@lucern/sdk 0.3.0-alpha.2 → 0.3.0-alpha.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adminClient.d.ts +2 -0
- package/dist/adminClient.js +195 -3
- package/dist/adminClient.js.map +1 -1
- package/dist/answersClient.d.ts +2 -0
- package/dist/answersClient.js +195 -3
- package/dist/answersClient.js.map +1 -1
- package/dist/audiencesClient.d.ts +2 -0
- package/dist/audiencesClient.js +195 -3
- package/dist/audiencesClient.js.map +1 -1
- package/dist/auditClient.d.ts +2 -0
- package/dist/auditClient.js +197 -5
- package/dist/auditClient.js.map +1 -1
- package/dist/authContext.d.ts +56 -0
- package/dist/authContext.js +170 -0
- package/dist/authContext.js.map +1 -0
- package/dist/authDeviceClient.d.ts +49 -0
- package/dist/authDeviceClient.js +108 -0
- package/dist/authDeviceClient.js.map +1 -0
- package/dist/beliefs/index.d.ts +19 -2
- package/dist/beliefs/index.js +2648 -327
- package/dist/beliefs/index.js.map +1 -1
- package/dist/beliefsClient.d.ts +2 -0
- package/dist/beliefsClient.js +199 -7
- package/dist/beliefsClient.js.map +1 -1
- package/dist/boundaryClientSurface.d.ts +20 -0
- package/dist/boundaryClientSurface.js +66 -0
- package/dist/boundaryClientSurface.js.map +1 -0
- package/dist/{client-B6aWUUwp.d.ts → client-DOLqClbU.d.ts} +548 -9
- package/dist/client.d.ts +20 -3
- package/dist/client.js +2648 -327
- package/dist/client.js.map +1 -1
- package/dist/contextClient.d.ts +2 -0
- package/dist/contextClient.js +201 -9
- package/dist/contextClient.js.map +1 -1
- package/dist/contracts/api-enums.contract.d.ts +1 -1
- package/dist/contracts/api-enums.contract.js.map +1 -1
- package/dist/contracts/index.d.ts +1 -0
- package/dist/contracts/index.js +104 -1
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/mcpTools.d.ts +46 -1
- package/dist/contracts/mcpTools.js +102 -0
- package/dist/contracts/mcpTools.js.map +1 -1
- package/dist/contradictions/index.d.ts +19 -2
- package/dist/contradictions/index.js +2648 -327
- package/dist/contradictions/index.js.map +1 -1
- package/dist/coreClient.d.ts +9 -0
- package/dist/coreClient.js +195 -3
- package/dist/coreClient.js.map +1 -1
- package/dist/decisions/index.d.ts +19 -2
- package/dist/decisions/index.js +2648 -327
- package/dist/decisions/index.js.map +1 -1
- package/dist/decisionsClient.d.ts +2 -0
- package/dist/decisionsClient.js +198 -6
- package/dist/decisionsClient.js.map +1 -1
- package/dist/edges/index.d.ts +19 -2
- package/dist/edges/index.js +2648 -327
- package/dist/edges/index.js.map +1 -1
- package/dist/embeddingsClient.d.ts +106 -0
- package/dist/embeddingsClient.js +708 -0
- package/dist/embeddingsClient.js.map +1 -0
- package/dist/eventingClient.d.ts +96 -0
- package/dist/eventingClient.js +705 -0
- package/dist/eventingClient.js.map +1 -0
- package/dist/eventsCore.d.ts +2 -0
- package/dist/eventsCore.js +195 -3
- package/dist/eventsCore.js.map +1 -1
- package/dist/evidence/index.d.ts +19 -2
- package/dist/evidence/index.js +2648 -327
- package/dist/evidence/index.js.map +1 -1
- package/dist/evidenceClient.d.ts +2 -0
- package/dist/evidenceClient.js +195 -3
- package/dist/evidenceClient.js.map +1 -1
- package/dist/gatewayFacades.d.ts +38 -3
- package/dist/gatewayFacades.js +371 -12
- package/dist/gatewayFacades.js.map +1 -1
