@nikcli-ai/sdk 0.0.6

package/dist/client.d.ts

@@ -0,0 +1,7 @@
+export * from "./gen/types.gen.js";
+import { type Config } from "./gen/client/types.gen.js";
+import { NikcliClient } from "./gen/sdk.gen.js";
+export { type Config as NikcliClientConfig, NikcliClient };
+export declare function createNikcliClient(config?: Config & {
+    directory?: string;
+}): NikcliClient;

package/dist/client.js

@@ -0,0 +1,25 @@
+export * from "./gen/types.gen.js";
+import { createClient } from "./gen/client/client.gen.js";
+import { NikcliClient } from "./gen/sdk.gen.js";
+export { NikcliClient };
+export function createNikcliClient(config) {
+    if (!config?.fetch) {
+        const customFetch = (req) => {
+            // @ts-ignore
+            req.timeout = false;
+            return fetch(req);
+        };
+        config = {
+            ...config,
+            fetch: customFetch,
+        };
+    }
+    if (config?.directory) {
+        config.headers = {
+            ...config.headers,
+            "x-nikcli-directory": config.directory,
+        };
+    }
+    const client = createClient(config);
+    return new NikcliClient({ client });
+}

package/dist/cloud/client.d.ts

@@ -0,0 +1,45 @@
+import type { AppendMessageInput, CloudClientConfig, CloudDevice, CloudMessage, CloudSession, CloudSyncOperation, CloudUser, PullSyncInput, PushSyncInput, RegisterDeviceInput, UpsertSessionInput } from "./types.js";
+type RelaySocketFactory = (url: string) => WebSocket;
+export declare class CloudClientError extends Error {
+    readonly status: number;
+    readonly code?: string;
+    readonly details?: unknown;
+    constructor(message: string, status: number, code?: string, details?: unknown);
+}
+export interface RelaySocketOptions {
+    deviceID?: string;
+    webSocketFactory?: RelaySocketFactory;
+}
+export declare class NikcliCloudClient {
+    private readonly baseUrl;
+    private readonly customFetch;
+    private readonly getToken;
+    private readonly staticHeaders;
+    constructor(config: CloudClientConfig);
+    private buildURL;
+    private request;
+    me(): Promise<CloudUser>;
+    registerDevice(input: RegisterDeviceInput): Promise<CloudDevice>;
+    listDevices(): Promise<CloudDevice[]>;
+    listSessions(limit?: number): Promise<CloudSession[]>;
+    getSession(sessionID: string): Promise<CloudSession>;
+    upsertSession(sessionID: string, input: UpsertSessionInput): Promise<CloudSession>;
+    deleteSession(sessionID: string): Promise<void>;
+    listMessages(sessionID: string, options?: {
+        after?: number;
+        limit?: number;
+    }): Promise<CloudMessage[]>;
+    appendMessage(sessionID: string, input: AppendMessageInput): Promise<CloudMessage>;
+    pushSync(input: PushSyncInput): Promise<{
+        ok: true;
+        applied: number;
+        cursor: number;
+    }>;
+    pullSync(input: PullSyncInput): Promise<{
+        operations: CloudSyncOperation[];
+        cursor: number;
+    }>;
+    openRelaySocket(sessionID: string, options?: RelaySocketOptions): Promise<WebSocket>;
+}
+export declare function createNikcliCloudClient(config: CloudClientConfig): NikcliCloudClient;
+export {};

