@lucern/sdk 0.3.0-alpha.9 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/README.md +60 -1
- package/dist/accessControl.d.ts +79 -0
- package/dist/accessControl.js +1270 -0
- package/dist/accessControl.js.map +1 -0
- package/dist/adminClient.js +19 -1
- package/dist/adminClient.js.map +1 -1
- package/dist/answersClient.js +19 -1
- package/dist/answersClient.js.map +1 -1
- package/dist/audiencesClient.js +19 -1
- package/dist/audiencesClient.js.map +1 -1
- package/dist/auditClient.js +19 -1
- package/dist/auditClient.js.map +1 -1
- package/dist/authContext.d.ts +2 -2
- package/dist/authContext.js.map +1 -1
- package/dist/beliefs/index.d.ts +2 -0
- package/dist/beliefs/index.js +1196 -663
- package/dist/beliefs/index.js.map +1 -1
- package/dist/beliefsClient.js +19 -1
- package/dist/beliefsClient.js.map +1 -1
- package/dist/client.d.ts +146 -70
- package/dist/client.js +1196 -663
- package/dist/client.js.map +1 -1
- package/dist/contextClient.js +19 -1
- package/dist/contextClient.js.map +1 -1
- package/dist/contracts/api-enums.contract.d.ts +1 -1
- package/dist/contracts/api-enums.contract.js +6 -1
- package/dist/contracts/api-enums.contract.js.map +1 -1
- package/dist/contracts/auth-session.contract.d.ts +1 -1
- package/dist/contracts/auth-session.contract.js +14 -2
- package/dist/contracts/auth-session.contract.js.map +1 -1
- package/dist/contracts/index.js +26 -3
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/mcpTools.js +6 -0
- package/dist/contracts/mcpTools.js.map +1 -1
- package/dist/contradictions/index.d.ts +2 -0
- package/dist/contradictions/index.js +1196 -663
- package/dist/contradictions/index.js.map +1 -1
- package/dist/control-plane.d.ts +69 -0
- package/dist/control-plane.js +674 -0
- package/dist/control-plane.js.map +1 -0
- package/dist/coreClient.d.ts +17 -1
- package/dist/coreClient.js +19 -1
- package/dist/coreClient.js.map +1 -1
- package/dist/decisions/index.d.ts +2 -0
- package/dist/decisions/index.js +1196 -663
- package/dist/decisions/index.js.map +1 -1
- package/dist/decisionsClient.js +19 -1
- package/dist/decisionsClient.js.map +1 -1
- package/dist/edges/index.d.ts +26 -84
- package/dist/edges/index.js +1196 -663
- package/dist/edges/index.js.map +1 -1
- package/dist/embeddingsClient.js +19 -1
- package/dist/embeddingsClient.js.map +1 -1
- package/dist/eventingClient.js +19 -1
- package/dist/eventingClient.js.map +1 -1
- package/dist/eventsCore.js +19 -1
- package/dist/eventsCore.js.map +1 -1
- package/dist/evidence/index.d.ts +2 -0
- package/dist/evidence/index.js +1196 -663
- package/dist/evidence/index.js.map +1 -1
- package/dist/evidenceClient.js +19 -1
- package/dist/evidenceClient.js.map +1 -1
- package/dist/functionSurface.d.ts +16 -1
- package/dist/functionSurface.js +95 -2
- package/dist/functionSurface.js.map +1 -1
- package/dist/functionSurfaceClient.js +95 -2
- package/dist/functionSurfaceClient.js.map +1 -1
- package/dist/gatewayFacades.d.ts +29 -2
- package/dist/gatewayFacades.js +156 -8
- package/dist/gatewayFacades.js.map +1 -1
- package/dist/graphAnalysisClient.js +19 -1
- package/dist/graphAnalysisClient.js.map +1 -1
- package/dist/graphClient.d.ts +1 -0
- package/dist/graphClient.js +19 -1
- package/dist/graphClient.js.map +1 -1
- package/dist/graphIntel.d.ts +1 -0
- package/dist/graphRecommendationsClient.js +19 -1
- package/dist/graphRecommendationsClient.js.map +1 -1
- package/dist/graphStateClassifierClient.js +19 -1
- package/dist/graphStateClassifierClient.js.map +1 -1
- package/dist/harnessClient.js +19 -1
- package/dist/harnessClient.js.map +1 -1
- package/dist/identityClient.d.ts +19 -1
- package/dist/identityClient.js +152 -6
- package/dist/identityClient.js.map +1 -1
- package/dist/index.d.ts +4 -1
- package/dist/index.js +1281 -664
- package/dist/index.js.map +1 -1
- package/dist/infisicalRuntime.d.ts +1 -0
- package/dist/infisicalRuntime.js +64 -32
- package/dist/infisicalRuntime.js.map +1 -1
- package/dist/jobsClient.js +19 -1
- package/dist/jobsClient.js.map +1 -1
- package/dist/learningClient.js +19 -1
- package/dist/learningClient.js.map +1 -1
- package/dist/lenses/index.d.ts +2 -0
- package/dist/lenses/index.js +1196 -663
- package/dist/lenses/index.js.map +1 -1
- package/dist/mcpClient.js +21 -2
- package/dist/mcpClient.js.map +1 -1
- package/dist/modelRuntimeClient.js +19 -1
- package/dist/modelRuntimeClient.js.map +1 -1
- package/dist/nodes/index.d.ts +21 -15
- package/dist/nodes/index.js +1196 -663
- package/dist/nodes/index.js.map +1 -1
- package/dist/ontologies/index.d.ts +2 -0
- package/dist/ontologies/index.js +1196 -663
- package/dist/ontologies/index.js.map +1 -1
- package/dist/ontologyClient.js +19 -1
- package/dist/ontologyClient.js.map +1 -1
- package/dist/ontologyLinksClient.js +19 -1
- package/dist/ontologyLinksClient.js.map +1 -1
- package/dist/orgGraphSearchClient.js +19 -1
- package/dist/orgGraphSearchClient.js.map +1 -1
- package/dist/packsClient.js +19 -1
- package/dist/packsClient.js.map +1 -1
- package/dist/policyClient.js +19 -1
- package/dist/policyClient.js.map +1 -1
- package/dist/questions/index.d.ts +2 -0
- package/dist/questions/index.js +1196 -663
- package/dist/questions/index.js.map +1 -1
- package/dist/reportsClient.js +19 -1
- package/dist/reportsClient.js.map +1 -1
- package/dist/schemaClient.js +19 -1
- package/dist/schemaClient.js.map +1 -1
- package/dist/secrets.d.ts +1 -0
- package/dist/secrets.js +3 -0
- package/dist/secrets.js.map +1 -0
- package/dist/sourcesClient.js +19 -1
- package/dist/sourcesClient.js.map +1 -1
- package/dist/telemetryClient.js +19 -1
- package/dist/telemetryClient.js.map +1 -1
- package/dist/toolRegistryClient.js +19 -1
- package/dist/toolRegistryClient.js.map +1 -1
- package/dist/topics/index.d.ts +11 -3
- package/dist/topics/index.js +1198 -663
- package/dist/topics/index.js.map +1 -1
- package/dist/topicsClient.d.ts +2 -0
- package/dist/topicsClient.js +19 -1
- package/dist/topicsClient.js.map +1 -1
- package/dist/types.d.ts +17 -0
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/dist/version.js.map +1 -1
- package/dist/workflowClient.d.ts +2 -0
- package/dist/workflowClient.js +19 -1
- package/dist/workflowClient.js.map +1 -1
- package/dist/worktrees/index.d.ts +2 -0
- package/dist/worktrees/index.js +1196 -663
- package/dist/worktrees/index.js.map +1 -1
- package/package.json +9 -4
package/dist/decisions/index.js
CHANGED
|
@@ -36,14 +36,14 @@ function requireString(value, reason, label) {
|
|
|
36
36
|
}
|
|
37
37
|
return normalized;
|
|
38
38
|
}
|
|
39
|
-
function requirePrincipalType(
|
|
40
|
-
if (!
|
|
39
|
+
function requirePrincipalType(principalType2) {
|
|
40
|
+
if (!principalType2) {
|
|
41
41
|
throw new LucernSdkAuthContextError(
|
|
42
42
|
"principal_missing",
|
|
43
43
|
"Canonical Lucern SDK auth context is missing principalType."
|
|
44
44
|
);
|
|
45
45
|
}
|
|
46
|
-
return
|
|
46
|
+
return principalType2;
|
|
47
47
|
}
|
|
48
48
|
function requireAuthMode(authMode) {
|
|
49
49
|
if (!authMode) {
|
|
@@ -89,7 +89,7 @@ function normalizeCanonicalLucernAuthContext(input) {
|
|
|
89
89
|
);
|
|
90
90
|
const roles = cleanStringList(input.roles);
|
|
91
91
|
const scopes = cleanStringList(input.scopes);
|
|
92
|
-
const
|
|
92
|
+
const principalType2 = requirePrincipalType(input.principalType);
|
|
93
93
|
const authMode = requireAuthMode(input.authMode);
|
|
94
94
|
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
95
95
|
if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
|
|
@@ -118,7 +118,7 @@ function normalizeCanonicalLucernAuthContext(input) {
|
|
|
118
118
|
principalId,
|
|
119
119
|
tenantId,
|
|
120
120
|
workspaceId,
|
|
121
|
-
principalType,
|
|
121
|
+
principalType: principalType2,
|
|
122
122
|
authMode,
|
|
123
123
|
roles,
|
|
124
124
|
scopes,
|
|
@@ -349,13 +349,31 @@ function mergeHeaderRecord(base, addition) {
|
|
|
349
349
|
}
|
|
350
350
|
return Object.fromEntries(headers.entries());
|
|
351
351
|
}
|
|
352
|
+
function cleanHeaderValue(value) {
|
|
353
|
+
const normalized = value?.trim();
|
|
354
|
+
return normalized ? normalized : void 0;
|
|
355
|
+
}
|
|
352
356
|
function createGatewayRequestClient(config = {}) {
|
|
353
357
|
const fetchImpl = config.fetchImpl ?? fetch;
|
|
354
358
|
const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
355
359
|
const maxRetries = config.maxRetries ?? 2;
|
|
356
360
|
const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
|
|
357
361
|
async function resolveAuthHeaders() {
|
|
358
|
-
const
|
|
362
|
+
const provided = config.getAuthHeaders ? await config.getAuthHeaders() : {};
|
|
363
|
+
const headers = new Headers(provided);
|
|
364
|
+
const setIfAbsent = (name, value) => {
|
|
365
|
+
const normalized = cleanHeaderValue(value);
|
|
366
|
+
if (normalized && !headers.has(name)) {
|
|
367
|
+
headers.set(name, normalized);
|
|
368
|
+
}
|
|
369
|
+
};
|
|
370
|
+
setIfAbsent("x-lucern-key", config.apiKey);
|
|
371
|
+
setIfAbsent("x-lucern-session-token", config.userToken);
|
|
372
|
+
setIfAbsent("x-lucern-environment", config.environment);
|
|
373
|
+
setIfAbsent("x-lucern-clerk-id", config.clerkId);
|
|
374
|
+
setIfAbsent("x-lucern-user-id", config.userId ?? config.clerkId);
|
|
375
|
+
setIfAbsent("x-lucern-deployment-host", config.deploymentHost);
|
|
376
|
+
const base = Object.fromEntries(headers.entries());
|
|
359
377
|
const authContextInput = await resolveConfiguredAuthContext(
|
|
360
378
|
config.authContext
|
|
361
379
|
);
|
|
@@ -1052,208 +1070,929 @@ function createAdminClient(config = {}) {
|
|
|
1052
1070
|
};
|
|
1053
1071
|
}
|
|
1054
1072
|
|
|
1055
|
-
// src/
|
|
1056
|
-
function
|
|
1057
|
-
const
|
|
1073
|
+
// src/boundaryClientSurface.ts
|
|
1074
|
+
function cleanOptionalString(value) {
|
|
1075
|
+
const normalized = value?.trim();
|
|
1076
|
+
return normalized ? normalized : void 0;
|
|
1077
|
+
}
|
|
1078
|
+
function isRecord3(value) {
|
|
1079
|
+
return Boolean(value) && typeof value === "object" && !Array.isArray(value);
|
|
1080
|
+
}
|
|
1081
|
+
function cleanRequiredString(value, label) {
|
|
1082
|
+
const normalized = cleanOptionalString(value);
|
|
1083
|
+
if (!normalized) {
|
|
1084
|
+
throw new Error(`${label} is required`);
|
|
1085
|
+
}
|
|
1086
|
+
return normalized;
|
|
1087
|
+
}
|
|
1088
|
+
function readTopicId(input) {
|
|
1089
|
+
return cleanOptionalString(input.topicId) ?? cleanOptionalString(input.projectId);
|
|
1090
|
+
}
|
|
1091
|
+
function requireTopicId(input) {
|
|
1092
|
+
const topicId = readTopicId(input);
|
|
1093
|
+
if (!topicId) {
|
|
1094
|
+
throw new Error("topicId is required");
|
|
1095
|
+
}
|
|
1096
|
+
return topicId;
|
|
1097
|
+
}
|
|
1098
|
+
function assertKnownKeys(input, allowed, operation) {
|
|
1099
|
+
const allowedSet = new Set(allowed);
|
|
1100
|
+
const unknownKeys = Object.keys(input).filter((key) => !allowedSet.has(key));
|
|
1101
|
+
if (unknownKeys.length > 0) {
|
|
1102
|
+
throw new Error(
|
|
1103
|
+
`${operation} received unsupported field(s): ${unknownKeys.join(", ")}`
|
|
1104
|
+
);
|
|
1105
|
+
}
|
|
1106
|
+
}
|
|
1107
|
+
function knownPayload(input, allowed, operation) {
|
|
1108
|
+
assertKnownKeys(input, allowed, operation);
|
|
1109
|
+
return { ...input };
|
|
1110
|
+
}
|
|
1111
|
+
function topicPayload(input, allowed, operation) {
|
|
1112
|
+
assertKnownKeys(input, allowed, operation);
|
|
1058
1113
|
return {
|
|
1059
|
-
|
|
1060
|
-
|
|
1061
|
-
|
|
1062
|
-
* @returns The answer record for the given question.
