@insforge/sdk 1.1.2-edge.0 → 1.1.2-edge.1

package/dist/index.d.mts

@@ -166,19 +166,11 @@ declare class TokenManager {
 declare class Auth {
     private http;
     private tokenManager;
-    /**
-     * Promise that resolves when OAuth callback handling is complete.
-     * Resolves immediately if no OAuth callback is detected in the URL.
-     */
-    private authCallbackHandled;
     constructor(http: HttpClient, tokenManager: TokenManager);
     /**
      * Automatically detect and handle OAuth callback parameters in the URL
      * This runs after initialization to seamlessly complete the OAuth flow
-     *
-     * Supports two flows:
-     * - PKCE flow (new): Backend returns `insforge_code` param, exchanged for tokens
-     * - Legacy flow: Backend returns tokens directly in URL (backward compatible)
+     * Matches the backend's OAuth callback response (backend/src/api/routes/auth.ts:540-544)
      */
     private detectAuthCallback;
     /**
@@ -197,7 +189,6 @@ declare class Auth {
     }>;
     /**
      * Sign in with OAuth provider
-     * Uses PKCE (Proof Key for Code Exchange) for enhanced security
      */
     signInWithOAuth(options: {
         provider: OAuthProvidersSchema;
@@ -207,45 +198,9 @@ declare class Auth {
         data: {
             url?: string;
             provider?: string;
-            codeVerifier?: string;
         };
         error: InsForgeError | null;
     }>;
-    /**
-     * Exchange OAuth authorization code for tokens (PKCE flow)
-     *
-     * After OAuth callback redirects with an `insforge_code` parameter, call this method
-     * to exchange it for access tokens. The code verifier is automatically
-     * retrieved from sessionStorage if available.
-     *
-     * Note: This is called automatically by the SDK on initialization. You typically
-     * don't need to call this directly unless using `skipBrowserRedirect: true`.
-     *
-     * @param code - The authorization code from OAuth callback URL
-     * @param codeVerifier - Optional code verifier (auto-retrieved from sessionStorage if not provided)
-     * @returns Session data with access token and user info
-     *
-     * @example
-     * ```ts
-     * // Automatic verifier retrieval (recommended for browser)
-     * const params = new URLSearchParams(window.location.search);
-     * const code = params.get('insforge_code');
-     * if (code) {
-     *   const { data, error } = await insforge.auth.exchangeOAuthCode(code);
-     * }
-     *
-     * // Manual verifier (for custom flows)
-     * const { data, error } = await insforge.auth.exchangeOAuthCode(code, codeVerifier);
-     * ```
-     */
-    exchangeOAuthCode(code: string, codeVerifier?: string): Promise<{
-        data: {
-            accessToken: string;
-            user: UserSchema;
-            redirectTo?: string;
-        } | null;
-        error: InsForgeError | null;
-    }>;
     /**
      * Sign out the current user
      */
@@ -283,7 +238,6 @@ declare class Auth {
     /**
      * Get the current session (only session data, no API call)
      * Returns the stored JWT token and basic user info from local storage
-     * Automatically waits for any pending OAuth callback to complete first
      */
     getCurrentSession(): Promise<{
         data: {
@@ -579,16 +533,46 @@ declare class ChatCompletions {
      * });
      * console.log(completion.choices[0].message.content);
      *
-     * // With images
+     * // With images (OpenAI-compatible format)
      * const response = await client.ai.chat.completions.create({
      *   model: 'gpt-4-vision',
      *   messages: [{
      *     role: 'user',
-     *     content: 'What is in this image?',
-     *     images: [{ url: 'https://example.com/image.jpg' }]
+     *     content: [
+     *       { type: 'text', text: 'What is in this image?' },
+     *       { type: 'image_url', image_url: { url: 'https://example.com/image.jpg' } }
+     *     ]
      *   }]
      * });
      *
+     * // With PDF files
+     * const pdfResponse = await client.ai.chat.completions.create({
+     *   model: 'anthropic/claude-3.5-sonnet',
+     *   messages: [{
+     *     role: 'user',
+     *     content: [
+     *       { type: 'text', text: 'Summarize this document' },
+     *       { type: 'file', file: { filename: 'doc.pdf', file_data: 'https://example.com/doc.pdf' } }
+     *     ]
+     *   }],
+     *   fileParser: { enabled: true, pdf: { engine: 'mistral-ocr' } }
+     * });
+     *
+     * // With web search
+     * const searchResponse = await client.ai.chat.completions.create({
+     *   model: 'openai/gpt-4',
+     *   messages: [{ role: 'user', content: 'What are the latest news about AI?' }],
+     *   webSearch: { enabled: true, maxResults: 5 }
+     * });
+     * // Access citations from response.choices[0].message.annotations
+     *
+     * // With thinking/reasoning mode (Anthropic models)
+     * const thinkingResponse = await client.ai.chat.completions.create({
+     *   model: 'anthropic/claude-3.5-sonnet',
+     *   messages: [{ role: 'user', content: 'Solve this complex math problem...' }],
+     *   thinking: true
+     * });
+     *
      * // Streaming - returns async iterable
      * const stream = await client.ai.chat.completions.create({
      *   model: 'gpt-4',

package/dist/index.d.ts

@@ -166,19 +166,11 @@ declare class TokenManager {
 declare class Auth {
     private http;
     private tokenManager;
-    /**
-     * Promise that resolves when OAuth callback handling is complete.
