@magemetrics/core 0.5.4 → 0.6.0

package/dist/index.js

@@ -1,7 +1,7 @@
+import { sha256 } from '@noble/hashes/sha2.js';
 import z5, { z } from 'zod';
 import { GoTrueClient } from '@supabase/auth-js';
-import createApiClient from 'openapi-fetch';
-import { sha256 } from '@noble/hashes/sha2.js';
+import createApiClient2 from 'openapi-fetch';
 import dayjs from 'dayjs';
 import customParseFormat from 'dayjs/plugin/customParseFormat.js';
 import relativeTime from 'dayjs/plugin/relativeTime.js';
@@ -11,6 +11,7 @@ import { DefaultChatTransport } from 'ai';
 
 // ../shared/dist/src/api/client/middleware.js
 var HEADER_CLIENT_VERSION = "X-Client-Version";
+var HEADER_SP_TOKEN = "sp-access-token";
 var HEADER_API_KEY = "X-Api-Key";
 var ApiError = class extends Error {
   extra;
@@ -54,6 +55,102 @@ var addApiKeyHeader = (apiKey) => {
   };
 };
 
+// package.json
+var package_default = {
+  version: "0.6.0"};
+
+// src/core/MageMetricsEventEmitter.ts
+var MageMetricsEventEmitter = class {
+  listeners = /* @__PURE__ */ new Map();
+  addEventListener(type, listener, options) {
+    if (!this.listeners.has(type)) {
+      this.listeners.set(type, /* @__PURE__ */ new Set());
+    }
+    if (options?.signal) {
+      if (options.signal.aborted) {
+        return;
+      }
+      const abortHandler = () => {
+        this.removeEventListener(type, listener);
+      };
+      options.signal.addEventListener("abort", abortHandler, { once: true });
+    }
+    this.listeners.get(type).add(listener);
+  }
+  removeEventListener(type, listener) {
+    const typeListeners = this.listeners.get(type);
+    if (typeListeners) {
+      typeListeners.delete(listener);
+      if (typeListeners.size === 0) {
+        this.listeners.delete(type);
+      }
+    }
+  }
+  dispatch(type, detail) {
+    const typeListeners = this.listeners.get(type);
+    if (typeListeners) {
+      const event = { type, detail };
+      typeListeners.forEach((listener) => {
+        try {
+          listener(event);
+        } catch (error) {
+          console.error(`Error in event listener for "${type}":`, error);
+        }
+      });
+    }
+  }
+};
+
+// src/core/auth/DirectAuthProvider.ts
+var MM_CLIENT_VERSION = package_default.version;
+var DirectAuthProvider = class {
+  state = "initializing";
+  jwt;
+  events = new MageMetricsEventEmitter();
+  constructor(jwt) {
+    this.jwt = jwt;
+  }
+  async initialize() {
+    return Promise.resolve(this.setState("ready"));
+  }
+  async getHeaders() {
+    return Promise.resolve({
+      [HEADER_CLIENT_VERSION]: MM_CLIENT_VERSION,
+      [HEADER_SP_TOKEN]: this.jwt
+    });
+  }
+  getState() {
+    return this.state;
+  }
+  async updateExternalJwt(jwt) {
+    this.jwt = jwt;
+    return Promise.resolve(this.setState("ready"));
+  }
+  async logout() {
+    return Promise.resolve(this.setState("initializing"));
+  }
+  getSupabaseClient() {
+    return null;
+  }
+  addEventListener(type, listener, options) {
+    this.events.addEventListener(type, listener, options);
+  }
+  removeEventListener(type, listener) {
+    this.events.removeEventListener(type, listener);
+  }
+  setState(state) {
+    this.state = state;
+    this.state = state;
+    this.events.dispatch("authStateChange", state);
+  }
+};
+var hashString = (value) => {
+  const encoder = new TextEncoder();
+  const data = encoder.encode(value);
+  const hash = sha256(data);
+  return Array.from(hash).map((b) => b.toString(16).padStart(2, "0")).join("");
+};
+
 // ../../node_modules/.pnpm/@asteasolutions+zod-to-openapi@8.1.0_zod@4.1.13/node_modules/@asteasolutions/zod-to-openapi/dist/index.mjs
 function __rest(s, e) {
   var t = {};
@@ -274,114 +371,472 @@ var Metadata = class {
     }
     return typeName ? void 0 : schema;
   }
-  static getMetadataFromInternalRegistry(zodSchema) {
-    return zodToOpenAPIRegistry.get(zodSchema);
+  static getMetadataFromInternalRegistry(zodSchema) {
+    return zodToOpenAPIRegistry.get(zodSchema);
+  }
+  static getMetadataFromRegistry(zodSchema) {
+    const internal = this.getMetadataFromInternalRegistry(zodSchema);
+    const general = zodSchema.meta();
+    if (!internal) {
+      return general;
+    }
+    const { _internal } = internal, rest = __rest(internal, ["_internal"]);
+    const _a = general !== null && general !== void 0 ? general : {}, { id, title } = _a, restGeneral = __rest(_a, ["id", "title"]);
+    return Object.assign(Object.assign(Object.assign({ _internal: Object.assign(Object.assign({}, id ? { refId: id } : {}), _internal) }, rest), title ? { description: title } : {}), restGeneral);
+  }
+  static setMetadataInRegistry(zodSchema, metadata) {
+    zodToOpenAPIRegistry.add(zodSchema, metadata);
+  }
+};
+function preserveMetadataFromModifier(zodSchema, modifier) {
+  const zodModifier = zodSchema[modifier];
+  if (typeof zodModifier !== "function") {
+    return;
+  }
+  zodSchema[modifier] = function(...args) {
+    const result = zodModifier.apply(this, args);
+    const meta = Metadata.getMetadataFromRegistry(this);
+    if (meta) {
+      Metadata.setMetadataInRegistry(result, meta);
+    }
+    return result;
+  };
+}
+function extendZodWithOpenApi(zod) {
+  if (typeof zod.ZodType.prototype.openapi !== "undefined") {
+    return;
+  }
+  zod.ZodType.prototype.openapi = function(...args) {
+    const { refId, metadata, options } = getOpenApiConfiguration(...args);