|
|
1063
|
-
*/
|
|
1064
|
-
async get(questionId) {
|
|
1065
|
-
return gateway.request({
|
|
1066
|
-
path: `/api/platform/v1/questions/${encodeURIComponent(questionId)}/answer`
|
|
1067
|
-
});
|
|
1068
|
-
}
|
|
1114
|
+
...input,
|
|
1115
|
+
topicId: requireTopicId(input),
|
|
1116
|
+
projectId: void 0
|
|
1069
1117
|
};
|
|
1070
1118
|
}
|
|
1119
|
+
function listResultFromEnvelope(data, legacyKey) {
|
|
1120
|
+
const record = isRecord3(data) ? data : {};
|
|
1121
|
+
const legacyItems = record[legacyKey];
|
|
1122
|
+
return createListResult(
|
|
1123
|
+
Array.isArray(legacyItems) ? legacyItems : Array.isArray(data) ? data : [],
|
|
1124
|
+
legacyKey
|
|
1125
|
+
);
|
|
1126
|
+
}
|
|
1071
1127
|
|
|
1072
|
-
// src/
|
|
1073
|
-
|
|
1074
|
-
|
|
1075
|
-
|
|
1076
|
-
|
|
1077
|
-
|
|
1078
|
-
|
|
1079
|
-
|
|
1080
|
-
|
|
1081
|
-
|
|
1082
|
-
|
|
1083
|
-
|
|
1084
|
-
|
|
1085
|
-
|
|
1086
|
-
|
|
1087
|
-
|
|
1088
|
-
|
|
1089
|
-
|
|
1090
|
-
|
|
1091
|
-
|
|
1092
|
-
|
|
1093
|
-
|
|
1094
|
-
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
|
|
1098
|
-
|
|
1099
|
-
|
|
1100
|
-
|
|
1101
|
-
|
|
1102
|
-
|
|
1103
|
-
|
|
1104
|
-
|
|
1105
|
-
|
|
1106
|
-
|
|
1107
|
-
|
|
1108
|
-
|
|
1109
|
-
|
|
1110
|
-
|
|
1111
|
-
|
|
1112
|
-
|
|
1113
|
-
|
|
1114
|
-
|
|
1115
|
-
|
|
1116
|
-
|
|
1117
|
-
|
|
1118
|
-
|
|
1119
|
-
|
|
1120
|
-
|
|
1121
|
-
|
|
1122
|
-
|
|
1123
|
-
};
|
|
1124
|
-
|
|
1125
|
-
|
|
1126
|
-
|
|
1127
|
-
|
|
1128
|
-
|
|
1129
|
-
|
|
1130
|
-
|
|
1131
|
-
|
|
1128
|
+
// src/control-plane.ts
|
|
1129
|
+
var LucernControlPlaneIdentityError = class extends Error {
|
|
1130
|
+
reason;
|
|
1131
|
+
principalStatus;
|
|
1132
|
+
tenantStatus;
|
|
1133
|
+
workspaceStatus;
|
|
1134
|
+
details;
|
|
1135
|
+
constructor(failure) {
|
|
1136
|
+
super(failure.message);
|
|
1137
|
+
this.name = "LucernControlPlaneIdentityError";
|
|
1138
|
+
this.reason = failure.reason;
|
|
1139
|
+
this.principalStatus = failure.principalStatus;
|
|
1140
|
+
this.tenantStatus = failure.tenantStatus;
|
|
1141
|
+
this.workspaceStatus = failure.workspaceStatus;
|
|
1142
|
+
this.details = failure.details;
|
|
1143
|
+
}
|
|
1144
|
+
};
|
|
1145
|
+
function cleanString3(value) {
|
|
1146
|
+
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
1147
|
+
}
|
|
1148
|
+
function stringList(value) {
|
|
1149
|
+
if (!Array.isArray(value)) {
|
|
1150
|
+
return [];
|
|
1151
|
+
}
|
|
1152
|
+
return [
|
|
1153
|
+
...new Set(
|
|
1154
|
+
value.filter((entry) => typeof entry === "string").map((entry) => entry.trim()).filter(Boolean)
|
|
1155
|
+
)
|
|
1156
|
+
];
|
|
1157
|
+
}
|
|
1158
|
+
function principalType(value) {
|
|
1159
|
+
switch (value) {
|
|
1160
|
+
case "service":
|
|
1161
|
+
case "service_principal":
|
|
1162
|
+
return "service";
|
|
1163
|
+
case "agent":
|
|
1164
|
+
return "agent";
|
|
1165
|
+
case "group":
|
|
1166
|
+
return "group";
|
|
1167
|
+
case "external_viewer":
|
|
1168
|
+
case "external_stakeholder":
|
|
1169
|
+
return "external_viewer";
|
|
1170
|
+
default:
|
|
1171
|
+
return "human";
|
|
1172
|
+
}
|
|
1173
|
+
}
|
|
1174
|
+
function adminFlags(roles) {
|
|
1175
|
+
const normalized = roles.map((role) => role.toLowerCase());
|
|
1176
|
+
const isPlatformAdmin = normalized.includes("platform_admin");
|
|
1177
|
+
const isTenantAdmin = isPlatformAdmin || normalized.includes("tenant_admin");
|
|
1178
|
+
const isWorkspaceAdmin = isTenantAdmin || normalized.includes("workspace_admin") || normalized.includes("workspace_owner");
|
|
1179
|
+
return { isPlatformAdmin, isTenantAdmin, isWorkspaceAdmin };
|
|
1180
|
+
}
|
|
1181
|
+
function normalizeResolvedInteractivePrincipal(payload) {
|
|
1182
|
+
if ("ok" in payload && payload.ok === false) {
|
|
1183
|
+
throw new LucernControlPlaneIdentityError(payload);
|
|
1184
|
+
}
|
|
1185
|
+
const principalId = cleanString3(payload.principalId);
|
|
1186
|
+
const clerkId = cleanString3(payload.clerkId);
|
|
1187
|
+
const tenantId = cleanString3(payload.tenantId);
|
|
1188
|
+
if (!principalId || !clerkId || !tenantId) {
|
|
1189
|
+
throw new LucernControlPlaneIdentityError({
|
|
1190
|
+
ok: false,
|
|
1191
|
+
reason: "resolver_unavailable",
|
|
1192
|
+
message: "Control-plane principal resolver returned an incomplete principal context.",
|
|
1193
|
+
principalStatus: payload.principalStatus ?? "missing",
|
|
1194
|
+
tenantStatus: payload.tenantStatus,
|
|
1195
|
+
workspaceStatus: payload.workspaceStatus
|
|
1132
1196
|
});
|
|
1133
|
-
}
|
|
1134
|
-
const
|
|
1197
|
+
}
|
|
1198
|
+
const roles = stringList(payload.roles);
|
|
1199
|
+
const scopes = stringList(payload.scopes);
|
|
1200
|
+
const workspaceId = cleanString3(payload.workspaceId) ?? null;
|
|
1201
|
+
const flags = adminFlags(roles);
|
|
1135
1202
|
return {
|
|
1136
|
-
|
|
1137
|
-
|
|
1138
|
-
|
|
1139
|
-
|
|
1140
|
-
|
|
1141
|
-
|
|
1142
|
-
|
|
1143
|
-
|
|
1144
|
-
|
|
1145
|
-
|
|
1146
|
-
|
|
1147
|
-
|
|
1148
|
-
|
|
1149
|
-
|
|
1150
|
-
|
|
1151
|
-
|
|
1152
|
-
|
|
1153
|
-
|
|
1154
|
-
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
|
|
1158
|
-
|
|
1159
|
-
|
|
1160
|
-
|
|
1161
|
-
* @deprecated Use listGrants.
|
|
1162
|
-
*/
|
|
1163
|
-
getGrants,
|
|
1164
|
-
/**
|
|
1165
|
-
* Create an audience grant.
|
|
1166
|
-
*/
|
|
1167
|
-
createGrant,
|
|
1168
|
-
/**
|
|
1169
|
-
* @deprecated Use createGrant.
|
|
1170
|
-
*/
|
|
1171
|
-
grant,
|
|
1172
|
-
/**
|
|
1173
|
-
* Delete an audience grant by revoking it.
|
|
1174
|
-
*/
|
|
1175
|
-
deleteGrant,
|
|
1176
|
-
/**
|
|
1177
|
-
* @deprecated Use deleteGrant.
|
|
1178
|
-
*/
|
|
1179
|
-
revokeGrant
|
|
1203
|
+
principalId,
|
|
1204
|
+
principalType: principalType(payload.principalType),
|
|
1205
|
+
clerkId,
|
|
1206
|
+
tenantId,
|
|
1207
|
+
workspaceId,
|
|
1208
|
+
roles,
|
|
1209
|
+
scopes,
|
|
1210
|
+
groupIds: stringList(payload.groupIds),
|
|
1211
|
+
permittedToolNames: stringList(payload.permittedToolNames),
|
|
1212
|
+
permittedPackKeys: stringList(payload.permittedPackKeys),
|
|
1213
|
+
principalStatus: cleanString3(payload.principalStatus) ?? "active",
|
|
1214
|
+
tenantStatus: cleanString3(payload.tenantStatus) ?? "active",
|
|
1215
|
+
workspaceStatus: cleanString3(payload.workspaceStatus) ?? (workspaceId ? "active" : "none"),
|
|
1216
|
+
isPlatformAdmin: typeof payload.isPlatformAdmin === "boolean" ? payload.isPlatformAdmin : flags.isPlatformAdmin,
|
|
1217
|
+
isTenantAdmin: typeof payload.isTenantAdmin === "boolean" ? payload.isTenantAdmin : flags.isTenantAdmin,
|
|
1218
|
+
isWorkspaceAdmin: typeof payload.isWorkspaceAdmin === "boolean" ? payload.isWorkspaceAdmin : flags.isWorkspaceAdmin,
|
|
1219
|
+
permit: {
|
|
1220
|
+
subject: cleanString3(payload.permit?.subject) ?? principalId,
|
|
1221
|
+
tenant: cleanString3(payload.permit?.tenant) ?? tenantId,
|
|
1222
|
+
...workspaceId ? { workspace: cleanString3(payload.permit?.workspace) ?? workspaceId } : {}
|
|
1223
|
+
},
|
|
1224
|
+
authMode: "interactive_user",
|
|
1225
|
+
sessionId: payload.sessionId,
|
|
1226
|
+
delegatedBy: payload.delegatedBy,
|
|
1227
|
+
expiresAt: payload.expiresAt
|
|
1180
1228
|
};
|
|
1181
1229
|
}
|
|
1182
|
-
|
|
1183
|
-
// src/auditClient.ts
|
|
1184
|
-
function createAuditClient(config = {}) {
|
|
1230
|
+
function createControlPlaneIdentityClient(config = {}) {
|
|
1185
1231
|
const gateway = createGatewayRequestClient(config);
|
|
1186
1232
|
return {
|
|
1187
|
-
|
|
1188
|
-
* List audit events for the current scope.
|
|
1189
|
-
*/
|
|
1190
|
-
async listEvents(query5 = {}) {
|
|
1233
|
+
async resolveInteractivePrincipal(input) {
|
|
1191
1234
|
return gateway.request({
|
|
1192
|
-
path:
|
|
1193
|
-
|
|
1194
|
-
|
|
1235
|
+
path: "/api/platform/v1/control-plane/identity/resolve-interactive-principal",
|
|
1236
|
+
method: "POST",
|
|
1237
|
+
body: input
|
|
1195
1238
|
}).then(
|
|
1196
|
-
(response) => mapGatewayData(
|
|
1197
|
-
response,
|
|
1198
|
-
(data) => createListResult(Array.isArray(data) ? data : [], "events")
|
|
1199
|
-
)
|
|
1239
|
+
(response) => mapGatewayData(response, normalizeResolvedInteractivePrincipal)
|
|
1200
1240
|
);
|
|
1201
1241
|
}
|
|
1202
1242
|
};
|
|
1203
1243
|
}
|
|
1204
|
-
|
|
1205
|
-
// src/authDeviceClient.ts
|
|
1206
|
-
var DeviceAuthorizationError = class extends Error {
|
|
1207
|
-
error;
|
|
1208
|
-
interval;
|
|
1209
|
-
constructor(args) {
|
|
1210
|
-
super(args.description ?? args.error);
|
|
1211
|
-
this.name = "DeviceAuthorizationError";
|
|
1212
|
-
this.error = args.error;
|
|
1213
|
-
this.interval = args.interval;
|
|
1214
|
-
}
|
|
1215
|
-
};
|
|
1216
|
-
function authBaseUrl(config) {
|
|
1217
|
-
return config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
1218
|
-
}
|
|
1219
|
-
async function readJson(response) {
|
|
1220
|
-
try {
|
|
1221
|
-
const payload = await response.json();
|
|
1222
|
-
return isRecord3(payload) ? payload : {};
|
|
1223
|
-
} catch (error) {
|
|
1224
|
-
return unreadableJsonBodyFallback();
|
|
1225
|
-
}
|
|
1226
|
-
}
|
|
1227
|
-
function unreadableJsonBodyFallback(_error) {
|
|
1228
|
-
return {};
|
|
1229
|
-
}
|
|
1230
|
-
function isRecord3(value) {
|
|
1231
|
-
return value !== null && typeof value === "object" && !Array.isArray(value);
|
|
1232
|
-
}
|
|
1233
|
-
function readString(value) {
|
|
1234
|
-
const normalized = typeof value === "string" ? value.trim() : "";
|
|
1235
|
-
return normalized || void 0;
|
|
1236
|
-
}
|
|
1237
|
-
function assertDeviceCodeResponse(payload) {
|
|
1238
|
-
const deviceCode = readString(payload.device_code);
|
|
1239
|
-
const userCode = readString(payload.user_code);
|
|
1240
|
-
const verificationUri = readString(payload.verification_uri);
|
|
1241
|
-
const verificationUriComplete = readString(payload.verification_uri_complete);
|
|
1242
|
-
const expiresIn = payload.expires_in;
|
|
1243
|
-
const interval = payload.interval;
|
|
1244
|
-
if (!deviceCode || !userCode || !verificationUri || !verificationUriComplete || typeof expiresIn !== "number" || typeof interval !== "number") {
|
|
1245
|
-
throw new Error("Gateway returned an invalid device-code response.");
|
|
1246
|
-
}
|
|
1244
|
+
function createControlPlaneClient(config = {}) {
|
|
1247
1245
|
return {
|
|
1248
|
-
|
|
1249
|
-
user_code: userCode,
|
|
1250
|
-
verification_uri: verificationUri,
|
|
1251
|
-
verification_uri_complete: verificationUriComplete,
|
|
1252
|
-
expires_in: expiresIn,
|
|
1253
|
-
interval
|
|
1246
|
+
identity: createControlPlaneIdentityClient(config)
|
|
1254
1247
|
};
|
|
1255
1248
|
}
|
|
1256
|
-
|
|
1249
|
+
|
|
1250
|
+
// src/identityClient.ts
|
|
1251
|
+
function createIdentityWhoamiClient(config = {}) {
|
|
1252
|
+
const gateway = createGatewayRequestClient(config);
|
|
1253
|
+
return {
|
|
1254
|
+
async whoami() {
|
|
1255
|
+
return gateway.request({
|
|
1256
|
+
path: "/api/platform/v1/identity/whoami"
|
|
1257
|
+
});
|
|
1258
|
+
}
|
|
1259
|
+
};
|
|
1260
|
+
}
|
|
1261
|
+
var TENANT_IDENTITY_FIELDS = [
|
|
1262
|
+
"tenantId",
|
|
1263
|
+
"workspaceId",
|
|
1264
|
+
"principalId",
|
|
1265
|
+
"integrationKey",
|
|
1266
|
+
"secretRef",
|
|
1267
|
+
"policySubject",
|
|
1268
|
+
"policyAction",
|
|
1269
|
+
"policyResource",
|
|
1270
|
+
"decision",
|
|
1271
|
+
"config",
|
|
1272
|
+
"configKey",
|
|
1273
|
+
"configValue",
|
|
1274
|
+
"provider",
|
|
1275
|
+
"status",
|
|
1276
|
+
"metadata",
|
|
1277
|
+
"limit",
|
|
1278
|
+
"cursor"
|
|
1279
|
+
];
|
|
1280
|
+
function tenantIdentityQuery(input) {
|
|
1281
|
+
return {
|
|
1282
|
+
tenantId: cleanRequiredString(input.tenantId, "tenantId"),
|
|
1283
|
+
workspaceId: input.workspaceId,
|
|
1284
|
+
principalId: input.principalId,
|
|
1285
|
+
limit: input.limit,
|
|
1286
|
+
cursor: input.cursor
|
|
1287
|
+
};
|
|
1288
|
+
}
|
|
1289
|
+
function tenantIdentityBody(input, operation) {
|
|
1290
|
+
return knownPayload(input, TENANT_IDENTITY_FIELDS, operation);
|
|
1291
|
+
}
|
|
1292
|
+
function createIdentityClient(config = {}) {
|
|
1293
|
+
const gateway = createGatewayRequestClient(config);
|
|
1294
|
+
const whoamiClient = createIdentityWhoamiClient(config);
|
|
1295
|
+
const requestPrincipalWrite = (method, input, idempotencyKey) => gateway.request({
|
|
1296
|
+
path: "/api/platform/v1/identity/principals",
|
|
1297
|
+
method,
|
|
1298
|
+
body: input,
|
|
1299
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1300
|
+
});
|
|
1301
|
+
const updatePrincipal = (input, idempotencyKey) => requestPrincipalWrite("PATCH", input, idempotencyKey);
|
|
1302
|
+
const deleteKey = (keyId, input = {}, idempotencyKey) => gateway.request({
|
|
1303
|
+
path: `/api/platform/v1/identity/keys/${encodeURIComponent(keyId)}/revoke`,
|
|
1304
|
+
method: "POST",
|
|
1305
|
+
body: input,
|
|
1306
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1307
|
+
});
|
|
1308
|
+
return {
|
|
1309
|
+
/**
|
|
1310
|
+
* Resolve the current authenticated identity summary.
|
|
1311
|
+
*/
|
|
1312
|
+
async whoami() {
|
|
1313
|
+
return whoamiClient.whoami().then(
|
|
1314
|
+
(response) => mapGatewayData(response, (data) => ({
|
|
1315
|
+
principalId: data.principalId,
|
|
1316
|
+
principalType: data.principalType,
|
|
1317
|
+
clerkId: data.clerkId,
|
|
1318
|
+
tenantId: data.tenantId ?? null,
|
|
1319
|
+
workspaceId: data.workspaceId ?? null,
|
|
1320
|
+
scopes: Array.isArray(data.scopes) ? data.scopes : [],
|
|
1321
|
+
roles: Array.isArray(data.roles) ? data.roles : [],
|
|
1322
|
+
groupIds: Array.isArray(data.groupIds) ? data.groupIds : [],
|
|
1323
|
+
permittedToolNames: Array.isArray(data.permittedToolNames) ? data.permittedToolNames : [],
|
|
1324
|
+
permittedPackKeys: Array.isArray(data.permittedPackKeys) ? data.permittedPackKeys : [],
|
|
1325
|
+
principalStatus: data.principalStatus,
|
|
1326
|
+
tenantStatus: data.tenantStatus,
|
|
1327
|
+
workspaceStatus: data.workspaceStatus,
|
|
1328
|
+
isPlatformAdmin: data.isPlatformAdmin === true,
|
|
1329
|
+
isTenantAdmin: data.isTenantAdmin === true,
|
|
1330
|
+
isWorkspaceAdmin: data.isWorkspaceAdmin === true,
|
|
1331
|
+
permit: data.permit ?? (data.tenantId ? {
|
|
1332
|
+
subject: data.principalId,
|
|
1333
|
+
tenant: data.tenantId,
|
|
1334
|
+
...data.workspaceId ? { workspace: data.workspaceId } : {}
|
|
1335
|
+
} : void 0),
|
|
1336
|
+
authMode: data.authMode,
|
|
1337
|
+
sessionId: data.sessionId,
|
|
1338
|
+
delegatedBy: data.delegatedBy,
|
|
1339
|
+
expiresAt: data.expiresAt
|
|
1340
|
+
}))
|
|
1341
|
+
);
|
|
1342
|
+
},
|
|
1343
|
+
/**
|
|
1344
|
+
* Resolve a Clerk subject through the tenant control-plane Permit projection.
