@lucern/sdk 0.3.0-alpha.16 → 0.3.0-alpha.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +0 -8
- package/README.md +4 -110
- package/dist/adminClient.d.ts +8 -10
- package/dist/adminClient.js +39 -260
- package/dist/adminClient.js.map +1 -1
- package/dist/answersClient.d.ts +0 -2
- package/dist/answersClient.js +11 -239
- package/dist/answersClient.js.map +1 -1
- package/dist/audience/index.d.ts +1 -2
- package/dist/audience/index.js +3 -1
- package/dist/audience/index.js.map +1 -1
- package/dist/audiencesClient.d.ts +16 -18
- package/dist/audiencesClient.js +90 -315
- package/dist/audiencesClient.js.map +1 -1
- package/dist/auditClient.d.ts +0 -2
- package/dist/auditClient.js +15 -245
- package/dist/auditClient.js.map +1 -1
- package/dist/beliefs/index.d.ts +5 -27
- package/dist/beliefs/index.js +1177 -3842
- package/dist/beliefs/index.js.map +1 -1
- package/dist/beliefsClient.d.ts +2 -4
- package/dist/beliefsClient.js +26 -248
- package/dist/beliefsClient.js.map +1 -1
- package/dist/client-B6aWUUwp.d.ts +2552 -0
- package/dist/client.d.ts +27 -3041
- package/dist/client.js +1177 -3842
- package/dist/client.js.map +1 -1
- package/dist/contextClient.d.ts +3 -6
- package/dist/contextClient.js +30 -270
- package/dist/contextClient.js.map +1 -1
- package/dist/contextFacade.js +16 -25
- package/dist/contextFacade.js.map +1 -1
- package/dist/contextPackCompiler.js +30 -19
- package/dist/contextPackCompiler.js.map +1 -1
- package/dist/contextPackPolicy.js +17 -7
- package/dist/contextPackPolicy.js.map +1 -1
- package/dist/contextTypes.d.ts +0 -2
- package/dist/contracts/api-enums.contract.d.ts +2 -2
- package/dist/contracts/api-enums.contract.js +1 -6
- package/dist/contracts/api-enums.contract.js.map +1 -1
- package/dist/contracts/auth-session.contract.d.ts +1 -1
- package/dist/contracts/auth-session.contract.js +1 -13
- package/dist/contracts/auth-session.contract.js.map +1 -1
- package/dist/contracts/index.d.ts +0 -1
- package/dist/contracts/index.js +6 -133
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/lens-filter.contract.js +3 -4
- package/dist/contracts/lens-filter.contract.js.map +1 -1
- package/dist/contracts/lens-workflow.contract.js +3 -4
- package/dist/contracts/lens-workflow.contract.js.map +1 -1
- package/dist/contracts/lensFilter.js +3 -4
- package/dist/contracts/lensFilter.js.map +1 -1
- package/dist/contracts/lensWorkflow.js +3 -4
- package/dist/contracts/lensWorkflow.js.map +1 -1
- package/dist/contracts/mcpTools.d.ts +1 -46
- package/dist/contracts/mcpTools.js +0 -108
- package/dist/contracts/mcpTools.js.map +1 -1
- package/dist/contradictions/index.d.ts +4 -26
- package/dist/contradictions/index.js +1177 -3842
- package/dist/contradictions/index.js.map +1 -1
- package/dist/coreClient.d.ts +2 -28
- package/dist/coreClient.js +14 -240
- package/dist/coreClient.js.map +1 -1
- package/dist/decisions/index.d.ts +14 -36
- package/dist/decisions/index.js +1177 -3842
- package/dist/decisions/index.js.map +1 -1
- package/dist/decisionsClient.d.ts +12 -6
- package/dist/decisionsClient.js +37 -253
- package/dist/decisionsClient.js.map +1 -1
- package/dist/edges/index.d.ts +87 -49
- package/dist/edges/index.js +1177 -3842
- package/dist/edges/index.js.map +1 -1
- package/dist/events.js +3 -6
- package/dist/events.js.map +1 -1
- package/dist/eventsCore.d.ts +1 -3
- package/dist/eventsCore.js +14 -240
- package/dist/eventsCore.js.map +1 -1
- package/dist/evidence/index.d.ts +4 -26
- package/dist/evidence/index.js +1177 -3842
- package/dist/evidence/index.js.map +1 -1
- package/dist/evidenceClient.d.ts +0 -2
- package/dist/evidenceClient.js +14 -240
- package/dist/evidenceClient.js.map +1 -1
- package/dist/facade/context.d.ts +1 -2
- package/dist/facade/context.js +16 -25
- package/dist/facade/context.js.map +1 -1
- package/dist/gatewayFacades.d.ts +46 -90
- package/dist/gatewayFacades.js +128 -609
- package/dist/gatewayFacades.js.map +1 -1
- package/dist/graphClient.d.ts +13 -8
- package/dist/graphClient.js +45 -262
- package/dist/graphClient.js.map +1 -1
- package/dist/harnessClient.d.ts +24 -15
- package/dist/harnessClient.js +42 -253
- package/dist/harnessClient.js.map +1 -1
- package/dist/identityClient.d.ts +11 -115
- package/dist/identityClient.js +33 -555
- package/dist/identityClient.js.map +1 -1
- package/dist/index.d.ts +6 -32
- package/dist/index.js +2580 -5825
- package/dist/index.js.map +1 -1
- package/dist/learningClient.d.ts +6 -8
- package/dist/learningClient.js +44 -270
- package/dist/learningClient.js.map +1 -1
- package/dist/lenses/index.d.ts +38 -78
- package/dist/lenses/index.js +1177 -3842
- package/dist/lenses/index.js.map +1 -1
- package/dist/nodes/index.d.ts +21 -65
- package/dist/nodes/index.js +1177 -3842
- package/dist/nodes/index.js.map +1 -1
- package/dist/ontologies/index.d.ts +32 -55
- package/dist/ontologies/index.js +1177 -3842
- package/dist/ontologies/index.js.map +1 -1
- package/dist/ontologyClient.d.ts +25 -19
- package/dist/ontologyClient.js +40 -276
- package/dist/ontologyClient.js.map +1 -1
- package/dist/packsClient.d.ts +23 -11
- package/dist/packsClient.js +46 -252
- package/dist/packsClient.js.map +1 -1
- package/dist/policyClient.d.ts +10 -13
- package/dist/policyClient.js +25 -261
- package/dist/policyClient.js.map +1 -1
- package/dist/questions/index.d.ts +4 -26
- package/dist/questions/index.js +1177 -3842
- package/dist/questions/index.js.map +1 -1
- package/dist/realtime/index.d.ts +1 -1
- package/dist/reportsClient.d.ts +7 -9
- package/dist/reportsClient.js +53 -299
- package/dist/reportsClient.js.map +1 -1
- package/dist/schemaClient.d.ts +3 -5
- package/dist/schemaClient.js +29 -253
- package/dist/schemaClient.js.map +1 -1
- package/dist/sdkSurface.d.ts +3 -8
- package/dist/sdkSurface.js +6 -10
- package/dist/sdkSurface.js.map +1 -1
- package/dist/sourcesClient.d.ts +0 -2
- package/dist/sourcesClient.js +14 -240
- package/dist/sourcesClient.js.map +1 -1
- package/dist/topics/index.d.ts +9 -37
- package/dist/topics/index.js +1177 -3844
- package/dist/topics/index.js.map +1 -1
- package/dist/topicsClient.d.ts +0 -4
- package/dist/topicsClient.js +24 -255
- package/dist/topicsClient.js.map +1 -1
- package/dist/types.d.ts +0 -17
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/dist/version.js.map +1 -1
- package/dist/workflowClient.d.ts +40 -60
- package/dist/workflowClient.js +58 -261
- package/dist/workflowClient.js.map +1 -1
- package/dist/worktrees/index.d.ts +33 -71
- package/dist/worktrees/index.js +1177 -3842
- package/dist/worktrees/index.js.map +1 -1
- package/package.json +3 -17
- package/dist/accessControl.d.ts +0 -79
