@oxyhq/core 1.11.10 → 1.11.12

package/dist/cjs/HttpService.js

@@ -19,7 +19,6 @@ const cache_1 = require("./utils/cache");
 const requestUtils_1 = require("./utils/requestUtils");
 const asyncUtils_1 = require("./utils/asyncUtils");
 const errorUtils_1 = require("./utils/errorUtils");
-const debugUtils_1 = require("./shared/utils/debugUtils");
 const jwt_decode_1 = require("jwt-decode");
 const platform_1 = require("./utils/platform");
 /**
@@ -84,6 +83,8 @@ class HttpService {
         this.tokenRefreshPromise = null;
         this.tokenRefreshCooldownUntil = 0;
         this._onTokenRefreshed = null;
+        // Acting-as identity for managed accounts
+        this._actingAsUserId = null;
         // Performance monitoring
         this.requestMetrics = {
             totalRequests: 0,
@@ -188,9 +189,12 @@ class HttpService {
                 if (isNativeApp && isStateChangingMethod) {
                     headers['X-Native-App'] = 'true';
                 }
-                // Debug logging for CSRF issues
-                if (isStateChangingMethod && (0, debugUtils_1.isDev)()) {
-                    console.log('[HttpService] CSRF Debug:', {
+                // Debug logging for CSRF issues — routed through the SimpleLogger so
+                // it only fires when consumers opt in via `enableLogging`. Previously
+                // this was a bare console.log that leaked noise into every host app's
+                // stdout in development.
+                if (isStateChangingMethod) {
+                    this.logger.debug('CSRF Debug:', {
                         url,
                         method,
                         isNativeApp,
@@ -200,6 +204,10 @@ class HttpService {
                         hasNativeAppHeader: headers['X-Native-App'] === 'true',
                     });
                 }
+                // Add X-Acting-As header for managed account identity delegation
+                if (this._actingAsUserId) {
+                    headers['X-Acting-As'] = this._actingAsUserId;
+                }
                 // Merge custom headers if provided
                 if (config.headers) {
                     Object.entries(config.headers).forEach(([key, value]) => {
@@ -406,23 +414,20 @@ class HttpService {
         // Return cached token if available
         const cachedToken = this.tokenStore.getCsrfToken();
         if (cachedToken) {
-            if ((0, debugUtils_1.isDev)())
-                console.log('[HttpService] Using cached CSRF token');
+            this.logger.debug('Using cached CSRF token');
             return cachedToken;
         }
         // Deduplicate concurrent CSRF token fetches
         const existingPromise = this.tokenStore.getCsrfTokenFetchPromise();
         if (existingPromise) {
-            if ((0, debugUtils_1.isDev)())
-                console.log('[HttpService] Waiting for existing CSRF fetch');
+            this.logger.debug('Waiting for existing CSRF fetch');
             return existingPromise;
         }
         const fetchPromise = (async () => {
             const maxAttempts = 2;
             for (let attempt = 1; attempt <= maxAttempts; attempt++) {
                 try {
-                    if ((0, debugUtils_1.isDev)())
-                        console.log('[HttpService] Fetching CSRF token from:', `${this.baseURL}/csrf-token`, `(attempt ${attempt})`);
+                    this.logger.debug('Fetching CSRF token from:', `${this.baseURL}/csrf-token`, `(attempt ${attempt})`);
                     // Use AbortController for timeout (more compatible than AbortSignal.timeout)
                     const controller = new AbortController();
                     const timeoutId = setTimeout(() => controller.abort(), 5000);
@@ -433,12 +438,10 @@ class HttpService {
                         signal: controller.signal,
                     });
                     clearTimeout(timeoutId);
-                    if ((0, debugUtils_1.isDev)())
-                        console.log('[HttpService] CSRF fetch response:', response.status, response.ok);
+                    this.logger.debug('CSRF fetch response:', response.status, response.ok);
                     if (response.ok) {
                         const data = await response.json();
-                        if ((0, debugUtils_1.isDev)())
-                            console.log('[HttpService] CSRF response data:', data);
+                        this.logger.debug('CSRF response data:', data);
                         const token = data.csrfToken || null;
                         this.tokenStore.setCsrfToken(token);
                         this.logger.debug('CSRF token fetched');
@@ -451,13 +454,11 @@ class HttpService {
                         this.logger.debug('CSRF token from header');
                         return headerToken;
                     }
-                    if ((0, debugUtils_1.isDev)())
-                        console.log('[HttpService] CSRF fetch failed with status:', response.status);
+                    this.logger.debug('CSRF fetch failed with status:', response.status);
                     this.logger.warn('Failed to fetch CSRF token:', response.status);
                 }
                 catch (error) {
-                    if ((0, debugUtils_1.isDev)())
-                        console.log('[HttpService] CSRF fetch error:', error);
+                    this.logger.debug('CSRF fetch error:', error);
                     this.logger.warn('CSRF token fetch error:', error);
                 }
                 // Wait before retry (500ms)
@@ -582,6 +583,13 @@ class HttpService {
     async delete(url, config) {
         return this.request({ method: 'DELETE', url, ...config });
     }
+    // Acting-as identity management (managed accounts)
+    setActingAs(userId) {
+        this._actingAsUserId = userId;
+    }
+    getActingAs() {
+        return this._actingAsUserId;
+    }
     // Token management
     setTokens(accessToken, refreshToken = '') {
         this.tokenStore.setTokens(accessToken, refreshToken);

