@lucern/sdk 1.0.10 → 1.0.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/README.md +35 -0
- package/dist/.generated +2 -0
- package/dist/accessControl.d.ts +19 -26
- package/dist/accessControl.js +195 -1423
- package/dist/adminClient.d.ts +52 -59
- package/dist/adminClient.js +364 -1142
- package/dist/answersClient.d.ts +5 -14
- package/dist/answersClient.js +19 -737
- package/dist/audience/index.d.ts +18 -18
- package/dist/audience/index.js +87 -90
- package/dist/audiencesClient.d.ts +19 -27
- package/dist/audiencesClient.js +107 -868
- package/dist/auditClient.d.ts +8 -15
- package/dist/auditClient.js +18 -791
- package/dist/authContext.d.ts +11 -16
- package/dist/authContext.js +122 -154
- package/dist/authDeviceClient.d.ts +8 -17
- package/dist/authDeviceClient.js +113 -102
- package/dist/beliefs/index.d.ts +15 -67
- package/dist/beliefs/index.js +17 -10172
- package/dist/beliefs/lifecycle.d.ts +10 -11
- package/dist/beliefs/lifecycle.js +78 -80
- package/dist/beliefsClient.d.ts +26 -32
- package/dist/beliefsClient.js +250 -990
- package/dist/boundaryClientSurface.d.ts +11 -16
- package/dist/boundaryClientSurface.js +49 -68
- package/dist/client.d.ts +73 -112
- package/dist/client.js +232 -10146
- package/dist/clientAssemblyTypes.d.ts +3 -3
- package/dist/clientAssemblyTypes.js +1 -2
- package/dist/clientConfig.d.ts +45 -59
- package/dist/clientConfig.js +1 -2
- package/dist/clientEvidenceCompat.d.ts +7 -14
- package/dist/clientEvidenceCompat.js +50 -64
- package/dist/clientGraphNamespaces.d.ts +3 -5
- package/dist/clientGraphNamespaces.js +170 -245
- package/dist/clientHelpers.d.ts +20 -25
- package/dist/clientHelpers.js +104 -127
- package/dist/clientKnowledgeNamespaces.d.ts +6 -53
- package/dist/clientKnowledgeNamespaces.js +502 -506
- package/dist/clientLocalHelpers.d.ts +11 -56
- package/dist/clientLocalHelpers.js +503 -732
- package/dist/clientPlatformNamespaces.d.ts +14 -53
- package/dist/clientPlatformNamespaces.js +229 -314
- package/dist/clientRuntime.d.ts +5 -53
- package/dist/clientRuntime.js +26 -30
- package/dist/clientWorkflowNamespaces.d.ts +6 -15
- package/dist/clientWorkflowNamespaces.js +529 -596
- package/dist/contextClient.d.ts +9 -17
- package/dist/contextClient.js +92 -805
- package/dist/contextFacade.d.ts +11 -2
- package/dist/contextFacade.js +10 -81
- package/dist/contextPackCompiler.d.ts +10 -11
- package/dist/contextPackCompiler.js +494 -1040
- package/dist/contextPackPolicy.d.ts +14 -15
- package/dist/contextPackPolicy.js +227 -305
- package/dist/contextPackSchema.d.ts +3 -3
- package/dist/contextPackSchema.js +169 -176
- package/dist/contextTypes.d.ts +14 -15
- package/dist/contextTypes.js +1 -2
- package/dist/contracts/api-enums.contract.d.ts +29 -30
- package/dist/contracts/api-enums.contract.js +162 -88
- package/dist/contracts/auth-session.contract.d.ts +13 -14
- package/dist/contracts/auth-session.contract.js +55 -52
- package/dist/contracts/context-pack.contract.d.ts +54 -55
- package/dist/contracts/context-pack.contract.js +160 -88
- package/dist/contracts/contextPack.d.ts +2 -1
- package/dist/contracts/contextPack.js +1 -97
- package/dist/contracts/index.d.ts +11 -12
- package/dist/contracts/index.js +10 -854
- package/dist/contracts/lens-filter.contract.d.ts +9 -10
- package/dist/contracts/lens-filter.contract.js +82 -58
- package/dist/contracts/lens-workflow.contract.d.ts +21 -23
- package/dist/contracts/lens-workflow.contract.js +48 -117
- package/dist/contracts/lensFilter.d.ts +2 -1
- package/dist/contracts/lensFilter.js +1 -71
- package/dist/contracts/lensWorkflow.d.ts +2 -2
- package/dist/contracts/lensWorkflow.js +1 -123
- package/dist/contracts/mcpTools.d.ts +16 -18
- package/dist/contracts/mcpTools.js +89 -123
- package/dist/contracts/prompt.contract.d.ts +4 -5
- package/dist/contracts/prompt.contract.js +23 -10
- package/dist/contracts/prompt.d.ts +2 -1
- package/dist/contracts/prompt.js +1 -11
- package/dist/contracts/sdk-tools.contract.d.ts +2 -1
- package/dist/contracts/sdk-tools.contract.js +1 -2
- package/dist/contracts/sdkTools.d.ts +2 -1
- package/dist/contracts/sdkTools.js +1 -26
- package/dist/contracts/tool-contracts.d.ts +2 -1
- package/dist/contracts/tool-contracts.js +1 -2
- package/dist/contracts/workflow-runtime.contract.d.ts +45 -46
- package/dist/contracts/workflow-runtime.contract.js +241 -228
- package/dist/contracts/workflowRuntime.d.ts +2 -1
- package/dist/contracts/workflowRuntime.js +1 -244
- package/dist/contradictions/index.d.ts +8 -60
- package/dist/contradictions/index.js +11 -10166
- package/dist/control-plane.d.ts +17 -24
- package/dist/control-plane.js +124 -840
- package/dist/controlObjectOwnership.d.ts +19 -20