- package/dist/accessControl.js +0 -1270
- package/dist/accessControl.js.map +0 -1
- package/dist/authContext.d.ts +0 -56
- package/dist/authContext.js +0 -170
- package/dist/authContext.js.map +0 -1
- package/dist/authDeviceClient.d.ts +0 -49
- package/dist/authDeviceClient.js +0 -121
- package/dist/authDeviceClient.js.map +0 -1
- package/dist/boundaryClientSurface.d.ts +0 -20
- package/dist/boundaryClientSurface.js +0 -73
- package/dist/boundaryClientSurface.js.map +0 -1
- package/dist/clientHelpers.d.ts +0 -48
- package/dist/clientHelpers.js +0 -137
- package/dist/clientHelpers.js.map +0 -1
- package/dist/control-plane.d.ts +0 -69
- package/dist/control-plane.js +0 -674
- package/dist/control-plane.js.map +0 -1
- package/dist/embeddingsClient.d.ts +0 -106
- package/dist/embeddingsClient.js +0 -749
- package/dist/embeddingsClient.js.map +0 -1
- package/dist/eventingClient.d.ts +0 -96
- package/dist/eventingClient.js +0 -746
- package/dist/eventingClient.js.map +0 -1
- package/dist/functionSurface.d.ts +0 -144
- package/dist/functionSurface.js +0 -1227
- package/dist/functionSurface.js.map +0 -1
- package/dist/functionSurfaceClient.d.ts +0 -8
- package/dist/functionSurfaceClient.js +0 -1227
- package/dist/functionSurfaceClient.js.map +0 -1
- package/dist/graphAnalysisClient.d.ts +0 -192
- package/dist/graphAnalysisClient.js +0 -817
- package/dist/graphAnalysisClient.js.map +0 -1
- package/dist/graphIntel.d.ts +0 -4
- package/dist/graphIntel.js +0 -3
- package/dist/graphIntel.js.map +0 -1
- package/dist/graphIntelligence.d.ts +0 -2
- package/dist/graphIntelligence.js +0 -47
- package/dist/graphIntelligence.js.map +0 -1
- package/dist/graphRecommendationsClient.d.ts +0 -56
- package/dist/graphRecommendationsClient.js +0 -682
- package/dist/graphRecommendationsClient.js.map +0 -1
- package/dist/graphStateClassifierClient.d.ts +0 -73
- package/dist/graphStateClassifierClient.js +0 -734
- package/dist/graphStateClassifierClient.js.map +0 -1
- package/dist/infisicalRuntime.d.ts +0 -43
- package/dist/infisicalRuntime.js +0 -346
- package/dist/infisicalRuntime.js.map +0 -1
- package/dist/jobsClient.d.ts +0 -98
- package/dist/jobsClient.js +0 -744
- package/dist/jobsClient.js.map +0 -1
- package/dist/mcpClient.d.ts +0 -28
- package/dist/mcpClient.js +0 -687
- package/dist/mcpClient.js.map +0 -1
- package/dist/modelRuntimeClient.d.ts +0 -72
- package/dist/modelRuntimeClient.js +0 -722
- package/dist/modelRuntimeClient.js.map +0 -1
- package/dist/ontologyLinksClient.d.ts +0 -71
- package/dist/ontologyLinksClient.js +0 -715
- package/dist/ontologyLinksClient.js.map +0 -1
- package/dist/orgGraphSearchClient.d.ts +0 -85
- package/dist/orgGraphSearchClient.js +0 -690
- package/dist/orgGraphSearchClient.js.map +0 -1
- package/dist/secrets.d.ts +0 -1
- package/dist/secrets.js +0 -3
- package/dist/secrets.js.map +0 -1
- package/dist/telemetryClient.d.ts +0 -94
- package/dist/telemetryClient.js +0 -759
- package/dist/telemetryClient.js.map +0 -1
- package/dist/toolRegistryClient.d.ts +0 -115
- package/dist/toolRegistryClient.js +0 -785
- package/dist/toolRegistryClient.js.map +0 -1
package/dist/gatewayFacades.js
CHANGED
|
@@ -1,170 +1,3 @@
|
|
|
1
|
-
// src/authContext.ts
|
|
2
|
-
var LucernSdkAuthContextError = class extends Error {
|
|
3
|
-
reason;
|
|
4
|
-
constructor(reason, message) {
|
|
5
|
-
super(message);
|
|
6
|
-
this.name = "LucernSdkAuthContextError";
|
|
7
|
-
this.reason = reason;
|
|
8
|
-
}
|
|
9
|
-
};
|
|
10
|
-
function cleanString(value) {
|
|
11
|
-
const normalized = value?.trim();
|
|
12
|
-
return normalized ? normalized : void 0;
|
|
13
|
-
}
|
|
14
|
-
function cleanStringList(values) {
|
|
15
|
-
if (!values) {
|
|
16
|
-
return [];
|
|
17
|
-
}
|
|
18
|
-
return values.map((value) => value.trim()).filter(
|
|
19
|
-
(value, index, list) => value.length > 0 && list.indexOf(value) === index
|
|
20
|
-
);
|
|
21
|
-
}
|
|
22
|
-
function requireString(value, reason, label) {
|
|
23
|
-
const normalized = cleanString(value);
|
|
24
|
-
if (!normalized) {
|
|
25
|
-
throw new LucernSdkAuthContextError(
|
|
26
|
-
reason,
|
|
27
|
-
`Canonical Lucern SDK auth context is missing ${label}.`
|
|
28
|
-
);
|
|
29
|
-
}
|
|
30
|
-
return normalized;
|
|
31
|
-
}
|
|
32
|
-
function requirePrincipalType(principalType2) {
|
|
33
|
-
if (!principalType2) {
|
|
34
|
-
throw new LucernSdkAuthContextError(
|
|
35
|
-
"principal_missing",
|
|
36
|
-
"Canonical Lucern SDK auth context is missing principalType."
|
|
37
|
-
);
|
|
38
|
-
}
|
|
39
|
-
return principalType2;
|
|
40
|
-
}
|
|
41
|
-
function requireAuthMode(authMode) {
|
|
42
|
-
if (!authMode) {
|
|
43
|
-
throw new LucernSdkAuthContextError(
|
|
44
|
-
"principal_missing",
|
|
45
|
-
"Canonical Lucern SDK auth context is missing authMode."
|
|
46
|
-
);
|
|
47
|
-
}
|
|
48
|
-
return authMode;
|
|
49
|
-
}
|
|
50
|
-
function ensurePermitMatch(args) {
|
|
51
|
-
const actual = cleanString(args.actual);
|
|
52
|
-
if (actual && actual !== args.expected) {
|
|
53
|
-
throw new LucernSdkAuthContextError(
|
|
54
|
-
"policy_denied",
|
|
55
|
-
`Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`
|
|
56
|
-
);
|
|
57
|
-
}
|
|
58
|
-
}
|
|
59
|
-
function normalizeCanonicalLucernAuthContext(input) {
|
|
60
|
-
if (!input) {
|
|
61
|
-
throw new LucernSdkAuthContextError(
|
|
62
|
-
"principal_missing",
|
|
63
|
-
"Canonical Lucern SDK auth context is required."
|
|
64
|
-
);
|
|
65
|
-
}
|
|
66
|
-
if (input.policyDecision === "deny") {
|
|
67
|
-
throw new LucernSdkAuthContextError(
|
|
68
|
-
"policy_denied",
|
|
69
|
-
"Canonical Lucern SDK auth context carries a denied policy decision."
|
|
70
|
-
);
|
|
71
|
-
}
|
|
72
|
-
const principalId = requireString(
|
|
73
|
-
input.principalId,
|
|
74
|
-
"principal_missing",
|
|
75
|
-
"principalId"
|
|
76
|
-
);
|
|
77
|
-
const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
|
|
78
|
-
const workspaceId = requireString(
|
|
79
|
-
input.workspaceId,
|
|
80
|
-
"workspace_missing",
|
|
81
|
-
"workspaceId"
|
|
82
|
-
);
|
|
83
|
-
const roles = cleanStringList(input.roles);
|
|
84
|
-
const scopes = cleanStringList(input.scopes);
|
|
85
|
-
const principalType2 = requirePrincipalType(input.principalType);
|
|
86
|
-
const authMode = requireAuthMode(input.authMode);
|
|
87
|
-
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
88
|
-
if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
|
|
89
|
-
throw new LucernSdkAuthContextError(
|
|
90
|
-
"membership_missing",
|
|
91
|
-
"Canonical Lucern SDK auth context requires non-empty roles and scopes."
