@lucern/sdk 0.3.0-alpha.2 → 0.3.0-alpha.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adminClient.d.ts +2 -0
- package/dist/adminClient.js +195 -3
- package/dist/adminClient.js.map +1 -1
- package/dist/answersClient.d.ts +2 -0
- package/dist/answersClient.js +195 -3
- package/dist/answersClient.js.map +1 -1
- package/dist/audiencesClient.d.ts +2 -0
- package/dist/audiencesClient.js +195 -3
- package/dist/audiencesClient.js.map +1 -1
- package/dist/auditClient.d.ts +2 -0
- package/dist/auditClient.js +197 -5
- package/dist/auditClient.js.map +1 -1
- package/dist/authContext.d.ts +56 -0
- package/dist/authContext.js +170 -0
- package/dist/authContext.js.map +1 -0
- package/dist/authDeviceClient.d.ts +49 -0
- package/dist/authDeviceClient.js +108 -0
- package/dist/authDeviceClient.js.map +1 -0
- package/dist/beliefs/index.d.ts +19 -2
- package/dist/beliefs/index.js +2648 -327
- package/dist/beliefs/index.js.map +1 -1
- package/dist/beliefsClient.d.ts +2 -0
- package/dist/beliefsClient.js +199 -7
- package/dist/beliefsClient.js.map +1 -1
- package/dist/boundaryClientSurface.d.ts +20 -0
- package/dist/boundaryClientSurface.js +66 -0
- package/dist/boundaryClientSurface.js.map +1 -0
- package/dist/{client-B6aWUUwp.d.ts → client-DOLqClbU.d.ts} +548 -9
- package/dist/client.d.ts +20 -3
- package/dist/client.js +2648 -327
- package/dist/client.js.map +1 -1
- package/dist/contextClient.d.ts +2 -0
- package/dist/contextClient.js +201 -9
- package/dist/contextClient.js.map +1 -1
- package/dist/contracts/api-enums.contract.d.ts +1 -1
- package/dist/contracts/api-enums.contract.js.map +1 -1
- package/dist/contracts/index.d.ts +1 -0
- package/dist/contracts/index.js +104 -1
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/mcpTools.d.ts +46 -1
- package/dist/contracts/mcpTools.js +102 -0
- package/dist/contracts/mcpTools.js.map +1 -1
- package/dist/contradictions/index.d.ts +19 -2
- package/dist/contradictions/index.js +2648 -327
- package/dist/contradictions/index.js.map +1 -1
- package/dist/coreClient.d.ts +9 -0
- package/dist/coreClient.js +195 -3
- package/dist/coreClient.js.map +1 -1
- package/dist/decisions/index.d.ts +19 -2
- package/dist/decisions/index.js +2648 -327
- package/dist/decisions/index.js.map +1 -1
- package/dist/decisionsClient.d.ts +2 -0
- package/dist/decisionsClient.js +198 -6
- package/dist/decisionsClient.js.map +1 -1
- package/dist/edges/index.d.ts +19 -2
- package/dist/edges/index.js +2648 -327
- package/dist/edges/index.js.map +1 -1
- package/dist/embeddingsClient.d.ts +106 -0
- package/dist/embeddingsClient.js +708 -0
- package/dist/embeddingsClient.js.map +1 -0
- package/dist/eventingClient.d.ts +96 -0
- package/dist/eventingClient.js +705 -0
- package/dist/eventingClient.js.map +1 -0
- package/dist/eventsCore.d.ts +2 -0
- package/dist/eventsCore.js +195 -3
- package/dist/eventsCore.js.map +1 -1
- package/dist/evidence/index.d.ts +19 -2
- package/dist/evidence/index.js +2648 -327
- package/dist/evidence/index.js.map +1 -1
- package/dist/evidenceClient.d.ts +2 -0
- package/dist/evidenceClient.js +195 -3
- package/dist/evidenceClient.js.map +1 -1
- package/dist/gatewayFacades.d.ts +38 -3
- package/dist/gatewayFacades.js +371 -12
- package/dist/gatewayFacades.js.map +1 -1
- package/dist/graphAnalysisClient.d.ts +147 -0
- package/dist/graphAnalysisClient.js +756 -0
- package/dist/graphAnalysisClient.js.map +1 -0
- package/dist/graphClient.d.ts +2 -0
- package/dist/graphClient.js +202 -10
- package/dist/graphClient.js.map +1 -1
- package/dist/graphRecommendationsClient.d.ts +56 -0