- package/dist/controlObjectOwnership.js +207 -201
- package/dist/coreClient.d.ts +23 -28
- package/dist/coreClient.js +567 -692
- package/dist/customTools.d.ts +17 -21
- package/dist/customTools.js +221 -221
- package/dist/decisions/index.d.ts +7 -58
- package/dist/decisions/index.js +14 -10168
- package/dist/decisionsClient.d.ts +25 -32
- package/dist/decisionsClient.js +113 -913
- package/dist/domainContext.d.ts +2 -1
- package/dist/domainContext.js +1 -2
- package/dist/edges/index.d.ts +21 -73
- package/dist/edges/index.js +12 -10167
- package/dist/embeddingsClient.d.ts +22 -30
- package/dist/embeddingsClient.js +73 -922
- package/dist/eventingClient.d.ts +23 -31
- package/dist/eventingClient.js +89 -918
- package/dist/events.d.ts +48 -49
- package/dist/events.js +257 -241
- package/dist/eventsCore.d.ts +20 -29
- package/dist/eventsCore.js +86 -830
- package/dist/evidence/index.d.ts +9 -60
- package/dist/evidence/index.js +13 -10167
- package/dist/evidenceClient.d.ts +13 -22
- package/dist/evidenceClient.js +34 -751
- package/dist/facade/context.d.ts +7 -8
- package/dist/facade/context.js +73 -72
- package/dist/functionSurface.d.ts +2 -156
- package/dist/functionSurface.js +1 -1460
- package/dist/functionSurfaceClient.d.ts +2 -9
- package/dist/functionSurfaceClient.js +1 -1460
- package/dist/gatewayFacades.d.ts +79 -296
- package/dist/gatewayFacades.factories.d.ts +209 -14
- package/dist/gatewayFacades.factories.js +561 -2227
- package/dist/gatewayFacades.js +284 -2627
- package/dist/generated/functionSurface.d.ts +149 -0
- package/dist/generated/functionSurface.js +749 -0
- package/dist/graphAnalysisClient.d.ts +41 -49
- package/dist/graphAnalysisClient.js +185 -974
- package/dist/graphClient.d.ts +53 -60
- package/dist/graphClient.js +219 -1090
- package/dist/graphIntel.d.ts +2 -4
- package/dist/graphIntel.js +1 -2
- package/dist/graphIntelligence.d.ts +4 -2
- package/dist/graphIntelligence.js +2 -46
- package/dist/graphRecommendationsClient.d.ts +15 -23
- package/dist/graphRecommendationsClient.js +70 -849
- package/dist/graphStateClassifierClient.d.ts +17 -25
- package/dist/graphStateClassifierClient.js +67 -908
- package/dist/harnessClient.d.ts +40 -47
- package/dist/harnessClient.js +198 -993
- package/dist/identityClient.d.ts +25 -33
- package/dist/identityClient.js +245 -1186
- package/dist/index.d.ts +73 -69
- package/dist/index.js +72 -13304
- package/dist/infisicalRuntime.d.ts +12 -14
- package/dist/infisicalRuntime.js +290 -297
- package/dist/jobsClient.d.ts +24 -32
- package/dist/jobsClient.js +101 -916
- package/dist/learningClient.d.ts +8 -16
- package/dist/learningClient.js +45 -809
- package/dist/lenses/index.d.ts +13 -65
- package/dist/lenses/index.js +11 -10166
- package/dist/mcpClient.d.ts +14 -23
- package/dist/mcpClient.js +115 -856
- package/dist/modelRuntimeClient.d.ts +18 -26
- package/dist/modelRuntimeClient.js +74 -894
- package/dist/nodes/index.d.ts +7 -58
- package/dist/nodes/index.js +14 -10168
- package/dist/ontologies/index.d.ts +21 -73
- package/dist/ontologies/index.js +14 -10169
- package/dist/ontologyClient.d.ts +23 -31
- package/dist/ontologyClient.js +138 -924
- package/dist/ontologyLinksClient.d.ts +16 -24
- package/dist/ontologyLinksClient.js +76 -886
- package/dist/opinion.d.ts +5 -6
- package/dist/opinion.js +21 -25
- package/dist/orgGraphSearchClient.d.ts +19 -27
- package/dist/orgGraphSearchClient.js +89 -857
- package/dist/packRuntime.d.ts +2 -2
- package/dist/packRuntime.js +1 -2
- package/dist/packsClient.d.ts +30 -37
- package/dist/packsClient.js +131 -906
- package/dist/policyClient.d.ts +21 -29
- package/dist/policyClient.js +267 -1026
- package/dist/proof-attestation.json +1 -1
- package/dist/questions/index.d.ts +9 -60
- package/dist/questions/index.js +15 -10169
- package/dist/realtime/index.d.ts +20 -16
- package/dist/realtime/index.js +30 -19
- package/dist/realtime/refs.d.ts +4 -6
- package/dist/realtime/refs.js +12 -7
- package/dist/realtime-refs.d.ts +1 -0
- package/dist/realtime-refs.js +1 -0
- package/dist/realtime.d.ts +1 -0
- package/dist/realtime.js +1 -0
- package/dist/reportsClient.d.ts +10 -19
- package/dist/reportsClient.js +48 -836
- package/dist/schemaClient.d.ts +16 -23
- package/dist/schemaClient.js +62 -832
- package/dist/sdkSurface.d.ts +18 -25
- package/dist/sdkSurface.js +135 -106
- package/dist/secrets.d.ts +2 -1
- package/dist/secrets.js +1 -2
- package/dist/sourcesClient.d.ts +11 -18
- package/dist/sourcesClient.js +18 -741
- package/dist/telemetryClient.d.ts +22 -30
- package/dist/telemetryClient.js +107 -931
- package/dist/toolRegistryClient.d.ts +27 -35
- package/dist/toolRegistryClient.js +116 -954
