@lucern/sdk 0.3.0-alpha.1 → 0.3.0-alpha.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +3 -0
- package/README.md +51 -4
- package/dist/adminClient.d.ts +10 -8
- package/dist/adminClient.js +242 -39
- package/dist/adminClient.js.map +1 -1
- package/dist/answersClient.d.ts +2 -0
- package/dist/answersClient.js +221 -11
- package/dist/answersClient.js.map +1 -1
- package/dist/audience/index.d.ts +2 -1
- package/dist/audience/index.js +1 -3
- package/dist/audience/index.js.map +1 -1
- package/dist/audiencesClient.d.ts +18 -16
- package/dist/audiencesClient.js +297 -90
- package/dist/audiencesClient.js.map +1 -1
- package/dist/auditClient.d.ts +2 -0
- package/dist/auditClient.js +227 -15
- package/dist/auditClient.js.map +1 -1
- package/dist/authContext.d.ts +56 -0
- package/dist/authContext.js +170 -0
- package/dist/authContext.js.map +1 -0
- package/dist/authDeviceClient.d.ts +49 -0
- package/dist/authDeviceClient.js +121 -0
- package/dist/authDeviceClient.js.map +1 -0
- package/dist/beliefs/index.d.ts +25 -5
- package/dist/beliefs/index.js +3286 -1049
- package/dist/beliefs/index.js.map +1 -1
- package/dist/beliefsClient.d.ts +4 -2
- package/dist/beliefsClient.js +230 -26
- package/dist/beliefsClient.js.map +1 -1
- package/dist/boundaryClientSurface.d.ts +20 -0
- package/dist/boundaryClientSurface.js +73 -0
- package/dist/boundaryClientSurface.js.map +1 -0
- package/dist/client.d.ts +2969 -27
- package/dist/client.js +3286 -1049
- package/dist/client.js.map +1 -1
- package/dist/clientHelpers.d.ts +48 -0
- package/dist/clientHelpers.js +137 -0
- package/dist/clientHelpers.js.map +1 -0
- package/dist/contextClient.d.ts +6 -3
- package/dist/contextClient.js +252 -30
- package/dist/contextClient.js.map +1 -1
- package/dist/contextFacade.js +25 -16
- package/dist/contextFacade.js.map +1 -1
- package/dist/contextPackCompiler.js +19 -30
- package/dist/contextPackCompiler.js.map +1 -1
- package/dist/contextPackPolicy.js +7 -17
- package/dist/contextPackPolicy.js.map +1 -1
- package/dist/contextTypes.d.ts +2 -0
- package/dist/contracts/api-enums.contract.d.ts +1 -1
- package/dist/contracts/api-enums.contract.js.map +1 -1
- package/dist/contracts/index.d.ts +1 -0
- package/dist/contracts/index.js +108 -4
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/lens-filter.contract.js +4 -3
- package/dist/contracts/lens-filter.contract.js.map +1 -1
- package/dist/contracts/lens-workflow.contract.js +4 -3
- package/dist/contracts/lens-workflow.contract.js.map +1 -1
- package/dist/contracts/lensFilter.js +4 -3
- package/dist/contracts/lensFilter.js.map +1 -1
- package/dist/contracts/lensWorkflow.js +4 -3
- package/dist/contracts/lensWorkflow.js.map +1 -1
- package/dist/contracts/mcpTools.d.ts +46 -1
- package/dist/contracts/mcpTools.js +102 -0
- package/dist/contracts/mcpTools.js.map +1 -1
- package/dist/contradictions/index.d.ts +24 -4
- package/dist/contradictions/index.js +3286 -1049
- package/dist/contradictions/index.js.map +1 -1
- package/dist/coreClient.d.ts +11 -1
- package/dist/coreClient.js +222 -14
- package/dist/coreClient.js.map +1 -1
- package/dist/decisions/index.d.ts +34 -14
- package/dist/decisions/index.js +3286 -1049
- package/dist/decisions/index.js.map +1 -1
- package/dist/decisionsClient.d.ts +6 -12
- package/dist/decisionsClient.js +235 -37
- package/dist/decisionsClient.js.map +1 -1
- package/dist/edges/index.d.ts +47 -87
- package/dist/edges/index.js +3286 -1049
- package/dist/edges/index.js.map +1 -1
- package/dist/embeddingsClient.d.ts +106 -0
- package/dist/embeddingsClient.js +731 -0
- package/dist/embeddingsClient.js.map +1 -0
