@meshtrade/api-node 1.30.2 → 1.32.0

package/dist/meshtrade/iam/user/v1/service_node_meshts.js

@@ -7,62 +7,82 @@ exports.UserServiceNode = void 0;
 const connect_1 = require("@connectrpc/connect");
 const connect_node_1 = require("@connectrpc/connect-node");
 const service_pb_1 = require("./service_pb");
-const config_1 = require("../../../common/config");
-const validation_1 = require("../../../common/validation");
-const connectInterceptors_1 = require("../../../common/connectInterceptors");
+const service_pb_2 = require("./service_pb");
+const config_1 = require("../../../config");
+const protovalidate_1 = require("@bufbuild/protovalidate");
+const interceptors_1 = require("../../../interceptors");
 /**
  * Node.js client for interacting with the meshtrade.iam.user.v1 user v1 API resource service.
  * Uses Connect-ES with gRPC transport for Node.js gRPC communication.
  *
- * Supports three authentication modes:
+ * Supports flexible authentication modes using functional options pattern:
  *
  * 1. **No Authentication** (public APIs):
  *    ```typescript
- *    const client = new UserServiceNode({ apiServerURL: "http://localhost:10000" });
+ *    const client = new UserServiceNode(
+ *      WithServerUrl("http://localhost:10000")
+ *    );
  *    ```
  *
  * 2. **API Key Authentication** (backend services):
  *    ```typescript
- *    const client = new UserServiceNode({
- *      apiServerURL: "https://api.example.com",
- *      apiKey: "your-api-key",
- *      group: "groups/01ARZ3NDEKTSV4YWVF8F5BH32"
- *    });
+ *    const client = new UserServiceNode(
+ *      WithAPIKey("your-api-key"),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
  *    ```
  *
  * 3. **JWT Token Authentication** (Next.js backend with user session):
  *    ```typescript
- *    const client = new UserServiceNode({
- *      apiServerURL: "https://api.example.com",
- *      jwtToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
- *    });
+ *    const client = new UserServiceNode(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithServerUrl("https://api.example.com")
+ *    );
  *    ```
+ *
+ * 4. **JWT with Group Context** (user session with specific group):
+ *    ```typescript
+ *    const client = new UserServiceNode(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * Available options:
+ * - `WithAPIKey(key)` - API key authentication (mutually exclusive with JWT)
+ * - `WithJWTAccessToken(token)` - JWT authentication (mutually exclusive with API key)
+ * - `WithGroup(group)` - Group context (optional, works with both auth modes)
+ * - `WithServerUrl(url)` - Custom server URL (optional, defaults to production)
  */
 class UserServiceNode {
     /**
      * Constructs an instance of UserServiceNode.
-     * @param {ConfigOpts} [config] - Optional configuration for the client.
-     * @param {Interceptor[]} [interceptors] - For internal use by `withGroup`.
+     *
+     * Uses functional options pattern for flexible configuration:
+     * - `WithAPIKey(key)` - API key authentication
+     * - `WithJWTAccessToken(token)` - JWT authentication
+     * - `WithGroup(group)` - Group context (optional)
+     * - `WithServerUrl(url)` - Custom server URL (optional)
+     *
+     * @param {...ClientOption} opts - Variable number of configuration options
      */
-    constructor(config, interceptors) {
-        this._config = (0, config_1.getConfigFromOpts)(config);
-        // If interceptors are provided (from withGroup), use them
-        // Otherwise, create auth interceptors based on config
-        if (interceptors) {
-            this._interceptors = interceptors;
-        }
-        else {
-            this._interceptors = [];
-            // Add authentication interceptor based on configuration
-            if (this._config.apiKey && this._config.group) {
-                // API Key authentication mode
-                this._interceptors.push((0, connectInterceptors_1.createApiKeyInterceptor)(this._config.apiKey, this._config.group));
-            }
-            else if (this._config.jwtToken) {
-                // JWT authentication mode
-                this._interceptors.push((0, connectInterceptors_1.createJwtInterceptor)(this._config.jwtToken));
-            }
-            // If neither is configured, no authentication (public API mode)
+    constructor(...opts) {
+        // Build configuration from options
+        this._config = (0, config_1.buildConfigFromOptions)(...opts);
+        // Initialize validator for request validation
+        this._validator = (0, protovalidate_1.createValidator)();
+        this._interceptors = [];
+        this._interceptors.push((0, interceptors_1.createLoggingInterceptor)());
+        if (this._config.apiKey) {
+            this._interceptors.push((0, interceptors_1.createApiKeyInterceptor)(this._config.apiKey));
+        }
+        if (this._config.jwtToken) {
+            this._interceptors.push((0, interceptors_1.createJwtInterceptor)(this._config.jwtToken));
+        }
+        if (this._config.group) {
+            this._interceptors.push((0, interceptors_1.createGroupInterceptor)(this._config.group));
         }
         // Create the gRPC transport for Node.js with interceptors
         // Note: gRPC transport uses HTTP/2 by default
@@ -77,35 +97,36 @@ class UserServiceNode {
      * Returns a new client instance configured to send the specified group
      * resource name in the request headers for subsequent API calls.