- package/dist/topics/index.d.ts +13 -64
- package/dist/topics/index.js +15 -10169
- package/dist/topicsClient.d.ts +19 -27
- package/dist/topicsClient.js +106 -894
- package/dist/types.d.ts +84 -87
- package/dist/types.js +1 -2
- package/dist/version.d.ts +2 -3
- package/dist/version.js +2 -5
- package/dist/workflowClient.d.ts +60 -65
- package/dist/workflowClient.js +343 -1219
- package/dist/worktrees/index.d.ts +16 -68
- package/dist/worktrees/index.js +14 -10169
- package/package.json +6 -6
- package/dist/accessControl.js.map +0 -1
- package/dist/adminClient.js.map +0 -1
- package/dist/answersClient.js.map +0 -1
- package/dist/audience/index.js.map +0 -1
- package/dist/audiencesClient.js.map +0 -1
- package/dist/auditClient.js.map +0 -1
- package/dist/authContext.js.map +0 -1
- package/dist/authDeviceClient.js.map +0 -1
- package/dist/beliefs/index.js.map +0 -1
- package/dist/beliefs/lifecycle.js.map +0 -1
- package/dist/beliefsClient.js.map +0 -1
- package/dist/boundaryClientSurface.js.map +0 -1
- package/dist/client.js.map +0 -1
- package/dist/clientAssemblyTypes.js.map +0 -1
- package/dist/clientConfig.js.map +0 -1
- package/dist/clientEvidenceCompat.js.map +0 -1
- package/dist/clientGraphNamespaces.js.map +0 -1
- package/dist/clientHelpers.js.map +0 -1
- package/dist/clientKnowledgeNamespaces.js.map +0 -1
- package/dist/clientLocalHelpers.js.map +0 -1
- package/dist/clientPlatformNamespaces.js.map +0 -1
- package/dist/clientRuntime.js.map +0 -1
- package/dist/clientWorkflowNamespaces.js.map +0 -1
- package/dist/contextClient.js.map +0 -1
- package/dist/contextFacade.js.map +0 -1
- package/dist/contextPackCompiler.js.map +0 -1
- package/dist/contextPackPolicy.js.map +0 -1
- package/dist/contextPackSchema.js.map +0 -1
- package/dist/contextTypes.js.map +0 -1
- package/dist/contracts/api-enums.contract.js.map +0 -1
- package/dist/contracts/auth-session.contract.js.map +0 -1
- package/dist/contracts/context-pack.contract.js.map +0 -1
- package/dist/contracts/contextPack.js.map +0 -1
- package/dist/contracts/index.js.map +0 -1
- package/dist/contracts/lens-filter.contract.js.map +0 -1
- package/dist/contracts/lens-workflow.contract.js.map +0 -1
- package/dist/contracts/lensFilter.js.map +0 -1
- package/dist/contracts/lensWorkflow.js.map +0 -1
- package/dist/contracts/mcpTools.js.map +0 -1
- package/dist/contracts/prompt.contract.js.map +0 -1
- package/dist/contracts/prompt.js.map +0 -1
- package/dist/contracts/sdk-tools.contract.js.map +0 -1
- package/dist/contracts/sdkTools.js.map +0 -1
- package/dist/contracts/tool-contracts.js.map +0 -1
- package/dist/contracts/workflow-runtime.contract.js.map +0 -1
- package/dist/contracts/workflowRuntime.js.map +0 -1
- package/dist/contradictions/index.js.map +0 -1
- package/dist/control-plane.js.map +0 -1
- package/dist/controlObjectOwnership.js.map +0 -1
- package/dist/coreClient.js.map +0 -1
- package/dist/customTools.js.map +0 -1
- package/dist/decisions/index.js.map +0 -1
- package/dist/decisionsClient.js.map +0 -1
- package/dist/domainContext.js.map +0 -1
- package/dist/edges/index.js.map +0 -1
- package/dist/embeddingsClient.js.map +0 -1
- package/dist/eventingClient.js.map +0 -1
- package/dist/events.js.map +0 -1
- package/dist/eventsCore.js.map +0 -1
- package/dist/evidence/index.js.map +0 -1
- package/dist/evidenceClient.js.map +0 -1
- package/dist/facade/context.js.map +0 -1
- package/dist/functionSurface.js.map +0 -1
- package/dist/functionSurfaceClient.js.map +0 -1
- package/dist/gatewayFacades.factories.js.map +0 -1
- package/dist/gatewayFacades.js.map +0 -1
- package/dist/graphAnalysisClient.js.map +0 -1
- package/dist/graphClient.js.map +0 -1
- package/dist/graphIntel.js.map +0 -1
- package/dist/graphIntelligence.js.map +0 -1
- package/dist/graphRecommendationsClient.js.map +0 -1
- package/dist/graphStateClassifierClient.js.map +0 -1
- package/dist/harnessClient.js.map +0 -1
- package/dist/identityClient.js.map +0 -1
- package/dist/index.js.map +0 -1
- package/dist/infisicalRuntime.js.map +0 -1
- package/dist/jobsClient.js.map +0 -1
- package/dist/learningClient.js.map +0 -1
- package/dist/lenses/index.js.map +0 -1
- package/dist/mcpClient.js.map +0 -1
- package/dist/modelRuntimeClient.js.map +0 -1
- package/dist/nodes/index.js.map +0 -1
- package/dist/ontologies/index.js.map +0 -1
- package/dist/ontologyClient.js.map +0 -1
- package/dist/ontologyLinksClient.js.map +0 -1
- package/dist/opinion.js.map +0 -1
- package/dist/orgGraphSearchClient.js.map +0 -1
- package/dist/packRuntime.js.map +0 -1
- package/dist/packsClient.js.map +0 -1
- package/dist/policyClient.js.map +0 -1
- package/dist/questions/index.js.map +0 -1
- package/dist/realtime/index.js.map +0 -1
