAAM,IAAI,MAAM,qBAAqB;CAC7D,MAAM,CAAC,eAAe,gBAAgB,oBAAoB;CAK1D,MAAM,YAAY,MAAM,gBAAgB,aAAa;CAOrD,IAAI,CAAC,MANe,OAAO,OAAO,OAChC;EAAE,MAAM;EAAS,MAAM;EAAW,EAClC,WACA,gBAAgB,iBAAiB,EACjC,IAAI,aAAa,CAAC,OAAO,GAAG,cAAc,GAAG,iBAAiB,CAC/D,EACW,MAAM,IAAI,MAAM,oCAAoC;CAChE,OAAO,KAAK,MACV,IAAI,aAAa,CAAC,OAAO,gBAAgB,eAAe,CAAC,CAC1D;;;;;;;;AAgBH,eAAsB,UACpB,SACkC;CAClC,MAAM,EAAE,OAAO,iBAAiB;CAChC,MAAM,UAAU,MAAM,mBAAmB;EAAE;EAAO;EAAc,CAAC;CACjE,MAAM,MAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;CACzC,IAAI,OAAO,QAAQ,WAAW,YAAY,QAAQ,SAAS,KACzD,MAAM,IAAI,MAAM,cAAc;CAEhC,OAAO;;;;;;;AAyBT,eAAsB,QAAQ,SAA0C;CACtE,MAAM,EAAE,YAAY,SAAS,eAAe;CAC5C,MAAM,MAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;CAKzC,OAAO,iBAAiB;EACtB,QAAQ;GAAE,KAAK;GAAS,KAAK;GAAO;EACpC,SALA,eAAe,KAAA,IACX;GAAE,KAAK;GAAK,KAAK,MAAM;GAAY,GAAG;GAAS,GAC/C;GAAE,KAAK;GAAK,GAAG;GAAS;EAI5B;EACD,CAAC;;;;AC3GJ,SAAS,yBAAyB,KAA6B;CAC7D,IACE,IAAI,QAAQ,QACZ,IAAI,QAAQ,WACZ,OAAO,IAAI,MAAM,YACjB,OAAO,IAAI,MAAM,UAEjB,MAAM,IAAI,MAAM,+BAA+B;CAEjD,OAAO;EACL,KAAK;EACL,KAAK;EACL,GAAG,IAAI;EACP,GAAG,IAAI;EACR;;;;;;;;AAgBH,eAAsB,cACpB,SACiB;CACjB,MAAM,EAAE,SAAS,WAAW;CAE5B,OAAO,iBAAiB;EACtB,QAAQ;GAAE,KAAK;GAAS,KAAK;GAAY,KAFzB,yBAAyB,QAAQ,gBAEM;GAAE;EACzD,SAAS;EACT,YAAY,QAAQ;EACrB,CAAC;;;;;;;;;;;;;;;AA+CJ,eAAsB,gBACpB,SAC4B;CAC5B,MAAM,EAAE,OAAO,KAAK,KAAK,KAAK,QAAQ;CACtC,MAAM,QAAQ,MAAM,MAAM,IAAI;CAC9B,IAAI,MAAM,WAAW,GAAG,MAAM,IAAI,MAAM,4BAA4B;CAEpE,MAAM,gBAAgB,MAAM;CAC5B,IAAI,CAAC,eAAe,MAAM,IAAI,MAAM,sBAAsB;CAE1D,MAAM,SAAS,KAAK,MAClB,IAAI,aAAa,CAAC,OAAO,gBAAgB,cAAc,CAAC,CACzD;CAED,IAAI,OAAO,QAAQ,YAAY,MAAM,IAAI,MAAM,0BAA0B;CACzE,IAAI,OAAO,QAAQ,SAAS,MAAM,IAAI,MAAM,6BAA6B;CACzE,MAAM,eAAe,OAAO;CAC5B,IAAI,CAAC,cAAc,MAAM,IAAI,MAAM,6BAA6B;CAGhE,MAAM,SAAS,MADO,mBAAmB;EAAE,OAAO;EAAO;EAAc,CAAC;CAGxE,IAAI,OAAO,QAAQ,KACjB,MAAM,IAAI,MAAM,+BAA+B,IAAI,QAAQ,OAAO,MAAM;CAE1E,IAAI,OAAO,QAAQ,KACjB,MAAM,IAAI,MAAM,+BAA+B,IAAI,QAAQ,OAAO,MAAM;CAE1E,IAAI,QAAQ,KAAA,KAAa,OAAO,QAAQ,KACtC,MAAM,IAAI,MAAM,oBAAoB;CAEtC,IAAI,QAAQ,KAAA,KAAa,OAAO,QAAQ,KACtC,MAAM,IAAI,MAAM,oBAAoB;CAGtC,MAAM,MAAM,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;CACzC,IAAI,KAAK,IAAI,MAAM,OAAO,IAAI,GAAG,KAC/B,MAAM,IAAI,MAAM,0CAA0C;CAI5D,OAAO;EAAE;EAAc,KAAA,MADL,iBAAiB,EAAE,cAAc,CAAC;EACxB;EAAQ;;;;;;;;;ACxJtC,eAAsB,gBAAgB,OAAgC;CACpE,MAAM,SAAS,MAAM,OAAO,OAAO,OACjC,WACA,IAAI,aAAa,CAAC,OAAO,MAAM,CAChC;CACD,OAAO,UAAU,IAAI,WAAW,OAAO,CAAC"}

package/dist/server/{types.d.ts → types-5gfN91Fq.d.ts}

@@ -52,5 +52,5 @@ interface JwkSet {
   keys: JsonWebKey[];
 }
 //#endregion
-export { AppKeys, HubSpotProxy, JwkSet };
-//# sourceMappingURL=types.d.ts.map
+export { HubSpotProxy as n, JwkSet as r, AppKeys as t };
+//# sourceMappingURL=types-5gfN91Fq.d.ts.map

package/dist/server/{api-client-core/types.d.ts → types-DEOUH4wE.d.ts}

@@ -131,5 +131,5 @@ interface CreateHubSpotClientOptions {
   plugins: Plugin[];
 }
 //#endregion
-export { ApiResponse, CreateHubSpotClientOptions, HubSpotApiResponse, HubSpotClient, Middleware, MiddlewareContext, Next, Operation, PaginatedItem, PaginatedResponse, Plugin, PluginAPI, SyntheticOperation, SyntheticOperationContext, SyntheticStreamingOperation };
-//# sourceMappingURL=types.d.ts.map
+export { Middleware as a, Operation as c, Plugin as d, PluginAPI as f, SyntheticStreamingOperation as h, HubSpotClient as i, PaginatedItem as l, SyntheticOperationContext as m, CreateHubSpotClientOptions as n, MiddlewareContext as o, SyntheticOperation as p, HubSpotApiResponse as r, Next as s, ApiResponse as t, PaginatedResponse as u };
+//# sourceMappingURL=types-DEOUH4wE.d.ts.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hubspot/app-connect-sdk",
-  "version": "1.0.0-alpha.3",
+  "version": "1.0.0-alpha.4",
   "description": "HubSpot App Connect SDK (alpha release). Documentation and integration guidance forthcoming.",
   "type": "module",
   "exports": {
@@ -23,16 +23,11 @@
   },
   "prettier": "@private/prettier-config",
   "peerDependencies": {
-    "hono": "^4.0.0",
     "react": "^18.0.0 || ^19.0.0"
   },
-  "peerDependenciesMeta": {
-    "hono": {
-      "optional": true
-    }
-  },
   "dependencies": {
-    "@base-ui/react": "^1.4.1"
+    "@base-ui/react": "^1.4.1",
+    "hono": "^4.7.11"
   },
   "engines": {
     "node": ">=24.0.0"
@@ -44,15 +39,14 @@
     "@vanilla-extract/css": "^1.20.1",
     "@vanilla-extract/rollup-plugin": "^1.5.3",
     "eslint": "10.0.3",
-    "hono": "^4.7.11",
     "prettier": "3.8.1",
     "react": "^19.1.0",
     "tsdown": "0.22.0-beta.3",
     "typescript": "6.0.3",
     "vitest": "4.0.18",
-    "@private/prettier-config": "0.1.0",
+    "@private/eslint-config": "0.1.0",
     "@private/tsconfig": "0.1.0",
-    "@private/eslint-config": "0.1.0"
+    "@private/prettier-config": "0.1.0"
   },
   "scripts": {
     "clean": "rm -rf dist build *.tsbuildinfo node_modules .turbo",

package/src/browser/app-connect-controller/connect-start.ts

@@ -41,5 +41,6 @@ export async function startHubSpotConnection(
 
   await delay(ARTIFICIAL_CONNECT_REDIRECT_DELAY_MS);
 
-  window.location.href = authorizationUrl;
+  console.log('authorizationUrl', authorizationUrl);
+  // window.location.href = authorizationUrl;
 }

package/tsdown.config.ts

@@ -33,6 +33,6 @@ export default defineConfig([
     sourcemap: true,
     clean: true,
     exports: false,
-    unbundle: true,
+    unbundle: false,
   },
 ]);

