@marginfront/sdk 0.0.1 → 0.1.2

package/dist/cli/index.mjs

@@ -0,0 +1,194 @@
+#!/usr/bin/env node
+import {
+  MarginFrontClient
+} from "../chunk-UIM2U5MX.mjs";
+
+// src/cli/index.ts
+import { Command as Command3 } from "commander";
+
+// src/cli/commands/verify.ts
+import { Command } from "commander";
+
+// src/cli/utils/env.ts
+import { readFileSync } from "fs";
+import { join } from "path";
+var ENV_FILE = ".env.marginfront.cli";
+function loadCliEnv() {
+  const filePath = join(process.cwd(), ENV_FILE);
+  try {
+    const contents = readFileSync(filePath, "utf-8");
+    const env = {};
+    for (const line of contents.split("\n")) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith("#")) continue;
+      const eqIdx = trimmed.indexOf("=");
+      if (eqIdx === -1) continue;
+      const key = trimmed.slice(0, eqIdx).trim();
+      const value = trimmed.slice(eqIdx + 1).trim();
+      env[key] = value;
+    }
+    return env;
+  } catch {
+    return {};
+  }
+}
+
+// src/cli/commands/verify.ts
+function verifyCommand() {
+  return new Command("verify").description("Verify an API key and display organization details").option("--api-key <key>", "API key (mf_sk_* or mf_pk_*)").option("--base-url <url>", "API base URL (default: https://api.revmax.ai/v1)").option("--debug", "Enable debug output").action(async (options) => {
+    const env = loadCliEnv();
+    const apiKey = options.apiKey ?? env["MF_API_KEY"];
+    const baseUrl = options.baseUrl ?? env["MF_BASE_URL"];
+    const debug = options.debug ?? env["MF_DEBUG"] === "true";
+    if (!apiKey) {
+      console.error("Error: --api-key is required (or set MF_API_KEY in .env.marginfront.cli)");
+      process.exit(1);
+    }
+    if (debug) {
+      console.log("[debug] base-url:", baseUrl ?? "(SDK default)");
+      console.log("[debug] api-key:", apiKey.slice(0, 10) + "...");
+    }
+    try {
+      const client = new MarginFrontClient({ apiKey, ...baseUrl ? { baseUrl } : {} });
+      const result = await client.verify();
+      console.log("\nVerified successfully\n");
+      console.log(JSON.stringify(result, null, 2));
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      console.error("\nVerification failed:", message);
+      process.exit(1);
+    }
+  });
+}
+
+// src/cli/commands/track-event.ts
+import { Command as Command2 } from "commander";
+function trackEventCommand() {
+  return new Command2("track-event").description("Send a usage event to the MarginFront API").option("--api-key <key>", "API key (mf_sk_*)").option("--base-url <url>", "API base URL (default: https://api.revmax.ai/v1)").option("--customer-id <id>", "Customer external ID").option("--agent-id <id>", "Agent UUID").option("--signal <name>", "Signal name (e.g. CALL_MINUTES)").option("--quantity <number>", "Quantity to record (default: 1)", "1").option("--metadata <json>", "Optional metadata as a JSON string").option("--debug", "Enable debug output").action(async (options) => {
+    const env = loadCliEnv();
+    const apiKey = options.apiKey ?? env["MF_API_KEY"];
+    const baseUrl = options.baseUrl ?? env["MF_BASE_URL"];
+    const customerId = options.customerId ?? env["MF_CUSTOMER_ID"];
+    const agentId = options.agentId ?? env["MF_AGENT_ID"];
+    const signal = options.signal ?? env["MF_SIGNAL"];
+    const quantity = Number(options.quantity ?? env["MF_QUANTITY"] ?? "1");
+    const debug = options.debug ?? env["MF_DEBUG"] === "true";
+    const missing = [];
+    if (!apiKey) missing.push("--api-key (or MF_API_KEY)");
+    if (!customerId) missing.push("--customer-id (or MF_CUSTOMER_ID)");
+    if (!agentId) missing.push("--agent-id (or MF_AGENT_ID)");
+    if (!signal) missing.push("--signal (or MF_SIGNAL)");
+    if (missing.length > 0) {
+      console.error("Error: missing required options:\n  " + missing.join("\n  "));
+      process.exit(1);
+    }
+    if (debug) {
+      console.log("[debug] base-url:", baseUrl ?? "(SDK default)");
+      console.log("[debug] api-key:", apiKey.slice(0, 10) + "...");
+      console.log("[debug] payload:", { customerId, agentId, signal, quantity });
+    }
+    let metadata;
+    if (options.metadata) {
+      try {
+        metadata = JSON.parse(options.metadata);
+      } catch {
+        console.error("Error: --metadata must be valid JSON");
+        process.exit(1);
+      }
+    }
+    try {
+      const client = new MarginFrontClient({ apiKey, ...baseUrl ? { baseUrl } : {} });
+      const result = await client.trackEvent({
+        customerExternalId: customerId,
+        agentId,
+        signalName: signal,
+        quantity,
+        ...metadata ? { metadata } : {}
+      });
+      console.log("\nEvent tracked successfully\n");
+      console.log(JSON.stringify(result, null, 2));
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      console.error("\nFailed to track event:", message);
+      process.exit(1);
+    }
+  });
+}
+
+// package.json
+var package_default = {
+  name: "@marginfront/sdk",
+  version: "0.1.2",
+  description: "Official Node.js SDK for MarginFront - usage-based billing, invoicing, and analytics",
+  main: "dist/index.js",
+  module: "dist/index.mjs",
+  types: "dist/index.d.ts",
+  exports: {
+    ".": {
+      types: "./dist/index.d.ts",
+      import: "./dist/index.mjs",
+      require: "./dist/index.js"
+    }
+  },
+  bin: {
+    mf: "dist/cli/index.js"
+  },
+  files: [
+    "dist"
+  ],
+  scripts: {
+    build: "tsup src/index.ts src/cli/index.ts --format cjs,esm --dts --clean",
+    test: "vitest",
+    lint: "eslint src/",
+    prepublishOnly: "npm run build"
+  },
+  keywords: [
+    "marginfront",
+    "billing",
+    "usage-based",
+    "invoicing",
+    "sdk",
+    "api",
+    "metering",
+    "subscriptions"
+  ],
+  author: "MarginFront",
+  license: "MIT",
+  repository: {
+    type: "git",
+    url: "https://github.com/Lowcountry-AI/platform",
+    directory: "packages/sdk"
+  },
+  homepage: "https://marginfront.com",
+  bugs: {
+    url: "https://github.com/Lowcountry-AI/platform/issues"
+  },
+  engines: {
+    node: ">=16.0.0"
+  },
+  dependencies: {
+    axios: "^1.6.0",
+    commander: "^12.0.0"
+  },
+  devDependencies: {
+    "@types/node": "^20.0.0",
+    "@typescript-eslint/eslint-plugin": "^6.21.0",
+    "@typescript-eslint/parser": "^6.21.0",
+    eslint: "^8.57.1",
+    tsup: "^8.0.0",
+    typescript: "^5.3.0",
+    vitest: "^1.0.0"
+  }
+};
+
+// src/cli/index.ts
+var WARNING = `
+\x1B[33m\u26A0\uFE0F  CLI mode \u2014 for testing only.\x1B[0m
+\x1B[33m   .env.marginfront.cli is NOT used when the SDK is imported as a library.\x1B[0m
+`;
+var program = new Command3().name("mf").description("MarginFront SDK CLI (testing tool)").version(package_default.version).hook("preAction", () => {
+  console.log(WARNING);
+});
+program.addCommand(verifyCommand());
+program.addCommand(trackEventCommand());
+program.parse();

