@lucern/sdk 1.0.29 → 1.0.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/dist/accessControl.d.ts +31 -31
- package/dist/accessControl.js +1 -0
- package/dist/adminClient.d.ts +74 -74
- package/dist/adminClient.js +38 -30
- package/dist/{answersClient.d.ts → answers-client.d.ts} +1 -1
- package/dist/{answersClient.js → answers-client.js} +2 -2
- package/dist/audience/index.d.ts +12 -12
- package/dist/{audiencesClient.d.ts → audiences-client.d.ts} +1 -1
- package/dist/audiences-client.js +107 -0
- package/dist/{auditClient.d.ts → audit-client.d.ts} +2 -3
- package/dist/{auditClient.js → audit-client.js} +8 -7
- package/dist/authContext.d.ts +26 -26
- package/dist/authDeviceClient.d.ts +11 -11
- package/dist/authDeviceClient.js +4 -6
- package/dist/beliefs/index.d.ts +56 -28
- package/dist/beliefs/index.js +2 -1
- package/dist/beliefsClient.d.ts +71 -63
- package/dist/beliefsClient.js +90 -67
- package/dist/{boundaryClientSurface.d.ts → boundary-client-surface.d.ts} +4 -4
- package/dist/{boundaryClientSurface.js → boundary-client-surface.js} +9 -7
- package/dist/client-assembly-types.d.ts +219 -0
- package/dist/client-assembly-types.js +2 -0
- package/dist/{clientConfig.d.ts → client-config.d.ts} +16 -32
- package/dist/client-config.js +2 -0
- package/dist/{clientEvidenceCompat.d.ts → client-evidence-compat.d.ts} +24 -24
- package/dist/{clientEvidenceCompat.js → client-evidence-compat.js} +2 -2
- package/dist/client.d.ts +1906 -352
- package/dist/client.js +34 -30
- package/dist/clientGraphNamespaces.d.ts +35 -25
- package/dist/clientGraphNamespaces.js +11 -5
- package/dist/clientHelpers.js +8 -5
- package/dist/clientKnowledgeNamespaces.d.ts +124 -84
- package/dist/clientKnowledgeNamespaces.js +35 -34
- package/dist/clientLocalHelpers.d.ts +81 -52
- package/dist/clientLocalHelpers.js +193 -43
- package/dist/clientPlatformNamespaces.d.ts +1541 -150
- package/dist/clientPlatformNamespaces.js +10 -5
- package/dist/clientRuntime.d.ts +1 -1
- package/dist/clientRuntime.js +1 -1
- package/dist/clientWorkflowNamespaces.d.ts +211 -97
- package/dist/clientWorkflowNamespaces.js +22 -19
- package/dist/contextClient.d.ts +2 -2
- package/dist/contextClient.js +79 -50
- package/dist/contextFacade.d.ts +1 -1
- package/dist/contextFacade.js +2 -0
- package/dist/contextPackCompiler.d.ts +52 -52
- package/dist/contextPackCompiler.js +192 -122
- package/dist/contextPackPolicy.d.ts +22 -22
- package/dist/contextPackPolicy.js +21 -9
- package/dist/contextPackSchema.d.ts +3 -3
- package/dist/contextPackSchema.js +1 -0
- package/dist/contextTypes.d.ts +155 -155
- package/dist/contracts/api-enums.contract.js +2 -11
- package/dist/contracts/auth-session.contract.d.ts +16 -16
- package/dist/contracts/auth-session.contract.js +3 -2
- package/dist/contracts/context-pack.contract.d.ts +216 -216
- package/dist/contracts/contextPack.js +2 -0
- package/dist/contracts/index.d.ts +1 -1
- package/dist/contracts/index.js +2 -1
- package/dist/contracts/lens-filter.contract.d.ts +8 -8
- package/dist/contracts/lens-filter.contract.js +10 -10
- package/dist/contracts/lens-workflow.contract.d.ts +32 -32
- package/dist/contracts/lens-workflow.contract.js +2 -1
- package/dist/contracts/lensFilter.js +2 -0
- package/dist/contracts/lensWorkflow.js +2 -0
- package/dist/contracts/mcpTools.d.ts +19 -19
- package/dist/contracts/mcpTools.js +3 -1
- package/dist/contracts/prompt.contract.d.ts +12 -12
- package/dist/contracts/prompt.js +1 -0
- package/dist/contracts/sdk-tools.contract.js +1 -0
- package/dist/contracts/sdkTools.js +2 -0
- package/dist/contracts/tool-contracts.js +1 -0
- package/dist/contracts/workflow-runtime.contract.d.ts +45 -45
- package/dist/contracts/workflow-runtime.contract.js +1 -5
- package/dist/contracts/workflowRuntime.js +2 -0
- package/dist/contradictions/index.d.ts +8 -8
- package/dist/contradictions/index.js +1 -0
- package/dist/control-plane.d.ts +10 -10
- package/dist/control-plane.js +2 -2
- package/dist/controlObjectOwnership.d.ts +11 -11
- package/dist/controlObjectOwnership.js +1 -0
- package/dist/coreClient.d.ts +51 -51
- package/dist/coreClient.js +269 -101
- package/dist/customTools.d.ts +19 -19
- package/dist/customTools.js +4 -2
- package/dist/decisions/index.d.ts +18 -18
- package/dist/decisions/index.js +1 -0
- package/dist/decisionsClient.d.ts +4 -4
- package/dist/decisionsClient.js +36 -27
- package/dist/edges/index.d.ts +20 -18
- package/dist/edges/index.js +1 -0
- package/dist/embeddingsClient.d.ts +29 -29
