@mantyx/sdk 0.10.0 → 0.11.0

package/dist/index.cjs

@@ -48,7 +48,6 @@ __export(index_exports, {
   defineLocalA2A: () => defineLocalA2A,
   defineLocalMcp: () => defineLocalMcp,
   defineLocalTool: () => defineLocalTool,
-  generatePkceVerifier: () => generatePkceVerifier,
   isLocalA2ATool: () => isLocalA2ATool,
   isLocalMcpServer: () => isLocalMcpServer,
   isLocalTool: () => isLocalTool,
@@ -57,7 +56,6 @@ __export(index_exports, {
   mantyxPluginTool: () => mantyxPluginTool,
   mantyxTool: () => mantyxTool,
   parseRunOutput: () => parseRunOutput,
-  pkceChallenge: () => pkceChallenge,
   readSseStream: () => readSseStream,
   toToolParametersWire: () => toToolParametersWire,
   zodToJsonSchema: () => zodToJsonSchema
@@ -125,6 +123,12 @@ var MantyxRunError = class extends MantyxError {
   partialText;
   /** See {@link MantyxRunErrorInit.retryable}. */
   retryable;
+  /** See {@link MantyxRunErrorInit.tokens}. */
+  tokens;
+  /** See {@link MantyxRunErrorInit.turns}. */
+  turns;
+  /** See {@link MantyxRunErrorInit.model}. */
+  model;
   constructor(runId, subtype, message, init = {}) {
     super(message, { code: subtype });
     this.name = "MantyxRunError";
@@ -134,6 +138,9 @@ var MantyxRunError = class extends MantyxError {
     this.finishReason = init.finishReason;
     this.partialText = init.partialText;
     this.retryable = init.retryable;
+    this.tokens = init.tokens;
+    this.turns = init.turns;
+    this.model = init.model;
   }
 };
 var MantyxParseError = class extends MantyxError {
@@ -773,6 +780,9 @@ var MantyxClient = class {
   async driveRun(runId, handlers, opts = {}) {
     const collected = [];
     let finalText = "";
+    let tokens;
+    let turns;
+    let modelInfo;
     for await (const ev of this.streamRunEvents(runId, handlers, opts.signal)) {
       collected.push(ev);
       if (opts.onEvent) opts.onEvent(ev);
@@ -781,25 +791,42 @@ var MantyxClient = class {
       }
       if (ev.type === "result") {
         const r = ev;
+        tokens = parseRunTokens(r.tokens) ?? tokens;
+        turns = parseRunTurns(r.turns) ?? turns;
+        modelInfo = parseRunModel(r.model) ?? modelInfo;
         if (r.subtype === "success") {
           finalText = typeof r.text === "string" ? r.text : "";
         } else {
-          throw new MantyxRunError(runId, r.subtype, r.error ?? r.subtype);
+          const errInit = {};
+          if (tokens !== void 0) errInit.tokens = tokens;
+          if (turns !== void 0) errInit.turns = turns;
+          if (modelInfo !== void 0) errInit.model = modelInfo;
+          throw new MantyxRunError(runId, r.subtype, r.error ?? r.subtype, errInit);
         }
       } else if (ev.type === "error") {
         const e = ev;
         const subtype = e.errorClass ?? e.code ?? "error";
-        throw new MantyxRunError(runId, subtype, e.error, {
-          ...e.errorClass !== void 0 ? { errorClass: e.errorClass } : {},
-          ...e.finishReason !== void 0 ? { finishReason: e.finishReason } : {},
-          ...typeof e.partialText === "string" ? { partialText: e.partialText } : {},
-          ...typeof e.retryable === "boolean" ? { retryable: e.retryable } : {}
-        });
+        const errInit = {};
+        if (e.errorClass !== void 0) errInit.errorClass = e.errorClass;
+        if (e.finishReason !== void 0) errInit.finishReason = e.finishReason;
+        if (typeof e.partialText === "string") errInit.partialText = e.partialText;
+        if (typeof e.retryable === "boolean") errInit.retryable = e.retryable;
+        const errTokens = parseRunTokens(e.tokens);
+        if (errTokens !== void 0) errInit.tokens = errTokens;
+        const errTurns = parseRunTurns(e.turns);
+        if (errTurns !== void 0) errInit.turns = errTurns;