package/.turbo/turbo-format$colon$check.log

@@ -1,4 +0,0 @@
-
-$ prettier --check . --ignore-path ../../.prettierignore
-Checking formatting...
-.turbo/turbo-format$colon$check.log.turbo/turbo-lint.log.turbo/turbo-test.log.turbo/turbo-tsc.log.turbo/turbo-tsdown.logeslint.config.jspackage.jsonREADME.mdsrc/browser/app-connect-controller/connect-start.tssrc/browser/app-connect-controller/constants.tssrc/browser/app-connect-controller/create.tssrc/browser/app-connect-controller/default-session-storage.tssrc/browser/app-connect-controller/disconnect.tssrc/browser/app-connect-controller/init.test.tssrc/browser/app-connect-controller/init.tssrc/browser/app-connect-controller/README.mdsrc/browser/app-connect-controller/refresh.tssrc/browser/app-connect-controller/types.tssrc/browser/app-connect-controller/utils/crypto-utils.tssrc/browser/app-connect-controller/utils/encode-utils.tssrc/browser/app-connect-controller/utils/memoize-utils.test.tssrc/browser/app-connect-controller/utils/memoize-utils.tssrc/browser/app-connect-controller/utils/session-utils.test.tssrc/browser/app-connect-controller/utils/session-utils.tssrc/browser/app-connect-controller/utils/store-utils.test.tssrc/browser/app-connect-controller/utils/store-utils.tssrc/browser/app-connect-controller/utils/timeout-utils.tssrc/browser/app-connect-controller/view-state.test.tssrc/browser/app-connect-controller/view-state.tssrc/browser/index.tssrc/browser/react/components/AppConnectHeader/AppConnectHeader.css.tssrc/browser/react/components/AppConnectHeader/AppConnectHeader.tsxsrc/browser/react/components/Button/Button.css.tssrc/browser/react/components/Button/Button.tsxsrc/browser/react/components/ConnectButton/ConnectButton.css.tssrc/browser/react/components/ConnectButton/ConnectButton.tsxsrc/browser/react/components/DisconnectedBody/DisconnectedBody.css.tssrc/browser/react/components/DisconnectedBody/DisconnectedBody.tsxsrc/browser/react/components/HubSpotAppConnect/HubSpotAppConnect.css.tssrc/browser/react/components/HubSpotAppConnect/HubSpotAppConnect.tsxsrc/browser/react/components/icons/ChevronDownIcon.tsxsrc/browser/react/components/icons/ExternalLinkIcon.tsxsrc/browser/react/components/icons/HubSpotDataSourceIcon.tsxsrc/browser/react/components/icons/LogoutIcon.tsxsrc/browser/react/components/icons/ShareIcon.tsxsrc/browser/react/components/LoadingIndicator/LoadingIndicator.css.tssrc/browser/react/components/LoadingIndicator/LoadingIndicator.tsxsrc/browser/react/components/ShareButton/ShareButton.css.tssrc/browser/react/components/ShareButton/ShareButton.tsxsrc/browser/react/context.tssrc/browser/react/hooks.tssrc/browser/react/index.tssrc/browser/react/lovable/index.tssrc/browser/react/lovable/LovableHubSpotAppConnect.tsxsrc/browser/theme-tokens.generated.css.tssrc/browser/theme.css.tssrc/browser/types.tssrc/server/api-client-core/apis/account/account-info-types.generated.tssrc/server/api-client-core/apis/account/account-info.generated.tssrc/server/api-client-core/apis/account/audit-logs-types.generated.tssrc/server/api-client-core/apis/account/audit-logs.generated.tssrc/server/api-client-core/apis/auth/oauth-types.generated.tssrc/server/api-client-core/apis/auth/oauth.generated.tssrc/server/api-client-core/apis/automation/actions-types.generated.tssrc/server/api-client-core/apis/automation/actions.generated.tssrc/server/api-client-core/apis/automation/sequences-types.generated.tssrc/server/api-client-core/apis/automation/sequences.generated.tssrc/server/api-client-core/apis/business-units-types.generated.tssrc/server/api-client-core/apis/business-units.generated.tssrc/server/api-client-core/apis/cms/authors-types.generated.tssrc/server/api-client-core/apis/cms/authors.generated.tssrc/server/api-client-core/apis/cms/blog-settings-types.generated.tssrc/server/api-client-core/apis/cms/blog-settings.generated.tssrc/server/api-client-core/apis/cms/cms-content-audit-types.generated.tssrc/server/api-client-core/apis/cms/cms-content-audit.generated.tssrc/server/api-client-core/apis/cms/domains-types.generated.tssrc/server/api-client-core/apis/cms/domains.generated.tssrc/server/api-client-core/apis/cms/hubdb-types.generated.tssrc/server/api-client-core/apis/cms/hubdb.generated.tssrc/server/api-client-core/apis/cms/media-bridge-types.generated.tssrc/server/api-client-core/apis/cms/media-bridge.generated.tssrc/server/api-client-core/apis/cms/pages-types.generated.tssrc/server/api-client-core/apis/cms/pages.generated.tssrc/server/api-client-core/apis/cms/posts-types.generated.tssrc/server/api-client-core/apis/cms/posts.generated.tssrc/server/api-client-core/apis/cms/site-search-types.generated.tssrc/server/api-client-core/apis/cms/site-search.generated.tssrc/server/api-client-core/apis/cms/source-code-types.generated.tssrc/server/api-client-core/apis/cms/source-code.generated.tssrc/server/api-client-core/apis/cms/tags-types.generated.tssrc/server/api-client-core/apis/cms/tags.generated.tssrc/server/api-client-core/apis/cms/url-mappings-types.generated.tssrc/server/api-client-core/apis/cms/url-mappings.generated.tssrc/server/api-client-core/apis/cms/url-redirects-types.generated.tssrc/server/api-client-core/apis/cms/url-redirects.generated.tssrc/server/api-client-core/apis/communication-preferences/subscriptions-types.generated.tssrc/server/api-client-core/apis/communication-preferences/subscriptions.generated.tssrc/server/api-client-core/apis/conversations-types.generated.tssrc/server/api-client-core/apis/conversations.generated.tssrc/server/api-client-core/apis/conversations/custom-channels-types.generated.tssrc/server/api-client-core/apis/conversations/custom-channels.generated.tssrc/server/api-client-core/apis/conversations/visitor-identification-types.generated.tssrc/server/api-client-core/apis/conversations/visitor-identification.generated.tssrc/server/api-client-core/apis/crm/app-uninstalls-types.generated.tssrc/server/api-client-core/apis/crm/app-uninstalls.generated.tssrc/server/api-client-core/apis/crm/appointments-types.generated.tssrc/server/api-client-core/apis/crm/appointments.generated.tssrc/server/api-client-core/apis/crm/associations-schema-types.generated.tssrc/server/api-client-core/apis/crm/associations-schema.generated.tssrc/server/api-client-core/apis/crm/associations-types.generated.tssrc/server/api-client-core/apis/crm/associations.generated.tssrc/server/api-client-core/apis/crm/calling-extensions-types.generated.tssrc/server/api-client-core/apis/crm/calling-extensions.generated.tssrc/server/api-client-core/apis/crm/calls-types.generated.tssrc/server/api-client-core/apis/crm/calls.generated.tssrc/server/api-client-core/apis/crm/carts-types.generated.tssrc/server/api-client-core/apis/crm/carts.generated.tssrc/server/api-client-core/apis/crm/commerce-payments-types.generated.tssrc/server/api-client-core/apis/crm/commerce-payments.generated.tssrc/server/api-client-core/apis/crm/commerce-subscriptions-types.generated.tssrc/server/api-client-core/apis/crm/commerce-subscriptions.generated.tssrc/server/api-client-core/apis/crm/communications-types.generated.tssrc/server/api-client-core/apis/crm/communications.generated.tssrc/server/api-client-core/apis/crm/companies-types.generated.tssrc/server/api-client-core/apis/crm/companies.generated.tssrc/server/api-client-core/apis/crm/contacts-types.generated.tssrc/server/api-client-core/apis/crm/contacts.generated.tssrc/server/api-client-core/apis/crm/contracts-types.generated.tssrc/server/api-client-core/apis/crm/contracts.generated.tssrc/server/api-client-core/apis/crm/courses-types.generated.tssrc/server/api-client-core/apis/crm/courses.generated.tssrc/server/api-client-core/apis/crm/crm-owners-types.generated.tssrc/server/api-client-core/apis/crm/crm-owners.generated.tssrc/server/api-client-core/apis/crm/custom-objects-types.generated.tssrc/server/api-client-core/apis/crm/custom-objects.generated.tssrc/server/api-client-core/apis/crm/deal-splits-types.generated.tssrc/server/api-client-core/apis/crm/deal-splits.generated.tssrc/server/api-client-core/apis/crm/deals-types.generated.tssrc/server/api-client-core/apis/crm/deals.generated.tssrc/server/api-client-core/apis/crm/discounts-types.generated.tssrc/server/api-client-core/apis/crm/discounts.generated.tssrc/server/api-client-core/apis/crm/emails-types.generated.tssrc/server/api-client-core/apis/crm/emails.generated.tssrc/server/api-client-core/apis/crm/exports-types.generated.tssrc/server/api-client-core/apis/crm/exports.generated.tssrc/server/api-client-core/apis/crm/feedback-submissions-types.generated.tssrc/server/api-client-core/apis/crm/feedback-submissions.generated.tssrc/server/api-client-core/apis/crm/fees-types.generated.tssrc/server/api-client-core/apis/crm/fees.generated.tssrc/server/api-client-core/apis/crm/goal-targets-types.generated.tssrc/server/api-client-core/apis/crm/goal-targets.generated.tssrc/server/api-client-core/apis/crm/imports-types.generated.tssrc/server/api-client-core/apis/crm/imports.generated.tssrc/server/api-client-core/apis/crm/invoices-types.generated.tssrc/server/api-client-core/apis/crm/invoices.generated.tssrc/server/api-client-core/apis/crm/leads-types.generated.tssrc/server/api-client-core/apis/crm/leads.generated.tssrc/server/api-client-core/apis/crm/limits-tracking-types.generated.tssrc/server/api-client-core/apis/crm/limits-tracking.generated.tssrc/server/api-client-core/apis/crm/line-items-types.generated.tssrc/server/api-client-core/apis/crm/line-items.generated.tssrc/server/api-client-core/apis/crm/listings-types.generated.tssrc/server/api-client-core/apis/crm/listings.generated.tssrc/server/api-client-core/apis/crm/lists-types.generated.tssrc/server/api-client-core/apis/crm/lists.generated.tssrc/server/api-client-core/apis/crm/meetings-types.generated.tssrc/server/api-client-core/apis/crm/meetings.generated.tssrc/server/api-client-core/apis/crm/notes-types.generated.tssrc/server/api-client-core/apis/crm/notes.generated.tssrc/server/api-client-core/apis/crm/object-library-types.generated.tssrc/server/api-client-core/apis/crm/object-library.generated.tssrc/server/api-client-core/apis/crm/objects-types.generated.tssrc/server/api-client-core/apis/crm/objects.generated.tssrc/server/api-client-core/apis/crm/orders-types.generated.tssrc/server/api-client-core/apis/crm/orders.generated.tssrc/server/api-client-core/apis/crm/partner-clients-types.generated.tssrc/server/api-client-core/apis/crm/partner-clients.generated.tssrc/server/api-client-core/apis/crm/partner-services-types.generated.tssrc/server/api-client-core/apis/crm/partner-services.generated.tssrc/server/api-client-core/apis/crm/pipelines-types.generated.tssrc/server/api-client-core/apis/crm/pipelines.generated.tssrc/server/api-client-core/apis/crm/postal-mail-types.generated.tssrc/server/api-client-core/apis/crm/postal-mail.generated.tssrc/server/api-client-core/apis/crm/products-types.generated.tssrc/server/api-client-core/apis/crm/products.generated.tssrc/server/api-client-core/apis/crm/projects-types.generated.tssrc/server/api-client-core/apis/crm/projects.generated.tssrc/server/api-client-core/apis/crm/properties-types.generated.tssrc/server/api-client-core/apis/crm/properties.generated.tssrc/server/api-client-core/apis/crm/property-validations-types.generated.tssrc/server/api-client-core/apis/crm/property-validations.generated.tssrc/server/api-client-core/apis/crm/public-app-crm-cards-types.generated.tssrc/server/api-client-core/apis/crm/public-app-crm-cards.generated.tssrc/server/api-client-core/apis/crm/public-app-feature-flags-types.generated.tssrc/server/api-client-core/apis/crm/public-app-feature-flags.generated.tssrc/server/api-client-core/apis/crm/quotes-types.generated.tssrc/server/api-client-core/apis/crm/quotes.generated.tssrc/server/api-client-core/apis/crm/schemas-types.generated.tssrc/server/api-client-core/apis/crm/schemas.generated.tssrc/server/api-client-core/apis/crm/services-types.generated.tssrc/server/api-client-core/apis/crm/services.generated.tssrc/server/api-client-core/apis/crm/tasks-types.generated.tssrc/server/api-client-core/apis/crm/tasks.generated.tssrc/server/api-client-core/apis/crm/taxes-types.generated.tssrc/server/api-client-core/apis/crm/taxes.generated.tssrc/server/api-client-core/apis/crm/tickets-types.generated.tssrc/server/api-client-core/apis/crm/tickets.generated.tssrc/server/api-client-core/apis/crm/timeline-types.generated.tssrc/server/api-client-core/apis/crm/timeline.generated.tssrc/server/api-client-core/apis/crm/transcriptions-types.generated.tssrc/server/api-client-core/apis/crm/transcriptions.generated.tssrc/server/api-client-core/apis/crm/users-types.generated.tssrc/server/api-client-core/apis/crm/users.generated.tssrc/server/api-client-core/apis/crm/video-conferencing-extension-types.generated.tssrc/server/api-client-core/apis/crm/video-conferencing-extension.generated.tssrc/server/api-client-core/apis/events-types.generated.tssrc/server/api-client-core/apis/events.generated.tssrc/server/api-client-core/apis/events/manage-event-definitions-types.generated.tssrc/server/api-client-core/apis/events/manage-event-definitions.generated.tssrc/server/api-client-core/apis/events/send-event-completions-types.generated.tssrc/server/api-client-core/apis/events/send-event-completions.generated.tssrc/server/api-client-core/apis/files-types.generated.tssrc/server/api-client-core/apis/files.generated.tssrc/server/api-client-core/apis/index.generated.tssrc/server/api-client-core/apis/marketing/campaigns-public-api-types.generated.tssrc/server/api-client-core/apis/marketing/campaigns-public-api.generated.tssrc/server/api-client-core/apis/marketing/marketing-emails-types.generated.tssrc/server/api-client-core/apis/marketing/marketing-emails.generated.tssrc/server/api-client-core/apis/marketing/marketing-events-types.generated.tssrc/server/api-client-core/apis/marketing/marketing-events.generated.tssrc/server/api-client-core/apis/marketing/single-send-types.generated.tssrc/server/api-client-core/apis/marketing/single-send.generated.tssrc/server/api-client-core/apis/marketing/transactional-single-send-types.generated.tssrc/server/api-client-core/apis/marketing/transactional-single-send.generated.tssrc/server/api-client-core/apis/meta/origins-types.generated.tssrc/server/api-client-core/apis/meta/origins.generated.tssrc/server/api-client-core/apis/scheduler/meetings-types.generated.tssrc/server/api-client-core/apis/scheduler/meetings.generated.tssrc/server/api-client-core/apis/settings/multicurrency-types.generated.tssrc/server/api-client-core/apis/settings/multicurrency.generated.tssrc/server/api-client-core/apis/settings/tax-rates-types.generated.tssrc/server/api-client-core/apis/settings/tax-rates.generated.tssrc/server/api-client-core/apis/settings/user-provisioning-types.generated.tssrc/server/api-client-core/apis/settings/user-provisioning.generated.tssrc/server/api-client-core/apis/webhooks-journal-types.generated.tssrc/server/api-client-core/apis/webhooks-journal.generated.tssrc/server/api-client-core/apis/webhooks-types.generated.tssrc/server/api-client-core/apis/webhooks.generated.tssrc/server/api-client-core/binary-data.tssrc/server/api-client-core/client.tssrc/server/api-client-core/codegen-helpers/file-op-wrappers.tssrc/server/api-client-core/errors.tssrc/server/api-client-core/index.tssrc/server/api-client-core/op.tssrc/server/api-client-core/pagination.tssrc/server/api-client-core/plugins/fetch-transport.tssrc/server/api-client-core/plugins/index.tssrc/server/api-client-core/types.tssrc/server/api-client.tssrc/server/constants.tssrc/server/deno/index.tssrc/server/deno/start.tssrc/server/hono/hono-request-handler.tssrc/server/hono/hubspot-connect-routes/auth-complete.test.tssrc/server/hono/hubspot-connect-routes/auth-complete.tssrc/server/hono/hubspot-connect-routes/auth-init-session.test.tssrc/server/hono/hubspot-connect-routes/auth-init-session.tssrc/server/hono/hubspot-connect-routes/auth-logout.test.tssrc/server/hono/hubspot-connect-routes/auth-logout.tssrc/server/hono/hubspot-connect-routes/auth-refresh.test.tssrc/server/hono/hubspot-connect-routes/auth-refresh.tssrc/server/hono/hubspot-connect-routes/cimd-client-metadata-types.tssrc/server/hono/hubspot-connect-routes/cimd-public-routes.test.tssrc/server/hono/hubspot-connect-routes/cimd-public-routes.tssrc/server/hono/hubspot-connect-routes/constants.tssrc/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.test.tssrc/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.tssrc/server/hono/hubspot-connect-routes/hubspot-connect-routes.tssrc/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.test.tssrc/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.tssrc/server/hono/hubspot-connect-routes/oauth-client.tssrc/server/hono/hubspot-connect-routes/types.tssrc/server/hono/hubspot-connect-routes/utils.test.tssrc/server/hono/hubspot-connect-routes/utils.tssrc/server/hono/index.tssrc/server/hono/types.tssrc/server/hono/utils/cookie-utils.tssrc/server/hono/utils/cors-middleware.test.tssrc/server/hono/utils/cors-middleware.tssrc/server/import-app-keys.tssrc/server/lovable/create-app-function-start.tssrc/server/lovable/hubspot-connect/index.tssrc/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.tssrc/server/lovable/index.tssrc/server/node/index.tssrc/server/node/start.tssrc/server/oauth.tssrc/server/proxy.test.tssrc/server/proxy.tssrc/server/sanitize-request.test.tssrc/server/sanitize-request.tssrc/server/secure-start-core.tssrc/server/types.tssrc/server/utils/base64-utils.tssrc/server/utils/cookie-utils.test.tssrc/server/utils/cookie-utils.tssrc/server/utils/crypto-utils.tssrc/server/utils/dpop-utils.test.tssrc/server/utils/dpop-utils.tssrc/server/utils/env-utils.test.tssrc/server/utils/env-utils.tssrc/server/utils/jwk-utils.test.tssrc/server/utils/jwk-utils.tssrc/server/utils/jwt-utils.test.tssrc/server/utils/jwt-utils.tssrc/server/utils/test-fixtures.tssrc/shared/constants.tssrc/shared/encoding/base64.test.tssrc/shared/encoding/base64.tssrc/shared/encoding/sha256.test.tssrc/shared/encoding/sha256.tssrc/shared/logger.tssrc/shared/wire-types.tstsconfig.browser.jsontsconfig.jsontsconfig.server.jsontsdown.config.tsvitest.config.tsAll matched files use Prettier code style!