- package/dist/embeddingsClient.js +15 -8
- package/dist/eventingClient.d.ts +27 -27
- package/dist/eventingClient.js +10 -5
- package/dist/events.d.ts +83 -83
- package/dist/events.js +19 -15
- package/dist/eventsCore.d.ts +7 -7
- package/dist/eventsCore.js +11 -10
- package/dist/evidence/index.d.ts +23 -21
- package/dist/evidence/index.js +1 -0
- package/dist/evidenceClient.d.ts +23 -23
- package/dist/evidenceClient.js +10 -6
- package/dist/facade/context.d.ts +9 -9
- package/dist/facade/context.js +67 -41
- package/dist/functionSurface.js +2 -0
- package/dist/functionSurfaceClient.js +2 -0
- package/dist/gatewayFacades.d.ts +215 -215
- package/dist/gatewayFacades.factories.d.ts +23 -44
- package/dist/gatewayFacades.factories.js +63 -62
- package/dist/gatewayFacades.js +31 -32
- package/dist/graphAnalysisClient.d.ts +60 -60
- package/dist/graphAnalysisClient.js +19 -18
- package/dist/graphClient.d.ts +34 -34
- package/dist/graphClient.js +56 -35
- package/dist/graphIntel.js +2 -0
- package/dist/graphIntelligence.d.ts +2 -2
- package/dist/graphIntelligence.js +1 -1
- package/dist/graphRecommendationsClient.d.ts +24 -24
- package/dist/graphRecommendationsClient.js +12 -7
- package/dist/graphStateClassifierClient.d.ts +13 -13
- package/dist/graphStateClassifierClient.js +10 -5
- package/dist/harnessClient.d.ts +61 -61
- package/dist/harnessClient.js +44 -31
- package/dist/identityClient.d.ts +33 -59
- package/dist/identityClient.js +126 -98
- package/dist/index.d.ts +20 -20
- package/dist/index.js +20 -19
- package/dist/infisicalRuntime.d.ts +11 -11
- package/dist/infisicalRuntime.js +20 -14
- package/dist/jobsClient.d.ts +28 -28
- package/dist/jobsClient.js +6 -3
- package/dist/learningClient.js +13 -8
- package/dist/lenses/index.d.ts +124 -28
- package/dist/lenses/index.js +1 -0
- package/dist/mcpClient.d.ts +1 -1
- package/dist/mcpClient.js +3 -3
- package/dist/modelRuntimeClient.d.ts +27 -27
- package/dist/modelRuntimeClient.js +10 -5
- package/dist/nodes/index.d.ts +9 -9
- package/dist/nodes/index.js +1 -0
- package/dist/ontologies/index.d.ts +68 -22
- package/dist/ontologies/index.js +1 -0
- package/dist/ontologyClient.js +24 -17
- package/dist/ontologyLinksClient.d.ts +35 -35
- package/dist/ontologyLinksClient.js +9 -6
- package/dist/opinion.d.ts +3 -3
- package/dist/opinion.js +12 -5
- package/dist/orgGraphSearchClient.d.ts +39 -39
- package/dist/orgGraphSearchClient.js +22 -13
- package/dist/packsClient.d.ts +1 -1
- package/dist/packsClient.js +28 -19
- package/dist/policyClient.d.ts +79 -68
- package/dist/policyClient.js +18 -12
- package/dist/proof-attestation.json +1 -1
- package/dist/questions/index.d.ts +38 -27
- package/dist/questions/index.js +1 -0
- package/dist/realtime/index.d.ts +3 -3
- package/dist/realtime/index.js +1 -0
- package/dist/realtime/refs.d.ts +2 -2
- package/dist/{reportsClient.d.ts → reports-client.d.ts} +2 -2
- package/dist/{reportsClient.js → reports-client.js} +19 -13
- package/dist/{schemaClient.d.ts → schema-client.d.ts} +2 -3
- package/dist/{schemaClient.js → schema-client.js} +14 -11
- package/dist/sdkSurface.d.ts +12 -12
- package/dist/sdkSurface.js +14 -10
- package/dist/secrets.d.ts +1 -1
- package/dist/secrets.js +2 -1
- package/dist/{sourcesClient.d.ts → sources-client.d.ts} +8 -9
- package/dist/{sourcesClient.js → sources-client.js} +4 -5
- package/dist/{telemetryClient.d.ts → telemetry-client.d.ts} +14 -14
- package/dist/{telemetryClient.js → telemetry-client.js} +6 -4
- package/dist/toolRegistryClient.d.ts +46 -46
- package/dist/toolRegistryClient.js +22 -11
- package/dist/topics/index.d.ts +23 -23
- package/dist/topics/index.js +2 -1
- package/dist/topicsClient.d.ts +6 -6
- package/dist/topicsClient.js +29 -18
- package/dist/types.d.ts +356 -355
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/dist/workflowClient.d.ts +36 -35
- package/dist/workflowClient.js +88 -60
- package/dist/worktrees/index.d.ts +118 -32
- package/dist/worktrees/index.js +2 -1
- package/package.json +45 -5
- package/dist/audiencesClient.js +0 -115
- package/dist/clientAssemblyTypes.d.ts +0 -33
- package/dist/clientAssemblyTypes.js +0 -2
- package/dist/clientConfig.js +0 -2
package/dist/harnessClient.js
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
|
-
import
|
|
2
|
-
import {
|
|
1
|
+
// biome-ignore-all lint/style/useFilenamingConvention: This file is an @lucern/sdk public import ABI / package subpath compatibility surface; the camelCase filename is intentional.