+        const errModel = parseRunModel(e.model);
+        if (errModel !== void 0) errInit.model = errModel;
+        throw new MantyxRunError(runId, subtype, e.error, errInit);
       } else if (ev.type === "cancelled") {
         throw new MantyxRunError(runId, "cancelled", "Run was cancelled");
       }
     }
-    return { runId, text: finalText, events: collected };
+    const result = { runId, text: finalText, events: collected };
+    if (tokens !== void 0) result.tokens = tokens;
+    if (turns !== void 0) result.turns = turns;
+    if (modelInfo !== void 0) result.model = modelInfo;
+    return result;
   }
   async *streamRunEvents(runId, handlers, signal) {
     const url = this.absoluteUrl(`/agent-runs/${encodeURIComponent(runId)}/stream`);
@@ -1386,6 +1413,37 @@ function parseRunOutput(result, validator) {
 function sleep(ms) {
   return new Promise((r) => setTimeout(r, ms));
 }
+function parseRunTokens(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return void 0;
+  const v = value;
+  return {
+    inputTokens: toNonNegativeInt(v.inputTokens),
+    cachedTokens: toNonNegativeInt(v.cachedTokens),
+    reasoningTokens: toNonNegativeInt(v.reasoningTokens),
+    outputTokens: toNonNegativeInt(v.outputTokens)
+  };
+}
+function parseRunTurns(value) {
+  if (typeof value !== "number" || !Number.isFinite(value)) return void 0;
+  return Math.max(0, Math.trunc(value));
+}
+function parseRunModel(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return void 0;
+  const v = value;
+  const out = {
+    id: typeof v.id === "string" ? v.id : "",
+    provider: typeof v.provider === "string" ? v.provider : "",
+    vendorModelId: typeof v.vendorModelId === "string" ? v.vendorModelId : ""
+  };
+  if (typeof v.reasoningEffort === "string" && v.reasoningEffort.length > 0) {
+    out.reasoningEffort = v.reasoningEffort;
+  }
+  return out;
+}
+function toNonNegativeInt(value) {
+  if (typeof value !== "number" || !Number.isFinite(value)) return 0;
+  return Math.max(0, Math.trunc(value));
+}
 function resolveCredential(opts) {
   const apiKey = typeof opts.apiKey === "string" ? opts.apiKey : "";
   const accessToken = typeof opts.accessToken === "string" ? opts.accessToken : "";
@@ -1423,8 +1481,6 @@ function parseRequiredScopes(bodyRequired, wwwAuthenticate) {
 }
 
 // src/oauth.ts
-var import_node_buffer = require("buffer");
-var import_node_crypto = require("crypto");
 var DEFAULT_OAUTH_BASE_URL = "https://app.mantyx.io";
 var DEFAULT_REFRESH_SKEW_MS = 6e4;
 var MantyxOAuthError = class extends MantyxError {
@@ -1463,26 +1519,11 @@ var MantyxOAuthClient = class {
     this.fetchImpl = f;
     this.timeoutMs = opts.timeoutMs ?? 3e4;
   }
-  /**
-   * Swap an authorization-code + PKCE verifier for the initial
-   * `{access_token, refresh_token}` pair. Call this exactly once per
-   * sign-in after the browser/native redirect lands back on your
-   * `redirectUri` with a `code` parameter. Persist the returned
-   * `refreshToken` against the user record — it is long-lived and
-   * non-rotating per `docs/oauth.md` §"Token lifetimes & lifecycle".
-   */
-  async exchangeAuthorizationCode(opts) {
-    return this.token({
-      grant_type: "authorization_code",
-      code: opts.code,
-      redirect_uri: opts.redirectUri,
-      code_verifier: opts.codeVerifier
-    });
-  }
   /**
    * Mint a fresh access token from a stored refresh token. The
-   * returned `refreshToken` is identical to the input — the field is
-   * surfaced for symmetry with {@link exchangeAuthorizationCode} only.
+   * returned `refreshToken` is identical to the input — refresh
+   * tokens are persistent and non-rotating, so the field is
+   * surfaced only for symmetry with the response shape.