package/.turbo/turbo-lint.log

@@ -1,2 +0,0 @@
-
-$ eslint .

package/.turbo/turbo-test.log

@@ -1,78 +0,0 @@
-
-$ vitest run
-[?25l
- RUN  v4.0.18 /Users/psteeleidem/src/HubSpotEngineering/app-connect-sdk/packages/app-connect-sdk
-
-[?2026h
- ❯ src/server/hono/hubspot-connect-routes/auth-refresh.test.ts [queued]
-
- Test Files 0 passed (23)
-      Tests 0 passed (0)
-   Start at 10:28:23
-   Duration 203ms
-[?2026l[?2026h ✓ src/shared/encoding/sha256.test.ts (3 tests) 3ms
- ✓ src/server/utils/jwk-utils.test.ts (3 tests) 11ms
- ✓ src/server/utils/jwt-utils.test.ts (6 tests) 15ms
- ✓ src/server/sanitize-request.test.ts (6 tests) 14ms
- ✓ src/server/utils/dpop-utils.test.ts (7 tests) 16ms
-
- ❯ src/browser/app-connect-controller/init.test.ts [queued]
- ❯ src/server/hono/hubspot-connect-routes/auth-complete.test.ts [queued]
- ❯ src/server/hono/hubspot-connect-routes/auth-init-session.test.ts [queued]
- ❯ src/server/hono/hubspot-connect-routes/auth-logout.test.ts [queued]
- ❯ src/server/hono/hubspot-connect-routes/auth-refresh.test.ts [queued]
- ❯ src/server/hono/hubspot-connect-routes/cimd-public-routes.test.ts [queued]
- ❯ src/server/hono/utils/cors-middleware.test.ts 1/4
- ❯ src/server/proxy.test.ts 0/3
- ❯ src/server/sanitize-request.test.ts 6/6
- ❯ src/server/utils/dpop-utils.test.ts 7/7
- ❯ src/server/utils/jwk-utils.test.ts 3/3
- ❯ src/server/utils/jwt-utils.test.ts 6/6
- ❯ src/shared/encoding/sha256.test.ts 3/3
-
- Test Files 5 passed (23)
-      Tests 26 passed (32)
-   Start at 10:28:23
-   Duration 302ms
-[?2026l[?2026h ✓ src/server/hono/utils/cors-middleware.test.ts (4 tests) 15ms
- ✓ src/server/hono/hubspot-connect-routes/cimd-public-routes.test.ts (4 tests) 16ms
- ✓ src/server/proxy.test.ts (3 tests) 75ms
- ✓ src/server/hono/hubspot-connect-routes/auth-complete.test.ts (9 tests) 20ms
- ✓ src/server/hono/hubspot-connect-routes/auth-logout.test.ts (2 tests) 16ms
- ✓ src/browser/app-connect-controller/init.test.ts (4 tests) 16ms
- ✓ src/server/hono/hubspot-connect-routes/auth-init-session.test.ts (8 tests) 27ms
- ✓ src/server/hono/hubspot-connect-routes/auth-refresh.test.ts (6 tests) 31ms
-
-
-
- ❯ src/browser/app-connect-controller/utils/session-utils.test.ts [queued]
- ❯ src/server/hono/hubspot-connect-routes/auth-complete.test.ts 9/9
- ❯ src/server/hono/hubspot-connect-routes/cimd-public-routes.test.ts 4/4
- ❯ src/server/hono/utils/cors-middleware.test.ts 4/4
- ❯ src/server/proxy.test.ts 3/3
- ❯ src/server/sanitize-request.test.ts 6/6
- ❯ src/server/utils/dpop-utils.test.ts 7/7
- ❯ src/server/utils/jwk-utils.test.ts 3/3
- ❯ src/server/utils/jwt-utils.test.ts 6/6
-
- Test Files 13 passed (23)
-      Tests 65 passed (65)
-   Start at 10:28:23
-   Duration 403ms
-[?2026l ✓ src/browser/app-connect-controller/utils/session-utils.test.ts (9 tests) 3ms
- ✓ src/browser/app-connect-controller/utils/store-utils.test.ts (11 tests) 3ms
- ✓ src/server/utils/env-utils.test.ts (13 tests) 2ms
- ✓ src/shared/encoding/base64.test.ts (7 tests) 2ms
- ✓ src/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.test.ts (11 tests) 2ms
- ✓ src/server/hono/hubspot-connect-routes/utils.test.ts (10 tests) 2ms
- ✓ src/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.test.ts (5 tests) 2ms
- ✓ src/server/utils/cookie-utils.test.ts (8 tests) 2ms
- ✓ src/browser/app-connect-controller/view-state.test.ts (7 tests) 1ms
- ✓ src/browser/app-connect-controller/utils/memoize-utils.test.ts (4 tests) 2ms
-
- Test Files  23 passed (23)
-      Tests  150 passed (150)
-   Start at  10:28:23
-   Duration  503ms (transform 895ms, setup 0ms, import 1.38s, tests 295ms, environment 1ms)
-
-[?25h