      *
-     * **Important**: This method only works with API key authentication.
-     * - For **API key auth**: Creates a new client with updated group context
-     * - For **JWT auth**: Throws error (group comes from JWT token claims)
-     * - For **no auth**: Throws error (group requires authentication)
+     * This method creates a new client with the same authentication configuration
+     * but with the group context updated to the specified value.
+     *
+     * **Compatibility**: Works with all authentication modes:
+     * - **API key auth**: Creates new client with API key + new group
+     * - **JWT auth**: Creates new client with JWT + new group
+     * - **No auth**: Creates new client with standalone group interceptor
      *
      * @param {string} group - The operating group context to inject into the request
      *                         in the format `groups/{ulid}` where {ulid} is a 26-character ULID.
      *                         Example: 'groups/01ARZ3NDEKTSV4YWVF8F5BH32'
      * @returns {UserServiceNode} A new, configured instance of the client.
-     * @throws {Error} If used with JWT authentication or no authentication
      * @throws {Error} If the group format is invalid
      */
     withGroup(group) {
-        // Check authentication mode
-        if (this._config.jwtToken) {
-            throw new Error("Cannot use withGroup() with JWT authentication. " +
-                "The group context is determined by the JWT token claims.");
-        }
-        if (!this._config.apiKey) {
-            throw new Error("Cannot use withGroup() without authentication. " +
-                "Please configure API key authentication to use group context.");
-        }
-        // For API key authentication, create new client with updated group
-        // Replace the existing API key interceptor with one that has the new group
-        const newInterceptors = [
-            (0, connectInterceptors_1.createApiKeyInterceptor)(this._config.apiKey, group)
-        ];
-        // Return a new client instance with updated group context
-        return new UserServiceNode(this._config, newInterceptors);
+        // Build new options array with existing auth and updated group
+        const newOpts = [];
+        // Add server URL
+        newOpts.push((0, config_1.WithServerUrl)(this._config.apiServerURL));
+        // Add authentication (preserve existing mode)
+        if (this._config.apiKey) {
+            newOpts.push((0, config_1.WithAPIKey)(this._config.apiKey));
+        }
+        else if (this._config.jwtToken) {
+            newOpts.push((0, config_1.WithJWTAccessToken)(this._config.jwtToken));
+        }
+        // Add the new group
+        newOpts.push((0, config_1.WithGroup)(group));
+        // Return a new client instance with updated configuration
+        return new UserServiceNode(...newOpts);
     }
     /**
      * Performs assignrolestouser operation on user.