- package/dist/eventingClient.d.ts +96 -0
- package/dist/eventingClient.js +728 -0
- package/dist/eventingClient.js.map +1 -0
- package/dist/events.js +6 -3
- package/dist/events.js.map +1 -1
- package/dist/eventsCore.d.ts +3 -1
- package/dist/eventsCore.js +222 -14
- package/dist/eventsCore.js.map +1 -1
- package/dist/evidence/index.d.ts +24 -4
- package/dist/evidence/index.js +3286 -1049
- package/dist/evidence/index.js.map +1 -1
- package/dist/evidenceClient.d.ts +2 -0
- package/dist/evidenceClient.js +222 -14
- package/dist/evidenceClient.js.map +1 -1
- package/dist/facade/context.d.ts +2 -1
- package/dist/facade/context.js +25 -16
- package/dist/facade/context.js.map +1 -1
- package/dist/functionSurface.d.ts +143 -0
- package/dist/functionSurface.js +1204 -0
- package/dist/functionSurface.js.map +1 -0
- package/dist/functionSurfaceClient.d.ts +8 -0
- package/dist/functionSurfaceClient.js +1204 -0
- package/dist/functionSurfaceClient.js.map +1 -0
- package/dist/gatewayFacades.d.ts +63 -46
- package/dist/gatewayFacades.js +461 -128
- package/dist/gatewayFacades.js.map +1 -1
- package/dist/graphAnalysisClient.d.ts +192 -0
- package/dist/graphAnalysisClient.js +799 -0
- package/dist/graphAnalysisClient.js.map +1 -0
- package/dist/graphClient.d.ts +7 -13
- package/dist/graphClient.js +244 -45
- package/dist/graphClient.js.map +1 -1
- package/dist/graphIntel.d.ts +3 -0
- package/dist/graphIntel.js +3 -0
- package/dist/graphIntel.js.map +1 -0
- package/dist/graphIntelligence.d.ts +2 -0
- package/dist/graphIntelligence.js +47 -0
- package/dist/graphIntelligence.js.map +1 -0
- package/dist/graphRecommendationsClient.d.ts +56 -0
- package/dist/graphRecommendationsClient.js +664 -0
- package/dist/graphRecommendationsClient.js.map +1 -0
- package/dist/graphStateClassifierClient.d.ts +73 -0
- package/dist/graphStateClassifierClient.js +716 -0
- package/dist/graphStateClassifierClient.js.map +1 -0
- package/dist/harnessClient.d.ts +15 -24
- package/dist/harnessClient.js +235 -42
- package/dist/harnessClient.js.map +1 -1
- package/dist/identityClient.d.ts +97 -11
- package/dist/identityClient.js +409 -33
- package/dist/identityClient.js.map +1 -1
- package/dist/index.d.ts +28 -5
- package/dist/index.js +3863 -1116
- package/dist/index.js.map +1 -1
- package/dist/infisicalRuntime.d.ts +42 -0
- package/dist/infisicalRuntime.js +314 -0
- package/dist/infisicalRuntime.js.map +1 -0
- package/dist/jobsClient.d.ts +98 -0
- package/dist/jobsClient.js +726 -0
- package/dist/jobsClient.js.map +1 -0
- package/dist/learningClient.d.ts +8 -6
- package/dist/learningClient.js +252 -44
- package/dist/learningClient.js.map +1 -1
- package/dist/lenses/index.d.ts +76 -38
- package/dist/lenses/index.js +3286 -1049
- package/dist/lenses/index.js.map +1 -1
- package/dist/mcpClient.d.ts +28 -0
- package/dist/mcpClient.js +668 -0
- package/dist/mcpClient.js.map +1 -0
- package/dist/modelRuntimeClient.d.ts +72 -0
- package/dist/modelRuntimeClient.js +704 -0
- package/dist/modelRuntimeClient.js.map +1 -0
- package/dist/nodes/index.d.ts +63 -21
- package/dist/nodes/index.js +3286 -1049
- package/dist/nodes/index.js.map +1 -1
- package/dist/ontologies/index.d.ts +53 -32
- package/dist/ontologies/index.js +3286 -1049
- package/dist/ontologies/index.js.map +1 -1
- package/dist/ontologyClient.d.ts +19 -25
- package/dist/ontologyClient.js +258 -40
- package/dist/ontologyClient.js.map +1 -1
- package/dist/ontologyLinksClient.d.ts +71 -0
- package/dist/ontologyLinksClient.js +697 -0
- package/dist/ontologyLinksClient.js.map +1 -0
- package/dist/orgGraphSearchClient.d.ts +85 -0