package/dist/index.d.mts

@@ -566,27 +566,23 @@ interface ParsedApiKey {
     type: ApiKeyType;
 }
 /**
- * Parse an API key to extract type
+ * Parse an API key prefix to infer a display hint for the key type.
  *
- * @param apiKey - The API key to parse
- * @returns Parsed key info or null if invalid format
+ * This is a convenience utility for UIs that want to show "secret" or
+ * "publishable" based on the key prefix. The server is the authoritative
+ * source of key validity and type — this function does NOT gate access.
  *
- * @example
- * ```typescript
- * const info = parseApiKey('mf_sk_xxx');
- * // { type: 'secret' }
- *
- * const pub = parseApiKey('mf_pk_xxx');
- * // { type: 'publishable' }
- * ```
+ * @returns ParsedApiKey with type hint, or null if prefix is unrecognized
  */
 declare function parseApiKey(apiKey: string): ParsedApiKey | null;
 /**
- * Check if an API key is a secret key (mf_sk_*)
+ * Check if an API key looks like a secret key based on its prefix.
+ * Cosmetic hint only — the server is the authoritative source.
  */
 declare function isSecretKey(apiKey: string): boolean;
 /**
- * Check if an API key is a publishable key (mf_pk_*)
+ * Check if an API key looks like a publishable key based on its prefix.
+ * Cosmetic hint only — the server is the authoritative source.
  */
 declare function isPublishableKey(apiKey: string): boolean;
 