|
|
1345
|
+
* @deprecated Prefer lucern.controlPlane.identity.resolveInteractivePrincipal().
|
|
1346
|
+
*/
|
|
1347
|
+
async resolveInteractivePrincipal(input) {
|
|
1348
|
+
return gateway.request({
|
|
1349
|
+
path: "/api/platform/v1/control-plane/identity/resolve-interactive-principal",
|
|
1350
|
+
method: "POST",
|
|
1351
|
+
body: input
|
|
1352
|
+
}).then(
|
|
1353
|
+
(response) => mapGatewayData(response, normalizeResolvedInteractivePrincipal)
|
|
1354
|
+
);
|
|
1355
|
+
},
|
|
1356
|
+
/**
|
|
1357
|
+
* List principals in the current identity scope.
|
|
1358
|
+
*/
|
|
1359
|
+
async listPrincipals(query5 = {}) {
|
|
1360
|
+
return gateway.request({
|
|
1361
|
+
path: `/api/platform/v1/identity/principals${toQueryString(query5)}`
|
|
1362
|
+
}).then(
|
|
1363
|
+
(response) => mapGatewayData(
|
|
1364
|
+
response,
|
|
1365
|
+
(data) => createListResult(
|
|
1366
|
+
Array.isArray(data) ? data : [],
|
|
1367
|
+
"principals"
|
|
1368
|
+
)
|
|
1369
|
+
)
|
|
1370
|
+
);
|
|
1371
|
+
},
|
|
1372
|
+
/**
|
|
1373
|
+
* Create a principal.
|
|
1374
|
+
*/
|
|
1375
|
+
async createPrincipal(input, idempotencyKey) {
|
|
1376
|
+
return requestPrincipalWrite("POST", input, idempotencyKey);
|
|
1377
|
+
},
|
|
1378
|
+
/**
|
|
1379
|
+
* Update a principal.
|
|
1380
|
+
*/
|
|
1381
|
+
updatePrincipal,
|
|
1382
|
+
/**
|
|
1383
|
+
* @deprecated Use createPrincipal or updatePrincipal.
|
|
1384
|
+
*/
|
|
1385
|
+
upsertPrincipal: updatePrincipal,
|
|
1386
|
+
/**
|
|
1387
|
+
* List keys in the current identity scope.
|
|
1388
|
+
*/
|
|
1389
|
+
async listKeys(query5 = {}) {
|
|
1390
|
+
return gateway.request({
|
|
1391
|
+
path: `/api/platform/v1/identity/keys${toQueryString(query5)}`
|
|
1392
|
+
}).then(
|
|
1393
|
+
(response) => mapGatewayData(
|
|
1394
|
+
response,
|
|
1395
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "keys")
|
|
1396
|
+
)
|
|
1397
|
+
);
|
|
1398
|
+
},
|
|
1399
|
+
/**
|
|
1400
|
+
* Create an API key.
|
|
1401
|
+
*/
|
|
1402
|
+
async createKey(input, idempotencyKey) {
|
|
1403
|
+
return gateway.request({
|
|
1404
|
+
path: "/api/platform/v1/identity/keys",
|
|
1405
|
+
method: "POST",
|
|
1406
|
+
body: input,
|
|
1407
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1408
|
+
});
|
|
1409
|
+
},
|
|
1410
|
+
/**
|
|
1411
|
+
* Rotate an API key.
|
|
1412
|
+
*/
|
|
1413
|
+
async rotateKey(keyId, input = {}, idempotencyKey) {
|
|
1414
|
+
return gateway.request({
|
|
1415
|
+
path: `/api/platform/v1/identity/keys/${encodeURIComponent(keyId)}/rotate`,
|
|
1416
|
+
method: "POST",
|
|
1417
|
+
body: input,
|
|
1418
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1419
|
+
});
|
|
1420
|
+
},
|
|
1421
|
+
/**
|
|
1422
|
+
* Delete an API key by revoking it.
|
|
1423
|
+
*/
|
|
1424
|
+
deleteKey,
|
|
1425
|
+
/**
|
|
1426
|
+
* @deprecated Use deleteKey.
|
|
1427
|
+
*/
|
|
1428
|
+
revokeKey: deleteKey,
|
|
1429
|
+
/**
|
|
1430
|
+
* Search Clerk users by email or display attributes.
|
|
1431
|
+
*/
|
|
1432
|
+
async searchClerkUsers(q) {
|
|
1433
|
+
return gateway.request({
|
|
1434
|
+
path: `/api/platform/v1/identity/clerk-users${toQueryString({ q })}`
|
|
1435
|
+
});
|
|
1436
|
+
},
|
|
1437
|
+
async getTenantConfig(input) {
|
|
1438
|
+
return gateway.request({
|
|
1439
|
+
path: `/api/platform/v1/identity/tenant-config${toQueryString(
|
|
1440
|
+
tenantIdentityQuery(input)
|
|
1441
|
+
)}`
|
|
1442
|
+
});
|
|
1443
|
+
},
|
|
1444
|
+
async updateTenantConfig(input, idempotencyKey) {
|
|
1445
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1446
|
+
return gateway.request({
|
|
1447
|
+
path: "/api/platform/v1/identity/tenant-config",
|
|
1448
|
+
method: "PATCH",
|
|
1449
|
+
body: tenantIdentityBody(
|
|
1450
|
+
input,
|
|
1451
|
+
"identity.updateTenantConfig"
|
|
1452
|
+
),
|
|
1453
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1454
|
+
});
|
|
1455
|
+
},
|
|
1456
|
+
async listIntegrations(input) {
|
|
1457
|
+
return gateway.request({
|
|
1458
|
+
path: `/api/platform/v1/identity/integrations${toQueryString(
|
|
1459
|
+
tenantIdentityQuery(input)
|
|
1460
|
+
)}`
|
|
1461
|
+
}).then(
|
|
1462
|
+
(response) => mapGatewayData(
|
|
1463
|
+
response,
|
|
1464
|
+
(data) => listResultFromEnvelope(
|
|
1465
|
+
data,
|
|
1466
|
+
"integrations"
|
|
1467
|
+
)
|
|
1468
|
+
)
|
|
1469
|
+
);
|
|
1470
|
+
},
|
|
1471
|
+
async upsertIntegration(input, idempotencyKey) {
|
|
1472
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1473
|
+
cleanRequiredString(input.integrationKey, "integrationKey");
|
|
1474
|
+
return gateway.request({
|
|
1475
|
+
path: "/api/platform/v1/identity/integrations",
|
|
1476
|
+
method: "PUT",
|
|
1477
|
+
body: tenantIdentityBody(
|
|
1478
|
+
input,
|
|
1479
|
+
"identity.upsertIntegration"
|
|
1480
|
+
),
|
|
1481
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1482
|
+
});
|
|
1483
|
+
},
|
|
1484
|
+
async listSecrets(input) {
|
|
1485
|
+
return gateway.request({
|
|
1486
|
+
path: `/api/platform/v1/identity/secrets${toQueryString(
|
|
1487
|
+
tenantIdentityQuery(input)
|
|
1488
|
+
)}`
|
|
1489
|
+
}).then(
|
|
1490
|
+
(response) => mapGatewayData(
|
|
1491
|
+
response,
|
|
1492
|
+
(data) => listResultFromEnvelope(
|
|
1493
|
+
data,
|
|
1494
|
+
"secrets"
|
|
1495
|
+
)
|
|
1496
|
+
)
|
|
1497
|
+
);
|
|
1498
|
+
},
|
|
1499
|
+
async putSecretReference(input, idempotencyKey) {
|
|
1500
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1501
|
+
cleanRequiredString(input.secretRef, "secretRef");
|
|
1502
|
+
return gateway.request({
|
|
1503
|
+
path: "/api/platform/v1/identity/secrets",
|
|
1504
|
+
method: "PUT",
|
|
1505
|
+
body: tenantIdentityBody(
|
|
1506
|
+
input,
|
|
1507
|
+
"identity.putSecretReference"
|
|
1508
|
+
),
|
|
1509
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1510
|
+
});
|
|
1511
|
+
},
|
|
1512
|
+
async evaluatePolicy(input, idempotencyKey) {
|
|
1513
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1514
|
+
cleanRequiredString(input.policySubject, "policySubject");
|
|
1515
|
+
cleanRequiredString(input.policyAction, "policyAction");
|
|
1516
|
+
cleanRequiredString(input.policyResource, "policyResource");
|
|
1517
|
+
return gateway.request({
|
|
1518
|
+
path: "/api/platform/v1/identity/policy/evaluate",
|
|
1519
|
+
method: "POST",
|
|
1520
|
+
body: tenantIdentityBody(
|
|
1521
|
+
input,
|
|
1522
|
+
"identity.evaluatePolicy"
|
|
1523
|
+
),
|
|
1524
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1525
|
+
});
|
|
1526
|
+
},
|
|
1527
|
+
async recordPolicyDecision(input, idempotencyKey) {
|
|
1528
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
1529
|
+
cleanRequiredString(input.decision, "decision");
|
|
1530
|
+
return gateway.request({
|
|
1531
|
+
path: "/api/platform/v1/identity/policy/decisions",
|
|
1532
|
+
method: "POST",
|
|
1533
|
+
body: tenantIdentityBody(
|
|
1534
|
+
input,
|
|
1535
|
+
"identity.recordPolicyDecision"
|
|
1536
|
+
),
|
|
1537
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1538
|
+
});
|
|
1539
|
+
}
|
|
1540
|
+
};
|
|
1541
|
+
}
|
|
1542
|
+
|
|
1543
|
+
// src/accessControl.ts
|
|
1544
|
+
var LucernAccessControlError = class extends LucernSdkAuthContextError {
|
|
1545
|
+
policyDecision;
|
|
1546
|
+
constructor(reason, message, policyDecision) {
|
|
1547
|
+
super(reason, message);
|
|
1548
|
+
this.name = "LucernAccessControlError";
|
|
1549
|
+
this.policyDecision = policyDecision;
|
|
1550
|
+
}
|
|
1551
|
+
};
|
|
1552
|
+
function cleanString4(value) {
|
|
1553
|
+
const normalized = value?.trim();
|
|
1554
|
+
return normalized ? normalized : void 0;
|
|
1555
|
+
}
|
|
1556
|
+
function cleanStringList2(values) {
|
|
1557
|
+
if (!values) {
|
|
1558
|
+
return [];
|
|
1559
|
+
}
|
|
1560
|
+
return [
|
|
1561
|
+
...new Set(
|
|
1562
|
+
values.map((value) => value.trim()).filter((value) => value.length > 0)
|
|
1563
|
+
)
|
|
1564
|
+
];
|
|
1565
|
+
}
|
|
1566
|
+
function requireString2(value, reason, label) {
|
|
1567
|
+
const normalized = cleanString4(value);
|
|
1568
|
+
if (!normalized) {
|
|
1569
|
+
throw new LucernAccessControlError(
|
|
1570
|
+
reason,
|
|
1571
|
+
`Lucern SDK access control requires ${label}.`
|
|
1572
|
+
);
|
|
1573
|
+
}
|
|
1574
|
+
return normalized;
|
|
1575
|
+
}
|
|
1576
|
+
function normalizePrincipalType(principalType2) {
|
|
1577
|
+
if (principalType2 === "agent") {
|
|
1578
|
+
return "agent";
|
|
1579
|
+
}
|
|
1580
|
+
if (principalType2 === "service") {
|
|
1581
|
+
return "service";
|
|
1582
|
+
}
|
|
1583
|
+
if (principalType2 === "group") {
|
|
1584
|
+
return "group";
|
|
1585
|
+
}
|
|
1586
|
+
if (principalType2 === "external_viewer") {
|
|
1587
|
+
return "external_viewer";
|
|
1588
|
+
}
|
|
1589
|
+
return "human";
|
|
1590
|
+
}
|
|
1591
|
+
function aliasKey(alias) {
|
|
1592
|
+
return `${alias.provider}:${alias.providerProjectId ?? ""}:${alias.externalSubjectId}`;
|
|
1593
|
+
}
|
|
1594
|
+
function normalizeAliases(input, canonicalClerkUserId) {
|
|
1595
|
+
const aliases = /* @__PURE__ */ new Map();
|
|
1596
|
+
for (const alias of input ?? []) {
|
|
1597
|
+
const externalSubjectId = cleanString4(alias.externalSubjectId);
|
|
1598
|
+
if (!externalSubjectId) {
|
|
1599
|
+
continue;
|
|
1600
|
+
}
|
|
1601
|
+
const normalized = {
|
|
1602
|
+
provider: cleanString4(alias.provider) ?? "clerk",
|
|
1603
|
+
providerProjectId: cleanString4(alias.providerProjectId),
|
|
1604
|
+
externalSubjectId,
|
|
1605
|
+
status: cleanString4(alias.status)
|
|
1606
|
+
};
|
|
1607
|
+
aliases.set(aliasKey(normalized), normalized);
|
|
1608
|
+
}
|
|
1609
|
+
if (canonicalClerkUserId) {
|
|
1610
|
+
const canonicalAlias = {
|
|
1611
|
+
provider: "clerk",
|
|
1612
|
+
externalSubjectId: canonicalClerkUserId,
|
|
1613
|
+
status: "active"
|
|
1614
|
+
};
|
|
1615
|
+
aliases.set(aliasKey(canonicalAlias), canonicalAlias);
|
|
1616
|
+
}
|
|
1617
|
+
return [...aliases.values()];
|
|
1618
|
+
}
|
|
1619
|
+
function isKnownClerkSubject(args) {
|
|
1620
|
+
if (args.clerkId === args.canonicalClerkUserId) {
|
|
1621
|
+
return true;
|
|
1622
|
+
}
|
|
1623
|
+
return args.aliases.some(
|
|
1624
|
+
(alias) => alias.provider === "clerk" && alias.externalSubjectId === args.clerkId
|
|
1625
|
+
);
|
|
1626
|
+
}
|
|
1627
|
+
function authContextToPrincipalInput(input) {
|
|
1628
|
+
const normalized = normalizeCanonicalLucernAuthContext(input);
|
|
1629
|
+
return {
|
|
1630
|
+
principalId: normalized.principalId,
|
|
1631
|
+
principalType: normalized.principalType,
|
|
1632
|
+
canonicalClerkUserId: normalized.clerkId,
|
|
1633
|
+
clerkId: normalized.clerkId,
|
|
1634
|
+
tenantId: normalized.tenantId,
|
|
1635
|
+
workspaceId: normalized.workspaceId,
|
|
1636
|
+
roles: normalized.roles,
|
|
1637
|
+
scopes: normalized.scopes
|
|
1638
|
+
};
|
|
1639
|
+
}
|
|
1640
|
+
function isAuthContextInput(input) {
|
|
1641
|
+
return "authMode" in input || "permit" in input || "delegationChain" in input;
|
|
1642
|
+
}
|
|
1643
|
+
function normalizeCanonicalPrincipalIdentity(input, options = {}) {
|
|
1644
|
+
const principalInput = isAuthContextInput(input) ? authContextToPrincipalInput(input) : input;
|
|
1645
|
+
const principalId = requireString2(
|
|
1646
|
+
principalInput.principalId,
|
|
1647
|
+
"principal_missing",
|
|
1648
|
+
"principalId"
|
|
1649
|
+
);
|
|
1650
|
+
const principalType2 = normalizePrincipalType(principalInput.principalType);
|
|
1651
|
+
const observedClerkId = cleanString4(options.observedClerkId);
|
|
1652
|
+
const canonicalClerkUserId = cleanString4(principalInput.canonicalClerkUserId) ?? cleanString4(principalInput.clerkId);
|
|
1653
|
+
if (principalType2 === "human" && !canonicalClerkUserId) {
|
|
1654
|
+
throw new LucernAccessControlError(
|
|
1655
|
+
"clerk_alias_missing",
|
|
1656
|
+
"Human principals require one canonical Clerk user id."
|
|
1657
|
+
);
|
|
1658
|
+
}
|
|
1659
|
+
const aliases = normalizeAliases(
|
|
1660
|
+
principalInput.clerkIdentityAliases,
|
|
1661
|
+
canonicalClerkUserId
|
|
1662
|
+
);
|
|
1663
|
+
if (observedClerkId && !isKnownClerkSubject({
|
|
1664
|
+
clerkId: observedClerkId,
|
|
1665
|
+
canonicalClerkUserId,
|
|
1666
|
+
aliases
|
|
1667
|
+
})) {
|
|
1668
|
+
throw new LucernAccessControlError(
|
|
1669
|
+
"clerk_alias_unrecognized",
|
|
1670
|
+
"Observed Clerk user id does not match the canonical human principal id."
