@iqauth/sdk 2.6.4 → 2.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +173 -1
  2. package/dist/browser-session.d.mts +4 -4
  3. package/dist/browser-session.d.ts +4 -4
  4. package/dist/browser-session.js +212 -46
  5. package/dist/browser-session.mjs +3 -3
  6. package/dist/browser.d.mts +5 -5
  7. package/dist/browser.d.ts +5 -5
  8. package/dist/browser.js +293 -34
  9. package/dist/browser.mjs +5 -5
  10. package/dist/{chunk-BVV54LPI.mjs → chunk-25SSYDIP.mjs} +10 -4
  11. package/dist/{chunk-XAWYUPMO.mjs → chunk-4V7FKOTG.mjs} +242 -22
  12. package/dist/{chunk-6I6RM4MN.mjs → chunk-6PJRLRB4.mjs} +33 -3
  13. package/dist/{chunk-SL3KRS4W.mjs → chunk-CIJORODR.mjs} +23 -1
  14. package/dist/{chunk-LIZYFXH7.mjs → chunk-DFWHSDYQ.mjs} +1 -1
  15. package/dist/chunk-GLXSIGVS.mjs +66 -0
  16. package/dist/{chunk-DJIBN2N7.mjs → chunk-GN37E64I.mjs} +29 -7
  17. package/dist/{chunk-WQWBJSSS.mjs → chunk-HVHNYPDC.mjs} +6 -6
  18. package/dist/chunk-JRDVUWAL.mjs +46 -0
  19. package/dist/{chunk-UNYDG2L4.mjs → chunk-NUO2I65G.mjs} +56 -23
  20. package/dist/{chunk-5T7GHBX6.mjs → chunk-TLET552H.mjs} +36 -0
  21. package/dist/chunk-VYQ3ETCK.mjs +244 -0
  22. package/dist/{chunk-3JULWS6F.mjs → chunk-WCELYTJ3.mjs} +3 -3
  23. package/dist/chunk-WHT6WKTY.mjs +3180 -0
  24. package/dist/{chunk-MKKZULZR.mjs → chunk-WIFG74IK.mjs} +1 -1
  25. package/dist/chunk-WSH4SW7F.mjs +490 -0
  26. package/dist/{chunk-W3F4JYGP.mjs → chunk-ZLJPABB7.mjs} +139 -23
  27. package/dist/cli/index.js +2 -2
  28. package/dist/cli/index.mjs +2 -2
  29. package/dist/{client-BNQe3AgF.d.ts → client-D8L-PaWr.d.mts} +59 -6
  30. package/dist/{client-kYlJFgPv.d.mts → client-DkPL0EPZ.d.ts} +59 -6
  31. package/dist/{doctor-YYNHNMLD.mjs → doctor-JAFXWU3X.mjs} +2 -2
  32. package/dist/errors-Jl1Jtm-6.d.mts +107 -0
  33. package/dist/errors-Jl1Jtm-6.d.ts +107 -0
  34. package/dist/{express-CHpfa7D_.d.ts → express-Budysq4h.d.ts} +2 -2
  35. package/dist/{express-B6_1vBYZ.d.mts → express-DDTA3qV1.d.mts} +2 -2
  36. package/dist/express.d.mts +7 -6
  37. package/dist/express.d.ts +7 -6
  38. package/dist/express.js +563 -85
  39. package/dist/express.mjs +73 -34
  40. package/dist/fastify.d.mts +10 -0
  41. package/dist/fastify.d.ts +10 -0
  42. package/dist/fastify.js +589 -65
  43. package/dist/fastify.mjs +101 -11
  44. package/dist/hono.d.mts +10 -0
  45. package/dist/hono.d.ts +10 -0
  46. package/dist/hono.js +566 -65
  47. package/dist/hono.mjs +78 -11
  48. package/dist/index-Cko-d5po.d.mts +1848 -0
  49. package/dist/index-RNqwEcmY.d.ts +1848 -0
  50. package/dist/index.d.mts +56 -8
  51. package/dist/index.d.ts +56 -8
  52. package/dist/index.js +694 -75
  53. package/dist/index.mjs +30 -10
  54. package/dist/{keys-NLWFAOEM.mjs → keys-6Y776TG2.mjs} +2 -2
  55. package/dist/locales.d.mts +1 -1
  56. package/dist/locales.d.ts +1 -1
  57. package/dist/locales.js +36 -0
  58. package/dist/locales.mjs +1 -1
  59. package/dist/mobile.d.mts +77 -7
  60. package/dist/mobile.d.ts +77 -7
  61. package/dist/mobile.js +307 -46
  62. package/dist/mobile.mjs +98 -3
  63. package/dist/next.d.mts +10 -1
  64. package/dist/next.d.ts +10 -1
  65. package/dist/next.js +596 -205