|
|
2
|
+
import { createGatewayRequestClient,
|
|
3
|
+
// biome-ignore lint/style/noExportedImports: harnessClient preserves this legacy compatibility re-export while package root also exports coreClient.
|
|
4
|
+
LucernApiError, randomIdempotencyKey, toQueryString, } from "./coreClient.js";
|
|
5
|
+
import { createListResult, mapGatewayData, normalizeTopicQuery, } from "./sdkSurface.js";
|
|
3
6
|
export { LucernApiError };
|
|
4
7
|
/**
|
|
5
8
|
* Create the harness client for agent and tool registry operations.
|
|
@@ -10,15 +13,17 @@ export function createHarnessClient(config = {}) {
|
|
|
10
13
|
/**
|
|
11
14
|
* List agent definitions.
|
|
12
15
|
*/
|
|
13
|
-
|
|
14
|
-
return gateway
|
|
16
|
+
listAgentDefinitions(scope = {}) {
|
|
17
|
+
return gateway
|
|
18
|
+
.request({
|
|
15
19
|
path: `/api/platform/v1/harness/agents${toQueryString(scope)}`,
|
|
16
|
-
})
|
|
20
|
+
})
|
|
21
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "agents")));
|
|
17
22
|
},
|
|
18
23
|
/**
|
|
19
24
|
* Get an agent definition.
|
|
20
25
|
*/
|
|
21
|
-
|
|
26
|
+
getAgentDefinition(agentId, scope = {}) {
|
|
22
27
|
return gateway.request({
|
|
23
28
|
path: `/api/platform/v1/harness/agents/${encodeURIComponent(agentId)}${toQueryString(scope)}`,
|
|
24
29
|
});
|
|
@@ -26,7 +31,7 @@ export function createHarnessClient(config = {}) {
|
|
|
26
31
|
/**
|
|
27
32
|
* Create an agent definition.
|
|
28
33
|
*/
|
|
29
|
-
|
|
34
|
+
createAgentDefinition(input, idempotencyKey) {
|
|
30
35
|
return gateway.request({
|
|
31
36
|
path: "/api/platform/v1/harness/agents",
|
|
32
37
|
method: "POST",
|
|
@@ -37,7 +42,7 @@ export function createHarnessClient(config = {}) {
|
|
|
37
42
|
/**
|
|
38
43
|
* Update an agent definition.
|
|
39
44
|
*/
|
|
40
|
-
|
|
45
|
+
updateAgentDefinition(agentId, input, idempotencyKey) {
|
|
41
46
|
return gateway.request({
|
|
42
47
|
path: `/api/platform/v1/harness/agents/${encodeURIComponent(agentId)}`,
|
|
43
48
|
method: "PUT",
|
|
@@ -48,7 +53,7 @@ export function createHarnessClient(config = {}) {
|
|
|
48
53
|
/**
|
|
49
54
|
* Invoke a managed agent definition.
|
|
50
55
|
*/
|
|
51
|
-
|
|
56
|
+
invokeManagedAgentDefinition(agentId, input, idempotencyKey) {
|
|
52
57
|
return gateway.request({
|
|
53
58
|
path: `/api/platform/v1/harness/agents/${encodeURIComponent(agentId)}/runs`,
|
|
54
59
|
method: "POST",
|
|
@@ -62,23 +67,27 @@ export function createHarnessClient(config = {}) {
|
|
|
62
67
|
/**
|
|
63
68
|
* List runs for an agent definition.
|
|
64
69
|
*/
|
|
65
|
-
|
|
66
|
-
return gateway
|
|
70
|
+
listAgentRuns(agentId, scope = {}) {
|
|
71
|
+
return gateway
|
|
72
|
+
.request({
|
|
67
73
|
path: `/api/platform/v1/harness/agents/${encodeURIComponent(agentId)}/runs${toQueryString(scope)}`,
|
|
68
|
-
})
|
|
74
|
+
})
|
|
75
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "runs")));
|
|
69
76
|
},
|
|
70
77
|
/**
|
|
71
78
|
* List tool definitions.
|
|
72
79
|
*/
|
|
73
|
-
|
|
74
|
-
return gateway
|
|
80
|
+
listToolDefinitions(scope = {}) {
|
|
81
|
+
return gateway
|
|
82
|
+
.request({
|
|
75
83
|
path: `/api/platform/v1/harness/tools${toQueryString(scope)}`,
|
|
76
|
-
})
|
|
84
|
+
})
|
|
85
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "tools")));
|
|
77
86
|
},
|
|
78
87
|
/**
|
|
79
88
|
* Get a tool definition.
|
|
80
89
|
*/
|
|
81
|
-
|
|
90
|
+
getToolDefinition(toolId, scope = {}) {
|
|
82
91
|
return gateway.request({
|
|
83
92
|
path: `/api/platform/v1/harness/tools/${encodeURIComponent(toolId)}${toQueryString(scope)}`,
|
|
84
93
|
});
|
|
@@ -86,7 +95,7 @@ export function createHarnessClient(config = {}) {
|
|
|
86
95
|
/**
|
|
87
96
|
* Create a tool definition.
|
|
88
97
|
*/
|
|
89
|
-
|
|
98
|
+
createToolDefinition(input, idempotencyKey) {
|
|
90
99
|
return gateway.request({
|
|
91
100
|
path: "/api/platform/v1/harness/tools",
|
|
92
101
|
method: "POST",
|
|
@@ -97,7 +106,7 @@ export function createHarnessClient(config = {}) {
|
|
|
97
106
|
/**
|
|
98
107
|
* Update a tool definition.
