@nodii/grpc-interceptors 0.0.1 → 0.2.0

package/dist/interceptors/audit.js

@@ -0,0 +1,111 @@
+// withAuditUnary — spec § 5.6.
+//
+// Emits the *framing* row on every gRPC call (mutator + audited reads,
+// including rejections). The handler is still responsible for the
+// state-change row inside its own tx via `audit.emit(tx, ...)`. The
+// framing + state-change row join via `correlation_id`.
+//
+// Routes through `@nodii/telemetry.audit.emit` (Pattern C) by default;
+// best-effort — emitter failures log and proceed per audit doctrine § 6.2.
+import { resolveTelemetry } from "../telemetry-shim";
+import { GrpcStatusError } from "../types";
+function mapOutcome(code, detail) {
+    switch (code) {
+        case "OK":
+        case "INVALID_ARGUMENT":
+        case "NOT_FOUND":
+        case "ALREADY_EXISTS":
+            return "success";
+        case "UNAUTHENTICATED":
+        case "PERMISSION_DENIED":
+            return "denied_by_authz";
+        case "FAILED_PRECONDITION":
+            if (detail && /mfa(?:_|-)required|mfa(?:_|-)stale/i.test(detail)) {
+                return "denied_by_mfa";
+            }
+            return "success";
+        default:
+            return "failure";
+    }
+}
+function classify(err) {
+    if (err instanceof GrpcStatusError)
+        return { code: err.code, detail: err.detail };
+    return { code: "INTERNAL" };
+}
+/**
+ * Build the audit interceptor. Sits between logging and auth in the
+ * locked composition.
+ */
+export function withAuditUnary(config = {}) {
+    const auditOnRead = config.auditOnReadMethods ?? new Set();
+    const skip = config.skipMethods ?? new Set();
+    return (methodName, handler) => {
+        return async (call) => {
+            if (skip.has(methodName))
+                return handler(call);
+            const t = resolveTelemetry();
+            const emitter = config.emitter ?? t.audit;
+            const log = t.logger;
+            const isAuditOnRead = auditOnRead.has(methodName) || isLikelyMutator(methodName);
+            let resultErr;
+            try {
+                return await handler(call);
+            }
+            catch (err) {
+                resultErr = err;
+                throw err;
+            }
+            finally {
+                if (isAuditOnRead) {
+                    const code = resultErr
+                        ? classify(resultErr).code
+                        : "OK";
+                    const detail = resultErr ? classify(resultErr).detail : undefined;
+                    const outcome = mapOutcome(code, detail);
+                    try {
+                        await emitter.emit({
+                            action: `rpc.${methodName.replace(/^\/+/, "")}`,
+                            target_kind: "rpc",
+                            target_id: null,
+                            payload: {
+                                outcome,
+                                code,
+                                detail,
+                                correlation_id: call.auth?.requestContext?.correlationId,
+                                actor_kind: deriveActorKind(call),
+                                tenant_id: call.auth?.requestContext?.tenant_id ?? null,
+                            },
+                        });
+                    }
+                    catch (emitErr) {
+                        log.error("audit.emit_failed", {
+                            method: methodName,
+                            error: emitErr instanceof Error ? emitErr.message : String(emitErr),
+                        });
+                    }
+                }
+            }
+        };
+    };
+}
+function deriveActorKind(call) {
+    if (call.auth?.userActor?.user_id)
+        return "user";
+    if (call.auth?.serviceActor?.service_id || call.auth?.serviceActor?.serviceId)
+        return "service";
+    return "unknown";
+}
+/**
+ * Heuristic: at v0.1.0 we emit a framing row for every method unless the
+ * service explicitly opts out via `skipMethods` (e.g. health probes).
+ * Reads opt-in via `auditOnReadMethods`. We err on the side of emitting
+ * more rows; the audit doctrine § 6.6 default is no-audit on reads, but
+ * the spec § 5.6 says "every gRPC call including rejections" gets a
+ * framing row — so this returns `true` by default. Services can suppress
+ * via `skipMethods`.
+ */
+function isLikelyMutator(_methodName) {
+    return true;
+}
+//# sourceMappingURL=audit.js.map