|
|
92
|
-
);
|
|
93
|
-
}
|
|
94
|
-
const subject = cleanString(input.permit?.subject) ?? principalId;
|
|
95
|
-
const tenant = cleanString(input.permit?.tenant) ?? tenantId;
|
|
96
|
-
const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
|
|
97
|
-
ensurePermitMatch({
|
|
98
|
-
field: "subject",
|
|
99
|
-
expected: principalId,
|
|
100
|
-
actual: subject
|
|
101
|
-
});
|
|
102
|
-
ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
|
|
103
|
-
ensurePermitMatch({
|
|
104
|
-
field: "workspace",
|
|
105
|
-
expected: workspaceId,
|
|
106
|
-
actual: workspace
|
|
107
|
-
});
|
|
108
|
-
const context = input.permit?.context ? { ...input.permit.context } : void 0;
|
|
109
|
-
return {
|
|
110
|
-
clerkId: cleanString(input.clerkId),
|
|
111
|
-
principalId,
|
|
112
|
-
tenantId,
|
|
113
|
-
workspaceId,
|
|
114
|
-
principalType: principalType2,
|
|
115
|
-
authMode,
|
|
116
|
-
roles,
|
|
117
|
-
scopes,
|
|
118
|
-
delegationChain: input.delegationChain ? [...input.delegationChain] : [],
|
|
119
|
-
policyTraceId: cleanString(input.policyTraceId),
|
|
120
|
-
correlationId: cleanString(input.correlationId),
|
|
121
|
-
membershipId: cleanString(input.membershipId),
|
|
122
|
-
permit: {
|
|
123
|
-
subject,
|
|
124
|
-
tenant,
|
|
125
|
-
workspace,
|
|
126
|
-
resource: cleanString(input.permit?.resource),
|
|
127
|
-
action: cleanString(input.permit?.action),
|
|
128
|
-
relation: cleanString(input.permit?.relation),
|
|
129
|
-
context
|
|
130
|
-
}
|
|
131
|
-
};
|
|
132
|
-
}
|
|
133
|
-
function createCanonicalAuthHeaders(authContext) {
|
|
134
|
-
const headers = {
|
|
135
|
-
"x-lucern-principal-id": authContext.principalId,
|
|
136
|
-
"x-lucern-principal-type": authContext.principalType,
|
|
137
|
-
"x-lucern-tenant": authContext.tenantId,
|
|
138
|
-
"x-lucern-tenant-id": authContext.tenantId,
|
|
139
|
-
"x-lucern-workspace": authContext.workspaceId,
|
|
140
|
-
"x-lucern-workspace-id": authContext.workspaceId,
|
|
141
|
-
"x-lucern-auth-mode": authContext.authMode,
|
|
142
|
-
"x-lucern-roles": authContext.roles.join(","),
|
|
143
|
-
"x-lucern-scopes": authContext.scopes.join(","),
|
|
144
|
-
"x-lucern-permit-context": JSON.stringify(authContext.permit)
|
|
145
|
-
};
|
|
146
|
-
if (authContext.clerkId) {
|
|
147
|
-
headers["x-lucern-clerk-id"] = authContext.clerkId;
|
|
148
|
-
headers["x-lucern-user-id"] = authContext.clerkId;
|
|
149
|
-
}
|
|
150
|
-
if (authContext.delegationChain.length > 0) {
|
|
151
|
-
headers["x-lucern-delegation-chain"] = JSON.stringify(
|
|
152
|
-
authContext.delegationChain
|
|
153
|
-
);
|
|
154
|
-
}
|
|
155
|
-
if (authContext.policyTraceId) {
|
|
156
|
-
headers["x-lucern-policy-trace-id"] = authContext.policyTraceId;
|
|
157
|
-
}
|
|
158
|
-
if (authContext.correlationId) {
|
|
159
|
-
headers["x-correlation-id"] = authContext.correlationId;
|
|
160
|
-
headers["x-lucern-correlation-id"] = authContext.correlationId;
|
|
161
|
-
}
|
|
162
|
-
if (authContext.membershipId) {
|
|
163
|
-
headers["x-lucern-membership-id"] = authContext.membershipId;
|
|
164
|
-
}
|
|
165
|
-
return headers;
|
|
166
|
-
}
|
|
167
|
-
|
|
168
1
|
// src/coreClient.ts
|
|
169
2
|
var LucernApiError = class extends Error {
|
|
170
3
|
code;
|
|
@@ -232,7 +65,9 @@ function generatePortableRequestId() {
|
|
|
232
65
|
8
|
|
233
66
|
).join("")}-${hex.slice(8, 10).join("")}-${hex.slice(10).join("")}`;
|
|
234
67
|
}
|
|
235
|
-
|
|
68
|
+
function randomIdempotencyKey() {
|
|
69
|
+
return generatePortableRequestId();
|
|
70
|
+
}
|
|
236
71
|
function isRetryableStatus(status) {
|
|
237
72
|
return status >= 500 || status === 408 || status === 429;
|
|
238
73
|
}
|
|
@@ -297,11 +132,8 @@ function timeoutError(timeoutMs) {
|
|
|
297
132
|
error.name = "AbortError";
|
|
298
133
|
return error;
|
|
299
134
|
}
|
|
300
|
-
function isRecord(value) {
|
|
301
|
-
return value !== null && typeof value === "object" && !Array.isArray(value);
|
|
302
|
-
}
|
|
303
135
|
function readPolicySummaryFromDetails(details) {
|
|
304
|
-
if (!
|
|
136
|
+
if (!details || typeof details !== "object" || Array.isArray(details)) {
|
|
305
137
|
return null;
|
|
306
138
|
}
|
|
307
139
|
const directSummary = details.summary;
|
|
@@ -309,11 +141,11 @@ function readPolicySummaryFromDetails(details) {
|
|
|
309
141
|
return directSummary.trim();
|
|
310
142
|
}
|
|
311
143
|
const policy = details.policy;
|
|
312
|
-
if (!
|
|
144
|
+
if (!policy || typeof policy !== "object" || Array.isArray(policy)) {
|
|
313
145
|
return null;
|
|
314
146
|
}
|
|
315
147
|
const explanation = policy.explanation;
|
|
316
|
-
if (!
|
|
148
|
+
if (!explanation || typeof explanation !== "object" || Array.isArray(explanation)) {
|
|
317
149
|
return null;
|
|
318
150
|
}
|
|
319
151
|
const nestedSummary = explanation.summary;
|
|
@@ -322,59 +154,16 @@ function readPolicySummaryFromDetails(details) {
|
|
|
322
154
|
}
|
|
323
155
|
return null;
|
|
324
156
|
}
|
|
325
|
-
async function resolveConfiguredAuthContext(authContext) {
|
|
326
|
-
if (typeof authContext === "function") {
|
|
327
|
-
return await authContext();
|
|
328
|
-
}
|
|
329
|
-
return authContext;
|
|
330
|
-
}
|
|
331
|
-
function mergeHeaderRecord(base, addition) {
|
|
332
|
-
const headers = new Headers(base);
|
|
333
|
-
for (const [key, value] of Object.entries(addition)) {
|
|
334
|
-
const existing = headers.get(key);
|
|
335
|
-
if (existing !== null && existing !== value) {
|
|
336
|
-
throw new LucernSdkAuthContextError(
|
|
337
|
-
"policy_denied",
|
|
338
|
-
`Canonical Lucern SDK auth context conflicts with existing ${key} header.`
|
|
339
|
-
);
|
|
340
|
-
}
|
|
341
|
-
headers.set(key, value);
|
|
342
|
-
}
|
|
343
|
-
return Object.fromEntries(headers.entries());
|
|
344
|
-
}
|
|
345
|
-
function cleanHeaderValue(value) {
|
|
346
|
-
const normalized = value?.trim();
|
|
347
|
-
return normalized ? normalized : void 0;
|
|
348
|
-
}
|
|
349
157
|
function createGatewayRequestClient(config = {}) {
|
|
350
158
|
const fetchImpl = config.fetchImpl ?? fetch;
|
|
351
159
|
const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
352
160
|
const maxRetries = config.maxRetries ?? 2;
|
|
353
161
|
const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
|
|
354
162
|
async function resolveAuthHeaders() {
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
const setIfAbsent = (name, value) => {
|
|
358
|
-
const normalized = cleanHeaderValue(value);
|
|
359
|
-
if (normalized && !headers.has(name)) {
|
|
360
|
-
headers.set(name, normalized);
|
|
361
|
-
}
|
|
362
|
-
};
|
|
363
|
-
setIfAbsent("x-lucern-key", config.apiKey);
|
|
364
|
-
setIfAbsent("x-lucern-session-token", config.userToken);
|
|
365
|
-
setIfAbsent("x-lucern-environment", config.environment);
|
|
366
|
-
setIfAbsent("x-lucern-clerk-id", config.clerkId);
|
|
367
|
-
setIfAbsent("x-lucern-user-id", config.userId ?? config.clerkId);
|
|
368
|
-
setIfAbsent("x-lucern-deployment-host", config.deploymentHost);
|
|
369
|
-
const base = Object.fromEntries(headers.entries());
|
|
370
|
-
const authContextInput = await resolveConfiguredAuthContext(
|
|
371
|
-
config.authContext
|
|
372
|
-
);
|
|
373
|
-
if (!authContextInput && !config.requireCanonicalAuthContext) {
|
|
374
|
-
return base;
|
|
163
|
+
if (!config.getAuthHeaders) {
|
|
164
|
+
return {};
|
|
375
165
|
}
|
|
376
|
-
|
|
377
|
-
return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));
|
|
166
|
+
return await config.getAuthHeaders();
|
|
378
167
|
}
|
|
379
168
|
async function fetchWithTimeout(url, init, timeoutMs) {
|
|
380
169
|
const controller = new AbortController();
|
|
@@ -395,11 +184,11 @@ function createGatewayRequestClient(config = {}) {
|
|
|
395
184
|
if (!text) {
|
|
396
185
|
return null;
|
|
397
186
|
}
|
|
398
|
-
|
|
399
|
-
|
|
187
|
+
try {
|
|
188
|
+
return JSON.parse(text);
|
|
189
|
+
} catch {
|
|
400
190
|
return null;
|
|
401
191
|
}
|
|
402
|
-
return isRecord(parsed.value) ? parsed.value : null;
|
|
403
192
|
}
|
|
404
193
|
function resolveTimeoutMs(method, requestTimeoutMs) {
|
|
405
194
|
if (typeof requestTimeoutMs === "number") {
|
|
@@ -411,31 +200,16 @@ function createGatewayRequestClient(config = {}) {
|
|
|
411
200
|
}
|
|
412
201
|
return config.timeoutMs ?? 15e3;
|
|
413
202
|
}
|
|
414
|
-
function tryParseGatewayEnvelopeJson(text) {
|
|
415
|
-
const trimmed = text.trim();
|
|
416
|
-
if (!trimmed.startsWith("{") && !trimmed.startsWith("[")) {
|
|
417
|
-
return { ok: false, reason: "non-json" };
|
|
418
|
-
}
|
|
419
|
-
try {
|
|
420
|
-
return { ok: true, value: JSON.parse(trimmed) };
|
|
421
|
-
} catch (error) {
|
|
422
|
-
if (error instanceof SyntaxError) {
|
|
423
|
-
return { ok: false, reason: "invalid-json", error };
|
|
424
|
-
}
|
|
425
|
-
throw error;
|
|
426
|
-
}
|
|
427
|
-
}
|
|
428
203
|
function buildApiError(args) {
|
|
429
204
|
const failure = args.failure;
|
|
430
|
-
const legacyError = failure &&
|
|
205
|
+
const legacyError = failure && typeof failure.error === "object" && failure.error !== null ? failure.error : failure?.legacyError;
|
|
431
206
|
const correlationId = failure?.correlationId ?? args.response.headers.get("x-lucern-correlation-id")?.trim() ?? args.requestId;
|
|
432
207
|
const policyTraceId = failure?.policyTraceId ?? args.response.headers.get("x-lucern-policy-trace-id")?.trim() ?? null;
|
|
433
208
|
const details = failure?.details ?? legacyError?.details;
|
|
434
209
|
const policySummary = readPolicySummaryFromDetails(details);
|
|
435
|
-
const failureMessage = typeof failure?.error === "string" ? failure.error : legacyError?.message;
|
|
436
210
|
return new LucernApiError({
|
|
437
211
|
code: failure?.code ?? legacyError?.code ?? fallbackErrorCode(args.response.status),
|
|
438
|
-
message: policySummary ??