- package/dist/realtime/refs.js.map +0 -1
- package/dist/reportsClient.js.map +0 -1
- package/dist/schemaClient.js.map +0 -1
- package/dist/sdk-tools.contract-B4c1Zr1o.d.ts +0 -22
- package/dist/sdkSurface.js.map +0 -1
- package/dist/secrets.js.map +0 -1
- package/dist/sourcesClient.js.map +0 -1
- package/dist/telemetryClient.js.map +0 -1
- package/dist/tool-contracts-BUiL9P6z.d.ts +0 -22
- package/dist/toolRegistryClient.js.map +0 -1
- package/dist/topics/index.js.map +0 -1
- package/dist/topicsClient.js.map +0 -1
- package/dist/types.js.map +0 -1
- package/dist/version.js.map +0 -1
- package/dist/workflowClient.js.map +0 -1
- package/dist/worktrees/index.js.map +0 -1
package/dist/authContext.d.ts
CHANGED
|
@@ -1,11 +1,7 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { JsonObject } from
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
import './contracts/lens-filter.contract.js';
|
|
6
|
-
|
|
7
|
-
type LucernSdkAuthFailureReason = "principal_missing" | "tenant_missing" | "membership_missing" | "workspace_missing" | "clerk_alias_missing" | "clerk_alias_unrecognized" | "policy_denied" | "policy_unavailable" | "policy_unknown";
|
|
8
|
-
type PermitReadyAuthContext = {
|
|
1
|
+
import type { SessionAuthMode, SessionDelegationHop, SessionPrincipalType } from "./contracts/auth-session.contract";
|
|
2
|
+
import type { JsonObject } from "./types";
|
|
3
|
+
export type LucernSdkAuthFailureReason = "principal_missing" | "tenant_missing" | "membership_missing" | "workspace_missing" | "clerk_alias_missing" | "clerk_alias_unrecognized" | "policy_denied" | "policy_unavailable" | "policy_unknown";
|
|
4
|
+
export type PermitReadyAuthContext = {
|
|
9
5
|
subject: string;
|
|
10
6
|
tenant: string;
|
|
11
7
|
workspace: string;
|
|
@@ -14,8 +10,8 @@ type PermitReadyAuthContext = {
|
|
|
14
10
|
relation?: string;
|
|
15
11
|
context?: JsonObject;
|
|
16
12
|
};
|
|
17
|
-
type LucernSdkAuthPolicyDecision = "allow" | "deny" | "unknown";
|
|
18
|
-
type LucernSdkAuthContextInput = {
|
|
13
|
+
export type LucernSdkAuthPolicyDecision = "allow" | "deny" | "unknown";
|
|
14
|
+
export type LucernSdkAuthContextInput = {
|
|
19
15
|
clerkId?: string;
|
|
20
16
|
principalId?: string;
|
|
21
17
|
tenantId?: string;
|
|
@@ -31,7 +27,7 @@ type LucernSdkAuthContextInput = {
|
|
|
31
27
|
policyDecision?: LucernSdkAuthPolicyDecision;
|
|
32
28
|
permit?: Partial<PermitReadyAuthContext>;
|
|
33
29
|
};
|
|
34
|
-
type CanonicalLucernSdkAuthContext = {
|
|
30
|
+
export type CanonicalLucernSdkAuthContext = {
|
|
35
31
|
clerkId?: string;
|
|
36
32
|
principalId: string;
|
|
37
33
|
tenantId: string;
|
|
@@ -46,11 +42,10 @@ type CanonicalLucernSdkAuthContext = {
|
|
|
46
42
|
membershipId?: string;
|
|
47
43
|
permit: PermitReadyAuthContext;
|
|
48
44
|
};
|
|
49
|
-
declare class LucernSdkAuthContextError extends Error {
|
|
45
|
+
export declare class LucernSdkAuthContextError extends Error {
|
|
50
46
|
readonly reason: LucernSdkAuthFailureReason;
|
|
51
47
|
constructor(reason: LucernSdkAuthFailureReason, message: string);
|
|
52
48
|
}
|
|
53
|
-
declare function normalizeCanonicalLucernAuthContext(input: LucernSdkAuthContextInput | undefined): CanonicalLucernSdkAuthContext;
|
|
54
|
-
declare function createCanonicalAuthHeaders(authContext: CanonicalLucernSdkAuthContext): Record<string, string>;
|
|
55
|
-
|
|
56
|
-
export { type CanonicalLucernSdkAuthContext, LucernSdkAuthContextError, type LucernSdkAuthContextInput, type LucernSdkAuthFailureReason, type LucernSdkAuthPolicyDecision, type PermitReadyAuthContext, createCanonicalAuthHeaders, normalizeCanonicalLucernAuthContext };
|
|
49
|
+
export declare function normalizeCanonicalLucernAuthContext(input: LucernSdkAuthContextInput | undefined): CanonicalLucernSdkAuthContext;
|
|
50
|
+
export declare function createCanonicalAuthHeaders(authContext: CanonicalLucernSdkAuthContext): Record<string, string>;
|
|
51
|
+
//# sourceMappingURL=authContext.d.ts.map
|
package/dist/authContext.js
CHANGED
|
@@ -1,170 +1,138 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
};
|
|
1
|
+
export class LucernSdkAuthContextError extends Error {
|
|
2
|
+
reason;
|
|
3
|
+
constructor(reason, message) {
|
|
4
|
+
super(message);
|
|
5
|
+
this.name = "LucernSdkAuthContextError";
|
|
6
|
+
this.reason = reason;
|
|
7
|
+
}
|
|
8
|
+
}
|
|
10
9
|
function cleanString(value) {
|
|
11
|
-
|
|
12
|
-
|
|
10
|
+
const normalized = value?.trim();
|
|
11
|
+
return normalized ? normalized : undefined;
|
|
13
12
|
}
|
|
14
13
|
function cleanStringList(values) {
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
14
|
+
if (!values) {
|
|
15
|
+
return [];
|
|