+    const _a = metadata !== null && metadata !== void 0 ? metadata : {}, { param } = _a, restOfOpenApi = __rest(_a, ["param"]);
+    const allMetadata = Metadata.getMetadataFromRegistry(this);
+    const _b = allMetadata !== null && allMetadata !== void 0 ? allMetadata : {}, { _internal: internalMetadata } = _b, currentMetadata = __rest(_b, ["_internal"]);
+    const _internal = Object.assign(Object.assign(Object.assign({}, internalMetadata), options), refId ? { refId } : void 0);
+    const resultMetadata = Object.assign(Object.assign(Object.assign({}, currentMetadata), restOfOpenApi), (currentMetadata === null || currentMetadata === void 0 ? void 0 : currentMetadata.param) || param ? {
+      param: Object.assign(Object.assign({}, currentMetadata === null || currentMetadata === void 0 ? void 0 : currentMetadata.param), param)
+    } : void 0);
+    const result = new this.constructor(this._def);
+    Metadata.setMetadataInRegistry(result, Object.assign(Object.assign({}, Object.keys(_internal).length > 0 ? { _internal } : void 0), resultMetadata));
+    if (isZodType(result, "ZodObject")) {
+      const currentMetadata2 = Metadata.getMetadataFromRegistry(result);
+      const originalExtend = result.extend;
+      result.extend = function(...args2) {
+        const extendedResult = originalExtend.apply(result, args2);
+        const _a2 = currentMetadata2 !== null && currentMetadata2 !== void 0 ? currentMetadata2 : {}, { _internal: _internal2 } = _a2, rest = __rest(_a2, ["_internal"]);
+        Metadata.setMetadataInRegistry(extendedResult, {
+          _internal: {
+            extendedFrom: (_internal2 === null || _internal2 === void 0 ? void 0 : _internal2.refId) ? { refId: _internal2.refId, schema: result } : _internal2 === null || _internal2 === void 0 ? void 0 : _internal2.extendedFrom
+          }
+        });
+        return extendedResult.openapi(rest);
+      };
+      preserveMetadataFromModifier(result, "catchall");
+    }
+    preserveMetadataFromModifier(result, "optional");
+    preserveMetadataFromModifier(result, "nullable");
+    preserveMetadataFromModifier(result, "default");
+    preserveMetadataFromModifier(result, "transform");
+    preserveMetadataFromModifier(result, "refine");
+    preserveMetadataFromModifier(result, "length");
+    preserveMetadataFromModifier(result, "min");
+    preserveMetadataFromModifier(result, "max");
+    const originalMeta = result.meta;
+    result.meta = function(...args2) {
+      const result2 = originalMeta.apply(this, args2);
+      if (args2[0]) {
+        const meta = Metadata.getMetadataFromInternalRegistry(this);
+        if (meta) {
+          Metadata.setMetadataInRegistry(result2, Object.assign(Object.assign({}, meta), args2[0]));
+        }
+      }
+      return result2;
+    };
+    return result;
+  };
+}
+function getOpenApiConfiguration(refOrOpenapi, metadataOrOptions, options) {
+  if (typeof refOrOpenapi === "string") {
+    return {
+      refId: refOrOpenapi,
+      metadata: metadataOrOptions,
+      options
+    };
+  }
+  return {
+    refId: void 0,
+    metadata: refOrOpenapi,
+    options: metadataOrOptions
+  };
+}
+new Set(".\\+*[^]$()");
+var createRoute = (routeConfig) => {
+  const route = {
+    ...routeConfig,
+    getRoutingPath() {
+      return routeConfig.path.replaceAll(/\/{(.+?)}/g, "/:$1");
+    }
+  };
+  return Object.defineProperty(route, "getRoutingPath", { enumerable: false });
+};
+extendZodWithOpenApi(z);
+
+// ../shared/dist/src/endpoints/auth.routes.js
+var GetApiInformationInputSchema = z.object({
+  apiKey: z.string()
+});
+var GetApiInformationOutputSchema = z.object({
+  apiUrl: z.string(),
+  anonKey: z.string()
+});
+var GetApiInformation = createRoute({
+  method: "get",
+  path: "/api/v1/auth/apiInformation",
+  operationId: "getApiInformation",
+  request: {
+    query: GetApiInformationInputSchema
+  },
+  responses: {
+    200: {
+      content: {
+        "application/json": {
+          schema: GetApiInformationOutputSchema
+        }
+      },
+      description: "Retrieve the API URL and anon key"
+    },
+    400: {
+      content: {
+        "application/json": {
+          schema: z.object({ error: z.string() })
+        }
+      },
+      description: "Invalid input"
+    },
+    500: {
+      content: {
+        "application/json": {
+          schema: z.object({
+            error: z.string()
+          })
+        }
+      },
+      description: "Unable to retrieve the API URL and anon key"
+    }
+  }
+});
+createRoute({
+  hide: true,
+  method: "get",
+  path: "/api/auth/apiInformation",
+  operationId: "getApiInformation",
+  request: {
+    query: GetApiInformationInputSchema
+  },
+  responses: {
+    200: {
+      content: {
+        "application/json": {
+          schema: GetApiInformationOutputSchema
+        }
+      },
+      description: "Retrieve the API URL and anon key"
+    },
+    400: {
+      content: {
+        "application/json": {
+          schema: z.object({ error: z.string() })
+        }
+      },
+      description: "Invalid input"
+    },
+    500: {
+      content: {
+        "application/json": {
+          schema: z.object({
+            error: z.string()
+          })
+        }
+      },
+      description: "Unable to retrieve the API URL and anon key"
+    }
+  }
+});
+var ExchangeExternalTokenInputSchema = z.object({