|
|
1671
|
+
);
|
|
1672
|
+
}
|
|
1673
|
+
return {
|
|
1674
|
+
principalId,
|
|
1675
|
+
principalType: principalType2,
|
|
1676
|
+
canonicalClerkUserId,
|
|
1677
|
+
clerkIdentityAliases: aliases,
|
|
1678
|
+
tenantId: cleanString4(principalInput.tenantId),
|
|
1679
|
+
workspaceId: cleanString4(principalInput.workspaceId),
|
|
1680
|
+
roles: cleanStringList2(principalInput.roles),
|
|
1681
|
+
scopes: cleanStringList2(principalInput.scopes)
|
|
1682
|
+
};
|
|
1683
|
+
}
|
|
1684
|
+
function formatPermitResource(resource) {
|
|
1685
|
+
if (typeof resource === "string") {
|
|
1686
|
+
return requireString2(resource, "policy_denied", "policyResource");
|
|
1687
|
+
}
|
|
1688
|
+
const type = requireString2(resource.type, "policy_denied", "resource.type");
|
|
1689
|
+
const key = requireString2(resource.key, "policy_denied", "resource.key");
|
|
1690
|
+
return key.startsWith(`${type}:`) ? key : `${type}:${key}`;
|
|
1691
|
+
}
|
|
1692
|
+
function resourceRequiresWorkspace(resource) {
|
|
1693
|
+
if (typeof resource === "string") {
|
|
1694
|
+
return !resource.startsWith("tenant:");
|
|
1695
|
+
}
|
|
1696
|
+
return resource.type !== "tenant";
|
|
1697
|
+
}
|
|
1698
|
+
function buildPolicyInput(identity, input) {
|
|
1699
|
+
const tenantId = requireString2(
|
|
1700
|
+
input.tenantId ?? identity.tenantId,
|
|
1701
|
+
"tenant_missing",
|
|
1702
|
+
"tenantId"
|
|
1703
|
+
);
|
|
1704
|
+
const workspaceId = cleanString4(input.workspaceId ?? identity.workspaceId);
|
|
1705
|
+
if (resourceRequiresWorkspace(input.resource) && !workspaceId) {
|
|
1706
|
+
throw new LucernAccessControlError(
|
|
1707
|
+
"workspace_missing",
|
|
1708
|
+
"Workspace-scoped Permit checks require workspaceId."
|
|
1709
|
+
);
|
|
1710
|
+
}
|
|
1711
|
+
return {
|
|
1712
|
+
tenantId,
|
|
1713
|
+
workspaceId,
|
|
1714
|
+
principalId: identity.principalId,
|
|
1715
|
+
policySubject: identity.principalId,
|
|
1716
|
+
policyAction: requireString2(input.action, "policy_denied", "policyAction"),
|
|
1717
|
+
policyResource: formatPermitResource(input.resource),
|
|
1718
|
+
metadata: input.context
|
|
1719
|
+
};
|
|
1720
|
+
}
|
|
1721
|
+
async function resolveConfiguredPrincipalInput(authContext) {
|
|
1722
|
+
if (typeof authContext === "function") {
|
|
1723
|
+
return await authContext();
|
|
1724
|
+
}
|
|
1725
|
+
return authContext;
|
|
1726
|
+
}
|
|
1727
|
+
function assertPermitAllowed(decision) {
|
|
1728
|
+
if (decision.decision !== "allow") {
|
|
1729
|
+
throw new LucernAccessControlError(
|
|
1730
|
+
decision.decision === "deny" ? "policy_denied" : "policy_unknown",
|
|
1731
|
+
`Permit denied ${decision.policyAction} on ${decision.policyResource}.`,
|
|
1732
|
+
decision
|
|
1733
|
+
);
|
|
1734
|
+
}
|
|
1735
|
+
}
|
|
1736
|
+
function createAccessControlClient(config = {}) {
|
|
1737
|
+
const identityClient = createIdentityClient(config);
|
|
1738
|
+
async function resolveIdentity(input, observedClerkId) {
|
|
1739
|
+
const identityInput = input ?? await resolveConfiguredPrincipalInput(config.authContext);
|
|
1740
|
+
if (!identityInput) {
|
|
1741
|
+
throw new LucernAccessControlError(
|
|
1742
|
+
"principal_missing",
|
|
1743
|
+
"Lucern SDK access control requires a canonical principal identity."
|
|
1744
|
+
);
|
|
1745
|
+
}
|
|
1746
|
+
return normalizeCanonicalPrincipalIdentity(identityInput, {
|
|
1747
|
+
observedClerkId
|
|
1748
|
+
});
|
|
1749
|
+
}
|
|
1750
|
+
async function checkAccess(input, idempotencyKey) {
|
|
1751
|
+
const identity = await resolveIdentity(input.identity, input.observedClerkId);
|
|
1752
|
+
const policyInput = buildPolicyInput(identity, input);
|
|
1753
|
+
try {
|
|
1754
|
+
const response = await identityClient.evaluatePolicy(
|
|
1755
|
+
policyInput,
|
|
1756
|
+
idempotencyKey
|
|
1757
|
+
);
|
|
1758
|
+
return {
|
|
1759
|
+
identity,
|
|
1760
|
+
policyInput,
|
|
1761
|
+
decision: response.data
|
|
1762
|
+
};
|
|
1763
|
+
} catch (error) {
|
|
1764
|
+
if (error instanceof LucernSdkAuthContextError) {
|
|
1765
|
+
throw error;
|
|
1766
|
+
}
|
|
1767
|
+
throw new LucernAccessControlError(
|
|
1768
|
+
"policy_unavailable",
|
|
1769
|
+
"Permit policy check failed closed before an allow decision was returned."
|
|
1770
|
+
);
|
|
1771
|
+
}
|
|
1772
|
+
}
|
|
1773
|
+
async function requireAccess(input, idempotencyKey) {
|
|
1774
|
+
const result = await checkAccess(input, idempotencyKey);
|
|
1775
|
+
assertPermitAllowed(result.decision);
|
|
1776
|
+
return result;
|
|
1777
|
+
}
|
|
1778
|
+
async function canAccess(input, idempotencyKey) {
|
|
1779
|
+
try {
|
|
1780
|
+
await requireAccess(input, idempotencyKey);
|
|
1781
|
+
return true;
|
|
1782
|
+
} catch {
|
|
1783
|
+
return false;
|
|
1784
|
+
}
|
|
1785
|
+
}
|
|
1786
|
+
return {
|
|
1787
|
+
normalizePrincipal: normalizeCanonicalPrincipalIdentity,
|
|
1788
|
+
checkAccess,
|
|
1789
|
+
requireAccess,
|
|
1790
|
+
canAccess
|
|
1791
|
+
};
|
|
1792
|
+
}
|
|
1793
|
+
|
|
1794
|
+
// src/answersClient.ts
|
|
1795
|
+
function createAnswersClient(config = {}) {
|
|
1796
|
+
const gateway = createGatewayRequestClient(config);
|
|
1797
|
+
return {
|
|
1798
|
+
/**
|
|
1799
|
+
* Get the current answer for a question.
|
|
1800
|
+
* @param questionId - The question node identifier.
|
|
1801
|
+
* @returns The answer record for the given question.
|
|
1802
|
+
*/
|
|
1803
|
+
async get(questionId) {
|
|
1804
|
+
return gateway.request({
|
|
1805
|
+
path: `/api/platform/v1/questions/${encodeURIComponent(questionId)}/answer`
|
|
1806
|
+
});
|
|
1807
|
+
}
|
|
1808
|
+
};
|
|
1809
|
+
}
|
|
1810
|
+
|
|
1811
|
+
// src/audiencesClient.ts
|
|
1812
|
+
function createAudiencesClient(config = {}) {
|
|
1813
|
+
const gateway = createGatewayRequestClient(config);
|
|
1814
|
+
const listRegistry = async (query5 = {}) => {
|
|
1815
|
+
return gateway.request({
|
|
1816
|
+
path: `/api/platform/v1/audiences/registry${toQueryString({
|
|
1817
|
+
...query5,
|
|
1818
|
+
effective: typeof query5.effective === "boolean" ? query5.effective ? "true" : "false" : void 0,
|
|
1819
|
+
status: query5.status
|
|
1820
|
+
})}`
|
|
1821
|
+
}).then(
|
|
1822
|
+
(response) => mapGatewayData(
|
|
1823
|
+
response,
|
|
1824
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "registryEntries")
|
|
1825
|
+
)
|
|
1826
|
+
);
|
|
1827
|
+
};
|
|
1828
|
+
const createRegistryEntry = async (input, idempotencyKey) => {
|
|
1829
|
+
return gateway.request({
|
|
1830
|
+
path: "/api/platform/v1/audiences/registry",
|
|
1831
|
+
method: "POST",
|
|
1832
|
+
body: input,
|
|
1833
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1834
|
+
});
|
|
1835
|
+
};
|
|
1836
|
+
const updateRegistryEntry = createRegistryEntry;
|
|
1837
|
+
const upsertRegistry = createRegistryEntry;
|
|
1838
|
+
const getRegistry = listRegistry;
|
|
1839
|
+
const listGrants = async (query5 = {}) => {
|
|
1840
|
+
return gateway.request({
|
|
1841
|
+
path: `/api/platform/v1/audiences/grants${toQueryString({
|
|
1842
|
+
...query5,
|
|
1843
|
+
audienceKey: query5.audienceKey,
|
|
1844
|
+
principalId: query5.principalId,
|
|
1845
|
+
groupId: query5.groupId,
|
|
1846
|
+
status: query5.status
|
|
1847
|
+
})}`
|
|
1848
|
+
}).then(
|
|
1849
|
+
(response) => mapGatewayData(
|
|
1850
|
+
response,
|
|
1851
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "grants")
|
|
1852
|
+
)
|
|
1853
|
+
);
|
|
1854
|
+
};
|
|
1855
|
+
const createGrant = async (input, idempotencyKey) => {
|
|
1856
|
+
return gateway.request({
|
|
1857
|
+
path: "/api/platform/v1/audiences/grants",
|
|
1858
|
+
method: "POST",
|
|
1859
|
+
body: input,
|
|
1860
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1861
|
+
});
|
|
1862
|
+
};
|
|
1863
|
+
const getGrants = listGrants;
|
|
1864
|
+
const grant = createGrant;
|
|
1865
|
+
const deleteGrant = async (input, idempotencyKey) => {
|
|
1866
|
+
return gateway.request({
|
|
1867
|
+
path: "/api/platform/v1/audiences/grants/revoke",
|
|
1868
|
+
method: "POST",
|
|
1869
|
+
body: input,
|
|
1870
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1871
|
+
});
|
|
1872
|
+
};
|
|
1873
|
+
const revokeGrant = deleteGrant;
|
|
1874
|
+
return {
|
|
1875
|
+
/**
|
|
1876
|
+
* List audience registry entries.
|
|
1877
|
+
*/
|
|
1878
|
+
listRegistry,
|
|
1879
|
+
/**
|
|
1880
|
+
* @deprecated Use listRegistry.
|
|
1881
|
+
*/
|
|
1882
|
+
getRegistry,
|
|
1883
|
+
/**
|
|
1884
|
+
* Create an audience registry entry.
|
|
1885
|
+
*/
|
|
1886
|
+
createRegistryEntry,
|
|
1887
|
+
/**
|
|
1888
|
+
* Update an audience registry entry.
|
|
1889
|
+
*/
|
|
1890
|
+
updateRegistryEntry,
|
|
1891
|
+
/**
|
|
1892
|
+
* @deprecated Use createRegistryEntry or updateRegistryEntry.
|
|
1893
|
+
*/
|
|
1894
|
+
upsertRegistry,
|
|
1895
|
+
/**
|
|
1896
|
+
* List audience grants.
|
|
1897
|
+
*/
|
|
1898
|
+
listGrants,
|
|
1899
|
+
/**
|
|
1900
|
+
* @deprecated Use listGrants.
|
|
1901
|
+
*/
|
|
1902
|
+
getGrants,
|
|
1903
|
+
/**
|
|
1904
|
+
* Create an audience grant.
|
|
1905
|
+
*/
|
|
1906
|
+
createGrant,
|
|
1907
|
+
/**
|
|
1908
|
+
* @deprecated Use createGrant.
|
|
1909
|
+
*/
|
|
1910
|
+
grant,
|
|
1911
|
+
/**
|
|
1912
|
+
* Delete an audience grant by revoking it.
|
|
1913
|
+
*/
|
|
1914
|
+
deleteGrant,
|
|
1915
|
+
/**
|
|
1916
|
+
* @deprecated Use deleteGrant.
|
|
1917
|
+
*/
|
|
1918
|
+
revokeGrant
|
|
1919
|
+
};
|
|
1920
|
+
}
|
|
1921
|
+
|
|
1922
|
+
// src/auditClient.ts
|
|
1923
|
+
function createAuditClient(config = {}) {
|
|
1924
|
+
const gateway = createGatewayRequestClient(config);
|
|
1925
|
+
return {
|
|
1926
|
+
/**
|
|
1927
|
+
* List audit events for the current scope.
|
|
1928
|
+
*/
|
|
1929
|
+
async listEvents(query5 = {}) {
|
|
1930
|
+
return gateway.request({
|
|
1931
|
+
path: `/api/platform/v1/audit/events${toQueryString(
|
|
1932
|
+
normalizeTopicQuery(query5)
|
|
1933
|
+
)}`
|
|
1934
|
+
}).then(
|
|
1935
|
+
(response) => mapGatewayData(
|
|
1936
|
+
response,
|
|
1937
|
+
(data) => createListResult(Array.isArray(data) ? data : [], "events")
|
|
1938
|
+
)
|
|
1939
|
+
);
|
|
1940
|
+
}
|
|
1941
|
+
};
|
|
1942
|
+
}
|
|
1943
|
+
|
|
1944
|
+
// src/authDeviceClient.ts
|
|
1945
|
+
var DeviceAuthorizationError = class extends Error {
|
|
1946
|
+
error;
|
|
1947
|
+
interval;
|
|
1948
|
+
constructor(args) {
|
|
1949
|
+
super(args.description ?? args.error);
|
|
1950
|
+
this.name = "DeviceAuthorizationError";
|
|
1951
|
+
this.error = args.error;
|
|
1952
|
+
this.interval = args.interval;
|
|
1953
|
+
}
|
|
1954
|
+
};
|
|
1955
|
+
function authBaseUrl(config) {
|
|
1956
|
+
return config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
1957
|
+
}
|
|
1958
|
+
async function readJson(response) {
|
|
1959
|
+
try {
|
|
1960
|
+
const payload = await response.json();
|
|
1961
|
+
return isRecord4(payload) ? payload : {};
|
|
1962
|
+
} catch (error) {
|
|
1963
|
+
return unreadableJsonBodyFallback();
|
|
1964
|
+
}
|
|
1965
|
+
}
|
|
1966
|
+
function unreadableJsonBodyFallback(_error) {
|
|
1967
|
+
return {};
|
|
1968
|
+
}
|
|
1969
|
+
function isRecord4(value) {
|
|
1970
|
+
return value !== null && typeof value === "object" && !Array.isArray(value);
|
|
1971
|
+
}
|
|
1972
|
+
function readString(value) {
|
|
1973
|
+
const normalized = typeof value === "string" ? value.trim() : "";
|
|
1974
|
+
return normalized || void 0;
|
|
1975
|
+
}
|
|
1976
|
+
function assertDeviceCodeResponse(payload) {
|
|
1977
|
+
const deviceCode = readString(payload.device_code);
|
|
1978
|
+
const userCode = readString(payload.user_code);
|
|
1979
|
+
const verificationUri = readString(payload.verification_uri);
|
|
1980
|
+
const verificationUriComplete = readString(payload.verification_uri_complete);
|
|
1981
|
+
const expiresIn = payload.expires_in;
|
|
1982
|
+
const interval = payload.interval;
|
|
1983
|
+
if (!deviceCode || !userCode || !verificationUri || !verificationUriComplete || typeof expiresIn !== "number" || typeof interval !== "number") {
|
|
1984
|
+
throw new Error("Gateway returned an invalid device-code response.");
|
|
1985
|
+
}
|
|
1986
|
+
return {
|
|
1987
|
+
device_code: deviceCode,
|
|
1988
|
+
user_code: userCode,
|
|
1989
|
+
verification_uri: verificationUri,
|
|
1990
|
+
verification_uri_complete: verificationUriComplete,
|
|
1991
|
+
expires_in: expiresIn,
|
|
1992
|
+
interval
|
|
1993
|
+
};
|
|
1994
|
+
}
|
|
1995
|
+
function assertDeviceTokenResponse(payload) {
|
|
1257
1996
|
const accessToken = readString(payload.access_token);
|
|
1258
1997
|
const tokenType = readString(payload.token_type);
|
|
1259
1998
|
const scope = readString(payload.scope);
|
|
@@ -1270,7 +2009,7 @@ function assertDeviceTokenResponse(payload) {
|
|
|
1270
2009
|
tenant_id: tenantId,
|
|
1271
2010
|
workspace_id: readString(payload.workspace_id),
|
|
1272
2011
|
principal_id: principalId,
|
|
1273
|
-
user:
|
|
2012
|
+
user: isRecord4(payload.user) && typeof payload.user.id === "string" && typeof payload.user.principalId === "string" ? {
|
|
1274
2013
|
id: payload.user.id,
|
|
1275
2014
|
principalId: payload.user.principalId
|
|
1276
2015
|
} : void 0
|
|
@@ -1606,70 +2345,15 @@ function createEvidenceClient(config = {}) {
|
|
|
1606
2345
|
path: "/api/platform/v1/evidence/classify-batch",
|
|
1607
2346
|
method: "POST",
|
|
1608
2347
|
body: {
|
|
1609
|
-
beliefId,
|
|
1610
|
-
evidence,
|
|
1611
|
-
config: classificationConfig
|
|
1612
|
-
},
|
|
1613
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
1614
|
-
});
|
|
1615
|
-
}
|
|
1616
|
-
};
|
|
1617
|
-
}
|
|
1618
|
-
|
|
1619
|
-
// src/boundaryClientSurface.ts
|
|
1620
|
-
function cleanOptionalString(value) {
|
|
1621
|
-
const normalized = value?.trim();
|
|
1622
|
-
return normalized ? normalized : void 0;
|
|
1623
|
-
}
|
|
1624
|
-
function isRecord4(value) {
|
|
1625
|
-
return Boolean(value) && typeof value === "object" && !Array.isArray(value);
|
|
1626
|
-
}
|
|
1627
|
-
function cleanRequiredString(value, label) {
|
|
1628
|
-
const normalized = cleanOptionalString(value);
|
|
1629
|
-
if (!normalized) {
|
|
1630
|
-
throw new Error(`${label} is required`);
|
|
1631
|
-
}
|
|
1632
|
-
return normalized;
|
|
1633
|
-
}
|
|
1634
|
-
function readTopicId(input) {
|
|
1635
|
-
return cleanOptionalString(input.topicId) ?? cleanOptionalString(input.projectId);
|
|
1636
|
-
}
|
|
1637
|
-
function requireTopicId(input) {
|
|
1638
|
-
const topicId = readTopicId(input);
|
|
1639
|
-
if (!topicId) {
|
|
1640
|
-
throw new Error("topicId is required");
|
|
1641
|
-
}
|
|
1642
|
-
return topicId;
|
|
1643
|
-
}
|
|
1644
|
-
function assertKnownKeys(input, allowed, operation) {
|
|
1645
|
-
const allowedSet = new Set(allowed);
|
|
1646
|
-
const unknownKeys = Object.keys(input).filter((key) => !allowedSet.has(key));
|
|
1647
|
-
if (unknownKeys.length > 0) {
|
|
1648
|
-
throw new Error(
|
|
1649
|
-
`${operation} received unsupported field(s): ${unknownKeys.join(", ")}`
|
|
1650
|
-
);
|
|
1651
|
-
}
|
|
1652
|
-
}
|
|
1653
|
-
function knownPayload(input, allowed, operation) {
|
|
1654
|
-
assertKnownKeys(input, allowed, operation);
|
|
1655
|
-
return { ...input };
|
|
1656
|
-
}
|
|
1657
|
-
function topicPayload(input, allowed, operation) {
|
|
1658
|
-
assertKnownKeys(input, allowed, operation);
|
|
1659
|
-
return {
|
|
1660
|
-
...input,
|
|
1661
|
-
topicId: requireTopicId(input),
|
|
1662
|
-
projectId: void 0
|
|
2348
|
+
beliefId,
|
|
2349
|
+
evidence,
|
|
2350
|
+
config: classificationConfig
|
|
2351
|
+
},
|
|
2352
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2353
|
+
});
|
|
2354
|
+
}
|
|
1663
2355
|
};
|
|
1664
2356
|
}
|
|
1665
|
-
function listResultFromEnvelope(data, legacyKey) {
|
|
1666
|
-
const record = isRecord4(data) ? data : {};
|
|
1667
|
-
const legacyItems = record[legacyKey];
|
|
1668
|
-
return createListResult(
|
|
1669
|
-
Array.isArray(legacyItems) ? legacyItems : Array.isArray(data) ? data : [],
|
|
1670
|
-
legacyKey
|
|
1671
|
-
);
|
|
1672
|
-
}
|
|
1673
2357
|
|
|
1674
2358
|
// src/eventingClient.ts
|
|
1675
2359
|
var EVENTING_FIELDS = [
|
|
@@ -2276,421 +2960,153 @@ function createGraphClient(config = {}) {
|
|
|
2276
2960
|
...input,
|
|
2277
2961
|
verificationStatus
|
|
2278
2962
|
},
|
|
2279
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2280
|
-
});
|
|
2281
|
-
},
|
|
2282
|
-
/**
|
|
2283
|
-
* Permanently delete a node via the admin-only hard-delete route.