|
|
99
108
|
*/
|
|
100
|
-
|
|
109
|
+
updateToolDefinition(toolId, input, idempotencyKey) {
|
|
101
110
|
return gateway.request({
|
|
102
111
|
path: `/api/platform/v1/harness/tools/${encodeURIComponent(toolId)}`,
|
|
103
112
|
method: "PUT",
|
|
@@ -108,7 +117,7 @@ export function createHarnessClient(config = {}) {
|
|
|
108
117
|
/**
|
|
109
118
|
* Execute a tool definition.
|
|
110
119
|
*/
|
|
111
|
-
|
|
120
|
+
executeToolDefinition(toolId, input = {}) {
|
|
112
121
|
return gateway.request({
|
|
113
122
|
path: `/api/platform/v1/harness/tools/${encodeURIComponent(toolId)}/execute`,
|
|
114
123
|
method: "POST",
|
|
@@ -118,15 +127,17 @@ export function createHarnessClient(config = {}) {
|
|
|
118
127
|
/**
|
|
119
128
|
* List run ledger entries.
|
|
120
129
|
*/
|
|
121
|
-
|
|
122
|
-
return gateway
|
|
130
|
+
listRunEntries(scope = {}) {
|
|
131
|
+
return gateway
|
|
132
|
+
.request({
|
|
123
133
|
path: `/api/platform/v1/harness/runs${toQueryString(scope)}`,
|
|
124
|
-
})
|
|
134
|
+
})
|
|
135
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "runs")));
|
|
125
136
|
},
|
|
126
137
|
/**
|
|
127
138
|
* Create a harness run.
|
|
128
139
|
*/
|
|
129
|
-
|
|
140
|
+
startHarnessRun(input, idempotencyKey) {
|
|
130
141
|
return gateway.request({
|
|
131
142
|
path: "/api/platform/v1/harness/runs",
|
|
132
143
|
method: "POST",
|
|
@@ -137,7 +148,7 @@ export function createHarnessClient(config = {}) {
|
|
|
137
148
|
/**
|
|
138
149
|
* Get a run ledger entry.
|
|
139
150
|
*/
|
|
140
|
-
|
|
151
|
+
getRunLedgerEntry(runId) {
|
|
141
152
|
return gateway.request({
|
|
142
153
|
path: `/api/platform/v1/harness/runs/${encodeURIComponent(runId)}`,
|
|
143
154
|
});
|
|
@@ -145,7 +156,7 @@ export function createHarnessClient(config = {}) {
|
|
|
145
156
|
/**
|
|
146
157
|
* Update a harness run with a ledger event.
|
|
147
158
|
*/
|
|
148
|
-
|
|
159
|
+
reportHarnessRunEvent(runId, input, idempotencyKey) {
|
|
149
160
|
return gateway.request({
|
|
150
161
|
path: `/api/platform/v1/harness/runs/${encodeURIComponent(runId)}/report`,
|
|
151
162
|
method: "POST",
|
|
@@ -156,7 +167,7 @@ export function createHarnessClient(config = {}) {
|
|
|
156
167
|
/**
|
|
157
168
|
* Update a harness run heartbeat.
|
|
158
169
|
*/
|
|
159
|
-
|
|
170
|
+
heartbeatHarnessRun(runId, input, idempotencyKey) {
|
|
160
171
|
return gateway.request({
|
|
161
172
|
path: `/api/platform/v1/harness/runs/${encodeURIComponent(runId)}/heartbeat`,
|
|
162
173
|
method: "POST",
|
|
@@ -167,7 +178,7 @@ export function createHarnessClient(config = {}) {
|
|
|
167
178
|
/**
|
|
168
179
|
* Complete a harness run.
|
|
169
180
|
*/
|
|
170
|
-
|
|
181
|
+
completeHarnessRun(runId, input, idempotencyKey) {
|
|
171
182
|
return gateway.request({
|
|
172
183
|
path: `/api/platform/v1/harness/runs/${encodeURIComponent(runId)}/complete`,
|
|
173
184
|
method: "POST",
|
|
@@ -178,15 +189,17 @@ export function createHarnessClient(config = {}) {
|
|
|
178
189
|
/**
|
|
179
190
|
* List prompt resolutions.
|
|
180
191
|
*/
|
|
181
|
-
|
|
182
|
-
return gateway
|
|
192
|
+
listPromptResolutions(query = {}) {
|
|
193
|
+
return gateway
|
|
194
|
+
.request({
|
|
183
195
|
path: `/api/platform/v1/harness/prompts${toQueryString(query)}`,
|
|
184
|
-
})
|
|
196
|
+
})
|
|
197
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "prompts")));
|
|
185
198
|
},
|
|
186
199
|
/**
|
|
187
200
|
* Get the harness scope taxonomy.