package/dist/interceptors/audit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/interceptors/audit.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,EAAE;AACF,uEAAuE;AACvE,kEAAkE;AAClE,oEAAoE;AACpE,wDAAwD;AACxD,EAAE;AACF,uEAAuE;AACvE,2EAA2E;AAE3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAQrD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAI3C,SAAS,UAAU,CAAC,IAAoB,EAAE,MAAe;IACvD,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,IAAI,CAAC;QACV,KAAK,kBAAkB,CAAC;QACxB,KAAK,WAAW,CAAC;QACjB,KAAK,gBAAgB;YACnB,OAAO,SAAS,CAAC;QACnB,KAAK,iBAAiB,CAAC;QACvB,KAAK,mBAAmB;YACtB,OAAO,iBAAiB,CAAC;QAC3B,KAAK,qBAAqB;YACxB,IAAI,MAAM,IAAI,qCAAqC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,OAAO,eAAe,CAAC;YACzB,CAAC;YACD,OAAO,SAAS,CAAC;QACnB;YACE,OAAO,SAAS,CAAC;IACrB,CAAC;AACH,CAAC;AAED,SAAS,QAAQ,CAAC,GAAY;IAC5B,IAAI,GAAG,YAAY,eAAe;QAChC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC;IAChD,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;AAC9B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,SAAsB,EAAE;IACrD,MAAM,WAAW,GAAG,MAAM,CAAC,kBAAkB,IAAI,IAAI,GAAG,EAAU,CAAC;IACnE,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,GAAG,EAAU,CAAC;IAErD,OAAO,CAAC,UAAkB,EAAE,OAAqB,EAAgB,EAAE;QACjE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC;gBAAE,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;YAE/C,MAAM,CAAC,GAAG,gBAAgB,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,KAAK,CAAC;YAC1C,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC;YACrB,MAAM,aAAa,GACjB,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,eAAe,CAAC,UAAU,CAAC,CAAC;YAE7D,IAAI,SAAkB,CAAC;YACvB,IAAI,CAAC;gBACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,SAAS,GAAG,GAAG,CAAC;gBAChB,MAAM,GAAG,CAAC;YACZ,CAAC;oBAAS,CAAC;gBACT,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,IAAI,GAAmB,SAAS;wBACpC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI;wBAC1B,CAAC,CAAC,IAAI,CAAC;oBACT,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;oBAClE,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACzC,IAAI,CAAC;wBACH,MAAM,OAAO,CAAC,IAAI,CAAC;4BACjB,MAAM,EAAE,OAAO,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE;4BAC/C,WAAW,EAAE,KAAK;4BAClB,SAAS,EAAE,IAAI;4BACf,OAAO,EAAE;gCACP,OAAO;gCACP,IAAI;gCACJ,MAAM;gCACN,cAAc,EAAE,IAAI,CAAC,IAAI,EAAE,cAAc,EAAE,aAAa;gCACxD,UAAU,EAAE,eAAe,CAAC,IAAI,CAAC;gCACjC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,cAAc,EAAE,SAAS,IAAI,IAAI;6BACxD;yBACF,CAAC,CAAC;oBACL,CAAC;oBAAC,OAAO,OAAO,EAAE,CAAC;wBACjB,GAAG,CAAC,KAAK,CAAC,mBAAmB,EAAE;4BAC7B,MAAM,EAAE,UAAU;4BAClB,KAAK,EACH,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;yBAC/D,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,IAAe;IACtC,IAAI,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO;QAAE,OAAO,MAAM,CAAC;IACjD,IAAI,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,UAAU,IAAI,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,SAAS;QAC3E,OAAO,SAAS,CAAC;IACnB,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,eAAe,CAAC,WAAmB;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/interceptors/cancellation-guard.d.ts

@@ -0,0 +1,3 @@
+import type { CancellationConfig, UnaryInterceptor } from "../types";
+export declare function cancellationGuard(config?: CancellationConfig): UnaryInterceptor;
+//# sourceMappingURL=cancellation-guard.d.ts.map

package/dist/interceptors/cancellation-guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cancellation-guard.d.ts","sourceRoot":"","sources":["../../src/interceptors/cancellation-guard.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EACV,kBAAkB,EAGlB,gBAAgB,EACjB,MAAM,UAAU,CAAC;AAKlB,wBAAgB,iBAAiB,CAC/B,MAAM,GAAE,kBAAuB,GAC9B,gBAAgB,CAgDlB"}

package/dist/interceptors/cancellation-guard.js

@@ -0,0 +1,54 @@
+// cancellationGuard — spec § 5.11.
+//
+// Innermost interceptor before the handler. Registers a cancel callback
+// on the call; on cancellation it runs service-registered cancel
+// handlers + races them against `gracePeriodMs` (default 250ms). After
+// the grace period (or if all handlers resolve sooner) the call short-
+// circuits with `RpcCancelledError` (gRPC `CANCELLED context_cancelled`).
+import { RpcCancelledError } from "../types";
+const DEFAULT_GRACE_MS = 250;
+export function cancellationGuard(config = {}) {
+    const graceMs = config.gracePeriodMs ?? DEFAULT_GRACE_MS;
+    const onCancel = config.onCancel ?? [];
+    return (_methodName, handler) => {
+        return async (call) => {
+            let cancelled = false;
+            let cancellationPromise = null;
+            const onCancelled = () => {
+                cancelled = true;
+                // Fire handlers but cap waits at graceMs.
+                const handlers = Promise.allSettled(onCancel.map(async (h) => {
+                    try {
+                        await h();
+                    }
+                    catch {
+                        /* swallow */
+                    }
+                }));
+                const grace = new Promise((resolve) => setTimeout(resolve, graceMs));
+                return Promise.race([handlers, grace]).then(() => {
+                    throw new RpcCancelledError();
+                });
+            };
+            if (typeof call.on === "function") {
+                call.on("cancelled", () => {
+                    if (!cancellationPromise)
+                        cancellationPromise = onCancelled();
+                });
+            }
+            // Fixture path: tests set `call.cancelled = true` before calling.
+            if (call.cancelled && !cancellationPromise) {
+                cancellationPromise = onCancelled();
+            }
+            const handlerPromise = handler(call);
+            if (cancellationPromise) {
+                return Promise.race([handlerPromise, cancellationPromise]);
+            }
+            const result = await handlerPromise;
+            if (cancelled)
+                throw new RpcCancelledError();
+            return result;
+        };
+    };
+}
+//# sourceMappingURL=cancellation-guard.js.map