|
|
2284
|
-
*/
|
|
2285
|
-
async hardDeleteNode(input, idempotencyKey) {
|
|
2286
|
-
return gateway.request({
|
|
2287
|
-
path: "/api/platform/v1/graph/nodes/hard-delete",
|
|
2288
|
-
method: "POST",
|
|
2289
|
-
body: input,
|
|
2290
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2291
|
-
});
|
|
2292
|
-
},
|
|
2293
|
-
/**
|
|
2294
|
-
* List graph edges matching the provided filters.
|
|
2295
|
-
*/
|
|
2296
|
-
async listEdges(query5) {
|
|
2297
|
-
return gateway.request({
|
|
2298
|
-
path: `/api/platform/v1/graph/edges${toQueryString(
|
|
2299
|
-
normalizeTopicQuery(query5)
|
|
2300
|
-
)}`
|
|
2301
|
-
}).then(
|
|
2302
|
-
(response) => mapGatewayData(
|
|
2303
|
-
response,
|
|
2304
|
-
(data) => mapAliasedList(data, "edges")
|
|
2305
|
-
)
|
|
2306
|
-
);
|
|
2307
|
-
},
|
|
2308
|
-
/**
|
|
2309
|
-
* Create a graph edge.
|
|
2310
|
-
*/
|
|
2311
|
-
async createEdge(input, idempotencyKey) {
|
|
2312
|
-
return gateway.request({
|
|
2313
|
-
path: "/api/platform/v1/graph/edges",
|
|
2314
|
-
method: "POST",
|
|
2315
|
-
body: normalizeTopicQuery(input),
|
|
2316
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2317
|
-
});
|
|
2318
|
-
},
|
|
2319
|
-
/**
|
|
2320
|
-
* Delete one or more edges matching the provided filter.
|
|
2321
|
-
*/
|
|
2322
|
-
async deleteEdge(query5, idempotencyKey) {
|
|
2323
|
-
return gateway.request({
|
|
2324
|
-
path: `/api/platform/v1/graph/edges${toQueryString(query5)}`,
|
|
2325
|
-
method: "DELETE",
|
|
2326
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2327
|
-
});
|
|
2328
|
-
},
|
|
2329
|
-
/**
|
|
2330
|
-
* Retrieve a graph neighborhood around a root node.
|
|
2331
|
-
*/
|
|
2332
|
-
async neighborhood(query5) {
|
|
2333
|
-
return gateway.request({
|
|
2334
|
-
path: `/api/platform/v1/graph/neighborhood${toQueryString(query5)}`
|
|
2335
|
-
});
|
|
2336
|
-
},
|
|
2337
|
-
/**
|
|
2338
|
-
* Traverse the graph from a starting node.
|
|
2339
|
-
*/
|
|
2340
|
-
async traverse(query5) {
|
|
2341
|
-
return gateway.request({
|
|
2342
|
-
path: "/api/platform/v1/graph/traverse",
|
|
2343
|
-
method: "POST",
|
|
2344
|
-
body: normalizeTopicQuery(query5)
|
|
2345
|
-
});
|
|
2346
|
-
},
|
|
2347
|
-
/**
|
|
2348
|
-
* Analyze graph structure for a topic.
|
|
2349
|
-
*/
|
|
2350
|
-
async analyze(query5 = {}) {
|
|
2351
|
-
const normalized = normalizeTopicQuery(query5);
|
|
2352
|
-
return gateway.request({
|
|
2353
|
-
path: `/api/platform/v1/graph/analyze${toQueryString({
|
|
2354
|
-
topicId: typeof normalized.topicId === "string" ? normalized.topicId : void 0,
|
|
2355
|
-
metric: typeof normalized.metric === "string" ? normalized.metric : void 0,
|
|
2356
|
-
limit: typeof normalized.limit === "number" ? normalized.limit : void 0
|
|
2357
|
-
})}`
|
|
2358
|
-
});
|
|
2359
|
-
},
|
|
2360
|
-
/**
|
|
2361
|
-
* Detect confirmation-bias patterns for a topic graph.
|
|
2362
|
-
*/
|
|
2363
|
-
async bias(query5 = {}) {
|
|
2364
|
-
const normalized = normalizeTopicQuery(query5);
|
|
2365
|
-
return gateway.request({
|
|
2366
|
-
path: `/api/platform/v1/graph/bias${toQueryString({
|
|
2367
|
-
topicId: typeof normalized.topicId === "string" ? normalized.topicId : void 0,
|
|
2368
|
-
threshold: typeof normalized.threshold === "number" ? normalized.threshold : void 0,
|
|
2369
|
-
limit: typeof normalized.limit === "number" ? normalized.limit : void 0
|
|
2370
|
-
})}`
|
|
2371
|
-
});
|
|
2372
|
-
},
|
|
2373
|
-
/**
|
|
2374
|
-
* Find graph gaps for beliefs that still need testing.
|
|
2375
|
-
*/
|
|
2376
|
-
async gaps(query5) {
|
|
2377
|
-
const normalized = normalizeTopicQuery(query5);
|
|
2378
|
-
return gateway.request({
|
|
2379
|
-
path: `/api/platform/v1/graph/gaps${toQueryString({
|
|
2380
|
-
topicId: typeof normalized.topicId === "string" ? normalized.topicId : void 0,
|
|
2381
|
-
minConfidence: typeof normalized.minConfidence === "number" ? normalized.minConfidence : void 0
|
|
2382
|
-
})}`
|
|
2383
|
-
});
|
|
2384
|
-
},
|
|
2385
|
-
/**
|
|
2386
|
-
* Search across graph resources within a topic.
|
|
2387
|
-
*/
|
|
2388
|
-
async search(query5) {
|
|
2389
|
-
return gateway.request({
|
|
2390
|
-
path: "/api/platform/v1/search",
|
|
2391
|
-
method: "POST",
|
|
2392
|
-
body: normalizeTopicQuery(query5)
|
|
2393
|
-
});
|
|
2394
|
-
},
|
|
2395
|
-
/**
|
|
2396
|
-
* Retrieve the shortest known path between two graph nodes.
|
|
2397
|
-
*/
|
|
2398
|
-
async getPath(query5) {
|
|
2399
|
-
return gateway.request({
|
|
2400
|
-
path: `/api/platform/v1/graph/path${toQueryString(query5)}`
|
|
2401
|
-
});
|
|
2402
|
-
},
|
|
2403
|
-
/**
|
|
2404
|
-
* Retrieve graph analytics for the requested metric.
|
|
2405
|
-
*/
|
|
2406
|
-
async getAnalytics(query5 = {}) {
|
|
2407
|
-
return gateway.request({
|
|
2408
|
-
path: `/api/platform/v1/graph/analytics${toQueryString(query5)}`
|
|
2409
|
-
});
|
|
2410
|
-
}
|
|
2411
|
-
};
|
|
2412
|
-
return Object.assign(client, {
|
|
2413
|
-
queryNodes: client.listNodes,
|
|
2414
|
-
queryEdges: client.listEdges,
|
|
2415
|
-
getNeighborhood: client.neighborhood
|
|
2416
|
-
});
|
|
2417
|
-
}
|
|
2418
|
-
|
|
2419
|
-
// src/identityClient.ts
|
|
2420
|
-
function createIdentityWhoamiClient(config = {}) {
|
|
2421
|
-
const gateway = createGatewayRequestClient(config);
|
|
2422
|
-
return {
|
|
2423
|
-
async whoami() {
|
|
2424
|
-
return gateway.request({
|
|
2425
|
-
path: "/api/platform/v1/identity/whoami"
|
|
2426
|
-
});
|
|
2427
|
-
}
|
|
2428
|
-
};
|
|
2429
|
-
}
|
|
2430
|
-
var TENANT_IDENTITY_FIELDS = [
|
|
2431
|
-
"tenantId",
|
|
2432
|
-
"workspaceId",
|
|
2433
|
-
"principalId",
|
|
2434
|
-
"integrationKey",
|
|
2435
|
-
"secretRef",
|
|
2436
|
-
"policySubject",
|
|
2437
|
-
"policyAction",
|
|
2438
|
-
"policyResource",
|
|
2439
|
-
"decision",
|
|
2440
|
-
"config",
|
|
2441
|
-
"configKey",
|
|
2442
|
-
"configValue",
|
|
2443
|
-
"provider",
|
|
2444
|
-
"status",
|
|
2445
|
-
"metadata",
|
|
2446
|
-
"limit",
|
|
2447
|
-
"cursor"
|
|
2448
|
-
];
|
|
2449
|
-
function tenantIdentityQuery(input) {
|
|
2450
|
-
return {
|
|
2451
|
-
tenantId: cleanRequiredString(input.tenantId, "tenantId"),
|
|
2452
|
-
workspaceId: input.workspaceId,
|
|
2453
|
-
principalId: input.principalId,
|
|
2454
|
-
limit: input.limit,
|
|
2455
|
-
cursor: input.cursor
|
|
2456
|
-
};
|
|
2457
|
-
}
|
|
2458
|
-
function tenantIdentityBody(input, operation) {
|
|
2459
|
-
return knownPayload(input, TENANT_IDENTITY_FIELDS, operation);
|
|
2460
|
-
}
|
|
2461
|
-
function createIdentityClient(config = {}) {
|
|
2462
|
-
const gateway = createGatewayRequestClient(config);
|
|
2463
|
-
const whoamiClient = createIdentityWhoamiClient(config);
|
|
2464
|
-
const requestPrincipalWrite = (method, input, idempotencyKey) => gateway.request({
|
|
2465
|
-
path: "/api/platform/v1/identity/principals",
|
|
2466
|
-
method,
|
|
2467
|
-
body: input,
|
|
2468
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2469
|
-
});
|
|
2470
|
-
const updatePrincipal = (input, idempotencyKey) => requestPrincipalWrite("PATCH", input, idempotencyKey);
|
|
2471
|
-
const deleteKey = (keyId, input = {}, idempotencyKey) => gateway.request({
|
|
2472
|
-
path: `/api/platform/v1/identity/keys/${encodeURIComponent(keyId)}/revoke`,
|
|
2473
|
-
method: "POST",
|
|
2474
|
-
body: input,
|
|
2475
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2476
|
-
});
|
|
2477
|
-
return {
|
|
2478
|
-
/**
|
|
2479
|
-
* Resolve the current authenticated identity summary.
|
|
2480
|
-
*/
|
|
2481
|
-
async whoami() {
|
|
2482
|
-
return whoamiClient.whoami().then(
|
|
2483
|
-
(response) => mapGatewayData(response, (data) => ({
|
|
2484
|
-
principalId: data.principalId,
|
|
2485
|
-
principalType: data.principalType,
|
|
2486
|
-
tenantId: data.tenantId ?? null,
|
|
2487
|
-
workspaceId: data.workspaceId ?? null,
|
|
2488
|
-
scopes: Array.isArray(data.scopes) ? data.scopes : [],
|
|
2489
|
-
roles: Array.isArray(data.roles) ? data.roles : [],
|
|
2490
|
-
isPlatformAdmin: data.isPlatformAdmin === true,
|
|
2491
|
-
isTenantAdmin: data.isTenantAdmin === true,
|
|
2492
|
-
isWorkspaceAdmin: data.isWorkspaceAdmin === true,
|
|
2493
|
-
authMode: data.authMode,
|
|
2494
|
-
sessionId: data.sessionId,
|
|
2495
|
-
delegatedBy: data.delegatedBy,
|
|
2496
|
-
expiresAt: data.expiresAt
|
|
2497
|
-
}))
|
|
2498
|
-
);
|
|
2499
|
-
},
|
|
2500
|
-
/**
|
|
2501
|
-
* List principals in the current identity scope.
|
|
2502
|
-
*/
|
|
2503
|
-
async listPrincipals(query5 = {}) {
|
|
2504
|
-
return gateway.request({
|
|
2505
|
-
path: `/api/platform/v1/identity/principals${toQueryString(query5)}`
|
|
2506
|
-
}).then(
|
|
2507
|
-
(response) => mapGatewayData(
|
|
2508
|
-
response,
|
|
2509
|
-
(data) => createListResult(
|
|
2510
|
-
Array.isArray(data) ? data : [],
|
|
2511
|
-
"principals"
|
|
2512
|
-
)
|
|
2513
|
-
)
|
|
2514
|
-
);
|
|
2515
|
-
},
|
|
2516
|
-
/**
|
|
2517
|
-
* Create a principal.
|
|
2518
|
-
*/
|
|
2519
|
-
async createPrincipal(input, idempotencyKey) {
|
|
2520
|
-
return requestPrincipalWrite("POST", input, idempotencyKey);
|
|
2963
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2964
|
+
});
|
|
2521
2965
|
},
|
|
2522
2966
|
/**
|
|
2523
|
-
*
|
|
2524
|
-
*/
|
|
2525
|
-
updatePrincipal,
|
|
2526
|
-
/**
|
|
2527
|
-
* @deprecated Use createPrincipal or updatePrincipal.