|
|
212
|
+
message: policySummary ?? (typeof failure?.error === "string" ? failure.error : legacyError?.message ?? (args.response.ok ? "Platform API returned an invalid success payload." : "Platform API request failed.")),
|
|
439
213
|
status: args.response.status,
|
|
440
214
|
invariant: failure?.invariant,
|
|
441
215
|
suggestion: failure?.suggestion,
|
|
@@ -561,17 +335,14 @@ function createGatewayRequestClient(config = {}) {
|
|
|
561
335
|
}
|
|
562
336
|
|
|
563
337
|
// src/sdkSurface.ts
|
|
564
|
-
function isRecord2(value) {
|
|
565
|
-
return Boolean(value) && typeof value === "object" && !Array.isArray(value);
|
|
566
|
-
}
|
|
567
338
|
function asRecord(value) {
|
|
568
|
-
return
|
|
339
|
+
return value && typeof value === "object" ? value : {};
|
|
569
340
|
}
|
|
570
|
-
function
|
|
341
|
+
function cleanString(value) {
|
|
571
342
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
572
343
|
}
|
|
573
344
|
function normalizeVerificationStatus(value) {
|
|
574
|
-
const status =
|
|
345
|
+
const status = cleanString(value);
|
|
575
346
|
if (!status) {
|
|
576
347
|
return void 0;
|
|
577
348
|
}
|
|
@@ -587,20 +358,20 @@ function cloneWith(value, patch) {
|
|
|
587
358
|
return { ...value, ...patch };
|
|
588
359
|
}
|
|
589
360
|
function resolveTopicId(value) {
|
|
590
|
-
return
|
|
361
|
+
return cleanString(value.topicId);
|
|
591
362
|
}
|
|
592
363
|
function resolveText(value) {
|
|
593
|
-
return
|
|
364
|
+
return cleanString(value.text) ?? cleanString(value.canonicalText);
|
|
594
365
|
}
|
|
595
366
|
function withTopicAlias(value) {
|
|
596
|
-
const topicId =
|
|
367
|
+
const topicId = cleanString(value.topicId) ?? void 0;
|
|
597
368
|
if (!topicId) {
|
|
598
369
|
return value;
|
|
599
370
|
}
|
|
600
371
|
return cloneWith(value, { topicId });
|
|
601
372
|
}
|
|
602
373
|
function withTextAlias(value) {
|
|
603
|
-
const text =
|
|
374
|
+
const text = cleanString(value.text) ?? cleanString(value.canonicalText) ?? void 0;
|
|
604
375
|
if (!text) {
|
|
605
376
|
return value;
|
|
606
377
|
}
|
|
@@ -626,9 +397,11 @@ function normalizeNodeWriteInput(value) {
|
|
|
626
397
|
}
|
|
627
398
|
return next;
|
|
628
399
|
}
|
|
629
|
-
|
|
400
|
+
function normalizeNodeVerificationStatus(value) {
|
|
401
|
+
return normalizeVerificationStatus(value);
|
|
402
|
+
}
|
|
630
403
|
function normalizeTopicQuery(value) {
|
|
631
|
-
const topicId =
|
|
404
|
+
const topicId = cleanString(value.topicId);
|
|
632
405
|
if (!topicId) {
|
|
633
406
|
return value;
|
|
634
407
|
}
|
|
@@ -653,10 +426,7 @@ function createListResult(items, legacyKey) {
|
|
|
653
426
|
total: items.length
|
|
654
427
|
};
|
|
655
428
|
if (legacyKey) {
|
|
656
|
-
|
|
657
|
-
...result,
|
|
658
|
-
[legacyKey]: items
|
|
659
|
-
};
|
|
429
|
+
result[legacyKey] = items;
|
|
660
430
|
}
|
|
661
431
|
return result;
|
|
662
432
|
}
|
|
@@ -676,7 +446,7 @@ function mapAliasedList(data, legacyKey) {
|
|
|
676
446
|
// src/ontologyClient.ts
|
|
677
447
|
function createOntologyClient(config = {}) {
|
|
678
448
|
const gateway = createGatewayRequestClient(config);
|
|
679
|
-
|
|
449
|
+
return {
|
|
680
450
|
/**
|
|
681
451
|
* List ontology definitions matching optional filters.
|
|
682
452
|
*/
|
|
@@ -685,14 +455,13 @@ function createOntologyClient(config = {}) {
|
|
|
685
455
|
path: `/api/platform/v1/ontologies${toQueryString(filters)}`
|
|
686
456
|
}).then(
|
|
687
457
|
(response) => mapGatewayData(response, (data) => {
|
|
688
|
-
const record =
|
|
689
|
-
const ontologies =
|
|
690
|
-
const
|
|
691
|
-
const total = typeof record.total === "number" && Number.isFinite(record.total) ? record.total : definitions.length;
|
|
458
|
+
const record = data && typeof data === "object" && !Array.isArray(data) ? data : {};
|
|
459
|
+
const ontologies = Array.isArray(record.ontologies) ? record.ontologies : Array.isArray(record.definitions) ? record.definitions : Array.isArray(data) ? data : [];
|
|
460
|
+
const total = typeof record.total === "number" && Number.isFinite(record.total) ? record.total : ontologies.length;
|
|
692
461
|
return {
|
|
693
462
|
...record,
|
|
694
|
-
...createListResult(
|
|
695
|
-
ontologies
|
|
463
|
+
...createListResult(ontologies, "definitions"),
|
|
464
|
+
ontologies,
|
|
696
465
|
total
|
|
697
466
|
};
|
|
698
467
|
})
|
|
@@ -719,6 +488,18 @@ function createOntologyClient(config = {}) {
|
|
|
719
488
|
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
720
489
|
});
|
|
721
490
|
},
|
|
491
|
+
/**
|
|
492
|
+
* List ontology definitions.
|
|
493
|
+
*/
|
|
494
|
+
async listDefinitions(filters = {}) {
|
|
495
|
+
return this.list(filters);
|
|
496
|
+
},
|
|
497
|
+
/**
|
|
498
|
+
* Get an ontology definition.
|
|
499
|
+
*/
|
|
500
|
+
async getDefinition(id) {
|
|
501
|
+
return this.get(id);
|
|
502
|
+
},
|
|
722
503
|
/**
|
|
723
504
|
* Create an ontology definition.
