@neetru/sdk 2.1.1 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +42 -1
- package/dist/auth.cjs +127 -0
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.d.cts +4 -2
- package/dist/auth.d.ts +4 -2
- package/dist/auth.mjs +127 -1
- package/dist/auth.mjs.map +1 -1
- package/dist/catalog.cjs.map +1 -1
- package/dist/catalog.d.cts +1 -1
- package/dist/catalog.d.ts +1 -1
- package/dist/catalog.mjs.map +1 -1
- package/dist/checkout.cjs.map +1 -1
- package/dist/checkout.d.cts +1 -1
- package/dist/checkout.d.ts +1 -1
- package/dist/checkout.mjs.map +1 -1
- package/dist/db.cjs.map +1 -1
- package/dist/db.d.cts +1 -1
- package/dist/db.d.ts +1 -1
- package/dist/db.mjs.map +1 -1
- package/dist/entitlements.cjs.map +1 -1
- package/dist/entitlements.d.cts +1 -1
- package/dist/entitlements.d.ts +1 -1
- package/dist/entitlements.mjs.map +1 -1
- package/dist/errors.cjs.map +1 -1
- package/dist/errors.d.cts +1 -1
- package/dist/errors.d.ts +1 -1
- package/dist/errors.mjs.map +1 -1
- package/dist/index.cjs +123 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.mjs +123 -0
- package/dist/index.mjs.map +1 -1
- package/dist/mocks.cjs +55 -0
- package/dist/mocks.cjs.map +1 -1
- package/dist/mocks.d.cts +21 -1
- package/dist/mocks.d.ts +21 -1
- package/dist/mocks.mjs +55 -0
- package/dist/mocks.mjs.map +1 -1
- package/dist/notifications.cjs.map +1 -1
- package/dist/notifications.d.cts +1 -1
- package/dist/notifications.d.ts +1 -1
- package/dist/notifications.mjs.map +1 -1
- package/dist/react.d.cts +1 -1
- package/dist/react.d.ts +1 -1
- package/dist/support.cjs.map +1 -1
- package/dist/support.d.cts +1 -1
- package/dist/support.d.ts +1 -1
- package/dist/support.mjs.map +1 -1
- package/dist/telemetry.cjs.map +1 -1
- package/dist/telemetry.d.cts +1 -1
- package/dist/telemetry.d.ts +1 -1
- package/dist/telemetry.mjs.map +1 -1
- package/dist/{types-V1EfjR1p.d.ts → types-CvTje138.d.ts} +45 -1
- package/dist/{types-Cfb-qeDg.d.cts → types-DlDxttiG.d.cts} +45 -1
- package/dist/usage.cjs.map +1 -1
- package/dist/usage.d.cts +1 -1
- package/dist/usage.d.ts +1 -1
- package/dist/usage.mjs.map +1 -1
- package/dist/webhooks.cjs.map +1 -1
- package/dist/webhooks.d.cts +1 -1
- package/dist/webhooks.d.ts +1 -1
- package/dist/webhooks.mjs.map +1 -1
- package/package.json +2 -1
package/dist/index.d.cts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { o as NeetruClientConfig, N as NeetruClient } from './types-
|
|
2
|
-
export { A as AuthNamespace, a as AuthStateListener, C as CatalogListOptions, b as CatalogListResponse, c as CheckoutIntentInfo, d as CheckoutIntentStatus, e as CheckoutNamespace, f as CheckoutStartInput, g as CheckoutStartResult, h as CheckoutTenantType, i as CreateTicketInput, D as DEFAULT_BASE_URL, j as DbNamespace, k as DbSqlLease, l as DbWhereFilter, E as EntitlementCheck, L as ListNotificationsOptions, M as MockCheckout, m as MockNotifications, n as MockWebhooks, p as NeetruDb, q as NeetruDbEngine, r as NeetruDbError, s as