+  apiKey: z.string(),
+  externalJWT: z.string()
+});
+var ExchangeExternalTokenOutputSchema = z.object({
+  accessToken: z.string(),
+  refreshToken: z.string()
+});
+var ExchangeExternalToken = createRoute({
+  method: "post",
+  path: "/api/v1/auth/exchangeExternalToken",
+  operationId: "exchangeExternalToken",
+  request: {
+    body: {
+      required: true,
+      content: {
+        "application/json": {
+          schema: ExchangeExternalTokenInputSchema
+        }
+      }
+    }
+  },
+  responses: {
+    200: {
+      content: {
+        "application/json": {
+          schema: ExchangeExternalTokenOutputSchema
+        }
+      },
+      description: "Retrieve a JWT for an external user"
+    },
+    400: {
+      content: {
+        "application/json": {
+          schema: z.object({ error: z.string() })
+        }
+      },
+      description: "Invalid input"
+    },
+    500: {
+      content: {
+        "application/json": {
+          schema: z.object({
+            error: z.string()
+          })
+        }
+      },
+      description: "Unable to retrieve a JWT for an external user"
+    }
+  }
+});
+
+// src/core/types.ts
+var TOKEN_STORAGE_KEY = "mm-ai-sp-token";
+var CHECK_KEY = "mm-ai-check-key";
+
+// src/core/auth/ExternalAuthProvider.ts
+var MM_CLIENT_VERSION2 = package_default.version;
+var ExternalAuthProvider = class {
+  config;
+  state = "initializing";
+  supabaseClient = null;
+  noAuthApiClient = null;
+  authApiResponse = null;
+  processedJwt = Symbol("initial");
+  userId = null;
+  events = new MageMetricsEventEmitter();
+  constructor(config) {
+    this.config = config;
+  }
+  async initialize() {
+    try {
+      this.setState("initializing");
+      const apiInfo = await this.getApiInformation();
+      this.initializeSupabaseClient(apiInfo.anonKey, apiInfo.apiUrl);
+      await this.handleAuthentication();
+      if (this.config.externalJwt) {
+        await this.saveCheckKey(this.config.externalJwt, this.config.apiKey);
+      }
+      this.setState("ready");
+    } catch (error) {
+      console.error("Authentication flow failed:", error);
+      this.setState("error");
+      throw error;
+    }
+  }
+  async getHeaders() {
+    if (!this.supabaseClient) {
+      return {};
+    }
+    const session = await this.supabaseClient.getSession();
+    if (!session.data.session) {
+      return {};
+    }
+    const { access_token } = session.data.session;
+    return {
+      [HEADER_CLIENT_VERSION]: MM_CLIENT_VERSION2,
+      [HEADER_SP_TOKEN]: access_token
+    };
+  }
+  getState() {
+    return this.state;
+  }
+  async updateExternalJwt(jwt) {
+    if (this.config.externalJwt === jwt) return;
+    this.config.externalJwt = jwt;
+    this.processedJwt = Symbol("updating");
+    await this.initialize();
+  }
+  async logout() {
+    if (this.supabaseClient) {
+      await this.supabaseClient.signOut({ scope: "local" });
+    }
+    await this.clearStorage();
+  }
+  getSupabaseClient() {
+    return this.supabaseClient;
+  }
+  addEventListener(type, listener, options) {
+    this.events.addEventListener(type, listener, options);
+  }
+  removeEventListener(type, listener) {
+    this.events.removeEventListener(type, listener);
+  }
+  startAutoRefresh() {
+    return this.supabaseClient?.startAutoRefresh();
+  }
+  stopAutoRefresh() {
+    return this.supabaseClient?.stopAutoRefresh();
+  }
+  async getApiInformation() {
+    if (!this.noAuthApiClient || !this.authApiResponse) {
+      this.noAuthApiClient = createApiClient2({
+        baseUrl: this.config.apiUrl
+      });
+      this.noAuthApiClient.use(throwOnError);
+      this.noAuthApiClient.use(addVersionHeader(MM_CLIENT_VERSION2));
+      this.noAuthApiClient.use(addApiKeyHeader(this.config.apiKey));
+      const { data } = await this.noAuthApiClient.GET(GetApiInformation.path, {
+        params: {
+          query: {
+            apiKey: this.config.apiKey
+          }
+        }
+      });
+      if (!data) {
+        throw new Error("Failed to fetch API information");
+      }
+      this.authApiResponse = data;
+    }
+    return this.authApiResponse;
+  }
+  initializeSupabaseClient(anonKey, apiUrl) {
+    if (!this.supabaseClient) {
+      this.supabaseClient = new GoTrueClient({
+        url: `${apiUrl}/auth/v1`,
+        storageKey: TOKEN_STORAGE_KEY,
+        headers: {
+          apiKey: anonKey
+        },
+        storage: this.config.storage,
+        ...this.config.authOptions
+      });
+      this.supabaseClient.onAuthStateChange((event, session) => {
+        console.debug("Supabase auth state change:", event, !!session);
+        if (event === "SIGNED_IN" && session?.user) {
+          if (this.userId !== session.user.id && this.userId !== null) {
+            this.events.dispatch("userChange", { id: session.user.id });
+          }
+          this.userId = session.user.id;
+        }
+        if (event === "TOKEN_REFRESHED" && session) {
+          console.debug("Token refreshed successfully");
+          this.setState("ready");
+        } else if (event === "SIGNED_OUT") {
+          console.debug("User signed out");
+          void this.clearStorage();
+          this.setState("initializing");
+        }
+      });
+    }
+  }
+  async handleAuthentication() {
+    if (!this.supabaseClient) {
+      throw new Error("Supabase client not initialized");
+    }