16
|
+
}
|
|
17
|
+
return values
|
|
18
|
+
.map((value) => value.trim())
|
|
19
|
+
.filter((value, index, list) => value.length > 0 && list.indexOf(value) === index);
|
|
21
20
|
}
|
|
22
21
|
function requireString(value, reason, label) {
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
);
|
|
29
|
-
}
|
|
30
|
-
return normalized;
|
|
22
|
+
const normalized = cleanString(value);
|
|
23
|
+
if (!normalized) {
|
|
24
|
+
throw new LucernSdkAuthContextError(reason, `Canonical Lucern SDK auth context is missing ${label}.`);
|
|
25
|
+
}
|
|
26
|
+
return normalized;
|
|
31
27
|
}
|
|
32
28
|
function requirePrincipalType(principalType) {
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
);
|
|
38
|
-
}
|
|
39
|
-
return principalType;
|
|
29
|
+
if (!principalType) {
|
|
30
|
+
throw new LucernSdkAuthContextError("principal_missing", "Canonical Lucern SDK auth context is missing principalType.");
|
|
31
|
+
}
|
|
32
|
+
return principalType;
|
|
40
33
|
}
|
|
41
34
|
function requireAuthMode(authMode) {
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
);
|
|
47
|
-
}
|
|
48
|
-
return authMode;
|
|
35
|
+
if (!authMode) {
|
|
36
|
+
throw new LucernSdkAuthContextError("principal_missing", "Canonical Lucern SDK auth context is missing authMode.");
|
|
37
|
+
}
|
|
38
|
+
return authMode;
|
|
49
39
|
}
|
|
50
40
|
function ensurePermitMatch(args) {
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
`Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`
|
|
56
|
-
);
|
|
57
|
-
}
|
|
41
|
+
const actual = cleanString(args.actual);
|
|
42
|
+
if (actual && actual !== args.expected) {
|
|
43
|
+
throw new LucernSdkAuthContextError("policy_denied", `Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`);
|
|
44
|
+
}
|
|
58
45
|
}
|
|
59
|
-
function normalizeCanonicalLucernAuthContext(input) {
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
"principal_missing",
|
|
63
|
-
"Canonical Lucern SDK auth context is required."
|
|
64
|
-
);
|
|
65
|
-
}
|
|
66
|
-
if (input.policyDecision === "deny") {
|
|
67
|
-
throw new LucernSdkAuthContextError(
|
|
68
|
-
"policy_denied",
|
|
69
|
-
"Canonical Lucern SDK auth context carries a denied policy decision."
|
|
70
|
-
);
|
|
71
|
-
}
|
|
72
|
-
const principalId = requireString(
|
|
73
|
-
input.principalId,
|
|
74
|
-
"principal_missing",
|
|
75
|
-
"principalId"
|
|
76
|
-
);
|
|
77
|
-
const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
|
|
78
|
-
const workspaceId = requireString(
|
|
79
|
-
input.workspaceId,
|
|
80
|
-
"workspace_missing",
|
|
81
|
-
"workspaceId"
|
|
82
|
-
);
|
|
83
|
-
const roles = cleanStringList(input.roles);
|
|
84
|
-
const scopes = cleanStringList(input.scopes);
|
|
85
|
-
const principalType = requirePrincipalType(input.principalType);
|
|
86
|
-
const authMode = requireAuthMode(input.authMode);
|
|
87
|
-
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
88
|
-
if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
|
|
89
|
-
throw new LucernSdkAuthContextError(
|
|
90
|
-
"membership_missing",
|
|
91
|
-
"Canonical Lucern SDK auth context requires non-empty roles and scopes."
|
|
92
|
-
);
|
|
93
|
-
}
|
|
94
|
-
const subject = cleanString(input.permit?.subject) ?? principalId;
|
|
95
|
-
const tenant = cleanString(input.permit?.tenant) ?? tenantId;
|
|
96
|
-
const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
|
|
97
|
-
ensurePermitMatch({
|
|
98
|
-
field: "subject",
|
|
99
|
-
expected: principalId,
|
|
100
|
-
actual: subject
|
|
101
|
-
});
|
|
102
|
-
ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
|
|
103
|
-
ensurePermitMatch({
|
|
104
|
-
field: "workspace",
|
|
105
|
-
expected: workspaceId,
|
|
106
|
-
actual: workspace
|
|
107
|
-
});
|
|
108
|
-
const context = input.permit?.context ? { ...input.permit.context } : void 0;
|
|
109
|
-
return {
|
|
110
|
-
clerkId: cleanString(input.clerkId),
|
|
111
|
-
principalId,
|
|
112
|
-
tenantId,
|
|
113
|
-
workspaceId,
|
|
114
|
-
principalType,
|
|
115
|
-
authMode,
|
|
116
|
-
roles,
|
|
117
|
-
scopes,
|
|
118
|
-
delegationChain: input.delegationChain ? [...input.delegationChain] : [],
|
|
119
|
-
policyTraceId: cleanString(input.policyTraceId),
|
|
120
|
-
correlationId: cleanString(input.correlationId),
|
|
121
|
-
membershipId: cleanString(input.membershipId),
|
|
122
|
-
permit: {
|
|
123
|
-
subject,
|
|
124
|
-
tenant,
|
|
125
|
-
workspace,
|
|
126
|
-
resource: cleanString(input.permit?.resource),
|
|
127
|
-
action: cleanString(input.permit?.action),
|
|
128
|
-
relation: cleanString(input.permit?.relation),
|
|
129
|
-
context
|
|
46
|
+
export function normalizeCanonicalLucernAuthContext(input) {
|
|