package/dist/browser/create-crdncXsh.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"create-crdncXsh.js","names":["disconnectFromHubSpot","runDisconnectFromHubSpot"],"sources":["../../src/shared/logger.ts","../../src/browser/app-connect-controller/utils/timeout-utils.ts","../../src/browser/app-connect-controller/connect-start.ts","../../src/browser/app-connect-controller/default-session-storage.ts","../../src/shared/constants.ts","../../src/browser/app-connect-controller/constants.ts","../../src/browser/app-connect-controller/utils/session-utils.ts","../../src/browser/app-connect-controller/disconnect.ts","../../src/browser/app-connect-controller/init.ts","../../src/browser/app-connect-controller/refresh.ts","../../src/browser/app-connect-controller/utils/memoize-utils.ts","../../src/browser/app-connect-controller/utils/store-utils.ts","../../src/browser/app-connect-controller/view-state.ts","../../src/browser/app-connect-controller/create.ts"],"sourcesContent":["/**\n * Pluggable logger contract used by the SDK on both the browser and\n * server. Consumers can pass `console`-like loggers, structured\n * loggers (pino / winston / etc.) or no-op stubs in tests.\n */\nexport interface Logger {\n  debug: (message: string, ...args: unknown[]) => void;\n  info: (message: string, ...args: unknown[]) => void;\n  warn: (message: string, ...args: unknown[]) => void;\n  error: (message: string, ...args: unknown[]) => void;\n}\n\nfunction formatPrefix(name: string): string {\n  return `[${name}]`;\n}\n\n/**\n * Creates a console-backed logger that prefixes every line with the\n * supplied `name`. Used as the default when no custom logger is\n * provided.\n */\nexport function createLogger(name: string): Logger {\n  const prefix = formatPrefix(name);\n  return {\n    debug: (message, ...args) => {\n      console.debug(prefix, message, ...args);\n    },\n    info: (message, ...args) => {\n      console.info(prefix, message, ...args);\n    },\n    warn: (message, ...args) => {\n      console.warn(prefix, message, ...args);\n    },\n    error: (message, ...args) => {\n      console.error(prefix, message, ...args);\n    },\n  };\n}\n\n/**\n * Logger that swallows every message. Convenient for tests and for\n * the SDK's server-side handlers when no logger is provided by the\n * host application.\n */\nexport const noopLogger: Logger = {\n  debug: () => {},\n  info: () => {},\n  warn: () => {},\n  error: () => {},\n};\n","export function delay(ms: number): Promise<void> {\n  if (ms <= 0) {\n    return Promise.resolve();\n  }\n  return new Promise((resolve) => {\n    setTimeout(resolve, ms);\n  });\n}\n","import type { InitSessionResponse } from '../../shared/wire-types.ts';\nimport type { AppConnectContext } from './types.ts';\nimport { delay } from './utils/timeout-utils.ts';\n\n/** Extra wait before redirect so the connect progress UI is visible; set to `0` to disable. */\nconst ARTIFICIAL_CONNECT_REDIRECT_DELAY_MS = 500;\n\n/**\n * Begins the OAuth connect flow:\n *\n * 1. Calls the SDK's `auth/init-session` route to mint a fresh PKCE\n *    verifier + state and obtain HubSpot's `authorize` URL.\n * 2. Navigates the browser to that URL (full-page redirect).\n *\n * The `return_path` is the current path + query so the user lands\n * back where they started after authorizing.\n *\n * Throws when the init call fails. Does not return after the redirect\n * begins because the page is unloaded.\n */\nexport async function startHubSpotConnection(\n  context: AppConnectContext\n): Promise<void> {\n  const { config } = context;\n\n  const returnPath = `${window.location.pathname}${window.location.search}`;\n\n  const initUrl = new URL(\n    `${config.hubSpotConnectBaseUrl}/auth/init-session`,\n    window.location.origin\n  );\n  initUrl.searchParams.set('return_path', returnPath);\n\n  const initResponse = await fetch(initUrl.toString(), {\n    credentials: 'include',\n  });\n  if (!initResponse.ok)\n    throw new Error(`Failed to init session: ${initResponse.status}`);\n  const { authorization_url: authorizationUrl } =\n    (await initResponse.json()) as InitSessionResponse;\n\n  await delay(ARTIFICIAL_CONNECT_REDIRECT_DELAY_MS);\n\n  window.location.href = authorizationUrl;\n}\n","import type { SessionStorage } from './types.ts';\n\n/**\n * Builds a `SessionStorage` adapter that delegates to the global\n * `sessionStorage` object exposed by browsers. The controller uses\n * this when no custom storage is supplied (e.g. for tests or non-DOM\n * environments).\n */\nexport function createDefaultSessionStorage(): SessionStorage {\n  return {\n    setItem: (key, value) => {\n      sessionStorage.setItem(key, value);\n    },\n    getItem: (key) => {\n      return sessionStorage.getItem(key);\n    },\n    removeItem: (key) => {\n      sessionStorage.removeItem(key);\n    },\n  };\n}\n","/**\n * Constants whose values are part of the contract between the browser\n * controller and the server-side hubspot-connect routes. Both halves\n * import from this module so the wire format stays in sync.\n */\n\n/**\n * Query parameter on the OAuth return URL that carries the new access\n * token's expiry (Unix epoch milliseconds). The browser controller\n * sets this in the URL after a successful `auth/complete` call and\n * then strips it during `initAppConnect` via `history.replaceState`.\n */\nexport const EXPIRES_AT_URL_PARAM = '__hs_expires_at';\n\n/**\n * Path the browser visits after HubSpot's authorize endpoint\n * redirects back to the app. Mounted on the **frontend** origin (not\n * the SDK's edge function host) so all OAuth-related cookies live in\n * the `(frontend, edge)` CHIPS partition.\n *\n * The SDK's `auth/init-session` builds the OAuth `redirect_uri` as\n * `${requestOrigin}${HUBSPOT_FRONTEND_CALLBACK_PATH}`. The browser\n * controller, on `start()`, recognizes this path on `window.location`\n * and forwards `?code` + `?state` to the SDK's `auth/complete`\n * endpoint via a credentialed cross-site fetch. The host app must\n * register `${app_origin}${HUBSPOT_FRONTEND_CALLBACK_PATH}` as a\n * redirect URI in its HubSpot app settings.\n */\nexport const HUBSPOT_FRONTEND_CALLBACK_PATH = '/__hubspot_oauth_callback';\n\n/**\n * Query parameter on the `auth/complete` POST request carrying the\n * authorization `code` HubSpot returned to the frontend callback.\n */\nexport const AUTH_COMPLETE_CODE_PARAM = 'code';\n\n/**\n * Query parameter on the `auth/complete` POST request carrying the\n * OAuth `state` HubSpot echoed back to the frontend callback.\n */\nexport const AUTH_COMPLETE_STATE_PARAM = 'state';\n","export { EXPIRES_AT_URL_PARAM } from '../../shared/constants.ts';\n\n/**\n * Key the controller persists the access-token `expiresAt` (Unix\n * epoch milliseconds) under in `sessionStorage`. Survives full-page\n * navigations within the same tab.\n */\nexport const EXPIRES_AT_KEY = 'hubspot_token_expires_at';\n\n/**\n * Number of milliseconds before `expiresAt` that the refresh\n * scheduler attempts to mint a new access token. 60s is comfortably\n * larger than typical network latency without burning lifetime.\n */\nexport const REFRESH_BUFFER_MS = 60_000;\n","import { EXPIRES_AT_KEY } from '../constants.ts';\nimport type { AppConnectContext } from '../types.ts';\n\ninterface StoreExpiresAtOptions {\n  context: AppConnectContext;\n  expiresAtMs: number;\n}\n\n/**\n * Persists the access-token `expiresAt` (Unix epoch milliseconds) to\n * both the in-memory store and `sessionStorage` so it survives\n * full-page navigations within the same tab.\n */\nexport function storeExpiresAt(options: StoreExpiresAtOptions): void {\n  const { context, expiresAtMs } = options;\n  context.store.setState({ expiresAt: expiresAtMs });\n  context.sessionStorage.setItem(EXPIRES_AT_KEY, String(expiresAtMs));\n}\n\n/**\n * Reads the persisted `expiresAt` from `sessionStorage`. Removes the\n * value (and returns `null`) if it is malformed or already expired,\n * so a stale entry never reactivates a dead session.\n */\nexport function getExpiresAtFromSessionStorage(\n  context: AppConnectContext\n): number | null {\n  const raw = context.sessionStorage.getItem(EXPIRES_AT_KEY);\n  if (!raw) return null;\n  const val = parseInt(raw, 10);\n  if (isNaN(val)) {\n    context.sessionStorage.removeItem(EXPIRES_AT_KEY);\n    return null;\n  }\n  if (Date.now() > val) {\n    context.sessionStorage.removeItem(EXPIRES_AT_KEY);\n    return null;\n  }\n  return val;\n}\n\n/**\n * Clears the persisted session-storage state. Called on disconnect.\n */\nexport function clearSessionStorage(context: AppConnectContext): void {\n  context.sessionStorage.removeItem(EXPIRES_AT_KEY);\n}\n\n/**\n * Returns `true` when the controller has an `expiresAt` whose value\n * is still in the future. Used both to drive the UI status and to\n * decide whether the refresh scheduler should run.\n */\nexport function isClientSessionActive(context: AppConnectContext): boolean {\n  const state = context.store.getSnapshot();\n  const expiresAt = state.expiresAt;\n  return expiresAt !== null && Date.now() < expiresAt;\n}\n","import type { LogoutResponse } from '../../shared/wire-types.ts';\nimport type { AppConnectContext } from './types.ts';\nimport { clearSessionStorage } from './utils/session-utils.ts';\n\n/**\n * Disconnect flow:\n *\n * 1. Calls the SDK's `auth/logout` route to revoke the upstream token\n *    and clear the refresh-token cookie.\n * 2. Clears the local session-storage `expiresAt` entry.\n * 3. Updates the controller state to `disconnected` and navigates the\n *    browser to the URL the server returned in `redirect_to`.\n *\n * Errors are caught, logged, and surfaced via the controller's\n * `error` field so the UI can show a retry state.\n */\nexport async function disconnectFromHubSpot(\n  context: AppConnectContext\n): Promise<void> {\n  const { config, logger, store } = context;\n  logger.info('disconnectFromHubSpot: starting');\n  store.setState({ error: null, isDisconnectInFlight: true });\n  const { hubSpotConnectBaseUrl: appConnectBaseUrl } = config;\n\n  try {\n    clearSessionStorage(context);\n\n    const response = await fetch(`${appConnectBaseUrl}/auth/logout`, {\n      method: 'POST',\n      credentials: 'include',\n    });\n    if (!response.ok) {\n      throw new Error(`Logout failed: ${response.status}`);\n    }\n    const { redirect_to: redirectTo } =\n      (await response.json()) as LogoutResponse;\n\n    store.setState({\n      expiresAt: null,\n      isSessionConnected: false,\n      isDisconnectInFlight: false,\n    });\n\n    window.location.href = redirectTo;\n    logger.info('disconnectFromHubSpot: redirecting');\n  } catch (err) {\n    const message = err instanceof Error ? err.message : 'Disconnect failed';\n    logger.error('disconnectFromHubSpot: failed', err);\n    store.setState({\n      error: message,\n      isDisconnectInFlight: false,\n    });\n  }\n}\n","import {\n  AUTH_COMPLETE_CODE_PARAM,\n  AUTH_COMPLETE_STATE_PARAM,\n  HUBSPOT_FRONTEND_CALLBACK_PATH,\n} from '../../shared/constants.ts';\nimport type { AuthCompleteResponse } from '../../shared/wire-types.ts';\nimport { EXPIRES_AT_KEY } from './constants.ts';\nimport type { AppConnectContext } from './types.ts';\nimport { clearSessionStorage } from './utils/session-utils.ts';\n\n/**\n * On `controller.start()`:\n *\n * 1. If the browser has been redirected back to the SDK's frontend\n *    OAuth callback path (`HUBSPOT_FRONTEND_CALLBACK_PATH`) with\n *    `?code` + `?state`, POST those values to the SDK's\n *    `auth/complete` endpoint to finish the token exchange. The\n *    server sets the durable session cookies on the response (in the\n *    same `(frontend, edge)` CHIPS partition the SDK reads them from\n *    on subsequent API fetches) and returns `{ expires_at,\n *    return_path }`. Replace the URL with `${return_path}?