+    if (this.processedJwt === this.config.externalJwt) {
+      return;
+    }
+    try {
+      const { data, error } = await this.supabaseClient.getSession();
+      if (error) {
+        console.error("Error getting session:", error);
+        this.processedJwt = this.config.externalJwt || "";
+        return;
+      }
+      const isCheckValid = await this.compareCheckKey(
+        this.config.externalJwt ?? "",
+        this.config.apiKey
+      );
+      if (data.session && this.config.externalJwt && isCheckValid) {
+        console.debug("Session found, authentication ready");
+        this.processedJwt = this.config.externalJwt || "";
+      } else if (this.config.externalJwt) {
+        console.debug("No session found, exchanging external JWT");
+        await this.clearCheckKey();
+        await this.exchangeExternalToken();
+        this.processedJwt = this.config.externalJwt;
+      } else {
+        console.debug("No session and no external JWT provided");
+        this.processedJwt = this.config.externalJwt || "";
+      }
+    } catch (error) {
+      console.error("Unhandled error during authentication:", error);
+      this.processedJwt = this.config.externalJwt || "";
+      throw error;
+    }
+  }
+  async exchangeExternalToken() {
+    if (!this.noAuthApiClient || !this.supabaseClient || !this.config.externalJwt) {
+      throw new Error(
+        "Required clients or JWT not available for token exchange"
+      );
+    }
+    const { data } = await this.noAuthApiClient.POST(
+      ExchangeExternalToken.path,
+      {
+        body: {
+          apiKey: this.config.apiKey,
+          externalJWT: this.config.externalJwt
+        },
+        headers: this.config.additionalHeaders || {}
+      }
+    );
+    if (!data) {
+      throw new Error("Failed to exchange tokens");
+    }
+    await this.supabaseClient.setSession({
+      access_token: data.accessToken,
+      refresh_token: data.refreshToken
+    });
+    console.debug("Token exchange successful, session set");
+  }
+  setState(state) {
+    this.state = state;
+    this.events.dispatch("authStateChange", state);
   }
-  static getMetadataFromRegistry(zodSchema) {
-    const internal = this.getMetadataFromInternalRegistry(zodSchema);
-    const general = zodSchema.meta();
-    if (!internal) {
-      return general;
-    }
-    const { _internal } = internal, rest = __rest(internal, ["_internal"]);
-    const _a = general !== null && general !== void 0 ? general : {}, { id, title } = _a, restGeneral = __rest(_a, ["id", "title"]);
-    return Object.assign(Object.assign(Object.assign({ _internal: Object.assign(Object.assign({}, id ? { refId: id } : {}), _internal) }, rest), title ? { description: title } : {}), restGeneral);
+  encodeCheckKey(externalJwt, apiKey) {
+    return hashString(
+      JSON.stringify({
+        externalJwt,
+        apiKey
+      })
+    );
   }
-  static setMetadataInRegistry(zodSchema, metadata) {
-    zodToOpenAPIRegistry.add(zodSchema, metadata);
+  async saveCheckKey(externalJwt, apiKey) {
+    const encodedKey = this.encodeCheckKey(externalJwt, apiKey);
+    await this.config.storage.setItem(CHECK_KEY, encodedKey);
   }
-};
-function preserveMetadataFromModifier(zodSchema, modifier) {
-  const zodModifier = zodSchema[modifier];
-  if (typeof zodModifier !== "function") {
-    return;
+  async compareCheckKey(externalJwt, apiKey) {
+    const storedKey = await this.config.storage.getItem(CHECK_KEY);
+    if (!storedKey) return false;
+    const newValue = this.encodeCheckKey(externalJwt, apiKey);
+    return storedKey === newValue;
   }
-  zodSchema[modifier] = function(...args) {
-    const result = zodModifier.apply(this, args);
-    const meta = Metadata.getMetadataFromRegistry(this);
-    if (meta) {
-      Metadata.setMetadataInRegistry(result, meta);
-    }
-    return result;
-  };
-}
-function extendZodWithOpenApi(zod) {
-  if (typeof zod.ZodType.prototype.openapi !== "undefined") {
-    return;
+  async clearCheckKey() {
+    await this.config.storage.removeItem(CHECK_KEY);
   }
-  zod.ZodType.prototype.openapi = function(...args) {
-    const { refId, metadata, options } = getOpenApiConfiguration(...args);
-    const _a = metadata !== null && metadata !== void 0 ? metadata : {}, { param } = _a, restOfOpenApi = __rest(_a, ["param"]);
-    const allMetadata = Metadata.getMetadataFromRegistry(this);
-    const _b = allMetadata !== null && allMetadata !== void 0 ? allMetadata : {}, { _internal: internalMetadata } = _b, currentMetadata = __rest(_b, ["_internal"]);
-    const _internal = Object.assign(Object.assign(Object.assign({}, internalMetadata), options), refId ? { refId } : void 0);
-    const resultMetadata = Object.assign(Object.assign(Object.assign({}, currentMetadata), restOfOpenApi), (currentMetadata === null || currentMetadata === void 0 ? void 0 : currentMetadata.param) || param ? {
-      param: Object.assign(Object.assign({}, currentMetadata === null || currentMetadata === void 0 ? void 0 : currentMetadata.param), param)
-    } : void 0);
-    const result = new this.constructor(this._def);
-    Metadata.setMetadataInRegistry(result, Object.assign(Object.assign({}, Object.keys(_internal).length > 0 ? { _internal } : void 0), resultMetadata));
-    if (isZodType(result, "ZodObject")) {
-      const currentMetadata2 = Metadata.getMetadataFromRegistry(result);
