@omnistreams/sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,6 @@
1
+ /**
2
+ * This file was auto-generated by openapi-typescript.
3
+ * Do not make direct changes to the file.
4
+ */
5
+ export {};
6
+ //# sourceMappingURL=openapi.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"openapi.js","sourceRoot":"","sources":["../../src/generated/openapi.ts"],"names":[],"mappings":"AAAA;;;GAGG"}
@@ -0,0 +1,24 @@
1
+ /**
2
+ * Official TypeScript SDK for the OmniStream API.
3
+ *
4
+ * @example
5
+ * ```ts
6
+ * import { OmnistreamClient } from "@omnistreams/sdk";
7
+ *
8
+ * const client = new OmnistreamClient({
9
+ * apiKey: process.env.OMNISTREAM_API_KEY!,
10
+ * baseUrl: "https://your-omnistream-host",
11
+ * });
12
+ *
13
+ * const open = await client.conversations.list({ status: "open" });
14
+ * for await (const contact of client.paginate<Contact>("/api/contacts")) {
15
+ * console.log(contact.name);
16
+ * }
17
+ * ```
18
+ */
19
+ export { OmnistreamClient, buildQueryString, generateIdempotencyKey, } from "./client.js";
20
+ export type { OmnistreamClientOptions, RequestOptions, Query, Conversation, Contact, Message, MessageListResponse, WaTemplate, ApiKey, SendMessageRequest, CreateApiKeyRequest, ApiKeyCreateResponse, ConversationStatus, } from "./client.js";
21
+ export { OmnistreamError, OmnistreamApiError, OmnistreamNetworkError, } from "./errors.js";
22
+ export { verifyWebhookSignature, verifyWebhookSignatureWithRotation, } from "./webhooks.js";
23
+ /** The full generated OpenAPI type tree (paths, components, schemas). */
24
+ export type { paths, components } from "./generated/openapi.js";
package/dist/index.js ADDED
@@ -0,0 +1,22 @@
1
+ /**
2
+ * Official TypeScript SDK for the OmniStream API.
3
+ *
4
+ * @example
5
+ * ```ts
6
+ * import { OmnistreamClient } from "@omnistreams/sdk";
7
+ *
8
+ * const client = new OmnistreamClient({
9
+ * apiKey: process.env.OMNISTREAM_API_KEY!,
10
+ * baseUrl: "https://your-omnistream-host",
11
+ * });
12
+ *
13
+ * const open = await client.conversations.list({ status: "open" });
14
+ * for await (const contact of client.paginate<Contact>("/api/contacts")) {
15
+ * console.log(contact.name);
16
+ * }
17
+ * ```
18
+ */
19
+ export { OmnistreamClient, buildQueryString, generateIdempotencyKey, } from "./client.js";
20
+ export { OmnistreamError, OmnistreamApiError, OmnistreamNetworkError, } from "./errors.js";
21
+ export { verifyWebhookSignature, verifyWebhookSignatureWithRotation, } from "./webhooks.js";
22
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,aAAa,CAAC;AAiBrB,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,sBAAsB,GACvB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,sBAAsB,EACtB,kCAAkC,GACnC,MAAM,eAAe,CAAC"}
@@ -0,0 +1,28 @@
1
+ /**
2
+ * Helpers for verifying OmniStream outgoing-webhook signatures.
3
+ *
4
+ * The gateway signs each webhook payload with HMAC-SHA256 over the raw JSON
5
+ * body and sends the hex digest in the `X-Omnistream-Signature` header. During
6
+ * a secret rotation it may also send `X-Omnistream-Signature-Previous` signed
7
+ * with the old secret — verify against either.
8
+ *
9
+ * Implemented with Web Crypto so it runs unchanged on Node 18+, browsers and
10
+ * edge runtimes.
11
+ */
12
+ /**
13
+ * Verify that `signatureHex` is a valid HMAC-SHA256 signature of `payload`
14
+ * under `secret`. Comparison is constant-time.
15
+ *
16
+ * @param payload - the exact raw request body bytes as received (do not re-serialize).
17
+ * @param signatureHex - hex digest from the `X-Omnistream-Signature` header.
18
+ * @param secret - the webhook signing secret.
19
+ */
20
+ export declare function verifyWebhookSignature(payload: string, signatureHex: string, secret: string): Promise<boolean>;
21
+ /**
22
+ * Verify a payload against the current signature and, optionally, a previous
23
+ * one sent during secret rotation. Returns true if either matches.
24
+ */
25
+ export declare function verifyWebhookSignatureWithRotation(payload: string, secret: string, signatures: {
26
+ current?: string | null;
27
+ previous?: string | null;
28
+ }): Promise<boolean>;
@@ -0,0 +1,54 @@
1
+ /**
2
+ * Helpers for verifying OmniStream outgoing-webhook signatures.
