@mitralab.io/platform-sdk 1.0.1

package/dist/index.mjs

@@ -0,0 +1,735 @@
+// src/utils/http-client.ts
+var HttpClient = class {
+  baseUrl;
+  tokenGetter;
+  onUnauthorized;
+  onError;
+  defaultHeaders;
+  constructor(config) {
+    this.baseUrl = config.baseUrl.replace(/\/$/, "");
+    this.tokenGetter = config.getToken ?? (() => null);
+    this.onUnauthorized = config.onUnauthorized;
+    this.onError = config.onError;
+    this.defaultHeaders = config.defaultHeaders ?? {};
+  }
+  /**
+   * Returns the current authentication token.
+   * @returns The JWT token if authenticated, null otherwise
+   */
+  getToken() {
+    return this.tokenGetter();
+  }
+  /**
+   * Makes an HTTP request with automatic JSON handling and authentication.
+   *
+   * @param path - API endpoint path (e.g., '/users')
+   * @param options - Request options including method, body, headers, and params
+   * @returns Promise resolving to the parsed JSON response
+   * @throws {MitraApiError} When the API returns an error response
+   *
+   * @example
+   * ```typescript
+   * const result = await client.request<User>('/users/123', {
+   *   method: 'PUT',
+   *   body: { name: 'Updated Name' },
+   * });
+   * ```
+   */
+  async request(path, options = {}) {
+    const { method = "GET", body, headers = {}, params, isRetry } = options;
+    let url = `${this.baseUrl}${path}`;
+    if (params) {
+      const searchParams = new URLSearchParams();
+      Object.entries(params).forEach(([key, value]) => {
+        if (value !== void 0) {
+          searchParams.append(key, String(value));
+        }
+      });
+      const queryString = searchParams.toString();
+      if (queryString) {
+        url += `?${queryString}`;
+      }
+    }
+    const requestHeaders = {
+      "Content-Type": "application/json",
+      ...this.defaultHeaders,
+      ...headers
+    };
+    const token = this.tokenGetter();
+    if (token) {
+      requestHeaders["Authorization"] = `Bearer ${token}`;
+    }
+    const response = await fetch(url, {
+      method,
+      headers: requestHeaders,
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (!response.ok) {
+      if (response.status === 401 && !isRetry && this.onUnauthorized) {
+        const refreshed = await this.onUnauthorized();
+        if (refreshed) {
+          return this.request(path, { ...options, isRetry: true });
+        }
+      }
+      const errorBody = await response.json().catch(() => ({}));
+      const error = new MitraApiError(
+        errorBody.message || `Request failed with status ${response.status}`,
+        response.status,
+        errorBody.error_code,
+        errorBody
+      );
+      this.onError?.(error);
+      throw error;
+    }
+    if (response.status === 204) {
+      return void 0;
+    }
+    return response.json();
+  }
+  /**
+   * Makes a GET request.
+   *
+   * @param path - API endpoint path
+   * @param params - Optional query parameters
+   * @returns Promise resolving to the parsed JSON response
+   *
+   * @example
+   * ```typescript
+   * const users = await client.get<User[]>('/users', { limit: 10 });
+   * ```
+   */
+  get(path, params) {
+    return this.request(path, { method: "GET", params });
+  }
+  /**
+   * Makes a POST request.
+   *
+   * @param path - API endpoint path
+   * @param body - Request body (will be JSON stringified)
+   * @returns Promise resolving to the parsed JSON response
+   *
+   * @example
+   * ```typescript
+   * const user = await client.post<User>('/users', { name: 'John', email: 'john@example.com' });
+   * ```
+   */
+  post(path, body) {
+    return this.request(path, { method: "POST", body });
+  }
+  /**
+   * Makes a PUT request.
+   *
+   * @param path - API endpoint path
+   * @param body - Request body (will be JSON stringified)
+   * @returns Promise resolving to the parsed JSON response
+   *
+   * @example
+   * ```typescript
+   * const user = await client.put<User>('/users/123', { name: 'Updated Name' });
+   * ```
+   */
+  put(path, body) {
+    return this.request(path, { method: "PUT", body });
+  }
+  /**
+   * Makes a DELETE request.