47
|
+
if (!input) {
|
|
48
|
+
throw new LucernSdkAuthContextError("principal_missing", "Canonical Lucern SDK auth context is required.");
|
|
130
49
|
}
|
|
131
|
-
|
|
50
|
+
if (input.policyDecision === "deny") {
|
|
51
|
+
throw new LucernSdkAuthContextError("policy_denied", "Canonical Lucern SDK auth context carries a denied policy decision.");
|
|
52
|
+
}
|
|
53
|
+
const principalId = requireString(input.principalId, "principal_missing", "principalId");
|
|
54
|
+
const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
|
|
55
|
+
const workspaceId = requireString(input.workspaceId, "workspace_missing", "workspaceId");
|
|
56
|
+
const roles = cleanStringList(input.roles);
|
|
57
|
+
const scopes = cleanStringList(input.scopes);
|
|
58
|
+
const principalType = requirePrincipalType(input.principalType);
|
|
59
|
+
const authMode = requireAuthMode(input.authMode);
|
|
60
|
+
const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
|
|
61
|
+
if (roles.length === 0 ||
|
|
62
|
+
(scopes.length === 0 && !roleBasedInteractiveAuth)) {
|
|
63
|
+
throw new LucernSdkAuthContextError("membership_missing", "Canonical Lucern SDK auth context requires non-empty roles and scopes.");
|
|
64
|
+
}
|
|
65
|
+
const subject = cleanString(input.permit?.subject) ?? principalId;
|
|
66
|
+
const tenant = cleanString(input.permit?.tenant) ?? tenantId;
|
|
67
|
+
const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
|
|
68
|
+
ensurePermitMatch({
|
|
69
|
+
field: "subject",
|
|
70
|
+
expected: principalId,
|
|
71
|
+
actual: subject,
|
|
72
|
+
});
|
|
73
|
+
ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
|
|
74
|
+
ensurePermitMatch({
|
|
75
|
+
field: "workspace",
|
|
76
|
+
expected: workspaceId,
|
|
77
|
+
actual: workspace,
|
|
78
|
+
});
|
|
79
|
+
const context = input.permit?.context
|
|
80
|
+
? { ...input.permit.context }
|
|
81
|
+
: undefined;
|
|
82
|
+
return {
|
|
83
|
+
clerkId: cleanString(input.clerkId),
|
|
84
|
+
principalId,
|
|
85
|
+
tenantId,
|
|
86
|
+
workspaceId,
|
|
87
|
+
principalType,
|
|
88
|
+
authMode,
|
|
89
|
+
roles,
|
|
90
|
+
scopes,
|
|
91
|
+
delegationChain: input.delegationChain ? [...input.delegationChain] : [],
|
|
92
|
+
policyTraceId: cleanString(input.policyTraceId),
|
|
93
|
+
correlationId: cleanString(input.correlationId),
|
|
94
|
+
membershipId: cleanString(input.membershipId),
|
|
95
|
+
permit: {
|
|
96
|
+
subject,
|
|
97
|
+
tenant,
|
|
98
|
+
workspace,
|
|
99
|
+
resource: cleanString(input.permit?.resource),
|
|
100
|
+
action: cleanString(input.permit?.action),
|
|
101
|
+
relation: cleanString(input.permit?.relation),
|
|
102
|
+
context,
|
|
103
|
+
},
|
|
104
|
+
};
|
|
132
105
|
}
|
|
133
|
-
function createCanonicalAuthHeaders(authContext) {
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
)
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
headers
|
|
164
|
-
}
|
|
165
|
-
return headers;
|
|
106
|
+
export function createCanonicalAuthHeaders(authContext) {
|
|
107
|
+
const headers = {
|
|
108
|
+
"x-lucern-principal-id": authContext.principalId,
|
|
109
|
+
"x-lucern-principal-type": authContext.principalType,
|
|
110
|
+
"x-lucern-tenant": authContext.tenantId,
|
|
111
|
+
"x-lucern-tenant-id": authContext.tenantId,
|
|
112
|
+
"x-lucern-workspace": authContext.workspaceId,
|
|
113
|
+
"x-lucern-workspace-id": authContext.workspaceId,
|
|
114
|
+
"x-lucern-auth-mode": authContext.authMode,
|
|
115
|
+
"x-lucern-roles": authContext.roles.join(","),
|
|
116
|
+
"x-lucern-scopes": authContext.scopes.join(","),
|
|
117
|
+
"x-lucern-permit-context": JSON.stringify(authContext.permit),
|
|
118
|
+
};
|
|
119
|
+
if (authContext.clerkId) {
|
|
120
|
+
headers["x-lucern-clerk-id"] = authContext.clerkId;
|
|
121
|
+
headers["x-lucern-user-id"] = authContext.clerkId;
|
|
122
|
+
}
|
|
123
|
+
if (authContext.delegationChain.length > 0) {
|
|
124
|
+
headers["x-lucern-delegation-chain"] = JSON.stringify(authContext.delegationChain);
|
|
125
|
+
}
|
|
126
|
+
if (authContext.policyTraceId) {
|
|
127
|
+
headers["x-lucern-policy-trace-id"] = authContext.policyTraceId;
|
|
128
|
+
}
|
|
129
|
+
if (authContext.correlationId) {
|
|
130
|
+
headers["x-correlation-id"] = authContext.correlationId;
|
|
131
|
+
headers["x-lucern-correlation-id"] = authContext.correlationId;
|
|
132
|
+
}
|
|
133
|
+
if (authContext.membershipId) {
|
|
134
|
+
headers["x-lucern-membership-id"] = authContext.membershipId;
|
|
135
|
+
}
|
|
136
|
+
return headers;
|
|
166
137
|
}
|
|
167
|
-
|
|
168
|
-
export { LucernSdkAuthContextError, createCanonicalAuthHeaders, normalizeCanonicalLucernAuthContext };
|
|
169
|
-
//# sourceMappingURL=authContext.js.map