@@ -114,7 +135,14 @@ class UserServiceNode {
      */
     assignRolesToUser(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.AssignRolesToUserRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.assignRolesToUser(request);
     }
     /**
@@ -124,7 +152,14 @@ class UserServiceNode {
      */
     revokeRolesFromUser(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.RevokeRolesFromUserRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.revokeRolesFromUser(request);
     }
     /**
@@ -134,7 +169,14 @@ class UserServiceNode {
      */
     getUser(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.GetUserRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.getUser(request);
     }
     /**
@@ -144,7 +186,14 @@ class UserServiceNode {
      */
     getUserByEmail(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.GetUserByEmailRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.getUserByEmail(request);
     }
     /**
@@ -154,7 +203,14 @@ class UserServiceNode {
      */
     listUsers(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.ListUsersRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.listUsers(request);
     }
     /**
@@ -164,7 +220,14 @@ class UserServiceNode {
      */
     searchUsers(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.SearchUsersRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.searchUsers(request);
     }
     /**
@@ -174,7 +237,14 @@ class UserServiceNode {
      */
     createUser(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.CreateUserRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.createUser(request);
     }
     /**
@@ -184,7 +254,14 @@ class UserServiceNode {
      */
     updateUser(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.UpdateUserRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.updateUser(request);
     }
 }

package/dist/meshtrade/iam/user/v1/user_pb.d.ts

@@ -33,12 +33,20 @@ export type User = Message<"meshtrade.iam.user.v1.User"> & {
      * @generated from field: string owner = 2;
      */
     owner: string;
+    /**
+     *
+     * Ownership hiearchy of groups that have access to this resource in the format groups/{group_id}.
+     * System set on creation.
+     *
+     * @generated from field: repeated string owners = 3;
+     */
+    owners: string[];
     /**
      *
      * The unique email address of this user.
      * This field is required on creation and must be a valid email format.
      *
-     * @generated from field: string email = 3;
+     * @generated from field: string email = 4;
      */
     email: string;
     /**
@@ -47,7 +55,7 @@ export type User = Message<"meshtrade.iam.user.v1.User"> & {
      * prepended by the name of the group in which they have been assigned that role.
      * e.g. groups/{ULIDv2}/roles/{role}, where role is a value of the meshtrade.iam.role.v1.Role enum.
      *
-     * @generated from field: repeated string roles = 4;
+     * @generated from field: repeated string roles = 5;
      */
     roles: string[];
 };

package/dist/meshtrade/iam/user/v1/user_pb.js

@@ -9,7 +9,7 @@ const validate_pb_1 = require("../../../../buf/validate/validate_pb");
 /**
  * Describes the file meshtrade/iam/user/v1/user.proto.
  */
-exports.file_meshtrade_iam_user_v1_user = (0, codegenv2_1.fileDesc)("CiBtZXNodHJhZGUvaWFtL3VzZXIvdjEvdXNlci5wcm90bxIVbWVzaHRyYWRlLmlhbS51c2VyLnYxIosDCgRVc2VyErQBCgRuYW1lGAEgASgJQqUBukihAboBnQEKFG5hbWUuZm9ybWF0Lm9wdGlvbmFsEjJuYW1lIG11c3QgYmUgZW1wdHkgb3IgaW4gdGhlIGZvcm1hdCB1c2Vycy97VUxJRHYyfRpRc2l6ZSh0aGlzKSA9PSAwIHx8IHRoaXMubWF0Y2hlcygnXnVzZXJzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9JCcpEksKBW93bmVyGAIgASgJQjy6SDnIAQFyNDIvXmdyb3Vwcy9bMDEyMzQ1Njc4OUFCQ0RFRkdISktNTlBRUlNUVldYWVpdezI2fSSYASESGQoFZW1haWwYAyABKAlCCrpIB8gBAXICYAESZAoFcm9sZXMYBCADKAlCVbpIUpIBTyJNcksQLxgwMkVeZ3JvdXBzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9L3JvbGVzL1sxLTldWzAtOV17Niw3fSRCTwocY28ubWVzaHRyYWRlLmFwaS5pYW0udXNlci52MVovZ2l0aHViLmNvbS9tZXNodHJhZGUvYXBpL2dvL2lhbS91c2VyL3YxO3VzZXJfdjFiBnByb3RvMw", [validate_pb_1.file_buf_validate_validate]);