|
|
2967
|
+
* Permanently delete a node via the admin-only hard-delete route.
|
|
2528
2968
|
*/
|
|
2529
|
-
|
|
2969
|
+
async hardDeleteNode(input, idempotencyKey) {
|
|
2970
|
+
return gateway.request({
|
|
2971
|
+
path: "/api/platform/v1/graph/nodes/hard-delete",
|
|
2972
|
+
method: "POST",
|
|
2973
|
+
body: input,
|
|
2974
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2975
|
+
});
|
|
2976
|
+
},
|
|
2530
2977
|
/**
|
|
2531
|
-
* List
|
|
2978
|
+
* List graph edges matching the provided filters.
|
|
2532
2979
|
*/
|
|
2533
|
-
async
|
|
2980
|
+
async listEdges(query5) {
|
|
2534
2981
|
return gateway.request({
|
|
2535
|
-
path: `/api/platform/v1/
|
|
2982
|
+
path: `/api/platform/v1/graph/edges${toQueryString(
|
|
2983
|
+
normalizeTopicQuery(query5)
|
|
2984
|
+
)}`
|
|
2536
2985
|
}).then(
|
|
2537
2986
|
(response) => mapGatewayData(
|
|
2538
2987
|
response,
|
|
2539
|
-
(data) =>
|
|
2988
|
+
(data) => mapAliasedList(data, "edges")
|
|
2540
2989
|
)
|
|
2541
2990
|
);
|
|
2542
2991
|
},
|
|
2543
2992
|
/**
|
|
2544
|
-
* Create
|
|
2993
|
+
* Create a graph edge.
|
|
2545
2994
|
*/
|
|
2546
|
-
async
|
|
2995
|
+
async createEdge(input, idempotencyKey) {
|
|
2547
2996
|
return gateway.request({
|
|
2548
|
-
path: "/api/platform/v1/
|
|
2997
|
+
path: "/api/platform/v1/graph/edges",
|
|
2549
2998
|
method: "POST",
|
|
2550
|
-
body: input,
|
|
2999
|
+
body: normalizeTopicQuery(input),
|
|
2551
3000
|
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2552
3001
|
});
|
|
2553
3002
|
},
|
|
2554
3003
|
/**
|
|
2555
|
-
*
|
|
3004
|
+
* Delete one or more edges matching the provided filter.
|
|
2556
3005
|
*/
|
|
2557
|
-
async
|
|
3006
|
+
async deleteEdge(query5, idempotencyKey) {
|
|
2558
3007
|
return gateway.request({
|
|
2559
|
-
path: `/api/platform/v1/
|
|
2560
|
-
method: "
|
|
2561
|
-
body: input,
|
|
3008
|
+
path: `/api/platform/v1/graph/edges${toQueryString(query5)}`,
|
|
3009
|
+
method: "DELETE",
|
|
2562
3010
|
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
2563
3011
|
});
|
|
2564
3012
|
},
|
|
2565
3013
|
/**
|
|
2566
|
-
*
|
|
2567
|
-
*/
|
|
2568
|
-
deleteKey,
|
|
2569
|
-
/**
|
|
2570
|
-
* @deprecated Use deleteKey.
|
|
2571
|
-
*/
|
|
2572
|
-
revokeKey: deleteKey,
|
|
2573
|
-
/**
|
|
2574
|
-
* Search Clerk users by email or display attributes.
|
|
3014
|
+
* Retrieve a graph neighborhood around a root node.
|
|
2575
3015
|
*/
|
|
2576
|
-
async
|
|
3016
|
+
async neighborhood(query5) {
|
|
2577
3017
|
return gateway.request({
|
|
2578
|
-
path: `/api/platform/v1/
|
|
3018
|
+
path: `/api/platform/v1/graph/neighborhood${toQueryString(query5)}`
|
|
2579
3019
|
});
|
|
2580
3020
|
},
|
|
2581
|
-
|
|
3021
|
+
/**
|
|
3022
|
+
* Traverse the graph from a starting node.
|
|
3023
|
+
*/
|
|
3024
|
+
async traverse(query5) {
|
|
2582
3025
|
return gateway.request({
|
|
2583
|
-
path:
|
|
2584
|
-
|
|
2585
|
-
)
|
|
3026
|
+
path: "/api/platform/v1/graph/traverse",
|
|
3027
|
+
method: "POST",
|
|
3028
|
+
body: normalizeTopicQuery(query5)
|
|
2586
3029
|
});
|
|
2587
3030
|
},
|
|
2588
|
-
|
|
2589
|
-
|
|
3031
|
+
/**
|
|
3032
|
+
* Analyze graph structure for a topic.
|
|
3033
|
+
*/
|
|
3034
|
+
async analyze(query5 = {}) {
|
|
3035
|
+
const normalized = normalizeTopicQuery(query5);
|
|
2590
3036
|
return gateway.request({
|
|
2591
|
-
path:
|
|
2592
|
-
|
|
2593
|
-
|
|
2594
|
-
|
|
2595
|
-
|
|
2596
|
-
),
|
|
2597
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
3037
|
+
path: `/api/platform/v1/graph/analyze${toQueryString({
|
|
3038
|
+
topicId: typeof normalized.topicId === "string" ? normalized.topicId : void 0,
|
|
3039
|
+
metric: typeof normalized.metric === "string" ? normalized.metric : void 0,
|
|
3040
|
+
limit: typeof normalized.limit === "number" ? normalized.limit : void 0
|
|
3041
|
+
})}`
|
|
2598
3042
|
});
|
|
2599
3043
|
},
|
|
2600
|
-
|
|
2601
|
-
|
|
2602
|
-
|
|
2603
|
-
|
|
2604
|
-
|
|
2605
|
-
}).then(
|
|
2606
|
-
(response) => mapGatewayData(
|
|
2607
|
-
response,
|
|
2608
|
-
(data) => listResultFromEnvelope(
|
|
2609
|
-
data,
|
|
2610
|
-
"integrations"
|
|
2611
|
-
)
|
|
2612
|
-
)
|
|
2613
|
-
);
|
|
2614
|
-
},
|
|
2615
|
-
async upsertIntegration(input, idempotencyKey) {
|
|
2616
|
-
cleanRequiredString(input.tenantId, "tenantId");
|
|
2617
|
-
cleanRequiredString(input.integrationKey, "integrationKey");
|
|
3044
|
+
/**
|
|
3045
|
+
* Detect confirmation-bias patterns for a topic graph.
|
|
3046
|
+
*/
|
|
3047
|
+
async bias(query5 = {}) {
|
|
3048
|
+
const normalized = normalizeTopicQuery(query5);
|
|
2618
3049
|
return gateway.request({
|
|
2619
|
-
path:
|
|
2620
|
-
|
|
2621
|
-
|
|
2622
|
-
|
|
2623
|
-
|
|
2624
|
-
),
|
|
2625
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
3050
|
+
path: `/api/platform/v1/graph/bias${toQueryString({
|
|
3051
|
+
topicId: typeof normalized.topicId === "string" ? normalized.topicId : void 0,
|
|
3052
|
+
threshold: typeof normalized.threshold === "number" ? normalized.threshold : void 0,
|
|
3053
|
+
limit: typeof normalized.limit === "number" ? normalized.limit : void 0
|
|
3054
|
+
})}`
|
|
2626
3055
|
});
|
|
2627
3056
|
},
|
|
2628
|
-
|
|
3057
|
+
/**
|
|
3058
|
+
* Find graph gaps for beliefs that still need testing.
|
|
3059
|
+
*/
|
|
3060
|
+
async gaps(query5) {
|
|
3061
|
+
const normalized = normalizeTopicQuery(query5);
|
|
2629
3062
|
return gateway.request({
|
|
2630
|
-
path: `/api/platform/v1/
|
|
2631
|
-
|
|
2632
|
-
|
|
2633
|
-
|
|
2634
|
-
|
|
2635
|
-
response,
|
|
2636
|
-
(data) => listResultFromEnvelope(
|
|
2637
|
-
data,
|
|
2638
|
-
"secrets"
|
|
2639
|
-
)
|
|
2640
|
-
)
|
|
2641
|
-
);
|
|
3063
|
+
path: `/api/platform/v1/graph/gaps${toQueryString({
|
|
3064
|
+
topicId: typeof normalized.topicId === "string" ? normalized.topicId : void 0,
|
|
3065
|
+
minConfidence: typeof normalized.minConfidence === "number" ? normalized.minConfidence : void 0
|
|
3066
|
+
})}`
|
|
3067
|
+
});
|
|
2642
3068
|
},
|
|
2643
|
-
|
|
2644
|
-
|
|
2645
|
-
|
|
3069
|
+
/**
|
|
3070
|
+
* Search across graph resources within a topic.
|
|
3071
|
+
*/
|
|
3072
|
+
async search(query5) {
|
|
2646
3073
|
return gateway.request({
|
|
2647
|
-
path: "/api/platform/v1/
|
|
2648
|
-
method: "
|
|
2649
|
-
body:
|
|
2650
|
-
input,
|
|
2651
|
-
"identity.putSecretReference"
|
|
2652
|
-
),
|
|
2653
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
3074
|
+
path: "/api/platform/v1/search",
|
|
3075
|
+
method: "POST",
|
|
3076
|
+
body: normalizeTopicQuery(query5)
|
|
2654
3077
|
});
|
|
2655
3078
|
},
|
|
2656
|
-
|
|
2657
|
-
|
|
2658
|
-
|
|
2659
|
-
|
|
2660
|
-
cleanRequiredString(input.policyResource, "policyResource");
|
|
3079
|
+
/**
|
|
3080
|
+
* Retrieve the shortest known path between two graph nodes.
|
|
3081
|
+
*/
|
|
3082
|
+
async getPath(query5) {
|
|
2661
3083
|
return gateway.request({
|
|
2662
|
-
path:
|
|
2663
|
-
method: "POST",
|
|
2664
|
-
body: tenantIdentityBody(
|
|
2665
|
-
input,
|
|
2666
|
-
"identity.evaluatePolicy"
|
|
2667
|
-
),
|
|
2668
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
3084
|
+
path: `/api/platform/v1/graph/path${toQueryString(query5)}`
|
|
2669
3085
|
});
|
|
2670
3086
|
},
|
|
2671
|
-
|
|
2672
|
-
|
|
2673
|
-
|
|
3087
|
+
/**
|
|
3088
|
+
* Retrieve graph analytics for the requested metric.
|
|
3089
|
+
*/
|
|
3090
|
+
async getAnalytics(query5 = {}) {
|
|
2674
3091
|
return gateway.request({
|
|
2675
|
-
path:
|
|
2676
|
-
method: "POST",
|
|
2677
|
-
body: tenantIdentityBody(
|
|
2678
|
-
input,
|
|
2679
|
-
"identity.recordPolicyDecision"
|
|
2680
|
-
),
|
|
2681
|
-
idempotencyKey: idempotencyKey ?? randomIdempotencyKey()
|
|
3092
|
+
path: `/api/platform/v1/graph/analytics${toQueryString(query5)}`
|
|
2682
3093
|
});
|
|
2683
3094
|
}
|
|
2684
3095
|
};
|
|
3096
|
+
return Object.assign(client, {
|
|
3097
|
+
queryNodes: client.listNodes,
|
|
3098
|
+
queryEdges: client.listEdges,
|
|
3099
|
+
getNeighborhood: client.neighborhood
|
|
3100
|
+
});
|
|
2685
3101
|
}
|
|
2686
3102
|
|
|
2687
3103
|
// src/topicsClient.ts
|
|
2688
|
-
function
|
|
3104
|
+
function cleanString5(value) {
|
|
2689
3105
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
2690
3106
|
}
|
|
2691
3107
|
function normalizeTopicRecord(value) {
|
|
2692
3108
|
const record = asRecord(value);
|
|
2693
|
-
const topicId =
|
|
3109
|
+
const topicId = cleanString5(record.topicId) ?? cleanString5(record.id) ?? cleanString5(record._id);
|
|
2694
3110
|
return withTopicAlias({
|
|
2695
3111
|
...record,
|
|
2696
3112
|
...topicId ? { topicId } : {}
|
|
@@ -3409,6 +3825,8 @@ function createTasksFacade(config = {}) {
|
|
|
3409
3825
|
description: input.description,
|
|
3410
3826
|
priority: input.priority,
|
|
3411
3827
|
status: input.status,
|
|
3828
|
+
assigneeId: input.assigneeId,
|
|
3829
|
+
blockedReason: input.blockedReason,
|
|
3412
3830
|
linkedBeliefId: input.linkedBeliefId,
|
|
3413
3831
|
linkedQuestionId: input.linkedQuestionId,
|
|
3414
3832
|
linkedWorktreeId: input.linkedWorktreeId,
|
|
@@ -3903,7 +4321,7 @@ function createEmbeddingsClient(config = {}) {
|
|
|
3903
4321
|
}
|
|
3904
4322
|
|
|
3905
4323
|
// src/contextClient.ts
|
|
3906
|
-
function
|
|
4324
|
+
function cleanString6(value) {
|
|
3907
4325
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
3908
4326
|
}
|
|
3909
4327
|
function cleanNumber(value) {
|
|
@@ -3915,11 +4333,11 @@ function cleanBoolean(value) {
|
|
|
3915
4333
|
function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
|
|
3916
4334
|
const effectiveInput = typeof topicIdOrInput === "string" ? input : topicIdOrInput;
|
|
3917
4335
|
const payload = {};
|
|
3918
|
-
const topicId = typeof topicIdOrInput === "string" ?
