@meshtrade/api-web 1.30.2 → 1.32.0

package/dist/meshtrade/iam/group/v1/group_pb.js

@@ -9,7 +9,7 @@ const validate_pb_1 = require("../../../../buf/validate/validate_pb");
 /**
  * Describes the file meshtrade/iam/group/v1/group.proto.
  */
-exports.file_meshtrade_iam_group_v1_group = (0, codegenv2_1.fileDesc)("CiJtZXNodHJhZGUvaWFtL2dyb3VwL3YxL2dyb3VwLnByb3RvEhZtZXNodHJhZGUuaWFtLmdyb3VwLnYxItECCgVHcm91cBK2AQoEbmFtZRgBIAEoCUKnAbpIowG6AZ8BChRuYW1lLmZvcm1hdC5vcHRpb25hbBIzbmFtZSBtdXN0IGJlIGVtcHR5IG9yIGluIHRoZSBmb3JtYXQgZ3JvdXBzL3tVTElEdjJ9GlJzaXplKHRoaXMpID09IDAgfHwgdGhpcy5tYXRjaGVzKCdeZ3JvdXBzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9JCcpEksKBW93bmVyGAIgASgJQjy6SDnIAQFyNDIvXmdyb3Vwcy9bMDEyMzQ1Njc4OUFCQ0RFRkdISktNTlBRUlNUVldYWVpdezI2fSSYASESIwoMZGlzcGxheV9uYW1lGAQgASgJQg26SArIAQFyBRABGP8BEh0KC2Rlc2NyaXB0aW9uGAUgASgJQgi6SAVyAxjoB0JSCh1jby5tZXNodHJhZGUuYXBpLmlhbS5ncm91cC52MVoxZ2l0aHViLmNvbS9tZXNodHJhZGUvYXBpL2dvL2lhbS9ncm91cC92MTtncm91cF92MWIGcHJvdG8z", [validate_pb_1.file_buf_validate_validate]);
+exports.file_meshtrade_iam_group_v1_group = (0, codegenv2_1.fileDesc)("CiJtZXNodHJhZGUvaWFtL2dyb3VwL3YxL2dyb3VwLnByb3RvEhZtZXNodHJhZGUuaWFtLmdyb3VwLnYxIqEDCgVHcm91cBK2AQoEbmFtZRgBIAEoCUKnAbpIowG6AZ8BChRuYW1lLmZvcm1hdC5vcHRpb25hbBIzbmFtZSBtdXN0IGJlIGVtcHR5IG9yIGluIHRoZSBmb3JtYXQgZ3JvdXBzL3tVTElEdjJ9GlJzaXplKHRoaXMpID09IDAgfHwgdGhpcy5tYXRjaGVzKCdeZ3JvdXBzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9JCcpEksKBW93bmVyGAIgASgJQjy6SDnIAQFyNDIvXmdyb3Vwcy9bMDEyMzQ1Njc4OUFCQ0RFRkdISktNTlBRUlNUVldYWVpdezI2fSSYASESTgoGb3duZXJzGAMgAygJQj66SDuSATgiNnI0Mi9eZ3JvdXBzL1swMTIzNDU2Nzg5QUJDREVGR0hKS01OUFFSU1RWV1hZWl17MjZ9JJgBIRIjCgxkaXNwbGF5X25hbWUYBCABKAlCDbpICsgBAXIFEAEY/wESHQoLZGVzY3JpcHRpb24YBSABKAlCCLpIBXIDGOgHQlIKHWNvLm1lc2h0cmFkZS5hcGkuaWFtLmdyb3VwLnYxWjFnaXRodWIuY29tL21lc2h0cmFkZS9hcGkvZ28vaWFtL2dyb3VwL3YxO2dyb3VwX3YxYgZwcm90bzM", [validate_pb_1.file_buf_validate_validate]);
 /**
  * Describes the message meshtrade.iam.group.v1.Group.
  * Use `create(GroupSchema)` to create a new message.