package/dist/cloud/client.js

@@ -0,0 +1,125 @@
+export class CloudClientError extends Error {
+    status;
+    code;
+    details;
+    constructor(message, status, code, details) {
+        super(message);
+        this.name = "CloudClientError";
+        this.status = status;
+        this.code = code;
+        this.details = details;
+    }
+}
+export class NikcliCloudClient {
+    baseUrl;
+    customFetch;
+    getToken;
+    staticHeaders;
+    constructor(config) {
+        this.baseUrl = new URL(config.baseUrl);
+        this.customFetch = config.fetch ?? fetch;
+        this.staticHeaders = { ...(config.headers ?? {}) };
+        if (config.getToken) {
+            this.getToken = async () => config.getToken();
+        }
+        else if (config.token) {
+            const token = config.token;
+            this.getToken = async () => token;
+        }
+        else {
+            throw new CloudClientError("Missing authentication token provider", 401, "MISSING_TOKEN");
+        }
+    }
+    buildURL(pathname) {
+        return new URL(pathname, this.baseUrl);
+    }
+    async request(method, pathname, body) {
+        const token = await this.getToken();
+        if (!token) {
+            throw new CloudClientError("Authentication token is empty", 401, "MISSING_TOKEN");
+        }
+        const headers = {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`,
+            ...this.staticHeaders,
+        };
+        const response = await this.customFetch(this.buildURL(pathname), {
+            method,
+            headers,
+            ...(body !== undefined ? { body: JSON.stringify(body) } : {}),
+        });
+        const text = await response.text();
+        const isJson = response.headers.get("content-type")?.includes("application/json") ?? false;
+        const parsed = isJson && text ? JSON.parse(text) : text;
+        if (!response.ok) {
+            const payload = (typeof parsed === "object" && parsed ? parsed : {});
+            throw new CloudClientError(payload.error?.message || `Cloud request failed with status ${response.status}`, response.status, payload.error?.code, payload.error?.details);
+        }
+        return parsed;
+    }
+    me() {
+        return this.request("GET", "/auth/me");
+    }
+    async registerDevice(input) {
+        const result = await this.request("POST", "/auth/device/register", input);
+        return result.device;
+    }
+    async listDevices() {
+        const result = await this.request("GET", "/devices");
+        return result.devices;
+    }
+    async listSessions(limit) {
+        const query = limit ? `?limit=${encodeURIComponent(String(limit))}` : "";
+        const result = await this.request("GET", `/sessions${query}`);
+        return result.sessions;
+    }
+    async getSession(sessionID) {
+        const result = await this.request("GET", `/sessions/${encodeURIComponent(sessionID)}`);
+        return result.session;
+    }
+    async upsertSession(sessionID, input) {
+        const result = await this.request("PUT", `/sessions/${encodeURIComponent(sessionID)}`, input);
+        return result.session;
+    }
+    async deleteSession(sessionID) {
+        await this.request("DELETE", `/sessions/${encodeURIComponent(sessionID)}`);
+    }
+    async listMessages(sessionID, options) {
+        const params = new URLSearchParams();
+        if (typeof options?.after === "number")
+            params.set("after", String(options.after));
+        if (typeof options?.limit === "number")
+            params.set("limit", String(options.limit));
+        const query = params.toString() ? `?${params.toString()}` : "";
+        const result = await this.request("GET", `/sessions/${encodeURIComponent(sessionID)}/messages${query}`);
+        return result.messages;
+    }
+    async appendMessage(sessionID, input) {
+        const result = await this.request("POST", `/sessions/${encodeURIComponent(sessionID)}/messages`, input);
+        return result.message;
+    }
+    async pushSync(input) {
+        return this.request("POST", "/sync/push", input);
+    }
+    async pullSync(input) {
+        return this.request("POST", "/sync/pull", input);
+    }
+    async openRelaySocket(sessionID, options) {
+        const token = await this.getToken();
+        if (!token) {
+            throw new CloudClientError("Authentication token is empty", 401, "MISSING_TOKEN");
+        }
+        const relayPath = `/relay/${encodeURIComponent(sessionID)}`;
+        const url = new URL(relayPath, this.baseUrl);
+        url.protocol = url.protocol === "https:" ? "wss:" : "ws:";
+        url.searchParams.set("token", token);
+        if (options?.deviceID) {
+            url.searchParams.set("deviceID", options.deviceID);
+        }
+        const factory = options?.webSocketFactory ?? ((relayUrl) => new WebSocket(relayUrl));
+        return factory(url.toString());
+    }
+}
+export function createNikcliCloudClient(config) {
+    return new NikcliCloudClient(config);
+}