- package/dist/graphRecommendationsClient.js +646 -0
- package/dist/graphRecommendationsClient.js.map +1 -0
- package/dist/graphStateClassifierClient.d.ts +73 -0
- package/dist/graphStateClassifierClient.js +694 -0
- package/dist/graphStateClassifierClient.js.map +1 -0
- package/dist/harnessClient.d.ts +2 -0
- package/dist/harnessClient.js +197 -5
- package/dist/harnessClient.js.map +1 -1
- package/dist/identityClient.d.ts +89 -3
- package/dist/identityClient.js +363 -4
- package/dist/identityClient.js.map +1 -1
- package/dist/index.d.ts +23 -4
- package/dist/index.js +3098 -353
- package/dist/index.js.map +1 -1
- package/dist/infisicalRuntime.d.ts +42 -0
- package/dist/infisicalRuntime.js +291 -0
- package/dist/infisicalRuntime.js.map +1 -0
- package/dist/jobsClient.d.ts +98 -0
- package/dist/jobsClient.js +704 -0
- package/dist/jobsClient.js.map +1 -0
- package/dist/learningClient.d.ts +2 -0
- package/dist/learningClient.js +197 -5
- package/dist/learningClient.js.map +1 -1
- package/dist/lenses/index.d.ts +43 -2
- package/dist/lenses/index.js +2648 -327
- package/dist/lenses/index.js.map +1 -1
- package/dist/mcpClient.d.ts +28 -0
- package/dist/mcpClient.js +650 -0
- package/dist/mcpClient.js.map +1 -0
- package/dist/modelRuntimeClient.d.ts +72 -0
- package/dist/modelRuntimeClient.js +681 -0
- package/dist/modelRuntimeClient.js.map +1 -0
- package/dist/nodes/index.d.ts +37 -2
- package/dist/nodes/index.js +2648 -327
- package/dist/nodes/index.js.map +1 -1
- package/dist/ontologies/index.d.ts +19 -2
- package/dist/ontologies/index.js +2648 -327
- package/dist/ontologies/index.js.map +1 -1
- package/dist/ontologyClient.d.ts +2 -0
- package/dist/ontologyClient.js +195 -3
- package/dist/ontologyClient.js.map +1 -1
- package/dist/ontologyLinksClient.d.ts +71 -0
- package/dist/ontologyLinksClient.js +675 -0
- package/dist/ontologyLinksClient.js.map +1 -0
- package/dist/orgGraphSearchClient.d.ts +85 -0
- package/dist/orgGraphSearchClient.js +652 -0
- package/dist/orgGraphSearchClient.js.map +1 -0
- package/dist/packRuntime.d.ts +1 -2
- package/dist/packsClient.d.ts +2 -0
- package/dist/packsClient.js +195 -3
- package/dist/packsClient.js.map +1 -1
- package/dist/policyClient.d.ts +2 -0
- package/dist/policyClient.js +195 -3
- package/dist/policyClient.js.map +1 -1
- package/dist/questions/index.d.ts +19 -2
- package/dist/questions/index.js +2648 -327
- package/dist/questions/index.js.map +1 -1
- package/dist/reportsClient.d.ts +2 -0
- package/dist/reportsClient.js +197 -5
- package/dist/reportsClient.js.map +1 -1
- package/dist/schemaClient.d.ts +2 -0
- package/dist/schemaClient.js +195 -3
- package/dist/schemaClient.js.map +1 -1
- package/dist/sdkSurface.d.ts +2 -0
- package/dist/sourcesClient.d.ts +2 -0
- package/dist/sourcesClient.js +195 -3
- package/dist/sourcesClient.js.map +1 -1
- package/dist/telemetryClient.d.ts +94 -0
- package/dist/telemetryClient.js +719 -0
- package/dist/telemetryClient.js.map +1 -0
- package/dist/toolRegistryClient.d.ts +107 -0
- package/dist/toolRegistryClient.js +733 -0
- package/dist/toolRegistryClient.js.map +1 -0
- package/dist/topics/index.d.ts +19 -2
- package/dist/topics/index.js +2648 -327
- package/dist/topics/index.js.map +1 -1
- package/dist/topicsClient.d.ts +2 -0
- package/dist/topicsClient.js +200 -8
- package/dist/topicsClient.js.map +1 -1
- package/dist/workflowClient.d.ts +43 -7
- package/dist/workflowClient.js +200 -8
- package/dist/workflowClient.js.map +1 -1
- package/dist/worktrees/index.d.ts +43 -2
- package/dist/worktrees/index.js +2648 -327