    *
    * On `400 invalid_grant` the refresh token has been revoked (or its
    * grant / app was deleted); the SDK surfaces a
@@ -1500,21 +1541,6 @@ var MantyxOAuthClient = class {
     if (scope !== void 0) body.scope = scope;
     return this.token(body);
   }
-  /**
-   * Request a workspace-scoped access token without a user via the
-   * `client_credentials` grant. Available only on private OAuth apps
-   * that were registered with `allowsClientCredentials: true`. No
-   * refresh token is issued; re-call this method whenever a new
-   * access token is needed.
-   */
-  async clientCredentials(opts = {}) {
-    const body = {
-      grant_type: "client_credentials"
-    };
-    const scope = normalizeScope(opts.scope);
-    if (scope !== void 0) body.scope = scope;
-    return this.token(body);
-  }
   /**
    * Revoke an access or refresh token (RFC 7009). The server always
    * returns 200, even for unknown tokens. Revoking a **refresh**
@@ -1536,6 +1562,10 @@ var MantyxOAuthClient = class {
    * source caches the access token in-memory and refreshes
    * proactively when the cached value is within `refreshSkewMs` of
    * `expiresAt`, or eagerly when `MantyxClient` reports a 401.
+   *
+   * Pass `initialToken` if the calling app already has a non-expired
+   * access token in hand (e.g. straight out of the sign-in flow) to
+   * avoid an extra round-trip on the first request.
    */
   refreshTokenSource(opts) {
     if (!opts.refreshToken) {
@@ -1548,20 +1578,6 @@ var MantyxOAuthClient = class {
       return this.refresh({ refreshToken, scope: opts.scope });
     });
   }
-  /**
-   * Build a long-lived {@link TokenSource} backed by the
-   * `client_credentials` grant. On every refresh the source re-mints
-   * a workspace-scoped access token by calling the token endpoint
-   * with `grant_type=client_credentials`. Available only on private
-   * apps with `allowsClientCredentials: true`.
-   */
-  clientCredentialsTokenSource(opts = {}) {
-    const skew = opts.refreshSkewMs ?? DEFAULT_REFRESH_SKEW_MS;
-    const cache = { token: void 0, inflight: null };
-    return makeTokenSource(cache, skew, async () => {
-      return this.clientCredentials({ scope: opts.scope });
-    });
-  }
   // -------------------------------------------------------------- internals
   /**
    * POST `application/x-www-form-urlencoded` to `/api/oauth/token` and
@@ -1641,22 +1657,6 @@ var MantyxOAuthClient = class {
     return res;
   }
 };
-function generatePkceVerifier(length = 64) {
-  if (length < 43 || length > 128) {
-    throw new MantyxError("PKCE code_verifier length must be in [43, 128]");
-  }
-  const ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
-  const bytes = (0, import_node_crypto.randomBytes)(length);
-  let out = "";
-  for (let i = 0; i < length; i++) {
-    out += ALPHABET[bytes[i] % ALPHABET.length];
-  }
-  return out;
-}
-function pkceChallenge(verifier) {
-  const hash = (0, import_node_crypto.createHash)("sha256").update(verifier, "utf8").digest();
-  return import_node_buffer.Buffer.from(hash).toString("base64").replace(/=+$/, "").replace(/\+/g, "-").replace(/\//g, "_");
-}
 function makeTokenSource(cache, skewMs, mint) {
   return async (reason = "initial") => {
     if (reason !== "unauthorized" && cache.token && !isExpiring(cache.token, skewMs)) {
@@ -1700,7 +1700,7 @@ function normalizeScope(scope) {
 }
 
 // src/version.ts
-var SDK_VERSION = "0.10.0";
+var SDK_VERSION = "0.11.0";
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AgentSession,
@@ -1721,7 +1721,6 @@ var SDK_VERSION = "0.10.0";
   defineLocalA2A,
   defineLocalMcp,
   defineLocalTool,
-  generatePkceVerifier,
   isLocalA2ATool,
   isLocalMcpServer,
   isLocalTool,
@@ -1730,7 +1729,6 @@ var SDK_VERSION = "0.10.0";
   mantyxPluginTool,
   mantyxTool,
   parseRunOutput,
-  pkceChallenge,
   readSseStream,
   toToolParametersWire,
   zodToJsonSchema