- package/dist/orgGraphSearchClient.js +672 -0
- package/dist/orgGraphSearchClient.js.map +1 -0
- package/dist/packsClient.d.ts +11 -23
- package/dist/packsClient.js +234 -46
- package/dist/packsClient.js.map +1 -1
- package/dist/policyClient.d.ts +13 -10
- package/dist/policyClient.js +243 -25
- package/dist/policyClient.js.map +1 -1
- package/dist/questions/index.d.ts +24 -4
- package/dist/questions/index.js +3286 -1049
- package/dist/questions/index.js.map +1 -1
- package/dist/realtime/index.d.ts +1 -1
- package/dist/reportsClient.d.ts +9 -7
- package/dist/reportsClient.js +281 -53
- package/dist/reportsClient.js.map +1 -1
- package/dist/schemaClient.d.ts +5 -3
- package/dist/schemaClient.js +235 -29
- package/dist/schemaClient.js.map +1 -1
- package/dist/sdkSurface.d.ts +8 -3
- package/dist/sdkSurface.js +10 -6
- package/dist/sdkSurface.js.map +1 -1
- package/dist/sourcesClient.d.ts +2 -0
- package/dist/sourcesClient.js +222 -14
- package/dist/sourcesClient.js.map +1 -1
- package/dist/telemetryClient.d.ts +94 -0
- package/dist/telemetryClient.js +741 -0
- package/dist/telemetryClient.js.map +1 -0
- package/dist/toolRegistryClient.d.ts +115 -0
- package/dist/toolRegistryClient.js +767 -0
- package/dist/toolRegistryClient.js.map +1 -0
- package/dist/topics/index.d.ts +35 -9
- package/dist/topics/index.js +3288 -1049
- package/dist/topics/index.js.map +1 -1
- package/dist/topicsClient.d.ts +4 -0
- package/dist/topicsClient.js +237 -24
- package/dist/topicsClient.js.map +1 -1
- package/dist/types.d.ts +5 -0
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/dist/version.js.map +1 -1
- package/dist/workflowClient.d.ts +58 -40
- package/dist/workflowClient.js +243 -58
- package/dist/workflowClient.js.map +1 -1
- package/dist/worktrees/index.d.ts +69 -33
- package/dist/worktrees/index.js +3286 -1049
- package/dist/worktrees/index.js.map +1 -1
- package/package.json +12 -3
- package/dist/client-B6aWUUwp.d.ts +0 -2552
package/dist/audiencesClient.js
CHANGED
|
@@ -1,3 +1,170 @@
|
|
|
1
|
+
// src/authContext.ts
|
|
2
|
+
var LucernSdkAuthContextError = class extends Error {
|
|
3
|
+
reason;
|
|
4
|
+
constructor(reason, message) {
|
|
5
|
+
super(message);
|
|
6
|
+
this.name = "LucernSdkAuthContextError";
|
|
7
|
+
this.reason = reason;
|
|
8
|
+
}
|
|
9
|
+
};
|
|
10
|
+
function cleanString(value) {
|
|
11
|
+
const normalized = value?.trim();
|
|
12
|
+
return normalized ? normalized : void 0;
|
|
13
|
+
}
|
|
14
|
+
function cleanStringList(values) {
|
|
15
|
+
if (!values) {
|
|
16
|
+
return [];
|
|
17
|
+
}
|
|
18
|
+
return values.map((value) => value.trim()).filter(
|
|
19
|
+
(value, index, list) => value.length > 0 && list.indexOf(value) === index
|
|
20
|
+
);
|
|
21
|
+
}
|
|
22
|
+
function requireString(value, reason, label) {
|
|
23
|
+
const normalized = cleanString(value);
|
|
24
|
+
if (!normalized) {
|
|
25
|
+
throw new LucernSdkAuthContextError(
|
|
26
|
+
reason,
|
|
27
|
+
`Canonical Lucern SDK auth context is missing ${label}.`
|
|
28
|
+
);
|
|
29
|
+
}
|
|
30
|
+
return normalized;
|
|
31
|
+
}
|
|
32
|
+
function requirePrincipalType(principalType) {
|
|
33
|
+
if (!principalType) {
|
|
34
|
+
throw new LucernSdkAuthContextError(
|
|
35
|
+
"principal_missing",
|
|
36
|
+
"Canonical Lucern SDK auth context is missing principalType."
|
|
37
|
+
);
|
|
38
|
+
}
|
|
39
|
+
return principalType;
|
|
40
|
+
}
|
|
41
|
+
function requireAuthMode(authMode) {
|
|
42
|
+
if (!authMode) {
|
|
43
|
+
throw new LucernSdkAuthContextError(
|
|
44
|
+
"principal_missing",
|
|
45
|
+
"Canonical Lucern SDK auth context is missing authMode."