- package/dist/worktrees/index.js.map +1 -1
- package/package.json +3 -3
package/dist/workflowClient.js
CHANGED
|
@@ -1,3 +1,170 @@
|
|
|
1
|
+
// src/authContext.ts
|
|
2
|
+
var LucernSdkAuthContextError = class extends Error {
|
|
3
|
+
reason;
|
|
4
|
+
constructor(reason, message) {
|
|
5
|
+
super(message);
|
|
6
|
+
this.name = "LucernSdkAuthContextError";
|
|
7
|
+
this.reason = reason;
|
|
8
|
+
}
|
|
9
|
+
};
|
|
10
|
+
function cleanString(value) {
|
|
11
|
+
const normalized = value?.trim();
|
|
12
|
+
return normalized ? normalized : void 0;
|
|
13
|
+
}
|
|
14
|
+
function cleanStringList(values) {
|
|
15
|
+
if (!values) {
|
|
16
|
+
return [];
|
|
17
|
+
}
|
|
18
|
+
return values.map((value) => value.trim()).filter(
|
|
19
|
+
(value, index, list) => value.length > 0 && list.indexOf(value) === index
|
|
20
|
+
);
|
|
21
|
+
}
|
|
22
|
+
function requireString(value, reason, label) {
|
|
23
|
+
const normalized = cleanString(value);
|
|
24
|
+
if (!normalized) {
|
|
25
|
+
throw new LucernSdkAuthContextError(
|
|
26
|
+
reason,
|
|
27
|
+
`Canonical Lucern SDK auth context is missing ${label}.`
|
|
28
|
+
);
|
|
29
|
+
}
|
|
30
|
+
return normalized;
|
|
31
|
+
}
|
|
32
|
+
function requirePrincipalType(principalType) {
|
|
33
|
+
if (!principalType) {
|
|
34
|
+
throw new LucernSdkAuthContextError(
|
|
35
|
+
"principal_missing",
|
|
36
|
+
"Canonical Lucern SDK auth context is missing principalType."
|
|
37
|
+
);
|
|
38
|
+
}
|
|
39
|
+
return principalType;
|
|
40
|
+
}
|
|
41
|
+
function requireAuthMode(authMode) {
|
|
42
|
+
if (!authMode) {
|
|
43
|
+
throw new LucernSdkAuthContextError(
|
|
44
|
+
"principal_missing",
|
|
45
|
+
"Canonical Lucern SDK auth context is missing authMode."
|
|
46
|
+
);
|
|
47
|
+
}
|
|
48
|
+
return authMode;
|
|
49
|
+
}
|
|
50
|
+
function ensurePermitMatch(args) {
|
|
51
|
+
const actual = cleanString(args.actual);
|
|
52
|
+
if (actual && actual !== args.expected) {
|
|
53
|
+
throw new LucernSdkAuthContextError(
|
|
54
|
+
"policy_denied",
|
|
55
|
+
`Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`
|
|
56
|
+
);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
function normalizeCanonicalLucernAuthContext(input) {
|
|
60
|
+
if (!input) {
|
|
61
|
+
throw new LucernSdkAuthContextError(
|
|
62
|
+
"principal_missing",
|
|
63
|
+
"Canonical Lucern SDK auth context is required."
|
|
64
|
+
);
|
|
65
|
+
}
|
|
66
|
+
if (input.policyDecision === "deny") {
|
|
67
|
+
throw new LucernSdkAuthContextError(
|
|
68
|
+
"policy_denied",
|
|
69
|
+
"Canonical Lucern SDK auth context carries a denied policy decision."
|
|
70
|
+
);
|
|
71
|
+
}
|
|
72
|
+
const principalId = requireString(
|
|
73
|
+
input.principalId,
|
|
74
|
+
"principal_missing",
|
|
75
|
+
"principalId"
|
|
76
|
+
);
|
|
77
|
+
const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
|
|
78
|
+
const workspaceId = requireString(
|
|
79
|
+
input.workspaceId,
|
|
80
|
+
"workspace_missing",
|
|
81
|
+
"workspaceId"
|
|
82
|
+
);
|
|
83
|
+
const roles = cleanStringList(input.roles);
|
|
84
|
+
const scopes = cleanStringList(input.scopes);
|
|
85
|
+
const principalType = requirePrincipalType(input.principalType);
|
|
86
|
+
const authMode = requireAuthMode(input.authMode);
|
|
87
|
+
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
88
|
+
if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
|
|
89
|
+
throw new LucernSdkAuthContextError(
|
|
90
|
+
"membership_missing",
|
|
91
|
+
"Canonical Lucern SDK auth context requires non-empty roles and scopes."