|
|
188
201
|
*/
|
|
189
|
-
|
|
202
|
+
getScopeTaxonomy() {
|
|
190
203
|
return gateway.request({
|
|
191
204
|
path: "/api/platform/v1/harness/scopes",
|
|
192
205
|
});
|
package/dist/identityClient.d.ts
CHANGED
|
@@ -1,69 +1,69 @@
|
|
|
1
|
-
import { type
|
|
1
|
+
import { type ResolvedInteractivePrincipalContext, type ResolveInteractivePrincipalInput } from "./control-plane";
|
|
2
|
+
import { type GatewayClientConfig, type GatewayScope, LucernApiError, type PlatformGatewaySuccess } from "./coreClient";
|
|
2
3
|
import type { JsonObject, ListResult, SdkPrincipalContext } from "./types";
|
|
3
|
-
import { type ResolveInteractivePrincipalInput, type ResolvedInteractivePrincipalContext } from "./control-plane";
|
|
4
4
|
/** Summary of the currently authenticated principal and their scopes. */
|
|
5
5
|
export type IdentitySummary = SdkPrincipalContext;
|
|
6
6
|
/** Gateway response wrapping an identity summary payload. */
|
|
7
7
|
export type IdentityWhoamiResponse = PlatformGatewaySuccess<IdentitySummary>;
|
|
8
|
-
export { LucernApiError };
|
|
9
8
|
export type { GatewayScope, PlatformGatewaySuccess } from "./coreClient";
|
|
9
|
+
export { LucernApiError };
|
|
10
10
|
/** Configuration for the identity client. */
|
|
11
11
|
export type IdentityClientConfig = GatewayClientConfig;
|
|
12
|
-
export
|
|
12
|
+
export interface ClerkUserSearchResult {
|
|
13
13
|
clerkId: string;
|
|
14
|
+
displayName: string | null;
|
|
14
15
|
email: string | null;
|
|
15
16
|
firstName: string | null;
|
|
16
|
-
lastName: string | null;
|
|
17
|
-
displayName: string | null;
|
|
18
17
|
imageUrl: string | null;
|
|
19
|
-
|
|
18
|
+
lastName: string | null;
|
|
19
|
+
}
|
|
20
20
|
export declare const TENANT_IDENTITY_FIELDS: readonly ["tenantId", "workspaceId", "principalId", "integrationKey", "secretRef", "policySubject", "policyAction", "policyResource", "decision", "config", "configKey", "configValue", "provider", "status", "metadata", "limit", "cursor"];
|
|
21
|
-
export
|
|
22
|
-
tenantId: string;
|
|
23
|
-
workspaceId?: string;
|
|
21
|
+
export interface TenantIdentityConfigRecord {
|
|
24
22
|
config?: JsonObject | null;
|
|
25
23
|
metadata?: JsonObject | null;
|
|
24
|
+
tenantId: string;
|
|
26
25
|
updatedAt?: number;
|
|
27
26
|
updatedBy?: string;
|
|
28
|
-
};
|
|
29
|
-
export type TenantIntegrationRecord = {
|
|
30
|
-
tenantId: string;
|
|
31
27
|
workspaceId?: string;
|
|
28
|
+
}
|
|
29
|
+
export interface TenantIntegrationRecord {
|
|
30
|
+
createdAt?: number;
|
|
32
31
|
integrationKey: string;
|
|
32
|
+
metadata?: JsonObject | null;
|
|
33
33
|
provider?: string;
|
|
34
34
|
status?: string;
|
|
35
|
-
metadata?: JsonObject | null;
|
|
36
|
-
createdAt?: number;
|
|
37
|
-
updatedAt?: number;
|
|
38
|
-
};
|
|
39
|
-
export type TenantSecretReference = {
|
|
40
35
|
tenantId: string;
|
|
36
|
+
updatedAt?: number;
|
|
41
37
|
workspaceId?: string;
|
|
38
|
+
}
|
|
39
|
+
export interface TenantSecretReference {
|
|
42
40
|
integrationKey?: string;
|
|
41
|
+
metadata?: JsonObject | null;
|
|
43
42
|
secretRef: string;
|
|
44
43
|
status?: string;
|
|
45
|
-
metadata?: JsonObject | null;
|
|
46
|
-
updatedAt?: number;
|
|
47
|
-
};
|
|
48
|
-
export type PolicyDecisionRecord = {
|
|
49
44
|
tenantId: string;
|
|
45
|
+
updatedAt?: number;
|
|
50
46
|
workspaceId?: string;
|
|
51
|
-
|
|
52
|
-
|
|
47
|
+
}
|
|
48
|
+
export interface PolicyDecisionRecord {
|
|
49
|
+
createdAt?: number;
|
|
50
|
+
decision: "allow" | "deny" | string;
|
|
51
|
+
metadata?: JsonObject | null;
|
|
53
52
|
policyAction: string;
|
|
54
53
|
policyResource: string;
|
|
55
|
-
|
|
54
|
+
policySubject: string;
|
|
55
|
+
principalId?: string;
|
|
56
56
|
reason?: string;
|
|
57
|
-
metadata?: JsonObject | null;
|
|
58
|
-
createdAt?: number;
|
|
59
|
-
};
|
|
60
|
-
export type TenantIdentityScope = {
|
|
61
57
|
tenantId: string;
|
|
62
58
|
workspaceId?: string;
|
|
63
|
-
|
|
64
|
-
|
|
59
|
+
}
|
|
60
|
+
export interface TenantIdentityScope {
|
|
65
61
|
cursor?: string;
|
|
66
|
-
|
|
62
|
+
limit?: number;
|
|
63
|
+
principalId?: string;
|
|
64
|
+
tenantId: string;
|
|
65
|
+
workspaceId?: string;
|
|
66
|
+
}
|
|
67
67
|
export type UpdateTenantConfigInput = TenantIdentityScope & {
|
|
68
68
|
config?: JsonObject;
|
|
69
69
|
configKey?: string;
|
|
@@ -102,33 +102,7 @@ export declare function createIdentityClient(config?: IdentityClientConfig): {
|
|
|
102
102
|
/**
|
|
103
103
|
* Resolve the current authenticated identity summary.