-     * Resolves immediately if no OAuth callback is detected in the URL.
-     */
-    private authCallbackHandled;
     constructor(http: HttpClient, tokenManager: TokenManager);
     /**
      * Automatically detect and handle OAuth callback parameters in the URL
      * This runs after initialization to seamlessly complete the OAuth flow
-     *
-     * Supports two flows:
-     * - PKCE flow (new): Backend returns `insforge_code` param, exchanged for tokens
-     * - Legacy flow: Backend returns tokens directly in URL (backward compatible)
+     * Matches the backend's OAuth callback response (backend/src/api/routes/auth.ts:540-544)
      */
     private detectAuthCallback;
     /**
@@ -197,7 +189,6 @@ declare class Auth {
     }>;
     /**
      * Sign in with OAuth provider
-     * Uses PKCE (Proof Key for Code Exchange) for enhanced security
      */
     signInWithOAuth(options: {
         provider: OAuthProvidersSchema;
@@ -207,45 +198,9 @@ declare class Auth {
         data: {
             url?: string;
             provider?: string;
-            codeVerifier?: string;
         };
         error: InsForgeError | null;
     }>;
-    /**
-     * Exchange OAuth authorization code for tokens (PKCE flow)
-     *
-     * After OAuth callback redirects with an `insforge_code` parameter, call this method
-     * to exchange it for access tokens. The code verifier is automatically
-     * retrieved from sessionStorage if available.
-     *
-     * Note: This is called automatically by the SDK on initialization. You typically
-     * don't need to call this directly unless using `skipBrowserRedirect: true`.
-     *
-     * @param code - The authorization code from OAuth callback URL
-     * @param codeVerifier - Optional code verifier (auto-retrieved from sessionStorage if not provided)
-     * @returns Session data with access token and user info
-     *
-     * @example
-     * ```ts
-     * // Automatic verifier retrieval (recommended for browser)
-     * const params = new URLSearchParams(window.location.search);
-     * const code = params.get('insforge_code');
-     * if (code) {
-     *   const { data, error } = await insforge.auth.exchangeOAuthCode(code);
-     * }
-     *
-     * // Manual verifier (for custom flows)
-     * const { data, error } = await insforge.auth.exchangeOAuthCode(code, codeVerifier);
-     * ```
-     */
-    exchangeOAuthCode(code: string, codeVerifier?: string): Promise<{
-        data: {
-            accessToken: string;
-            user: UserSchema;
-            redirectTo?: string;
-        } | null;
-        error: InsForgeError | null;
-    }>;
     /**
      * Sign out the current user
      */
@@ -283,7 +238,6 @@ declare class Auth {
     /**
      * Get the current session (only session data, no API call)
      * Returns the stored JWT token and basic user info from local storage
-     * Automatically waits for any pending OAuth callback to complete first
      */
     getCurrentSession(): Promise<{
         data: {
@@ -579,16 +533,46 @@ declare class ChatCompletions {
      * });
      * console.log(completion.choices[0].message.content);
      *
-     * // With images
+     * // With images (OpenAI-compatible format)
      * const response = await client.ai.chat.completions.create({
      *   model: 'gpt-4-vision',
      *   messages: [{
      *     role: 'user',
-     *     content: 'What is in this image?',
-     *     images: [{ url: 'https://example.com/image.jpg' }]
+     *     content: [
+     *       { type: 'text', text: 'What is in this image?' },
+     *       { type: 'image_url', image_url: { url: 'https://example.com/image.jpg' } }
+     *     ]
      *   }]
      * });
      *
+     * // With PDF files
+     * const pdfResponse = await client.ai.chat.completions.create({
+     *   model: 'anthropic/claude-3.5-sonnet',
+     *   messages: [{
+     *     role: 'user',
+     *     content: [
+     *       { type: 'text', text: 'Summarize this document' },
+     *       { type: 'file', file: { filename: 'doc.pdf', file_data: 'https://example.com/doc.pdf' } }
+     *     ]
+     *   }],
+     *   fileParser: { enabled: true, pdf: { engine: 'mistral-ocr' } }