|
|
46
|
+
);
|
|
47
|
+
}
|
|
48
|
+
return authMode;
|
|
49
|
+
}
|
|
50
|
+
function ensurePermitMatch(args) {
|
|
51
|
+
const actual = cleanString(args.actual);
|
|
52
|
+
if (actual && actual !== args.expected) {
|
|
53
|
+
throw new LucernSdkAuthContextError(
|
|
54
|
+
"policy_denied",
|
|
55
|
+
`Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`
|
|
56
|
+
);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
function normalizeCanonicalLucernAuthContext(input) {
|
|
60
|
+
if (!input) {
|
|
61
|
+
throw new LucernSdkAuthContextError(
|
|
62
|
+
"principal_missing",
|
|
63
|
+
"Canonical Lucern SDK auth context is required."
|
|
64
|
+
);
|
|
65
|
+
}
|
|
66
|
+
if (input.policyDecision === "deny") {
|
|
67
|
+
throw new LucernSdkAuthContextError(
|
|
68
|
+
"policy_denied",
|
|
69
|
+
"Canonical Lucern SDK auth context carries a denied policy decision."
|
|
70
|
+
);
|
|
71
|
+
}
|
|
72
|
+
const principalId = requireString(
|
|
73
|
+
input.principalId,
|
|
74
|
+
"principal_missing",
|
|
75
|
+
"principalId"
|
|
76
|
+
);
|
|
77
|
+
const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
|
|
78
|
+
const workspaceId = requireString(
|
|
79
|
+
input.workspaceId,
|
|
80
|
+
"workspace_missing",
|
|
81
|
+
"workspaceId"
|
|
82
|
+
);
|
|
83
|
+
const roles = cleanStringList(input.roles);
|
|
84
|
+
const scopes = cleanStringList(input.scopes);
|
|
85
|
+
const principalType = requirePrincipalType(input.principalType);
|
|
86
|
+
const authMode = requireAuthMode(input.authMode);
|
|
87
|
+
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
88
|
+
if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
|
|
89
|
+
throw new LucernSdkAuthContextError(
|
|
90
|
+
"membership_missing",
|
|
91
|
+
"Canonical Lucern SDK auth context requires non-empty roles and scopes."
|
|
92
|
+
);
|
|
93
|
+
}
|
|
94
|
+
const subject = cleanString(input.permit?.subject) ?? principalId;
|
|
95
|
+
const tenant = cleanString(input.permit?.tenant) ?? tenantId;
|
|
96
|
+
const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
|
|
97
|
+
ensurePermitMatch({
|
|
98
|
+
field: "subject",
|
|
99
|
+
expected: principalId,
|
|
100
|
+
actual: subject
|
|
101
|
+
});
|
|
102
|
+
ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
|
|
103
|
+
ensurePermitMatch({
|
|
104
|
+
field: "workspace",
|
|
105
|
+
expected: workspaceId,
|
|
106
|
+
actual: workspace
|
|
107
|
+
});
|
|
108
|
+
const context = input.permit?.context ? { ...input.permit.context } : void 0;
|
|
109
|
+
return {
|
|
110
|
+
clerkId: cleanString(input.clerkId),
|
|
111
|
+
principalId,
|
|
112
|
+
tenantId,
|
|
113
|
+
workspaceId,
|
|
114
|
+
principalType,
|
|
115
|
+
authMode,
|
|
116
|
+
roles,
|
|
117
|
+
scopes,
|
|
118
|
+
delegationChain: input.delegationChain ? [...input.delegationChain] : [],
|
|
119
|
+
policyTraceId: cleanString(input.policyTraceId),
|
|
120
|
+
correlationId: cleanString(input.correlationId),
|
|
121
|
+
membershipId: cleanString(input.membershipId),
|
|
122
|
+
permit: {
|
|
123
|
+
subject,
|
|
124
|
+
tenant,
|
|
125
|
+
workspace,
|
|
126
|
+
resource: cleanString(input.permit?.resource),
|
|
127
|
+
action: cleanString(input.permit?.action),