|
|
724
505
|
*/
|
|
@@ -760,7 +541,7 @@ function createOntologyClient(config = {}) {
|
|
|
760
541
|
}).then(
|
|
761
542
|
(response) => mapGatewayData(
|
|
762
543
|
response,
|
|
763
|
-
(data) => createListResult(
|
|
544
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "versions")
|
|
764
545
|
)
|
|
765
546
|
);
|
|
766
547
|
},
|
|
@@ -808,19 +589,20 @@ function createOntologyClient(config = {}) {
|
|
|
808
589
|
(data) => createListResult(Array.isArray(data) ? data : [], "topics")
|
|
809
590
|
)
|
|
810
591
|
);
|
|
592
|
+
},
|
|
593
|
+
/**
|
|
594
|
+
* @deprecated Use listTopics.
|
|
595
|
+
*/
|
|
596
|
+
async listTopicsByOntology(ontologyId) {
|
|
597
|
+
return this.listTopics(ontologyId);
|
|
811
598
|
}
|
|
812
599
|
};
|
|
813
|
-
return Object.assign(client, {
|
|
814
|
-
listDefinitions: client.list,
|
|
815
|
-
getDefinition: client.get,
|
|
816
|
-
listTopicsByOntology: client.listTopics
|
|
817
|
-
});
|
|
818
600
|
}
|
|
819
601
|
|
|
820
602
|
// src/graphClient.ts
|
|
821
603
|
function createGraphClient(config = {}) {
|
|
822
604
|
const gateway = createGatewayRequestClient(config);
|
|
823
|
-
|
|
605
|
+
return {
|
|
824
606
|
/**
|
|
825
607
|
* List graph nodes matching the provided filters.
|
|
826
608
|
*/
|
|
@@ -833,6 +615,12 @@ function createGraphClient(config = {}) {
|
|
|
833
615
|
(response) => mapGatewayData(response, (data) => mapAliasedList(data, "nodes"))
|
|
834
616
|
);
|
|
835
617
|
},
|
|
618
|
+
/**
|
|
619
|
+
* @deprecated Use listNodes.
|
|
620
|
+
*/
|
|
621
|
+
async queryNodes(query) {
|
|
622
|
+
return this.listNodes(query);
|
|
623
|
+
},
|
|
836
624
|
/**
|
|
837
625
|
* Retrieve a single graph node by nodeId or globalId.
|
|
838
626
|
*/
|
|
@@ -943,6 +731,12 @@ function createGraphClient(config = {}) {
|
|
|
943
731
|
)
|
|
944
732
|
);
|
|
945
733
|
},
|
|
734
|
+
/**
|
|
735
|
+
* @deprecated Use listEdges.
|
|
736
|
+
*/
|
|
737
|
+
async queryEdges(query) {
|
|
738
|
+
return this.listEdges(query);
|
|
739
|
+
},
|
|
946
740
|
/**
|
|
947
741
|
* Create a graph edge.
|
|
948
742
|
*/
|
|
@@ -1030,6 +824,12 @@ function createGraphClient(config = {}) {
|
|
|
1030
824
|
body: normalizeTopicQuery(query)
|
|
1031
825
|
});
|
|
1032
826
|
},
|
|
827
|
+
/**
|
|
828
|
+
* Retrieve a graph neighborhood around a root node.
|
|
829
|
+
*/
|
|
830
|
+
async getNeighborhood(query) {
|
|
831
|
+
return this.neighborhood(query);
|
|
832
|
+
},
|
|
1033
833
|
/**
|
|
1034
834
|
* Retrieve the shortest known path between two graph nodes.
|
|
1035
835
|
*/
|
|
@@ -1047,151 +847,6 @@ function createGraphClient(config = {}) {
|
|
|
1047
847
|
});
|
|
1048
848
|
}
|
|
1049
849
|
};
|
|
1050
|
-
return Object.assign(client, {
|
|
1051
|
-
queryNodes: client.listNodes,
|
|
1052
|
-
queryEdges: client.listEdges,
|
|
1053
|
-
getNeighborhood: client.neighborhood
|
|
1054
|
-
});
|
|
1055
|
-
}
|
|
1056
|
-
|
|
1057
|
-
// src/boundaryClientSurface.ts
|
|
1058
|
-
function cleanOptionalString(value) {
|
|
1059
|
-
const normalized = value?.trim();
|
|
1060
|
-
return normalized ? normalized : void 0;
|
|
1061
|
-
}
|
|
1062
|
-
function isRecord3(value) {
|
|
1063
|
-
return Boolean(value) && typeof value === "object" && !Array.isArray(value);
|
|
1064
|
-
}
|
|
1065
|
-
function cleanRequiredString(value, label) {
|
|
1066
|
-
const normalized = cleanOptionalString(value);
|
|
1067
|
-
if (!normalized) {
|
|
1068
|
-
throw new Error(`${label} is required`);
|
|
1069
|
-
}
|
|
1070
|
-
return normalized;
|
|
1071
|
-
}
|
|
1072
|
-
function assertKnownKeys(input, allowed, operation) {
|
|
1073
|
-
const allowedSet = new Set(allowed);
|
|
1074
|
-
const unknownKeys = Object.keys(input).filter((key) => !allowedSet.has(key));
|
|
1075
|
-
if (unknownKeys.length > 0) {
|
|
1076
|
-
throw new Error(
|
|
1077
|
-
`${operation} received unsupported field(s): ${unknownKeys.join(", ")}`
|
|
1078
|
-
);
|
|
1079
|
-
}
|
|
1080
|
-
}
|
|
1081
|
-
function knownPayload(input, allowed, operation) {
|
|
1082
|
-
assertKnownKeys(input, allowed, operation);
|
|
1083
|
-
return { ...input };
|
|
1084
|
-
}
|
|
1085
|
-
function listResultFromEnvelope(data, legacyKey) {
|
|
1086
|
-
const record = isRecord3(data) ? data : {};
|
|
1087
|
-
const legacyItems = record[legacyKey];
|
|
1088
|
-
return createListResult(
|
|
1089
|
-
Array.isArray(legacyItems) ? legacyItems : Array.isArray(data) ? data : [],
|
|
1090
|
-
legacyKey
|
|
1091
|
-
);
|
|
1092
|
-
}
|
|
1093
|
-
|
|
1094
|
-
// src/control-plane.ts
|
|
1095
|
-
var LucernControlPlaneIdentityError = class extends Error {
|
|
1096
|
-
reason;
|
|
1097
|
-
principalStatus;
|
|
1098
|
-
tenantStatus;
|
|
1099
|
-
workspaceStatus;
|
|
1100
|
-
details;
|
|
1101
|
-
constructor(failure) {
|
|
1102
|
-
super(failure.message);
|
|
1103
|
-
this.name = "LucernControlPlaneIdentityError";
|
|
1104
|
-
this.reason = failure.reason;
|
|
1105
|
-
this.principalStatus = failure.principalStatus;
|
|
1106
|
-
this.tenantStatus = failure.tenantStatus;
|
|
1107
|
-
this.workspaceStatus = failure.workspaceStatus;
|
|
1108
|
-
this.details = failure.details;
|
|
1109
|
-
}
|
|
1110
|
-
};
|
|
1111
|
-
function cleanString3(value) {
|
|
1112
|
-
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
1113
|
-
}
|
|
1114
|
-
function stringList(value) {
|
|
1115
|
-
if (!Array.isArray(value)) {
|
|
1116
|
-
return [];
|
|
1117
|
-
}
|
|
1118
|
-
return [
|
|
1119
|
-
...new Set(
|
|
1120
|
-
value.filter((entry) => typeof entry === "string").map((entry) => entry.trim()).filter(Boolean)
|
|
1121
|
-
)
|
|
1122
|
-
];
|
|
1123
|
-
}
|
|
1124
|
-
function principalType(value) {
|
|
1125
|
-
switch (value) {
|
|
1126
|
-
case "service":
|
|
1127
|
-
case "service_principal":
|
|
1128
|
-
return "service";
|
|
1129
|
-
case "agent":
|
|
1130
|
-
return "agent";
|
|
1131
|
-
case "group":
|
|
1132
|
-
return "group";
|
|
1133
|
-
case "external_viewer":
|
|
1134
|
-
case "external_stakeholder":
|
|
1135
|
-
return "external_viewer";
|
|
1136
|
-
default:
|
|
1137
|
-
return "human";
|
|
1138
|
-
}
|
|
1139
|
-
}
|
|
1140
|
-
function adminFlags(roles) {
|
|
1141
|
-
const normalized = roles.map((role) => role.toLowerCase());
|
|
1142
|
-
const isPlatformAdmin = normalized.includes("platform_admin");
|
|
1143
|
-
const isTenantAdmin = isPlatformAdmin || normalized.includes("tenant_admin");
|
|
1144
|
-
const isWorkspaceAdmin = isTenantAdmin || normalized.includes("workspace_admin") || normalized.includes("workspace_owner");
|
|
1145
|
-
return { isPlatformAdmin, isTenantAdmin, isWorkspaceAdmin };