  66. package/dist/next.mjs +83 -10
  67. package/dist/{provisioningBridge-88xjOS2n.d.mts → provisioningBridge-BXPMZCLe.d.ts} +30 -2
  68. package/dist/{provisioningBridge-DnTfzdZK.d.ts → provisioningBridge-IEycmsgb.d.mts} +30 -2
  69. package/dist/{publishableKey-BaR0HoAH.d.ts → publishableKey-f2kq-rKw.d.mts} +1 -1
  70. package/dist/{publishableKey-BaR0HoAH.d.mts → publishableKey-f2kq-rKw.d.ts} +1 -1
  71. package/dist/react-permissions.d.mts +52 -0
  72. package/dist/react-permissions.d.ts +52 -0
  73. package/dist/react-permissions.js +239 -0
  74. package/dist/react-permissions.mjs +98 -0
  75. package/dist/react.d.mts +9 -1624
  76. package/dist/react.d.ts +9 -1624
  77. package/dist/react.js +882 -73
  78. package/dist/react.mjs +71 -2631
  79. package/dist/{reverify-4UEJXUS6.mjs → reverify-C64QXKJO.mjs} +2 -2
  80. package/dist/server/handlers.d.mts +200 -4
  81. package/dist/server/handlers.d.ts +200 -4
  82. package/dist/server/handlers.js +530 -16
  83. package/dist/server/handlers.mjs +14 -3
  84. package/dist/server.d.mts +171 -8
  85. package/dist/server.d.ts +171 -8
  86. package/dist/server.js +579 -61
  87. package/dist/server.mjs +99 -12
  88. package/dist/service.d.mts +4 -4
  89. package/dist/service.d.ts +4 -4
  90. package/dist/service.js +212 -46
  91. package/dist/service.mjs +3 -3
  92. package/dist/{signIn-CiIBTJIh.d.mts → signIn-CReqfXsh.d.mts} +95 -3
  93. package/dist/{signIn-OCr88Zf8.d.ts → signIn-Cfa1GTpO.d.ts} +95 -3
  94. package/dist/{signIn-4OKLDEIH.mjs → signIn-SHBW6Z4T.mjs} +1 -1
  95. package/dist/test.mjs +3 -3
  96. package/dist/{tokens-DCyzzn8L.d.mts → tokens-9F6ETrzk.d.ts} +9 -2
  97. package/dist/{tokens-aHiGFr_E.d.ts → tokens-B06VtvUi.d.mts} +9 -2
  98. package/dist/{types-DZAflmmq.d.mts → types-Bn8O-OEd.d.mts} +164 -11
  99. package/dist/{types-DZAflmmq.d.ts → types-Bn8O-OEd.d.ts} +164 -11
  100. package/dist/{types-6bNdxesb.d.ts → types-DnU2LhXR.d.mts} +7 -1
  101. package/dist/{types-6bNdxesb.d.mts → types-DnU2LhXR.d.ts} +7 -1
  102. package/dist/webhooks.d.mts +113 -17
  103. package/dist/webhooks.d.ts +113 -17
  104. package/dist/webhooks.js +179 -15
  105. package/dist/webhooks.mjs +7 -1
  106. package/dist/ws.d.mts +2 -2
  107. package/dist/ws.d.ts +2 -2
  108. package/dist/ws.js +80 -30
  109. package/dist/ws.mjs +4 -4
  110. package/docs/error-handling.md +101 -0
  111. package/docs/guides/effective-permissions.md +171 -0
  112. package/docs/guides/invitations.md +65 -0
  113. package/package.json +19 -4
  114. package/dist/chunk-6TDJJER7.mjs +0 -217
  115. package/dist/chunk-UKZLOHZG.mjs +0 -83
  116. package/dist/errors-CDdl24MP.d.mts +0 -52
  117. package/dist/errors-CDdl24MP.d.ts +0 -52
package/dist/react-permissions.mjs ADDED
@@ -0,0 +1,98 @@
1
+ import {
2
+ __useIQAuthInternal
3
+ } from "./chunk-WHT6WKTY.mjs";
4
+ import "./chunk-4V7FKOTG.mjs";
5
+ import "./chunk-GN37E64I.mjs";
6
+ import "./chunk-C2ZTBOAC.mjs";
7
+ import "./chunk-JRDVUWAL.mjs";
8
+ import {
9
+ expandPermissions,
10
+ hasPermission
11
+ } from "./chunk-GLXSIGVS.mjs";
12
+ import "./chunk-HVHNYPDC.mjs";
13
+ import "./chunk-TLET552H.mjs";
14
+ import "./chunk-6PJRLRB4.mjs";
15
