@innvoid/getmarket-sdk 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. package/dist/cache/index.js +0 -1
  2. package/dist/{chunk-W23UYULS.js → chunk-A2E3FXYI.js} +16 -15
  3. package/dist/chunk-A2E3FXYI.js.map +1 -0
  4. package/dist/chunk-OJUNVATQ.js +11 -0
  5. package/dist/chunk-OJUNVATQ.js.map +1 -0
  6. package/dist/{chunk-GG7EI74E.js → chunk-RA5PN2F4.js} +5 -3
  7. package/dist/chunk-RA5PN2F4.js.map +1 -0
  8. package/dist/core/index.cjs +4 -2
  9. package/dist/core/index.cjs.map +1 -1
  10. package/dist/core/index.d.cts +1 -2
  11. package/dist/core/index.d.ts +1 -2
  12. package/dist/core/index.js +2 -4
  13. package/dist/express.cjs +19 -0
  14. package/dist/express.cjs.map +1 -0
  15. package/dist/express.d.cts +10 -0
  16. package/dist/express.d.ts +10 -0
  17. package/dist/express.js +1 -0
  18. package/dist/headers/index.js +0 -1
  19. package/dist/index.cjs +17 -150
  20. package/dist/index.cjs.map +1 -1
  21. package/dist/index.d.cts +3 -3
  22. package/dist/index.d.ts +3 -3
  23. package/dist/index.js +13 -24
  24. package/dist/middlewares/index.cjs +140 -141
  25. package/dist/middlewares/index.cjs.map +1 -1
  26. package/dist/middlewares/index.d.cts +28 -24
  27. package/dist/middlewares/index.d.ts +28 -24
  28. package/dist/middlewares/index.js +17 -16
  29. package/dist/types-CRECQuHp.d.cts +54 -0
  30. package/dist/types-CRECQuHp.d.ts +54 -0
  31. package/package.json +6 -1
  32. package/dist/auth/index.cjs +0 -181
  33. package/dist/auth/index.cjs.map +0 -1
  34. package/dist/auth/index.d.cts +0 -3
  35. package/dist/auth/index.d.ts +0 -3
  36. package/dist/auth/index.js +0 -12
  37. package/dist/chunk-GG7EI74E.js.map +0 -1
  38. package/dist/chunk-PZ5AY32C.js +0 -10
  39. package/dist/chunk-PZ5AY32C.js.map +0 -1
  40. package/dist/chunk-W23UYULS.js.map +0 -1
  41. package/dist/chunk-Y2JJLHAY.js +0 -149
  42. package/dist/chunk-Y2JJLHAY.js.map +0 -1
  43. package/dist/index-WbfzvmOt.d.cts +0 -87
  44. package/dist/index-WbfzvmOt.d.ts +0 -87
  45. /package/dist/{auth/index.js.map → express.js.map} +0 -0
package/dist/cache/index.js CHANGED
@@ -4,7 +4,6 @@ import {
4
4
  getOrSet,
5
5
  getTwoLevelCache
6
6
  } from "../chunk-IYFWQDHD.js";
7
- import "../chunk-PZ5AY32C.js";
8
7
  export {
9
8
  TwoLevelCache,
10
9
  closeCache,
package/dist/{chunk-W23UYULS.js → chunk-A2E3FXYI.js} RENAMED
@@ -1,14 +1,14 @@
1
- import {
2
- __export
3
- } from "./chunk-PZ5AY32C.js";
4
-
5
- // src/auth/index.ts
6
- var auth_exports = {};
7
- __export(auth_exports, {
8
- createAuthMiddleware: () => createAuthMiddleware,
9
- readRs256PublicKey: () => readRs256PublicKey,
10
- verifyBackendJwtRS256: () => verifyBackendJwtRS256
11
- });
1
+ // src/middlewares/respond.ts
2
+ function sendOk(_req, res, data, statusCode = 200) {
3
+ return res.status(statusCode).json({ ok: true, data, requestId: res.locals?.requestId ?? null });
4
+ }
5
+ function sendError(_req, res, statusCode, code, message, details) {
6
+ return res.status(statusCode).json({
7
+ ok: false,
8
+ error: { code, message, ...details !== void 0 ? { details } : {} },
9
+ requestId: res.locals?.requestId ?? null
10
+ });
11
+ }
12
12
 
13
13
  // src/auth/jwt.ts
14
14
  import fs from "fs";
@@ -106,7 +106,7 @@ function createAuthMiddleware(opts) {
106
106
  }
107
107
  req.auth = baseCtx;
108
108
  return next();
109
- } catch (errJwt) {
109
+ } catch {
110
110
  if (!allowFirebaseIdToken) {
111
111
  return res.status(401).json({
112
112
  ok: false,
@@ -148,9 +148,10 @@ function createAuthMiddleware(opts) {
148
148
  }
149
149
 
150
150
  export {
151
+ sendOk,
152
+ sendError,
151
153
  readRs256PublicKey,
152
154
  verifyBackendJwtRS256,
153
- createAuthMiddleware,
154
- auth_exports
155
+ createAuthMiddleware
155
156
  };
156
- //# sourceMappingURL=chunk-W23UYULS.js.map
157
+ //# sourceMappingURL=chunk-A2E3FXYI.js.map
package/dist/chunk-A2E3FXYI.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/middlewares/respond.ts","../src/auth/jwt.ts","../src/auth/middleware.ts"],"sourcesContent":["import type {Request, Response} from \"express\";\n\nexport function sendOk<T>(_req: Request, res: Response, data: T, statusCode = 200) {\n return res.status(statusCode).json({ok: true, data, requestId: res.locals?.requestId ?? null});\n}\n\nexport function sendError(\n _req: Request,\n res: Response,\n statusCode: number,\n code: string,\n message: string,\n details?: any\n) {\n return res.status(statusCode).json({\n ok: false,\n error: {code, message, ...(details !== undefined ? {details} : {})},\n requestId: res.locals?.requestId ?? null,\n });\n}\n","import fs from \"fs\";\nimport jwt, {JwtPayload} from \"jsonwebtoken\";\n\nfunction readFileIfExists(path?: string): string | null {\n if (!path) return null;\n try {\n const v = fs.readFileSync(path, \"utf8\").trim();\n return v.length ? v : null;\n } catch {\n return null;\n }\n}\n\n/**\n * ✅ Keys viven en getmarket-stack:\n * - JWT_PUBLIC_KEY_PATH=/run/secrets/jwtRS256.key.pub (recomendado)\n * - fallback env AUTH_JWT_PUBLIC_KEY / AUTH_RSA_PUBLIC_KEY\n */\nexport function readRs256PublicKey(): string {\n const fromFile = readFileIfExists(process.env.JWT_PUBLIC_KEY_PATH);\n if (fromFile) return fromFile;\n\n const fromEnv = String(process.env.AUTH_JWT_PUBLIC_KEY || process.env.AUTH_RSA_PUBLIC_KEY || \"\")\n .replace(/\\\\n/g, \"\\n\")\n .trim();\n\n if (fromEnv) return fromEnv;\n\n throw new Error(\"Missing RS256 public key (JWT_PUBLIC_KEY_PATH / AUTH_JWT_PUBLIC_KEY / AUTH_RSA_PUBLIC_KEY)\");\n}\n\nexport function verifyBackendJwtRS256(raw: string): JwtPayload {\n const publicKey = readRs256PublicKey();\n\n const audience = process.env.JWT_AUDIENCE || process.env.AUTH_JWT_AUDIENCE || \"getmarket.api\";\n const issuer = process.env.JWT_ISSUER || process.env.AUTH_JWT_ISSUER || \"getmarket-auth\";\n\n // ✅ SOLO RS256\n return jwt.verify(raw, publicKey, {\n algorithms: [\"RS256\"],\n audience,\n issuer,\n }) as JwtPayload;\n}\n","import type {NextFunction, Response} from \"express\";\nimport {verifyBackendJwtRS256} from \"./jwt\";\nimport type {AuthContext, AuthMiddlewareOptions} from \"./types\";\n\ndeclare global {\n namespace Express {\n interface Request {\n auth?: AuthContext;\n }\n }\n}\n\nfunction getBearerToken(req: any): string | null {\n const auth = String(req.headers?.authorization || \"\");\n if (!auth.startsWith(\"Bearer \")) return null;\n const token = auth.slice(7).trim();\n return token.length ? token : null;\n}\n\nfunction normalizeUid(v: any): string | null {\n const s = String(v ?? \"\").trim();\n return s.length ? s : null;\n}\n\n/**\n * ✅ Middleware estándar:\n * - Solo Authorization: Bearer\n * - Solo RS256\n * - Cero legacy\n * - Hidrata vía hook (OBLIGATORIO)\n */\nexport function createAuthMiddleware(opts: AuthMiddlewareOptions) {\n const {\n subject,\n allowFirebaseIdToken = false,\n requireSubject = true,\n hydrate,\n } = opts;\n\n return async (req: any, res: Response, next: NextFunction) => {\n const token = getBearerToken(req);\n if (!token) {\n return res.status(401).json({\n ok: false,\n code: \"AUTH_MISSING_TOKEN\",\n message: \"Missing Authorization Bearer token\",\n });\n }\n\n // Contexto desde parseHeaders (SDK) -> req.context\n const headerCtx = (req as any).context || {};\n const company_uid = normalizeUid(headerCtx.company_uid);\n const branch_uid = normalizeUid(headerCtx.branch_uid);\n\n // 1) RS256 backend JWT\n try {\n const decoded: any = verifyBackendJwtRS256(token);\n\n const baseCtx: AuthContext = {\n tokenType: \"backend\",\n subject,\n company_uid: company_uid ?? undefined,\n branch_uid: branch_uid ?? undefined,\n roles: Array.isArray(decoded?.roles) ? decoded.roles : [],\n permissions: Array.isArray(decoded?.permissions) ? decoded.permissions : [],\n denied_permissions: Array.isArray(decoded?.denied_permissions) ? decoded.denied_permissions : [],\n session: {\n jti: decoded?.jti,\n device_id: decoded?.device_id,\n expires_at: decoded?.exp,\n },\n };\n\n // ✅ hydrate obligatorio (cero legacy)\n const hydrated = await hydrate({decoded, req, subject, company_uid, branch_uid});\n