package/dist/cloud/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./types.js";
+export { CloudClientError, NikcliCloudClient, createNikcliCloudClient, type RelaySocketOptions } from "./client.js";

package/dist/cloud/index.js

@@ -0,0 +1,2 @@
+export * from "./types.js";
+export { CloudClientError, NikcliCloudClient, createNikcliCloudClient } from "./client.js";

package/dist/cloud/types.d.ts

@@ -0,0 +1,100 @@
+export type CloudPlatform = "ios" | "android" | "web" | "desktop";
+export interface CloudUser {
+    userID: string;
+    email?: string;
+    claims: Record<string, unknown>;
+}
+export interface CloudDevice {
+    id: string;
+    userID: string;
+    name: string;
+    platform: CloudPlatform;
+    publicKey: string;
+    pushToken?: string;
+    createdAt: number;
+    lastSeen: number;
+}
+export interface CloudSession {
+    id: string;
+    userID: string;
+    title: string;
+    directoryHash?: string;
+    encryptedState: string;
+    syncVersion: number;
+    createdAt: number;
+    updatedAt: number;
+}
+export interface CloudMessage {
+    id: string;
+    sessionID: string;
+    userID: string;
+    deviceID?: string;
+    role: "user" | "assistant" | "system" | "tool";
+    encryptedContent: string;
+    createdAt: number;
+    syncVersion: number;
+}
+export interface CloudSyncOperation {
+    id: number;
+    userID: string;
+    sessionID: string;
+    deviceID?: string;
+    operation: "upsert" | "delete";
+    entityType: "session" | "message";
+    entityID: string;
+    payload?: string;
+    hash: string;
+    createdAt: number;
+}
+export interface CloudSyncPushOperation {
+    sessionID: string;
+    entityType: "session" | "message";
+    operation: "upsert" | "delete";
+    entityID: string;
+    payload?: string;
+    hash: string;
+    timestamp: number;
+}
+export interface CloudClientConfig {
+    baseUrl: string;
+    token?: string;
+    getToken?: () => Promise<string> | string;
+    fetch?: typeof globalThis.fetch;
+    headers?: Record<string, string>;
+}
+export interface RegisterDeviceInput {
+    deviceID: string;
+    name: string;
+    platform: CloudPlatform;
+    publicKey: string;
+    pushToken?: string;
+}
+export interface UpsertSessionInput {
+    title: string;
+    directoryHash?: string;
+    encryptedState: string;
+    syncVersion?: number;
+}
+export interface AppendMessageInput {
+    messageID: string;
+    deviceID?: string;
+    role: CloudMessage["role"];
+    encryptedContent: string;
+    createdAt?: number;
+    syncVersion?: number;
+}
+export interface PullSyncInput {
+    since: number;
+    limit?: number;
+}
+export interface PushSyncInput {
+    deviceID: string;
+    operations: CloudSyncPushOperation[];
+}
+export interface CloudErrorPayload {
+    error?: {
+        code: string;
+        message: string;
+        details?: unknown;
+    };
+}

package/dist/cloud/types.js

@@ -0,0 +1 @@
+export {};