NeetruDbErrorCode, t as NeetruDbOptions, u as NeetruEnv, v as NeetruSqlClient, w as NeetruUser, x as NotificationsNamespace, P as Product, y as ProductNotification, z as ProductNotificationSeverity, B as ProductPlan, F as ProductStatus, R as RegisterWebhookInput, G as ResolvedConfig, S as SendNotificationInput, H as SignInOptions, J as SupportNamespace, K as SupportSeverity, O as SupportStatus, Q as SupportTicket, T as TelemetryEventAck, U as TelemetryEventInput, X as UsageEventInput, Y as UsageNamespace, Z as UsageQuota, _ as
|
|
1
|
+
import { o as NeetruClientConfig, N as NeetruClient } from './types-DlDxttiG.cjs';
|
|
2
|
+
export { A as AuthNamespace, a as AuthStateListener, C as CatalogListOptions, b as CatalogListResponse, c as CheckoutIntentInfo, d as CheckoutIntentStatus, e as CheckoutNamespace, f as CheckoutStartInput, g as CheckoutStartResult, h as CheckoutTenantType, i as CreateTicketInput, D as DEFAULT_BASE_URL, j as DbNamespace, k as DbSqlLease, l as DbWhereFilter, E as EntitlementCheck, L as ListNotificationsOptions, M as MockCheckout, m as MockNotifications, n as MockWebhooks, p as NeetruDb, q as NeetruDbEngine, r as NeetruDbError, s as NeetruDbErrorCode, t as NeetruDbOptions, u as NeetruEnv, v as NeetruSqlClient, w as NeetruUser, x as NotificationsNamespace, P as Product, y as ProductNotification, z as ProductNotificationSeverity, B as ProductPlan, F as ProductStatus, R as RegisterWebhookInput, G as ResolvedConfig, S as SendNotificationInput, H as SignInOptions, J as SupportNamespace, K as SupportSeverity, O as SupportStatus, Q as SupportTicket, T as TelemetryEventAck, U as TelemetryEventInput, X as UsageEventInput, Y as UsageNamespace, Z as UsageQuota, _ as VerifyTokenOptions, $ as WebhookEndpoint, a0 as WebhookEvent, a1 as WebhookTestResult, a2 as WebhooksNamespace, a3 as createCheckoutNamespace, a4 as createNeetruDb, a5 as createNotificationsNamespace, a7 as createWebhooksNamespace } from './types-DlDxttiG.cjs';
|
|
3
3
|
export { createNeetruClient } from './auth.cjs';
|
|
4
4
|
export { NeetruError, NeetruErrorCode } from './errors.cjs';
|
|
5
5
|
export { D as DbBatchOp, b as DbChangeType, c as DbCollectionRef, d as DbDoc, e as DbDocRef, f as DbGetResult, g as DbListResult, h as DbQuery } from './collection-ref-DqAAhuhX.cjs';
|
package/dist/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { o as NeetruClientConfig, N as NeetruClient } from './types-
|
|
2
|
-
export { A as AuthNamespace, a as AuthStateListener, C as CatalogListOptions, b as CatalogListResponse, c as CheckoutIntentInfo, d as CheckoutIntentStatus, e as CheckoutNamespace, f as CheckoutStartInput, g as CheckoutStartResult, h as CheckoutTenantType, i as CreateTicketInput, D as DEFAULT_BASE_URL, j as DbNamespace, k as DbSqlLease, l as DbWhereFilter, E as EntitlementCheck, L as ListNotificationsOptions, M as MockCheckout, m as MockNotifications, n as MockWebhooks, p as NeetruDb, q as NeetruDbEngine, r as NeetruDbError, s as NeetruDbErrorCode, t