|
|
128
|
+
relation: cleanString(input.permit?.relation),
|
|
129
|
+
context
|
|
130
|
+
}
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
function createCanonicalAuthHeaders(authContext) {
|
|
134
|
+
const headers = {
|
|
135
|
+
"x-lucern-principal-id": authContext.principalId,
|
|
136
|
+
"x-lucern-principal-type": authContext.principalType,
|
|
137
|
+
"x-lucern-tenant": authContext.tenantId,
|
|
138
|
+
"x-lucern-tenant-id": authContext.tenantId,
|
|
139
|
+
"x-lucern-workspace": authContext.workspaceId,
|
|
140
|
+
"x-lucern-workspace-id": authContext.workspaceId,
|
|
141
|
+
"x-lucern-auth-mode": authContext.authMode,
|
|
142
|
+
"x-lucern-roles": authContext.roles.join(","),
|
|
143
|
+
"x-lucern-scopes": authContext.scopes.join(","),
|
|
144
|
+
"x-lucern-permit-context": JSON.stringify(authContext.permit)
|
|
145
|
+
};
|
|
146
|
+
if (authContext.clerkId) {
|
|
147
|
+
headers["x-lucern-clerk-id"] = authContext.clerkId;
|
|
148
|
+
headers["x-lucern-user-id"] = authContext.clerkId;
|
|
149
|
+
}
|
|
150
|
+
if (authContext.delegationChain.length > 0) {
|
|
151
|
+
headers["x-lucern-delegation-chain"] = JSON.stringify(
|
|
152
|
+
authContext.delegationChain
|
|
153
|
+
);
|
|
154
|
+
}
|
|
155
|
+
if (authContext.policyTraceId) {
|
|
156
|
+
headers["x-lucern-policy-trace-id"] = authContext.policyTraceId;
|
|
157
|
+
}
|
|
158
|
+
if (authContext.correlationId) {
|
|
159
|
+
headers["x-correlation-id"] = authContext.correlationId;
|
|
160
|
+
headers["x-lucern-correlation-id"] = authContext.correlationId;
|
|
161
|
+
}
|
|
162
|
+
if (authContext.membershipId) {
|
|
163
|
+
headers["x-lucern-membership-id"] = authContext.membershipId;
|
|
164
|
+
}
|
|
165
|
+
return headers;
|
|
166
|
+
}
|
|
167
|
+
|
|
1
168
|
// src/coreClient.ts
|
|
2
169
|
var LucernApiError = class extends Error {
|
|
3
170
|
code;
|
|
@@ -65,9 +232,7 @@ function generatePortableRequestId() {
|
|
|
65
232
|
8
|
|
66
233
|
).join("")}-${hex.slice(8, 10).join("")}-${hex.slice(10).join("")}`;
|
|
67
234
|
}
|
|
68
|
-
|
|
69
|
-
return generatePortableRequestId();
|
|
70
|
-
}
|
|
235
|
+
var randomIdempotencyKey = generatePortableRequestId;
|
|
71
236
|
function isRetryableStatus(status) {
|
|
72
237
|
return status >= 500 || status === 408 || status === 429;
|
|
73
238
|
}
|
|
@@ -132,8 +297,11 @@ function timeoutError(timeoutMs) {
|
|
|
132
297
|
error.name = "AbortError";
|
|
133
298
|
return error;
|
|
134
299
|
}
|
|
300
|
+
function isRecord(value) {
|
|
301
|
+
return value !== null && typeof value === "object" && !Array.isArray(value);
|
|
302
|
+
}
|
|
135
303
|
function readPolicySummaryFromDetails(details) {
|
|
136
|
-
if (!
|
|
304
|
+
if (!isRecord(details)) {
|
|
137
305
|
return null;
|
|
138
306
|
}
|
|
139
307
|
const directSummary = details.summary;
|
|
@@ -141,11 +309,11 @@ function readPolicySummaryFromDetails(details) {
|
|
|
141
309
|
return directSummary.trim();
|
|
142
310
|
}
|
|
143
311
|
const policy = details.policy;
|
|
144
|
-
if (!
|
|
312
|
+
if (!isRecord(policy)) {
|
|
145
313
|
return null;
|
|
146
314
|
}
|
|
147
315
|
const explanation = policy.explanation;
|
|
148
|
-
if (!