@@ -1195,8 +1191,8 @@ declare class MarginFrontClient {
      */
     constructor(apiKeyOrConfig: string | MarginFrontConfig, options?: ClientOptions);
     /**
-     * Assert that the current API key is a secret key
-     * @throws ValidationError if using a publishable key
+     * No-op — the server enforces key type for secret-only operations.
+     * Kept so PortalSessionsResource can call it without breaking.
      */
     private assertSecretKey;
     /**

package/dist/index.d.ts

@@ -566,27 +566,23 @@ interface ParsedApiKey {
     type: ApiKeyType;
 }
 /**
- * Parse an API key to extract type
+ * Parse an API key prefix to infer a display hint for the key type.
  *
- * @param apiKey - The API key to parse
- * @returns Parsed key info or null if invalid format
+ * This is a convenience utility for UIs that want to show "secret" or
+ * "publishable" based on the key prefix. The server is the authoritative
+ * source of key validity and type — this function does NOT gate access.
  *
- * @example
- * ```typescript
- * const info = parseApiKey('mf_sk_xxx');
- * // { type: 'secret' }
- *
- * const pub = parseApiKey('mf_pk_xxx');
- * // { type: 'publishable' }
- * ```
+ * @returns ParsedApiKey with type hint, or null if prefix is unrecognized
  */
 declare function parseApiKey(apiKey: string): ParsedApiKey | null;
 /**
- * Check if an API key is a secret key (mf_sk_*)
+ * Check if an API key looks like a secret key based on its prefix.
+ * Cosmetic hint only — the server is the authoritative source.
  */
 declare function isSecretKey(apiKey: string): boolean;
 /**
- * Check if an API key is a publishable key (mf_pk_*)
+ * Check if an API key looks like a publishable key based on its prefix.
+ * Cosmetic hint only — the server is the authoritative source.
  */
 declare function isPublishableKey(apiKey: string): boolean;
 
@@ -1195,8 +1191,8 @@ declare class MarginFrontClient {
      */
     constructor(apiKeyOrConfig: string | MarginFrontConfig, options?: ClientOptions);
     /**
-     * Assert that the current API key is a secret key
-     * @throws ValidationError if using a publishable key
+     * No-op — the server enforces key type for secret-only operations.
+     * Kept so PortalSessionsResource can call it without breaking.
      */
     private assertSecretKey;
     /**

package/dist/index.js

@@ -583,24 +583,10 @@ function isPublishableKey(apiKey) {
   const parsed = parseApiKey(apiKey);
   return parsed !== null && parsed.type === "publishable";
 }
-function getMinKeyLength(prefix) {
-  return prefix.length + 16;
-}
 function validateApiKey(apiKey) {
   if (!apiKey || typeof apiKey !== "string") {
     throw new ValidationError("API key is required");
   }
-  const parsed = parseApiKey(apiKey);
-  if (!parsed) {
-    throw new ValidationError(
-      "Invalid API key format. Expected mf_sk_* or mf_pk_*"
-    );
-  }
-  const prefix = KEY_PREFIXES[parsed.type];
-  const minLength = getMinKeyLength(prefix);
-  if (apiKey.length < minLength) {
-    throw new ValidationError("Invalid API key format. Key is too short");
-  }
 }
 
 // src/resources/usage.ts
@@ -1124,10 +1110,7 @@ var MarginFrontClient = class {
     validateApiKey(config.apiKey);
     this._apiKey = config.apiKey;
     const keyInfo = parseApiKey(config.apiKey);
-    if (!keyInfo) {
-      throw new ValidationError("Invalid API key format");
-    }
-    this._keyType = keyInfo.type;
+    this._keyType = keyInfo?.type ?? "secret";
     this.http = new HttpClient(config);
     this.usage = new UsageResource(this.http);
     this.customers = new CustomersResource(this.http);
@@ -1140,15 +1123,10 @@ var MarginFrontClient = class {
     );
   }
   /**
-   * Assert that the current API key is a secret key
-   * @throws ValidationError if using a publishable key
+   * No-op — the server enforces key type for secret-only operations.
+   * Kept so PortalSessionsResource can call it without breaking.
    */
   assertSecretKey() {
-    if (this._keyType !== "secret") {
-      throw new ValidationError(
-        "This operation requires a secret key (mf_sk_*). Publishable keys (mf_pk_*) cannot perform this action. Use your secret key on the server side only."
-      );
-    }
   }
   /**
    * Connect to the MarginFront API and verify credentials