package/dist/meshtrade/iam/group/v1/service_web_meshts.d.ts

@@ -1,30 +1,85 @@
-import { Interceptor } from "@connectrpc/connect";
 import { CreateGroupRequest, GetGroupRequest, ListGroupsRequest, ListGroupsResponse, SearchGroupsRequest, SearchGroupsResponse, UpdateGroupRequest } from "./service_pb";
 import { Group } from "./group_pb";
-import { ConfigOpts } from "../../../common/config";
+import { ClientOption } from "../../../config";
 /**
  * Web client for interacting with the meshtrade.iam.group.v1 group v1 API resource service.
- * Uses Connect-ES with gRPC-Web transport for browser-compatible gRPC communication.
+ * Uses Connect-ES with gRPC-Web transport for browser-based communication.
+ *
+ * Supports flexible authentication modes using functional options pattern:
+ *
+ * 1. **No Authentication** (public APIs):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithServerUrl("http://localhost:10000")
+ *    );
+ *    ```
+ *
+ * 2. **API Key Authentication** (backend services):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithAPIKey("your-api-key"),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * 3. **JWT Token Authentication** (Next.js frontend with user session):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * 4. **JWT with Group Context** (user session with specific group):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * Available options:
+ * - `WithAPIKey(key)` - API key authentication (mutually exclusive with JWT)
+ * - `WithJWTAccessToken(token)` - JWT authentication (mutually exclusive with API key)
+ * - `WithGroup(group)` - Group context (optional, works with both auth modes)
+ * - `WithServerUrl(url)` - Custom server URL (optional, defaults to production)
  */
 export declare class GroupServiceWeb {
     private _client;
     private readonly _config;
     private readonly _interceptors;
+    private readonly _validator;
     /**
      * Constructs an instance of GroupServiceWeb.
-     * @param {ConfigOpts} [config] - Optional configuration for the client.
-     * @param {Interceptor[]} [interceptors] - For internal use by `withGroup`.
+     *
+     * Uses functional options pattern for flexible configuration:
+     * - `WithAPIKey(key)` - API key authentication
+     * - `WithJWTAccessToken(token)` - JWT authentication
+     * - `WithGroup(group)` - Group context (optional)
+     * - `WithServerUrl(url)` - Custom server URL (optional)
+     *
+     * @param {...ClientOption} opts - Variable number of configuration options
      */
-    constructor(config?: ConfigOpts, interceptors?: Interceptor[]);
+    constructor(...opts: ClientOption[]);
     /**
      * Returns a new client instance configured to send the specified group
      * resource name in the request headers for subsequent API calls.
      *
+     * This method creates a new client with the same authentication configuration
+     * but with the group context updated to the specified value.
+     *
+     * **Compatibility**: Works with all authentication modes:
+     * - **API key auth**: Creates new client with API key + new group
+     * - **JWT auth**: Creates new client with JWT + new group
+     * - **No auth**: Creates new client with standalone group interceptor
+     *
      * @param {string} group - The operating group context to inject into the request
      *                         in the format `groups/{ulid}` where {ulid} is a 26-character ULID.
      *                         Example: 'groups/01ARZ3NDEKTSV4YWVF8F5BH32'
      * @returns {GroupServiceWeb} A new, configured instance of the client.
-     * @throws {Error} If the group format is invalid (validation occurs in createGroupInterceptor)
+     * @throws {Error} If the group format is invalid
      */
     withGroup(group: string): GroupServiceWeb;
     /**