- package/dist/graphAnalysisClient.d.ts +147 -0
- package/dist/graphAnalysisClient.js +756 -0
- package/dist/graphAnalysisClient.js.map +1 -0
- package/dist/graphClient.d.ts +2 -0
- package/dist/graphClient.js +202 -10
- package/dist/graphClient.js.map +1 -1
- package/dist/graphRecommendationsClient.d.ts +56 -0
- package/dist/graphRecommendationsClient.js +646 -0
- package/dist/graphRecommendationsClient.js.map +1 -0
- package/dist/graphStateClassifierClient.d.ts +73 -0
- package/dist/graphStateClassifierClient.js +694 -0
- package/dist/graphStateClassifierClient.js.map +1 -0
- package/dist/harnessClient.d.ts +2 -0
- package/dist/harnessClient.js +197 -5
- package/dist/harnessClient.js.map +1 -1
- package/dist/identityClient.d.ts +89 -3
- package/dist/identityClient.js +363 -4
- package/dist/identityClient.js.map +1 -1
- package/dist/index.d.ts +23 -4
- package/dist/index.js +3098 -353
- package/dist/index.js.map +1 -1
- package/dist/infisicalRuntime.d.ts +42 -0
- package/dist/infisicalRuntime.js +291 -0
- package/dist/infisicalRuntime.js.map +1 -0
- package/dist/jobsClient.d.ts +98 -0
- package/dist/jobsClient.js +704 -0
- package/dist/jobsClient.js.map +1 -0
- package/dist/learningClient.d.ts +2 -0
- package/dist/learningClient.js +197 -5
- package/dist/learningClient.js.map +1 -1
- package/dist/lenses/index.d.ts +43 -2
- package/dist/lenses/index.js +2648 -327
- package/dist/lenses/index.js.map +1 -1
- package/dist/mcpClient.d.ts +28 -0
- package/dist/mcpClient.js +650 -0
- package/dist/mcpClient.js.map +1 -0
- package/dist/modelRuntimeClient.d.ts +72 -0
- package/dist/modelRuntimeClient.js +681 -0
- package/dist/modelRuntimeClient.js.map +1 -0
- package/dist/nodes/index.d.ts +37 -2
- package/dist/nodes/index.js +2648 -327
- package/dist/nodes/index.js.map +1 -1
- package/dist/ontologies/index.d.ts +19 -2
- package/dist/ontologies/index.js +2648 -327
- package/dist/ontologies/index.js.map +1 -1
- package/dist/ontologyClient.d.ts +2 -0
- package/dist/ontologyClient.js +195 -3
- package/dist/ontologyClient.js.map +1 -1
- package/dist/ontologyLinksClient.d.ts +71 -0
- package/dist/ontologyLinksClient.js +675 -0
- package/dist/ontologyLinksClient.js.map +1 -0
- package/dist/orgGraphSearchClient.d.ts +85 -0
- package/dist/orgGraphSearchClient.js +652 -0
- package/dist/orgGraphSearchClient.js.map +1 -0
- package/dist/packRuntime.d.ts +1 -2
- package/dist/packsClient.d.ts +2 -0
- package/dist/packsClient.js +195 -3
- package/dist/packsClient.js.map +1 -1
- package/dist/policyClient.d.ts +2 -0
- package/dist/policyClient.js +195 -3
- package/dist/policyClient.js.map +1 -1
- package/dist/questions/index.d.ts +19 -2
- package/dist/questions/index.js +2648 -327
- package/dist/questions/index.js.map +1 -1
- package/dist/reportsClient.d.ts +2 -0
- package/dist/reportsClient.js +197 -5
- package/dist/reportsClient.js.map +1 -1
- package/dist/schemaClient.d.ts +2 -0
- package/dist/schemaClient.js +195 -3
- package/dist/schemaClient.js.map +1 -1
- package/dist/sdkSurface.d.ts +2 -0
- package/dist/sourcesClient.d.ts +2 -0
- package/dist/sourcesClient.js +195 -3
- package/dist/sourcesClient.js.map +1 -1
- package/dist/telemetryClient.d.ts +94 -0
- package/dist/telemetryClient.js +719 -0