as NeetruDbOptions, u as NeetruEnv, v as NeetruSqlClient, w as NeetruUser, x as NotificationsNamespace, P as Product, y as ProductNotification, z as ProductNotificationSeverity, B as ProductPlan, F as ProductStatus, R as RegisterWebhookInput, G as ResolvedConfig, S as SendNotificationInput, H as SignInOptions, J as SupportNamespace, K as SupportSeverity, O as SupportStatus, Q as SupportTicket, T as TelemetryEventAck, U as TelemetryEventInput, X as UsageEventInput, Y as UsageNamespace, Z as UsageQuota, _ as
|
|
1
|
+
import { o as NeetruClientConfig, N as NeetruClient } from './types-CvTje138.js';
|
|
2
|
+
export { A as AuthNamespace, a as AuthStateListener, C as CatalogListOptions, b as CatalogListResponse, c as CheckoutIntentInfo, d as CheckoutIntentStatus, e as CheckoutNamespace, f as CheckoutStartInput, g as CheckoutStartResult, h as CheckoutTenantType, i as CreateTicketInput, D as DEFAULT_BASE_URL, j as DbNamespace, k as DbSqlLease, l as DbWhereFilter, E as EntitlementCheck, L as ListNotificationsOptions, M as MockCheckout, m as MockNotifications, n as MockWebhooks, p as NeetruDb, q as NeetruDbEngine, r as NeetruDbError, s as NeetruDbErrorCode, t as NeetruDbOptions, u as NeetruEnv, v as NeetruSqlClient, w as NeetruUser, x as NotificationsNamespace, P as Product, y as ProductNotification, z as ProductNotificationSeverity, B as ProductPlan, F as ProductStatus, R as RegisterWebhookInput, G as ResolvedConfig, S as SendNotificationInput, H as SignInOptions, J as SupportNamespace, K as SupportSeverity, O as SupportStatus, Q as SupportTicket, T as TelemetryEventAck, U as TelemetryEventInput, X as UsageEventInput, Y as UsageNamespace, Z as UsageQuota, _ as VerifyTokenOptions, $ as WebhookEndpoint, a0 as WebhookEvent, a1 as WebhookTestResult, a2 as WebhooksNamespace, a3 as createCheckoutNamespace, a4 as createNeetruDb, a5 as createNotificationsNamespace, a7 as createWebhooksNamespace } from './types-CvTje138.js';
|
|
3
3
|
export { createNeetruClient } from './auth.js';
|
|
4
4
|
export { NeetruError, NeetruErrorCode } from './errors.js';
|
|
5
5
|
export { D as DbBatchOp, b as DbChangeType, c as DbCollectionRef, d as DbDoc, e as DbDocRef, f as DbGetResult, g as DbListResult, h as DbQuery } from './collection-ref-DqAAhuhX.js';
|
package/dist/index.mjs
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { jwtVerify, createRemoteJWKSet } from 'jose';
|
|
1
2
|
import { openDB } from 'idb';
|
|
2
3
|
|
|
3
4
|
var __defProp = Object.defineProperty;
|
|
@@ -4843,6 +4844,61 @@ var MockAuth = class {
|
|
|
4843
4844
|
this._listeners.delete(listener);
|
|
4844
4845
|
};
|
|
4845
4846
|
}
|
|
4847
|
+
/**
|
|
4848
|
+
* Mock de `verifyToken` — decodifica o JWT sem verificar assinatura (pra testes).
|
|
4849
|
+
* Em dev, retorna o user atual do mock se já estiver logado. Aceita qualquer token
|
|
4850
|
+
* não-vazio sem chamar rede.
|
|
4851
|
+
*
|
|
4852
|
+
* Para simular falhas em testes, use `MockAuth.__mockVerifyToken(fn)`.