package/dist/interceptors/cancellation-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cancellation-guard.js","sourceRoot":"","sources":["../../src/interceptors/cancellation-guard.ts"],"names":[],"mappings":"AAAA,mCAAmC;AACnC,EAAE;AACF,wEAAwE;AACxE,iEAAiE;AACjE,uEAAuE;AACvE,uEAAuE;AACvE,0EAA0E;AAQ1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE7C,MAAM,gBAAgB,GAAG,GAAG,CAAC;AAE7B,MAAM,UAAU,iBAAiB,CAC/B,SAA6B,EAAE;IAE/B,MAAM,OAAO,GAAG,MAAM,CAAC,aAAa,IAAI,gBAAgB,CAAC;IACzD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,OAAO,CAAC,WAAmB,EAAE,OAAqB,EAAgB,EAAE;QAClE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,IAAI,SAAS,GAAG,KAAK,CAAC;YACtB,IAAI,mBAAmB,GAA0B,IAAI,CAAC;YAEtD,MAAM,WAAW,GAAG,GAAmB,EAAE;gBACvC,SAAS,GAAG,IAAI,CAAC;gBACjB,0CAA0C;gBAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CACjC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;oBACvB,IAAI,CAAC;wBACH,MAAM,CAAC,EAAE,CAAC;oBACZ,CAAC;oBAAC,MAAM,CAAC;wBACP,aAAa;oBACf,CAAC;gBACH,CAAC,CAAC,CACH,CAAC;gBACF,MAAM,KAAK,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE,CAC1C,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAC7B,CAAC;gBACF,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE;oBAC/C,MAAM,IAAI,iBAAiB,EAAE,CAAC;gBAChC,CAAC,CAAC,CAAC;YACL,CAAC,CAAC;YAEF,IAAI,OAAO,IAAI,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;gBAClC,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE;oBACxB,IAAI,CAAC,mBAAmB;wBAAE,mBAAmB,GAAG,WAAW,EAAE,CAAC;gBAChE,CAAC,CAAC,CAAC;YACL,CAAC;YACD,kEAAkE;YAClE,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC3C,mBAAmB,GAAG,WAAW,EAAE,CAAC;YACtC,CAAC;YAED,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,mBAAmB,EAAE,CAAC;gBACxB,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,mBAAmB,CAAC,CAAC,CAAC;YAC7D,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC;YACpC,IAAI,SAAS;gBAAE,MAAM,IAAI,iBAAiB,EAAE,CAAC;YAC7C,OAAO,MAAM,CAAC;QAChB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/interceptors/deadline-guard.d.ts

@@ -0,0 +1,3 @@
+import type { DeadlineConfig, UnaryInterceptor } from "../types";
+export declare function deadlineGuard(config?: DeadlineConfig): UnaryInterceptor;
+//# sourceMappingURL=deadline-guard.d.ts.map

package/dist/interceptors/deadline-guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deadline-guard.d.ts","sourceRoot":"","sources":["../../src/interceptors/deadline-guard.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EACV,cAAc,EAGd,gBAAgB,EACjB,MAAM,UAAU,CAAC;AAoDlB,wBAAgB,aAAa,CAAC,MAAM,GAAE,cAAmB,GAAG,gBAAgB,CAgC3E"}