|
|
104
104
|
*/
|
|
105
|
-
whoami(): Promise<PlatformGatewaySuccess<
|
|
106
|
-
principalId: string;
|
|
107
|
-
principalType: "user" | "group" | "human" | "service" | "agent" | "external_viewer";
|
|
108
|
-
clerkId: string | undefined;
|
|
109
|
-
tenantId: string | null;
|
|
110
|
-
workspaceId: string | null;
|
|
111
|
-
scopes: string[];
|
|
112
|
-
roles: string[];
|
|
113
|
-
groupIds: string[];
|
|
114
|
-
permittedToolNames: string[];
|
|
115
|
-
permittedPackKeys: string[];
|
|
116
|
-
principalStatus: string | undefined;
|
|
117
|
-
tenantStatus: string | undefined;
|
|
118
|
-
workspaceStatus: string | undefined;
|
|
119
|
-
isPlatformAdmin: boolean;
|
|
120
|
-
isTenantAdmin: boolean;
|
|
121
|
-
isWorkspaceAdmin: boolean;
|
|
122
|
-
permit: {
|
|
123
|
-
subject: string;
|
|
124
|
-
tenant: string;
|
|
125
|
-
workspace?: string;
|
|
126
|
-
} | undefined;
|
|
127
|
-
authMode: string | undefined;
|
|
128
|
-
sessionId: string | undefined;
|
|
129
|
-
delegatedBy: string | undefined;
|
|
130
|
-
expiresAt: number | undefined;
|
|
131
|
-
}>>;
|
|
105
|
+
whoami(): Promise<PlatformGatewaySuccess<SdkPrincipalContext>>;
|
|
132
106
|
/**
|
|
133
107
|
* Resolve a Clerk subject through the tenant control-plane Permit projection.
|
|
134
108
|
* @deprecated Prefer lucern.controlPlane.identity.resolveInteractivePrincipal().
|
package/dist/identityClient.js
CHANGED
|
@@ -1,11 +1,14 @@
|
|
|
1
|
-
import
|
|
2
|
-
import { cleanRequiredString, knownPayload, listResultFromEnvelope, } from "./
|
|
3
|
-
import { createListResult, mapGatewayData } from "./sdkSurface.js";
|
|
1
|
+
// biome-ignore-all lint/style/useFilenamingConvention: This file is an @lucern/sdk public import ABI / package subpath compatibility surface; the camelCase filename is intentional.
|
|
2
|
+
import { cleanRequiredString, knownPayload, listResultFromEnvelope, } from "./boundary-client-surface.js";
|
|
4
3
|
import { normalizeResolvedInteractivePrincipal, } from "./control-plane.js";
|
|
4
|
+
import { createGatewayRequestClient,
|
|
5
|
+
// biome-ignore lint/style/noExportedImports: identityClient preserves this legacy compatibility re-export while package root also exports coreClient.
|
|
6
|
+
LucernApiError, randomIdempotencyKey, toQueryString, } from "./coreClient.js";
|
|
7
|
+
import { createListResult, mapGatewayData } from "./sdkSurface.js";
|
|
5
8
|
function createIdentityWhoamiClient(config = {}) {
|
|
6
9
|
const gateway = createGatewayRequestClient(config);
|
|
7
10
|
return {
|
|
8
|
-
|
|
11
|
+
whoami() {
|
|
9
12
|
return gateway.request({
|
|
10
13
|
path: "/api/platform/v1/identity/whoami",
|
|
11
14
|
});
|
|
@@ -44,6 +47,44 @@ function tenantIdentityQuery(input) {
|
|
|
44
47
|
function tenantIdentityBody(input, operation) {
|
|
45
48
|
return knownPayload(input, TENANT_IDENTITY_FIELDS, operation);
|
|
46
49
|
}
|
|
50
|
+
function identityStringList(value) {
|
|
51
|
+
return Array.isArray(value) ? value : [];
|
|
52
|
+
}
|
|
53
|
+
function fallbackPermit(data) {
|
|
54
|
+
if (!data.tenantId) {
|
|
55
|
+
return;
|
|
56
|
+
}
|
|
57
|
+
return {
|
|
58
|
+
subject: data.principalId,
|
|
59
|
+
tenant: data.tenantId,
|
|
60
|
+
...(data.workspaceId ? { workspace: data.workspaceId } : {}),
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
function normalizeIdentitySummary(data) {
|
|
64
|
+
return {
|
|
65
|
+
principalId: data.principalId,
|
|
66
|
+
principalType: data.principalType,
|
|
67
|
+
clerkId: data.clerkId,
|
|
68
|
+
tenantId: data.tenantId ?? null,
|
|
69
|
+
workspaceId: data.workspaceId ?? null,
|
|
70
|
+
scopes: identityStringList(data.scopes),
|
|
71
|
+
roles: identityStringList(data.roles),
|
|
72
|
+
groupIds: identityStringList(data.groupIds),
|
|
73
|
+
permittedToolNames: identityStringList(data.permittedToolNames),
|
|
74
|
+
permittedPackKeys: identityStringList(data.permittedPackKeys),
|
|
75
|
+
principalStatus: data.principalStatus,
|
|
76
|
+
tenantStatus: data.tenantStatus,
|
|
77
|
+
workspaceStatus: data.workspaceStatus,
|
|
78
|
+
isPlatformAdmin: data.isPlatformAdmin === true,
|
|
79
|
+
isTenantAdmin: data.isTenantAdmin === true,
|
|
80
|
+
isWorkspaceAdmin: data.isWorkspaceAdmin === true,
|
|
81
|
+
permit: data.permit ?? fallbackPermit(data),
|
|
82
|
+
authMode: data.authMode,
|
|
83
|
+
sessionId: data.sessionId,
|
|
84
|
+
delegatedBy: data.delegatedBy,
|
|
85
|
+
expiresAt: data.expiresAt,
|
|
86
|
+
};
|
|
87
|
+
}
|
|
47
88
|
/**
|
|
48
89
|
* Create the identity client for principals and API keys.