Object.assign(baseCtx, hydrated);\n\n if (requireSubject) {\n if (subject === \"employee\" && !baseCtx.employee) {\n return res.status(401).json({\n ok: false,\n code: \"AUTH_EMPLOYEE_NOT_FOUND\",\n message: \"Employee not resolved by hydrator\",\n });\n }\n if (subject === \"customer\" && !baseCtx.customer) {\n return res.status(401).json({\n ok: false,\n code: \"AUTH_CUSTOMER_NOT_FOUND\",\n message: \"Customer not resolved by hydrator\",\n });\n }\n }\n\n req.auth = baseCtx;\n return next();\n } catch {\n // 2) Firebase opcional (si está habilitado explícitamente)\n if (!allowFirebaseIdToken) {\n return res.status(401).json({\n ok: false,\n code: \"AUTH_INVALID_TOKEN\",\n message: \"Invalid or expired token\",\n });\n }\n\n try {\n const {default: admin} = await import(\"firebase-admin\");\n const firebaseDecoded = await admin.auth().verifyIdToken(token);\n\n if (firebaseDecoded.email && firebaseDecoded.email_verified === false) {\n return res.status(401).json({\n ok: false,\n code: \"AUTH_EMAIL_NOT_VERIFIED\",\n message: \"Email not verified\",\n });\n }\n\n req.auth = {\n tokenType: \"backend\",\n subject,\n firebase: firebaseDecoded,\n company_uid: company_uid ?? undefined,\n branch_uid: branch_uid ?? undefined,\n companies: [],\n roles: [],\n permissions: [],\n denied_permissions: [],\n };\n\n return next();\n } catch {\n return res.status(401).json({\n ok: false,\n code: \"AUTH_INVALID_TOKEN\",\n message: \"Invalid or expired token\",\n });\n }\n }\n };\n}\n"],"mappings":";AAEO,SAAS,OAAU,MAAe,KAAe,MAAS,aAAa,KAAK;AAC/E,SAAO,IAAI,OAAO,UAAU,EAAE,KAAK,EAAC,IAAI,MAAM,MAAM,WAAW,IAAI,QAAQ,aAAa,KAAI,CAAC;AACjG;AAEO,SAAS,UACZ,MACA,KACA,YACA,MACA,SACA,SACF;AACE,SAAO,IAAI,OAAO,UAAU,EAAE,KAAK;AAAA,IAC/B,IAAI;AAAA,IACJ,OAAO,EAAC,MAAM,SAAS,GAAI,YAAY,SAAY,EAAC,QAAO,IAAI,CAAC,EAAE;AAAA,IAClE,WAAW,IAAI,QAAQ,aAAa;AAAA,EACxC,CAAC;AACL;;;ACnBA,OAAO,QAAQ;AACf,OAAO,SAAuB;AAE9B,SAAS,iBAAiB,MAA8B;AACpD,MAAI,CAAC,KAAM,QAAO;AAClB,MAAI;AACA,UAAM,IAAI,GAAG,aAAa,MAAM,MAAM,EAAE,KAAK;AAC7C,WAAO,EAAE,SAAS,IAAI;AAAA,EAC1B,QAAQ;AACJ,WAAO;AAAA,EACX;AACJ;AAOO,SAAS,qBAA6B;AACzC,QAAM,WAAW,iBAAiB,QAAQ,IAAI,mBAAmB;AACjE,MAAI,SAAU,QAAO;AAErB,QAAM,UAAU,OAAO,QAAQ,IAAI,uBAAuB,QAAQ,IAAI,uBAAuB,EAAE,EAC1F,QAAQ,QAAQ,IAAI,EACpB,KAAK;AAEV,MAAI,QAAS,QAAO;AAEpB,QAAM,IAAI,MAAM,4FAA4F;AAChH;AAEO,SAAS,sBAAsB,KAAyB;AAC3D,QAAM,YAAY,mBAAmB;AAErC,QAAM,WAAW,QAAQ,IAAI,gBAAgB,QAAQ,IAAI,qBAAqB;AAC9E,QAAM,SAAS,QAAQ,IAAI,cAAc,QAAQ,IAAI,mBAAmB;AAGxE,SAAO,IAAI,OAAO,KAAK,WAAW;AAAA,IAC9B,YAAY,CAAC,OAAO;AAAA,IACpB;AAAA,IACA;AAAA,EACJ,CAAC;AACL;;;AC/BA,SAAS,eAAe,KAAyB;AAC7C,QAAM,OAAO,OAAO,IAAI,SAAS,iBAAiB,EAAE;AACpD,MAAI,CAAC,KAAK,WAAW,SAAS,EAAG,QAAO;AACxC,QAAM,QAAQ,KAAK,MAAM,CAAC,EAAE,KAAK;AACjC,SAAO,MAAM,SAAS,QAAQ;AAClC;AAEA,SAAS,aAAa,GAAuB;AACzC,QAAM,IAAI,OAAO,KAAK,EAAE,EAAE,KAAK;AAC/B,SAAO,EAAE,SAAS,IAAI;AAC1B;AASO,SAAS,qBAAqB,MAA6B;AAC9D,QAAM;AAAA,IACF;AAAA,IACA,uBAAuB;AAAA,IACvB,iBAAiB;AAAA,IACjB;AAAA,EACJ,IAAI;AAEJ,SAAO,OAAO,KAAU,KAAe,SAAuB;AAC1D,UAAM,QAAQ,eAAe,GAAG;AAChC,QAAI,CAAC,OAAO;AACR,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,QACxB,IAAI;AAAA,QACJ,MAAM;AAAA,QACN,SAAS;AAAA,MACb,CAAC;AAAA,IACL;AAGA,UAAM,YAAa,IAAY,WAAW,CAAC;AAC3C,UAAM,cAAc,aAAa,UAAU,WAAW;AACtD,UAAM,aAAa,aAAa,UAAU,UAAU;AAGpD,QAAI;AACA,YAAM,UAAe,sBAAsB,KAAK;AAEhD,YAAM,UAAuB;AAAA,QACzB,WAAW;AAAA,QACX;AAAA,QACA,aAAa,eAAe;AAAA,QAC5B,YAAY,cAAc;AAAA,QAC1B,OAAO,MAAM,QAAQ,SAAS,KAAK,IAAI,QAAQ,QAAQ,CAAC;AAAA,QACxD,aAAa,MAAM,QAAQ,SAAS,WAAW,IAAI,QAAQ,cAAc,CAAC;AAAA,QAC1E,oBAAoB,MAAM,QAAQ,SAAS,kBAAkB,IAAI,QAAQ,qBAAqB,CAAC;AAAA,QAC/F,SAAS;AAAA,UACL,KAAK,SAAS;AAAA,UACd,WAAW,SAAS;AAAA,UACpB,YAAY,SAAS;AAAA,QACzB;AAAA,MACJ;AAGA,YAAM,WAAW,MAAM,QAAQ,EAAC,SAAS,KAAK,SAAS,aAAa,WAAU,CAAC;AAC/E,aAAO,OAAO,SAAS,QAAQ;AAE/B,UAAI,gBAAgB;AAChB,YAAI,YAAY,cAAc,CAAC,QAAQ,UAAU;AAC7C,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YACxB,IAAI;AAAA,YACJ,MAAM;AAAA,YACN,SAAS;AAAA,UACb,CAAC;AAAA,QACL;AACA,YAAI,YAAY,cAAc,CAAC,QAAQ,UAAU;AAC7C,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YACxB,IAAI;AAAA,YACJ,MAAM;AAAA,YACN,SAAS;AAAA,UACb,CAAC;AAAA,QACL;AAAA,MACJ;AAEA,UAAI,OAAO;AACX,aAAO,KAAK;AAAA,IAChB,QAAQ;AAEJ,UAAI,CAAC,sBAAsB;AACvB,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACxB,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,SAAS;AAAA,QACb,CAAC;AAAA,MACL;AAEA,UAAI;AACA,cAAM,EAAC,SAAS,MAAK,IAAI,MAAM,OAAO,gBAAgB;AACtD,cAAM,kBAAkB,MAAM,MAAM,KAAK,EAAE,cAAc,KAAK;AAE9D,YAAI,gBAAgB,SAAS,gBAAgB,mBAAmB,OAAO;AACnE,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YACxB,IAAI;AAAA,YACJ,MAAM;AAAA,YACN,SAAS;AAAA,UACb,CAAC;AAAA,QACL;AAEA,YAAI,OAAO;AAAA,UACP,WAAW;AAAA,UACX;AAAA,UACA,UAAU;AAAA,UACV,aAAa,eAAe;AAAA,UAC5B,YAAY,cAAc;AAAA,UAC1B,WAAW,CAAC;AAAA,UACZ,OAAO,CAAC;AAAA,UACR,aAAa,CAAC;AAAA,UACd,oBAAoB,CAAC;AAAA,QACzB;AAEA,eAAO,KAAK;AAAA,MAChB,QAAQ;AACJ,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACxB,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,SAAS;AAAA,QACb,CAAC;AAAA,MACL;AAAA,IACJ;AAAA,EACJ;AACJ;","names":[]}
package/dist/chunk-OJUNVATQ.js ADDED
@@ -0,0 +1,11 @@
1
+ // src/middlewares/requestId.ts
2
+ var REQUEST_ID_HEADER = "x-request-id";
3
+ var REQUEST_ID_HEADER_ALT = "x-requestid";
4
+ var RESPONSE_REQUEST_ID_HEADER = "X-Request-Id";
5
+
6
+ export {
7
+ REQUEST_ID_HEADER,
8
+ REQUEST_ID_HEADER_ALT,
9
+ RESPONSE_REQUEST_ID_HEADER
10
+ };
11
+ //# sourceMappingURL=chunk-OJUNVATQ.js.map
package/dist/chunk-OJUNVATQ.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/middlewares/requestId.ts"],"sourcesContent":["// middlewares/requestId.ts\nimport type {Request, Response, NextFunction} from \"express\";\nimport {randomUUID, randomBytes} from \"crypto\";\n\nexport const REQUEST_ID_HEADER = \"x-request-id\";\nexport const REQUEST_ID_HEADER_ALT = \"x-requestid\";\nexport const RESPONSE_REQUEST_ID_HEADER = \"X-Request-Id\";\n\n// Si quieres IDs más cortos (opcional). Por defecto usamos UUID.\nfunction nanoidLike(len = 21) {\n return randomBytes(16).toString(\"base64url\").slice(0, len);\n}\n\nexport default function requestId(req: Request, res: Response, next: NextFunction) {\n const headerId = (req.headers[REQUEST_ID_HEADER] || req.headers[REQUEST_ID_HEADER_ALT]) as\n | string\n | undefined;\n\n // ✅ estándar único: usa UUID (o cambia a nanoidLike() si prefieres corto)\n const id = headerId?.trim() || randomUUID();\n\n // ✅ estándar único (no legacy)\n (req as any).requestId = id;\n res.locals.requestId = id;\n\n // ✅ respuesta\n res.setHeader(RESPONSE_REQUEST_ID_HEADER, id);\n\n next();\n}\n"],"mappings":";AAIO,IAAM,oBAAoB;AAC1B,IAAM,wBAAwB;AAC9B,IAAM,6BAA6B;","names":[]}
package/dist/{chunk-GG7EI74E.js → chunk-RA5PN2F4.js} RENAMED
@@ -1,3 +1,7 @@
1
+ import {
2
+ REQUEST_ID_HEADER
3
+ } from "./chunk-OJUNVATQ.js";
4
+
1
5
  // src/core/errors.ts
2
6
  var UpstreamError = class extends Error {
3
7
  code;
@@ -32,7 +36,6 @@ function mapAxiosToUpstreamError(err, svc) {
32
36
 
33
37
  // src/core/http.ts
34
38
  import axios from "axios";
35
- var REQUEST_ID_HEADER = "x-request-id";
36
39
  function withRequestId(headers, requestId) {
37
40
  const h = headers && typeof headers === "object" ? { ...headers } : {};
38
41
  const rid = (requestId || "").trim();
@@ -160,10 +163,9 @@ var InternalHttp = class {
160
163
  export {
161
164
  UpstreamError,
162
165
  mapAxiosToUpstreamError,
163
- REQUEST_ID_HEADER,
164
166
  withRequestId,
165
167
  withRequestIdConfig,
166
168
  createHttpClient,
167
169
  InternalHttp
168
170
  };
169
- //# sourceMappingURL=chunk-GG7EI74E.js.map
171
+ //# sourceMappingURL=chunk-RA5PN2F4.js.map