package/dist/interceptors/deadline-guard.js

@@ -0,0 +1,90 @@
+// deadlineGuard — spec § 5.10.
+//
+// Reads inbound gRPC deadline from `call.metadata.grpc-timeout` (or
+// `deadline` if the consumer's runtime exposes it). Reserves a `budgetMs`
+// (default 50ms) at the boundary so outbound calls inherit a *shorter*
+// deadline through the consumer's own client interceptor wiring.
+//
+// `call.auth.requestContext.deadlineMs` is set on the call so downstream
+// interceptors / the handler can read the propagated deadline; the
+// consumer's `createClientAuthInterceptor` reads it back to stamp on
+// outbound metadata.
+import { GrpcStatusError } from "../types";
+const DEFAULT_BUDGET_MS = 50;
+function readDeadlineMs(call) {
+    // Public field set by transport adapters (or by callers constructing
+    // a call directly — see `UnaryCall.deadlineMs`).
+    if (typeof call.deadlineMs === "number")
+        return call.deadlineMs;
+    // Honor a numeric metadata value next.
+    const values = call.metadata?.get("grpc-timeout");
+    if (values && values.length > 0) {
+        const v = values[0];
+        if (typeof v === "string") {
+            const parsed = parseGrpcTimeout(v);
+            if (parsed !== undefined)
+                return parsed;
+        }
+        else if (typeof v === "number") {
+            return v;
+        }
+    }
+    // Back-compat: pre-public-API fixtures may still inject `__deadlineMs`.
+    // DEPRECATED — scheduled for removal in @nodii/grpc-interceptors
+    // v0.3.0. Use the public `call.deadlineMs` field instead.
+    const dl = call.__deadlineMs;
+    if (typeof dl === "number")
+        return dl;
+    return undefined;
+}
+/** Parse the gRPC `grpc-timeout` metadata header (e.g. `100m`, `5S`). */
+function parseGrpcTimeout(v) {
+    const m = /^([0-9]+)([HMSmun])$/.exec(v);
+    if (!m)
+        return undefined;
+    const n = Number(m[1]);
+    const unit = m[2];
+    switch (unit) {
+        case "H":
+            return n * 3600_000;
+        case "M":
+            return n * 60_000;
+        case "S":
+            return n * 1000;
+        case "m":
+            return n;
+        case "u":
+            return n / 1000;
+        case "n":
+            return n / 1_000_000;
+        default:
+            return undefined;
+    }
+}
+export function deadlineGuard(config = {}) {
+    const defaultBudget = config.budgetMs ?? DEFAULT_BUDGET_MS;
+    if (defaultBudget < 0) {
+        throw new GrpcStatusError("INTERNAL", "deadline_budget_invalid");
+    }
+    const perMethod = config.perMethodBudgetMs ?? {};
+    return (methodName, handler) => {
+        return async (call) => {
+            const inboundMs = readDeadlineMs(call);
+            const budget = perMethod[methodName] ?? defaultBudget;
+            if (inboundMs !== undefined && inboundMs <= 0) {
+                throw new GrpcStatusError("DEADLINE_EXCEEDED", "deadline_already_expired");
+            }
+            if (inboundMs !== undefined) {
+                const propagated = Math.max(0, inboundMs - budget);
+                const auth = call.auth ?? {};
+                auth.requestContext = {
+                    ...auth.requestContext,
+                    ...{ deadlineMs: propagated },
+                };
+                call.auth = auth;
+            }
+            return handler(call);
+        };
+    };
+}
+//# sourceMappingURL=deadline-guard.js.map

package/dist/interceptors/deadline-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deadline-guard.js","sourceRoot":"","sources":["../../src/interceptors/deadline-guard.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,uEAAuE;AACvE,iEAAiE;AACjE,EAAE;AACF,yEAAyE;AACzE,mEAAmE;AACnE,qEAAqE;AACrE,qBAAqB;AAQrB,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,SAAS,cAAc,CAAC,IAAe;IACrC,qEAAqE;IACrE,iDAAiD;IACjD,IAAI,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,UAAU,CAAC;IAChE,uCAAuC;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC;IAClD,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;YACnC,IAAI,MAAM,KAAK,SAAS;gBAAE,OAAO,MAAM,CAAC;QAC1C,CAAC;aAAM,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,wEAAwE;IACxE,iEAAiE;IACjE,0DAA0D;IAC1D,MAAM,EAAE,GAAI,IAAkC,CAAC,YAAY,CAAC;IAC5D,IAAI,OAAO,EAAE,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,yEAAyE;AACzE,SAAS,gBAAgB,CAAC,CAAS;IACjC,MAAM,CAAC,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACzC,IAAI,CAAC,CAAC;QAAE,OAAO,SAAS,CAAC;IACzB,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG;YACN,OAAO,CAAC,GAAG,QAAQ,CAAC;QACtB,KAAK,GAAG;YACN,OAAO,CAAC,GAAG,MAAM,CAAC;QACpB,KAAK,GAAG;YACN,OAAO,CAAC,GAAG,IAAI,CAAC;QAClB,KAAK,GAAG;YACN,OAAO,CAAC,CAAC;QACX,KAAK,GAAG;YACN,OAAO,CAAC,GAAG,IAAI,CAAC;QAClB,KAAK,GAAG;YACN,OAAO,CAAC,GAAG,SAAS,CAAC;QACvB;YACE,OAAO,SAAS,CAAC;IACrB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,SAAyB,EAAE;IACvD,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,IAAI,iBAAiB,CAAC;IAC3D,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,eAAe,CAAC,UAAU,EAAE,yBAAyB,CAAC,CAAC;IACnE,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC;IAEjD,OAAO,CAAC,UAAkB,EAAE,OAAqB,EAAgB,EAAE;QACjE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;YACvC,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,aAAa,CAAC;YAEtD,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;gBAC9C,MAAM,IAAI,eAAe,CACvB,mBAAmB,EACnB,0BAA0B,CAC3B,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,MAAM,CAAC,CAAC;gBACnD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;gBAC7B,IAAI,CAAC,cAAc,GAAG;oBACpB,GAAG,IAAI,CAAC,cAAc;oBACtB,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE;iBACA,CAAC;gBAChC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YACnB,CAAC;YAED,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/interceptors/enrich-auth.d.ts