-      const originalExtend = result.extend;
-      result.extend = function(...args2) {
-        const extendedResult = originalExtend.apply(result, args2);
-        const _a2 = currentMetadata2 !== null && currentMetadata2 !== void 0 ? currentMetadata2 : {}, { _internal: _internal2 } = _a2, rest = __rest(_a2, ["_internal"]);
-        Metadata.setMetadataInRegistry(extendedResult, {
-          _internal: {
-            extendedFrom: (_internal2 === null || _internal2 === void 0 ? void 0 : _internal2.refId) ? { refId: _internal2.refId, schema: result } : _internal2 === null || _internal2 === void 0 ? void 0 : _internal2.extendedFrom
-          }
-        });
-        return extendedResult.openapi(rest);
-      };
-      preserveMetadataFromModifier(result, "catchall");
+  async clearStorage() {
+    try {
+      await this.config.storage.removeItem(TOKEN_STORAGE_KEY);
+      await this.config.storage.removeItem(CHECK_KEY);
+    } catch {
     }
-    preserveMetadataFromModifier(result, "optional");
-    preserveMetadataFromModifier(result, "nullable");
-    preserveMetadataFromModifier(result, "default");
-    preserveMetadataFromModifier(result, "transform");
-    preserveMetadataFromModifier(result, "refine");
-    preserveMetadataFromModifier(result, "length");
-    preserveMetadataFromModifier(result, "min");
-    preserveMetadataFromModifier(result, "max");
-    const originalMeta = result.meta;
-    result.meta = function(...args2) {
-      const result2 = originalMeta.apply(this, args2);
-      if (args2[0]) {
-        const meta = Metadata.getMetadataFromInternalRegistry(this);
-        if (meta) {
-          Metadata.setMetadataInRegistry(result2, Object.assign(Object.assign({}, meta), args2[0]));
-        }
-      }
-      return result2;
-    };
-    return result;
-  };
-}
-function getOpenApiConfiguration(refOrOpenapi, metadataOrOptions, options) {
-  if (typeof refOrOpenapi === "string") {
-    return {
-      refId: refOrOpenapi,
-      metadata: metadataOrOptions,
-      options
-    };
   }
-  return {
-    refId: void 0,
-    metadata: refOrOpenapi,
-    options: metadataOrOptions
-  };
-}
-new Set(".\\+*[^]$()");
-var createRoute = (routeConfig) => {
-  const route = {
-    ...routeConfig,
-    getRoutingPath() {
-      return routeConfig.path.replaceAll(/\/{(.+?)}/g, "/:$1");
-    }
-  };
-  return Object.defineProperty(route, "getRoutingPath", { enumerable: false });
 };
-extendZodWithOpenApi(z);
 
 // ../shared/dist/src/endpoints/admin-console/sqlPreview.routes.js
 var TanStackColumnSchema = z.object({
@@ -508,7 +963,7 @@ var columnsQueryParams = z.string().transform((str) => {
   type: "string"
 });
 var SupabaseUserHeaderSchema = z.object({
-  "sp-access-token": z.string()
+  [HEADER_SP_TOKEN]: z.string()
 });
 var SupabaseHeaderSchema = SupabaseUserHeaderSchema;
 var FEEDBACK_OPTIONS = [
@@ -601,7 +1056,20 @@ var ReportColumnSchema = z.looseObject({
   data_type: z.string(),
   null_count: z.number().nullable(),
   unique_count: z.number().nullable(),
-  unique_percentage: z.number().nullable()
+  unique_percentage: z.number().nullable(),
+  // Numeric column statistics
+  min_value: z.number().nullable().optional(),
+  max_value: z.number().nullable().optional(),
+  avg_value: z.number().nullable().optional(),
+  median_value: z.number().nullable().optional(),
+  std_value: z.number().nullable().optional(),
+  // Date column statistics
+  min_date: z.string().nullable().optional(),
+  max_date: z.string().nullable().optional(),
+  // String column statistics
+  min_length: z.number().nullable().optional(),
+  max_length: z.number().nullable().optional(),
+  avg_length: z.number().nullable().optional()
 });
 var MaterializationStatusSchema = z.enum([
   "completed",
@@ -1567,157 +2035,24 @@ createRoute({
       }
     },
     404: {
-      description: "Report not found",
-      content: {
-        "application/json": {
-          schema: z.object({
-            error: z.string()
-          })
-        }
-      }
-    },
-    500: {
-      description: "Something wrong happened",
-      content: {
-        "application/json": {
-          schema: z.object({
-            error: z.string()
-          })
-        }
-      }
-    }
-  }
-});
-
-// ../shared/dist/src/endpoints/auth.routes.js
-var GetApiInformationInputSchema = z.object({
-  apiKey: z.string()
-});
-var GetApiInformationOutputSchema = z.object({
-  apiUrl: z.string(),
-  anonKey: z.string()
-});
-var GetApiInformation = createRoute({
-  method: "get",
-  path: "/api/v1/auth/apiInformation",
-  operationId: "getApiInformation",
-  request: {
-    query: GetApiInformationInputSchema
-  },
-  responses: {
-    200: {
-      content: {
-        "application/json": {
-          schema: GetApiInformationOutputSchema
-        }
-      },
-      description: "Retrieve the API URL and anon key"
-    },
-    400: {
-      content: {
-        "application/json": {
-          schema: z.object({ error: z.string() })
-        }
-      },
-      description: "Invalid input"
-    },
-    500: {
-      content: {
-        "application/json": {
-          schema: z.object({
-            error: z.string()
-          })
-        }
-      },
-      description: "Unable to retrieve the API URL and anon key"
-    }
-  }
-});
-createRoute({
-  hide: true,
-  method: "get",
-  path: "/api/auth/apiInformation",