\n *    ${EXPIRES_AT_URL_PARAM}=${expires_at}` so the rest of init\n *    runs against the page the user actually started the connect\n *    flow from.\n * 2. Pick up `?__hs_expires_at` from `window.location` (placed there\n *    by step 1, or by an in-progress refresh hop), persist it to the\n *    controller's store + sessionStorage, and strip it from the\n *    address bar so it isn't logged or bookmarked.\n *\n * A no-op when neither set of parameters is present (every page\n * load other than the OAuth return trip).\n */\nexport async function initAppConnect(\n  context: AppConnectContext\n): Promise<void> {\n  await consumeOAuthCallback(context);\n}\n\nasync function consumeOAuthCallback(context: AppConnectContext): Promise<void> {\n  if (window.location.pathname !== HUBSPOT_FRONTEND_CALLBACK_PATH) return;\n\n  const params = new URLSearchParams(window.location.search);\n  const code = params.get(AUTH_COMPLETE_CODE_PARAM);\n  const state = params.get(AUTH_COMPLETE_STATE_PARAM);\n  if (!code || !state) return;\n\n  const completeUrl = new URL(\n    `${context.config.hubSpotConnectBaseUrl}/auth/complete`,\n    window.location.origin\n  );\n  completeUrl.searchParams.set(AUTH_COMPLETE_CODE_PARAM, code);\n  completeUrl.searchParams.set(AUTH_COMPLETE_STATE_PARAM, state);\n\n  let response: Response;\n  try {\n    response = await fetch(completeUrl.toString(), {\n      method: 'POST',\n      credentials: 'include',\n    });\n  } catch (err) {\n    clearSessionStorage(context);\n    throw new Error(\n      `Failed to complete HubSpot OAuth: ${err instanceof Error ? err.message : String(err)}`\n    );\n  }\n\n  if (!response.ok) {\n    clearSessionStorage(context);\n    throw new Error(\n      `Failed to complete HubSpot OAuth: ${response.status} ${response.statusText}`\n    );\n  }\n\n  const body = (await response.json()) as AuthCompleteResponse;\n\n  const { expires_at: expiresAt, return_path: returnPath } = body;\n  context.store.setState({ expiresAt });\n  context.sessionStorage.setItem(EXPIRES_AT_KEY, String(expiresAt));\n\n  const targetUrl = new URL(returnPath, window.location.origin);\n  history.replaceState(\n    null,\n    '',\n    `${targetUrl.pathname}${targetUrl.search}${targetUrl.hash}`\n  );\n}\n","import type { RefreshTokenResponse } from '../../shared/wire-types.ts';\nimport { REFRESH_BUFFER_MS } from './constants.ts';\nimport type { AppConnectContext } from './types.ts';\nimport {\n  isClientSessionActive,\n  storeExpiresAt,\n} from './utils/session-utils.ts';\n\n/**\n * Tear-down handle returned by {@link startRefreshScheduler}. Calling\n * `stop()` clears any pending refresh timer and unsubscribes from the\n * store so the controller can be garbage-collected.\n */\nexport interface RefreshSchedulerHandle {\n  stop: () => void;\n}\n\nasync function refreshAccessToken(context: AppConnectContext): Promise<void> {\n  const { config } = context;\n\n  const refreshResponse = await fetch(\n    `${config.hubSpotConnectBaseUrl}/auth/refresh`,\n    {\n      method: 'POST',\n      credentials: 'include',\n    }\n  );\n  if (!refreshResponse.ok) {\n    throw new Error(`Refresh failed: ${refreshResponse.status}`);\n  }\n  const { expires_in: expiresInSeconds } =\n    (await refreshResponse.json()) as RefreshTokenResponse;\n  if (\n    typeof expiresInSeconds !== 'number' ||\n    !Number.isFinite(expiresInSeconds) ||\n    expiresInSeconds <= 0\n  ) {\n    throw new Error('Refresh response missing or invalid expires_in');\n  }\n  const expiresAtMs = Date.now() + expiresInSeconds * 1000;\n\n  storeExpiresAt({ context, expiresAtMs });\n}\n\n/**\n * Subscribes to store changes and (re)schedules a token refresh\n * whenever `expiresAt` moves. Returns a handle that the caller can\n * use to stop the scheduler when the controller is destroyed.\n */\nexport function startRefreshScheduler(\n  context: AppConnectContext\n): RefreshSchedulerHandle {\n  const { logger, store } = context;\n\n  let refreshTimer: ReturnType<typeof setTimeout> | null = null;\n  let stopped = false;\n\n  const scheduleRefresh = () => {\n    if (refreshTimer) {\n      clearTimeout(refreshTimer);\n      refreshTimer = null;\n    }\n    if (stopped) return;\n\n    const state = store.getSnapshot();\n    if (!state.isInitComplete || !state.isSessionConnected) {\n      return;\n    }\n\n    const expiresAt = state.expiresAt;\n    if (!expiresAt) {\n      logger.debug('scheduleRefresh: no expiresAt, skipping');\n      return;\n    }\n    const delayMs = Math.max(0, expiresAt - Date.now() - REFRESH_BUFFER_MS);\n    logger.debug(\n      'scheduleRefresh: next refresh in ',\n      (delayMs / 1000).toFixed(1),\n      's',\n      {\n        expiresAt,\n      }\n    );\n    refreshTimer = setTimeout(() => {\n      logger.debug('scheduleRefresh: timer fired, refreshing token');\n      refreshTimer = null;\n      if (stopped) return;\n\n      void (async () => {\n        try {\n          await refreshAccessToken(context);\n          if (stopped) return;\n          if (isClientSessionActive(context)) {\n            logger.info('token refresh: success, session still active');\n          } else {\n            logger.warn(\n              'token refresh: success but no active session in storage'\n            );\n            store.setState({ isSessionConnected: false });\n          }\n        } catch (err) {\n          logger.error('token refresh: failed', err);\n          if (stopped) return;\n          store.setState({ isSessionConnected: false });\n        }\n      })();\n    }, delayMs);\n  };\n\n  const unsubscribe = store.subscribe(() => {\n    scheduleRefresh();\n  });\n\n  return {\n    stop: () => {\n      stopped = true;\n      unsubscribe();\n      if (refreshTimer) {\n        clearTimeout(refreshTimer);\n        refreshTimer = null;\n      }\n    },\n  };\n}\n","/**\n * Wraps `fn` so that calls with the same input (compared via\n * `Object.is`) return the previous output without re-invoking `fn`.\n * The cache holds at most one entry, so this is safe to use for\n * derived view-state from a single store snapshot.\n *\n * Used by `getSnapshot` to keep the React state reference stable\n * between unrelated store updates — `useSyncExternalStore` would\n * otherwise re-render every consumer on every change.\n */\nexport function memoizeLast<TInput, TOutput>(\n  fn: (input: TInput) => TOutput\n): (input: TInput) => TOutput {\n  let lastInput: TInput;\n  let lastOutput: TOutput;\n  let hasValue = false;\n  return (input: TInput): TOutput => {\n    if (hasValue && Object.is(lastInput, input)) {\n      return lastOutput;\n    }\n    lastInput = input;\n    lastOutput = fn(input);\n    hasValue = true;\n    return lastOutput;\n  };\n}\n","/**\n * Tiny external store used by the controller. Shaped to be compatible\n * with React's `useSyncExternalStore` while remaining usable outside\n * React.\n */\nexport interface Store<TState extends object> {\n  /** Returns the current state. The reference changes on every update. */\n  getSnapshot: () => Readonly<TState>;\n  /**\n   * Subscribes to state changes. Returns an unsubscribe function the\n   * caller can invoke at teardown.\n   */\n  subscribe: (onChange: () => void) => () => void;\n  /**\n   * Merges `update` into the current state. When `update` is a\n   * function, it receives the current state and returns a partial.\n   * Listeners are only notified when at least one key actually\n   * changed (shallow compare).\n   */\n  setState: (\n    update:\n      | Partial<TState>\n      | ((prev: Readonly<TState>) => Partial<TState> | TState)\n  ) => void;\n  /** Reads a single key from the current state. */\n  get: <K extends keyof TState>(key: K) => TState[K];\n  /** Writes a single key. Listeners only fire when the value changes. */\n  set: <K extends keyof TState>(key: K, value: TState[K]) => void;\n  /**\n   * Drops every listener and prevents future `setState`/`set` calls\n   * from notifying. Used by `controller.destroy()`.\n   */\n  destroy: () => void;\n}\n\nfunction shallowEqualState<TState extends object>(\n  a: TState,\n  b: TState\n): boolean {\n  const keys = new Set([\n    ...Object.keys(a),\n    ...Object.keys(b),\n  ] as (keyof TState)[]);\n  for (const k of keys) {\n    if (!Object.is(a[k], b[k])) {\n      return false;\n    }\n  }\n  return true;\n}\n\nfunction mergeState<TState extends object>(\n  prev: TState,\n  partial: Partial<TState>\n): TState {\n  return { ...prev, ...partial } as TState;\n}\n\n/**\n * Creates a new {@link Store}. The store starts with a shallow copy\n * of `initialState`; subsequent mutations never touch the caller's\n * object.\n */\nexport function createStore<TState extends object>(\n  initialState: TState\n): Store<TState> {\n  let state: TState = { ...initialState };\n  const listeners = new Set<() => void>();\n  let destroyed = false;\n\n  const notify = () => {\n    for (const listener of listeners) {\n      listener();\n    }\n  };\n\n  return {\n    getSnapshot() {\n      return state as Readonly<TState>;\n    },\n    subscribe(onChange) {\n      listeners.add(onChange);\n      return () => {\n        listeners.delete(onChange);\n      };\n    },\n    setState(update) {\n      if (destroyed) return;\n      const patch =\n        typeof update === 'function'\n          ? update(state as Readonly<TState>)\n          : update;\n      if (typeof patch !== 'object' || patch == null) {\n        return;\n      }\n      const next = mergeState(state, patch as Partial<TState>);\n      if (shallowEqualState(state, next)) {\n        return;\n      }\n      state = next;\n      notify();\n    },\n    get(key) {\n      return state[key];\n    },\n    set(key, value) {\n      if (destroyed) return;\n      if (Object.is(state[key], value)) {\n        return;\n      }\n      state = { ...state, [key]: value } as TState;\n      notify();\n    },\n    destroy() {\n      destroyed = true;\n      listeners.clear();\n    },\n  };\n}\n","import type { AppConnectState, AppConnectStatus } from '../types.ts';\nimport type { AppConnectInternalState } from './types.ts';\n\nconst noop = (): Promise<void> => Promise.resolve();\n\n/**\n * Snapshot returned by `getServerSnapshot` for SSR. Has stable\n * references and inert connect/disconnect actions because actions are\n * meaningless before hydration.\n */\nexport const SERVER_VIEW: AppConnectState = {\n  status: 'initializing',\n  error: null,\n  connectToHubSpot: noop,\n  disconnectFromHubSpot: noop,\n};\n\n/**\n * Reduces the boolean lifecycle flags into the user-facing\n * `AppConnectStatus` enum value. The order of checks matters:\n * disconnect-in-flight beats connect-in-flight (a transitional logout\n * shouldn't show a \"connecting\" spinner), and connected beats default.