@@ -0,0 +1,3 @@
+import type { EnrichAuthConfig, UnaryInterceptor } from "../types";
+export declare function enrichAuthContext(config?: EnrichAuthConfig): UnaryInterceptor;
+//# sourceMappingURL=enrich-auth.d.ts.map

package/dist/interceptors/enrich-auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"enrich-auth.d.ts","sourceRoot":"","sources":["../../src/interceptors/enrich-auth.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,gBAAgB,EAGhB,gBAAgB,EACjB,MAAM,UAAU,CAAC;AA6ClB,wBAAgB,iBAAiB,CAC/B,MAAM,GAAE,gBAAqB,GAC5B,gBAAgB,CA6ClB"}

package/dist/interceptors/enrich-auth.js

@@ -0,0 +1,85 @@
+// enrichAuthContext — spec § 5.7.
+//
+// Pulls `tenant_id` / `intent_id` / `actor_type` off the inbound proto +
+// metadata and binds them under `call.auth.requestContext`. Mints a
+// per-call `correlationId` used as the join key between the framing row
+// and the handler-emitted state-change row (spec § 5.6).
+import { GrpcStatusError } from "../types";
+const DEFAULT_TENANT_FIELD = "tenant_id";
+function readMetadata(call, key) {
+    const values = call.metadata?.get(key);
+    if (!values || values.length === 0)
+        return undefined;
+    const first = values[0];
+    if (typeof first === "string")
+        return first;
+    if (first instanceof Uint8Array || Buffer.isBuffer?.(first)) {
+        try {
+            return Buffer.from(first).toString("utf8");
+        }
+        catch {
+            return undefined;
+        }
+    }
+    return undefined;
+}
+function readProtoField(req, field) {
+    if (!req || typeof req !== "object")
+        return undefined;
+    const r = req;
+    const v = r[field];
+    if (typeof v === "string" && v.length > 0)
+        return v;
+    // proto camelCase fallback
+    const camel = field.replace(/_([a-z])/g, (_m, c) => c.toUpperCase());
+    if (camel !== field) {
+        const v2 = r[camel];
+        if (typeof v2 === "string" && v2.length > 0)
+            return v2;
+    }
+    return undefined;
+}
+function defaultMintCorrelationId() {
+    // Deterministic + unique enough for v0.1.0 — production wiring uses
+    // `@nodii/telemetry.uuidv7` once telemetry is bootstrapped.
+    const bytes = new Uint8Array(16);
+    for (let i = 0; i < 16; i++)
+        bytes[i] = Math.floor(Math.random() * 256);
+    const hex = Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+    return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
+}
+export function enrichAuthContext(config = {}) {
+    const tenantField = config.tenantField ?? DEFAULT_TENANT_FIELD;
+    const tenantRequiredByMethod = config.tenantRequiredByMethod ?? {};
+    const mintCorrelationId = config.mintCorrelationId ?? defaultMintCorrelationId;
+    return (methodName, handler) => {
+        return async (call) => {
+            const tenantFromProto = readProtoField(call.request, tenantField);
+            const tenantFromUserActor = call.auth?.userActor?.tenant_id;
+            const tenantFromServiceActor = call.auth?.serviceActor?.tenant_id;
+            const tenant_id = tenantFromProto ?? tenantFromUserActor ?? tenantFromServiceActor;
+            const intent_id = readMetadata(call, "x-nodii-intent-id");
+            const actor_type_raw = readMetadata(call, "x-nodii-actor-type");
+            const actor_type = actor_type_raw === "user" ||
+                actor_type_raw === "agent" ||
+                actor_type_raw === "system"
+                ? actor_type_raw
+                : undefined;
+            const required = tenantRequiredByMethod[methodName] ?? true;
+            if (required && !tenant_id) {
+                throw new GrpcStatusError("FAILED_PRECONDITION", "tenant_context_required");
+            }
+            const auth = call.auth ?? {};
+            auth.requestContext = {
+                ...auth.requestContext,
+                tenant_id,
+                intent_id,
+                actor_type,
+                correlationId: auth.requestContext?.correlationId ?? mintCorrelationId(),
+            };
+            call.auth = auth;
+            return handler(call);
+        };
+    };
+}
+//# sourceMappingURL=enrich-auth.js.map