-  operationId: "getApiInformation",
-  request: {
-    query: GetApiInformationInputSchema
-  },
-  responses: {
-    200: {
-      content: {
-        "application/json": {
-          schema: GetApiInformationOutputSchema
-        }
-      },
-      description: "Retrieve the API URL and anon key"
-    },
-    400: {
-      content: {
-        "application/json": {
-          schema: z.object({ error: z.string() })
-        }
-      },
-      description: "Invalid input"
-    },
-    500: {
-      content: {
-        "application/json": {
-          schema: z.object({
-            error: z.string()
-          })
-        }
-      },
-      description: "Unable to retrieve the API URL and anon key"
-    }
-  }
-});
-var ExchangeExternalTokenInputSchema = z.object({
-  apiKey: z.string(),
-  externalJWT: z.string()
-});
-var ExchangeExternalTokenOutputSchema = z.object({
-  accessToken: z.string(),
-  refreshToken: z.string()
-});
-var ExchangeExternalToken = createRoute({
-  method: "post",
-  path: "/api/v1/auth/exchangeExternalToken",
-  operationId: "exchangeExternalToken",
-  request: {
-    body: {
-      required: true,
-      content: {
-        "application/json": {
-          schema: ExchangeExternalTokenInputSchema
-        }
-      }
-    }
-  },
-  responses: {
-    200: {
-      content: {
-        "application/json": {
-          schema: ExchangeExternalTokenOutputSchema
-        }
-      },
-      description: "Retrieve a JWT for an external user"
-    },
-    400: {
+      description: "Report not found",
       content: {
         "application/json": {
-          schema: z.object({ error: z.string() })
+          schema: z.object({
+            error: z.string()
+          })
         }
-      },
-      description: "Invalid input"
+      }
     },
     500: {
+      description: "Something wrong happened",
       content: {
         "application/json": {
           schema: z.object({
             error: z.string()
           })
         }
-      },
-      description: "Unable to retrieve a JWT for an external user"
+      }
     }
   }
 });
@@ -1982,12 +2317,6 @@ var createStorageAdapter = () => {
       return new MemoryStorageAdapter();
   }
 };
-var hashString = (value) => {
-  const encoder = new TextEncoder();
-  const data = encoder.encode(value);
-  const hash = sha256(data);
-  return Array.from(hash).map((b) => b.toString(16).padStart(2, "0")).join("");
-};
 
 // ../shared/dist/src/schemas/canvas.js
 var DATA_REPORT_LABEL = "dataReport";
@@ -2798,10 +3127,6 @@ var toSearchParams = ({ cursor, filters, sorting, limit }) => {
   }
   return params;
 };
-
-// package.json
-var package_default = {
-  version: "0.5.4"};
 var MageMetricsChatTransport = class extends DefaultChatTransport {
   constructor(apiUrl, flowId, options) {
     super({
@@ -2814,48 +3139,6 @@ var MageMetricsChatTransport = class extends DefaultChatTransport {
   }
 };
 
-// src/core/MageMetricsEventEmitter.ts
-var MageMetricsEventEmitter = class {
-  listeners = /* @__PURE__ */ new Map();
-  addEventListener(type, listener, options) {
-    if (!this.listeners.has(type)) {
-      this.listeners.set(type, /* @__PURE__ */ new Set());
-    }
-    if (options?.signal) {
-      if (options.signal.aborted) {
-        return;
-      }
-      const abortHandler = () => {
-        this.removeEventListener(type, listener);
-      };
-      options.signal.addEventListener("abort", abortHandler, { once: true });
-    }
-    this.listeners.get(type).add(listener);
-  }
-  removeEventListener(type, listener) {
-    const typeListeners = this.listeners.get(type);
-    if (typeListeners) {
-      typeListeners.delete(listener);
-      if (typeListeners.size === 0) {
-        this.listeners.delete(type);
-      }
-    }
-  }
-  dispatch(type, detail) {
-    const typeListeners = this.listeners.get(type);
-    if (typeListeners) {
-      const event = { type, detail };
-      typeListeners.forEach((listener) => {
-        try {
-          listener(event);
-        } catch (error) {
-          console.error(`Error in event listener for "${type}":`, error);
-        }
-      });
-    }
-  }
-};
-
 // src/core/resolvable.ts
 var resolve = (value) => {
   if (typeof value === "function") {
@@ -2864,45 +3147,54 @@ var resolve = (value) => {
   return Promise.resolve(value);
 };
 
-// src/core/types.ts
-var TOKEN_STORAGE_KEY = "mm-ai-sp-token";
-var CHECK_KEY = "mm-ai-check-key";
-
 // src/core/MageMetricsClient.ts
-var MM_CLIENT_VERSION = package_default.version;
+var MM_CLIENT_VERSION3 = package_default.version;
 var getPublicApiClient = (apiUrl, apiKey) => {
-  const client = createApiClient({ baseUrl: apiUrl });
+  const client = createApiClient2({ baseUrl: apiUrl });
   client.use(throwOnError);
-  client.use(addVersionHeader(MM_CLIENT_VERSION));
+  client.use(addVersionHeader(MM_CLIENT_VERSION3));
   client.use(addApiKeyHeader(apiKey));
   return client;
 };
 var MageMetricsClient = class {
   config;
-  authState = "initializing";
-  supabaseClient = null;
+  authProvider;
   internalApiClient;
-  noAuthApiClient = null;
-  authApiResponse = null;
   authPromise = null;
-  processedJwt = Symbol("initial");
-  userId = null;
-  storageAdapter;
-  events = new MageMetricsEventEmitter();
-  authOptions;
-  constructor(config, auth) {
+  constructor(config, authProviderOrAuthOptions) {
     this.config = config;