+   *
+   * @param path - API endpoint path
+   * @param params - Optional query parameters
+   * @returns Promise resolving to the parsed JSON response (or undefined for 204 responses)
+   *
+   * @example
+   * ```typescript
+   * await client.delete('/users/123');
+   * ```
+   */
+  delete(path, params) {
+    return this.request(path, { method: "DELETE", params });
+  }
+};
+var MitraApiError = class extends Error {
+  constructor(message, status, code, details) {
+    super(message);
+    this.status = status;
+    this.code = code;
+    this.details = details;
+    this.name = "MitraApiError";
+  }
+};
+
+// src/modules/auth.ts
+var AuthModule = class {
+  appId;
+  _currentUser = null;
+  _accessToken = null;
+  _refreshToken = null;
+  refreshPromise = null;
+  listeners = /* @__PURE__ */ new Set();
+  storageKey;
+  publicClient;
+  authedClient;
+  constructor(appId, iamBaseUrl) {
+    this.appId = appId;
+    this.storageKey = `mitra_auth_${appId}`;
+    this.publicClient = new HttpClient({ baseUrl: iamBaseUrl, getToken: () => null });
+    this.authedClient = new HttpClient({ baseUrl: iamBaseUrl, getToken: () => this._accessToken });
+    this.loadFromStorage();
+  }
+  /** The currently authenticated user, or null. */
+  get currentUser() {
+    return this._currentUser;
+  }
+  /** The current JWT access token, or null. */
+  get accessToken() {
+    return this._accessToken;
+  }
+  /** Whether a user is currently authenticated (local check, not server-validated). */
+  get isAuthenticated() {
+    return this._currentUser !== null && this._accessToken !== null;
+  }
+  /**
+   * Signs in a user with email and password.
+   *
+   * On success, stores access token, refresh token, and user data.
+   * Subsequent API requests use the token automatically.
+   *
+   * @param credentials - Email and password.
+   * @returns The authenticated user.
+   * @throws {MitraApiError} On invalid credentials (401).
+   *
+   * @example
+   * ```typescript
+   * const user = await mitra.auth.signIn({
+   *   email: 'user@example.com',
+   *   password: 'password123',
+   * });
+   * ```
+   */
+  async signIn(credentials) {
+    const tokenResponse = await this.publicClient.post(
+      "/api/v1/auth/tokens",
+      credentials
+    );
+    this._accessToken = tokenResponse.accessToken;
+    this._refreshToken = tokenResponse.refreshToken;
+    const user = await this.authedClient.get("/api/v1/auth/me");
+    this.setAuthState(user, tokenResponse.accessToken, tokenResponse.refreshToken);
+    return user;
+  }
+  /**
+   * Registers a new user and signs them in automatically.
+   *
+   * @param data - Email, password, and optional name.
+   * @returns The newly created and authenticated user.
+   * @throws {MitraApiError} On duplicate email (409) or validation error (400).
+   *
+   * @example
+   * ```typescript
+   * const user = await mitra.auth.signUp({
+   *   email: 'new@example.com',
+   *   password: 'securepassword',
+   *   name: 'Jane Doe',
+   * });
+   * ```
+   */
+  async signUp(data) {
+    await this.publicClient.post("/api/v1/auth/users/register", {
+      ...data,
+      appId: this.appId
+    });
+    return this.signIn({ email: data.email, password: data.password });
+  }
+  /**
+   * Signs out the current user, clearing all auth state and localStorage.
+   *
+   * @param redirectUrl - Optional URL to navigate to after sign-out.
+   *
+   * @example
+   * ```typescript
+   * mitra.auth.signOut();
+   * mitra.auth.signOut('/login');
+   * ```
+   */
+  signOut(redirectUrl) {
+    this.clearAuthState();
+    if (globalThis.window !== void 0 && redirectUrl) {
+      globalThis.window.location.href = redirectUrl;
+    }
+  }
+  /**
+   * Refreshes the session using the stored refresh token.
+   *
+   * Called automatically by the SDK on 401 responses. Can also be called
+   * manually. Multiple concurrent calls are deduplicated (only one refresh
+   * request is made).
+   *
+   * @returns `true` if refresh succeeded, `false` otherwise.
+   *
+   * @example
+   * ```typescript
+   * const ok = await mitra.auth.refreshSession();
+   * if (!ok) mitra.auth.redirectToLogin();
+   * ```
+   */
+  async refreshSession() {
+    if (!this._refreshToken) return false;
+    if (this.refreshPromise) return this.refreshPromise;
+    this.refreshPromise = this.doRefresh();
+    try {
+      return await this.refreshPromise;
+    } finally {
+      this.refreshPromise = null;
+    }
+  }
+  /**
+   * Fetches the current user from the server and updates local state.
+   *
+   * Only clears auth state on 401 (expired/invalid token).
+   * Transient errors (500, network) return null without clearing the session.
+   *
+   * @returns The user if authenticated, `null` otherwise.