|
|
316
|
+
if (!isRecord(explanation)) {
|
|
149
317
|
return null;
|
|
150
318
|
}
|
|
151
319
|
const nestedSummary = explanation.summary;
|
|
@@ -154,16 +322,41 @@ function readPolicySummaryFromDetails(details) {
|
|
|
154
322
|
}
|
|
155
323
|
return null;
|
|
156
324
|
}
|
|
325
|
+
async function resolveConfiguredAuthContext(authContext) {
|
|
326
|
+
if (typeof authContext === "function") {
|
|
327
|
+
return await authContext();
|
|
328
|
+
}
|
|
329
|
+
return authContext;
|
|
330
|
+
}
|
|
331
|
+
function mergeHeaderRecord(base, addition) {
|
|
332
|
+
const headers = new Headers(base);
|
|
333
|
+
for (const [key, value] of Object.entries(addition)) {
|
|
334
|
+
const existing = headers.get(key);
|
|
335
|
+
if (existing !== null && existing !== value) {
|
|
336
|
+
throw new LucernSdkAuthContextError(
|
|
337
|
+
"policy_denied",
|
|
338
|
+
`Canonical Lucern SDK auth context conflicts with existing ${key} header.`
|
|
339
|
+
);
|
|
340
|
+
}
|
|
341
|
+
headers.set(key, value);
|
|
342
|
+
}
|
|
343
|
+
return Object.fromEntries(headers.entries());
|
|
344
|
+
}
|
|
157
345
|
function createGatewayRequestClient(config = {}) {
|
|
158
346
|
const fetchImpl = config.fetchImpl ?? fetch;
|
|
159
347
|
const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
160
348
|
const maxRetries = config.maxRetries ?? 2;
|
|
161
349
|
const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
|
|
162
350
|
async function resolveAuthHeaders() {
|
|
163
|
-
|
|
164
|
-
|
|
351
|
+
const base = config.getAuthHeaders ? await config.getAuthHeaders() : {};
|
|
352
|
+
const authContextInput = await resolveConfiguredAuthContext(
|
|
353
|
+
config.authContext
|
|
354
|
+
);
|
|
355
|
+
if (!authContextInput && !config.requireCanonicalAuthContext) {
|
|
356
|
+
return base;
|
|
165
357
|
}
|
|
166
|
-
|
|
358
|
+
const authContext = normalizeCanonicalLucernAuthContext(authContextInput);
|
|
359
|
+
return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));
|
|
167
360
|
}
|
|
168
361
|
async function fetchWithTimeout(url, init, timeoutMs) {
|
|
169
362
|
const controller = new AbortController();
|
|
@@ -184,11 +377,11 @@ function createGatewayRequestClient(config = {}) {
|
|
|
184
377
|
if (!text) {
|
|
185
378
|
return null;
|
|
186
379
|
}
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
} catch {
|
|
380
|
+
const parsed = tryParseGatewayEnvelopeJson(text);
|
|
381
|
+
if (!parsed.ok) {
|
|
190
382
|
return null;
|
|
191
383
|
}
|
|
384
|
+
return isRecord(parsed.value) ? parsed.value : null;
|
|
192
385
|
}
|
|
193
386
|
function resolveTimeoutMs(method, requestTimeoutMs) {
|
|
194
387
|
if (typeof requestTimeoutMs === "number") {
|
|
@@ -200,16 +393,31 @@ function createGatewayRequestClient(config = {}) {
|
|
|
200
393
|
}
|
|
201
394
|
return config.timeoutMs ?? 15e3;
|
|
202
395
|
}
|
|
396
|
+
function tryParseGatewayEnvelopeJson(text) {
|
|
397
|
+
const trimmed = text.trim();
|
|
398
|
+
if (!trimmed.startsWith("{") && !trimmed.startsWith("[")) {
|
|
399
|
+
return { ok: false, reason: "non-json" };
|
|
400
|
+
}
|
|
401
|
+
try {
|
|
402
|
+
return { ok: true, value: JSON.parse(trimmed) };
|
|
403
|
+
} catch (error) {
|
|
404
|
+
if (error instanceof SyntaxError) {
|
|
405
|
+
return { ok: false, reason: "invalid-json", error };
|
|
406
|
+
}
|
|
407
|
+
throw error;
|
|
408
|
+
}
|
|
409
|
+
}
|
|
203
410
|
function buildApiError(args) {
|
|
204
411
|
const failure = args.failure;
|
|
205
|
-
const legacyError = failure &&
|
|
412
|
+
const legacyError = failure && isRecord(failure.error) ? failure.error : failure?.legacyError;
|
|
206
413
|
const correlationId = failure?.correlationId ?? args.response.headers.get("x-lucern-correlation-id")?.trim() ?? args.requestId;
|
|
207
414
|
const policyTraceId = failure?.policyTraceId ?? args.response.headers.get("x-lucern-policy-trace-id")?.trim() ?? null;
|
|
208
415
|
const details = failure?.details ?? legacyError?.details;
|
|
209
416
|
const policySummary = readPolicySummaryFromDetails(details);
|
|
417
|
+
const failureMessage = typeof failure?.error === "string" ? failure.error : legacyError?.message;
|
|
210
418
|
return new LucernApiError({
|
|
211
419
|
code: failure?.code ?? legacyError?.code ?? fallbackErrorCode(args.response.status),
|
|
212
|
-
message: policySummary ??