package/dist/chunk-RA5PN2F4.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/core/errors.ts","../src/core/http.ts","../src/core/internalHttp.ts"],"sourcesContent":["export type ClientErrorCode =\n | \"UPSTREAM_TIMEOUT\"\n | \"UPSTREAM_UNAVAILABLE\"\n | \"UPSTREAM_BAD_RESPONSE\"\n | \"UPSTREAM_NOT_FOUND\"\n | \"UPSTREAM_UNAUTHORIZED\"\n | \"UPSTREAM_FORBIDDEN\"\n | \"UPSTREAM_UNKNOWN\";\n\nexport class UpstreamError extends Error {\n public code: ClientErrorCode;\n public status?: number;\n public details?: any;\n\n constructor(message: string, code: ClientErrorCode, status?: number, details?: any) {\n super(message);\n this.name = \"UpstreamError\";\n this.code = code;\n this.status = status;\n this.details = details;\n }\n}\n\nexport function mapAxiosToUpstreamError(err: any, svc: string): UpstreamError {\n const status = err?.response?.status;\n const data = err?.response?.data;\n const isTimeout = err?.code === \"ECONNABORTED\" || String(err?.message || \"\").includes(\"timeout\");\n\n if (isTimeout) {\n return new UpstreamError(`[${svc}] timeout`, \"UPSTREAM_TIMEOUT\", 504, {cause: err?.message});\n }\n if (!err?.response) {\n return new UpstreamError(`[${svc}] unavailable`, \"UPSTREAM_UNAVAILABLE\", 503, {cause: err?.message});\n }\n if (status === 404) return new UpstreamError(`[${svc}] not found`, \"UPSTREAM_NOT_FOUND\", 404, data);\n if (status === 401) return new UpstreamError(`[${svc}] unauthorized`, \"UPSTREAM_UNAUTHORIZED\", 401, data);\n if (status === 403) return new UpstreamError(`[${svc}] forbidden`, \"UPSTREAM_FORBIDDEN\", 403, data);\n if (status >= 400 && status < 600) {\n return new UpstreamError(`[${svc}] bad response`, \"UPSTREAM_BAD_RESPONSE\", status, data);\n }\n return new UpstreamError(`[${svc}] unknown error`, \"UPSTREAM_UNKNOWN\", status, data);\n}\n","// packages/sdk/src/core/http.ts\nimport axios, {AxiosInstance, AxiosRequestConfig} from \"axios\";\nimport {REQUEST_ID_HEADER} from \"../middlewares/requestId\";\n\nexport type HttpClientOpts = {\n baseURL: string;\n timeoutMs?: number;\n};\n\n/**\n * Headers compatibles con múltiples versiones de axios.\n * En axios antiguo, `headers` suele ser `any`, así que mantenemos tolerancia.\n */\nexport type AnyHeaders = NonNullable<AxiosRequestConfig[\"headers\"]> | Record<string, string>;\n\n/**\n * Agrega x-request-id a headers (sin pisar otros headers).\n */\nexport function withRequestId(headers: AnyHeaders | undefined, requestId?: string | null): AnyHeaders {\n const h: Record<string, any> =\n headers && typeof headers === \"object\"\n ? {...(headers as any)}\n : {};\n\n const rid = (requestId || \"\").trim();\n if (rid) h[REQUEST_ID_HEADER] = rid;\n\n return h as AnyHeaders;\n}\n\n/**\n * Helper para construir config de axios con requestId\n * (SIN genéricos para compat con axios typings antiguos).\n */\nexport function withRequestIdConfig(\n config: AxiosRequestConfig = {},\n requestId?: string | null\n): AxiosRequestConfig {\n return {\n ...config,\n headers: withRequestId((config as any).headers, requestId) as any,\n };\n}\n\nexport function createHttpClient(opts: HttpClientOpts): AxiosInstance {\n return axios.create({\n baseURL: opts.baseURL,\n timeout: opts.timeoutMs ?? 4000,\n headers: {\"Content-Type\": \"application/json\"},\n });\n}\n","// clients/internalHttp.ts\n\ntype RetryPolicy = {\n retries: number;\n baseDelayMs: number;\n retryOnStatuses: number[];\n retryOnNetworkErrors: boolean;\n};\n\ntype InternalHttpOptions = {\n baseUrl: string;\n apiKey?: string; // x-internal-api-key\n timeoutMs?: number;\n retry?: Partial<RetryPolicy>;\n};\n\nconst DEFAULT_RETRY: RetryPolicy = {\n retries: 1,\n baseDelayMs: 150,\n retryOnStatuses: [429, 502, 503, 504],\n retryOnNetworkErrors: true,\n};\n\nfunction sleep(ms: number) {\n return new Promise((r) => setTimeout(r, ms));\n}\n\nfunction safeJsonStringify(v: any) {\n try {\n return JSON.stringify(v);\n } catch {\n return String(v);\n }\n}\n\nfunction toHeaders(init?: HeadersInit): Headers {\n return new Headers(init || {});\n}\n\nfunction isJsonContentType(contentType: string | null): boolean {\n if (!contentType) return false;\n const ct = contentType.toLowerCase();\n return ct.includes(\"application/json\") || ct.includes(\"+json\");\n}\n\nfunction isAbortError(e: any): boolean {\n return e?.name === \"AbortError\";\n}\n\nfunction withJitter(ms: number): number {\n // jitter +-20%\n const jitter = ms * 0.2;\n const delta = (Math.random() * 2 - 1) * jitter;\n return Math.max(0, Math.floor(ms + delta));\n}\n\nexport class InternalHttp {\n private readonly baseUrl: string;\n private readonly apiKey: string | undefined;\n private readonly timeoutMs: number;\n private retry: RetryPolicy;\n\n constructor(opts: InternalHttpOptions) {\n this.baseUrl = opts.baseUrl.replace(/\\/+$/, \"\");\n this.apiKey = opts.apiKey;\n\n // ✅ Default más seguro para internas (evita cascadas)\n this.timeoutMs = opts.timeoutMs ?? 4000;\n\n this.retry = {...DEFAULT_RETRY, ...(opts.retry || {})};\n }\n\n async request<T>(\n path: string,\n init: RequestInit & {\n requestId?: string;\n idempotencyKey?: string;\n headers?: HeadersInit;\n } = {}\n ): Promise<T> {\n const url = `${this.baseUrl}${path.startsWith(\"/\") ? \"\" : \"/\"}${path}`;\n\n const baseHeaders = toHeaders(init.headers);\n\n if (!baseHeaders.has(\"Content-Type\")) baseHeaders.set(\"Content-Type\", \"application/json\");\n if (this.apiKey) baseHeaders.set(\"x-internal-api-key\", this.apiKey);\n\n if (init.requestId) baseHeaders.set(\"x-request-id\", init.requestId);\n if (init.idempotencyKey) baseHeaders.set(\"Idempotency-Key\", init.idempotencyKey);\n\n const {headers: _ignored, ...restInit} = init;\n\n const doFetchOnce = async () => {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeoutMs);\n\n try {\n const res = await fetch(url, {\n ...restInit,\n headers: baseHeaders,\n signal: controller.signal,\n });\n\n if (!res.ok) {\n const text = await res.text().catch(() => \"\");\n const err: any = new Error(\n `HTTP ${res.status} ${res.statusText}${text ? ` - ${text}` : \"\"}`\n );\n err.status = res.status;\n err.body = text;\n throw err;\n }\n\n if (res.status === 204) return undefined as unknown as T;\n\n const contentType = res.headers.get(\"content-type\");\n if (isJsonContentType(contentType)) {\n return (await res.json()) as T;\n }\n\n const text = await res.text().catch(() => \"\");\n return text as unknown as T;\n } finally {\n clearTimeout(timeout);\n }\n };\n\n let attempt = 0;\n\n while (true) {\n try {\n return await doFetchOnce();\n } catch (e: any) {\n attempt++;\n\n const status = e?.status;\n const retryableStatus = !!status && this.retry.retryOnStatuses.includes(status);\n\n const retryableNetwork =\n this.retry.retryOnNetworkErrors &&\n (isAbortError(e) || !status); // sin status suele ser red/dns/timeout\n\n const isRetryable = retryableStatus || retryableNetwork;\n\n if (!isRetryable || attempt > this.retry.retries) {\n console.error(\n `[InternalHttp] request failed: ${url} attempt=${attempt} status=${status ?? \"n/a\"} err=${e?.message\n } body=${safeJsonStringify(e?.body)}`\n );\n throw e;\n }\n\n const backoff = withJitter(this.retry.baseDelayMs * attempt);\n await sleep(backoff);\n }\n }\n }\n}\n"],"mappings":";;;;;AASO,IAAM,gBAAN,cAA4B,MAAM;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EAEP,YAAY,SAAiB,MAAuB,QAAiB,SAAe;AAChF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,UAAU;AAAA,EACnB;AACJ;AAEO,SAAS,wBAAwB,KAAU,KAA4B;AAC1E,QAAM,SAAS,KAAK,UAAU;AAC9B,QAAM,OAAO,KAAK,UAAU;AAC5B,QAAM,YAAY,KAAK,SAAS,kBAAkB,OAAO,KAAK,WAAW,EAAE,EAAE,SAAS,SAAS;AAE/F,MAAI,WAAW;AACX,WAAO,IAAI,cAAc,IAAI,GAAG,aAAa,oBAAoB,KAAK,EAAC,OAAO,KAAK,QAAO,CAAC;AAAA,EAC/F;AACA,MAAI,CAAC,KAAK,UAAU;AAChB,WAAO,IAAI,cAAc,IAAI,GAAG,iBAAiB,wBAAwB,KAAK,EAAC,OAAO,KAAK,QAAO,CAAC;AAAA,EACvG;AACA,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,eAAe,sBAAsB,KAAK,IAAI;AAClG,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,kBAAkB,yBAAyB,KAAK,IAAI;AACxG,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,eAAe,sBAAsB,KAAK,IAAI;AAClG,MAAI,UAAU,OAAO,SAAS,KAAK;AAC/B,WAAO,IAAI,cAAc,IAAI,GAAG,kBAAkB,yBAAyB,QAAQ,IAAI;AAAA,EAC3F;AACA,SAAO,IAAI,cAAc,IAAI,GAAG,mBAAmB,oBAAoB,QAAQ,IAAI;AACvF;;;ACxCA,OAAO,WAAgD;AAiBhD,SAAS,cAAc,SAAiC,WAAuC;AAClG,QAAM,IACF,WAAW,OAAO,YAAY,WACxB,EAAC,GAAI,QAAe,IACpB,CAAC;AAEX,QAAM,OAAO,aAAa,IAAI,KAAK;AACnC,MAAI,IAAK,GAAE,iBAAiB,IAAI;AAEhC,SAAO;AACX;AAMO,SAAS,oBACZ,SAA6B,CAAC,GAC9B,WACkB;AAClB,SAAO;AAAA,IACH,GAAG;AAAA,IACH,SAAS,cAAe,OAAe,SAAS,SAAS;AAAA,EAC7D;AACJ;AAEO,SAAS,iBAAiB,MAAqC;AAClE,SAAO,MAAM,OAAO;AAAA,IAChB,SAAS,KAAK;AAAA,IACd,SAAS,KAAK,aAAa;AAAA,IAC3B,SAAS,EAAC,gBAAgB,mBAAkB;AAAA,EAChD,CAAC;AACL;;;AClCA,IAAM,gBAA6B;AAAA,EAC/B,SAAS;AAAA,EACT,aAAa;AAAA,EACb,iBAAiB,CAAC,KAAK,KAAK,KAAK,GAAG;AAAA,EACpC,sBAAsB;AAC1B;AAEA,SAAS,MAAM,IAAY;AACvB,SAAO,IAAI,QAAQ,CAAC,MAAM,WAAW,GAAG,EAAE,CAAC;AAC/C;AAEA,SAAS,kBAAkB,GAAQ;AAC/B,MAAI;AACA,WAAO,KAAK,UAAU,CAAC;AAAA,EAC3B,QAAQ;AACJ,WAAO,OAAO,CAAC;AAAA,EACnB;AACJ;AAEA,SAAS,UAAU,MAA6B;AAC5C,SAAO,IAAI,QAAQ,QAAQ,CAAC,CAAC;AACjC;AAEA,SAAS,kBAAkB,aAAqC;AAC5D,MAAI,CAAC,YAAa,QAAO;AACzB,QAAM,KAAK,YAAY,YAAY;AACnC,SAAO,GAAG,SAAS,kBAAkB,KAAK,GAAG,SAAS,OAAO;AACjE;AAEA,SAAS,aAAa,GAAiB;AACnC,SAAO,GAAG,SAAS;AACvB;AAEA,SAAS,WAAW,IAAoB;AAEpC,QAAM,SAAS,KAAK;AACpB,QAAM,SAAS,KAAK,OAAO,IAAI,IAAI,KAAK;AACxC,SAAO,KAAK,IAAI,GAAG,KAAK,MAAM,KAAK,KAAK,CAAC;AAC7C;AAEO,IAAM,eAAN,MAAmB;AAAA,EACL;AAAA,EACA;AAAA,EACA;AAAA,EACT;AAAA,EAER,YAAY,MAA2B;AACnC,SAAK,UAAU,KAAK,QAAQ,QAAQ,QAAQ,EAAE;AAC9C,SAAK,SAAS,KAAK;AAGnB,SAAK,YAAY,KAAK,aAAa;AAEnC,SAAK,QAAQ,EAAC,GAAG,eAAe,GAAI,KAAK,SAAS,CAAC,EAAE;AAAA,EACzD;AAAA,EAEA,MAAM,QACF,MACA,OAII,CAAC,GACK;AACV,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,KAAK,WAAW,GAAG,IAAI,KAAK,GAAG,GAAG,IAAI;AAEpE,UAAM,cAAc,UAAU,KAAK,OAAO;AAE1C,QAAI,CAAC,YAAY,IAAI,cAAc,EAAG,aAAY,IAAI,gBAAgB,kBAAkB;AACxF,QAAI,KAAK,OAAQ,aAAY,IAAI,sBAAsB,KAAK,MAAM;AAElE,QAAI,KAAK,UAAW,aAAY,IAAI,gBAAgB,KAAK,SAAS;AAClE,QAAI,KAAK,eAAgB,aAAY,IAAI,mBAAmB,KAAK,cAAc;AAE/E,UAAM,EAAC,SAAS,UAAU,GAAG,SAAQ,IAAI;AAEzC,UAAM,cAAc,YAAY;AAC5B,YAAM,aAAa,IAAI,gBAAgB;AACvC,YAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,SAAS;AAEnE,UAAI;AACA,cAAM,MAAM,MAAM,MAAM,KAAK;AAAA,UACzB,GAAG;AAAA,UACH,SAAS;AAAA,UACT,QAAQ,WAAW;AAAA,QACvB,CAAC;AAED,YAAI,CAAC,IAAI,IAAI;AACT,gBAAMA,QAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC5C,gBAAM,MAAW,IAAI;AAAA,YACjB,QAAQ,IAAI,MAAM,IAAI,IAAI,UAAU,GAAGA,QAAO,MAAMA,KAAI,KAAK,EAAE;AAAA,UACnE;AACA,cAAI,SAAS,IAAI;AACjB,cAAI,OAAOA;AACX,gBAAM;AAAA,QACV;AAEA,YAAI,IAAI,WAAW,IAAK,QAAO;AAE/B,cAAM,cAAc,IAAI,QAAQ,IAAI,cAAc;AAClD,YAAI,kBAAkB,WAAW,GAAG;AAChC,iBAAQ,MAAM,IAAI,KAAK;AAAA,QAC3B;AAEA,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC5C,eAAO;AAAA,MACX,UAAE;AACE,qBAAa,OAAO;AAAA,MACxB;AAAA,IACJ;AAEA,QAAI,UAAU;AAEd,WAAO,MAAM;AACT,UAAI;AACA,eAAO,MAAM,YAAY;AAAA,MAC7B,SAAS,GAAQ;AACb;AAEA,cAAM,SAAS,GAAG;AAClB,cAAM,kBAAkB,CAAC,CAAC,UAAU,KAAK,MAAM,gBAAgB,SAAS,MAAM;AAE9E,cAAM,mBACF,KAAK,MAAM,yBACV,aAAa,CAAC,KAAK,CAAC;AAEzB,cAAM,cAAc,mBAAmB;AAEvC,YAAI,CAAC,eAAe,UAAU,KAAK,MAAM,SAAS;AAC9C,kBAAQ;AAAA,YACJ,kCAAkC,GAAG,YAAY,OAAO,WAAW,UAAU,KAAK,QAAQ,GAAG,OAC7F,SAAS,kBAAkB,GAAG,IAAI,CAAC;AAAA,UACvC;AACA,gBAAM;AAAA,QACV;AAEA,cAAM,UAAU,WAAW,KAAK,MAAM,cAAc,OAAO;AAC3D,cAAM,MAAM,OAAO;AAAA,MACvB;AAAA,IACJ;AAAA,EACJ;AACJ;","names":["text"]}
package/dist/core/index.cjs CHANGED
@@ -31,7 +31,6 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
31
31
  var core_exports = {};
32
32
  __export(core_exports, {
33
33
  InternalHttp: () => InternalHttp,
34
- REQUEST_ID_HEADER: () => REQUEST_ID_HEADER,
35
34
  UpstreamError: () => UpstreamError,
36
35
  createHttpClient: () => createHttpClient,
37
36
  mapAxiosToUpstreamError: () => mapAxiosToUpstreamError,
@@ -74,7 +73,11 @@ function mapAxiosToUpstreamError(err, svc) {
74
73
 
75
74
  // src/core/http.ts
76
75
  var import_axios = __toESM(require("axios"), 1);
76
+
77
+ // src/middlewares/requestId.ts
77
78
  var REQUEST_ID_HEADER = "x-request-id";
79
+
80
+ // src/core/http.ts
78
81
  function withRequestId(headers, requestId) {
79
82
  const h = headers && typeof headers === "object" ? { ...headers } : {};
80
83
  const rid = (requestId || "").trim();
@@ -201,7 +204,6 @@ var InternalHttp = class {
201
204
  // Annotate the CommonJS export names for ESM import in node:
202
205
  0 && (module.exports = {
203
206
  InternalHttp,
204
- REQUEST_ID_HEADER,
205
207
  UpstreamError,
206
208
  createHttpClient,
207
209
  mapAxiosToUpstreamError,
package/dist/core/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/core/index.ts","../../src/core/errors.ts","../../src/core/http.ts","../../src/core/internalHttp.ts"],"sourcesContent":["// sdk/src/core/index.ts\n\nexport * from \"./errors\";\nexport * from \"./http\";\nexport * from \"./internalHttp\";\n","export type ClientErrorCode =\n | \"UPSTREAM_TIMEOUT\"\n | \"UPSTREAM_UNAVAILABLE\"\n | \"UPSTREAM_BAD_RESPONSE\"\n | \"UPSTREAM_NOT_FOUND\"\n | \"UPSTREAM_UNAUTHORIZED\"\n | \"UPSTREAM_FORBIDDEN\"\n | \"UPSTREAM_UNKNOWN\";\n\nexport class UpstreamError extends Error {\n public code: ClientErrorCode;\n public status?: number;\n public details?: any;\n\n constructor(message: string, code: ClientErrorCode, status?: number, details?: any) {\n super(message);\n this.name = \"UpstreamError\";\n this.code = code;\n this.status = status;\n this.details = details;\n }\n}\n\nexport function mapAxiosToUpstreamError(err: any, svc: string): UpstreamError {\n const status = err?.response?.status;\n const data = err?.response?.data;\n const isTimeout = err?.code === \"ECONNABORTED\" || String(err?.message || \"\").includes(\"timeout\");\n\n if (isTimeout) {\n return new UpstreamError(`[${svc}] timeout`, \"UPSTREAM_TIMEOUT\", 504, {cause: err?.message});\n }\n if (!err?.response) {\n return new UpstreamError(`[${svc}] unavailable`, \"UPSTREAM_UNAVAILABLE\", 503, {cause: err?.message});\n }\n if (status === 404) return new UpstreamError(`[${svc}] not found`, \"UPSTREAM_NOT_FOUND\", 404, data);\n if (status === 401) return new UpstreamError(`[${svc}] unauthorized`, \"UPSTREAM_UNAUTHORIZED\", 401, data);\n if (status === 403) return new UpstreamError(`[${svc}] forbidden`, \"UPSTREAM_FORBIDDEN\", 403, data);\n if (status >= 400 && status < 600) {\n return new UpstreamError(`[${svc}] bad response`, \"UPSTREAM_BAD_RESPONSE\", status, data);\n }\n return new UpstreamError(`[${svc}] unknown error`, \"UPSTREAM_UNKNOWN\", status, data);\n}\n","// clients/core/http.ts\nimport axios, {AxiosInstance, AxiosRequestConfig} from \"axios\";\n\nexport const REQUEST_ID_HEADER = \"x-request-id\";\n\nexport type HttpClientOpts = {\n baseURL: string;\n timeoutMs?: number;\n};\n\n/**\n * Headers compatibles con múltiples versiones de axios.\n * En axios antiguo, `headers` suele ser `any`, así que mantenemos tolerancia.\n */\nexport type AnyHeaders = NonNullable<AxiosRequestConfig[\"headers\"]> | Record<string, string>;\n\n/**\n * Agrega x-request-id a headers (sin pisar otros headers).\n */\nexport function withRequestId(headers: AnyHeaders | undefined, requestId?: string | null): AnyHeaders {\n const h: Record<string, any> =\n headers && typeof headers === \"object\"\n ? {...(headers as any)}\n : {};\n\n const rid = (requestId || \"\").trim();\n if (rid) h[REQUEST_ID_HEADER] = rid;\n\n return h as AnyHeaders;\n}\n\n/**\n * Helper para construir config de axios con requestId\n * (SIN genéricos para compat con axios typings antiguos).\n */\nexport function withRequestIdConfig(\n config: AxiosRequestConfig = {},\n requestId?: string | null\n): AxiosRequestConfig {\n return {\n ...config,\n headers: withRequestId((config as any).headers, requestId) as any,\n };\n}\n\nexport function createHttpClient(opts: HttpClientOpts): AxiosInstance {\n return axios.create({\n baseURL: opts.baseURL,\n timeout: opts.timeoutMs ?? 4000,\n headers: {\"Content-Type\": \"application/json\"},\n });\n}\n","// clients/internalHttp.ts\n\ntype RetryPolicy = {\n retries: number;\n baseDelayMs: number;\n retryOnStatuses: number[];\n retryOnNetworkErrors: boolean;\n};\n\ntype InternalHttpOptions = {\n baseUrl: string;\n apiKey?: string; // x-internal-api-key\n timeoutMs?: number;\n retry?: Partial<RetryPolicy>;\n};\n\nconst DEFAULT_RETRY: RetryPolicy = {\n retries: 1,\n baseDelayMs: 150,\n retryOnStatuses: [429, 502, 503, 504],\n retryOnNetworkErrors: true,\n};\n\nfunction sleep(ms: number) {\n return new Promise((r) => setTimeout(r, ms));\n}\n\nfunction safeJsonStringify(v: any) {\n try {\n return JSON.stringify(v);\n } catch {\n return String(v);\n }\n}\n\nfunction toHeaders(init?: HeadersInit): Headers {\n return new Headers(init || {});\n}\n\nfunction isJsonContentType(contentType: string | null): boolean {\n if (!contentType) return false;\n const ct = contentType.toLowerCase();\n return ct.includes(\"application/json\") || ct.includes(\"+json\");\n}\n\nfunction isAbortError(e: any): boolean {\n return e?.name === \"AbortError\";\n}\n\nfunction withJitter(ms: number): number {\n // jitter +-20%\n const jitter = ms * 0.2;\n const delta = (Math.random() * 2 - 1) * jitter;\n return Math.max(0, Math.floor(ms + delta));\n}\n\nexport class InternalHttp {\n private readonly baseUrl: string;\n private readonly apiKey: string | undefined;\n private readonly timeoutMs: number;\n private retry: RetryPolicy;\n\n constructor(opts: InternalHttpOptions) {\n this.baseUrl = opts.baseUrl.replace(/\\/+$/, \"\");\n this.apiKey = opts.apiKey;\n\n // ✅ Default más seguro para internas (evita cascadas)\n this.timeoutMs = opts.timeoutMs ?? 