+     * });
+     *
+     * // With web search
+     * const searchResponse = await client.ai.chat.completions.create({
+     *   model: 'openai/gpt-4',
+     *   messages: [{ role: 'user', content: 'What are the latest news about AI?' }],
+     *   webSearch: { enabled: true, maxResults: 5 }
+     * });
+     * // Access citations from response.choices[0].message.annotations
+     *
+     * // With thinking/reasoning mode (Anthropic models)
+     * const thinkingResponse = await client.ai.chat.completions.create({
+     *   model: 'anthropic/claude-3.5-sonnet',
+     *   messages: [{ role: 'user', content: 'Solve this complex math problem...' }],
+     *   thinking: true
+     * });
+     *
      * // Streaming - returns async iterable
      * const stream = await client.ai.chat.completions.create({
      *   model: 'gpt-4',

package/dist/index.js

@@ -357,74 +357,21 @@ function isHostedAuthEnvironment() {
   }
   return false;
 }
-var PKCE_VERIFIER_KEY = "insforge_pkce_verifier";
-function generateCodeVerifier() {
-  const array = new Uint8Array(32);
-  crypto.getRandomValues(array);
-  return base64UrlEncode(array);
-}
-async function generateCodeChallenge(verifier) {
-  const encoder = new TextEncoder();
-  const data = encoder.encode(verifier);
-  const hash = await crypto.subtle.digest("SHA-256", data);
-  return base64UrlEncode(new Uint8Array(hash));
-}
-function base64UrlEncode(buffer) {
-  const base64 = btoa(String.fromCharCode(...buffer));
-  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-function storePkceVerifier(verifier) {
-  if (typeof sessionStorage !== "undefined") {
-    sessionStorage.setItem(PKCE_VERIFIER_KEY, verifier);
-  }
-}
-function retrievePkceVerifier() {
-  if (typeof sessionStorage === "undefined") {
-    return null;
-  }
-  const verifier = sessionStorage.getItem(PKCE_VERIFIER_KEY);
-  if (verifier) {
-    sessionStorage.removeItem(PKCE_VERIFIER_KEY);
-  }
-  return verifier;
-}
 var Auth = class {
   constructor(http, tokenManager) {
     this.http = http;
     this.tokenManager = tokenManager;
-    this.authCallbackHandled = this.detectAuthCallback();
+    this.detectAuthCallback();
   }
   /**
    * Automatically detect and handle OAuth callback parameters in the URL
    * This runs after initialization to seamlessly complete the OAuth flow
-   *
-   * Supports two flows:
-   * - PKCE flow (new): Backend returns `insforge_code` param, exchanged for tokens
-   * - Legacy flow: Backend returns tokens directly in URL (backward compatible)
+   * Matches the backend's OAuth callback response (backend/src/api/routes/auth.ts:540-544)
    */
-  async detectAuthCallback() {
+  detectAuthCallback() {
     if (typeof window === "undefined") return;
     try {
       const params = new URLSearchParams(window.location.search);
-      const error = params.get("error");
-      if (error) {
-        const url = new URL(window.location.href);
-        url.searchParams.delete("error");
-        window.history.replaceState({}, document.title, url.toString());
-        console.debug("OAuth callback error:", error);
-        return;
-      }
-      const code = params.get("insforge_code");
-      if (code) {
-        const url = new URL(window.location.href);
-        url.searchParams.delete("insforge_code");
-        window.history.replaceState({}, document.title, url.toString());
-        const { error: exchangeError } = await this.exchangeOAuthCode(code);
-        if (exchangeError) {
-          console.debug("OAuth code exchange failed:", exchangeError.message);
-        }
-        return;
-      }
       const accessToken = params.get("access_token");
       const userId = params.get("user_id");
       const email = params.get("email");
@@ -442,6 +389,8 @@ var Auth = class {
             email,
             profile: { name: name || "" },
             metadata: null,
+            // These fields are not provided by backend OAuth callback
+            // They'll be populated when calling getCurrentUser()
             emailVerified: false,
             createdAt: (/* @__PURE__ */ new Date()).toISOString(),
             updatedAt: (/* @__PURE__ */ new Date()).toISOString()