|
|
4853
|
+
*/
|
|
4854
|
+
async verifyToken(token) {
|
|
4855
|
+
if (this._verifyTokenOverride) {
|
|
4856
|
+
return this._verifyTokenOverride(token);
|
|
4857
|
+
}
|
|
4858
|
+
if (!token) {
|
|
4859
|
+
throw Object.assign(new Error("Token inv\xE1lido"), { code: "token_invalid_signature" });
|
|
4860
|
+
}
|
|
4861
|
+
try {
|
|
4862
|
+
const parts = token.split(".");
|
|
4863
|
+
if (parts.length === 3) {
|
|
4864
|
+
const b64 = parts[1].replace(/-/g, "+").replace(/_/g, "/");
|
|
4865
|
+
const pad = "=".repeat((4 - b64.length % 4) % 4);
|
|
4866
|
+
const decoded = JSON.parse(
|
|
4867
|
+
typeof atob === "function" ? atob(b64 + pad) : Buffer.from(b64 + pad, "base64").toString("utf-8")
|
|
4868
|
+
);
|
|
4869
|
+
if (typeof decoded.sub === "string") {
|
|
4870
|
+
return {
|
|
4871
|
+
uid: decoded.sub,
|
|
4872
|
+
email: typeof decoded.email === "string" ? decoded.email : "",
|
|
4873
|
+
emailVerified: typeof decoded.email_verified === "boolean" ? decoded.email_verified : void 0,
|
|
4874
|
+
displayName: typeof decoded.name === "string" ? decoded.name : void 0,
|
|
4875
|
+
photoURL: typeof decoded.picture === "string" ? decoded.picture : void 0,
|
|
4876
|
+
isStaff: decoded.is_staff === true,
|
|
4877
|
+
isCustomer: decoded.is_customer === true,
|
|
4878
|
+
tenantId: typeof decoded.tenant_id === "string" ? decoded.tenant_id : void 0,
|
|
4879
|
+
...decoded
|
|
4880
|
+
};
|
|
4881
|
+
}
|
|
4882
|
+
}
|
|
4883
|
+
} catch {
|
|
4884
|
+
}
|
|
4885
|
+
if (this._user) return this._user;
|
|
4886
|
+
throw Object.assign(new Error("Nenhum user mock dispon\xEDvel"), { code: "token_invalid_signature" });
|
|
4887
|
+
}
|
|
4888
|
+
_verifyTokenOverride = null;
|
|
4889
|
+
/**
|
|
4890
|
+
* Injeta override pra `verifyToken` em testes — permite simular expiração,
|
|
4891
|
+
* assinatura inválida etc sem precisar de JWT real.
|
|
4892
|
+
*
|
|
4893
|
+
* @example
|
|
4894
|
+
* ```ts
|
|
4895
|
+
* const mock = new MockAuth(null);
|
|
4896
|
+
* mock.__mockVerifyToken(async () => { throw new NeetruError('token_expired', '...'); });
|
|
4897
|
+
* ```
|
|
4898
|
+
*/
|
|
4899
|
+
__mockVerifyToken(fn) {
|
|
4900
|
+
this._verifyTokenOverride = fn;
|
|
4901
|
+
}
|
|
4846
4902
|
/** Helper de tests — força um user state arbitrário. */
|
|
4847
4903
|
__setUser(user) {
|
|
4848
4904
|
this._user = user;
|
|
@@ -5240,6 +5296,34 @@ function resolveEnv(configEnv) {
|
|
|
5240
5296
|
}
|
|
5241
5297
|
return "prod";
|
|
5242
5298
|
}
|
|
5299
|
+
var _jwksCache = /* @__PURE__ */ new Map();
|
|
5300
|
+
var DEFAULT_JWKS_TTL_MS = 60 * 60 * 1e3;
|
|
5301
|
+
function _getJwks(jwksUrl, cacheTtlMs) {
|
|
5302
|
+
const now = Date.now();
|
|
5303
|
+
const cached = _jwksCache.get(jwksUrl);
|
|
5304
|
+
if (cached && now - cached.createdAt < cacheTtlMs) {
|
|
5305
|
+
return cached.jwks;
|
|
5306
|
+
}
|
|
5307
|
+
const jwks = createRemoteJWKSet(new URL(jwksUrl));
|
|
5308
|
+
_jwksCache.set(jwksUrl, { jwks, createdAt: now });
|
|
5309
|
+
return jwks;
|
|
5310
|
+
}
|
|
5311
|
+
function _jwtPayloadToUser(payload) {
|
|
5312
|
+
const sub = payload.sub ?? "";
|
|
5313
|
+
const email = typeof payload.email === "string" ? payload.email : "";
|
|
5314
|
+
return {
|
|
5315
|
+
uid: sub,
|
|
5316
|
+
email,
|
|
5317
|
+
emailVerified: typeof payload.email_verified === "boolean" ? payload.email_verified : void 0,
|
|
5318
|
+
displayName: typeof payload.name === "string" ? payload.name : void 0,
|
|
5319
|
+
photoURL: typeof payload.picture === "string" ? payload.picture : void 0,
|
|
5320
|
+
isStaff: payload.is_staff === true,
|
|
5321
|
+
isCustomer: payload.is_customer === true,
|
|
5322
|
+
tenantId: typeof payload.tenant_id === "string" ? payload.tenant_id : void 0,
|
|
5323
|
+
// Spreads todos os claims originais (aud, iss, iat, exp, etc).