3
+ *
4
+ * The gateway signs each webhook payload with HMAC-SHA256 over the raw JSON
5
+ * body and sends the hex digest in the `X-Omnistream-Signature` header. During
6
+ * a secret rotation it may also send `X-Omnistream-Signature-Previous` signed
7
+ * with the old secret — verify against either.
8
+ *
9
+ * Implemented with Web Crypto so it runs unchanged on Node 18+, browsers and
10
+ * edge runtimes.
11
+ */
12
+ /**
13
+ * Verify that `signatureHex` is a valid HMAC-SHA256 signature of `payload`
14
+ * under `secret`. Comparison is constant-time.
15
+ *
16
+ * @param payload - the exact raw request body bytes as received (do not re-serialize).
17
+ * @param signatureHex - hex digest from the `X-Omnistream-Signature` header.
18
+ * @param secret - the webhook signing secret.
19
+ */
20
+ export async function verifyWebhookSignature(payload, signatureHex, secret) {
21
+ const encoder = new TextEncoder();
22
+ const key = await crypto.subtle.importKey("raw", encoder.encode(secret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
23
+ const digest = await crypto.subtle.sign("HMAC", key, encoder.encode(payload));
24
+ const expected = bufferToHex(digest);
25
+ return timingSafeEqualHex(expected, signatureHex.trim().toLowerCase());
26
+ }
27
+ /**
28
+ * Verify a payload against the current signature and, optionally, a previous
29
+ * one sent during secret rotation. Returns true if either matches.
30
+ */
31
+ export async function verifyWebhookSignatureWithRotation(payload, secret, signatures) {
32
+ const candidates = [signatures.current, signatures.previous].filter((s) => typeof s === "string" && s.length > 0);
33
+ for (const sig of candidates) {
34
+ if (await verifyWebhookSignature(payload, sig, secret))
35
+ return true;
36
+ }
37
+ return false;
38
+ }
39
+ function bufferToHex(buffer) {
40
+ return Array.from(new Uint8Array(buffer))
41
+ .map((b) => b.toString(16).padStart(2, "0"))
42
+ .join("");
43
+ }
44
+ /** Constant-time comparison of two equal-purpose hex strings. */
45
+ function timingSafeEqualHex(a, b) {
46
+ if (a.length !== b.length)
47
+ return false;
48
+ let mismatch = 0;
49
+ for (let i = 0; i < a.length; i++) {
50
+ mismatch |= a.charCodeAt(i) ^ b.charCodeAt(i);
51
+ }
52
+ return mismatch === 0;
53
+ }
54
+ //# sourceMappingURL=webhooks.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"webhooks.js","sourceRoot":"","sources":["../src/webhooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,OAAe,EACf,YAAoB,EACpB,MAAc;IAEd,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EACL,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EACtB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAC;IACF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9E,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACrC,OAAO,kBAAkB,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;AACzE,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kCAAkC,CACtD,OAAe,EACf,MAAc,EACd,UAAiE;IAEjE,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CACjE,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAC1D,CAAC;IACF,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,IAAI,MAAM,sBAAsB,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;IACtE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,WAAW,CAAC,MAAmB;IACtC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;SACtC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,iEAAiE;AACjE,SAAS,kBAAkB,CAAC,CAAS,EAAE,CAAS;IAC9C,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,QAAQ,KAAK,CAAC,CAAC;AACxB,CAAC"}
package/package.json ADDED
@@ -0,0 +1,38 @@
1
+ {
2
+ "name": "@omnistreams/sdk",
3
+ "version": "0.1.0",
4
+ "description": "Official TypeScript SDK for the OmniStream omnichannel CRM API — typed client with auth, pagination, retries, idempotency and webhook signature verification.",
5
+ "license": "MIT",
6
+ "type": "module",
7
+ "main": "dist/index.js",
8
+ "module": "dist/index.js",
9
+ "types": "dist/index.d.ts",
10
+ "exports": {
11
+ ".": {
12
+ "types": "./dist/index.d.ts",
13
+ "import": "./dist/index.js"
14
+ }
15
+ },
16
+ "files": [
17
+ "dist",
18
+ "README.md"
19
+ ],
20
+ "engines": {
21
+ "node": ">=18"
22
+ },
23
+ "scripts": {
24
+ "generate": "openapi-typescript ../../docs/openapi.yaml -o src/generated/openapi.ts",
25
+ "build": "tsc -p tsconfig.json",
26
+ "prepublishOnly": "npm run build",
27
+ "typecheck": "tsc -p tsconfig.json --noEmit",
28
+ "test": "vitest run",
29
+ "test:watch": "vitest"
30
+ },
31
+ "devDependencies": {
32
+ "@types/node": "^24.0.0",
33
+ "openapi-typescript": "^7.9.0",
34
+ "tsx": "^4.19.0",
35
+ "typescript": "^5.6.0",
36
+ "vitest": "^3.2.0"
37
+ }
38
+ }