|
|
1146
|
-
}
|
|
1147
|
-
function normalizeResolvedInteractivePrincipal(payload) {
|
|
1148
|
-
if ("ok" in payload && payload.ok === false) {
|
|
1149
|
-
throw new LucernControlPlaneIdentityError(payload);
|
|
1150
|
-
}
|
|
1151
|
-
const principalId = cleanString3(payload.principalId);
|
|
1152
|
-
const clerkId = cleanString3(payload.clerkId);
|
|
1153
|
-
const tenantId = cleanString3(payload.tenantId);
|
|
1154
|
-
if (!principalId || !clerkId || !tenantId) {
|
|
1155
|
-
throw new LucernControlPlaneIdentityError({
|
|
1156
|
-
ok: false,
|
|
1157
|
-
reason: "resolver_unavailable",
|
|
1158
|
-
message: "Control-plane principal resolver returned an incomplete principal context.",
|
|
1159
|
-
principalStatus: payload.principalStatus ?? "missing",
|
|
1160
|
-
tenantStatus: payload.tenantStatus,
|
|
1161
|
-
workspaceStatus: payload.workspaceStatus
|
|
1162
|
-
});
|
|
1163
|
-
}
|
|
1164
|
-
const roles = stringList(payload.roles);
|
|
1165
|
-
const scopes = stringList(payload.scopes);
|
|
1166
|
-
const workspaceId = cleanString3(payload.workspaceId) ?? null;
|
|
1167
|
-
const flags = adminFlags(roles);
|
|
1168
|
-
return {
|
|
1169
|
-
principalId,
|
|
1170
|
-
principalType: principalType(payload.principalType),
|
|
1171
|
-
clerkId,
|
|
1172
|
-
tenantId,
|
|
1173
|
-
workspaceId,
|
|
1174
|
-
roles,
|
|
1175
|
-
scopes,
|
|
1176
|
-
groupIds: stringList(payload.groupIds),
|
|
1177
|
-
permittedToolNames: stringList(payload.permittedToolNames),
|
|
1178
|
-
permittedPackKeys: stringList(payload.permittedPackKeys),
|
|
1179
|
-
principalStatus: cleanString3(payload.principalStatus) ?? "active",
|
|
1180
|
-
tenantStatus: cleanString3(payload.tenantStatus) ?? "active",
|
|
1181
|
-
workspaceStatus: cleanString3(payload.workspaceStatus) ?? (workspaceId ? "active" : "none"),
|
|
1182
|
-
isPlatformAdmin: typeof payload.isPlatformAdmin === "boolean" ? payload.isPlatformAdmin : flags.isPlatformAdmin,
|
|
1183
|
-
isTenantAdmin: typeof payload.isTenantAdmin === "boolean" ? payload.isTenantAdmin : flags.isTenantAdmin,
|
|
1184
|
-
isWorkspaceAdmin: typeof payload.isWorkspaceAdmin === "boolean" ? payload.isWorkspaceAdmin : flags.isWorkspaceAdmin,
|
|
1185
|
-
permit: {
|
|
1186
|
-
subject: cleanString3(payload.permit?.subject) ?? principalId,
|
|
1187
|
-
tenant: cleanString3(payload.permit?.tenant) ?? tenantId,
|
|
1188
|
-
...workspaceId ? { workspace: cleanString3(payload.permit?.workspace) ?? workspaceId } : {}
|
|
1189
|
-
},
|
|
1190
|
-
authMode: "interactive_user",
|
|
1191
|
-
sessionId: payload.sessionId,
|
|
1192
|
-
delegatedBy: payload.delegatedBy,
|
|
1193
|
-
expiresAt: payload.expiresAt
|
|
1194
|
-
};
|
|
1195
850
|
}
|
|
1196
851
|
|
|
1197
852
|
// src/identityClient.ts
|
|
@@ -1205,37 +860,6 @@ function createIdentityWhoamiClient(config = {}) {
|
|
|
1205
860
|
}
|
|
1206
861
|
};
|
|
1207
862
|
}
|
|
1208
|
-
var TENANT_IDENTITY_FIELDS = [
|
|
1209
|
-
"tenantId",
|
|
1210
|
-
"workspaceId",
|
|
1211
|
-
"principalId",
|
|
1212
|
-
"integrationKey",
|
|
1213
|
-
"secretRef",
|
|
1214
|
-
"policySubject",
|
|
1215
|
-
"policyAction",
|
|
1216
|
-
"policyResource",
|
|
1217
|
-
"decision",
|
|
1218
|
-
"config",
|
|
1219
|
-
"configKey",
|
|
1220
|
-
"configValue",
|
|
1221
|
-
"provider",
|
|
1222
|
-
"status",
|
|
1223
|
-
"metadata",
|
|
1224
|
-
"limit",
|
|
1225
|
-
"cursor"
|
|
1226
|
-
];
|
|
1227
|
-
function tenantIdentityQuery(input) {
|
|
1228
|
-
return {
|
|
1229
|
-
tenantId: cleanRequiredString(input.tenantId, "tenantId"),
|
|
1230
|
-
workspaceId: input.workspaceId,
|
|
1231
|
-
principalId: input.principalId,
|
|
1232
|
-
limit: input.limit,
|
|
1233
|
-
cursor: input.cursor
|
|
1234
|
-
};
|
|
1235
|
-
}
|
|
1236
|
-
function tenantIdentityBody(input, operation) {
|
|
1237
|
-
return knownPayload(input, TENANT_IDENTITY_FIELDS, operation);
|
|
1238
|
-
}
|
|
1239
863
|
function createIdentityClient(config = {}) {
|
|
1240
864
|
const gateway = createGatewayRequestClient(config);
|
|
1241
865
|
const whoamiClient = createIdentityWhoamiClient(config);
|
|
@@ -1245,13 +869,6 @@ function createIdentityClient(config = {}) {
|
|
|
1245
869
|
body: input,
|
|
1246
870
|
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1247
871
|
});
|
|
1248
|
-
const updatePrincipal = (input, idempotencyKey) => requestPrincipalWrite("PATCH", input, idempotencyKey);
|
|
1249
|
-
const deleteKey = (keyId, input = {}, idempotencyKey) => gateway.request({
|
|
1250
|
-
path: `/api/platform/v1/identity/keys/${encodeURIComponent(keyId)}/revoke`,
|
|
1251
|
-
method: "POST",
|
|
1252
|
-
body: input,
|
|
1253
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1254
|
-
});
|
|
1255
872
|
return {
|
|
1256
873
|
/**
|
|
1257
874
|
* Resolve the current authenticated identity summary.
|
|
@@ -1261,25 +878,13 @@ function createIdentityClient(config = {}) {
|
|
|
1261
878
|
(response) => mapGatewayData(response, (data) => ({
|
|
1262
879
|
principalId: data.principalId,
|
|
1263
880
|
principalType: data.principalType,
|
|
1264
|
-
clerkId: data.clerkId,
|
|
1265
881
|
tenantId: data.tenantId ?? null,
|
|
1266
882
|
workspaceId: data.workspaceId ?? null,
|
|
1267
883
|
scopes: Array.isArray(data.scopes) ? data.scopes : [],
|
|
1268
884
|
roles: Array.isArray(data.roles) ? data.roles : [],
|
|
1269
|
-
groupIds: Array.isArray(data.groupIds) ? data.groupIds : [],
|
|
1270
|
-
permittedToolNames: Array.isArray(data.permittedToolNames) ? data.permittedToolNames : [],
|
|
1271
|
-
permittedPackKeys: Array.isArray(data.permittedPackKeys) ? data.permittedPackKeys : [],
|
|
1272
|
-
principalStatus: data.principalStatus,
|
|
1273
|
-
tenantStatus: data.tenantStatus,
|
|
1274
|
-
workspaceStatus: data.workspaceStatus,
|
|
1275
885
|
isPlatformAdmin: data.isPlatformAdmin === true,
|
|
1276
886
|
isTenantAdmin: data.isTenantAdmin === true,
|
|
1277
887
|
isWorkspaceAdmin: data.isWorkspaceAdmin === true,
|
|
1278
|
-
permit: data.permit ?? (data.tenantId ? {
|
|
1279
|
-
subject: data.principalId,
|
|
1280
|
-
tenant: data.tenantId,
|
|
1281
|
-
...data.workspaceId ? { workspace: data.workspaceId } : {}
|
|
1282
|
-
} : void 0),
|
|
1283
888
|
authMode: data.authMode,
|
|
1284
889
|
sessionId: data.sessionId,
|
|
1285
890
|
delegatedBy: data.delegatedBy,
|
|
@@ -1287,19 +892,6 @@ function createIdentityClient(config = {}) {
|
|
|
1287
892
|
}))
|
|
1288
893
|
);
|
|
1289
894
|
},
|
|
1290
|
-
/**
|
|
1291
|
-
* Resolve a Clerk subject through the tenant control-plane Permit projection.