|
|
4336
|
+
const topicId = typeof topicIdOrInput === "string" ? cleanString6(topicIdOrInput) : cleanString6(effectiveInput.topicId);
|
|
3919
4337
|
if (topicId) {
|
|
3920
4338
|
payload.topicId = topicId;
|
|
3921
4339
|
}
|
|
3922
|
-
const query5 =
|
|
4340
|
+
const query5 = cleanString6(effectiveInput.query);
|
|
3923
4341
|
if (query5) {
|
|
3924
4342
|
payload.query = query5;
|
|
3925
4343
|
}
|
|
@@ -3927,7 +4345,7 @@ function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
|
|
|
3927
4345
|
if (budget !== void 0) {
|
|
3928
4346
|
payload.budget = budget;
|
|
3929
4347
|
}
|
|
3930
|
-
const ranking =
|
|
4348
|
+
const ranking = cleanString6(effectiveInput.ranking) ?? cleanString6(effectiveInput.rankingProfile);
|
|
3931
4349
|
if (ranking) {
|
|
3932
4350
|
payload.ranking = ranking;
|
|
3933
4351
|
}
|
|
@@ -3943,7 +4361,7 @@ function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
|
|
|
3943
4361
|
if (includeEntities !== void 0) {
|
|
3944
4362
|
payload.includeEntities = includeEntities;
|
|
3945
4363
|
}
|
|
3946
|
-
const mode =
|
|
4364
|
+
const mode = cleanString6(effectiveInput.mode);
|
|
3947
4365
|
if (mode) {
|
|
3948
4366
|
payload.mode = mode;
|
|
3949
4367
|
}
|
|
@@ -3951,11 +4369,11 @@ function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
|
|
|
3951
4369
|
if (includeFailures !== void 0) {
|
|
3952
4370
|
payload.includeFailures = includeFailures;
|
|
3953
4371
|
}
|
|
3954
|
-
const worktreeId =
|
|
4372
|
+
const worktreeId = cleanString6(effectiveInput.worktreeId);
|
|
3955
4373
|
if (worktreeId) {
|
|
3956
4374
|
payload.worktreeId = worktreeId;
|
|
3957
4375
|
}
|
|
3958
|
-
const sessionId =
|
|
4376
|
+
const sessionId = cleanString6(effectiveInput.sessionId);
|
|
3959
4377
|
if (sessionId) {
|
|
3960
4378
|
payload.sessionId = sessionId;
|
|
3961
4379
|
}
|
|
@@ -4841,7 +5259,8 @@ function createMcpClient(config = {}) {
|
|
|
4841
5259
|
transportKind: input.transportKind,
|
|
4842
5260
|
sessionId: input.sessionId,
|
|
4843
5261
|
agentIdentity: input.agentIdentity,
|
|
4844
|
-
workspaceId: input.workspaceId
|
|
5262
|
+
workspaceId: input.workspaceId,
|
|
5263
|
+
worktreeId: input.worktreeId
|
|
4845
5264
|
};
|
|
4846
5265
|
return gateway.request({
|
|
4847
5266
|
path: `${MCP_GATEWAY_BOOTSTRAP_ENDPOINT}${toQueryString(scope)}`,
|
|
@@ -4932,8 +5351,11 @@ var CONTRACTS = {
|
|
|
4932
5351
|
"apply_lens_to_topic": { method: "POST", path: "/lenses/apply", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
4933
5352
|
"apply_ontology": { method: "POST", path: "/ontologies/apply", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
4934
5353
|
"archive_belief": { method: "DELETE", path: "/beliefs", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5354
|
+
"archive_epistemic_node": { method: "POST", path: "/nodes/archive", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
4935
5355
|
"archive_ontology": { method: "DELETE", path: "/ontologies", kind: "mutation", idempotent: true, surfaceIntent: "mcp_governance" },
|
|
4936
5356
|
"archive_question": { method: "DELETE", path: "/questions", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5357
|
+
"batch_create_edges": { method: "POST", path: "/edges/batch", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
|
|
5358
|
+
"batch_create_epistemic_nodes": { method: "POST", path: "/nodes/batch", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
4937
5359
|
"begin_build_session": { method: "POST", path: "/mcp/build-session/begin", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
4938
5360
|
"bisect_confidence": { method: "POST", path: "/beliefs/confidence/bisect", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4939
5361
|
"broadcast_message": { method: "POST", path: "/coordination/messages/broadcast", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
@@ -4945,6 +5367,7 @@ var CONTRACTS = {
|
|
|
4945
5367
|
"create_belief": { method: "POST", path: "/beliefs", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
4946
5368
|
"create_edge": { method: "POST", path: "/edges", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
|
|
4947
5369
|
"create_epistemic_contract": { method: "POST", path: "/contracts", kind: "mutation", idempotent: true, surfaceIntent: "mcp_governance" },
|
|
5370
|
+
"create_epistemic_node": { method: "POST", path: "/nodes", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
4948
5371
|
"create_evidence": { method: "POST", path: "/evidence", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
4949
5372
|
"create_lens": { method: "POST", path: "/lenses", kind: "mutation", idempotent: true, surfaceIntent: "mcp_governance" },
|
|
4950
5373
|
"create_ontology": { method: "POST", path: "/ontologies", kind: "mutation", idempotent: true, surfaceIntent: "mcp_governance" },
|
|
@@ -4972,6 +5395,7 @@ var CONTRACTS = {
|
|
|
4972
5395
|
"get_code_context": { method: "POST", path: "/coding/context", kind: "query", idempotent: false, surfaceIntent: "system" },
|
|
4973
5396
|
"get_confidence_history": { method: "POST", path: "/beliefs/confidence-history", kind: "query", idempotent: false, surfaceIntent: "compatibility" },
|
|
4974
5397
|
"get_contract_status": { method: "POST", path: "/contracts/status", kind: "query", idempotent: false, surfaceIntent: "mcp_governance" },
|
|
5398
|
+
"get_epistemic_node": { method: "GET", path: "/nodes/get", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4975
5399
|
"get_evidence": { method: "GET", path: "/evidence/get", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4976
5400
|
"get_failure_log": { method: "POST", path: "/coding/failure-log", kind: "query", idempotent: false, surfaceIntent: "system" },
|
|
4977
5401
|
"get_falsification_questions": { method: "POST", path: "/questions/falsification", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
@@ -4985,6 +5409,7 @@ var CONTRACTS = {
|
|
|
4985
5409
|
"get_question": { method: "GET", path: "/questions/get", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4986
5410
|
"get_topic": { method: "GET", path: "/topics/get", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4987
5411
|
"get_topic_coverage": { method: "POST", path: "/graph/topic-coverage", kind: "query", idempotent: false, surfaceIntent: "mcp_analysis" },
|
|
5412
|
+
"get_topic_graph_spine": { method: "GET", path: "/topics/graph-spine", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4988
5413
|
"get_topic_tree": { method: "GET", path: "/topics/tree", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4989
5414
|
"heartbeat_session": { method: "POST", path: "/coordination/heartbeat-session", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
4990
5415
|
"identity_whoami": { method: "GET", path: "/identity/whoami", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
@@ -4996,6 +5421,7 @@ var CONTRACTS = {
|
|
|
4996
5421
|
"list_all_worktrees": { method: "GET", path: "/worktrees/all", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
|
|
4997
5422
|
"list_beliefs": { method: "GET", path: "/beliefs", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4998
5423
|
"list_campaigns": { method: "GET", path: "/worktrees/campaigns", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
|
|
5424
|
+
"list_epistemic_nodes": { method: "GET", path: "/nodes", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
4999
5425
|
"list_evidence": { method: "GET", path: "/evidence", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
5000
5426
|
"list_graph_intelligence_queries": { method: "POST", path: "/graph-intelligence/queries", kind: "query", idempotent: false, surfaceIntent: "mcp_analysis" },
|
|
5001
5427
|
"list_lenses": { method: "GET", path: "/lenses", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
|
|
@@ -5006,6 +5432,7 @@ var CONTRACTS = {
|
|
|
5006
5432
|
"list_worktrees": { method: "GET", path: "/worktrees", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
|
|
5007
5433
|
"manage_write_policy": { method: "POST", path: "/policy/write-policy/manage", kind: "mutation", idempotent: true, surfaceIntent: "mcp_governance" },
|
|
5008
5434
|
"match_entity_type": { method: "POST", path: "/ontologies/match-entity-type", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
|
|
5435
|
+
"materialize_topic_graph": { method: "POST", path: "/topics/materialize-graph", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5009
5436
|
"merge": { method: "POST", path: "/worktrees/merge", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
5010
5437
|
"modulate_confidence": { method: "POST", path: "/beliefs/confidence", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5011
5438
|
"open_pull_request": { method: "POST", path: "/worktrees/open-pull-request", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
@@ -5019,22 +5446,29 @@ var CONTRACTS = {
|
|
|
5019
5446
|
"refine_belief": { method: "PATCH", path: "/beliefs/refine", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5020
5447
|
"refine_question": { method: "PATCH", path: "/questions/refine", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5021
5448
|
"register_session": { method: "POST", path: "/coordination/register-session", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
5449
|
+
"remove_edge": { method: "DELETE", path: "/edges", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
|
|
5450
|
+
"remove_edges_between": { method: "DELETE", path: "/edges/between", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
|
|
5022
5451
|
"remove_lens_from_topic": { method: "DELETE", path: "/lenses/apply", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
5023
5452
|
"resolve_effective_ontology": { method: "POST", path: "/ontologies/effective", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
|
|
5453
|
+
"resolve_interactive_principal": { method: "POST", path: "/control-plane/identity/resolve-interactive-principal", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
5024
5454
|
"run_graph_intelligence_query": { method: "POST", path: "/graph-intelligence/run", kind: "query", idempotent: false, surfaceIntent: "mcp_analysis" },
|
|
5025
5455
|
"search_beliefs": { method: "POST", path: "/beliefs/search", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
5026
5456
|
"search_evidence": { method: "POST", path: "/evidence/search", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
|
|
5027
5457
|
"seed_belief_lattice": { method: "POST", path: "/scope/belief-lattice/seed", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
5028
5458
|
"send_agent_message": { method: "POST", path: "/coordination/messages/send", kind: "mutation", idempotent: true, surfaceIntent: "system" },
|
|
5459
|
+
"supersede_epistemic_node": { method: "POST", path: "/nodes/supersede", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5029
5460
|
"trace_entity_impact": { method: "POST", path: "/graph/trace-entity-impact", kind: "query", idempotent: false, surfaceIntent: "mcp_analysis" },
|
|
5030
5461
|
"traverse_graph": { method: "POST", path: "/graph/traverse", kind: "query", idempotent: false, surfaceIntent: "mcp_analysis" },
|
|
5031
5462
|
"trigger_belief_review": { method: "POST", path: "/context/belief-review", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
|
|
5463
|
+
"update_edge": { method: "PATCH", path: "/edges", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
|
|
5464
|
+
"update_epistemic_node": { method: "PATCH", path: "/nodes", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5032
5465
|
"update_ontology": { method: "PATCH", path: "/ontologies", kind: "mutation", idempotent: true, surfaceIntent: "mcp_governance" },
|
|
5033
5466
|
"update_question_status": { method: "PATCH", path: "/questions/status", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5034
5467
|
"update_task": { method: "PATCH", path: "/tasks", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
5035
5468
|
"update_topic": { method: "PATCH", path: "/topics", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" },
|
|
5036
5469
|
"update_worktree_metadata": { method: "PATCH", path: "/worktrees/metadata", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
5037
|
-
"update_worktree_targets": { method: "PATCH", path: "/worktrees/targets", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" }
|
|
5470
|
+
"update_worktree_targets": { method: "PATCH", path: "/worktrees/targets", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
|
|
5471
|
+
"verify_epistemic_node": { method: "POST", path: "/nodes/verify", kind: "mutation", idempotent: true, surfaceIntent: "mcp_core" }
|
|
5038
5472
|
};
|
|
5039
5473
|
function createSessionId() {
|
|
5040
5474
|
return typeof crypto !== "undefined" && typeof crypto.randomUUID === "function" ? crypto.randomUUID() : randomIdempotencyKey();
|
|
@@ -5102,12 +5536,21 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5102
5536
|
archiveBelief(input = {}, idempotencyKey) {
|
|
5103
5537
|
return execute("archive_belief", input, idempotencyKey);
|
|
5104
5538
|
},
|
|
5539
|
+
archiveEpistemicNode(input = {}, idempotencyKey) {
|
|
5540
|
+
return execute("archive_epistemic_node", input, idempotencyKey);
|
|
5541
|
+
},
|
|
5105
5542
|
archiveOntology(input = {}, idempotencyKey) {
|
|
5106
5543
|
return execute("archive_ontology", input, idempotencyKey);
|
|
5107
5544
|
},
|
|
5108
5545
|
archiveQuestion(input = {}, idempotencyKey) {
|
|
5109
5546
|
return execute("archive_question", input, idempotencyKey);
|
|
5110
5547
|
},
|
|
5548
|
+
batchCreateEdges(input = {}, idempotencyKey) {
|
|
5549
|
+
return execute("batch_create_edges", input, idempotencyKey);
|
|
5550
|
+
},
|
|
5551
|
+
batchCreateEpistemicNodes(input = {}, idempotencyKey) {
|
|
5552
|
+
return execute("batch_create_epistemic_nodes", input, idempotencyKey);
|
|
5553
|
+
},
|
|
5111
5554
|
beginBuildSession(input = {}, idempotencyKey) {
|
|
5112
5555
|
return execute("begin_build_session", input, idempotencyKey);
|
|
5113
5556
|
},
|
|
@@ -5141,6 +5584,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5141
5584
|
createEpistemicContract(input = {}, idempotencyKey) {
|
|
5142
5585
|
return execute("create_epistemic_contract", input, idempotencyKey);
|
|
5143
5586
|
},
|
|
5587
|
+
createEpistemicNode(input = {}, idempotencyKey) {
|
|
5588
|
+
return execute("create_epistemic_node", input, idempotencyKey);
|
|
5589
|
+
},
|
|
5144
5590
|
createEvidence(input = {}, idempotencyKey) {
|
|
5145
5591
|
return execute("create_evidence", input, idempotencyKey);
|
|
5146
5592
|
},
|
|
@@ -5222,6 +5668,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5222
5668
|
getContractStatus(input = {}, idempotencyKey) {
|
|
5223
5669
|
return execute("get_contract_status", input, idempotencyKey);
|
|
5224
5670
|
},
|
|
5671
|
+
getEpistemicNode(input = {}, idempotencyKey) {
|
|
5672
|
+
return execute("get_epistemic_node", input, idempotencyKey);
|
|
5673
|
+
},
|
|
5225
5674
|
getEvidence(input = {}, idempotencyKey) {
|
|
5226
5675
|
return execute("get_evidence", input, idempotencyKey);
|
|
5227
5676
|
},
|
|
@@ -5261,6 +5710,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5261
5710
|
getTopicCoverage(input = {}, idempotencyKey) {
|
|
5262
5711
|
return execute("get_topic_coverage", input, idempotencyKey);
|
|
5263
5712
|
},
|
|
5713
|
+
getTopicGraphSpine(input = {}, idempotencyKey) {
|
|
5714
|
+
return execute("get_topic_graph_spine", input, idempotencyKey);
|
|
5715
|
+
},
|
|
5264
5716
|
getTopicTree(input = {}, idempotencyKey) {
|
|
5265
5717
|
return execute("get_topic_tree", input, idempotencyKey);
|
|
5266
5718
|
},
|
|
@@ -5294,6 +5746,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5294
5746
|
listCampaigns(input = {}, idempotencyKey) {
|
|
5295
5747
|
return execute("list_campaigns", input, idempotencyKey);
|
|
5296
5748
|
},
|
|
5749
|
+
listEpistemicNodes(input = {}, idempotencyKey) {
|
|
5750
|
+
return execute("list_epistemic_nodes", input, idempotencyKey);
|
|
5751
|
+
},
|
|
5297
5752
|
listEvidence(input = {}, idempotencyKey) {
|
|
5298
5753
|
return execute("list_evidence", input, idempotencyKey);
|
|
5299
5754
|
},
|
|
@@ -5324,6 +5779,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5324
5779
|
matchEntityType(input = {}, idempotencyKey) {
|
|
5325
5780
|
return execute("match_entity_type", input, idempotencyKey);
|
|
5326
5781
|
},
|
|
5782
|
+
materializeTopicGraph(input = {}, idempotencyKey) {
|
|
5783
|
+
return execute("materialize_topic_graph", input, idempotencyKey);
|
|
5784
|
+
},
|
|
5327
5785
|
merge(input = {}, idempotencyKey) {
|
|
5328
5786
|
return execute("merge", input, idempotencyKey);
|
|
5329
5787
|
},
|
|
@@ -5363,12 +5821,21 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5363
5821
|
registerSession(input = {}, idempotencyKey) {
|
|
5364
5822
|
return execute("register_session", input, idempotencyKey);
|
|
5365
5823
|
},
|
|
5824
|
+
removeEdge(input = {}, idempotencyKey) {
|
|
5825
|
+
return execute("remove_edge", input, idempotencyKey);
|
|
5826
|
+
},
|
|
5827
|
+
removeEdgesBetween(input = {}, idempotencyKey) {
|
|
5828
|
+
return execute("remove_edges_between", input, idempotencyKey);
|
|
5829
|
+
},
|
|
5366
5830
|
removeLensFromTopic(input = {}, idempotencyKey) {
|
|
5367
5831
|
return execute("remove_lens_from_topic", input, idempotencyKey);
|
|
5368
5832
|
},
|
|
5369
5833
|
resolveEffectiveOntology(input = {}, idempotencyKey) {
|
|
5370
5834
|
return execute("resolve_effective_ontology", input, idempotencyKey);
|
|
5371
5835
|
},
|
|
5836
|
+
resolveInteractivePrincipal(input = {}, idempotencyKey) {
|
|
5837
|
+
return execute("resolve_interactive_principal", input, idempotencyKey);
|
|
5838
|
+
},
|
|
5372
5839
|
runGraphIntelligenceQuery(input = {}, idempotencyKey) {
|
|
5373
5840
|
return execute("run_graph_intelligence_query", input, idempotencyKey);
|
|
5374
5841
|
},
|
|
@@ -5384,6 +5851,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5384
5851
|
sendAgentMessage(input = {}, idempotencyKey) {
|
|
5385
5852
|
return execute("send_agent_message", input, idempotencyKey);
|
|
5386
5853
|
},
|
|
5854
|
+
supersedeEpistemicNode(input = {}, idempotencyKey) {
|
|
5855
|
+
return execute("supersede_epistemic_node", input, idempotencyKey);
|
|
5856
|
+
},
|
|
5387
5857
|
traceEntityImpact(input = {}, idempotencyKey) {
|
|
5388
5858
|
return execute("trace_entity_impact", input, idempotencyKey);
|
|
5389
5859
|
},
|
|
@@ -5393,6 +5863,12 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5393
5863
|
triggerBeliefReview(input = {}, idempotencyKey) {
|
|
5394
5864
|
return execute("trigger_belief_review", input, idempotencyKey);
|
|
5395
5865
|
},
|
|
5866
|
+
updateEdge(input = {}, idempotencyKey) {
|
|
5867
|
+
return execute("update_edge", input, idempotencyKey);
|
|
5868
|
+
},
|
|
5869
|
+
updateEpistemicNode(input = {}, idempotencyKey) {
|
|
5870
|
+
return execute("update_epistemic_node", input, idempotencyKey);
|
|
5871
|
+
},
|
|
5396
5872
|
updateOntology(input = {}, idempotencyKey) {
|
|
5397
5873
|
return execute("update_ontology", input, idempotencyKey);
|
|
5398
5874
|
},
|
|
@@ -5410,6 +5886,9 @@ function createFunctionSurfaceClient(config = {}) {
|
|
|
5410
5886
|
},
|
|
5411
5887
|
updateWorktreeTargets(input = {}, idempotencyKey) {
|
|
5412
5888
|
return execute("update_worktree_targets", input, idempotencyKey);
|
|
5889
|
+
},
|
|
5890
|
+
verifyEpistemicNode(input = {}, idempotencyKey) {
|
|
5891
|
+
return execute("verify_epistemic_node", input, idempotencyKey);
|
|
5413
5892
|
}
|
|
5414
5893
|
};
|
|
5415
5894
|
}
|
|
@@ -5617,7 +6096,7 @@ var ORG_GRAPH_SEARCH_FIELDS = [
|
|
|
5617
6096
|
"cursor",
|
|
5618
6097
|
"provenanceScope"
|
|
5619
6098
|
];
|
|
5620
|
-
function
|
|
6099
|
+
function cleanString7(value, label) {
|
|
5621
6100
|
const normalized = value?.trim();
|
|
5622
6101
|
if (!normalized) {
|
|
5623
6102
|
throw new Error(`${label} is required`);
|
|
@@ -5639,9 +6118,9 @@ function searchBody(input) {
|
|
|
5639
6118
|
"orgGraphSearch.search"
|
|
5640
6119
|
);
|
|
5641
6120
|
return {
|
|
5642
|
-
tenantId:
|
|
5643
|
-
workspaceId:
|
|
5644
|
-
query:
|
|
6121
|
+
tenantId: cleanString7(input.tenantId, "tenantId"),
|
|
6122
|
+
workspaceId: cleanString7(input.workspaceId, "workspaceId"),
|
|
6123
|
+
query: cleanString7(input.query, "query"),
|
|
5645
6124
|
nodeTypes: input.nodeTypes,
|
|
5646
6125
|
minConfidence: input.minConfidence,
|
|
5647
6126
|
limit: input.limit,
|
|
@@ -5651,8 +6130,8 @@ function searchBody(input) {
|
|
|
5651
6130
|
}
|
|
5652
6131
|
function listQuery2(input) {
|
|
5653
6132
|
return {
|
|
5654
|
-
tenantId:
|
|
5655
|
-
workspaceId:
|
|
6133
|
+
tenantId: cleanString7(input.tenantId, "tenantId"),
|
|
6134
|
+
workspaceId: cleanString7(input.workspaceId, "workspaceId"),
|
|
5656
6135
|
nodeTypes: input.nodeTypes?.join(","),
|
|
5657
6136
|
minConfidence: input.minConfidence,
|
|
5658
6137
|
limit: input.limit,
|
|
@@ -5686,8 +6165,8 @@ function createOrgGraphSearchClient(config = {}) {
|
|
|
5686
6165
|
return gateway.request({
|
|
5687
6166
|
path: `/api/platform/v1/org-graph-search/nodes/${nodePath}${toQueryString(
|
|
5688
6167
|
{
|
|
5689
|
-
tenantId:
|
|
5690
|
-
workspaceId:
|
|
6168
|
+
tenantId: cleanString7(input.tenantId, "tenantId"),
|
|
6169
|
+
workspaceId: cleanString7(input.workspaceId, "workspaceId"),
|
|
5691
6170
|
globalId: nodeId ? void 0 : globalId
|
|
5692
6171
|
}
|
|
5693
6172
|
)}`
|
|
@@ -6652,7 +7131,7 @@ function createToolRegistryClient(config = {}) {
|
|
|
6652
7131
|
}
|
|
6653
7132
|
|
|
6654
7133
|
// src/version.ts
|
|
6655
|
-
var LUCERN_SDK_VERSION = "0.