-    this.storageAdapter = config.storageAdapter || createStorageAdapter();
-    this.internalApiClient = createApiClient({
+    const isAuthProvider = authProviderOrAuthOptions && "initialize" in authProviderOrAuthOptions && "getHeaders" in authProviderOrAuthOptions;
+    if (isAuthProvider) {
+      this.authProvider = authProviderOrAuthOptions;
+    } else {
+      const storageAdapter = config.storageAdapter || createStorageAdapter();
+      this.authProvider = new ExternalAuthProvider({
+        apiUrl: config.apiUrl,
+        apiKey: config.apiKey,
+        externalJwt: config.externalJwt,
+        additionalHeaders: config.additionalHeaders,
+        storage: storageAdapter,
+        applicationName: config.applicationName,
+        authOptions: authProviderOrAuthOptions
+      });
+    }
+    this.internalApiClient = createApiClient2({
       baseUrl: this.config.apiUrl
     });
     this.internalApiClient.use(throwOnError);
     this.internalApiClient.use(this.createSupabaseHeaderMiddleware());
-    this.authOptions = auth || {};
   }
+  /* This is used by react-query query keys to identify unique clients
+   * we hash it to make it more digestible and safer to debug/log
+   */
   toJSON() {
     return {
-      config: this.encodeCheckKey(this.config.apiKey, this.config.apiUrl)
+      config: hashString(
+        JSON.stringify({
+          apiKey: this.config.apiKey,
+          apiUrl: this.config.apiUrl
+        })
+      )
     };
   }
   get apiConfig() {
@@ -2919,7 +3211,7 @@ var MageMetricsClient = class {
    * @param options.signal an optional AbortSignal to abort the event listener
    */
   addEventListener(type, listener, options) {
-    this.events.addEventListener(type, listener, options);
+    this.authProvider.addEventListener(type, listener, options);
   }
   /**
    * Remove an event listener
@@ -2927,60 +3219,42 @@ var MageMetricsClient = class {
    * @param listener the listener to remove
    */
   removeEventListener(type, listener) {
-    this.events.removeEventListener(type, listener);
+    this.authProvider.removeEventListener(type, listener);
   }
   async waitForAuth() {
-    if (this.authState === "ready") {
+    if (this.authProvider.getState() === "ready") {
       return Promise.resolve();
     }
-    if (this.authState === "error") {
+    if (this.authProvider.getState() === "error") {
       throw new Error("Authentication failed");
     }
     if (!this.authPromise) {
-      this.authPromise = this.performAuthFlow();
+      this.authPromise = this.authProvider.initialize();
     }
     return this.authPromise;
   }
   async updateExternalJwt(jwt) {
-    if (this.config.externalJwt === jwt) return;
-    this.config.externalJwt = jwt;
-    this.processedJwt = Symbol("updating");
-    await this.performAuthFlow();
+    await this.authProvider.updateExternalJwt(jwt);
   }
   get state() {
-    return this.authState;
+    return this.authProvider.getState();
   }
   async getHeaders() {
     await this.waitForAuth();
-    if (!this.supabaseClient) {
-      return {};
-    }
-    const session = await this.supabaseClient.getSession();
-    if (!session.data.session) {
-      return {};
-    }
-    const { access_token } = session.data.session;
-    return {
-      [HEADER_CLIENT_VERSION]: MM_CLIENT_VERSION,
-      "sp-access-token": access_token
-    };
-  }
-  async clearStorage() {
-    try {
-      await this.storageAdapter.removeItem(TOKEN_STORAGE_KEY);
-      await this.storageAdapter.removeItem(CHECK_KEY);
-    } catch {
-    }
+    return this.authProvider.getHeaders();
   }
   async logout() {
-    if (this.supabaseClient) {
-      await this.supabaseClient.signOut({ scope: "local" });
-    }
-    await this.clearStorage();
+    await this.authProvider.logout();
   }
   auth = {
-    startAutoRefresh: () => this.supabaseClient?.startAutoRefresh(),
-    stopAuthRefresh: () => this.supabaseClient?.startAutoRefresh()
+    startAutoRefresh: () => {
+      const supabaseClient = this.authProvider.getSupabaseClient();
+      return supabaseClient?.startAutoRefresh();
+    },
+    stopAuthRefresh: () => {
+      const supabaseClient = this.authProvider.getSupabaseClient();
+      return supabaseClient?.stopAutoRefresh();
+    }
   };
   /**
    * Public API methods that automatically wait for authentication
@@ -3387,156 +3661,13 @@ var MageMetricsClient = class {
       };
     }
   };
-  /**
-   * Perform the complete authentication flow
-   */
-  async performAuthFlow() {
-    try {
-      this.setState("initializing");
-      const apiInfo = await this.getApiInformation();
-      this.initializeSupabaseClient(apiInfo.anonKey, apiInfo.apiUrl);
-      await this.handleAuthentication();
-      if (this.config.externalJwt) {
-        await this.saveCheckKey(this.config.externalJwt, this.config.apiKey);
-      }
-      this.setState("ready");
-    } catch (error) {
-      console.error("Authentication flow failed:", error);
-      this.setState("error");
-      throw error;
-    }
-  }
-  async getApiInformation() {
-    if (!this.noAuthApiClient || !this.authApiResponse) {
-      this.noAuthApiClient = getPublicApiClient(
-        this.config.apiUrl,
-        this.config.apiKey
-      );
-      const { data } = await this.noAuthApiClient.GET(GetApiInformation.path, {
-        params: {
-          query: {
-            apiKey: this.config.apiKey
-          }
-        }