|
|
1292
|
-
* @deprecated Prefer lucern.controlPlane.identity.resolveInteractivePrincipal().
|
|
1293
|
-
*/
|
|
1294
|
-
async resolveInteractivePrincipal(input) {
|
|
1295
|
-
return gateway.request({
|
|
1296
|
-
path: "/api/platform/v1/control-plane/identity/resolve-interactive-principal",
|
|
1297
|
-
method: "POST",
|
|
1298
|
-
body: input
|
|
1299
|
-
}).then(
|
|
1300
|
-
(response) => mapGatewayData(response, normalizeResolvedInteractivePrincipal)
|
|
1301
|
-
);
|
|
1302
|
-
},
|
|
1303
895
|
/**
|
|
1304
896
|
* List principals in the current identity scope.
|
|
1305
897
|
*/
|
|
@@ -1325,11 +917,15 @@ function createIdentityClient(config = {}) {
|
|
|
1325
917
|
/**
|
|
1326
918
|
* Update a principal.
|
|
1327
919
|
*/
|
|
1328
|
-
updatePrincipal,
|
|
920
|
+
async updatePrincipal(input, idempotencyKey) {
|
|
921
|
+
return requestPrincipalWrite("PATCH", input, idempotencyKey);
|
|
922
|
+
},
|
|
1329
923
|
/**
|
|
1330
924
|
* @deprecated Use createPrincipal or updatePrincipal.
|
|
1331
925
|
*/
|
|
1332
|
-
upsertPrincipal
|
|
926
|
+
async upsertPrincipal(input, idempotencyKey) {
|
|
927
|
+
return requestPrincipalWrite("PATCH", input, idempotencyKey);
|
|
928
|
+
},
|
|
1333
929
|
/**
|
|
1334
930
|
* List keys in the current identity scope.
|
|
1335
931
|
*/
|
|
@@ -1368,11 +964,20 @@ function createIdentityClient(config = {}) {
|
|
|
1368
964
|
/**
|
|
1369
965
|
* Delete an API key by revoking it.
|
|
1370
966
|
*/
|
|
1371
|
-
deleteKey,
|
|
967
|
+
async deleteKey(keyId, input = {}, idempotencyKey) {
|
|
968
|
+
return gateway.request({
|
|
969
|
+
path: `/api/platform/v1/identity/keys/${encodeURIComponent(keyId)}/revoke`,
|
|
970
|
+
method: "POST",
|
|
971
|
+
body: input,
|
|
972
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
973
|
+
});
|
|
974
|
+
},
|
|
1372
975
|
/**
|
|
1373
976
|
* @deprecated Use deleteKey.
|
|
1374
977
|
*/
|
|
1375
|
-
revokeKey
|
|
978
|
+
async revokeKey(keyId, input = {}, idempotencyKey) {
|
|
979
|
+
return this.deleteKey(keyId, input, idempotencyKey);
|
|
980
|
+
},
|
|
1376
981
|
/**
|
|
1377
982
|
* Search Clerk users by email or display attributes.
|
|
1378
983
|
*/
|
|
@@ -1380,120 +985,20 @@ function createIdentityClient(config = {}) {
|
|
|
1380
985
|
return gateway.request({
|
|
1381
986
|
path: `/api/platform/v1/identity/clerk-users${toQueryString({ q })}`
|
|
1382
987
|
});
|
|
1383
|
-
},
|
|
1384
|
-
async getTenantConfig(input) {
|
|
1385
|
-
return gateway.request({
|
|
1386
|
-
path: `/api/platform/v1/identity/tenant-config${toQueryString(
|
|
1387
|
-
tenantIdentityQuery(input)
|
|
1388
|
-
)}`
|
|
1389
|
-
});
|
|
1390
|
-
},
|
|
1391
|
-
async updateTenantConfig(input, idempotencyKey) {
|
|
1392
|
-
cleanRequiredString(input.tenantId, "tenantId");
|
|
1393
|
-
return gateway.request({
|
|
1394
|
-
path: "/api/platform/v1/identity/tenant-config",
|
|
1395
|
-
method: "PATCH",
|
|
1396
|
-
body: tenantIdentityBody(
|
|
1397
|
-
input,
|
|
1398
|
-
"identity.updateTenantConfig"
|
|
1399
|
-
),
|
|
1400
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1401
|
-
});
|
|
1402
|
-
},
|
|
1403
|
-
async listIntegrations(input) {
|
|
1404
|
-
return gateway.request({
|
|
1405
|
-
path: `/api/platform/v1/identity/integrations${toQueryString(
|
|
1406
|
-
tenantIdentityQuery(input)
|
|
1407
|
-
)}`
|
|
1408
|
-
}).then(
|
|
1409
|
-
(response) => mapGatewayData(
|
|
1410
|
-
response,
|
|
1411
|
-
(data) => listResultFromEnvelope(
|
|
1412
|
-
data,
|
|
1413
|
-
"integrations"
|
|
1414
|
-
)
|
|
1415
|
-
)
|
|
1416
|
-
);
|
|
1417
|
-
},
|
|
1418
|
-
async upsertIntegration(input, idempotencyKey) {
|
|
1419
|
-
cleanRequiredString(input.tenantId, "tenantId");
|
|
1420
|
-
cleanRequiredString(input.integrationKey, "integrationKey");
|
|
1421
|
-
return gateway.request({
|
|
1422
|
-
path: "/api/platform/v1/identity/integrations",
|
|
1423
|
-
method: "PUT",
|
|
1424
|
-
body: tenantIdentityBody(
|
|
1425
|
-
input,
|
|
1426
|
-
"identity.upsertIntegration"
|
|
1427
|
-
),
|
|
1428
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1429
|
-
});
|
|
1430
|
-
},
|
|
1431
|
-
async listSecrets(input) {
|
|
1432
|
-
return gateway.request({
|
|
1433
|
-
path: `/api/platform/v1/identity/secrets${toQueryString(
|
|
1434
|
-
tenantIdentityQuery(input)
|
|
1435
|
-
)}`
|
|
1436
|
-
}).then(
|
|
1437
|
-
(response) => mapGatewayData(
|
|
1438
|
-
response,
|
|
1439
|
-
(data) => listResultFromEnvelope(
|
|
1440
|
-
data,
|
|
1441
|
-
"secrets"
|
|
1442
|
-
)
|
|
1443
|
-
)
|
|
1444
|
-
);
|
|
1445
|
-
},
|
|
1446
|
-
async putSecretReference(input, idempotencyKey) {
|
|
1447
|
-
cleanRequiredString(input.tenantId, "tenantId");
|
|
1448
|
-
cleanRequiredString(input.secretRef, "secretRef");
|
|
1449
|
-
return gateway.request({
|
|
1450
|
-
path: "/api/platform/v1/identity/secrets",
|
|
1451
|
-
method: "PUT",
|
|
1452
|
-
body: tenantIdentityBody(
|
|
1453
|
-
input,
|
|
1454
|
-
"identity.putSecretReference"
|
|
1455
|
-
),
|
|
1456
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1457
|
-
});
|
|
1458
|
-
},
|
|
1459
|
-
async evaluatePolicy(input, idempotencyKey) {
|
|
1460
|
-
cleanRequiredString(input.tenantId, "tenantId");
|
|
1461
|
-
cleanRequiredString(input.policySubject, "policySubject");
|
|
1462
|
-
cleanRequiredString(input.policyAction, "policyAction");
|
|
1463
|
-
cleanRequiredString(input.policyResource, "policyResource");
|
|
1464
|
-
return gateway.request({
|
|
1465
|
-
path: "/api/platform/v1/identity/policy/evaluate",
|
|
1466
|
-
method: "POST",
|
|
1467
|
-
body: tenantIdentityBody(
|
|
1468
|
-
input,
|
|
1469
|
-
"identity.evaluatePolicy"
|
|
1470
|
-
),
|
|
1471
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1472
|
-
});
|
|
1473
|
-
},
|
|
1474
|
-
async recordPolicyDecision(input, idempotencyKey) {
|
|
1475
|
-
cleanRequiredString(input.tenantId, "tenantId");
|
|
1476
|
-
cleanRequiredString(input.decision, "decision");
|
|
1477
|
-
return gateway.request({
|
|
1478
|
-
path: "/api/platform/v1/identity/policy/decisions",
|
|
1479
|
-
method: "POST",
|
|
1480
|
-
body: tenantIdentityBody(
|
|
1481
|
-
input,
|
|
1482
|
-
"identity.recordPolicyDecision"
|
|
1483
|
-
),
|
|
1484
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1485
|
-
});
|
|
1486
988
|
}
|
|
1487
989
|
};
|
|
1488
990
|
}
|
|
1489
991
|
|
|
1490
992
|
// src/topicsClient.ts
|
|
1491
|
-
function
|
|
993
|
+
function asRecord2(value) {