- package/dist/telemetryClient.js.map +1 -0
- package/dist/toolRegistryClient.d.ts +107 -0
- package/dist/toolRegistryClient.js +733 -0
- package/dist/toolRegistryClient.js.map +1 -0
- package/dist/topics/index.d.ts +19 -2
- package/dist/topics/index.js +2648 -327
- package/dist/topics/index.js.map +1 -1
- package/dist/topicsClient.d.ts +2 -0
- package/dist/topicsClient.js +200 -8
- package/dist/topicsClient.js.map +1 -1
- package/dist/workflowClient.d.ts +43 -7
- package/dist/workflowClient.js +200 -8
- package/dist/workflowClient.js.map +1 -1
- package/dist/worktrees/index.d.ts +43 -2
- package/dist/worktrees/index.js +2648 -327
- package/dist/worktrees/index.js.map +1 -1
- package/package.json +3 -3
package/dist/gatewayFacades.js
CHANGED
|
@@ -1,3 +1,170 @@
|
|
|
1
|
+
// src/authContext.ts
|
|
2
|
+
var LucernSdkAuthContextError = class extends Error {
|
|
3
|
+
reason;
|
|
4
|
+
constructor(reason, message) {
|
|
5
|
+
super(message);
|
|
6
|
+
this.name = "LucernSdkAuthContextError";
|
|
7
|
+
this.reason = reason;
|
|
8
|
+
}
|
|
9
|
+
};
|
|
10
|
+
function cleanString(value) {
|
|
11
|
+
const normalized = value?.trim();
|
|
12
|
+
return normalized ? normalized : void 0;
|
|
13
|
+
}
|
|
14
|
+
function cleanStringList(values) {
|
|
15
|
+
if (!values) {
|
|
16
|
+
return [];
|
|
17
|
+
}
|
|
18
|
+
return values.map((value) => value.trim()).filter(
|
|
19
|
+
(value, index, list) => value.length > 0 && list.indexOf(value) === index
|
|
20
|
+
);
|
|
21
|
+
}
|
|
22
|
+
function requireString(value, reason, label) {
|
|
23
|
+
const normalized = cleanString(value);
|
|
24
|
+
if (!normalized) {
|
|
25
|
+
throw new LucernSdkAuthContextError(
|
|
26
|
+
reason,
|
|
27
|
+
`Canonical Lucern SDK auth context is missing ${label}.`
|
|
28
|
+
);
|
|
29
|
+
}
|
|
30
|
+
return normalized;
|
|
31
|
+
}
|
|
32
|
+
function requirePrincipalType(principalType) {
|
|
33
|
+
if (!principalType) {
|
|
34
|
+
throw new LucernSdkAuthContextError(
|
|
35
|
+
"principal_missing",
|
|
36
|
+
"Canonical Lucern SDK auth context is missing principalType."
|
|
37
|
+
);
|
|
38
|
+
}
|
|
39
|
+
return principalType;
|
|
40
|
+
}
|
|
41
|
+
function requireAuthMode(authMode) {
|
|
42
|
+
if (!authMode) {
|
|
43
|
+
throw new LucernSdkAuthContextError(
|
|
44
|
+
"principal_missing",
|
|
45
|
+
"Canonical Lucern SDK auth context is missing authMode."
|
|
46
|
+
);
|
|
47
|
+
}
|
|
48
|
+
return authMode;
|
|
49
|
+
}
|
|
50
|
+
function ensurePermitMatch(args) {
|
|
51
|
+
const actual = cleanString(args.actual);
|
|
52
|
+
if (actual && actual !== args.expected) {
|
|
53
|
+
throw new LucernSdkAuthContextError(
|
|
54
|
+
"policy_denied",
|
|
55
|
+
`Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`
|
|
56
|
+
);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
function normalizeCanonicalLucernAuthContext(input) {
|
|
60
|
+
if (!input) {
|
|
61
|
+
throw new LucernSdkAuthContextError(
|
|
62
|
+
"principal_missing",
|
|
63
|
+
"Canonical Lucern SDK auth context is required."
|
|
64
|
+
);
|
|
65
|
+
}
|
|
66
|
+
if (input.policyDecision === "deny") {
|
|
67
|
+
throw new LucernSdkAuthContextError(
|
|
68
|
+
"policy_denied",
|
|
69
|
+
"Canonical Lucern SDK auth context carries a denied policy decision."