4000;\n\n this.retry = {...DEFAULT_RETRY, ...(opts.retry || {})};\n }\n\n async request<T>(\n path: string,\n init: RequestInit & {\n requestId?: string;\n idempotencyKey?: string;\n headers?: HeadersInit;\n } = {}\n ): Promise<T> {\n const url = `${this.baseUrl}${path.startsWith(\"/\") ? \"\" : \"/\"}${path}`;\n\n const baseHeaders = toHeaders(init.headers);\n\n if (!baseHeaders.has(\"Content-Type\")) baseHeaders.set(\"Content-Type\", \"application/json\");\n if (this.apiKey) baseHeaders.set(\"x-internal-api-key\", this.apiKey);\n\n if (init.requestId) baseHeaders.set(\"x-request-id\", init.requestId);\n if (init.idempotencyKey) baseHeaders.set(\"Idempotency-Key\", init.idempotencyKey);\n\n const {headers: _ignored, ...restInit} = init;\n\n const doFetchOnce = async () => {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeoutMs);\n\n try {\n const res = await fetch(url, {\n ...restInit,\n headers: baseHeaders,\n signal: controller.signal,\n });\n\n if (!res.ok) {\n const text = await res.text().catch(() => \"\");\n const err: any = new Error(\n `HTTP ${res.status} ${res.statusText}${text ? ` - ${text}` : \"\"}`\n );\n err.status = res.status;\n err.body = text;\n throw err;\n }\n\n if (res.status === 204) return undefined as unknown as T;\n\n const contentType = res.headers.get(\"content-type\");\n if (isJsonContentType(contentType)) {\n return (await res.json()) as T;\n }\n\n const text = await res.text().catch(() => \"\");\n return text as unknown as T;\n } finally {\n clearTimeout(timeout);\n }\n };\n\n let attempt = 0;\n\n while (true) {\n try {\n return await doFetchOnce();\n } catch (e: any) {\n attempt++;\n\n const status = e?.status;\n const retryableStatus = !!status && this.retry.retryOnStatuses.includes(status);\n\n const retryableNetwork =\n this.retry.retryOnNetworkErrors &&\n (isAbortError(e) || !status); // sin status suele ser red/dns/timeout\n\n const isRetryable = retryableStatus || retryableNetwork;\n\n if (!isRetryable || attempt > this.retry.retries) {\n console.error(\n `[InternalHttp] request failed: ${url} attempt=${attempt} status=${status ?? \"n/a\"} err=${e?.message\n } body=${safeJsonStringify(e?.body)}`\n );\n throw e;\n }\n\n const backoff = withJitter(this.retry.baseDelayMs * attempt);\n await sleep(backoff);\n }\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACSO,IAAM,gBAAN,cAA4B,MAAM;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EAEP,YAAY,SAAiB,MAAuB,QAAiB,SAAe;AAChF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,UAAU;AAAA,EACnB;AACJ;AAEO,SAAS,wBAAwB,KAAU,KAA4B;AAC1E,QAAM,SAAS,KAAK,UAAU;AAC9B,QAAM,OAAO,KAAK,UAAU;AAC5B,QAAM,YAAY,KAAK,SAAS,kBAAkB,OAAO,KAAK,WAAW,EAAE,EAAE,SAAS,SAAS;AAE/F,MAAI,WAAW;AACX,WAAO,IAAI,cAAc,IAAI,GAAG,aAAa,oBAAoB,KAAK,EAAC,OAAO,KAAK,QAAO,CAAC;AAAA,EAC/F;AACA,MAAI,CAAC,KAAK,UAAU;AAChB,WAAO,IAAI,cAAc,IAAI,GAAG,iBAAiB,wBAAwB,KAAK,EAAC,OAAO,KAAK,QAAO,CAAC;AAAA,EACvG;AACA,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,eAAe,sBAAsB,KAAK,IAAI;AAClG,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,kBAAkB,yBAAyB,KAAK,IAAI;AACxG,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,eAAe,sBAAsB,KAAK,IAAI;AAClG,MAAI,UAAU,OAAO,SAAS,KAAK;AAC/B,WAAO,IAAI,cAAc,IAAI,GAAG,kBAAkB,yBAAyB,QAAQ,IAAI;AAAA,EAC3F;AACA,SAAO,IAAI,cAAc,IAAI,GAAG,mBAAmB,oBAAoB,QAAQ,IAAI;AACvF;;;ACxCA,mBAAuD;AAEhD,IAAM,oBAAoB;AAgB1B,SAAS,cAAc,SAAiC,WAAuC;AAClG,QAAM,IACF,WAAW,OAAO,YAAY,WACxB,EAAC,GAAI,QAAe,IACpB,CAAC;AAEX,QAAM,OAAO,aAAa,IAAI,KAAK;AACnC,MAAI,IAAK,GAAE,iBAAiB,IAAI;AAEhC,SAAO;AACX;AAMO,SAAS,oBACZ,SAA6B,CAAC,GAC9B,WACkB;AAClB,SAAO;AAAA,IACH,GAAG;AAAA,IACH,SAAS,cAAe,OAAe,SAAS,SAAS;AAAA,EAC7D;AACJ;AAEO,SAAS,iBAAiB,MAAqC;AAClE,SAAO,aAAAA,QAAM,OAAO;AAAA,IAChB,SAAS,KAAK;AAAA,IACd,SAAS,KAAK,aAAa;AAAA,IAC3B,SAAS,EAAC,gBAAgB,mBAAkB;AAAA,EAChD,CAAC;AACL;;;ACnCA,IAAM,gBAA6B;AAAA,EAC/B,SAAS;AAAA,EACT,aAAa;AAAA,EACb,iBAAiB,CAAC,KAAK,KAAK,KAAK,GAAG;AAAA,EACpC,sBAAsB;AAC1B;AAEA,SAAS,MAAM,IAAY;AACvB,SAAO,IAAI,QAAQ,CAAC,MAAM,WAAW,GAAG,EAAE,CAAC;AAC/C;AAEA,SAAS,kBAAkB,GAAQ;AAC/B,MAAI;AACA,WAAO,KAAK,UAAU,CAAC;AAAA,EAC3B,QAAQ;AACJ,WAAO,OAAO,CAAC;AAAA,EACnB;AACJ;AAEA,SAAS,UAAU,MAA6B;AAC5C,SAAO,IAAI,QAAQ,QAAQ,CAAC,CAAC;AACjC;AAEA,SAAS,kBAAkB,aAAqC;AAC5D,MAAI,CAAC,YAAa,QAAO;AACzB,QAAM,KAAK,YAAY,YAAY;AACnC,SAAO,GAAG,SAAS,kBAAkB,KAAK,GAAG,SAAS,OAAO;AACjE;AAEA,SAAS,aAAa,GAAiB;AACnC,SAAO,GAAG,SAAS;AACvB;AAEA,SAAS,WAAW,IAAoB;AAEpC,QAAM,SAAS,KAAK;AACpB,QAAM,SAAS,KAAK,OAAO,IAAI,IAAI,KAAK;AACxC,SAAO,KAAK,IAAI,GAAG,KAAK,MAAM,KAAK,KAAK,CAAC;AAC7C;AAEO,IAAM,eAAN,MAAmB;AAAA,EACL;AAAA,EACA;AAAA,EACA;AAAA,EACT;AAAA,EAER,YAAY,MAA2B;AACnC,SAAK,UAAU,KAAK,QAAQ,QAAQ,QAAQ,EAAE;AAC9C,SAAK,SAAS,KAAK;AAGnB,SAAK,YAAY,KAAK,aAAa;AAEnC,SAAK,QAAQ,EAAC,GAAG,eAAe,GAAI,KAAK,SAAS,CAAC,EAAE;AAAA,EACzD;AAAA,EAEA,MAAM,QACF,MACA,OAII,CAAC,GACK;AACV,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,KAAK,WAAW,GAAG,IAAI,KAAK,GAAG,GAAG,IAAI;AAEpE,UAAM,cAAc,UAAU,KAAK,OAAO;AAE1C,QAAI,CAAC,YAAY,IAAI,cAAc,EAAG,aAAY,IAAI,gBAAgB,kBAAkB;AACxF,QAAI,KAAK,OAAQ,aAAY,IAAI,sBAAsB,KAAK,MAAM;AAElE,QAAI,KAAK,UAAW,aAAY,IAAI,gBAAgB,KAAK,SAAS;AAClE,QAAI,KAAK,eAAgB,aAAY,IAAI,mBAAmB,KAAK,cAAc;AAE/E,UAAM,EAAC,SAAS,UAAU,GAAG,SAAQ,IAAI;AAEzC,UAAM,cAAc,YAAY;AAC5B,YAAM,aAAa,IAAI,gBAAgB;AACvC,YAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,SAAS;AAEnE,UAAI;AACA,cAAM,MAAM,MAAM,MAAM,KAAK;AAAA,UACzB,GAAG;AAAA,UACH,SAAS;AAAA,UACT,QAAQ,WAAW;AAAA,QACvB,CAAC;AAED,YAAI,CAAC,IAAI,IAAI;AACT,gBAAMC,QAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC5C,gBAAM,MAAW,IAAI;AAAA,YACjB,QAAQ,IAAI,MAAM,IAAI,IAAI,UAAU,GAAGA,QAAO,MAAMA,KAAI,KAAK,EAAE;AAAA,UACnE;AACA,cAAI,SAAS,IAAI;AACjB,cAAI,OAAOA;AACX,gBAAM;AAAA,QACV;AAEA,YAAI,IAAI,WAAW,IAAK,QAAO;AAE/B,cAAM,cAAc,IAAI,QAAQ,IAAI,cAAc;AAClD,YAAI,kBAAkB,WAAW,GAAG;AAChC,iBAAQ,MAAM,IAAI,KAAK;AAAA,QAC3B;AAEA,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC5C,eAAO;AAAA,MACX,UAAE;AACE,qBAAa,OAAO;AAAA,MACxB;AAAA,IACJ;AAEA,QAAI,UAAU;AAEd,WAAO,MAAM;AACT,UAAI;AACA,eAAO,MAAM,YAAY;AAAA,MAC7B,SAAS,GAAQ;AACb;AAEA,cAAM,SAAS,GAAG;AAClB,cAAM,kBAAkB,CAAC,CAAC,UAAU,KAAK,MAAM,gBAAgB,SAAS,MAAM;AAE9E,cAAM,mBACF,KAAK,MAAM,yBACV,aAAa,CAAC,KAAK,CAAC;AAEzB,cAAM,cAAc,mBAAmB;AAEvC,YAAI,CAAC,eAAe,UAAU,KAAK,MAAM,SAAS;AAC9C,kBAAQ;AAAA,YACJ,kCAAkC,GAAG,YAAY,OAAO,WAAW,UAAU,KAAK,QAAQ,GAAG,OAC7F,SAAS,kBAAkB,GAAG,IAAI,CAAC;AAAA,UACvC;AACA,gBAAM;AAAA,QACV;AAEA,cAAM,UAAU,WAAW,KAAK,MAAM,cAAc,OAAO;AAC3D,cAAM,MAAM,OAAO;AAAA,MACvB;AAAA,IACJ;AAAA,EACJ;AACJ;","names":["axios","text"]}
1