@@ -455,6 +404,9 @@ var Auth = class {
         url.searchParams.delete("email");
         url.searchParams.delete("name");
         url.searchParams.delete("csrf_token");
+        if (params.has("error")) {
+          url.searchParams.delete("error");
+        }
         window.history.replaceState({}, document.title, url.toString());
       }
     } catch (error) {
@@ -535,20 +487,11 @@ var Auth = class {
   }
   /**
    * Sign in with OAuth provider
-   * Uses PKCE (Proof Key for Code Exchange) for enhanced security
    */
   async signInWithOAuth(options) {
     try {
       const { provider, redirectTo, skipBrowserRedirect } = options;
-      const codeVerifier = generateCodeVerifier();
-      const codeChallenge = await generateCodeChallenge(codeVerifier);
-      storePkceVerifier(codeVerifier);
-      const params = {
-        code_challenge: codeChallenge
-      };
-      if (redirectTo) {
-        params.redirect_uri = redirectTo;
-      }
+      const params = redirectTo ? { redirect_uri: redirectTo } : void 0;
       const endpoint = `/api/auth/oauth/${provider}`;
       const response = await this.http.get(endpoint, { params });
       if (typeof window !== "undefined" && !skipBrowserRedirect) {
@@ -558,9 +501,7 @@ var Auth = class {
       return {
         data: {
           url: response.authUrl,
-          provider,
-          codeVerifier
-          // Return verifier for manual flow (skipBrowserRedirect)
+          provider
         },
         error: null
       };
@@ -578,85 +519,6 @@ var Auth = class {
       };
     }
   }
-  /**
-   * Exchange OAuth authorization code for tokens (PKCE flow)
-   *
-   * After OAuth callback redirects with an `insforge_code` parameter, call this method
-   * to exchange it for access tokens. The code verifier is automatically
-   * retrieved from sessionStorage if available.
-   *
-   * Note: This is called automatically by the SDK on initialization. You typically
-   * don't need to call this directly unless using `skipBrowserRedirect: true`.
-   *
-   * @param code - The authorization code from OAuth callback URL
-   * @param codeVerifier - Optional code verifier (auto-retrieved from sessionStorage if not provided)
-   * @returns Session data with access token and user info
-   *
-   * @example
-   * ```ts
-   * // Automatic verifier retrieval (recommended for browser)
-   * const params = new URLSearchParams(window.location.search);
-   * const code = params.get('insforge_code');
-   * if (code) {
-   *   const { data, error } = await insforge.auth.exchangeOAuthCode(code);
-   * }
-   *
-   * // Manual verifier (for custom flows)
-   * const { data, error } = await insforge.auth.exchangeOAuthCode(code, codeVerifier);
-   * ```
-   */
-  async exchangeOAuthCode(code, codeVerifier) {
-    try {
-      const verifier = codeVerifier ?? retrievePkceVerifier();
-      if (!verifier) {
-        return {
-          data: null,
-          error: new InsForgeError(
-            "PKCE code verifier not found. Ensure signInWithOAuth was called in the same browser session.",
-            400,
-            "PKCE_VERIFIER_MISSING"
-          )
-        };
-      }
-      const request = {
-        code,
-        code_verifier: verifier
-      };
-      const response = await this.http.post("/api/auth/oauth/exchange", request, { credentials: "include" });
-      if (!isHostedAuthEnvironment()) {
-        const session = {
-          accessToken: response.accessToken,
-          user: response.user
-        };
-        if (response.csrfToken) {
-          this.tokenManager.setMemoryMode();
-          setCsrfToken(response.csrfToken);
-        }
-        this.tokenManager.saveSession(session);
-        this.http.setAuthToken(response.accessToken);
-      }
-      return {
-        data: {
-          accessToken: response.accessToken,
-          user: response.user,
-          redirectTo: response.redirectTo
-        },
-        error: null
-      };
-    } catch (error) {
-      if (error instanceof InsForgeError) {
-        return { data: null, error };
-      }
-      return {
-        data: null,
-        error: new InsForgeError(