|
|
5324
|
+
...payload
|
|
5325
|
+
};
|
|
5326
|
+
}
|
|
5243
5327
|
function createOidcAuthNamespace(config) {
|
|
5244
5328
|
const STORAGE_KEY = "neetru_id_token";
|
|
5245
5329
|
const listeners = /* @__PURE__ */ new Set();
|
|
@@ -5347,6 +5431,45 @@ function createOidcAuthNamespace(config) {
|
|
|
5347
5431
|
return () => {
|
|
5348
5432
|
listeners.delete(listener);
|
|
5349
5433
|
};
|
|
5434
|
+
},
|
|
5435
|
+
async verifyToken(token, options) {
|
|
5436
|
+
if (!token || typeof token !== "string") {
|
|
5437
|
+
throw new NeetruError("token_invalid_signature", "token must be a non-empty string");
|
|
5438
|
+
}
|
|
5439
|
+
const overrideAuthUrl = typeof globalThis.NEETRU_AUTH_URL === "string" ? globalThis.NEETRU_AUTH_URL : null;
|
|
5440
|
+
const idpOrigin = overrideAuthUrl ?? config.baseUrl.replace(/^https?:\/\/api\./, "https://auth.");
|
|
5441
|
+
const issuer = idpOrigin;
|
|
5442
|
+
const jwksUrl = `${idpOrigin}/api/v1/oauth/.well-known/jwks.json`;
|
|
5443
|
+
const cacheTtlMs = options?.jwksCacheTtlMs ?? DEFAULT_JWKS_TTL_MS;
|
|
5444
|
+
const audience = config.apiKey ? config.apiKey.split("_")[1] ?? void 0 : void 0;
|
|
5445
|
+
const jwks = _getJwks(jwksUrl, cacheTtlMs);
|
|
5446
|
+
try {
|
|
5447
|
+
const { payload } = await jwtVerify(token, jwks, {
|
|
5448
|
+
issuer,
|
|
5449
|
+
...audience ? { audience } : {},
|
|
5450
|
+
algorithms: ["RS256"]
|
|
5451
|
+
});
|
|
5452
|
+
return _jwtPayloadToUser(payload);
|
|
5453
|
+
} catch (err) {
|
|
5454
|
+
const errName = err?.code ?? err?.name ?? "";
|
|
5455
|
+
const errMsg = err?.message ?? String(err);
|
|
5456
|
+
if (errName === "ERR_JWT_EXPIRED") {
|
|
5457
|
+
throw new NeetruError("token_expired", `Token expired: ${errMsg}`);
|
|
5458
|
+
}
|
|
5459
|
+
if (errName === "ERR_JWS_SIGNATURE_VERIFICATION_FAILED") {
|
|
5460
|
+
throw new NeetruError("token_invalid_signature", `Token signature invalid: ${errMsg}`);
|
|
5461
|
+
}
|
|
5462
|
+
if (errName === "ERR_JWT_CLAIM_VALIDATION_FAILED") {
|
|
5463
|
+
if (errMsg.includes('"aud"') || errMsg.includes("audience")) {
|
|
5464
|
+
throw new NeetruError("token_invalid_audience", `Token audience mismatch: ${errMsg}`);
|
|
5465
|
+
}
|
|
5466
|
+
if (errMsg.includes('"iss"') || errMsg.includes("issuer")) {
|
|
5467
|
+
throw new NeetruError("token_invalid_issuer", `Token issuer mismatch: ${errMsg}`);
|
|
5468
|
+
}
|
|
5469
|
+
throw new NeetruError("token_invalid_signature", `Token claim validation failed: ${errMsg}`);
|
|
5470
|
+
}
|
|
5471
|
+
throw new NeetruError("token_invalid_signature", `Token verification failed: ${errMsg}`);
|
|
5472
|
+
}
|
|
5350
5473
|
}
|
|
5351
5474
|
};
|
|
5352
5475
|
}
|