package/dist/interceptors/enrich-auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enrich-auth.js","sourceRoot":"","sources":["../../src/interceptors/enrich-auth.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,EAAE;AACF,yEAAyE;AACzE,oEAAoE;AACpE,wEAAwE;AACxE,yDAAyD;AAQzD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEzC,SAAS,YAAY,CAAC,IAAe,EAAE,GAAW;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACrD,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,YAAY,UAAU,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,OAAO,MAAM,CAAC,IAAI,CAAC,KAAmB,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,cAAc,CAAC,GAAY,EAAE,KAAa;IACjD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IACtD,MAAM,CAAC,GAAG,GAA8B,CAAC;IACzC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACnB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAC,CAAC;IACpD,2BAA2B;IAC3B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACrE,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QACpB,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QACpB,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;IACzD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB;IAC/B,oEAAoE;IACpE,4DAA4D;IAC5D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CACxE,EAAE,CACH,CAAC;IACF,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;AAC7G,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,SAA2B,EAAE;IAE7B,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,oBAAoB,CAAC;IAC/D,MAAM,sBAAsB,GAAG,MAAM,CAAC,sBAAsB,IAAI,EAAE,CAAC;IACnE,MAAM,iBAAiB,GACrB,MAAM,CAAC,iBAAiB,IAAI,wBAAwB,CAAC;IAEvD,OAAO,CAAC,UAAkB,EAAE,OAAqB,EAAgB,EAAE;QACjE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAClE,MAAM,mBAAmB,GAAG,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC;YAC5D,MAAM,sBAAsB,GAAG,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,SAAS,CAAC;YAClE,MAAM,SAAS,GACb,eAAe,IAAI,mBAAmB,IAAI,sBAAsB,CAAC;YAEnE,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,YAAY,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;YAChE,MAAM,UAAU,GACd,cAAc,KAAK,MAAM;gBACzB,cAAc,KAAK,OAAO;gBAC1B,cAAc,KAAK,QAAQ;gBACzB,CAAC,CAAC,cAAc;gBAChB,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,QAAQ,GAAG,sBAAsB,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;YAC5D,IAAI,QAAQ,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,eAAe,CACvB,qBAAqB,EACrB,yBAAyB,CAC1B,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;YAC7B,IAAI,CAAC,cAAc,GAAG;gBACpB,GAAG,IAAI,CAAC,cAAc;gBACtB,SAAS;gBACT,SAAS;gBACT,UAAU;gBACV,aAAa,EACX,IAAI,CAAC,cAAc,EAAE,aAAa,IAAI,iBAAiB,EAAE;aAC5D,CAAC;YACF,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YAEjB,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/interceptors/error-map.d.ts

@@ -0,0 +1,4 @@
+import type { ErrorMapEntry, UnaryInterceptor } from "../types";
+export declare const STANDARD_ERROR_CATALOG: Record<string, ErrorMapEntry>;
+export declare function errorMap(catalog: Record<string, ErrorMapEntry>): UnaryInterceptor;
+//# sourceMappingURL=error-map.d.ts.map

package/dist/interceptors/error-map.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-map.d.ts","sourceRoot":"","sources":["../../src/interceptors/error-map.ts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAE,aAAa,EAAgB,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAG9E,eAAO,MAAM,sBAAsB,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAgDhE,CAAC;AAWF,wBAAgB,QAAQ,CACtB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,GACrC,gBAAgB,CAgBlB"}

package/dist/interceptors/error-map.js

@@ -0,0 +1,94 @@
+// errorMap — spec § 5.12.
+//
+// Catches every exception thrown by the inner handler/interceptors. Maps
+// via `errorCatalog`:
+//   - Catalog hit by class name OR by static `errorName` property →
+//     wraps as a typed `GrpcStatusError` with the configured code/detail.
+//   - Already a `GrpcStatusError` → pass through.
+//   - Anything else → `INTERNAL internal_error` (no stack-trace leak on
+//     the wire; the logging interceptor records the full stack).
+//
+// The standard error catalog (`STANDARD_ERROR_CATALOG`) covers the
+// cross-cutting library errors (TenantContextRequiredError,
+// IdempotencyKeyMissingError, ...). Services spread it into their own
+// catalog: `{ ...STANDARD_ERROR_CATALOG, ...myDomainErrors }`.
+import { GrpcStatusError } from "../types";
+export const STANDARD_ERROR_CATALOG = {
+    TenantContextRequiredError: {
+        code: "FAILED_PRECONDITION",
+        detail: "tenant_context_required",
+    },
+    IdempotencyKeyMissingError: {
+        code: "INVALID_ARGUMENT",
+        detail: "idempotency_key_missing",
+    },
+    // @nodii/saga ships `SagaContextRequired` (NOT `SagaContextRequiredError`)
+    // — catalog both for back-compat.
+    SagaContextRequired: {
+        code: "FAILED_PRECONDITION",
+        detail: "saga_context_required",
+    },
+    SagaContextRequiredError: {
+        code: "FAILED_PRECONDITION",
+        detail: "saga_context_required",
+    },
+    // @nodii/idempotency ships `IdempotencyServiceError` carrying a numeric
+    // code — when it bubbles through errorMap we map by name + the error-map
+    // interceptor lets the inner GrpcStatusError-or-IdempotencyServiceError
+    // shape pass through. Catalog only fires when the inbound error matches
+    // by class name AND is NOT already a GrpcStatusError.
+    IdempotencyServiceError: {
+        code: "ABORTED",
+        detail: "idempotency_in_flight",
+    },
+    MfaRequiredError: {
+        code: "FAILED_PRECONDITION",
+        detail: "mfa_required",
+    },
+    MfaStaleError: {
+        code: "FAILED_PRECONDITION",
+        detail: "mfa_stale",
+    },
+    ScopeMissingError: {
+        code: "PERMISSION_DENIED",
+        detail: "auth_scope_missing",
+    },
+    TokenInvalidError: {
+        code: "UNAUTHENTICATED",
+        detail: "auth_token_invalid",
+    },
+    TokenExpiredError: {
+        code: "UNAUTHENTICATED",
+        detail: "auth_token_expired",
+    },
+};
+function nameOf(err) {
+    if (err instanceof Error)
+        return err.name;
+    if (err && typeof err === "object" && "name" in err) {
+        const v = err.name;
+        if (typeof v === "string")
+            return v;
+    }
+    return undefined;
+}
+export function errorMap(catalog) {
+    return (_methodName, handler) => {
+        return async (call) => {
+            try {
+                return await handler(call);
+            }
+            catch (err) {
+                if (err instanceof GrpcStatusError)
+                    throw err;
+                const name = nameOf(err);
+                if (name && catalog[name]) {
+                    const entry = catalog[name];
+                    throw new GrpcStatusError(entry.code, entry.detail, err);
+                }
+                throw new GrpcStatusError("INTERNAL", "internal_error", err);
+            }
+        };
+    };
+}
+//# sourceMappingURL=error-map.js.map