|
|
170
138
|
//# sourceMappingURL=authContext.js.map
|
|
@@ -1,17 +1,9 @@
|
|
|
1
|
-
import { GatewayClientConfig } from
|
|
2
|
-
|
|
3
|
-
import './authContext.js';
|
|
4
|
-
import './contracts/auth-session.contract.js';
|
|
5
|
-
import './types.js';
|
|
6
|
-
import './contracts/workflow-runtime.contract.js';
|
|
7
|
-
import './contracts/lens-workflow.contract.js';
|
|
8
|
-
import './contracts/lens-filter.contract.js';
|
|
9
|
-
|
|
10
|
-
type DeviceCodeInput = {
|
|
1
|
+
import type { GatewayClientConfig } from "./coreClient";
|
|
2
|
+
export type DeviceCodeInput = {
|
|
11
3
|
clientId?: string;
|
|
12
4
|
scope?: string;
|
|
13
5
|
};
|
|
14
|
-
type DeviceCodeResponse = {
|
|
6
|
+
export type DeviceCodeResponse = {
|
|
15
7
|
device_code: string;
|
|
16
8
|
user_code: string;
|
|
17
9
|
verification_uri: string;
|
|
@@ -19,7 +11,7 @@ type DeviceCodeResponse = {
|
|
|
19
11
|
expires_in: number;
|
|
20
12
|
interval: number;
|
|
21
13
|
};
|
|
22
|
-
type DeviceTokenResponse = {
|
|
14
|
+
export type DeviceTokenResponse = {
|
|
23
15
|
access_token: string;
|
|
24
16
|
token_type: "Bearer";
|
|
25
17
|
expires_in: number;
|
|
@@ -32,8 +24,8 @@ type DeviceTokenResponse = {
|
|
|
32
24
|
principalId: string;
|
|
33
25
|
};
|
|
34
26
|
};
|
|
35
|
-
type DeviceTokenErrorCode = "authorization_pending" | "slow_down" | "access_denied" | "expired_token" | "invalid_grant" | "invalid_request";
|
|
36
|
-
declare class DeviceAuthorizationError extends Error {
|
|
27
|
+
export type DeviceTokenErrorCode = "authorization_pending" | "slow_down" | "access_denied" | "expired_token" | "invalid_grant" | "invalid_request";
|
|
28
|
+
export declare class DeviceAuthorizationError extends Error {
|
|
37
29
|
readonly error: DeviceTokenErrorCode;
|
|
38
30
|
readonly interval?: number;
|
|
39
31
|
constructor(args: {
|
|
@@ -42,9 +34,8 @@ declare class DeviceAuthorizationError extends Error {
|
|
|
42
34
|
interval?: number;
|
|
43
35
|
});
|
|
44
36
|
}
|
|
45
|
-
declare function createAuthDeviceClient(config?: GatewayClientConfig): {
|
|
37
|
+
export declare function createAuthDeviceClient(config?: GatewayClientConfig): {
|
|
46
38
|
createDeviceCode(input?: DeviceCodeInput): Promise<DeviceCodeResponse>;
|
|
47
39
|
pollDeviceToken(deviceCode: string): Promise<DeviceTokenResponse>;
|
|
48
40
|
};
|
|
49
|
-
|
|
50
|
-
export { DeviceAuthorizationError, type DeviceCodeInput, type DeviceCodeResponse, type DeviceTokenErrorCode, type DeviceTokenResponse, createAuthDeviceClient };
|
|
41
|
+
//# sourceMappingURL=authDeviceClient.d.ts.map
|
package/dist/authDeviceClient.js
CHANGED
|
@@ -1,121 +1,132 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
};
|
|
1
|
+
export class DeviceAuthorizationError extends Error {
|
|
2
|
+
error;
|
|
3
|
+
interval;
|
|
4
|
+
constructor(args) {
|
|
5
|
+
super(args.description ?? args.error);
|
|
6
|
+
this.name = "DeviceAuthorizationError";
|
|
7
|
+
this.error = args.error;
|
|
8
|
+
this.interval = args.interval;
|
|
9
|
+
}
|
|
10
|
+
}
|
|
12
11
|
function authBaseUrl(config) {
|
|
13
|
-
|
|
12
|
+
return config.baseUrl?.replace(/\/+$/, "") ?? "";
|
|
14
13
|
}
|
|
15
14
|
async function readJson(response) {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
15
|
+
try {
|
|
16
|
+
const payload = (await response.json());
|
|
17
|
+
return isRecord(payload) ? payload : {};
|
|
18
|
+
}
|
|
19
|
+
catch (error) {
|
|
20
|
+
return unreadableJsonBodyFallback(error);
|
|
21
|
+
}
|
|
22
22
|
}
|
|
23
23
|
function unreadableJsonBodyFallback(_error) {
|
|
24
|
-
|
|
24
|
+
return {};
|
|
25
25
|
}
|
|
26
26
|
function isRecord(value) {
|
|
27
|
-
|
|
27
|
+
return value !== null && typeof value === "object" && !Array.isArray(value);
|
|
28
28
|
}
|
|
29
29
|
function readString(value) {
|
|
30
|
-
|
|
31
|
-
|
|
30
|
+
const normalized = typeof value === "string" ? value.trim() : "";
|
|
31
|
+
return normalized || undefined;
|
|
32
32
|
}
|
|
33
33
|
function assertDeviceCodeResponse(payload) {
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
34
|
+
const deviceCode = readString(payload.device_code);
|
|
35
|
+
const userCode = readString(payload.user_code);
|
|
36
|
+
const verificationUri = readString(payload.verification_uri);
|
|
37
|
+
const verificationUriComplete = readString(payload.verification_uri_complete);
|
|
38
|
+
const expiresIn = payload.expires_in;
|
|
39
|
+
const interval = payload.interval;
|
|
40
|
+
if (!deviceCode ||
|
|
41
|
+
!userCode ||
|
|
42
|
+
!verificationUri ||
|
|
43
|
+
!verificationUriComplete ||
|
|
44
|
+
typeof expiresIn !== "number" ||
|
|
45
|
+
typeof interval !== "number") {
|
|
46
|
+