+ {"version":3,"sources":["../../src/core/index.ts","../../src/core/errors.ts","../../src/core/http.ts","../../src/middlewares/requestId.ts","../../src/core/internalHttp.ts"],"sourcesContent":["// sdk/src/core/index.ts\n\nexport * from \"./errors\";\nexport * from \"./http\";\nexport * from \"./internalHttp\";\n","export type ClientErrorCode =\n | \"UPSTREAM_TIMEOUT\"\n | \"UPSTREAM_UNAVAILABLE\"\n | \"UPSTREAM_BAD_RESPONSE\"\n | \"UPSTREAM_NOT_FOUND\"\n | \"UPSTREAM_UNAUTHORIZED\"\n | \"UPSTREAM_FORBIDDEN\"\n | \"UPSTREAM_UNKNOWN\";\n\nexport class UpstreamError extends Error {\n public code: ClientErrorCode;\n public status?: number;\n public details?: any;\n\n constructor(message: string, code: ClientErrorCode, status?: number, details?: any) {\n super(message);\n this.name = \"UpstreamError\";\n this.code = code;\n this.status = status;\n this.details = details;\n }\n}\n\nexport function mapAxiosToUpstreamError(err: any, svc: string): UpstreamError {\n const status = err?.response?.status;\n const data = err?.response?.data;\n const isTimeout = err?.code === \"ECONNABORTED\" || String(err?.message || \"\").includes(\"timeout\");\n\n if (isTimeout) {\n return new UpstreamError(`[${svc}] timeout`, \"UPSTREAM_TIMEOUT\", 504, {cause: err?.message});\n }\n if (!err?.response) {\n return new UpstreamError(`[${svc}] unavailable`, \"UPSTREAM_UNAVAILABLE\", 503, {cause: err?.message});\n }\n if (status === 404) return new UpstreamError(`[${svc}] not found`, \"UPSTREAM_NOT_FOUND\", 404, data);\n if (status === 401) return new UpstreamError(`[${svc}] unauthorized`, \"UPSTREAM_UNAUTHORIZED\", 401, data);\n if (status === 403) return new UpstreamError(`[${svc}] forbidden`, \"UPSTREAM_FORBIDDEN\", 403, data);\n if (status >= 400 && status < 600) {\n return new UpstreamError(`[${svc}] bad response`, \"UPSTREAM_BAD_RESPONSE\", status, data);\n }\n return new UpstreamError(`[${svc}] unknown error`, \"UPSTREAM_UNKNOWN\", status, data);\n}\n","// packages/sdk/src/core/http.ts\nimport axios, {AxiosInstance, AxiosRequestConfig} from \"axios\";\nimport {REQUEST_ID_HEADER} from \"../middlewares/requestId\";\n\nexport type HttpClientOpts = {\n baseURL: string;\n timeoutMs?: number;\n};\n\n/**\n * Headers compatibles con múltiples versiones de axios.\n * En axios antiguo, `headers` suele ser `any`, así que mantenemos tolerancia.\n */\nexport type AnyHeaders = NonNullable<AxiosRequestConfig[\"headers\"]> | Record<string, string>;\n\n/**\n * Agrega x-request-id a headers (sin pisar otros headers).\n */\nexport function withRequestId(headers: AnyHeaders | undefined, requestId?: string | null): AnyHeaders {\n const h: Record<string, any> =\n headers && typeof headers === \"object\"\n ? {...(headers as any)}\n : {};\n\n const rid = (requestId || \"\").trim();\n if (rid) h[REQUEST_ID_HEADER] = rid;\n\n return h as AnyHeaders;\n}\n\n/**\n * Helper para construir config de axios con requestId\n * (SIN genéricos para compat con axios typings antiguos).\n */\nexport function withRequestIdConfig(\n config: AxiosRequestConfig = {},\n requestId?: string | null\n): AxiosRequestConfig {\n return {\n ...config,\n headers: withRequestId((config as any).headers, requestId) as any,\n };\n}\n\nexport function createHttpClient(opts: HttpClientOpts): AxiosInstance {\n return axios.create({\n baseURL: opts.baseURL,\n timeout: opts.timeoutMs ?? 4000,\n headers: {\"Content-Type\": \"application/json\"},\n });\n}\n","// middlewares/requestId.ts\nimport type {Request, Response, NextFunction} from \"express\";\nimport {randomUUID, randomBytes} from \"crypto\";\n\nexport const REQUEST_ID_HEADER = \"x-request-id\";\nexport const REQUEST_ID_HEADER_ALT = \"x-requestid\";\nexport const RESPONSE_REQUEST_ID_HEADER = \"X-Request-Id\";\n\n// Si quieres IDs más cortos (opcional). Por defecto usamos UUID.\nfunction nanoidLike(len = 21) {\n return randomBytes(16).toString(\"base64url\").slice(0, len);\n}\n\nexport default function requestId(req: Request, res: Response, next: NextFunction) {\n const headerId = (req.headers[REQUEST_ID_HEADER] || req.headers[REQUEST_ID_HEADER_ALT]) as\n | string\n | undefined;\n\n // ✅ estándar único: usa UUID (o cambia a nanoidLike() si prefieres corto)\n const id = headerId?.trim() || randomUUID();\n\n // ✅ estándar único (no legacy)\n (req as any).requestId = id;\n res.locals.requestId = id;\n\n // ✅ respuesta\n res.setHeader(RESPONSE_REQUEST_ID_HEADER, id);\n\n next();\n}\n","// clients/internalHttp.ts\n\ntype RetryPolicy = {\n retries: number;\n baseDelayMs: number;\n retryOnStatuses: number[];\n retryOnNetworkErrors: boolean;\n};\n\ntype InternalHttpOptions = {\n baseUrl: string;\n apiKey?: string; // x-internal-api-key\n timeoutMs?: number;\n retry?: Partial<RetryPolicy>;\n};\n\nconst DEFAULT_RETRY: RetryPolicy = {\n retries: 1,\n baseDelayMs: 150,\n retryOnStatuses: [429, 502, 503, 504],\n retryOnNetworkErrors: true,\n};\n\nfunction sleep(ms: number) {\n return new Promise((r) => setTimeout(r, ms));\n}\n\nfunction safeJsonStringify(v: any) {\n try {\n return JSON.stringify(v);\n } catch {\n return String(v);\n }\n}\n\nfunction toHeaders(init?: HeadersInit): Headers {\n return new Headers(init || {});\n}\n\nfunction isJsonContentType(contentType: string | null): boolean {\n if (!contentType) return false;\n const ct = contentType.toLowerCase();\n return ct.includes(\"application/json\") || ct.includes(\"+json\");\n}\n\nfunction isAbortError(e: any): boolean {\n return e?.name === \"AbortError\";\n}\n\nfunction withJitter(ms: number): number {\n // jitter +-20%\n const jitter = ms * 0.2;\n const delta = (Math.random() * 2 - 1) * jitter;\n return Math.max(0, Math.floor(ms + delta));\n}\n\nexport class InternalHttp {\n private readonly baseUrl: string;\n private readonly apiKey: string | undefined;\n private readonly timeoutMs: number;\n private retry: RetryPolicy;\n\n constructor(opts: InternalHttpOptions) {\n this.baseUrl = opts.baseUrl.replace(/\\/+$/, \"\");\n this.apiKey = opts.apiKey;\n\n // ✅ Default más seguro para internas (evita cascadas)\n this.timeoutMs = opts.timeoutMs ?? 4000;\n\n this.retry = {...DEFAULT_RETRY, ...(opts.retry || {})};\n }\n\n async request<T>(\n path: string,\n init: RequestInit & {\n requestId?: string;\n idempotencyKey?: string;\n headers?: HeadersInit;\n } = {}\n ): Promise<T> {\n const url = `${this.baseUrl}${path.startsWith(\"/\") ? \"\" : \"/\"}${path}`;\n\n const baseHeaders = toHeaders(init.headers);\n\n if (!baseHeaders.has(\"Content-Type\")) baseHeaders.set(\"Content-Type\", \"application/json\");\n if (this.apiKey) baseHeaders.set(\"x-internal-api-key\", this.apiKey);\n\n if (init.requestId) baseHeaders.set(\"x-request-id\", init.requestId);\n if (init.idempotencyKey) baseHeaders.set(\"Idempotency-Key\", init.idempotencyKey);\n\n const {headers: _ignored, ...restInit} = init;\n\n const doFetchOnce = async () => {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeoutMs);\n\n try {\n const res = await fetch(url, {\n ...restInit,\n headers: baseHeaders,\n signal: controller.signal,\n });\n\n if (!res.ok) {\n const text = await res.text().catch(() => \"\");\n const err: any = new Error(\n `HTTP ${res.status} ${res.statusText}${text ? ` - ${text}` : \"\"}`\n );\n err.status = res.status;\n err.body = text;\n throw err;\n }\n\n if (res.status === 204) return undefined as unknown as T;\n\n const contentType = res.headers.get(\"content-type\");\n if (isJsonContentType(contentType)) {\n return (await res.json()) as T;\n }\n\n const text = await res.text().catch(() => \"\");\n return text as unknown as T;\n } finally {\n clearTimeout(timeout);\n }\n };\n\n let attempt = 0;\n\n while (true) {\n try {\n return await doFetchOnce();\n } catch (e: any) {\n attempt++;\n\n const status = e?.status;\n const retryableStatus = !!status && this.retry.retryOnStatuses.includes(status);\n\n const retryableNetwork =\n this.retry.retryOnNetworkErrors &&\n (isAbortError(e) || !status); // sin status suele ser red/dns/timeout\n\n const isRetryable = retryableStatus || retryableNetwork;\n\n if (!isRetryable || attempt > this.retry.retries) {\n console.error(\n `[InternalHttp] request failed: ${url} attempt=${attempt} status=${status ?? \"n/a\"} err=${e?.message\n } body=${safeJsonStringify(e?.body)}`\n );\n throw e;\n }\n\n const backoff = withJitter(this.retry.baseDelayMs * attempt);\n await sleep(backoff);\n }\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACSO,IAAM,gBAAN,cAA4B,MAAM;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EAEP,YAAY,SAAiB,MAAuB,QAAiB,SAAe;AAChF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,UAAU;AAAA,EACnB;AACJ;AAEO,SAAS,wBAAwB,KAAU,KAA4B;AAC1E,QAAM,SAAS,KAAK,UAAU;AAC9B,QAAM,OAAO,KAAK,UAAU;AAC5B,QAAM,YAAY,KAAK,SAAS,kBAAkB,OAAO,KAAK,WAAW,EAAE,EAAE,SAAS,SAAS;AAE/F,MAAI,WAAW;AACX,WAAO,IAAI,cAAc,IAAI,GAAG,aAAa,oBAAoB,KAAK,EAAC,OAAO,KAAK,QAAO,CAAC;AAAA,EAC/F;AACA,MAAI,CAAC,KAAK,UAAU;AAChB,WAAO,IAAI,cAAc,IAAI,GAAG,iBAAiB,wBAAwB,KAAK,EAAC,OAAO,KAAK,QAAO,CAAC;AAAA,EACvG;AACA,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,eAAe,sBAAsB,KAAK,IAAI;AAClG,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,kBAAkB,yBAAyB,KAAK,IAAI;AACxG,MAAI,WAAW,IAAK,QAAO,IAAI,cAAc,IAAI,GAAG,eAAe,sBAAsB,KAAK,IAAI;AAClG,MAAI,UAAU,OAAO,SAAS,KAAK;AAC/B,WAAO,IAAI,cAAc,IAAI,GAAG,kBAAkB,yBAAyB,QAAQ,IAAI;AAAA,EAC3F;AACA,SAAO,IAAI,cAAc,IAAI,GAAG,mBAAmB,oBAAoB,QAAQ,IAAI;AACvF;;;ACxCA,mBAAuD;;;ACGhD,IAAM,oBAAoB;;;ADc1B,SAAS,cAAc,SAAiC,WAAuC;AAClG,QAAM,IACF,WAAW,OAAO,YAAY,WACxB,EAAC,GAAI,QAAe,IACpB,CAAC;AAEX,QAAM,OAAO,aAAa,IAAI,KAAK;AACnC,MAAI,IAAK,GAAE,iBAAiB,IAAI;AAEhC,SAAO;AACX;AAMO,SAAS,oBACZ,SAA6B,CAAC,GAC9B,WACkB;AAClB,SAAO;AAAA,IACH,GAAG;AAAA,IACH,SAAS,cAAe,OAAe,SAAS,SAAS;AAAA,EAC7D;AACJ;AAEO,SAAS,iBAAiB,MAAqC;AAClE,SAAO,aAAAA,QAAM,OAAO;AAAA,IAChB,SAAS,KAAK;AAAA,IACd,SAAS,KAAK,aAAa;AAAA,IAC3B,SAAS,EAAC,gBAAgB,mBAAkB;AAAA,EAChD,CAAC;AACL;;;AElCA,IAAM,gBAA6B;AAAA,EAC/B,SAAS;AAAA,EACT,aAAa;AAAA,EACb,iBAAiB,CAAC,KAAK,KAAK,KAAK,GAAG;AAAA,EACpC,sBAAsB;AAC1B;AAEA,SAAS,MAAM,IAAY;AACvB,SAAO,IAAI,QAAQ,CAAC,MAAM,WAAW,GAAG,EAAE,CAAC;AAC/C;AAEA,SAAS,kBAAkB,GAAQ;AAC/B,MAAI;AACA,WAAO,KAAK,UAAU,CAAC;AAAA,EAC3B,QAAQ;AACJ,WAAO,OAAO,CAAC;AAAA,EACnB;AACJ;AAEA,SAAS,UAAU,MAA6B;AAC5C,SAAO,IAAI,QAAQ,QAAQ,CAAC,CAAC;AACjC;AAEA,SAAS,kBAAkB,aAAqC;AAC5D,MAAI,CAAC,YAAa,QAAO;AACzB,QAAM,KAAK,YAAY,YAAY;AACnC,SAAO,GAAG,SAAS,kBAAkB,KAAK,GAAG,SAAS,OAAO;AACjE;AAEA,SAAS,aAAa,GAAiB;AACnC,SAAO,GAAG,SAAS;AACvB;AAEA,SAAS,WAAW,IAAoB;AAEpC,QAAM,SAAS,KAAK;AACpB,QAAM,SAAS,KAAK,OAAO,IAAI,IAAI,KAAK;AACxC,SAAO,KAAK,IAAI,GAAG,KAAK,MAAM,KAAK,KAAK,CAAC;AAC7C;AAEO,IAAM,eAAN,MAAmB;AAAA,EACL;AAAA,EACA;AAAA,EACA;AAAA,EACT;AAAA,EAER,YAAY,MAA2B;AACnC,SAAK,UAAU,KAAK,QAAQ,QAAQ,QAAQ,EAAE;AAC9C,SAAK,SAAS,KAAK;AAGnB,SAAK,YAAY,KAAK,aAAa;AAEnC,SAAK,QAAQ,EAAC,GAAG,eAAe,GAAI,KAAK,SAAS,CAAC,EAAE;AAAA,EACzD;AAAA,EAEA,MAAM,QACF,MACA,OAII,CAAC,GACK;AACV,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,KAAK,WAAW,GAAG,IAAI,KAAK,GAAG,GAAG,IAAI;AAEpE,UAAM,cAAc,UAAU,KAAK,OAAO;AAE1C,QAAI,CAAC,YAAY,IAAI,cAAc,EAAG,aAAY,IAAI,gBAAgB,kBAAkB;AACxF,QAAI,KAAK,OAAQ,aAAY,IAAI,sBAAsB,KAAK,MAAM;AAElE,QAAI,KAAK,UAAW,aAAY,IAAI,gBAAgB,KAAK,SAAS;AAClE,QAAI,KAAK,eAAgB,aAAY,IAAI,mBAAmB,KAAK,cAAc;AAE/E,UAAM,EAAC,SAAS,UAAU,GAAG,SAAQ,IAAI;AAEzC,UAAM,cAAc,YAAY;AAC5B,YAAM,aAAa,IAAI,gBAAgB;AACvC,YAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,SAAS;AAEnE,UAAI;AACA,cAAM,MAAM,MAAM,MAAM,KAAK;AAAA,UACzB,GAAG;AAAA,UACH,SAAS;AAAA,UACT,QAAQ,WAAW;AAAA,QACvB,CAAC;AAED,YAAI,CAAC,IAAI,IAAI;AACT,gBAAMC,QAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC5C,gBAAM,MAAW,IAAI;AAAA,YACjB,QAAQ,IAAI,MAAM,IAAI,IAAI,UAAU,GAAGA,QAAO,MAAMA,KAAI,KAAK,EAAE;AAAA,UACnE;AACA,cAAI,SAAS,IAAI;AACjB,cAAI,OAAOA;AACX,gBAAM;AAAA,QACV;AAEA,YAAI,IAAI,WAAW,IAAK,QAAO;AAE/B,cAAM,cAAc,IAAI,QAAQ,IAAI,cAAc;AAClD,YAAI,kBAAkB,WAAW,GAAG;AAChC,iBAAQ,MAAM,IAAI,KAAK;AAAA,QAC3B;AAEA,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,EAAE;AAC5C,eAAO;AAAA,MACX,UAAE;AACE,qBAAa,OAAO;AAAA,MACxB;AAAA,IACJ;AAEA,QAAI,UAAU;AAEd,WAAO,MAAM;AACT,UAAI;AACA,eAAO,MAAM,YAAY;AAAA,MAC7B,SAAS,GAAQ;AACb;AAEA,cAAM,SAAS,GAAG;AAClB,cAAM,kBAAkB,CAAC,CAAC,UAAU,KAAK,MAAM,gBAAgB,SAAS,MAAM;AAE9E,cAAM,mBACF,KAAK,MAAM,yBACV,aAAa,CAAC,KAAK,CAAC;AAEzB,cAAM,cAAc,mBAAmB;AAEvC,YAAI,CAAC,eAAe,UAAU,KAAK,MAAM,SAAS;AAC9C,kBAAQ;AAAA,YACJ,kCAAkC,GAAG,YAAY,OAAO,WAAW,UAAU,KAAK,QAAQ,GAAG,OAC7F,SAAS,kBAAkB,GAAG,IAAI,CAAC;AAAA,UACvC;AACA,gBAAM;AAAA,QACV;AAEA,cAAM,UAAU,WAAW,KAAK,MAAM,cAAc,OAAO;AAC3D,cAAM,MAAM,OAAO;AAAA,MACvB;AAAA,IACJ;AAAA,EACJ;AACJ;","names":["axios","text"]}
package/dist/core/index.d.cts CHANGED
@@ -9,7 +9,6 @@ declare class UpstreamError extends Error {
9
9
  }
10
10
  declare function mapAxiosToUpstreamError(err: any, svc: string): UpstreamError;
11
11
 
12
- declare const REQUEST_ID_HEADER = "x-request-id";
13
12
  type HttpClientOpts = {
14
13
  baseURL: string;
15
14
  timeoutMs?: number;
@@ -55,4 +54,4 @@ declare class InternalHttp {
55
54
  }): Promise<T>;
56
55
  }
57
56
 
58
- export { type AnyHeaders, type ClientErrorCode, type HttpClientOpts, InternalHttp, REQUEST_ID_HEADER, UpstreamError, createHttpClient, mapAxiosToUpstreamError, withRequestId, withRequestIdConfig };
57
+ export { type AnyHeaders, type ClientErrorCode, type HttpClientOpts, InternalHttp, UpstreamError, createHttpClient, mapAxiosToUpstreamError, withRequestId, withRequestIdConfig };
package/dist/core/index.d.ts CHANGED
@@ -9,7 +9,6 @@ declare class UpstreamError extends Error {
9
9
  }
10
10
  declare function mapAxiosToUpstreamError(err: any, svc: string): UpstreamError;
11
11
 
12
- declare const REQUEST_ID_HEADER = "x-request-id";
13
12
  type HttpClientOpts = {
14
13
  baseURL: string;
15
14
  timeoutMs?: number;
@@ -55,4 +54,4 @@ declare class InternalHttp {
55
54
  }): Promise<T>;
56
55
  }
57
56
 
58
- export { type AnyHeaders, type ClientErrorCode, type HttpClientOpts, InternalHttp, REQUEST_ID_HEADER, UpstreamError, createHttpClient, mapAxiosToUpstreamError, withRequestId, withRequestIdConfig };
57
+ export { type AnyHeaders, type ClientErrorCode, type HttpClientOpts, InternalHttp, UpstreamError, createHttpClient, mapAxiosToUpstreamError, withRequestId, withRequestIdConfig };
package/dist/core/index.js CHANGED
@@ -1,16 +1,14 @@
1
1
  import {
2
2
  InternalHttp,
3
- REQUEST_ID_HEADER,
4
3
  UpstreamError,
5
4
  createHttpClient,
6
5
  mapAxiosToUpstreamError,
7
6
  withRequestId,
8
7
  withRequestIdConfig
9
- } from "../chunk-GG7EI74E.js";
10
- import "../chunk-PZ5AY32C.js";
8
+ } from "../chunk-RA5PN2F4.js";
9
+ import "../chunk-OJUNVATQ.js";
11
10
  export {
12
11
  InternalHttp,
13
- REQUEST_ID_HEADER,
14
12
  UpstreamError,
15
13
  createHttpClient,
16
14
  mapAxiosToUpstreamError,
package/dist/express.cjs ADDED
@@ -0,0 +1,19 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __copyProps = (to, from, except, desc) => {
7
+ if (from && typeof from === "object" || typeof from === "function") {
8
+ for (let key of __getOwnPropNames(from))
9
+ if (!__hasOwnProp.call(to, key) && key !== except)
10
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
11
+ }
12
+ return to;
13
+ };
14
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
15
+
16
+ // src/express.ts
17
+ var express_exports = {};
18
+ module.exports = __toCommonJS(express_exports);
19
+ //# sourceMappingURL=express.cjs.map
package/dist/express.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/express.ts"],"sourcesContent":["// packages/sdk/src/express.ts\nimport type {AuthContext} from \"./auth/types\";\n\ndeclare global {\n namespace Express {\n interface Request {\n auth?: AuthContext;\n }\n }\n}\n\nexport {};\n"],"mappings":";;;;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
package/dist/express.d.cts ADDED
@@ -0,0 +1,10 @@
1
+ import { A as AuthContext } from './types-CRECQuHp.cjs';
2
+ import 'express';
3
+
4
+ declare global {
5
+ namespace Express {
6
+ interface Request {
7
+ auth?: AuthContext;
8
+ }
9
+ }
10
+ }
package/dist/express.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ import { A as AuthContext } from './types-CRECQuHp.js';
2
+ import 'express';
3
+
4
+ declare global {
5
+ namespace Express {
6
+ interface Request {
7
+ auth?: AuthContext;
8
+ }
9
+ }
10
+ }
package/dist/express.js ADDED
@@ -0,0 +1 @@
1
+ //# sourceMappingURL=express.js.map
package/dist/headers/index.js CHANGED
@@ -7,7 +7,6 @@ import {
7
7
  HEADER_REQUEST_ID,
8
8
  getRequestContextFromHeaders
9
9
  } from "../chunk-65HACONF.js";
10
- import "../chunk-PZ5AY32C.js";
11
10
  export {
12
11
  HEADER_AUTHORIZATION,
13
12
  HEADER_BRANCH_UID,
package/dist/index.cjs CHANGED
@@ -38,23 +38,18 @@ __export(src_exports, {
38
38
  HEADER_REQUEST_ID: () => HEADER_REQUEST_ID,
39
39
  InternalHttp: () => InternalHttp,
40
40
  REQUEST_ID_HEADER: () => REQUEST_ID_HEADER,
41
+ REQUEST_ID_HEADER_ALT: () => REQUEST_ID_HEADER_ALT,
42
+ RESPONSE_REQUEST_ID_HEADER: () => RESPONSE_REQUEST_ID_HEADER,
41
43
  TwoLevelCache: () => TwoLevelCache,
42
44
  UpstreamError: () => UpstreamError,
43
- auth: () => auth_exports,
44
45
  closeCache: () => closeCache,
45
46
  createAuthMiddleware: () => createAuthMiddleware,
46
47
  createHttpClient: () => createHttpClient,
47
48
  getOrSet: () => getOrSet,
48
49