+exports.file_meshtrade_iam_user_v1_user = (0, codegenv2_1.fileDesc)("CiBtZXNodHJhZGUvaWFtL3VzZXIvdjEvdXNlci5wcm90bxIVbWVzaHRyYWRlLmlhbS51c2VyLnYxItsDCgRVc2VyErQBCgRuYW1lGAEgASgJQqUBukihAboBnQEKFG5hbWUuZm9ybWF0Lm9wdGlvbmFsEjJuYW1lIG11c3QgYmUgZW1wdHkgb3IgaW4gdGhlIGZvcm1hdCB1c2Vycy97VUxJRHYyfRpRc2l6ZSh0aGlzKSA9PSAwIHx8IHRoaXMubWF0Y2hlcygnXnVzZXJzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9JCcpEksKBW93bmVyGAIgASgJQjy6SDnIAQFyNDIvXmdyb3Vwcy9bMDEyMzQ1Njc4OUFCQ0RFRkdISktNTlBRUlNUVldYWVpdezI2fSSYASESTgoGb3duZXJzGAMgAygJQj66SDuSATgiNnI0Mi9eZ3JvdXBzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9JJgBIRIZCgVlbWFpbBgEIAEoCUIKukgHyAEBcgJgARJkCgVyb2xlcxgFIAMoCUJVukhSkgFPIk1ySxAvGDAyRV5ncm91cHMvWzAxMjM0NTY3ODlBQkNERUZHSEpLTU5QUVJTVFZXWFlaXXsyNn0vcm9sZXMvWzEtOV1bMC05XXs2LDd9JEJPChxjby5tZXNodHJhZGUuYXBpLmlhbS51c2VyLnYxWi9naXRodWIuY29tL21lc2h0cmFkZS9hcGkvZ28vaWFtL3VzZXIvdjE7dXNlcl92MWIGcHJvdG8z", [validate_pb_1.file_buf_validate_validate]);
 /**
  * Describes the message meshtrade.iam.user.v1.User.
  * Use `create(UserSchema)` to create a new message.

package/dist/meshtrade/{common/connectInterceptors.d.ts → interceptors/index.d.ts}

@@ -41,79 +41,21 @@ export declare function createGroupInterceptor(group: string): Interceptor & {
     groupContext: string;
 };
 /**
- * Creates a Connect-ES interceptor that injects API key authentication
- * into API requests by adding `x-api-key` and `x-group` headers.
- *
- * This authentication mode is used for service-to-service communication
- * where a backend service authenticates using an API key and operates
- * within a specific group context.
- *
- * Both the API key and group are required and validated. The group must
- * follow the resource name format: `groups/{ulid}` where {ulid} is a
- * 26-character ULID.
+ * Creates a Connect-ES interceptor that injects API key authentication.
  *
  * @param apiKey - The API key for authentication
- * @param group - The group resource name in format `groups/{ulid}`
- * @returns An interceptor function that adds authentication headers to all requests
- * @throws {Error} If apiKey is empty or group format is invalid
- *
- * @example
- * ```typescript
- * const authInterceptor = createApiKeyInterceptor(
- *   'your-api-key',
- *   'groups/01ARZ3NDEKTSV4YWVF8F5BH32'
- * );
- *
- * const transport = createGrpcTransport({
- *   baseUrl: 'https://api.example.com',
- *   interceptors: [authInterceptor]
- * });
- * ```
+ * @returns An interceptor that adds x-api-key header
+ * @throws {Error} If apiKey is empty
  */
-export declare function createApiKeyInterceptor(apiKey: string, group: string): Interceptor & {
+export declare function createApiKeyInterceptor(apiKey: string): Interceptor & {
     apiKeyAuth: true;
-    groupContext: string;
 };
 /**
- * Creates a Connect-ES interceptor that injects JWT token authentication
- * into API requests by adding a `Cookie` header with the AccessToken.
- *
- * This authentication mode is used in Next.js backends where the server
- * has access to the user's JWT token from their browser session. The JWT
- * is injected as a cookie so the server can extract it in the same way
- * it would from a browser request.
- *
- * The JWT token is added as: `Cookie: AccessToken=<jwt>`
- *
- * This allows the server-side authentication middleware to extract it as:
- * ```go
- * if cookieHeader := request.Attributes.Request.Http.Headers["cookie"]; cookieHeader != "" {
- *   cookies := parseHTTPCookies(cookieHeader)
- *   for _, cookie := range cookies {
- *     if cookie.Name == "AccessToken" && cookie.Value != "" {
- *       authContext.AccessToken = cookie.Value
- *       break
- *     }
- *   }
- * }
- * ```
+ * Creates a Connect-ES interceptor that injects JWT token authentication.