-          "An unexpected error occurred during OAuth code exchange",
-          500,
-          "UNEXPECTED_ERROR"
-        )
-      };
-    }
-  }
   /**
    * Sign out the current user
    */
@@ -745,10 +607,8 @@ var Auth = class {
   /**
    * Get the current session (only session data, no API call)
    * Returns the stored JWT token and basic user info from local storage
-   * Automatically waits for any pending OAuth callback to complete first
    */
   async getCurrentSession() {
-    await this.authCallbackHandled;
     if (isHostedAuthEnvironment()) {
       return { data: { session: null }, error: null };
     }
@@ -757,9 +617,17 @@ var Auth = class {
       if (session) {
         this.http.setAuthToken(session.accessToken);
         if (!session.user) {
-          const authResponse = await this.http.get("/api/auth/sessions/current", { credentials: "include" });
-          session.user = authResponse.user;
-          this.tokenManager.setUser(session.user);
+          try {
+            const authResponse = await this.http.get(
+              "/api/auth/sessions/current",
+              { credentials: "include" }
+            );
+            if (authResponse.user) {
+              session.user = authResponse.user;
+              this.tokenManager.setUser(authResponse.user);
+            }
+          } catch {
+          }
         }
         return { data: { session }, error: null };
       }
@@ -1441,16 +1309,46 @@ var ChatCompletions = class {
    * });
    * console.log(completion.choices[0].message.content);
    *
-   * // With images
+   * // With images (OpenAI-compatible format)
    * const response = await client.ai.chat.completions.create({
    *   model: 'gpt-4-vision',
    *   messages: [{
    *     role: 'user',
-   *     content: 'What is in this image?',
-   *     images: [{ url: 'https://example.com/image.jpg' }]
+   *     content: [
+   *       { type: 'text', text: 'What is in this image?' },
+   *       { type: 'image_url', image_url: { url: 'https://example.com/image.jpg' } }
+   *     ]
    *   }]
    * });
    *
+   * // With PDF files
+   * const pdfResponse = await client.ai.chat.completions.create({
+   *   model: 'anthropic/claude-3.5-sonnet',
+   *   messages: [{
+   *     role: 'user',
+   *     content: [
+   *       { type: 'text', text: 'Summarize this document' },
+   *       { type: 'file', file: { filename: 'doc.pdf', file_data: 'https://example.com/doc.pdf' } }
+   *     ]
+   *   }],
+   *   fileParser: { enabled: true, pdf: { engine: 'mistral-ocr' } }
+   * });
+   *
+   * // With web search
+   * const searchResponse = await client.ai.chat.completions.create({
+   *   model: 'openai/gpt-4',
+   *   messages: [{ role: 'user', content: 'What are the latest news about AI?' }],
+   *   webSearch: { enabled: true, maxResults: 5 }
+   * });
+   * // Access citations from response.choices[0].message.annotations
+   *
+   * // With thinking/reasoning mode (Anthropic models)
+   * const thinkingResponse = await client.ai.chat.completions.create({
+   *   model: 'anthropic/claude-3.5-sonnet',
+   *   messages: [{ role: 'user', content: 'Solve this complex math problem...' }],
+   *   thinking: true
+   * });
+   *
    * // Streaming - returns async iterable
    * const stream = await client.ai.chat.completions.create({
    *   model: 'gpt-4',
@@ -1472,7 +1370,11 @@ var ChatCompletions = class {
       temperature: params.temperature,
       maxTokens: params.maxTokens,
       topP: params.topP,
-      stream: params.stream
+      stream: params.stream,
+      // New plugin options
+      webSearch: params.webSearch,
+      fileParser: params.fileParser,
+      thinking: params.thinking
     };
     if (params.stream) {
       const headers = this.http.getHeaders();
@@ -1506,7 +1408,9 @@ var ChatCompletions = class {
           index: 0,
           message: {
             role: "assistant",
-            content
+            content,
+            // Include annotations if present (from web search or file parsing)
+            ...response.annotations && { annotations: response.annotations }
           },
           finish_reason: "stop"
         }