package/dist/crypto/e2e.d.ts

@@ -0,0 +1,30 @@
+export interface E2EIdentity {
+    publicKey: string;
+    privateKey: string;
+}
+export interface E2EPeer {
+    id: string;
+    publicKey: string;
+}
+export interface E2EEncryptedPayload {
+    version: 1;
+    iv: string;
+    ciphertext: string;
+}
+export declare class E2ECryptoError extends Error {
+    constructor(message: string);
+}
+export declare class E2ECrypto {
+    private keyPair;
+    private readonly peerKeys;
+    static create(): Promise<E2ECrypto>;
+    generateIdentity(): Promise<E2EIdentity>;
+    importIdentity(identity: E2EIdentity): Promise<void>;
+    exportIdentity(): Promise<E2EIdentity>;
+    setPeer(peer: E2EPeer): Promise<void>;
+    removePeer(peerID: string): void;
+    fingerprint(publicKey: string): Promise<string>;
+    encrypt(peerID: string, plaintext: string | Uint8Array): Promise<E2EEncryptedPayload>;
+    decrypt(peerID: string, payload: E2EEncryptedPayload): Promise<Uint8Array>;
+    decryptText(peerID: string, payload: E2EEncryptedPayload): Promise<string>;
+}

package/dist/crypto/e2e.js

@@ -0,0 +1,172 @@
+export class E2ECryptoError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "E2ECryptoError";
+    }
+}
+function getCrypto() {
+    if (!globalThis.crypto) {
+        throw new E2ECryptoError("Web Crypto API is not available in this runtime");
+    }
+    return globalThis.crypto;
+}
+function getSubtle() {
+    const subtle = getCrypto().subtle;
+    if (!subtle) {
+        throw new E2ECryptoError("SubtleCrypto is not available in this runtime");
+    }
+    return subtle;
+}
+function toBase64(input) {
+    const bytes = input instanceof Uint8Array ? input : new Uint8Array(input);
+    if (typeof Buffer !== "undefined") {
+        return Buffer.from(bytes).toString("base64");
+    }
+    let text = "";
+    for (const value of bytes) {
+        text += String.fromCharCode(value);
+    }
+    return btoa(text);
+}
+function fromBase64(input) {
+    if (typeof Buffer !== "undefined") {
+        return new Uint8Array(Buffer.from(input, "base64"));
+    }
+    const decoded = atob(input);
+    const bytes = new Uint8Array(decoded.length);
+    for (let i = 0; i < decoded.length; i++) {
+        bytes[i] = decoded.charCodeAt(i);
+    }
+    return bytes;
+}
+function toArrayBuffer(bytes) {
+    const start = bytes.byteOffset;
+    const end = bytes.byteOffset + bytes.byteLength;
+    return bytes.buffer.slice(start, end);
+}
+function ensurePeerKey(peerKey, peerID) {
+    if (!peerKey) {
+        throw new E2ECryptoError(`Missing public key for peer '${peerID}'`);
+    }
+    return peerKey;
+}
+export class E2ECrypto {
+    keyPair = null;
+    peerKeys = new Map();
+    static async create() {
+        const instance = new E2ECrypto();
+        await instance.generateIdentity();
+        return instance;
+    }
+    async generateIdentity() {
+        const subtle = getSubtle();
+        this.keyPair = await subtle.generateKey({
+            name: "ECDH",
+            namedCurve: "P-256",
+        }, true, ["deriveKey"]);
+        const publicKey = await subtle.exportKey("spki", this.keyPair.publicKey);
+        const privateKey = await subtle.exportKey("pkcs8", this.keyPair.privateKey);
+        return {
+            publicKey: toBase64(publicKey),
+            privateKey: toBase64(privateKey),
+        };
+    }
+    async importIdentity(identity) {
+        const subtle = getSubtle();
+        const [publicKey, privateKey] = await Promise.all([
+            subtle.importKey("spki", toArrayBuffer(fromBase64(identity.publicKey)), {
+                name: "ECDH",
+                namedCurve: "P-256",
+            }, true, []),
+            subtle.importKey("pkcs8", toArrayBuffer(fromBase64(identity.privateKey)), {