+   *
+   * @example
+   * ```typescript
+   * const user = await mitra.auth.me();
+   * if (!user) console.log('Not authenticated');
+   * ```
+   */
+  async me() {
+    if (!this._accessToken) return null;
+    try {
+      const user = await this.authedClient.get("/api/v1/auth/me");
+      this._currentUser = user;
+      this.saveToStorage();
+      this.notifyListeners();
+      return user;
+    } catch (error) {
+      if (error instanceof MitraApiError && error.status === 401) {
+        this.clearAuthState();
+      }
+      return null;
+    }
+  }
+  /**
+   * Validates the current session with the server.
+   *
+   * @returns `true` if the session is valid, `false` otherwise.
+   *
+   * @example
+   * ```typescript
+   * const valid = await mitra.auth.checkAuth();
+   * if (!valid) mitra.auth.redirectToLogin();
+   * ```
+   */
+  async checkAuth() {
+    return await this.me() !== null;
+  }
+  /**
+   * Sets the access token manually (e.g., from SSO/OAuth callback).
+   *
+   * Call `me()` afterwards to fetch the associated user data.
+   *
+   * @param token - JWT access token.
+   * @param saveToStorage - Whether to persist to localStorage (default: true).
+   *
+   * @example
+   * ```typescript
+   * mitra.auth.setToken(tokenFromCallback);
+   * await mitra.auth.me();
+   * ```
+   */
+  setToken(token, saveToStorage = true) {
+    this._accessToken = token;
+    if (saveToStorage) {
+      this.saveToStorage();
+    }
+  }
+  /**
+   * Redirects to `/login?returnUrl=...` for unauthenticated users.
+   *
+   * @param returnUrl - URL to return to after login (default: '/').
+   *
+   * @example
+   * ```typescript
+   * if (!mitra.auth.isAuthenticated) {
+   *   mitra.auth.redirectToLogin(window.location.pathname);
+   * }
+   * ```
+   */
+  redirectToLogin(returnUrl = "/") {
+    if (globalThis.window === void 0) return;
+    globalThis.window.location.href = `/login?returnUrl=${encodeURIComponent(returnUrl)}`;
+  }
+  /**
+   * Registers a callback for auth state changes.
+   *
+   * Called immediately with the current state, then on every sign-in/sign-out.
+   *
+   * @param callback - Receives the User on login, null on logout.
+   * @returns Unsubscribe function.
+   *
+   * @example
+   * ```typescript
+   * useEffect(() => {
+   *   const unsub = mitra.auth.onAuthStateChange((user) => {
+   *     setUser(user);
+   *     setLoading(false);
+   *   });
+   *   return unsub;
+   * }, []);
+   * ```
+   */
+  onAuthStateChange(callback) {
+    this.listeners.add(callback);
+    callback(this._currentUser);
+    return () => {
+      this.listeners.delete(callback);
+    };
+  }
+  async doRefresh() {
+    try {
+      const tokenResponse = await this.publicClient.post(
+        "/api/v1/auth/tokens/refresh",
+        { refreshToken: this._refreshToken }
+      );
+      this._accessToken = tokenResponse.accessToken;
+      this._refreshToken = tokenResponse.refreshToken;
+      const user = await this.authedClient.get("/api/v1/auth/me");
+      this.setAuthState(user, tokenResponse.accessToken, tokenResponse.refreshToken);
+      return true;
+    } catch {
+      this.clearAuthState();
+      return false;
+    }
+  }
+  setAuthState(user, token, refreshToken) {
+    this._currentUser = user;
+    this._accessToken = token;
+    this._refreshToken = refreshToken;
+    this.saveToStorage();
+    this.notifyListeners();
+  }
+  clearAuthState() {
+    this._currentUser = null;
+    this._accessToken = null;
+    this._refreshToken = null;
+    this.removeFromStorage();
+    this.notifyListeners();
+  }
+  notifyListeners() {
+    this.listeners.forEach((callback) => {
+      try {
+        callback(this._currentUser);
+      } catch (error) {
+        console.error("Auth state change listener error:", error);
+      }
+    });
+  }
+  saveToStorage() {
+    if (typeof localStorage === "undefined") return;
+    try {
+      localStorage.setItem(
+        this.storageKey,
+        JSON.stringify({
+          user: this._currentUser,
+          token: this._accessToken,
+          refreshToken: this._refreshToken
+        })
+      );
+    } catch {
+    }
+  }
+  loadFromStorage() {
+    if (typeof localStorage === "undefined") return;
+    try {
+      const stored = localStorage.getItem(this.storageKey);
+      if (stored) {
+        const { user, token, refreshToken } = JSON.parse(stored);
+        this._currentUser = user;
+        this._accessToken = token;
+        this._refreshToken = refreshToken ?? null;
+      }
+    } catch {