package/dist/meshtrade/iam/group/v1/service_web_meshts.js

@@ -7,28 +7,87 @@ exports.GroupServiceWeb = void 0;
 const connect_1 = require("@connectrpc/connect");
 const connect_web_1 = require("@connectrpc/connect-web");
 const service_pb_1 = require("./service_pb");
-const config_1 = require("../../../common/config");
-const validation_1 = require("../../../common/validation");
-const connectInterceptors_1 = require("../../../common/connectInterceptors");
+const service_pb_2 = require("./service_pb");
+const config_1 = require("../../../config");
+const protovalidate_1 = require("@bufbuild/protovalidate");
+const interceptors_1 = require("../../../interceptors");
 /**
  * Web client for interacting with the meshtrade.iam.group.v1 group v1 API resource service.
- * Uses Connect-ES with gRPC-Web transport for browser-compatible gRPC communication.
+ * Uses Connect-ES with gRPC-Web transport for browser-based communication.
+ *
+ * Supports flexible authentication modes using functional options pattern:
+ *
+ * 1. **No Authentication** (public APIs):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithServerUrl("http://localhost:10000")
+ *    );
+ *    ```
+ *
+ * 2. **API Key Authentication** (backend services):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithAPIKey("your-api-key"),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * 3. **JWT Token Authentication** (Next.js frontend with user session):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * 4. **JWT with Group Context** (user session with specific group):
+ *    ```typescript
+ *    const client = new GroupServiceWeb(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * Available options:
+ * - `WithAPIKey(key)` - API key authentication (mutually exclusive with JWT)
+ * - `WithJWTAccessToken(token)` - JWT authentication (mutually exclusive with API key)
+ * - `WithGroup(group)` - Group context (optional, works with both auth modes)
+ * - `WithServerUrl(url)` - Custom server URL (optional, defaults to production)
  */
 class GroupServiceWeb {
     /**
      * Constructs an instance of GroupServiceWeb.
-     * @param {ConfigOpts} [config] - Optional configuration for the client.
-     * @param {Interceptor[]} [interceptors] - For internal use by `withGroup`.
+     *
+     * Uses functional options pattern for flexible configuration:
+     * - `WithAPIKey(key)` - API key authentication
+     * - `WithJWTAccessToken(token)` - JWT authentication
+     * - `WithGroup(group)` - Group context (optional)
+     * - `WithServerUrl(url)` - Custom server URL (optional)
+     *
+     * @param {...ClientOption} opts - Variable number of configuration options
      */
-    constructor(config, interceptors) {
-        this._config = (0, config_1.getConfigFromOpts)(config);
-        this._interceptors = interceptors || [];
-        // Create the gRPC-Web transport with interceptors
+    constructor(...opts) {
+        // Build configuration from options
+        this._config = (0, config_1.buildConfigFromOptions)(...opts);
+        // Initialize validator for request validation
+        this._validator = (0, protovalidate_1.createValidator)();
+        this._interceptors = [];
+        this._interceptors.push((0, interceptors_1.createLoggingInterceptor)());
+        if (this._config.apiKey) {
+            this._interceptors.push((0, interceptors_1.createApiKeyInterceptor)(this._config.apiKey));
+        }
+        if (this._config.jwtToken) {
+            this._interceptors.push((0, interceptors_1.createJwtInterceptor)(this._config.jwtToken));
+        }
+        if (this._config.group) {
+            this._interceptors.push((0, interceptors_1.createGroupInterceptor)(this._config.group));
+        }
+        // Create the gRPC-Web transport for browser with interceptors
         const transport = (0, connect_web_1.createGrpcWebTransport)({
             baseUrl: this._config.apiServerURL,
             interceptors: this._interceptors,
-            // Enable credentials (cookies) for cross-origin requests
-            fetch: (input, init) => globalThis.fetch(input, { ...init, credentials: 'include' }),
         });
         // Construct the Connect-ES client
         this._client = (0, connect_1.createClient)(service_pb_1.GroupService, transport);
@@ -37,26 +96,36 @@ class GroupServiceWeb {
      * Returns a new client instance configured to send the specified group
      * resource name in the request headers for subsequent API calls.
      *
+     * This method creates a new client with the same authentication configuration
+     * but with the group context updated to the specified value.
+     *
+     * **Compatibility**: Works with all authentication modes:
+     * - **API key auth**: Creates new client with API key + new group
+     * - **JWT auth**: Creates new client with JWT + new group
+     * - **No auth**: Creates new client with standalone group interceptor
+     *
      * @param {string} group - The operating group context to inject into the request
      *                         in the format `groups/{ulid}` where {ulid} is a 26-character ULID.
      *                         Example: 'groups/01ARZ3NDEKTSV4YWVF8F5BH32'
      * @returns {GroupServiceWeb} A new, configured instance of the client.
-     * @throws {Error} If the group format is invalid (validation occurs in createGroupInterceptor)
+     * @throws {Error} If the group format is invalid
      */
     withGroup(group) {
-        // Check if a group interceptor already exists.
-        // Group interceptors are identified by having a 'groupContext' property
-        const hasGroupInterceptor = this._interceptors.some((interceptor) => interceptor.groupContext !== undefined);
-        if (hasGroupInterceptor) {
-            throw new Error("Attempted to set group context twice. A group has already been set for this client instance.");
+        // Build new options array with existing auth and updated group
+        const newOpts = [];
+        // Add server URL
+        newOpts.push((0, config_1.WithServerUrl)(this._config.apiServerURL));
+        // Add authentication (preserve existing mode)
+        if (this._config.apiKey) {
+            newOpts.push((0, config_1.WithAPIKey)(this._config.apiKey));
         }
-        // Create a new interceptor for the group context
-        const groupInterceptor = (0, connectInterceptors_1.createGroupInterceptor)(group);
-        // Return a new client instance with the existing interceptors plus the new one
-        return new GroupServiceWeb(this._config, [
-            ...this._interceptors,
-            groupInterceptor,
-        ]);
+        else if (this._config.jwtToken) {
+            newOpts.push((0, config_1.WithJWTAccessToken)(this._config.jwtToken));
+        }
+        // Add the new group
+        newOpts.push((0, config_1.WithGroup)(group));
+        // Return a new client instance with updated configuration
+        return new GroupServiceWeb(...newOpts);
     }
     /**
      * Creates a new group.
@@ -65,7 +134,14 @@ class GroupServiceWeb {
      */
     createGroup(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.CreateGroupRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.createGroup(request);
     }
     /**
@@ -75,7 +151,14 @@ class GroupServiceWeb {
      */
     updateGroup(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.UpdateGroupRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.updateGroup(request);
     }
     /**
@@ -85,7 +168,14 @@ class GroupServiceWeb {
      */
     listGroups(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.ListGroupsRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.listGroups(request);
     }
     /**
@@ -95,7 +185,14 @@ class GroupServiceWeb {
      */
     searchGroups(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.SearchGroupsRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.searchGroups(request);
     }
     /**
@@ -105,7 +202,14 @@ class GroupServiceWeb {
      */
     getGroup(request) {
         // Validate request
-        (0, validation_1.validateRequest)(request);
+        const result = this._validator.validate(service_pb_2.GetGroupRequestSchema, request);
+        if (result.kind === "invalid") {
+            const violations = result.violations.map(v => `${v.field.toString()}: ${v.message}`).join("; ");
+            throw new Error(`Validation failed: ${violations}`);
+        }
+        else if (result.kind === "error") {
+            throw result.error;
+        }
         return this._client.getGroup(request);
     }
 }