|
|
92
|
+
);
|
|
93
|
+
}
|
|
94
|
+
const subject = cleanString(input.permit?.subject) ?? principalId;
|
|
95
|
+
const tenant = cleanString(input.permit?.tenant) ?? tenantId;
|
|
96
|
+
const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
|
|
97
|
+
ensurePermitMatch({
|
|
98
|
+
field: "subject",
|
|
99
|
+
expected: principalId,
|
|
100
|
+
actual: subject
|
|
101
|
+
});
|
|
102
|
+
ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
|
|
103
|
+
ensurePermitMatch({
|
|
104
|
+
field: "workspace",
|
|
105
|
+
expected: workspaceId,
|
|
106
|
+
actual: workspace
|
|
107
|
+
});
|
|
108
|
+
const context = input.permit?.context ? { ...input.permit.context } : void 0;
|
|
109
|
+
return {
|
|
110
|
+
clerkId: cleanString(input.clerkId),
|
|
111
|
+
principalId,
|
|
112
|
+
tenantId,
|
|
113
|
+
workspaceId,
|
|
114
|
+
principalType,
|
|
115
|
+
authMode,
|
|
116
|
+
roles,
|
|
117
|
+
scopes,
|
|
118
|
+
delegationChain: input.delegationChain ? [...input.delegationChain] : [],
|
|
119
|
+
policyTraceId: cleanString(input.policyTraceId),
|
|
120
|
+
correlationId: cleanString(input.correlationId),
|
|
121
|
+
membershipId: cleanString(input.membershipId),
|
|
122
|
+
permit: {
|
|
123
|
+
subject,
|
|
124
|
+
tenant,
|
|
125
|
+
workspace,
|
|
126
|
+
resource: cleanString(input.permit?.resource),
|
|
127
|
+
action: cleanString(input.permit?.action),
|
|
128
|
+
relation: cleanString(input.permit?.relation),
|
|
129
|
+
context
|
|
130
|
+
}
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
function createCanonicalAuthHeaders(authContext) {
|
|
134
|
+
const headers = {
|
|
135
|
+
"x-lucern-principal-id": authContext.principalId,
|
|
136
|
+
"x-lucern-principal-type": authContext.principalType,
|
|
137
|
+
"x-lucern-tenant": authContext.tenantId,
|
|
138
|
+
"x-lucern-tenant-id": authContext.tenantId,
|
|
139
|
+
"x-lucern-workspace": authContext.workspaceId,
|
|
140
|
+
"x-lucern-workspace-id": authContext.workspaceId,
|
|
141
|
+
"x-lucern-auth-mode": authContext.authMode,
|
|
142
|
+
"x-lucern-roles": authContext.roles.join(","),
|
|
143
|
+
"x-lucern-scopes": authContext.scopes.join(","),
|
|
144
|
+
"x-lucern-permit-context": JSON.stringify(authContext.permit)
|
|
145
|
+
};
|
|
146
|
+
if (authContext.clerkId) {
|
|
147
|
+
headers["x-lucern-clerk-id"] = authContext.clerkId;
|
|
148
|
+
headers["x-lucern-user-id"] = authContext.clerkId;
|
|
149
|
+
}
|
|
150
|
+
if (authContext.delegationChain.length > 0) {
|
|
151
|
+
headers["x-lucern-delegation-chain"] = JSON.stringify(
|
|
152
|
+
authContext.delegationChain
|
|
153
|
+
);
|
|
154
|
+
}
|
|
155
|
+
if (authContext.policyTraceId) {
|
|
156
|
+
headers["x-lucern-policy-trace-id"] = authContext.policyTraceId;
|
|
157
|
+
}
|
|
158
|
+
if (authContext.correlationId) {
|
|
159
|
+
headers["x-correlation-id"] = authContext.correlationId;
|
|
160
|
+
headers["x-lucern-correlation-id"] = authContext.correlationId;
|
|
161
|
+
}
|
|
162
|
+
if (authContext.membershipId) {
|
|
163
|
+
headers["x-lucern-membership-id"] = authContext.membershipId;
|
|
164
|
+
}
|
|
165
|
+
return headers;
|
|
166
|
+
}
|
|
167
|
+
|
|
1
168
|
// src/coreClient.ts
|
|
2
169
|
var LucernApiError = class extends Error {
|
|
3
170
|
code;
|
|
@@ -154,16 +321,41 @@ function readPolicySummaryFromDetails(details) {
|
|
|
154
321
|
}
|
|
155
322