|
|
70
|
+
);
|
|
71
|
+
}
|
|
72
|
+
const principalId = requireString(
|
|
73
|
+
input.principalId,
|
|
74
|
+
"principal_missing",
|
|
75
|
+
"principalId"
|
|
76
|
+
);
|
|
77
|
+
const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
|
|
78
|
+
const workspaceId = requireString(
|
|
79
|
+
input.workspaceId,
|
|
80
|
+
"workspace_missing",
|
|
81
|
+
"workspaceId"
|
|
82
|
+
);
|
|
83
|
+
const roles = cleanStringList(input.roles);
|
|
84
|
+
const scopes = cleanStringList(input.scopes);
|
|
85
|
+
const principalType = requirePrincipalType(input.principalType);
|
|
86
|
+
const authMode = requireAuthMode(input.authMode);
|
|
87
|
+
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
88
|
+
if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
|
|
89
|
+
throw new LucernSdkAuthContextError(
|
|
90
|
+
"membership_missing",
|
|
91
|
+
"Canonical Lucern SDK auth context requires non-empty roles and scopes."
|
|
92
|
+
);
|
|
93
|
+
}
|
|
94
|
+
const subject = cleanString(input.permit?.subject) ?? principalId;
|
|
95
|
+
const tenant = cleanString(input.permit?.tenant) ?? tenantId;
|
|
96
|
+
const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
|
|
97
|
+
ensurePermitMatch({
|
|
98
|
+
field: "subject",
|
|
99
|
+
expected: principalId,
|
|
100
|
+
actual: subject
|
|
101
|
+
});
|
|
102
|
+
ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
|
|
103
|
+
ensurePermitMatch({
|
|
104
|
+
field: "workspace",
|
|
105
|
+
expected: workspaceId,
|
|
106
|
+
actual: workspace
|
|
107
|
+
});
|
|
108
|
+
const context = input.permit?.context ? { ...input.permit.context } : void 0;
|
|
109
|
+
return {
|
|
110
|
+
clerkId: cleanString(input.clerkId),
|
|
111
|
+
principalId,
|
|
112
|
+
tenantId,
|
|
113
|
+
workspaceId,
|
|
114
|
+
principalType,
|
|
115
|
+
authMode,
|
|
116
|
+
roles,
|
|
117
|
+
scopes,
|
|
118
|
+
delegationChain: input.delegationChain ? [...input.delegationChain] : [],
|
|
119
|
+
policyTraceId: cleanString(input.policyTraceId),
|
|
120
|
+
correlationId: cleanString(input.correlationId),
|
|
121
|
+
membershipId: cleanString(input.membershipId),
|
|
122
|
+
permit: {
|
|
123
|
+
subject,
|
|
124
|
+
tenant,
|
|
125
|
+
workspace,
|
|
126
|
+
resource: cleanString(input.permit?.resource),
|
|
127
|
+
action: cleanString(input.permit?.action),
|
|
128
|
+
relation: cleanString(input.permit?.relation),
|
|
129
|
+
context
|
|
130
|
+
}
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
function createCanonicalAuthHeaders(authContext) {
|
|
134
|
+
const headers = {
|
|
135
|
+
"x-lucern-principal-id": authContext.principalId,
|
|
136
|
+
"x-lucern-principal-type": authContext.principalType,
|
|
137
|
+
"x-lucern-tenant": authContext.tenantId,
|
|
138
|
+
"x-lucern-tenant-id": authContext.tenantId,
|
|
139
|
+
"x-lucern-workspace": authContext.workspaceId,
|
|
140
|
+
"x-lucern-workspace-id": authContext.workspaceId,
|
|
141
|
+
"x-lucern-auth-mode": authContext.authMode,
|
|
142
|
+
"x-lucern-roles": authContext.roles.join(","),
|
|
143
|
+
"x-lucern-scopes": authContext.scopes.join(","),
|
|
144
|
+
"x-lucern-permit-context": JSON.stringify(authContext.permit)
|
|
145
|
+
};
|
|
146