+      this.removeFromStorage();
+    }
+  }
+  removeFromStorage() {
+    if (typeof localStorage === "undefined") return;
+    try {
+      localStorage.removeItem(this.storageKey);
+    } catch {
+    }
+  }
+};
+
+// src/modules/entities.ts
+var EntitiesModule = class _EntitiesModule {
+  httpClient;
+  dataSourceId;
+  tableProxies = /* @__PURE__ */ new Map();
+  constructor(httpClient, dataSourceId) {
+    this.httpClient = httpClient;
+    this.dataSourceId = dataSourceId;
+  }
+  static createProxy(httpClient, dataSourceId) {
+    const instance = new _EntitiesModule(httpClient, dataSourceId);
+    return new Proxy(instance, {
+      get: (target, prop) => {
+        if (prop in target) {
+          return target[prop];
+        }
+        return target.getTable(prop);
+      }
+    });
+  }
+  setDataSourceId(dataSourceId) {
+    this.dataSourceId = dataSourceId;
+    this.tableProxies.clear();
+  }
+  getTable(tableName) {
+    if (!this.tableProxies.has(tableName)) {
+      this.tableProxies.set(tableName, this.createTableAccessor(tableName));
+    }
+    return this.tableProxies.get(tableName);
+  }
+  createTableAccessor(tableName) {
+    const basePath = `/api/v1/data-sources/${this.dataSourceId}/tables/${tableName}/records`;
+    return {
+      list: async (sortOrOptions, limit, skip, fields) => {
+        let params;
+        if (typeof sortOrOptions === "string" || sortOrOptions === void 0) {
+          params = {
+            sort: sortOrOptions,
+            limit,
+            skip,
+            fields: fields?.join(",")
+          };
+        } else {
+          params = {
+            sort: sortOrOptions.sort,
+            limit: sortOrOptions.limit,
+            skip: sortOrOptions.skip,
+            fields: sortOrOptions.fields?.join(",")
+          };
+        }
+        const response = await this.httpClient.get(basePath, params);
+        return response.data;
+      },
+      filter: async (query, sort, limit, skip, fields) => {
+        const params = {
+          q: JSON.stringify(query),
+          sort,
+          limit,
+          skip,
+          fields: fields?.join(",")
+        };
+        const response = await this.httpClient.get(basePath, params);
+        return response.data;
+      },
+      get: async (id) => {
+        return this.httpClient.get(`${basePath}/${id}`);
+      },
+      create: async (data) => {
+        return this.httpClient.post(basePath, data);
+      },
+      update: async (id, data) => {
+        return this.httpClient.put(`${basePath}/${id}`, data);
+      },
+      delete: async (id) => {
+        return this.httpClient.delete(`${basePath}/${id}`);
+      },
+      deleteMany: async (query) => {
+        return this.httpClient.delete(basePath, {
+          q: JSON.stringify(query)
+        });
+      },
+      bulkCreate: async (data) => {
+        return this.httpClient.post(`${basePath}/bulk`, data);
+      }
+    };
+  }
+};
+
+// src/modules/functions.ts
+var FunctionsModule = class {
+  httpClient;
+  constructor(httpClient) {
+    this.httpClient = httpClient;
+  }
+  /**
+   * Executes a serverless function by ID.
+   *
+   * Triggers the function's current published version with the provided input.
+   *
+   * @param functionId - UUID of the function to execute.
+   * @param input - Input data to pass to the function.
+   * @returns The execution result with status, output, and metadata.
+   * @throws {MitraApiError} On function not found (404) or unauthorized (401).
+   *
+   * @example
+   * ```typescript
+   * const execution = await mitra.functions.execute('fn-id', { key: 'value' });
+   * console.log(execution.status, execution.output);
+   * ```
+   */
+  async execute(functionId, input) {
+    return this.httpClient.post(
+      `/api/v1/functions/${functionId}/execute`,
+      input ? { input } : void 0
+    );
+  }
+};
+
+// src/modules/integration.ts
+var IntegrationModule = class {
+  httpClient;
+  constructor(httpClient) {
+    this.httpClient = httpClient;
+  }
+  /**
+   * Executes a pre-defined integration resource by ID.
+   *
+   * The resource's endpoint, method, and body are resolved server-side
+   * using the provided parameters. Only declared parameters can be passed.
+   *
+   * @param resourceId - UUID of the integration resource.
+   * @param params - Named parameters declared in the resource's params schema.
+   * @returns Proxy result with status, headers, body, and execution metadata.
+   * @throws {MitraApiError} On resource not found (404) or external API failure.