package/dist/meshtrade/iam/user/v1/service_web_meshts.d.ts

@@ -1,30 +1,85 @@
-import { Interceptor } from "@connectrpc/connect";
 import { AssignRolesToUserRequest, CreateUserRequest, GetUserByEmailRequest, GetUserRequest, ListUsersRequest, ListUsersResponse, RevokeRolesFromUserRequest, SearchUsersRequest, SearchUsersResponse, UpdateUserRequest } from "./service_pb";
 import { User } from "./user_pb";
-import { ConfigOpts } from "../../../common/config";
+import { ClientOption } from "../../../config";
 /**
  * Web client for interacting with the meshtrade.iam.user.v1 user v1 API resource service.
- * Uses Connect-ES with gRPC-Web transport for browser-compatible gRPC communication.
+ * Uses Connect-ES with gRPC-Web transport for browser-based communication.
+ *
+ * Supports flexible authentication modes using functional options pattern:
+ *
+ * 1. **No Authentication** (public APIs):
+ *    ```typescript
+ *    const client = new UserServiceWeb(
+ *      WithServerUrl("http://localhost:10000")
+ *    );
+ *    ```
+ *
+ * 2. **API Key Authentication** (backend services):
+ *    ```typescript
+ *    const client = new UserServiceWeb(
+ *      WithAPIKey("your-api-key"),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * 3. **JWT Token Authentication** (Next.js frontend with user session):
+ *    ```typescript
+ *    const client = new UserServiceWeb(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * 4. **JWT with Group Context** (user session with specific group):
+ *    ```typescript
+ *    const client = new UserServiceWeb(
+ *      WithJWTAccessToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."),
+ *      WithGroup("groups/01ARZ3NDEKTSV4YWVF8F5BH32"),
+ *      WithServerUrl("https://api.example.com")
+ *    );
+ *    ```
+ *
+ * Available options:
+ * - `WithAPIKey(key)` - API key authentication (mutually exclusive with JWT)
+ * - `WithJWTAccessToken(token)` - JWT authentication (mutually exclusive with API key)
+ * - `WithGroup(group)` - Group context (optional, works with both auth modes)
+ * - `WithServerUrl(url)` - Custom server URL (optional, defaults to production)
  */
 export declare class UserServiceWeb {
     private _client;
     private readonly _config;
     private readonly _interceptors;
+    private readonly _validator;
     /**
      * Constructs an instance of UserServiceWeb.
-     * @param {ConfigOpts} [config] - Optional configuration for the client.
-     * @param {Interceptor[]} [interceptors] - For internal use by `withGroup`.
+     *
+     * Uses functional options pattern for flexible configuration:
+     * - `WithAPIKey(key)` - API key authentication
+     * - `WithJWTAccessToken(token)` - JWT authentication
+     * - `WithGroup(group)` - Group context (optional)
+     * - `WithServerUrl(url)` - Custom server URL (optional)
+     *
+     * @param {...ClientOption} opts - Variable number of configuration options
      */
-    constructor(config?: ConfigOpts, interceptors?: Interceptor[]);
+    constructor(...opts: ClientOption[]);
     /**
      * Returns a new client instance configured to send the specified group
      * resource name in the request headers for subsequent API calls.
      *
+     * This method creates a new client with the same authentication configuration
+     * but with the group context updated to the specified value.
+     *
+     * **Compatibility**: Works with all authentication modes:
+     * - **API key auth**: Creates new client with API key + new group
+     * - **JWT auth**: Creates new client with JWT + new group
+     * - **No auth**: Creates new client with standalone group interceptor
+     *
      * @param {string} group - The operating group context to inject into the request
      *                         in the format `groups/{ulid}` where {ulid} is a 26-character ULID.
      *                         Example: 'groups/01ARZ3NDEKTSV4YWVF8F5BH32'
      * @returns {UserServiceWeb} A new, configured instance of the client.
-     * @throws {Error} If the group format is invalid (validation occurs in createGroupInterceptor)
+     * @throws {Error} If the group format is invalid
      */
     withGroup(group: string): UserServiceWeb;
     /**