  getRequestContextFromHeaders: () => getRequestContextFromHeaders,
49
50
  getTwoLevelCache: () => getTwoLevelCache,
50
- internalAuth: () => internalAuth,
51
51
  mapAxiosToUpstreamError: () => mapAxiosToUpstreamError,
52
- parseHeaders: () => parseHeaders,
53
52
  readRs256PublicKey: () => readRs256PublicKey,
54
- requestId: () => requestId,
55
- requireAuthContext: () => requireAuthContext,
56
- requirePermissions: () => requirePermissions,
57
- requireRoles: () => requireRoles,
58
53
  sendError: () => sendError,
59
54
  sendOk: () => sendOk,
60
55
  verifyBackendJwtRS256: () => verifyBackendJwtRS256,
@@ -384,17 +379,23 @@ function mapAxiosToUpstreamError(err, svc) {
384
379
 
385
380
  // src/core/http.ts
386
381
  var import_axios = __toESM(require("axios"), 1);
382
+
383
+ // src/middlewares/requestId.ts
387
384
  var REQUEST_ID_HEADER = "x-request-id";
388
- function withRequestId(headers, requestId2) {
385
+ var REQUEST_ID_HEADER_ALT = "x-requestid";
386
+ var RESPONSE_REQUEST_ID_HEADER = "X-Request-Id";
387
+
388
+ // src/core/http.ts
389
+ function withRequestId(headers, requestId) {
389
390
  const h = headers && typeof headers === "object" ? { ...headers } : {};
390
- const rid = (requestId2 || "").trim();
391
+ const rid = (requestId || "").trim();
391
392
  if (rid) h[REQUEST_ID_HEADER] = rid;
392
393
  return h;
393
394
  }
394
- function withRequestIdConfig(config = {}, requestId2) {
395
+ function withRequestIdConfig(config = {}, requestId) {
395
396
  return {
396
397
  ...config,
397
- headers: withRequestId(config.headers, requestId2)
398
+ headers: withRequestId(config.headers, requestId)
398
399
  };
399
400
  }
400
401
  function createHttpClient(opts) {
@@ -532,35 +533,6 @@ function getRequestContextFromHeaders(headers) {
532
533
  };
533
534
  }
534
535
 
535
- // src/middlewares/requestId.ts
536
- var import_crypto = require("crypto");
537
- var REQUEST_ID_HEADER2 = "x-request-id";
538
- var REQUEST_ID_HEADER_ALT = "x-requestid";
539
- var RESPONSE_REQUEST_ID_HEADER = "X-Request-Id";
540
- function requestId(req, res, next) {
541
- const headerId = req.headers[REQUEST_ID_HEADER2] || req.headers[REQUEST_ID_HEADER_ALT];
542
- const id = headerId?.trim() || (0, import_crypto.randomUUID)();
543
- req.requestId = id;
544
- res.locals.requestId = id;
545
- res.setHeader(RESPONSE_REQUEST_ID_HEADER, id);
546
- next();
547
- }
548
-
549
- // src/middlewares/parseHeaders.ts
550
- function parseHeaders(req, _res, next) {
551
- const context = getRequestContextFromHeaders(req.headers);
552
- req.context = context;
553
- const auth = req.auth ?? (req.auth = {});
554
- if (context.company_uid) auth.company_uid = context.company_uid;
555
- if (context.branch_uid) auth.branch_uid = context.branch_uid;
556
- if (context.employee_uid) auth.employee_uid = context.employee_uid;
557
- next();
558
- }
559
-
560
- // src/middlewares/internalAuth.ts
561
- var import_fs = __toESM(require("fs"), 1);
562
- var import_crypto2 = __toESM(require("crypto"), 1);
563
-
564
536
  // src/middlewares/respond.ts
565
537
  function sendOk(_req, res, data, statusCode = 200) {
566
538
  return res.status(statusCode).json({ ok: true, data, requestId: res.locals?.requestId ?? null });
@@ -573,113 +545,13 @@ function sendError(_req, res, statusCode, code, message, details) {
573
545
  });
574
546
  }
575
547
 
576
- // src/middlewares/internalAuth.ts
577
- function readSecretFile(path) {
578
- if (!path) return null;
579
- try {
580
- const v = import_fs.default.readFileSync(path, "utf8").trim();
581
- return v.length ? v : null;
582
- } catch {
583
- return null;
584
- }
585
- }
586
- function splitKeys(v) {
587
- if (!v) return [];
588
- return v.split(",").map((s) => s.trim()).filter(Boolean);
589
- }
590
- function getExpectedKeys() {
591
- const fileKey = readSecretFile(process.env.INTERNAL_API_KEY_FILE);
592
- const envKey = (process.env.INTERNAL_API_KEY || "").trim();
593
- const raw = fileKey || envKey;
594
- return splitKeys(raw);
595
- }
596
- function extractToken(req) {
597
- const apiKey = (req.header(HEADER_INTERNAL_API_KEY) || "").trim();
598
- return apiKey || null;
599
- }
600
- function safeEquals(a, b) {
601
- const aa = Buffer.from(a);
602
- const bb = Buffer.from(b);
603
- if (aa.length !== bb.length) return false;
604
- return import_crypto2.default.timingSafeEqual(aa, bb);
605
- }
606
- function internalAuth(req, res, next) {
607
- const token = extractToken(req);
608
- if (!token) {
609
- return sendError(req, res, 401, "UNAUTHORIZED", `Missing internal api key (${HEADER_INTERNAL_API_KEY})`);
610
- }
611
- const expectedKeys = getExpectedKeys();
612
- if (expectedKeys.length === 0) {
613
- return sendError(
614
- req,
615
- res,
616
- 500,
617
- "MISCONFIGURED_INTERNAL_AUTH",
618
- "Internal api key not configured (INTERNAL_API_KEY or INTERNAL_API_KEY_FILE)"
619
- );
620
- }
621
- const ok = expectedKeys.some((k) => safeEquals(token, k));
622
- if (!ok) {
623
- return sendError(req, res, 403, "FORBIDDEN", "Invalid internal api key");
624
- }
625
- return next();
626
- }
627
-
628
- // src/middlewares/autorization.ts
629
- function getAuth(req) {
630
- return req.auth ?? {};
631
- }
632
- function requireAuthContext() {
633
- return (req, res, next) => {
634
- if (!req.auth) {
635
- return sendError(req, res, 401, "UNAUTHORIZED", "Missing auth context");
636
- }
637
- return next();
638
- };
639
- }
640
- function requirePermissions(...perms) {
641
- return (req, res, next) => {
642
- const auth = getAuth(req);
643
- const allow = new Set(auth.permissions ?? []);
644
- const deny = new Set(auth.denied_permissions ?? []);
645
- for (const p of perms) {
646
- if (deny.has(p)) {
647
- return sendError(req, res, 403, "FORBIDDEN", `Denied: ${p}`);
648
- }
649
- }
650
- const missing = perms.filter((p) => !allow.has(p));
651
- if (missing.length) {
652
- return sendError(req, res, 403, "FORBIDDEN", "Missing permissions", { missing });
653
- }
654
- return next();
655
- };
656
- }
657
- function requireRoles(...roles) {
658
- return (req, res, next) => {
659
- const auth = getAuth(req);
660
- const have = new Set(auth.roles ?? []);
661
- if (!roles.some((r) => have.has(r))) {
662
- return sendError(req, res, 403, "FORBIDDEN", "Role not allowed", { required: roles });
663
- }
664
- return next();
665
- };
666
- }
667
-
668
- // src/auth/index.ts
669
- var auth_exports = {};
670
- __export(auth_exports, {
671
- createAuthMiddleware: () => createAuthMiddleware,
672
- readRs256PublicKey: () => readRs256PublicKey,
673
- verifyBackendJwtRS256: () => verifyBackendJwtRS256
674
- });
675
-
676
548
  // src/auth/jwt.ts
677
- var import_fs2 = __toESM(require("fs"), 1);
549
+ var import_fs = __toESM(require("fs"), 1);
678
550
  var import_jsonwebtoken = __toESM(require("jsonwebtoken"), 1);
679
551
  function readFileIfExists(path) {
680
552
  if (!path) return null;
681
553
  try {
682
- const v = import_fs2.default.readFileSync(path, "utf8").trim();
554
+ const v = import_fs.default.readFileSync(path, "utf8").trim();
683
555
  return v.length ? v : null;
684
556
  } catch {
685
557
  return null;
@@ -769,7 +641,7 @@ function createAuthMiddleware(opts) {
769
641
  }
770
642
  req.auth = baseCtx;
771
643
  return next();
772
- } catch (errJwt) {
644
+ } catch {
773
645
  if (!allowFirebaseIdToken) {
774
646
  return res.status(401).json({
775
647
  ok: false,
@@ -819,23 +691,18 @@ function createAuthMiddleware(opts) {
819
691
  HEADER_REQUEST_ID,
820
692
  InternalHttp,
821
693
  REQUEST_ID_HEADER,
694
+ REQUEST_ID_HEADER_ALT,
695
+ RESPONSE_REQUEST_ID_HEADER,
822
696
  TwoLevelCache,
823
697
  UpstreamError,
824
- auth,
825
698
  closeCache,
826
699
  createAuthMiddleware,
827
700
  createHttpClient,
828
701
  getOrSet,
829
702
  getRequestContextFromHeaders,
830
703
  getTwoLevelCache,
831
- internalAuth,
832
704
  mapAxiosToUpstreamError,
833
- parseHeaders,
834
705
  readRs256PublicKey,
835
- requestId,
836
- requireAuthContext,
837
- requirePermissions,
838
- requireRoles,
839
706
  sendError,
840
707
  sendOk,
841
708
  verifyBackendJwtRS256,