+ import "./chunk-Y6FXYEAI.mjs";
16
+
17
+ // src/react/permissions.tsx
18
+ import { useCallback, useMemo } from "react";
19
+ import { useQuery } from "@tanstack/react-query";
20
+ var DEFAULT_PERMS_STALE_MS = 5 * 60 * 1e3;
21
+ function projectAllowedScopes(rows) {
22
+ if (!Array.isArray(rows)) return [];
23
+ const allowed = [];
24
+ const denied = /* @__PURE__ */ new Set();
25
+ for (const r of rows) {
26
+ if (!r || typeof r.scope !== "string" || !r.scope) continue;
27
+ if (r.effect === "deny") denied.add(r.scope);
28
+ else allowed.push(r.scope);
29
+ }
30
+ return expandPermissions(allowed.filter((s) => !denied.has(s)));
31
+ }
32
+ function useEffectivePermissions(opts) {
33
+ const { manager, snapshot } = __useIQAuthInternal();
34
+ const { appKey, enabled = true, staleTime = DEFAULT_PERMS_STALE_MS, issuer } = opts;
35
+ const claims = snapshot.claims;
36
+ const isPlatformAdmin = Array.isArray(claims?.roles) && claims.roles.includes("platform_admin");
37
+ const userId = snapshot.user?.sub ?? null;
38
+ const tenantId = snapshot.tenantId ?? claims?.tenantId ?? null;
39
+ const issuerUrl = (issuer ?? manager.issuerUrl).replace(/\/$/, "");
40
+ const queryEnabled = enabled && !!userId && !!tenantId && !!appKey && !isPlatformAdmin;
41
+ const query = useQuery({
42
+ queryKey: ["iqauth", "effective-permissions", issuerUrl, tenantId, userId, appKey],
43
+ queryFn: async () => {
44
+ const url = `${issuerUrl}/api/v1/tenants/${encodeURIComponent(tenantId)}/users/${encodeURIComponent(userId)}/permissions/effective?appKey=${encodeURIComponent(appKey)}`;
45
+ const res = await manager.fetch(url);
46
+ const json = await res.json().catch(() => ({}));
47
+ if (!res.ok) {
48
+ const code = json?.error?.code || `HTTP_${res.status}`;
49
+ const message = json?.error?.message || `HTTP ${res.status}`;
50
+ const e = { code, message };
51
+ throw e;
52
+ }
53
+ const rows = Array.isArray(json) ? json : json?.data ?? [];
54
+ return projectAllowedScopes(rows);
55
+ },
56
+ enabled: queryEnabled,
57
+ staleTime,
58
+ refetchOnWindowFocus: false,
59
+ retry: false
60
+ });
61
+ const refetch = useCallback(async () => {
62
+ if (!queryEnabled) return;
63
+ await query.refetch();
64
+ }, [query, queryEnabled]);
65
+ return useMemo(() => {
66
+ if (isPlatformAdmin) {
67
+ return {
68
+ permissions: ["*"],
69
+ hasPermission: () => true,
70
+ isLoading: false,
71
+ error: null,
72
+ refetch
73
+ };
74
+ }
75
+ const fetched = query.data;
76
+ const perms = fetched ?? expandPermissions(claims?.entitlements ?? []);
77
+ const isLoading = queryEnabled && query.isLoading;
78
+ const error = query.error ? "code" in query.error && typeof query.error.code === "string" ? query.error : { code: "PERMISSIONS_FETCH_FAILED", message: query.error.message || "Failed to fetch permissions" } : null;
79
+ return {
80
+ permissions: perms,
81
+ hasPermission: (id) => hasPermission(perms, id),
82
+ isLoading,
83
+ error,
84
+ refetch
85
+ };
86
+ }, [
87
+ isPlatformAdmin,
88
+ queryEnabled,
89
+ query.data,
90
+ query.isLoading,
91
+ query.error,
92
+ claims?.entitlements,
93
+ refetch
94
+ ]);
95
+ }
96
+ export {
97
+ useEffectivePermissions
98
+ };