|
+
if (authContext.clerkId) {
|
|
147
|
+
headers["x-lucern-clerk-id"] = authContext.clerkId;
|
|
148
|
+
headers["x-lucern-user-id"] = authContext.clerkId;
|
|
149
|
+
}
|
|
150
|
+
if (authContext.delegationChain.length > 0) {
|
|
151
|
+
headers["x-lucern-delegation-chain"] = JSON.stringify(
|
|
152
|
+
authContext.delegationChain
|
|
153
|
+
);
|
|
154
|
+
}
|
|
155
|
+
if (authContext.policyTraceId) {
|
|
156
|
+
headers["x-lucern-policy-trace-id"] = authContext.policyTraceId;
|
|
157
|
+
}
|
|
158
|
+
if (authContext.correlationId) {
|
|
159
|
+
headers["x-correlation-id"] = authContext.correlationId;
|
|
160
|
+
headers["x-lucern-correlation-id"] = authContext.correlationId;
|
|
161
|
+
}
|
|
162
|
+
if (authContext.membershipId) {
|
|
163
|
+
headers["x-lucern-membership-id"] = authContext.membershipId;
|
|
164
|
+
}
|
|
165
|
+
return headers;
|
|
166
|
+
}
|
|
167
|
+
|
|
1
168
|
// src/coreClient.ts
|
|
2
169
|
var LucernApiError = class extends Error {
|
|
3
170
|
code;
|
|
@@ -154,16 +321,41 @@ function readPolicySummaryFromDetails(details) {
|
|
|
154
321
|
}
|
|
155
322
|
return null;
|
|
156
323
|
}
|
|
324
|
+
async function resolveConfiguredAuthContext(authContext) {
|
|
325
|
+
if (typeof authContext === "function") {
|
|
326
|
+
return await authContext();
|
|
327
|
+
}
|
|
328
|
+
return authContext;
|
|
329
|
+
}
|
|
330
|
+
function mergeHeaderRecord(base, addition) {
|
|
331
|
+
const headers = new Headers(base);
|
|
332
|
+
for (const [key, value] of Object.entries(addition)) {
|
|
333
|
+
const existing = headers.get(key);
|
|
334
|
+
if (existing !== null && existing !== value) {
|
|
335
|
+
throw new LucernSdkAuthContextError(
|
|
336
|
+
"policy_denied",
|
|
337
|
+
`Canonical Lucern SDK auth context conflicts with existing ${key} header.`
|
|
338
|
+
);
|
|
339
|
+
}
|
|
340
|
+
headers.set(key, value);
|
|
341
|
+
}
|
|
342
|
+
return Object.fromEntries(headers.entries());
|
|
343
|
+
}
|
|
157
344
|
function createGatewayRequestClient(config = {}) {
|
|
158
345
|
const fetchImpl = config.fetchImpl ?? fetch;
|
|
159
346
|
const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
160
347
|
const maxRetries = config.maxRetries ?? 2;
|
|
161
348
|
const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
|
|
162
349
|
async function resolveAuthHeaders() {
|
|
163
|
-
|
|
164
|
-
|
|
350
|
+
const base = config.getAuthHeaders ? await config.getAuthHeaders() : {};
|
|
351
|
+
const authContextInput = await resolveConfiguredAuthContext(
|
|
352
|
+
config.authContext
|
|
353
|
+
);
|
|
354
|
+
if (!authContextInput && !config.requireCanonicalAuthContext) {
|
|
355
|
+
return base;
|
|
165
356
|
}
|
|
166
|
-
|
|
357
|
+
const authContext = normalizeCanonicalLucernAuthContext(authContextInput);
|
|
358
|
+
return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));
|
|
167
359
|
}
|
|
168
360
|
async function fetchWithTimeout(url, init, timeoutMs) {
|
|
169
361
|
const controller = new AbortController();
|
|
@@ -338,11 +530,11 @@ function createGatewayRequestClient(config = {}) {
|
|
|
338
530
|
function asRecord(value) {
|
|
339
531
|
return value && typeof value === "object" ? value : {};