|
|
994
|
+
return value && typeof value === "object" ? value : {};
|
|
995
|
+
}
|
|
996
|
+
function cleanString2(value) {
|
|
1492
997
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
1493
998
|
}
|
|
1494
999
|
function normalizeTopicRecord(value) {
|
|
1495
|
-
const record =
|
|
1496
|
-
const topicId =
|
|
1000
|
+
const record = asRecord2(value);
|
|
1001
|
+
const topicId = cleanString2(record.topicId) ?? cleanString2(record.id) ?? cleanString2(record._id);
|
|
1497
1002
|
return withTopicAlias({
|
|
1498
1003
|
...record,
|
|
1499
1004
|
...topicId ? { topicId } : {}
|
|
@@ -1517,7 +1022,7 @@ function createTopicsClient(config = {}) {
|
|
|
1517
1022
|
})}`
|
|
1518
1023
|
}).then(
|
|
1519
1024
|
(response) => mapGatewayData(response, (data) => {
|
|
1520
|
-
const record =
|
|
1025
|
+
const record = asRecord2(data);
|
|
1521
1026
|
const items = Array.isArray(record.topics) ? record.topics.map(normalizeTopicRecord) : [];
|
|
1522
1027
|
return {
|
|
1523
1028
|
...createListResult(items, "topics"),
|
|
@@ -1534,7 +1039,7 @@ function createTopicsClient(config = {}) {
|
|
|
1534
1039
|
}).then(
|
|
1535
1040
|
(response) => mapGatewayData(
|
|
1536
1041
|
response,
|
|
1537
|
-
(data) => normalizeTopicRecord(
|
|
1042
|
+
(data) => normalizeTopicRecord(asRecord2(data).topic ?? data)
|
|
1538
1043
|
)
|
|
1539
1044
|
);
|
|
1540
1045
|
},
|
|
@@ -1570,7 +1075,7 @@ function createTopicsClient(config = {}) {
|
|
|
1570
1075
|
)}`
|
|
1571
1076
|
}).then(
|
|
1572
1077
|
(response) => mapGatewayData(response, (data) => {
|
|
1573
|
-
const record =
|
|
1078
|
+
const record = asRecord2(data);
|
|
1574
1079
|
return {
|
|
1575
1080
|
tree: Array.isArray(record.tree) ? record.tree.map(normalizeTopicTreeNode) : []
|
|
1576
1081
|
};
|
|
@@ -1989,7 +1494,7 @@ function createEventsFacade(config = {}) {
|
|
|
1989
1494
|
function createGraphFacade(config = {}) {
|
|
1990
1495
|
const graphClient = createGraphClient(config);
|
|
1991
1496
|
const gateway = createGatewayRequestClient(config);
|
|
1992
|
-
|
|
1497
|
+
return {
|
|
1993
1498
|
async neighborhood(input) {
|
|
1994
1499
|
return graphClient.neighborhood({
|
|
1995
1500
|
globalId: input.globalId,
|
|
@@ -1997,6 +1502,18 @@ function createGraphFacade(config = {}) {
|
|
|
1997
1502
|
maxDepth: input.maxDepth
|
|
1998
1503
|
});
|
|
1999
1504
|
},
|
|
1505
|
+
async traverse(input) {
|
|
1506
|
+
return graphClient.traverse(input);
|
|
1507
|
+
},
|
|
1508
|
+
async analyze(input = {}) {
|
|
1509
|
+
return graphClient.analyze(input);
|
|
1510
|
+
},
|
|
1511
|
+
async bias(input = {}) {
|
|
1512
|
+
return graphClient.bias(input);
|
|
1513
|
+
},
|
|
1514
|
+
async gaps(input) {
|
|
1515
|
+
return graphClient.gaps(input);
|
|
1516
|
+
},
|
|
2000
1517
|
async falsify(input, idempotencyKey = randomIdempotencyKey()) {
|
|
2001
1518
|
return gateway.request({
|
|
2002
1519
|
path: "/api/platform/v1/graph/falsify",
|
|
@@ -2006,12 +1523,6 @@ function createGraphFacade(config = {}) {
|
|
|
2006
1523
|
});
|
|
2007
1524
|
}
|
|
2008
1525
|
};
|
|
2009
|
-
return Object.assign(graphFacade, {
|
|
2010
|
-
traverse: graphClient.traverse,
|
|
2011
|
-
analyze: graphClient.analyze,
|
|
2012
|
-
bias: graphClient.bias,
|
|
2013
|
-
gaps: graphClient.gaps
|
|
2014
|
-
});
|
|
2015
1526
|
}
|
|
2016
1527
|
function createIdentityFacade(config = {}) {
|
|
2017
1528
|
const identityClient = createIdentityClient(config);
|
|
@@ -2025,12 +1536,15 @@ function createIdentityFacade(config = {}) {
|
|
|
2025
1536
|
function createOntologiesFacade(config = {}) {
|
|
2026
1537
|
const ontologyClient = createOntologyClient(config);
|
|
2027
1538
|
const gateway = createGatewayRequestClient(config);
|
|
2028
|
-
|
|
1539
|
+
return {
|
|
2029
1540
|
async get(id) {
|
|
2030
1541
|
return gateway.request({
|
|
2031
1542
|
path: `/api/platform/v1/ontologies/${encodeURIComponent(id)}`
|
|
2032
1543
|
});
|
|
2033
1544
|
},
|
|
1545
|
+
async list(query = {}) {
|
|
1546
|
+
return ontologyClient.list(query);
|
|
1547
|
+
},
|
|
2034
1548
|
async bind(input, idempotencyKey) {
|
|
2035
1549
|
return gateway.request({
|
|
2036
1550
|
path: `/api/platform/v1/ontologies/${encodeURIComponent(input.ontologyId)}/bind`,
|
|
@@ -2050,9 +1564,6 @@ function createOntologiesFacade(config = {}) {
|
|
|
2050
1564
|
});
|
|
2051
1565
|
}
|
|
2052
1566
|
};
|
|
2053
|
-
return Object.assign(ontologyFacade, {
|
|
2054
|
-
list: ontologyClient.list
|
|
2055
|
-
});
|
|
2056
1567
|
}
|
|
2057
1568
|
function createQuestionsFacade(config = {}) {
|
|
2058
1569
|
const gateway = createGatewayRequestClient(config);
|
|
@@ -2212,8 +1723,6 @@ function createTasksFacade(config = {}) {
|
|
|
2212
1723
|
description: input.description,
|
|
2213
1724
|
priority: input.priority,
|
|
2214
1725
|
status: input.status,
|
|
2215
|
-
assigneeId: input.assigneeId,
|
|
2216
|
-
blockedReason: input.blockedReason,
|
|
2217
1726
|
linkedBeliefId: input.linkedBeliefId,
|
|
2218
1727
|
linkedQuestionId: input.linkedQuestionId,
|
|
2219
1728
|
linkedWorktreeId: input.linkedWorktreeId,
|
|
@@ -2247,9 +1756,15 @@ function createTasksFacade(config = {}) {
|
|
|
2247
1756
|
function createTopicsFacade(config = {}) {
|
|
2248
1757
|
const topicsClient = createTopicsClient(config);
|
|
2249
1758
|
return {
|
|
2250
|
-
|
|
2251
|
-
|
|
2252
|
-
|
|
1759
|
+
async create(input, idempotencyKey) {
|
|
1760
|
+
return topicsClient.create(input, idempotencyKey);
|
|
1761
|
+
},
|
|
1762
|
+
async get(id) {
|
|
1763
|
+
return topicsClient.get(id);
|
|
1764
|
+
},
|
|
1765
|
+
async list(query = {}) {
|
|
1766
|
+
return topicsClient.list(query);
|
|
1767
|
+
},
|
|
2253
1768
|
async update(input, idempotencyKey) {
|
|
2254
1769
|
const { id, ...rest } = input;
|
|
2255
1770
|
return topicsClient.update(id, rest, idempotencyKey);
|
|
@@ -2265,8 +1780,12 @@ function createTopicsFacade(config = {}) {
|
|
|
2265
1780
|
maxDepth: input.maxDepth
|
|
2266
1781
|
});
|
|
2267
1782
|
},
|
|
2268
|
-
|
|
2269
|
-
|
|
1783
|
+
async remove(id, idempotencyKey = randomIdempotencyKey()) {
|
|
1784
|
+
return topicsClient.remove(id, idempotencyKey);
|
|
1785
|
+
},
|
|
1786
|
+
async bulkCreate(input, idempotencyKey = randomIdempotencyKey()) {
|
|
1787
|
+
return topicsClient.bulkCreate(input, idempotencyKey);
|
|
1788
|
+
}
|
|
2270
1789
|
};
|
|
2271
1790
|
}
|
|
2272
1791
|
function createWebhooksFacade(config = {}) {
|