|
|
49
90
|
* @param config - Gateway transport configuration.
|
|
@@ -69,47 +110,16 @@ export function createIdentityClient(config = {}) {
|
|
|
69
110
|
/**
|
|
70
111
|
* Resolve the current authenticated identity summary.
|
|
71
112
|
*/
|
|
72
|
-
|
|
73
|
-
return whoamiClient
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
clerkId: data.clerkId,
|
|
77
|
-
tenantId: data.tenantId ?? null,
|
|
78
|
-
workspaceId: data.workspaceId ?? null,
|
|
79
|
-
scopes: Array.isArray(data.scopes) ? data.scopes : [],
|
|
80
|
-
roles: Array.isArray(data.roles) ? data.roles : [],
|
|
81
|
-
groupIds: Array.isArray(data.groupIds) ? data.groupIds : [],
|
|
82
|
-
permittedToolNames: Array.isArray(data.permittedToolNames)
|
|
83
|
-
? data.permittedToolNames
|
|
84
|
-
: [],
|
|
85
|
-
permittedPackKeys: Array.isArray(data.permittedPackKeys)
|
|
86
|
-
? data.permittedPackKeys
|
|
87
|
-
: [],
|
|
88
|
-
principalStatus: data.principalStatus,
|
|
89
|
-
tenantStatus: data.tenantStatus,
|
|
90
|
-
workspaceStatus: data.workspaceStatus,
|
|
91
|
-
isPlatformAdmin: data.isPlatformAdmin === true,
|
|
92
|
-
isTenantAdmin: data.isTenantAdmin === true,
|
|
93
|
-
isWorkspaceAdmin: data.isWorkspaceAdmin === true,
|
|
94
|
-
permit: data.permit ??
|
|
95
|
-
(data.tenantId
|
|
96
|
-
? {
|
|
97
|
-
subject: data.principalId,
|
|
98
|
-
tenant: data.tenantId,
|
|
99
|
-
...(data.workspaceId ? { workspace: data.workspaceId } : {}),
|
|
100
|
-
}
|
|
101
|
-
: undefined),
|
|
102
|
-
authMode: data.authMode,
|
|
103
|
-
sessionId: data.sessionId,
|
|
104
|
-
delegatedBy: data.delegatedBy,
|
|
105
|
-
expiresAt: data.expiresAt,
|
|
106
|
-
})));
|
|
113
|
+
whoami() {
|
|
114
|
+
return whoamiClient
|
|
115
|
+
.whoami()
|
|
116
|
+
.then((response) => mapGatewayData(response, normalizeIdentitySummary));
|
|
107
117
|
},
|
|
108
118
|
/**
|
|
109
119
|
* Resolve a Clerk subject through the tenant control-plane Permit projection.
|
|
110
120
|
* @deprecated Prefer lucern.controlPlane.identity.resolveInteractivePrincipal().
|
|
111
121
|
*/
|
|
112
|
-
|
|
122
|
+
resolveInteractivePrincipal(input) {
|
|
113
123
|
return gateway
|
|
114
124
|
.request({
|
|
115
125
|
path: "/api/platform/v1/control-plane/identity/resolve-interactive-principal",
|
|
@@ -121,15 +131,17 @@ export function createIdentityClient(config = {}) {
|
|
|
121
131
|
/**
|
|
122
132
|
* List principals in the current identity scope.
|
|
123
133
|
*/
|
|
124
|
-
|
|
125
|
-
return gateway
|
|
134
|
+
listPrincipals(query = {}) {
|
|
135
|
+
return gateway
|
|
136
|
+
.request({
|
|
126
137
|
path: `/api/platform/v1/identity/principals${toQueryString(query)}`,
|
|
127
|
-
})
|
|
138
|
+
})
|
|
139
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "principals")));
|
|
128
140
|
},
|
|
129
141
|
/**
|
|
130
142
|
* Create a principal.
|
|
131
143
|
*/
|
|
132
|
-
|
|
144
|
+
createPrincipal(input, idempotencyKey) {
|
|
133
145
|
return requestPrincipalWrite("POST", input, idempotencyKey);
|
|
134
146
|
},
|
|
135
147
|
/**
|
|
@@ -143,15 +155,17 @@ export function createIdentityClient(config = {}) {
|
|
|
143
155
|
/**
|
|
144
156
|
* List keys in the current identity scope.
|
|
145
157
|
*/
|
|
146
|
-
|
|
147
|
-
return gateway
|
|
158
|
+
listKeys(query = {}) {
|
|
159
|
+
return gateway
|
|
160
|
+
.request({
|
|
148
161
|
path: `/api/platform/v1/identity/keys${toQueryString(query)}`,
|
|
149
|
-
})
|
|
162
|
+
})
|
|
163
|
+
.then((response) => mapGatewayData(response, (data) => createListResult(Array.isArray(data) ? data : [], "keys")));
|
|
150
164
|
},
|
|
151
165
|
/**
|
|
152
166
|
* Create an API key.
|
|
153
167
|
*/
|
|
154
|
-
|
|
168
|
+
createKey(input, idempotencyKey) {
|
|
155
169
|
return gateway.request({
|
|
156
170
|
path: "/api/platform/v1/identity/keys",
|
|
157
171
|
method: "POST",
|
|
@@ -162,7 +176,7 @@ export function createIdentityClient(config = {}) {
|
|
|
162
176
|
/**
|
|
163
177
|
* Rotate an API key.