|
|
7134
|
+
var LUCERN_SDK_VERSION = "1.0.0";
|
|
6656
7135
|
|
|
6657
7136
|
// src/workflowClient.ts
|
|
6658
7137
|
function normalizeLensQuery(value) {
|
|
@@ -7060,6 +7539,12 @@ function toGatewayConfig(config) {
|
|
|
7060
7539
|
return {
|
|
7061
7540
|
baseUrl: config.baseUrl,
|
|
7062
7541
|
fetchImpl: config.fetchImpl,
|
|
7542
|
+
apiKey: config.apiKey,
|
|
7543
|
+
userToken: config.userToken,
|
|
7544
|
+
environment: config.environment,
|
|
7545
|
+
clerkId: config.clerkId,
|
|
7546
|
+
userId: config.userId,
|
|
7547
|
+
deploymentHost: config.deploymentHost,
|
|
7063
7548
|
maxRetries: config.maxRetries,
|
|
7064
7549
|
timeoutMs: config.timeoutMs,
|
|
7065
7550
|
timeoutMsByMethod: config.timeoutMsByMethod,
|
|
@@ -7068,23 +7553,15 @@ function toGatewayConfig(config) {
|
|
|
7068
7553
|
onResponse: config.onResponse,
|
|
7069
7554
|
authContext: config.authContext,
|
|
7070
7555
|
requireCanonicalAuthContext: config.requireCanonicalAuthContext,
|
|
7071
|
-
getAuthHeaders:
|
|
7072
|
-
const base = config.getAuthHeaders ? await config.getAuthHeaders() : {};
|
|
7073
|
-
if (config.apiKey && !base["x-lucern-key"] && !base.Authorization) {
|
|
7074
|
-
base["x-lucern-key"] = config.apiKey;
|
|
7075
|
-
}
|
|
7076
|
-
if (config.userToken && !base["x-lucern-session-token"]) {
|
|
7077
|
-
base["x-lucern-session-token"] = config.userToken;
|
|
7078
|
-
}
|
|
7079
|
-
if (config.environment && !base["x-lucern-environment"]) {
|
|
7080
|
-
base["x-lucern-environment"] = config.environment;
|
|
7081
|
-
}
|
|
7082
|
-
return base;
|
|
7083
|
-
}
|
|
7556
|
+
getAuthHeaders: config.getAuthHeaders
|
|
7084
7557
|
};
|
|
7085
7558
|
}
|
|
7086
7559
|
function exposeGatewayData(response) {
|
|
7087
|
-
|
|
7560
|
+
const data = response.data;
|
|
7561
|
+
if (data !== null && typeof data === "object" && !Array.isArray(data)) {
|
|
7562
|
+
return Object.assign({}, response, data);
|
|
7563
|
+
}
|
|
7564
|
+
return { ...response };
|
|
7088
7565
|
}
|
|
7089
7566
|
function createLucernClient(config = {}) {
|
|
7090
7567
|
const gatewayConfig = toGatewayConfig(config);
|
|
@@ -7105,6 +7582,7 @@ function createLucernClient(config = {}) {
|
|
|
7105
7582
|
const auditClient = createAuditClient(gatewayConfig);
|
|
7106
7583
|
const authDeviceClient = createAuthDeviceClient(gatewayConfig);
|
|
7107
7584
|
const adminClient = createAdminClient(gatewayConfig);
|
|
7585
|
+
const accessControlClient = createAccessControlClient(gatewayConfig);
|
|
7108
7586
|
const answersClient = createAnswersClient(gatewayConfig);
|
|
7109
7587
|
const contradictionsFacade = createContradictionsFacade(gatewayConfig);
|
|
7110
7588
|
const edgesFacade = createEdgesFacade(gatewayConfig);
|
|
@@ -7124,6 +7602,7 @@ function createLucernClient(config = {}) {
|
|
|
7124
7602
|
const ontologyLinksClient = createOntologyLinksClient(gatewayConfig);
|
|
7125
7603
|
const orgGraphSearchClient = createOrgGraphSearchClient(gatewayConfig);
|
|
7126
7604
|
const functionSurfaceClient = createFunctionSurfaceClient(gatewayConfig);
|
|
7605
|
+
const controlPlaneClient = createControlPlaneClient(gatewayConfig);
|
|
7127
7606
|
const toolRegistryClient = createToolRegistryClient(gatewayConfig);
|
|
7128
7607
|
const modelRuntimeClient = createModelRuntimeClient(gatewayConfig);
|
|
7129
7608
|
const packsClient = createPacksClient(gatewayConfig);
|
|
@@ -7495,9 +7974,24 @@ function createLucernClient(config = {}) {
|
|
|
7495
7974
|
typeof input === "string" ? { nodeId: input } : input
|
|
7496
7975
|
);
|
|
7497
7976
|
},
|
|
7498
|
-
create
|
|
7499
|
-
|
|
7500
|
-
|
|
7977
|
+
create(input, idempotencyKey) {
|
|
7978
|
+
return functionSurfaceClient.createEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
7979
|
+
},
|
|
7980
|
+
createEpistemicNode(input, idempotencyKey) {
|
|
7981
|
+
return functionSurfaceClient.createEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
7982
|
+
},
|
|
7983
|
+
update(input, idempotencyKey) {
|
|
7984
|
+
return functionSurfaceClient.updateEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
7985
|
+
},
|
|
7986
|
+
updateEpistemicNode(input, idempotencyKey) {
|
|
7987
|
+
return functionSurfaceClient.updateEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
7988
|
+
},
|
|
7989
|
+
batchCreate(input, idempotencyKey) {
|
|
7990
|
+
return functionSurfaceClient.batchCreateEpistemicNodes(input, idempotencyKey).then(exposeGatewayData);
|
|
7991
|
+
},
|
|
7992
|
+
batchCreateEpistemicNodes(input, idempotencyKey) {
|
|
7993
|
+
return functionSurfaceClient.batchCreateEpistemicNodes(input, idempotencyKey).then(exposeGatewayData);
|
|
7994
|
+
},
|
|
7501
7995
|
listByTopicAndType(input) {
|
|
7502
7996
|
return gateway.request({
|
|
7503
7997
|
path: `/api/platform/v1/nodes${sdkQueryString({
|
|
@@ -7522,8 +8016,15 @@ function createLucernClient(config = {}) {
|
|
|
7522
8016
|
})}`
|
|
7523
8017
|
}).then(exposeGatewayData);
|
|
7524
8018
|
},
|
|
7525
|
-
supersede
|
|
7526
|
-
|
|
8019
|
+
supersede(input, idempotencyKey) {
|
|
8020
|
+
return functionSurfaceClient.supersedeEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
8021
|
+
},
|
|
8022
|
+
verify(input, idempotencyKey) {
|
|
8023
|
+
return functionSurfaceClient.verifyEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
8024
|
+
},
|
|
8025
|
+
archive(input, idempotencyKey) {
|
|
8026
|
+
return functionSurfaceClient.archiveEpistemicNode(input, idempotencyKey).then(exposeGatewayData);
|
|
8027
|
+
},
|
|
7527
8028
|
hardDelete: graphClient.hardDeleteNode
|
|
7528
8029
|
};
|
|
7529
8030
|
const publicationNamespace = {
|
|
@@ -7730,7 +8231,13 @@ function createLucernClient(config = {}) {
|
|
|
7730
8231
|
}
|
|
7731
8232
|
},
|
|
7732
8233
|
edges: {
|
|
7733
|
-
create(args) {
|
|
8234
|
+
create(args, idempotencyKey) {
|
|
8235
|
+
if (args.from && args.to) {
|
|
8236
|
+
return functionSurfaceClient.createEdge(args, idempotencyKey).then(exposeGatewayData);
|
|
8237
|
+
}
|
|
8238
|
+
if (!args.sourceId || !args.targetId) {
|
|
8239
|
+
throw new Error("from/to graph refs or sourceId/targetId are required");
|
|
8240
|
+
}
|
|
7734
8241
|
return edgesFacade.create({
|
|
7735
8242
|
sourceId: args.sourceId,
|
|
7736
8243
|
targetId: args.targetId,
|
|
@@ -7741,17 +8248,32 @@ function createLucernClient(config = {}) {
|
|
|
7741
8248
|
context: args.context ?? args.reasoning
|
|
7742
8249
|
}).then(exposeGatewayData);
|
|
7743
8250
|
},
|
|
8251
|
+
createEdge(input, idempotencyKey) {
|
|
8252
|
+
return functionSurfaceClient.createEdge(input, idempotencyKey).then(exposeGatewayData);
|
|
8253
|
+
},
|
|
7744
8254
|
update(input, idempotencyKey) {
|
|
7745
|
-
return
|
|
8255
|
+
return functionSurfaceClient.updateEdge(input, idempotencyKey).then(exposeGatewayData);
|
|
8256
|
+
},
|
|
8257
|
+
updateEdge(input, idempotencyKey) {
|
|
8258
|
+
return functionSurfaceClient.updateEdge(input, idempotencyKey).then(exposeGatewayData);
|
|
7746
8259
|
},
|
|
7747
8260
|
remove(input, idempotencyKey) {
|
|
7748
|
-
return
|
|
8261
|
+
return functionSurfaceClient.removeEdge(input, idempotencyKey).then(exposeGatewayData);
|
|
8262
|
+
},
|
|
8263
|
+
removeEdge(input, idempotencyKey) {
|
|
8264
|
+
return functionSurfaceClient.removeEdge(input, idempotencyKey).then(exposeGatewayData);
|
|
7749
8265
|
},
|
|
7750
8266
|
removeBetween(input, idempotencyKey) {
|
|
7751
|
-
return
|
|
8267
|
+
return functionSurfaceClient.removeEdgesBetween(input, idempotencyKey).then(exposeGatewayData);
|
|
8268
|
+
},
|
|
8269
|
+
removeEdgesBetween(input, idempotencyKey) {
|
|
8270
|
+
return functionSurfaceClient.removeEdgesBetween(input, idempotencyKey).then(exposeGatewayData);
|
|
7752
8271
|
},
|
|
7753
8272
|
batchCreate(input, idempotencyKey) {
|
|
7754
|
-
return
|
|
8273
|
+
return functionSurfaceClient.batchCreateEdges(input, idempotencyKey).then(exposeGatewayData);
|
|
8274
|
+
},
|
|
8275
|
+
batchCreateEdges(input, idempotencyKey) {
|
|
8276
|
+
return functionSurfaceClient.batchCreateEdges(input, idempotencyKey).then(exposeGatewayData);
|
|
7755
8277
|
},
|
|
7756
8278
|
delete(input, idempotencyKey) {
|
|
7757
8279
|
return edgesFacade.delete(input, idempotencyKey).then(exposeGatewayData);
|
|
@@ -8463,17 +8985,7 @@ function createLucernClient(config = {}) {
|
|
|
8463
8985
|
},
|
|
8464
8986
|
get: topicsFacade.get,
|
|
8465
8987
|
create(input) {
|
|
8466
|
-
return
|
|
8467
|
-
name: input.name,
|
|
8468
|
-
description: input.description,
|
|
8469
|
-
type: input.type,
|
|
8470
|
-
parentTopicId: input.parentTopicId,
|
|
8471
|
-
ontologyId: input.ontologyId,
|
|
8472
|
-
tenantId: input.tenantId,
|
|
8473
|
-
workspaceId: input.workspaceId,
|
|
8474
|
-
visibility: input.visibility,
|
|
8475
|
-
createdBy: input.createdBy
|
|
8476
|
-
});
|
|
8988
|
+
return functionSurfaceClient.createTopic(input).then(exposeGatewayData);
|
|
8477
8989
|
},
|
|
8478
8990
|
update(topicId, input) {
|
|
8479
8991
|
return topicsFacade.update({
|
|
@@ -8507,7 +9019,19 @@ function createLucernClient(config = {}) {
|
|
|
8507
9019
|
});
|
|
8508
9020
|
},
|
|
8509
9021
|
remove: topicsFacade.remove,
|
|
8510
|
-
bulkCreate: topicsFacade.bulkCreate
|
|
9022
|
+
bulkCreate: topicsFacade.bulkCreate,
|
|
9023
|
+
materializeGraph(input = {}, idempotencyKey) {
|
|
9024
|
+
return functionSurfaceClient.materializeTopicGraph(input, idempotencyKey).then(exposeGatewayData);
|
|
9025
|
+
},
|
|
9026
|
+
materializeTopicGraph(input = {}, idempotencyKey) {
|
|
9027
|
+
return functionSurfaceClient.materializeTopicGraph(input, idempotencyKey).then(exposeGatewayData);
|
|
9028
|
+
},
|
|
9029
|
+
graphSpine(input = {}) {
|
|
9030
|
+
return functionSurfaceClient.getTopicGraphSpine(input).then(exposeGatewayData);
|
|
9031
|
+
},
|
|
9032
|
+
getTopicGraphSpine(input = {}) {
|
|
9033
|
+
return functionSurfaceClient.getTopicGraphSpine(input).then(exposeGatewayData);
|
|
9034
|
+
}
|
|
8511
9035
|
},
|
|
8512
9036
|
answers: {
|
|
8513
9037
|
create(input) {
|
|
@@ -8742,8 +9266,16 @@ function createLucernClient(config = {}) {
|
|
|
8742
9266
|
disable: packsClient.disable
|
|
8743
9267
|
},
|
|
8744
9268
|
nodes: nodesNamespace,
|
|
9269
|
+
controlPlane: {
|
|
9270
|
+
identity: {
|
|
9271
|
+
resolveInteractivePrincipal: controlPlaneClient.identity.resolveInteractivePrincipal
|
|
9272
|
+
},
|
|
9273
|
+
raw: controlPlaneClient
|
|
9274
|
+
},
|
|
8745
9275
|
identity: {
|
|
8746
9276
|
...identityFacade,
|
|
9277
|
+
access: accessControlClient,
|
|
9278
|
+
resolveInteractivePrincipal: identityClient.resolveInteractivePrincipal,
|
|
8747
9279
|
evaluatePolicy: identityClient.evaluatePolicy,
|
|
8748
9280
|
recordPolicyDecision: identityClient.recordPolicyDecision,
|
|
8749
9281
|
putSecretReference: identityClient.putSecretReference,
|
|
@@ -8788,6 +9320,7 @@ function createLucernClient(config = {}) {
|
|
|
8788
9320
|
ontologyLinks: ontologyLinksClient,
|
|
8789
9321
|
orgGraphSearch: orgGraphSearchClient,
|
|
8790
9322
|
functionSurface: functionSurfaceClient,
|
|
9323
|
+
controlPlane: controlPlaneClient,
|
|
8791
9324
|
toolRegistry: toolRegistryClient,
|
|
8792
9325
|
modelRuntime: modelRuntimeClient,
|
|
8793
9326
|
packs: packsClient,
|