throw new Error("Gateway returned an invalid device-code response.");
|
|
47
|
+
}
|
|
48
|
+
return {
|
|
49
|
+
device_code: deviceCode,
|
|
50
|
+
user_code: userCode,
|
|
51
|
+
verification_uri: verificationUri,
|
|
52
|
+
verification_uri_complete: verificationUriComplete,
|
|
53
|
+
expires_in: expiresIn,
|
|
54
|
+
interval,
|
|
55
|
+
};
|
|
51
56
|
}
|
|
52
57
|
function assertDeviceTokenResponse(payload) {
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
58
|
+
const accessToken = readString(payload.access_token);
|
|
59
|
+
const tokenType = readString(payload.token_type);
|
|
60
|
+
const scope = readString(payload.scope);
|
|
61
|
+
const tenantId = readString(payload.tenant_id);
|
|
62
|
+
const principalId = readString(payload.principal_id);
|
|
63
|
+
if (!accessToken ||
|
|
64
|
+
tokenType !== "Bearer" ||
|
|
65
|
+
typeof payload.expires_in !== "number" ||
|
|
66
|
+
!scope ||
|
|
67
|
+
!tenantId ||
|
|
68
|
+
!principalId) {
|
|
69
|
+
throw new Error("Gateway returned an invalid device token response.");
|
|
70
|
+
}
|
|
71
|
+
return {
|
|
72
|
+
access_token: accessToken,
|
|
73
|
+
token_type: "Bearer",
|
|
74
|
+
expires_in: payload.expires_in,
|
|
75
|
+
scope,
|
|
76
|
+
tenant_id: tenantId,
|
|
77
|
+
workspace_id: readString(payload.workspace_id),
|
|
78
|
+
principal_id: principalId,
|
|
79
|
+
user: isRecord(payload.user) &&
|
|
80
|
+
typeof payload.user.id === "string" &&
|
|
81
|
+
typeof payload.user.principalId === "string"
|
|
82
|
+
? {
|
|
83
|
+
id: payload.user.id,
|
|
84
|
+
principalId: payload.user.principalId,
|
|
85
|
+
}
|
|
86
|
+
: undefined,
|
|
87
|
+
};
|
|
74
88
|
}
|
|
75
89
|
function maybeThrowDeviceError(payload) {
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
});
|
|
82
|
-
}
|
|
83
|
-
function createAuthDeviceClient(config = {}) {
|
|
84
|
-
const fetchImpl = config.fetchImpl ?? fetch;
|
|
85
|
-
const baseUrl = authBaseUrl(config);
|
|
86
|
-
async function post(path, body) {
|
|
87
|
-
return fetchImpl(`${baseUrl}${path}`, {
|
|
88
|
-
method: "POST",
|
|
89
|
-
headers: { "content-type": "application/json" },
|
|
90
|
-
body: JSON.stringify(body)
|
|
90
|
+
const error = readString(payload.error);
|
|
91
|
+
throw new DeviceAuthorizationError({
|
|
92
|
+
error: error ?? "invalid_request",
|
|
93
|
+
description: readString(payload.error_description),
|
|
94
|
+
interval: typeof payload.interval === "number" ? payload.interval : undefined,
|
|
91
95
|
});
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
}
|
|
103
|
-
return assertDeviceCodeResponse(payload);
|
|
104
|
-
},
|
|
105
|
-
async pollDeviceToken(deviceCode) {
|
|
106
|
-
const response = await post("/api/platform/v1/auth/device/token", {
|
|
107
|
-
grant_type: "urn:ietf:params:oauth:grant-type:device_code",
|
|
108
|
-
device_code: deviceCode
|
|
109
|
-
});
|
|
110
|
-
const payload = await readJson(response);
|
|
111
|
-
if (!response.ok) {
|
|
112
|
-
maybeThrowDeviceError(payload);
|
|
113
|
-
}
|
|
114
|
-
return assertDeviceTokenResponse(payload);
|
|
96
|
+
}
|
|
97
|
+
export function createAuthDeviceClient(config = {}) {
|
|
98
|
+
const fetchImpl = config.fetchImpl ?? fetch;
|
|
99
|
+
const baseUrl = authBaseUrl(config);
|
|
100
|
+
async function post(path, body) {
|
|
101
|
+
return fetchImpl(`${baseUrl}${path}`, {
|
|
102
|
+
method: "POST",
|
|
103
|
+
headers: { "content-type": "application/json" },
|
|
104
|
+
body: JSON.stringify(body),
|
|
105
|
+
});
|
|
115
106
|
}
|
|
116
|
-
|
|
107
|
+
return {
|
|
108
|
+
async createDeviceCode(input = {}) {
|
|
109
|
+
const response = await post("/api/platform/v1/auth/device/code", {
|
|
110
|
+
client_id: input.clientId ?? "lucern-cli",
|
|
111
|
+
scope: input.scope ?? "graph.read graph.write",
|
|
112
|
+
});
|
|
113
|
+
const payload = await readJson(response);
|
|
114
|
+
if (!response.ok) {
|
|
115
|
+
maybeThrowDeviceError(payload);
|
|
116
|
+
}
|
|
117
|
+
return assertDeviceCodeResponse(payload);
|
|
118
|
+
},
|
|
119
|
+
async pollDeviceToken(deviceCode) {
|
|
120
|
+
const response = await post("/api/platform/v1/auth/device/token", {
|
|
121
|
+
grant_type: "urn:ietf:params:oauth:grant-type:device_code",
|
|
122
|
+
device_code: deviceCode,
|
|
123
|
+
});
|
|
124
|
+
const payload = await readJson(response);
|
|
125
|
+
if (!response.ok) {
|
|
126
|
+
maybeThrowDeviceError(payload);
|
|
127
|
+
}
|
|
128
|
+
return assertDeviceTokenResponse(payload);
|
|
129
|
+
},
|
|
130
|
+
};
|
|
117
131
|
}
|
|
118
|
-
|
|
119
|
-
export { DeviceAuthorizationError, createAuthDeviceClient };
|
|
120
|
-
//# sourceMappingURL=authDeviceClient.js.map
|
|
121
132
|
//# sourceMappingURL=authDeviceClient.js.map
|