|
|
340
532
|
}
|
|
341
|
-
function
|
|
533
|
+
function cleanString2(value) {
|
|
342
534
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
343
535
|
}
|
|
344
536
|
function normalizeVerificationStatus(value) {
|
|
345
|
-
const status =
|
|
537
|
+
const status = cleanString2(value);
|
|
346
538
|
if (!status) {
|
|
347
539
|
return void 0;
|
|
348
540
|
}
|
|
@@ -358,20 +550,20 @@ function cloneWith(value, patch) {
|
|
|
358
550
|
return { ...value, ...patch };
|
|
359
551
|
}
|
|
360
552
|
function resolveTopicId(value) {
|
|
361
|
-
return
|
|
553
|
+
return cleanString2(value.topicId);
|
|
362
554
|
}
|
|
363
555
|
function resolveText(value) {
|
|
364
|
-
return
|
|
556
|
+
return cleanString2(value.text) ?? cleanString2(value.canonicalText);
|
|
365
557
|
}
|
|
366
558
|
function withTopicAlias(value) {
|
|
367
|
-
const topicId =
|
|
559
|
+
const topicId = cleanString2(value.topicId) ?? void 0;
|
|
368
560
|
if (!topicId) {
|
|
369
561
|
return value;
|
|
370
562
|
}
|
|
371
563
|
return cloneWith(value, { topicId });
|
|
372
564
|
}
|
|
373
565
|
function withTextAlias(value) {
|
|
374
|
-
const text =
|
|
566
|
+
const text = cleanString2(value.text) ?? cleanString2(value.canonicalText) ?? void 0;
|
|
375
567
|
if (!text) {
|
|
376
568
|
return value;
|
|
377
569
|
}
|
|
@@ -401,7 +593,7 @@ function normalizeNodeVerificationStatus(value) {
|
|
|
401
593
|
return normalizeVerificationStatus(value);
|
|
402
594
|
}
|
|
403
595
|
function normalizeTopicQuery(value) {
|
|
404
|
-
const topicId =
|
|
596
|
+
const topicId = cleanString2(value.topicId);
|
|
405
597
|
if (!topicId) {
|
|
406
598
|
return value;
|
|
407
599
|
}
|
|
@@ -849,6 +1041,39 @@ function createGraphClient(config = {}) {
|
|
|
849
1041
|
};
|
|
850
1042
|
}
|
|
851
1043
|
|
|
1044
|
+
// src/boundaryClientSurface.ts
|
|
1045
|
+
function cleanOptionalString(value) {
|
|
1046
|
+
const normalized = value?.trim();
|
|
1047
|
+
return normalized ? normalized : void 0;
|
|
1048
|
+
}
|
|
1049
|
+
function cleanRequiredString(value, label) {
|
|
1050
|
+
const normalized = cleanOptionalString(value);
|
|
1051
|
+
if (!normalized) {
|
|
1052
|
+
throw new Error(`${label} is required`);
|
|
1053
|
+
}
|
|
1054
|
+
return normalized;
|
|
1055
|
+
}
|
|
1056
|
+
function assertKnownKeys(input, allowed, operation) {
|
|
1057
|
+
const allowedSet = new Set(allowed);
|
|
1058
|
+
const unknownKeys = Object.keys(input).filter((key) => !allowedSet.has(key));
|
|
1059
|
+
if (unknownKeys.length > 0) {
|
|
1060
|
+
throw new Error(
|
|
1061
|
+
`${operation} received unsupported field(s): ${unknownKeys.join(", ")}`
|
|
1062
|
+
);
|
|
1063
|
+
}
|
|
1064
|
+
}
|
|
1065
|
+
function knownPayload(input, allowed, operation) {
|
|
1066
|
+
assertKnownKeys(input, allowed, operation);
|
|
1067
|
+
return { ...input };
|
|
1068
|
+
}
|
|
1069
|
+
function listResultFromEnvelope(data, legacyKey) {
|
|
1070
|
+
const record = data && typeof data === "object" ? data : {};
|
|
1071
|
+
return createListResult(
|
|
1072
|
+
Array.isArray(record[legacyKey]) ? record[legacyKey] : Array.isArray(data) ? data : [],
|
|
1073
|
+
legacyKey
|
|
1074
|
+
);
|
|
1075