-      });
-      if (!data) {
-        throw new Error("Failed to fetch API information");
-      }
-      this.authApiResponse = data;
-    }
-    return this.authApiResponse;
-  }
-  initializeSupabaseClient(anonKey, apiUrl) {
-    if (!this.supabaseClient) {
-      this.supabaseClient = new GoTrueClient({
-        url: `${apiUrl}/auth/v1`,
-        storageKey: TOKEN_STORAGE_KEY,
-        headers: {
-          apiKey: anonKey
-        },
-        storage: this.storageAdapter,
-        ...this.authOptions
-      });
-      this.supabaseClient.onAuthStateChange((event, session) => {
-        console.debug("Supabase auth state change:", event, !!session);
-        if (event === "SIGNED_IN" && session?.user) {
-          if (this.userId !== session.user.id && this.userId !== null) {
-            this.events.dispatch("userChange", { id: session.user.id });
-          }
-          this.userId = session.user.id;
-        }
-        if (event === "TOKEN_REFRESHED" && session) {
-          console.debug("Token refreshed successfully");
-          this.setState("ready");
-        } else if (event === "SIGNED_OUT") {
-          console.debug("User signed out");
-          void this.clearStorage();
-          this.setState("initializing");
-        }
-      });
-    }
-  }
   client() {
     return this.internalApiClient;
   }
-  /**
-   * Handle the authentication logic (check session or exchange token)
-   */
-  async handleAuthentication() {
-    if (!this.supabaseClient) {
-      throw new Error("Supabase client not initialized");
-    }
-    if (this.processedJwt === this.config.externalJwt) {
-      return;
-    }
-    try {
-      const { data, error } = await this.supabaseClient.getSession();
-      if (error) {
-        console.error("Error getting session:", error);
-        this.processedJwt = this.config.externalJwt || "";
-        return;
-      }
-      const isCheckValid = await this.compareCheckKey(
-        this.config.externalJwt ?? "",
-        this.config.apiKey
-      );
-      if (data.session && this.config.externalJwt && isCheckValid) {
-        console.debug("Session found, authentication ready");
-        this.processedJwt = this.config.externalJwt || "";
-      } else if (this.config.externalJwt) {
-        console.debug("No session found, exchanging external JWT");
-        await this.clearCheckKey();
-        await this.exchangeExternalToken();
-        this.processedJwt = this.config.externalJwt;
-      } else {
-        console.debug("No session and no external JWT provided");
-        this.processedJwt = this.config.externalJwt || "";
-      }
-    } catch (error) {
-      console.error("Unhandled error during authentication:", error);
-      this.processedJwt = this.config.externalJwt || "";
-      throw error;
-    }
-  }
-  /**
-   * Exchange external JWT for Supabase tokens
-   */
-  async exchangeExternalToken() {
-    if (!this.noAuthApiClient || !this.supabaseClient || !this.config.externalJwt) {
-      throw new Error(
-        "Required clients or JWT not available for token exchange"
-      );
-    }
-    const { data } = await this.noAuthApiClient.POST(
-      ExchangeExternalToken.path,
-      {
-        body: {
-          apiKey: this.config.apiKey,
-          externalJWT: this.config.externalJwt
-        },
-        headers: this.config.additionalHeaders || {}
-      }
-    );
-    if (!data) {
-      throw new Error("Failed to exchange tokens");
-    }
-    await this.supabaseClient.setSession({
-      access_token: data.accessToken,
-      refresh_token: data.refreshToken
-    });
-    console.debug("Token exchange successful, session set");
-  }
   createSupabaseHeaderMiddleware() {
     return {
       onRequest: async ({ request }) => {
         const headers = await this.getHeaders();
-        if (!this.supabaseClient) {
-          return request;
-        }
-        const session = await this.supabaseClient.getSession();
-        if (!session.data.session) {
-          return request;
-        }
         for (const [key, value] of Object.entries(headers)) {
           request.headers.set(key, value);
         }
@@ -3544,33 +3675,8 @@ var MageMetricsClient = class {
       }
     };
   }
-  setState(state) {
-    this.authState = state;
-    this.events.dispatch("authStateChange", state);
-  }
-  encodeCheckKey(externalJwt, apiKey) {
-    return hashString(
-      JSON.stringify({
-        externalJwt,
-        apiKey
-      })
-    );
-  }
-  async saveCheckKey(externalJwt, apiKey) {
-    const encodedKey = this.encodeCheckKey(externalJwt, apiKey);
-    await this.storageAdapter.setItem(CHECK_KEY, encodedKey);
-  }
-  async compareCheckKey(externalJwt, apiKey) {
-    const storedKey = await this.storageAdapter.getItem(CHECK_KEY);
-    if (!storedKey) return false;
-    const newValue = this.encodeCheckKey(externalJwt, apiKey);
-    return storedKey === newValue;
-  }
-  async clearCheckKey() {
-    await this.storageAdapter.removeItem(CHECK_KEY);
-  }
 };
 
-export { BrowserStorageAdapter, CHECK_KEY, MageMetricsClient, MageMetricsEventEmitter, MemoryStorageAdapter, TOKEN_STORAGE_KEY, getPublicApiClient };
+export { BrowserStorageAdapter, CHECK_KEY, DirectAuthProvider, ExternalAuthProvider, MageMetricsClient, MageMetricsEventEmitter, MemoryStorageAdapter, TOKEN_STORAGE_KEY, getPublicApiClient };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map