|
return null;
|
|
156
323
|
}
|
|
324
|
+
async function resolveConfiguredAuthContext(authContext) {
|
|
325
|
+
if (typeof authContext === "function") {
|
|
326
|
+
return await authContext();
|
|
327
|
+
}
|
|
328
|
+
return authContext;
|
|
329
|
+
}
|
|
330
|
+
function mergeHeaderRecord(base, addition) {
|
|
331
|
+
const headers = new Headers(base);
|
|
332
|
+
for (const [key, value] of Object.entries(addition)) {
|
|
333
|
+
const existing = headers.get(key);
|
|
334
|
+
if (existing !== null && existing !== value) {
|
|
335
|
+
throw new LucernSdkAuthContextError(
|
|
336
|
+
"policy_denied",
|
|
337
|
+
`Canonical Lucern SDK auth context conflicts with existing ${key} header.`
|
|
338
|
+
);
|
|
339
|
+
}
|
|
340
|
+
headers.set(key, value);
|
|
341
|
+
}
|
|
342
|
+
return Object.fromEntries(headers.entries());
|
|
343
|
+
}
|
|
157
344
|
function createGatewayRequestClient(config = {}) {
|
|
158
345
|
const fetchImpl = config.fetchImpl ?? fetch;
|
|
159
346
|
const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
160
347
|
const maxRetries = config.maxRetries ?? 2;
|
|
161
348
|
const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
|
|
162
349
|
async function resolveAuthHeaders() {
|
|
163
|
-
|
|
164
|
-
|
|
350
|
+
const base = config.getAuthHeaders ? await config.getAuthHeaders() : {};
|
|
351
|
+
const authContextInput = await resolveConfiguredAuthContext(
|
|
352
|
+
config.authContext
|
|
353
|
+
);
|
|
354
|
+
if (!authContextInput && !config.requireCanonicalAuthContext) {
|
|
355
|
+
return base;
|
|
165
356
|
}
|
|
166
|
-
|
|
357
|
+
const authContext = normalizeCanonicalLucernAuthContext(authContextInput);
|
|
358
|
+
return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));
|
|
167
359
|
}
|
|
168
360
|
async function fetchWithTimeout(url, init, timeoutMs) {
|
|
169
361
|
const controller = new AbortController();
|
|
@@ -338,24 +530,24 @@ function createGatewayRequestClient(config = {}) {
|
|
|
338
530
|
function asRecord(value) {
|
|
339
531
|
return value && typeof value === "object" ? value : {};
|
|
340
532
|
}
|
|
341
|
-
function
|
|
533
|
+
function cleanString2(value) {
|
|
342
534
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
343
535
|
}
|
|
344
536
|
function cloneWith(value, patch) {
|
|
345
537
|
return { ...value, ...patch };
|
|
346
538
|
}
|
|
347
539
|
function resolveTopicId(value) {
|
|
348
|
-
return
|
|
540
|
+
return cleanString2(value.topicId);
|
|
349
541
|
}
|
|
350
542
|
function withTopicAlias(value) {
|
|
351
|
-
const topicId =
|
|
543
|
+
const topicId = cleanString2(value.topicId) ?? void 0;
|
|
352
544
|
if (!topicId) {
|
|
353
545
|
return value;
|
|
354
546
|
}
|
|
355
547
|
return cloneWith(value, { topicId });
|
|
356
548
|
}
|
|
357
549
|
function withTextAlias(value) {
|
|
358
|
-
const text =
|
|
550
|
+
const text = cleanString2(value.text) ?? cleanString2(value.canonicalText) ?? void 0;
|
|
359
551
|
if (!text) {
|
|
360
552
|
return value;
|
|
361
553
|
}
|
|
@@ -365,7 +557,7 @@ function withSdkAliases(value) {
|
|
|
365
557
|
return withTopicAlias(withTextAlias(value));
|
|
366
558
|
}
|
|
367
559
|
function normalizeTopicQuery(value) {
|
|
368
|
-
const topicId =
|
|
560
|
+
const topicId = cleanString2(value.topicId);
|
|
369
561
|
if (!topicId) {
|
|
370
562
|
return value;
|
|
371
563
|
}
|