|
+
}
|
|
1076
|
+
|
|
852
1077
|
// src/identityClient.ts
|
|
853
1078
|
function createIdentityWhoamiClient(config = {}) {
|
|
854
1079
|
const gateway = createGatewayRequestClient(config);
|
|
@@ -860,6 +1085,37 @@ function createIdentityWhoamiClient(config = {}) {
|
|
|
860
1085
|
}
|
|
861
1086
|
};
|
|
862
1087
|
}
|
|
1088
|
+
var TENANT_IDENTITY_FIELDS = [
|
|
1089
|
+
"tenantId",
|
|
1090
|
+
"workspaceId",
|
|
1091
|
+
"principalId",
|
|
1092
|
+
"integrationKey",
|
|
1093
|
+
"secretRef",
|
|
1094
|
+
"policySubject",
|
|
1095
|
+
"policyAction",
|
|
1096
|
+
"policyResource",
|
|
1097
|
+
"decision",
|
|
1098
|
+
"config",
|
|
1099
|
+
"configKey",
|
|
1100
|
+
"configValue",
|
|
1101
|
+
"provider",
|
|
1102
|
+
"status",
|
|
1103
|
+
"metadata",
|
|
1104
|
+
"limit",
|
|
1105
|
+
"cursor"
|
|
1106
|
+
];
|
|
1107
|
+
function tenantIdentityQuery(input) {
|
|
1108
|
+
return {
|
|
1109
|
+
tenantId: cleanRequiredString(input.tenantId, "tenantId"),
|
|
1110
|
+
workspaceId: input.workspaceId,
|
|
1111
|
+
principalId: input.principalId,
|
|
1112
|
+
limit: input.limit,
|
|
1113
|
+
cursor: input.cursor
|
|
1114
|
+
};
|
|
1115
|
+
}
|
|
1116
|
+
function tenantIdentityBody(input, operation) {
|
|
1117
|
+
return knownPayload(input, TENANT_IDENTITY_FIELDS, operation);
|
|
1118
|
+
}
|
|
863
1119
|
function createIdentityClient(config = {}) {
|
|
864
1120
|
const gateway = createGatewayRequestClient(config);
|
|
865
1121
|
const whoamiClient = createIdentityWhoamiClient(config);
|
|
@@ -985,6 +1241,109 @@ function createIdentityClient(config = {}) {
|
|
|
985
1241
|
return gateway.request({
|
|
986
1242
|
path: `/api/platform/v1/identity/clerk-users${toQueryString({ q })}`
|
|
987
1243
|
});
|
|
1244
|
+
},
|
|
1245
|
+
async getTenantConfig(input) {
|
|
1246
|
+
return gateway.request({
|
|
1247
|
+
path: `/api/platform/v1/identity/tenant-config${toQueryString(
|
|
1248
|
+
tenantIdentityQuery(input)
|
|
1249
|
+
)}`
|
|
1250
|
+
});
|
|
1251
|
+
},
|
|
1252
|
+
async updateTenantConfig(input, idempotencyKey) {
|
|
1253
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1254
|
+
return gateway.request({
|
|
1255
|
+
path: "/api/platform/v1/identity/tenant-config",
|
|
1256
|
+
method: "PATCH",
|
|
1257
|
+
body: tenantIdentityBody(
|
|
1258
|
+
input,
|
|
1259
|
+
"identity.updateTenantConfig"
|
|
1260
|
+
),
|
|
1261
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1262
|
+
});
|
|
1263
|
+
},
|
|
1264
|
+
async listIntegrations(input) {
|
|
1265
|
+
return gateway.request({
|
|
1266
|
+
path: `/api/platform/v1/identity/integrations${toQueryString(
|
|
1267
|
+
tenantIdentityQuery(input)
|
|
1268
|
+
)}`
|
|
1269
|
+
}).then(
|
|
1270
|
+
(response) => mapGatewayData(
|
|
1271
|
+
response,
|
|
1272
|
+
(data) => listResultFromEnvelope(
|
|
1273
|
+
data,
|
|
1274
|
+
"integrations"
|
|
1275
|
+
)
|
|
1276
|
+
)
|
|
1277
|
+
);
|
|
1278
|
+
},
|
|
1279
|
+
async upsertIntegration(input, idempotencyKey) {
|
|
1280
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1281
|
+
cleanRequiredString(input.integrationKey, "integrationKey");
|
|
1282
|
+
return gateway.request({
|
|
1283
|
+