  *
  * @param jwtToken - The JWT token from the user's session
- * @returns An interceptor function that adds the JWT as a cookie header
+ * @returns An interceptor that adds AccessToken cookie
  * @throws {Error} If jwtToken is empty
- *
- * @example
- * ```typescript
- * // In a Next.js API route
- * const authInterceptor = createJwtInterceptor(
- *   'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'
- * );
- *
- * const transport = createGrpcTransport({
- *   baseUrl: 'https://api.example.com',
- *   interceptors: [authInterceptor]
- * });
- * ```
  */
 export declare function createJwtInterceptor(jwtToken: string): Interceptor & {
     jwtAuth: true;

package/dist/meshtrade/{common/connectInterceptors.js → interceptors/index.js}

@@ -11,7 +11,6 @@ exports.createGroupInterceptor = createGroupInterceptor;
 exports.createApiKeyInterceptor = createApiKeyInterceptor;
 exports.createJwtInterceptor = createJwtInterceptor;
 exports.createLoggingInterceptor = createLoggingInterceptor;
-const validation_1 = require("./validation");
 /**
  * HTTP header names for authentication.
  * Must match the server-side header constants.
@@ -20,6 +19,15 @@ const API_KEY_HEADER = "x-api-key";
 const GROUP_HEADER = "x-group";
 const COOKIE_HEADER = "cookie";
 const ACCESS_TOKEN_COOKIE_NAME = "AccessToken";
+/**
+ * Validates if a resource name follows the groups/{ulid} format.
+ *
+ * @param resourceName - The resource name string to validate
+ * @returns true if the resource name is a valid group resource name, false otherwise
+ */
+function isValidGroupResourceName(resourceName) {
+    return /^groups\/[0-9A-Z]{26}$/.test(resourceName);
+}
 /**
  * Creates a Connect-ES interceptor that injects operating group context
  * into API requests by adding an `x-group` header.
@@ -53,15 +61,13 @@ const ACCESS_TOKEN_COOKIE_NAME = "AccessToken";
  */
 function createGroupInterceptor(group) {
     // Validate the group resource name format
-    if (!(0, validation_1.isValidGroupResourceName)(group)) {
+    if (!isValidGroupResourceName(group)) {
         throw new Error(`Invalid group format: "${group}". Group must be in the format "groups/{ulid}" ` +
             `where {ulid} is a 26-character ULID (e.g., "groups/01ARZ3NDEKTSV4YWVF8F5BH32").`);
     }
     // Create the interceptor function
     const interceptor = (next) => async (req) => {
-        // Add the x-group header to the request
-        req.header.set("x-group", group);
-        // Call the next interceptor in the chain
+        req.header.set(GROUP_HEADER, group);
         return await next(req);
     };
     // Add a marker property so we can identify group interceptors
@@ -69,114 +75,38 @@ function createGroupInterceptor(group) {
     return Object.assign(interceptor, { groupContext: group });
 }
 /**
- * Creates a Connect-ES interceptor that injects API key authentication
- * into API requests by adding `x-api-key` and `x-group` headers.
- *
- * This authentication mode is used for service-to-service communication
- * where a backend service authenticates using an API key and operates
- * within a specific group context.
- *
- * Both the API key and group are required and validated. The group must
- * follow the resource name format: `groups/{ulid}` where {ulid} is a
- * 26-character ULID.
+ * Creates a Connect-ES interceptor that injects API key authentication.