\n */\nexport function getDerivedStatus(\n  state: AppConnectInternalState\n): AppConnectStatus {\n  const {\n    isInitComplete,\n    isConnectInFlight,\n    isSessionConnected,\n    isDisconnectInFlight,\n  } = state;\n  if (!isInitComplete) {\n    return 'initializing';\n  }\n  if (isDisconnectInFlight) return 'disconnecting';\n  if (isConnectInFlight) return 'connecting';\n  if (isSessionConnected) return 'connected';\n  return 'disconnected';\n}\n","import { noopLogger, type Logger } from '../../shared/logger.ts';\nimport type {\n  AppConnectBrowserConfig,\n  AppConnectController,\n  AppConnectState,\n} from '../types.ts';\nimport { startHubSpotConnection } from './connect-start.ts';\nimport { createDefaultSessionStorage } from './default-session-storage.ts';\nimport { disconnectFromHubSpot as runDisconnectFromHubSpot } from './disconnect.ts';\nimport { initAppConnect } from './init.ts';\nimport { startRefreshScheduler } from './refresh.ts';\nimport type {\n  AppConnectContext,\n  AppConnectInternalState,\n  AppConnectStore,\n} from './types.ts';\nimport { memoizeLast } from './utils/memoize-utils.ts';\nimport {\n  getExpiresAtFromSessionStorage,\n  isClientSessionActive,\n} from './utils/session-utils.ts';\nimport { createStore } from './utils/store-utils.ts';\nimport { getDerivedStatus, SERVER_VIEW } from './view-state.ts';\n\n/**\n * Options accepted by {@link createAppConnectController}.\n */\nexport interface CreateAppConnectControllerOptions {\n  /** Runtime configuration; see {@link AppConnectBrowserConfig}. */\n  config: AppConnectBrowserConfig;\n  /** Logger the controller uses for status/debug messages. */\n  logger?: Logger;\n}\n\n/**\n * Creates an `AppConnectController`. Exactly one controller should be\n * shared by the entire app — the React provider takes the controller\n * as a prop and exposes it via context.\n *\n * The returned controller is inert until `start()` is called: nothing\n * is read from session storage, no refresh timer is scheduled, and no\n * fetches are issued. Tests can construct a controller and inspect\n * its initial snapshot without triggering side effects.\n */\nexport function createAppConnectController(\n  options: CreateAppConnectControllerOptions\n): AppConnectController {\n  const { config, logger = noopLogger } = options;\n  const sessionStorage = createDefaultSessionStorage();\n  const store: AppConnectStore = createStore<AppConnectInternalState>({\n    isInitComplete: false,\n    isConnectInFlight: false,\n    isDisconnectInFlight: false,\n    isSessionConnected: false,\n    error: null,\n    expiresAt: null,\n  });\n  const context: AppConnectContext = {\n    config,\n    logger,\n    sessionStorage,\n    store,\n  };\n\n  store.setState({ expiresAt: getExpiresAtFromSessionStorage(context) });\n\n  let hasStarted = false;\n\n  const connectToHubSpot = async () => {\n    logger.info('connectToHubSpot: starting');\n    store.setState({ error: null, isConnectInFlight: true });\n    try {\n      await startHubSpotConnection(context);\n    } catch (err) {\n      const message = err instanceof Error ? err.message : 'Connection failed';\n      logger.error('connectToHubSpot: failed', err);\n      store.setState({ error: message });\n    } finally {\n      logger.debug(\n        'connectToHubSpot: connect flow step finished (may redirect to HubSpot)'\n      );\n      store.setState({ isConnectInFlight: false });\n    }\n  };\n  const disconnectFromHubSpot = () => runDisconnectFromHubSpot(context);\n\n  const getViewStateMemoized = memoizeLast<\n    Readonly<AppConnectInternalState>,\n    AppConnectState\n  >((storeState) => ({\n    status: getDerivedStatus(storeState),\n    error: storeState.error,\n    connectToHubSpot,\n    disconnectFromHubSpot,\n  }));\n\n  function getSnapshot() {\n    return getViewStateMemoized(store.getSnapshot());\n  }\n\n  return {\n    start() {\n      if (hasStarted) {\n        logger.debug('start skipped (already started)');\n        return;\n      }\n      hasStarted = true;\n      startRefreshScheduler(context);\n\n      logger.info('start: initSdk (OAuth return handling if applicable)');\n      void (async () => {\n        try {\n          await initAppConnect(context);\n          logger.info('initSdk: completed without error');\n        } catch (err) {\n          logger.error('initSdk: failed', err);\n          store.setState({\n            error:\n              err instanceof Error\n                ? err.message\n                : 'App Connect initialization failed',\n          });\n        } finally {\n          const sessionActive = isClientSessionActive(context);\n          logger.info('start: init complete, session active:', sessionActive);\n          store.setState({\n            isInitComplete: true,\n            isSessionConnected: sessionActive,\n          });\n        }\n      })();\n    },\n    subscribe: (fn) => store.subscribe(fn),\n    getSnapshot,\n    getServerSnapshot: () => SERVER_VIEW,\n  };\n}\n"],"mappings":";AAYA,SAAS,aAAa,MAAsB;CAC1C,OAAO,IAAI,KAAK;;;;;;;AAQlB,SAAgB,aAAa,MAAsB;CACjD,MAAM,SAAS,aAAa,KAAK;CACjC,OAAO;EACL,QAAQ,SAAS,GAAG,SAAS;GAC3B,QAAQ,MAAM,QAAQ,SAAS,GAAG,KAAK;;EAEzC,OAAO,SAAS,GAAG,SAAS;GAC1B,QAAQ,KAAK,QAAQ,SAAS,GAAG,KAAK;;EAExC,OAAO,SAAS,GAAG,SAAS;GAC1B,QAAQ,KAAK,QAAQ,SAAS,GAAG,KAAK;;EAExC,QAAQ,SAAS,GAAG,SAAS;GAC3B,QAAQ,MAAM,QAAQ,SAAS,GAAG,KAAK;;EAE1C;;;;;;;AAQH,MAAa,aAAqB;CAChC,aAAa;CACb,YAAY;CACZ,YAAY;CACZ,aAAa;CACd;;;ACjDD,SAAgB,MAAM,IAA2B;CAC/C,IAAI,MAAM,GACR,OAAO,QAAQ,SAAS;CAE1B,OAAO,IAAI,SAAS,YAAY;EAC9B,WAAW,SAAS,GAAG;GACvB;;;;;ACDJ,MAAM,uCAAuC;;;;;;;;;;;;;;AAe7C,eAAsB,uBACpB,SACe;CACf,MAAM,EAAE,WAAW;CAEnB,MAAM,aAAa,GAAG,OAAO,SAAS,WAAW,OAAO,SAAS;CAEjE,MAAM,UAAU,IAAI,IAClB,GAAG,OAAO,sBAAsB,qBAChC,OAAO,SAAS,OACjB;CACD,QAAQ,aAAa,IAAI,eAAe,WAAW;CAEnD,MAAM,eAAe,MAAM,MAAM,QAAQ,UAAU,EAAE,EACnD,aAAa,WACd,CAAC;CACF,IAAI,CAAC,aAAa,IAChB,MAAM,IAAI,MAAM,2BAA2B,aAAa,SAAS;CACnE,MAAM,EAAE,mBAAmB,qBACxB,MAAM,aAAa,MAAM;CAE5B,MAAM,MAAM,qCAAqC;CAEjD,OAAO,SAAS,OAAO;;;;;;;;;;ACnCzB,SAAgB,8BAA8C;CAC5D,OAAO;EACL,UAAU,KAAK,UAAU;GACvB,eAAe,QAAQ,KAAK,MAAM;;EAEpC,UAAU,QAAQ;GAChB,OAAO,eAAe,QAAQ,IAAI;;EAEpC,aAAa,QAAQ;GACnB,eAAe,WAAW,IAAI;;EAEjC;;;;;;ACeH,MAAa,2BAA2B;;;;;AAMxC,MAAa,4BAA4B;;;;;;;;ACjCzC,MAAa,iBAAiB;;;;;;AAO9B,MAAa,oBAAoB;;;;;;;;ACDjC,SAAgB,eAAe,SAAsC;CACnE,MAAM,EAAE,SAAS,gBAAgB;CACjC,QAAQ,MAAM,SAAS,EAAE,WAAW,aAAa,CAAC;CAClD,QAAQ,eAAe,QAAQ,gBAAgB,OAAO,YAAY,CAAC;;;;;;;AAQrE,SAAgB,+BACd,SACe;CACf,MAAM,MAAM,QAAQ,eAAe,QAAQ,eAAe;CAC1D,IAAI,CAAC,KAAK,OAAO;CACjB,MAAM,MAAM,SAAS,KAAK,GAAG;CAC7B,IAAI,MAAM,IAAI,EAAE;EACd,QAAQ,eAAe,WAAW,eAAe;EACjD,OAAO;;CAET,IAAI,KAAK,KAAK,GAAG,KAAK;EACpB,QAAQ,eAAe,WAAW,eAAe;EACjD,OAAO;;CAET,OAAO;;;;;AAMT,SAAgB,oBAAoB,SAAkC;CACpE,QAAQ,eAAe,WAAW,eAAe;;;;;;;AAQnD,SAAgB,sBAAsB,SAAqC;CAEzE,MAAM,YADQ,QAAQ,MAAM,aACL,CAAC;CACxB,OAAO,cAAc,QAAQ,KAAK,KAAK,GAAG;;;;;;;;;;;;;;;;ACxC5C,eAAsB,sBACpB,SACe;CACf,MAAM,EAAE,QAAQ,QAAQ,UAAU;CAClC,OAAO,KAAK,kCAAkC;CAC9C,MAAM,SAAS;EAAE,OAAO;EAAM,sBAAsB;EAAM,CAAC;CAC3D,MAAM,EAAE,uBAAuB,sBAAsB;CAErD,IAAI;EACF,oBAAoB,QAAQ;EAE5B,MAAM,WAAW,MAAM,MAAM,GAAG,kBAAkB,eAAe;GAC/D,QAAQ;GACR,aAAa;GACd,CAAC;EACF,IAAI,CAAC,SAAS,IACZ,MAAM,IAAI,MAAM,kBAAkB,SAAS,SAAS;EAEtD,MAAM,EAAE,aAAa,eAClB,MAAM,SAAS,MAAM;EAExB,MAAM,SAAS;GACb,WAAW;GACX,oBAAoB;GACpB,sBAAsB;GACvB,CAAC;EAEF,OAAO,SAAS,OAAO;EACvB,OAAO,KAAK,qCAAqC;UAC1C,KAAK;EACZ,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;EACrD,OAAO,MAAM,iCAAiC,IAAI;EAClD,MAAM,SAAS;GACb,OAAO;GACP,sBAAsB;GACvB,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;ACnBN,eAAsB,eACpB,SACe;CACf,MAAM,qBAAqB,QAAQ;;AAGrC,eAAe,qBAAqB,SAA2C;CAC7E,IAAI,OAAO,SAAS,aAAA,6BAA6C;CAEjE,MAAM,SAAS,IAAI,gBAAgB,OAAO,SAAS,OAAO;CAC1D,MAAM,OAAO,OAAO,IAAI,yBAAyB;CACjD,MAAM,QAAQ,OAAO,IAAI,0BAA0B;CACnD,IAAI,CAAC,QAAQ,CAAC,OAAO;CAErB,MAAM,cAAc,IAAI,IACtB,GAAG,QAAQ,OAAO,sBAAsB,iBACxC,OAAO,SAAS,OACjB;CACD,YAAY,aAAa,IAAI,0BAA0B,KAAK;CAC5D,YAAY,aAAa,IAAI,2BAA2B,MAAM;CAE9D,IAAI;CACJ,IAAI;EACF,WAAW,MAAM,MAAM,YAAY,UAAU,EAAE;GAC7C,QAAQ;GACR,aAAa;GACd,CAAC;UACK,KAAK;EACZ,oBAAoB,QAAQ;EAC5B,MAAM,IAAI,MACR,qCAAqC,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI,GACtF;;CAGH,IAAI,CAAC,SAAS,IAAI;EAChB,oBAAoB,QAAQ;EAC5B,MAAM,IAAI,MACR,qCAAqC,SAAS,OAAO,GAAG,SAAS,aAClE;;CAKH,MAAM,EAAE,YAAY,WAAW,aAAa,eAAe,MAFvC,SAAS,MAAM;CAGnC,QAAQ,MAAM,SAAS,EAAE,WAAW,CAAC;CACrC,QAAQ,eAAe,QAAQ,gBAAgB,OAAO,UAAU,CAAC;CAEjE,MAAM,YAAY,IAAI,IAAI,YAAY,OAAO,SAAS,OAAO;CAC7D,QAAQ,aACN,MACA,IACA,GAAG,UAAU,WAAW,UAAU,SAAS,UAAU,OACtD;;;;ACnEH,eAAe,mBAAmB,SAA2C;CAC3E,MAAM,EAAE,WAAW;CAEnB,MAAM,kBAAkB,MAAM,MAC5B,GAAG,OAAO,sBAAsB,gBAChC;EACE,QAAQ;EACR,aAAa;EACd,CACF;CACD,IAAI,CAAC,gBAAgB,IACnB,MAAM,IAAI,MAAM,mBAAmB,gBAAgB,SAAS;CAE9D,MAAM,EAAE,YAAY,qBACjB,MAAM,gBAAgB,MAAM;CAC/B,IACE,OAAO,qBAAqB,YAC5B,CAAC,OAAO,SAAS,iBAAiB,IAClC,oBAAoB,GAEpB,MAAM,IAAI,MAAM,iDAAiD;CAInE,eAAe;EAAE;EAAS,aAFN,KAAK,KAAK,GAAG,mBAAmB;EAEb,CAAC;;;;;;;AAQ1C,SAAgB,sBACd,SACwB;CACxB,MAAM,EAAE,QAAQ,UAAU;CAE1B,IAAI,eAAqD;CACzD,IAAI,UAAU;CAEd,MAAM,wBAAwB;EAC5B,IAAI,cAAc;GAChB,aAAa,aAAa;GAC1B,eAAe;;EAEjB,IAAI,SAAS;EAEb,MAAM,QAAQ,MAAM,aAAa;EACjC,IAAI,CAAC,MAAM,kBAAkB,CAAC,MAAM,oBAClC;EAGF,MAAM,YAAY,MAAM;EACxB,IAAI,CAAC,WAAW;GACd,OAAO,MAAM,0CAA0C;GACvD;;EAEF,MAAM,UAAU,KAAK,IAAI,GAAG,YAAY,KAAK,KAAK,GAAG,kBAAkB;EACvE,OAAO,MACL,sCACC,UAAU,KAAM,QAAQ,EAAE,EAC3B,KACA,EACE,WACD,CACF;EACD,eAAe,iBAAiB;GAC9B,OAAO,MAAM,iDAAiD;GAC9D,eAAe;GACf,IAAI,SAAS;GAEb,CAAM,YAAY;IAChB,IAAI;KACF,MAAM,mBAAmB,QAAQ;KACjC,IAAI,SAAS;KACb,IAAI,sBAAsB,QAAQ,EAChC,OAAO,KAAK,+CAA+C;UACtD;MACL,OAAO,KACL,0DACD;MACD,MAAM,SAAS,EAAE,oBAAoB,OAAO,CAAC;;aAExC,KAAK;KACZ,OAAO,MAAM,yBAAyB,IAAI;KAC1C,IAAI,SAAS;KACb,MAAM,SAAS,EAAE,oBAAoB,OAAO,CAAC;;OAE7C;KACH,QAAQ;;CAGb,MAAM,cAAc,MAAM,gBAAgB;EACxC,iBAAiB;GACjB;CAEF,OAAO,EACL,YAAY;EACV,UAAU;EACV,aAAa;EACb,IAAI,cAAc;GAChB,aAAa,aAAa;GAC1B,eAAe;;IAGpB;;;;;;;;;;;;;;AChHH,SAAgB,YACd,IAC4B;CAC5B,IAAI;CACJ,IAAI;CACJ,IAAI,WAAW;CACf,QAAQ,UAA2B;EACjC,IAAI,YAAY,OAAO,GAAG,WAAW,MAAM,EACzC,OAAO;EAET,YAAY;EACZ,aAAa,GAAG,MAAM;EACtB,WAAW;EACX,OAAO;;;;;ACYX,SAAS,kBACP,GACA,GACS;CACT,MAAM,OAAO,IAAI,IAAI,CACnB,GAAG,OAAO,KAAK,EAAE,EACjB,GAAG,OAAO,KAAK,EAAE,CAClB,CAAqB;CACtB,KAAK,MAAM,KAAK,MACd,IAAI,CAAC,OAAO,GAAG,EAAE,IAAI,EAAE,GAAG,EACxB,OAAO;CAGX,OAAO;;AAGT,SAAS,WACP,MACA,SACQ;CACR,OAAO;EAAE,GAAG;EAAM,GAAG;EAAS;;;;;;;AAQhC,SAAgB,YACd,cACe;CACf,IAAI,QAAgB,EAAE,GAAG,cAAc;CACvC,MAAM,4BAAY,IAAI,KAAiB;CACvC,IAAI,YAAY;CAEhB,MAAM,eAAe;EACnB,KAAK,MAAM,YAAY,WACrB,UAAU;;CAId,OAAO;EACL,cAAc;GACZ,OAAO;;EAET,UAAU,UAAU;GAClB,UAAU,IAAI,SAAS;GACvB,aAAa;IACX,UAAU,OAAO,SAAS;;;EAG9B,SAAS,QAAQ;GACf,IAAI,WAAW;GACf,MAAM,QACJ,OAAO,WAAW,aACd,OAAO,MAA0B,GACjC;GACN,IAAI,OAAO,UAAU,YAAY,SAAS,MACxC;GAEF,MAAM,OAAO,WAAW,OAAO,MAAyB;GACxD,IAAI,kBAAkB,OAAO,KAAK,EAChC;GAEF,QAAQ;GACR,QAAQ;;EAEV,IAAI,KAAK;GACP,OAAO,MAAM;;EAEf,IAAI,KAAK,OAAO;GACd,IAAI,WAAW;GACf,IAAI,OAAO,GAAG,MAAM,MAAM,MAAM,EAC9B;GAEF,QAAQ;IAAE,GAAG;KAAQ,MAAM;IAAO;GAClC,QAAQ;;EAEV,UAAU;GACR,YAAY;GACZ,UAAU,OAAO;;EAEpB;;;;AClHH,MAAM,aAA4B,QAAQ,SAAS;;;;;;AAOnD,MAAa,cAA+B;CAC1C,QAAQ;CACR,OAAO;CACP,kBAAkB;CAClB,uBAAuB;CACxB;;;;;;;AAQD,SAAgB,iBACd,OACkB;CAClB,MAAM,EACJ,gBACA,mBACA,oBACA,yBACE;CACJ,IAAI,CAAC,gBACH,OAAO;CAET,IAAI,sBAAsB,OAAO;CACjC,IAAI,mBAAmB,OAAO;CAC9B,IAAI,oBAAoB,OAAO;CAC/B,OAAO;;;;;;;;;;;;;;ACMT,SAAgB,2BACd,SACsB;CACtB,MAAM,EAAE,QAAQ,SAAS,eAAe;CACxC,MAAM,iBAAiB,6BAA6B;CACpD,MAAM,QAAyB,YAAqC;EAClE,gBAAgB;EAChB,mBAAmB;EACnB,sBAAsB;EACtB,oBAAoB;EACpB,OAAO;EACP,WAAW;EACZ,CAAC;CACF,MAAM,UAA6B;EACjC;EACA;EACA;EACA;EACD;CAED,MAAM,SAAS,EAAE,WAAW,+BAA+B,QAAQ,EAAE,CAAC;CAEtE,IAAI,aAAa;CAEjB,MAAM,mBAAmB,YAAY;EACnC,OAAO,KAAK,6BAA6B;EACzC,MAAM,SAAS;GAAE,OAAO;GAAM,mBAAmB;GAAM,CAAC;EACxD,IAAI;GACF,MAAM,uBAAuB,QAAQ;WAC9B,KAAK;GACZ,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;GACrD,OAAO,MAAM,4BAA4B,IAAI;GAC7C,MAAM,SAAS,EAAE,OAAO,SAAS,CAAC;YAC1B;GACR,OAAO,MACL,yEACD;GACD,MAAM,SAAS,EAAE,mBAAmB,OAAO,CAAC;;;CAGhD,MAAMA,gCAA8BC,sBAAyB,QAAQ;CAErE,MAAM,uBAAuB,aAG1B,gBAAgB;EACjB,QAAQ,iBAAiB,WAAW;EACpC,OAAO,WAAW;EAClB;EACA,uBAAA;EACD,EAAE;CAEH,SAAS,cAAc;EACrB,OAAO,qBAAqB,MAAM,aAAa,CAAC;;CAGlD,OAAO;EACL,QAAQ;GACN,IAAI,YAAY;IACd,OAAO,MAAM,kCAAkC;IAC/C;;GAEF,aAAa;GACb,sBAAsB,QAAQ;GAE9B,OAAO,KAAK,uDAAuD;GACnE,CAAM,YAAY;IAChB,IAAI;KACF,MAAM,eAAe,QAAQ;KAC7B,OAAO,KAAK,mCAAmC;aACxC,KAAK;KACZ,OAAO,MAAM,mBAAmB,IAAI;KACpC,MAAM,SAAS,EACb,OACE,eAAe,QACX,IAAI,UACJ,qCACP,CAAC;cACM;KACR,MAAM,gBAAgB,sBAAsB,QAAQ;KACpD,OAAO,KAAK,yCAAyC,cAAc;KACnE,MAAM,SAAS;MACb,gBAAgB;MAChB,oBAAoB;MACrB,CAAC;;OAEF;;EAEN,YAAY,OAAO,MAAM,UAAU,GAAG;EACtC;EACA,yBAAyB;EAC1B"}