+                name: "ECDH",
+                namedCurve: "P-256",
+            }, true, ["deriveKey"]),
+        ]);
+        this.keyPair = {
+            publicKey,
+            privateKey,
+        };
+    }
+    async exportIdentity() {
+        if (!this.keyPair) {
+            throw new E2ECryptoError("Identity has not been initialized");
+        }
+        const subtle = getSubtle();
+        const [publicKey, privateKey] = await Promise.all([
+            subtle.exportKey("spki", this.keyPair.publicKey),
+            subtle.exportKey("pkcs8", this.keyPair.privateKey),
+        ]);
+        return {
+            publicKey: toBase64(publicKey),
+            privateKey: toBase64(privateKey),
+        };
+    }
+    async setPeer(peer) {
+        const subtle = getSubtle();
+        const key = await subtle.importKey("spki", toArrayBuffer(fromBase64(peer.publicKey)), {
+            name: "ECDH",
+            namedCurve: "P-256",
+        }, true, []);
+        this.peerKeys.set(peer.id, key);
+    }
+    removePeer(peerID) {
+        this.peerKeys.delete(peerID);
+    }
+    async fingerprint(publicKey) {
+        const subtle = getSubtle();
+        const digest = await subtle.digest("SHA-256", toArrayBuffer(fromBase64(publicKey)));
+        return [...new Uint8Array(digest)]
+            .map((item) => item.toString(16).padStart(2, "0"))
+            .join("")
+            .slice(0, 32);
+    }
+    async encrypt(peerID, plaintext) {
+        if (!this.keyPair) {
+            throw new E2ECryptoError("Identity has not been initialized");
+        }
+        const peerKey = ensurePeerKey(this.peerKeys.get(peerID), peerID);
+        const subtle = getSubtle();
+        const aesKey = await subtle.deriveKey({
+            name: "ECDH",
+            public: peerKey,
+        }, this.keyPair.privateKey, {
+            name: "AES-GCM",
+            length: 256,
+        }, false, ["encrypt", "decrypt"]);
+        const iv = getCrypto().getRandomValues(new Uint8Array(12));
+        const data = typeof plaintext === "string" ? new TextEncoder().encode(plaintext) : plaintext;
+        const encrypted = await subtle.encrypt({
+            name: "AES-GCM",
+            iv: toArrayBuffer(iv),
+        }, aesKey, toArrayBuffer(data));
+        return {
+            version: 1,
+            iv: toBase64(iv),
+            ciphertext: toBase64(encrypted),
+        };
+    }
+    async decrypt(peerID, payload) {
+        if (!this.keyPair) {
+            throw new E2ECryptoError("Identity has not been initialized");
+        }
+        const peerKey = ensurePeerKey(this.peerKeys.get(peerID), peerID);
+        const subtle = getSubtle();
+        const aesKey = await subtle.deriveKey({
+            name: "ECDH",
+            public: peerKey,
+        }, this.keyPair.privateKey, {
+            name: "AES-GCM",
+            length: 256,
+        }, false, ["encrypt", "decrypt"]);
+        const decrypted = await subtle.decrypt({
+            name: "AES-GCM",
+            iv: toArrayBuffer(fromBase64(payload.iv)),
+        }, aesKey, toArrayBuffer(fromBase64(payload.ciphertext)));
+        return new Uint8Array(decrypted);
+    }
+    async decryptText(peerID, payload) {
+        const decrypted = await this.decrypt(peerID, payload);
+        return new TextDecoder().decode(decrypted);
+    }
+}

package/dist/crypto/index.d.ts

@@ -0,0 +1 @@
+export { E2ECrypto, E2ECryptoError, type E2EEncryptedPayload, type E2EIdentity, type E2EPeer } from "./e2e.js";

package/dist/crypto/index.js

@@ -0,0 +1 @@
+export { E2ECrypto, E2ECryptoError } from "./e2e.js";

package/dist/gen/client/client.gen.d.ts

@@ -0,0 +1,2 @@
+import type { Client, Config } from "./types.gen.js";
+export declare const createClient: (config?: Config) => Client;