path: "/api/platform/v1/identity/integrations",
|
|
1284
|
+
method: "PUT",
|
|
1285
|
+
body: tenantIdentityBody(
|
|
1286
|
+
input,
|
|
1287
|
+
"identity.upsertIntegration"
|
|
1288
|
+
),
|
|
1289
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1290
|
+
});
|
|
1291
|
+
},
|
|
1292
|
+
async listSecrets(input) {
|
|
1293
|
+
return gateway.request({
|
|
1294
|
+
path: `/api/platform/v1/identity/secrets${toQueryString(
|
|
1295
|
+
tenantIdentityQuery(input)
|
|
1296
|
+
)}`
|
|
1297
|
+
}).then(
|
|
1298
|
+
(response) => mapGatewayData(
|
|
1299
|
+
response,
|
|
1300
|
+
(data) => listResultFromEnvelope(
|
|
1301
|
+
data,
|
|
1302
|
+
"secrets"
|
|
1303
|
+
)
|
|
1304
|
+
)
|
|
1305
|
+
);
|
|
1306
|
+
},
|
|
1307
|
+
async putSecretReference(input, idempotencyKey) {
|
|
1308
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1309
|
+
cleanRequiredString(input.secretRef, "secretRef");
|
|
1310
|
+
return gateway.request({
|
|
1311
|
+
path: "/api/platform/v1/identity/secrets",
|
|
1312
|
+
method: "PUT",
|
|
1313
|
+
body: tenantIdentityBody(
|
|
1314
|
+
input,
|
|
1315
|
+
"identity.putSecretReference"
|
|
1316
|
+
),
|
|
1317
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1318
|
+
});
|
|
1319
|
+
},
|
|
1320
|
+
async evaluatePolicy(input, idempotencyKey) {
|
|
1321
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1322
|
+
cleanRequiredString(input.policySubject, "policySubject");
|
|
1323
|
+
cleanRequiredString(input.policyAction, "policyAction");
|
|
1324
|
+
cleanRequiredString(input.policyResource, "policyResource");
|
|
1325
|
+
return gateway.request({
|
|
1326
|
+
path: "/api/platform/v1/identity/policy/evaluate",
|
|
1327
|
+
method: "POST",
|
|
1328
|
+
body: tenantIdentityBody(
|
|
1329
|
+
input,
|
|
1330
|
+
"identity.evaluatePolicy"
|
|
1331
|
+
),
|
|
1332
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1333
|
+
});
|
|
1334
|
+
},
|
|
1335
|
+
async recordPolicyDecision(input, idempotencyKey) {
|
|
1336
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1337
|
+
cleanRequiredString(input.decision, "decision");
|
|
1338
|
+
return gateway.request({
|
|
1339
|
+
path: "/api/platform/v1/identity/policy/decisions",
|
|
1340
|
+
method: "POST",
|
|
1341
|
+
body: tenantIdentityBody(
|
|
1342
|
+
input,
|
|
1343
|
+
"identity.recordPolicyDecision"
|
|
1344
|
+
),
|
|
1345
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1346
|
+
});
|
|
988
1347
|
}
|
|
989
1348
|
};
|
|
990
1349
|
}
|
|
@@ -993,12 +1352,12 @@ function createIdentityClient(config = {}) {
|
|
|
993
1352
|
function asRecord2(value) {
|
|
994
1353
|
return value && typeof value === "object" ? value : {};
|
|
995
1354
|
}
|
|
996
|
-
function
|
|
1355
|
+
function cleanString3(value) {
|
|
997
1356
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
998
1357
|
}
|
|
999
1358
|
function normalizeTopicRecord(value) {
|
|
1000
1359
|
const record = asRecord2(value);
|
|
1001
|
-
const topicId =
|
|
1360
|
+
const topicId = cleanString3(record.topicId) ?? cleanString3(record.id) ?? cleanString3(record._id);
|
|
1002
1361
|
return withTopicAlias({
|
|
1003
1362
|
...record,
|
|
1004
1363
|
...topicId ? { topicId } : {}
|