package/dist/server/api-client-core/apis/account/account-info-types.generated.d.ts

@@ -1,111 +0,0 @@
-import { Operation } from "../../types.js";
-
-//#region src/server/api-client-core/apis/account/account-info-types.generated.d.ts
-declare namespace AccountAccountInfo {
-  namespace Basic {
-    type GetDailyPrivateAppsUsageOutput = Schemas.CollectionResponseApiUsageNoPaging;
-    type GetOutput = Schemas.PortalInformationResponse;
-  }
-  namespace Schemas {
-    interface ApiUsage {
-      /**
-       * Indicates when the cache was last updated.
-       */
-      collectedAt: string;
-      /**
-       * How many API calls an account has made for the current day.
-       */
-      currentUsage: number;
-      /**
-       * Status of fetching the information, including if the data came from the cache.
-       */
-      fetchStatus: 'CACHED' | 'FAILURE' | 'NOTFOUND' | 'SUCCESS' | 'TIMEOUT';
-      /**
-       * Name of the limit type.
-       */
-      name: string;
-      /**
-       * Time that the limit will reset.
-       */
-      resetsAt?: string;
-      /**
-       * Limits by which a single integration can consume the HubSpot public APIs.
-       */
-      usageLimit: number;
-    }
-    interface CollectionResponseApiUsageNoPaging {
-      results: Schemas.ApiUsage[];
-    }
-    interface PortalInformationResponse {
-      /**
-       * The type of account, such as APP_DEVELOPER, DEVELOPER_TEST, SANDBOX, or STANDARD.
-       */
-      accountType: 'APP_DEVELOPER' | 'DEVELOPER_TEST' | 'SANDBOX' | 'STANDARD';
-      additionalCurrencies: string[];
-      /**
-       * The primary currency used by the company.
-       */
-      companyCurrency: string;
-      /**
-       * The location where the account's data is hosted.
-       */
-      dataHostingLocation: string;
-      /**
-       * The unique identifier for the HubSpot account.
-       */
-      portalId: number;
-      /**
-       * The time zone in which the account operates.
-       */
-      timeZone: string;
-      /**
-       * The domain used for accessing the HubSpot user interface.
-       */
-      uiDomain: string;
-      /**
-       * The time zone offset from UTC in hours and minutes.
-       */
-      utcOffset: string;
-      /**
-       * The time zone offset from UTC in milliseconds.
-       */
-      utcOffsetMilliseconds: number;
-    }
-  }
-  /**
-   * Usage example:
-   * ```ts
-   * import { accountAccountInfo } from '@hubspot/api-client-core';
-   * client.send(accountAccountInfo.basic.get(input));
-   * ```
-   */
-  interface BasicAPI {
-    /**
-     * Retrieve account details
-     * @apiPath /account-info/2026-03/details
-     * @apiMethod GET
-     * @requiredScopes external-settings-access
-     */
-    get: () => Operation<Basic.GetOutput>;
-    /**
-     * Retrieve private app daily API usage
-     * @apiPath /account-info/2026-03/api-usage/daily/private-apps
-     * @apiMethod GET
-     * @requiredScopes external-settings-access
-     */
-    getDailyPrivateAppsUsage: () => Operation<Basic.GetDailyPrivateAppsUsageOutput>;
-  }
-  /**
-   * Usage example:
-   * ```ts
-   * import { accountAccountInfo } from '@hubspot/api-client-core';
-   * client.send(accountAccountInfo.basic.get(input));
-   * ```
-   */
-  interface API {
-    basic: BasicAPI;
-  }
-}
-//#endregion
-export { AccountAccountInfo };
-//# sourceMappingURL=account-info-types.generated.d.ts.map