|
|
420
|
+
message: policySummary ?? failureMessage ?? (args.response.ok ? "Platform API returned an invalid success payload." : "Platform API request failed."),
|
|
213
421
|
status: args.response.status,
|
|
214
422
|
invariant: failure?.invariant,
|
|
215
423
|
suggestion: failure?.suggestion,
|
|
@@ -341,7 +549,10 @@ function createListResult(items, legacyKey) {
|
|
|
341
549
|
total: items.length
|
|
342
550
|
};
|
|
343
551
|
if (legacyKey) {
|
|
344
|
-
|
|
552
|
+
return {
|
|
553
|
+
...result,
|
|
554
|
+
[legacyKey]: items
|
|
555
|
+
};
|
|
345
556
|
}
|
|
346
557
|
return result;
|
|
347
558
|
}
|
|
@@ -355,115 +566,111 @@ function mapGatewayData(response, mapper) {
|
|
|
355
566
|
// src/audiencesClient.ts
|
|
356
567
|
function createAudiencesClient(config = {}) {
|
|
357
568
|
const gateway = createGatewayRequestClient(config);
|
|
569
|
+
const listRegistry = async (query = {}) => {
|
|
570
|
+
return gateway.request({
|
|
571
|
+
path: `/api/platform/v1/audiences/registry${toQueryString({
|
|
572
|
+
...query,
|
|
573
|
+
effective: typeof query.effective === "boolean" ? query.effective ? "true" : "false" : void 0,
|
|
574
|
+
status: query.status
|
|
575
|
+
})}`
|
|
576
|
+
}).then(
|
|
577
|
+
(response) => mapGatewayData(
|
|
578
|
+
response,
|
|
579
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "registryEntries")
|
|
580
|
+
)
|
|
581
|
+
);
|
|
582
|
+
};
|
|
583
|
+
const createRegistryEntry = async (input, idempotencyKey) => {
|
|
584
|
+
return gateway.request({
|
|
585
|
+
path: "/api/platform/v1/audiences/registry",
|
|
586
|
+
method: "POST",
|
|
587
|
+
body: input,
|
|
588
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
589
|
+
});
|
|
590
|
+
};
|
|
591
|
+
const updateRegistryEntry = createRegistryEntry;
|
|
592
|
+
const upsertRegistry = createRegistryEntry;
|
|
593
|
+
const getRegistry = listRegistry;
|
|
594
|
+
const listGrants = async (query = {}) => {
|
|
595
|
+
return gateway.request({
|
|
596
|
+
path: `/api/platform/v1/audiences/grants${toQueryString({
|
|
597
|
+
...query,
|
|
598
|
+
audienceKey: query.audienceKey,
|
|
599
|
+
principalId: query.principalId,
|
|
600
|
+
groupId: query.groupId,
|
|
601
|
+
status: query.status
|
|
602
|
+
})}`
|
|
603
|
+
}).then(
|
|
604
|
+
(response) => mapGatewayData(
|
|
605
|
+
response,
|
|
606
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "grants")
|
|
607
|
+
)
|
|
608
|
+
);
|
|
609
|
+
};
|
|
610
|
+
const createGrant = async (input, idempotencyKey) => {
|
|
611
|
+
return gateway.request({
|
|
612
|
+
path: "/api/platform/v1/audiences/grants",
|
|
613
|
+
method: "POST",
|
|
614
|
+
body: input,
|
|
615
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
616
|
+
});
|
|
617
|
+
};
|
|
618
|
+
const getGrants = listGrants;
|
|
619
|
+
const grant = createGrant;
|
|
620
|
+
const deleteGrant = async (input, idempotencyKey) => {
|
|
621
|
+
return gateway.request({
|
|
622
|
+
path: "/api/platform/v1/audiences/grants/revoke",
|
|
623
|
+
method: "POST",
|
|
624
|
+
body: input,
|
|
625
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
626
|
+
});
|
|
627
|
+
};
|
|
628
|
+
const revokeGrant = deleteGrant;
|
|
358
629
|
return {
|
|
359
630
|
/**
|
|
360
631
|
* List audience registry entries.
|
|
361
632
|
*/
|
|
362
|
-
|
|
363
|
-
return gateway.request({
|
|
364
|
-
path: `/api/platform/v1/audiences/registry${toQueryString({
|
|
365
|
-
...query,
|
|
366
|
-
effective: typeof query.effective === "boolean" ? query.effective ? "true" : "false" : void 0,
|
|
367
|
-
status: query.status
|
|
368
|
-
})}`
|
|
369
|
-
}).then(
|
|
370
|
-
(response) => mapGatewayData(
|
|
371
|
-
response,
|
|
372
|
-
(data) => createListResult(
|
|
373
|
-
Array.isArray(data) ? data : [],
|
|
374
|
-
"registryEntries"
|
|
375
|
-
)
|
|
376
|
-
)
|
|
377
|
-
);
|
|
378
|
-
},
|
|
633
|
+
listRegistry,
|
|
379
634
|
/**
|
|
380
635
|
* @deprecated Use listRegistry.