+   *
+   * @example
+   * ```typescript
+   * const result = await mitra.integration.executeResource('resource-id', {
+   *   descricao: 'Notebook',
+   *   limit: 10,
+   * });
+   * console.log(result.body);
+   * ```
+   */
+  async executeResource(resourceId, params) {
+    return this.httpClient.post(
+      `/api/v1/proxy/resources/${resourceId}/execute`,
+      { params }
+    );
+  }
+  /**
+   * Executes a proxied HTTP request through an integration config.
+   *
+   * The Mitra server handles authentication and injects credentials automatically.
+   * Note: integrations configured with RESOURCE_ONLY mode will block direct proxy access.
+   *
+   * @param configId - UUID of the integration config.
+   * @param request - The HTTP request to proxy (method, endpoint, body, etc.).
+   * @returns Proxy result with status, headers, body, and execution metadata.
+   * @throws {MitraApiError} On config not found (404) or external API failure.
+   */
+  async execute(configId, request) {
+    return this.httpClient.post(
+      `/api/v1/proxy/template-configs/${configId}/execute`,
+      { ...request, source: "SDK" }
+    );
+  }
+};
+
+// src/modules/queries.ts
+var QueriesModule = class {
+  httpClient;
+  dataSourceId = "";
+  constructor(httpClient) {
+    this.httpClient = httpClient;
+  }
+  /** @internal Called by client.init() to set the resolved data source. */
+  setDataSourceId(dataSourceId) {
+    this.dataSourceId = dataSourceId;
+  }
+  /**
+   * Executes a named query.
+   *
+   * @param id - UUID of the custom query.
+   * @param parameters - Named parameters for the prepared statement.
+   * @returns Query result with rows and affected row count.
+   * @throws {MitraApiError} On query not found (404).
+   *
+   * @example
+   * ```typescript
+   * const result = await mitra.queries.execute('query-id', { status: 'active' });
+   * console.log(`Found ${result.rows.length} rows`);
+   * ```
+   */
+  async execute(id, parameters) {
+    return this.httpClient.post(
+      `/api/v1/custom-queries/${id}/execute`,
+      { datasourceId: this.dataSourceId, parameters }
+    );
+  }
+};
+
+// src/client.ts
+function createClient(config) {
+  const { appId, apiUrl, onError } = config;
+  const iamUrl = `${apiUrl}/iam`;
+  const dataManagerUrl = `${apiUrl}/data-manager`;
+  const functionsUrl = `${apiUrl}/functions`;
+  const integrationUrl = `${apiUrl}/integration`;
+  const codeStudioUrl = `${apiUrl}/code-studio`;
+  const authModule = new AuthModule(appId, iamUrl);
+  const onUnauthorized = () => authModule.refreshSession();
+  const defaultHeaders = { "X-App-Id": appId };
+  const httpClient = new HttpClient({
+    baseUrl: dataManagerUrl,
+    getToken: () => authModule.accessToken,
+    onUnauthorized,
+    onError,
+    defaultHeaders
+  });
+  const entitiesModule = EntitiesModule.createProxy(httpClient, "");
+  const functionsHttpClient = new HttpClient({
+    baseUrl: functionsUrl,
+    getToken: () => authModule.accessToken,
+    onUnauthorized,
+    onError,
+    defaultHeaders
+  });
+  const functionsModule = new FunctionsModule(functionsHttpClient);
+  const integrationHttpClient = new HttpClient({
+    baseUrl: integrationUrl,
+    getToken: () => authModule.accessToken,
+    onUnauthorized,
+    onError,
+    defaultHeaders
+  });
+  const integrationModule = new IntegrationModule(integrationHttpClient);
+  const queriesModule = new QueriesModule(httpClient);
+  let initialized = false;
+  let allowSignup = true;
+  async function init() {
+    if (initialized) return;
+    const publicClient = new HttpClient({
+      baseUrl: codeStudioUrl,
+      getToken: () => null
+    });
+    const appInfo = await publicClient.get(
+      `/api/v1/apps/${appId}/info`
+    );
+    entitiesModule.setDataSourceId(appInfo.dataSourceId);
+    queriesModule.setDataSourceId(appInfo.dataSourceId);
+    allowSignup = appInfo.allowSignup;
+    initialized = true;
+  }
+  return {
+    init,
+    auth: authModule,
+    entities: entitiesModule,
+    functions: functionsModule,
+    integration: integrationModule,
+    queries: queriesModule,
+    get allowSignup() {
+      return allowSignup;
+    },
+    config
+  };
+}
+export {
+  MitraApiError,
+  createClient
+};