package/dist/interceptors/error-map.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-map.js","sourceRoot":"","sources":["../../src/interceptors/error-map.ts"],"names":[],"mappings":"AAAA,0BAA0B;AAC1B,EAAE;AACF,yEAAyE;AACzE,sBAAsB;AACtB,oEAAoE;AACpE,0EAA0E;AAC1E,kDAAkD;AAClD,wEAAwE;AACxE,iEAAiE;AACjE,EAAE;AACF,mEAAmE;AACnE,4DAA4D;AAC5D,sEAAsE;AACtE,+DAA+D;AAG/D,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,MAAM,CAAC,MAAM,sBAAsB,GAAkC;IACnE,0BAA0B,EAAE;QAC1B,IAAI,EAAE,qBAAqB;QAC3B,MAAM,EAAE,yBAAyB;KAClC;IACD,0BAA0B,EAAE;QAC1B,IAAI,EAAE,kBAAkB;QACxB,MAAM,EAAE,yBAAyB;KAClC;IACD,2EAA2E;IAC3E,kCAAkC;IAClC,mBAAmB,EAAE;QACnB,IAAI,EAAE,qBAAqB;QAC3B,MAAM,EAAE,uBAAuB;KAChC;IACD,wBAAwB,EAAE;QACxB,IAAI,EAAE,qBAAqB;QAC3B,MAAM,EAAE,uBAAuB;KAChC;IACD,wEAAwE;IACxE,yEAAyE;IACzE,wEAAwE;IACxE,wEAAwE;IACxE,sDAAsD;IACtD,uBAAuB,EAAE;QACvB,IAAI,EAAE,SAAS;QACf,MAAM,EAAE,uBAAuB;KAChC;IACD,gBAAgB,EAAE;QAChB,IAAI,EAAE,qBAAqB;QAC3B,MAAM,EAAE,cAAc;KACvB;IACD,aAAa,EAAE;QACb,IAAI,EAAE,qBAAqB;QAC3B,MAAM,EAAE,WAAW;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,mBAAmB;QACzB,MAAM,EAAE,oBAAoB;KAC7B;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,iBAAiB;QACvB,MAAM,EAAE,oBAAoB;KAC7B;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,iBAAiB;QACvB,MAAM,EAAE,oBAAoB;KAC7B;CACF,CAAC;AAEF,SAAS,MAAM,CAAC,GAAY;IAC1B,IAAI,GAAG,YAAY,KAAK;QAAE,OAAO,GAAG,CAAC,IAAI,CAAC;IAC1C,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;QACpD,MAAM,CAAC,GAAI,GAA0B,CAAC,IAAI,CAAC;QAC3C,IAAI,OAAO,CAAC,KAAK,QAAQ;YAAE,OAAO,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,QAAQ,CACtB,OAAsC;IAEtC,OAAO,CAAC,WAAmB,EAAE,OAAqB,EAAgB,EAAE;QAClE,OAAO,KAAK,EAAE,IAAI,EAAE,EAAE;YACpB,IAAI,CAAC;gBACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,eAAe;oBAAE,MAAM,GAAG,CAAC;gBAC9C,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;gBACzB,IAAI,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1B,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;oBAC5B,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM,IAAI,eAAe,CAAC,UAAU,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAC;YAC/D,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/interceptors/logging.d.ts

@@ -0,0 +1,7 @@
+import type { LoggingConfig, UnaryInterceptor } from "../types";
+/**
+ * Build the logging interceptor factory. Outermost in the locked stack
+ * so every call — including auth failures — is logged.
+ */
+export declare function withLoggingUnary(config?: LoggingConfig): UnaryInterceptor;
+//# sourceMappingURL=logging.d.ts.map

package/dist/interceptors/logging.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logging.d.ts","sourceRoot":"","sources":["../../src/interceptors/logging.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAEV,aAAa,EAGb,gBAAgB,EACjB,MAAM,UAAU,CAAC;AAkBlB;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,GAAE,aAAkB,GAAG,gBAAgB,CAyC7E"}