package/dist/server/api-client-core/apis/account/account-info.generated.d.ts

@@ -1,7 +0,0 @@
-import { AccountAccountInfo } from "./account-info-types.generated.js";
-
-//#region src/server/api-client-core/apis/account/account-info.generated.d.ts
-declare const accountAccountInfo: AccountAccountInfo.API;
-//#endregion
-export { accountAccountInfo };
-//# sourceMappingURL=account-info.generated.d.ts.map

package/dist/server/api-client-core/apis/account/account-info.generated.js

@@ -1,9 +0,0 @@
-import { op } from "../../op.js";
-const accountAccountInfo = { basic: {
-	get: () => op.get("/account-info/2026-03/details"),
-	getDailyPrivateAppsUsage: () => op.get("/account-info/2026-03/api-usage/daily/private-apps")
-} };
-//#endregion
-export { accountAccountInfo };
-
-//# sourceMappingURL=account-info.generated.js.map

package/dist/server/api-client-core/apis/account/account-info.generated.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"account-info.generated.js","names":[],"sources":["../../../../../src/server/api-client-core/apis/account/account-info.generated.ts"],"sourcesContent":["import { op } from '../../op.ts';\nimport type { AccountAccountInfo } from './account-info-types.generated.ts';\n\n// DO NOT MODIFY - This code was generated by @hubspot/api-client-next-generator\n\nexport * from './account-info-types.generated.ts';\n\nconst basic: AccountAccountInfo.BasicAPI = {\n  get: () => op.get('/account-info/2026-03/details'),\n  getDailyPrivateAppsUsage: () =>\n    op.get('/account-info/2026-03/api-usage/daily/private-apps'),\n};\n\nexport const accountAccountInfo: AccountAccountInfo.API = { basic: basic };\n"],"mappings":";AAaA,MAAa,qBAA6C,EAAS;CALjE,WAAW,GAAG,IAAI,gCAAgC;CAClD,gCACE,GAAG,IAAI,qDAAqD;CAGG,EAAO"}