|
|
164
178
|
*/
|
|
165
|
-
|
|
179
|
+
rotateKey(keyId, input = {}, idempotencyKey) {
|
|
166
180
|
return gateway.request({
|
|
167
181
|
path: `/api/platform/v1/identity/keys/${encodeURIComponent(keyId)}/rotate`,
|
|
168
182
|
method: "POST",
|
|
@@ -181,75 +195,89 @@ export function createIdentityClient(config = {}) {
|
|
|
181
195
|
/**
|
|
182
196
|
* Search Clerk users by email or display attributes.
|
|
183
197
|
*/
|
|
184
|
-
|
|
198
|
+
searchClerkUsers(q) {
|
|
185
199
|
return gateway.request({
|
|
186
200
|
path: `/api/platform/v1/identity/clerk-users${toQueryString({ q })}`,
|
|
187
201
|
});
|
|
188
202
|
},
|
|
189
|
-
|
|
203
|
+
getTenantConfig(input) {
|
|
190
204
|
return gateway.request({
|
|
191
205
|
path: `/api/platform/v1/identity/tenant-config${toQueryString(tenantIdentityQuery(input))}`,
|
|
192
206
|
});
|
|
193
207
|
},
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
208
|
+
updateTenantConfig(input, idempotencyKey) {
|
|
209
|
+
return Promise.resolve().then(() => {
|
|
210
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
211
|
+
return gateway.request({
|
|
212
|
+
path: "/api/platform/v1/identity/tenant-config",
|
|
213
|
+
method: "PATCH",
|
|
214
|
+
body: tenantIdentityBody(input, "identity.updateTenantConfig"),
|
|
215
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey(),
|
|
216
|
+
});
|
|
201
217
|
});
|
|
202
218
|
},
|
|
203
|
-
|
|
204
|
-
return gateway
|
|
219
|
+
listIntegrations(input) {
|
|
220
|
+
return gateway
|
|
221
|
+
.request({
|
|
205
222
|
path: `/api/platform/v1/identity/integrations${toQueryString(tenantIdentityQuery(input))}`,
|
|
206
|
-
})
|
|
223
|
+
})
|
|
224
|
+
.then((response) => mapGatewayData(response, (data) => listResultFromEnvelope(data, "integrations")));
|
|
207
225
|
},
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
226
|
+
upsertIntegration(input, idempotencyKey) {
|
|
227
|
+
return Promise.resolve().then(() => {
|
|
228
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
229
|
+
cleanRequiredString(input.integrationKey, "integrationKey");
|
|
230
|
+
return gateway.request({
|
|
231
|
+
path: "/api/platform/v1/identity/integrations",
|
|
232
|
+
method: "PUT",
|
|
233
|
+
body: tenantIdentityBody(input, "identity.upsertIntegration"),
|
|
234
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey(),
|
|
235
|
+
});
|
|
216
236
|
});
|
|
217
237
|
},
|
|
218
|
-
|
|
219
|
-
return gateway
|
|
238
|
+
listSecrets(input) {
|
|
239
|
+
return gateway
|
|
240
|
+
.request({
|
|
220
241
|
path: `/api/platform/v1/identity/secrets${toQueryString(tenantIdentityQuery(input))}`,
|
|
221
|
-
})
|
|
242
|
+
})
|
|
243
|
+
.then((response) => mapGatewayData(response, (data) => listResultFromEnvelope(data, "secrets")));
|
|
222
244
|
},
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
245
|
+
putSecretReference(input, idempotencyKey) {
|
|
246
|
+
return Promise.resolve().then(() => {
|
|
247
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
248
|
+
cleanRequiredString(input.secretRef, "secretRef");
|
|
249
|
+
return gateway.request({
|
|
250
|
+
path: "/api/platform/v1/identity/secrets",
|
|
251
|
+
method: "PUT",
|
|
252
|
+
body: tenantIdentityBody(input, "identity.putSecretReference"),
|
|
253
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey(),
|
|
254
|
+
});
|
|
231
255
|
});
|
|
232
256
|
},
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
257
|
+
evaluatePolicy(input, idempotencyKey) {
|
|
258
|
+
return Promise.resolve().then(() => {
|
|
259
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
260
|
+
cleanRequiredString(input.policySubject, "policySubject");
|
|
261
|
+
cleanRequiredString(input.policyAction, "policyAction");
|
|
262
|
+
cleanRequiredString(input.policyResource, "policyResource");
|
|
263
|
+
return gateway.request({
|
|
264
|
+
path: "/api/platform/v1/identity/policy/evaluate",
|
|
265
|
+
method: "POST",
|
|
266
|
+
body: tenantIdentityBody(input, "identity.evaluatePolicy"),
|
|
267
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey(),
|
|
268
|
+
});
|
|
243
269
|
});
|
|
244
270
|
},
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
271
|
+
recordPolicyDecision(input, idempotencyKey) {
|
|
272
|
+
return Promise.resolve().then(() => {
|
|
273
|
+
cleanRequiredString(input.tenantId, "tenantId");
|
|
274
|
+
cleanRequiredString(input.decision, "decision");
|
|
275
|
+
return gateway.request({
|
|
276
|
+
path: "/api/platform/v1/identity/policy/decisions",
|
|
277
|
+
method: "POST",
|
|
278
|
+
body: tenantIdentityBody(input, "identity.recordPolicyDecision"),
|
|
279
|
+
idempotencyKey: idempotencyKey ?? randomIdempotencyKey(),
|
|
280
|
+
});
|
|
253
281
|
});
|
|
254
282
|
},
|
|
255
283
|
};
|