|
|
381
636
|
*/
|
|
382
|
-
|
|
383
|
-
return this.listRegistry(query);
|
|
384
|
-
},
|
|
637
|
+
getRegistry,
|
|
385
638
|
/**
|
|
386
639
|
* Create an audience registry entry.
|
|
387
640
|
*/
|
|
388
|
-
|
|
389
|
-
return gateway.request({
|
|
390
|
-
path: "/api/platform/v1/audiences/registry",
|
|
391
|
-
method: "POST",
|
|
392
|
-
body: input,
|
|
393
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
394
|
-
});
|
|
395
|
-
},
|
|
641
|
+
createRegistryEntry,
|
|
396
642
|
/**
|
|
397
643
|
* Update an audience registry entry.
|
|
398
644
|
*/
|
|
399
|
-
|
|
400
|
-
return this.createRegistryEntry(input, idempotencyKey);
|
|
401
|
-
},
|
|
645
|
+
updateRegistryEntry,
|
|
402
646
|
/**
|
|
403
647
|
* @deprecated Use createRegistryEntry or updateRegistryEntry.
|
|
404
648
|
*/
|
|
405
|
-
|
|
406
|
-
return this.createRegistryEntry(input, idempotencyKey);
|
|
407
|
-
},
|
|
649
|
+
upsertRegistry,
|
|
408
650
|
/**
|
|
409
651
|
* List audience grants.
|
|
410
652
|
*/
|
|
411
|
-
|
|
412
|
-
return gateway.request({
|
|
413
|
-
path: `/api/platform/v1/audiences/grants${toQueryString({
|
|
414
|
-
...query,
|
|
415
|
-
audienceKey: query.audienceKey,
|
|
416
|
-
principalId: query.principalId,
|
|
417
|
-
groupId: query.groupId,
|
|
418
|
-
status: query.status
|
|
419
|
-
})}`
|
|
420
|
-
}).then(
|
|
421
|
-
(response) => mapGatewayData(
|
|
422
|
-
response,
|
|
423
|
-
(data) => createListResult(Array.isArray(data) ? data : [], "grants")
|
|
424
|
-
)
|
|
425
|
-
);
|
|
426
|
-
},
|
|
653
|
+
listGrants,
|
|
427
654
|
/**
|
|
428
655
|
* @deprecated Use listGrants.
|
|
429
656
|
*/
|
|
430
|
-
|
|
431
|
-
return this.listGrants(query);
|
|
432
|
-
},
|
|
657
|
+
getGrants,
|
|
433
658
|
/**
|
|
434
659
|
* Create an audience grant.
|
|
435
660
|
*/
|
|
436
|
-
|
|
437
|
-
return gateway.request({
|
|
438
|
-
path: "/api/platform/v1/audiences/grants",
|
|
439
|
-
method: "POST",
|
|
440
|
-
body: input,
|
|
441
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
442
|
-
});
|
|
443
|
-
},
|
|
661
|
+
createGrant,
|
|
444
662
|
/**
|
|
445
663
|
* @deprecated Use createGrant.
|
|
446
664
|
*/
|
|
447
|
-
|
|
448
|
-
return this.createGrant(input, idempotencyKey);
|
|
449
|
-
},
|
|
665
|
+
grant,
|
|
450
666
|
/**
|
|
451
667
|
* Delete an audience grant by revoking it.
|
|
452
668
|
*/
|
|
453
|
-
|
|
454
|
-
return gateway.request({
|
|
455
|
-
path: "/api/platform/v1/audiences/grants/revoke",
|
|
456
|
-
method: "POST",
|
|
457
|
-
body: input,
|
|
458
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
459
|
-
});
|
|
460
|
-
},
|
|
669
|
+
deleteGrant,
|
|
461
670
|
/**
|
|
462
671
|
* @deprecated Use deleteGrant.
|
|
463
672
|
*/
|
|
464
|
-
|
|
465
|
-
return this.deleteGrant(input, idempotencyKey);
|
|
466
|
-
}
|
|
673
|
+
revokeGrant
|
|
467
674
|
};
|
|
468
675
|
}
|
|
469
676
|
|