package/dist/interceptors/logging.js

@@ -0,0 +1,66 @@
+// withLoggingUnary — spec § 5.5.
+//
+// Always logs failures (codes in `alwaysEmit`); samples successes via
+// `successSample`. Wire never carries auth headers / request body /
+// response body — pino-style redaction baked in.
+import { resolveTelemetry } from "../telemetry-shim";
+import { GrpcStatusError } from "../types";
+const DEFAULT_ALWAYS_EMIT = [
+    "UNAUTHENTICATED",
+    "PERMISSION_DENIED",
+    "FAILED_PRECONDITION",
+    "INVALID_ARGUMENT",
+    "INTERNAL",
+    "UNAVAILABLE",
+    "UNKNOWN",
+];
+function classify(err) {
+    if (err instanceof GrpcStatusError)
+        return err.code;
+    return "INTERNAL";
+}
+/**
+ * Build the logging interceptor factory. Outermost in the locked stack
+ * so every call — including auth failures — is logged.
+ */
+export function withLoggingUnary(config = {}) {
+    const successSample = config.successSample ?? 0.01;
+    const alwaysEmit = new Set(config.alwaysEmit ?? DEFAULT_ALWAYS_EMIT);
+    const random = config.random ?? Math.random;
+    return (methodName, handler) => {
+        return async (call) => {
+            const log = config.logger ?? resolveTelemetry().logger;
+            const start = Date.now();
+            try {
+                const result = await handler(call);
+                const latency = Date.now() - start;
+                if (alwaysEmit.has("OK") || random() < successSample) {
+                    log.info("rpc.ok", {
+                        rpc: {
+                            method: methodName,
+                            code: "OK",
+                            latency_ms: latency,
+                        },
+                    });
+                }
+                return result;
+            }
+            catch (err) {
+                const code = classify(err);
+                const latency = Date.now() - start;
+                if (alwaysEmit.has(code)) {
+                    log.warn("rpc.fail", {
+                        rpc: {
+                            method: methodName,
+                            code,
+                            latency_ms: latency,
+                            detail: err instanceof GrpcStatusError ? err.detail : undefined,
+                        },
+                    });
+                }
+                throw err;
+            }
+        };
+    };
+}
+//# sourceMappingURL=logging.js.map

package/dist/interceptors/logging.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../src/interceptors/logging.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AACpE,iDAAiD;AAEjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAQrD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,MAAM,mBAAmB,GAA8B;IACrD,iBAAiB;IACjB,mBAAmB;IACnB,qBAAqB;IACrB,kBAAkB;IAClB,UAAU;IACV,aAAa;IACb,SAAS;CACV,CAAC;AAEF,SAAS,QAAQ,CAAC,GAAY;IAC5B,IAAI,GAAG,YAAY,eAAe;QAAE,OAAO,GAAG,CAAC,IAAI,CAAC;IACpD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAwB,EAAE;IACzD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,IAAI,CAAC;IACnD,MAAM,UAAU,GAAG,IAAI,GAAG,CACxB,MAAM,CAAC,UAAU,IAAI,mBAAmB,CACzC,CAAC;IACF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;IAE5C,OAAO,CAAC,UAAkB,EAAE,OAAqB,EAAgB,EAAE;QACjE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC,MAAM,CAAC;YACvD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;gBACnC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;gBACnC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,MAAM,EAAE,GAAG,aAAa,EAAE,CAAC;oBACrD,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE;wBACjB,GAAG,EAAE;4BACH,MAAM,EAAE,UAAU;4BAClB,IAAI,EAAE,IAAI;4BACV,UAAU,EAAE,OAAO;yBACpB;qBACF,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,MAAM,CAAC;YAChB,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;gBAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;gBACnC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACzB,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE;wBACnB,GAAG,EAAE;4BACH,MAAM,EAAE,UAAU;4BAClB,IAAI;4BACJ,UAAU,EAAE,OAAO;4BACnB,MAAM,EAAE,GAAG,YAAY,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;yBAChE;qBACF,CAAC,CAAC;gBACL,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/interceptors/saga-headers.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Minimal client interceptor surface — matches `@grpc/grpc-js`'s
+ * `Interceptor` signature without taking a hard dep on @grpc/grpc-js
+ * types at the type level. Real consumers pass the returned factory
+ * directly to `client.makeUnaryRequest({interceptors: [withSagaHeaders()]})`.
+ */
+type GrpcMetadata = {
+    set(key: string, value: string): void;
+    add?(key: string, value: string): void;
+};
+interface ClientCallOptions {
+    metadata?: GrpcMetadata;
+}
+/**
+ * Lightweight client interceptor: a function that mutates the outbound
+ * metadata in place. Consumers wire this into their @grpc/grpc-js client
+ * config via `grpc.credentials.createFromMetadataGenerator`, or via the
+ * built-in `interceptors: [...]` array on the client constructor.
+ */
+export type SagaHeaderInjector = (options: ClientCallOptions) => void;
+export declare function withSagaHeaders(): SagaHeaderInjector;
+export {};
+//# sourceMappingURL=saga-headers.d.ts.map

package/dist/interceptors/saga-headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"saga-headers.d.ts","sourceRoot":"","sources":["../../src/interceptors/saga-headers.ts"],"names":[],"mappings":"AAkBA;;;;;GAKG;AACH,KAAK,YAAY,GAAG;IAClB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC,GAAG,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxC,CAAC;AAEF,UAAU,iBAAiB;IACzB,QAAQ,CAAC,EAAE,YAAY,CAAC;CACzB;AAED;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,OAAO,EAAE,iBAAiB,KAAK,IAAI,CAAC;AAEtE,wBAAgB,eAAe,IAAI,kBAAkB,CAkBpD"}