  *
  * @param apiKey - The API key for authentication
- * @param group - The group resource name in format `groups/{ulid}`
- * @returns An interceptor function that adds authentication headers to all requests
- * @throws {Error} If apiKey is empty or group format is invalid
- *
- * @example
- * ```typescript
- * const authInterceptor = createApiKeyInterceptor(
- *   'your-api-key',
- *   'groups/01ARZ3NDEKTSV4YWVF8F5BH32'
- * );
- *
- * const transport = createGrpcTransport({
- *   baseUrl: 'https://api.example.com',
- *   interceptors: [authInterceptor]
- * });
- * ```
+ * @returns An interceptor that adds x-api-key header
+ * @throws {Error} If apiKey is empty
  */
-function createApiKeyInterceptor(apiKey, group) {
-    // Validate inputs
+function createApiKeyInterceptor(apiKey) {
     if (!apiKey || apiKey.trim() === "") {
         throw new Error("API key cannot be empty");
     }
-    if (!(0, validation_1.isValidGroupResourceName)(group)) {
-        throw new Error(`Invalid group format: "${group}". Group must be in the format "groups/{ulid}" ` +
-            `where {ulid} is a 26-character ULID (e.g., "groups/01ARZ3NDEKTSV4YWVF8F5BH32").`);
-    }
-    // Create the interceptor function
     const interceptor = (next) => async (req) => {
-        // Add authentication headers to the request
         req.header.set(API_KEY_HEADER, apiKey);
-        req.header.set(GROUP_HEADER, group);
-        // Call the next interceptor in the chain
         return await next(req);
     };
-    // Add marker properties for identification
-    return Object.assign(interceptor, {
-        apiKeyAuth: true,
-        groupContext: group,
-    });
+    return Object.assign(interceptor, { apiKeyAuth: true });
 }
 /**
- * Creates a Connect-ES interceptor that injects JWT token authentication
- * into API requests by adding a `Cookie` header with the AccessToken.
- *
- * This authentication mode is used in Next.js backends where the server
- * has access to the user's JWT token from their browser session. The JWT
- * is injected as a cookie so the server can extract it in the same way
- * it would from a browser request.
- *
- * The JWT token is added as: `Cookie: AccessToken=<jwt>`
- *
- * This allows the server-side authentication middleware to extract it as:
- * ```go
- * if cookieHeader := request.Attributes.Request.Http.Headers["cookie"]; cookieHeader != "" {
- *   cookies := parseHTTPCookies(cookieHeader)
- *   for _, cookie := range cookies {
- *     if cookie.Name == "AccessToken" && cookie.Value != "" {
- *       authContext.AccessToken = cookie.Value
- *       break
- *     }
- *   }
- * }
- * ```
+ * Creates a Connect-ES interceptor that injects JWT token authentication.
  *
  * @param jwtToken - The JWT token from the user's session
- * @returns An interceptor function that adds the JWT as a cookie header
+ * @returns An interceptor that adds AccessToken cookie
  * @throws {Error} If jwtToken is empty
- *
- * @example
- * ```typescript
- * // In a Next.js API route
- * const authInterceptor = createJwtInterceptor(
- *   'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'
- * );
- *
- * const transport = createGrpcTransport({
- *   baseUrl: 'https://api.example.com',
- *   interceptors: [authInterceptor]
- * });
- * ```
  */
 function createJwtInterceptor(jwtToken) {
-    // Validate input
     if (!jwtToken || jwtToken.trim() === "") {
         throw new Error("JWT token cannot be empty");
     }
-    // Create the interceptor function
     const interceptor = (next) => async (req) => {
-        // Add JWT as a cookie header
-        // Format: "Cookie: AccessToken=<jwt>"
         const cookieValue = `${ACCESS_TOKEN_COOKIE_NAME}=${jwtToken}`;
         req.header.set(COOKIE_HEADER, cookieValue);
-        // Call the next interceptor in the chain
         return await next(req);
     };
-    // Add marker property for identification
     return Object.assign(interceptor, { jwtAuth: true });
 }
 /**
@@ -203,7 +133,7 @@ function createLoggingInterceptor() {
             headers[key] = value;
         });
         // Log the request
-        console.log(`[Connect] ${req.method.name} request:`, {
+        console.debug(`[Connect] ${req.method.name} request:`, {
             service: req.service.typeName,
             method: req.method.name,
             headers,
@@ -212,7 +142,7 @@ function createLoggingInterceptor() {
             // Call the next interceptor and get the response
             const response = await next(req);
             // Log successful response
-            console.log(`[Connect] ${req.method.name} response:`, {
+            console.debug(`[Connect] ${req.method.name} response:`, {
                 service: req.service.typeName,
                 method: req.method.name,
                 status: "success",