package/dist/cjs/OxyServices.base.js

@@ -141,6 +141,27 @@ class OxyServicesBase {
     getAccessToken() {
         return this.httpService.getAccessToken();
     }
+    /**
+     * Set the acting-as identity for managed accounts.
+     *
+     * When set, all subsequent API requests will include the `X-Acting-As` header,
+     * causing the server to attribute actions to the managed account. The
+     * authenticated user must be an authorized manager of the target account.
+     *
+     * Pass `null` to clear and revert to the authenticated user's own identity.
+     *
+     * @param userId - The managed account user ID, or null to clear
+     */
+    setActingAs(userId) {
+        this.httpService.setActingAs(userId);
+    }
+    /**
+     * Get the current acting-as identity (managed account user ID), or null
+     * if operating as the authenticated user's own identity.
+     */
+    getActingAs() {
+        return this.httpService.getActingAs();
+    }
     /**
      * Wait for authentication to be ready
      *

package/dist/cjs/crypto/signatureService.js

@@ -43,20 +43,24 @@ exports.SignatureService = void 0;
 const elliptic_1 = require("elliptic");
 const keyManager_1 = require("./keyManager");
 const platform_1 = require("../utils/platform");
-// Lazy import for expo-crypto
+// Lazy imports for platform-specific crypto
 let ExpoCrypto = null;
+let NodeCrypto = null;
 const ec = new elliptic_1.ec('secp256k1');
-/**
- * Initialize expo-crypto module
- */
 async function initExpoCrypto() {
     if (!ExpoCrypto) {
-        // Variable indirection prevents bundlers (Vite, webpack) from statically resolving this
         const moduleName = 'expo-crypto';
         ExpoCrypto = await Promise.resolve(`${moduleName}`).then(s => __importStar(require(s)));
     }
     return ExpoCrypto;
 }
+async function initNodeCrypto() {
+    if (!NodeCrypto) {
+        const moduleName = 'crypto';
+        NodeCrypto = await Promise.resolve(`${moduleName}`).then(s => __importStar(require(s)));
+    }
+    return NodeCrypto;
+}
 /**
  * Compute SHA-256 hash of a string
  */
@@ -66,10 +70,9 @@ async function sha256(message) {
         const Crypto = await initExpoCrypto();
         return Crypto.digestStringAsync(Crypto.CryptoDigestAlgorithm.SHA256, message);
     }
-    // In Node.js, use Node's crypto module
     if ((0, platform_1.isNodeJS)()) {
         try {
-            const nodeCrypto = await Promise.resolve().then(() => __importStar(require('crypto')));
+            const nodeCrypto = await initNodeCrypto();
             return nodeCrypto.createHash('sha256').update(message).digest('hex');
         }
         catch {
@@ -97,12 +100,9 @@ class SignatureService {
                 .map((b) => b.toString(16).padStart(2, '0'))
                 .join('');
         }
-        // In Node.js, use Node's crypto module
-        // Variable indirection prevents bundlers (Vite, webpack) from statically resolving this
         if ((0, platform_1.isNodeJS)()) {
             try {
-                const cryptoModuleName = 'crypto';
-                const nodeCrypto = await Promise.resolve(`${cryptoModuleName}`).then(s => __importStar(require(s)));
+                const nodeCrypto = await initNodeCrypto();
                 return nodeCrypto.randomBytes(32).toString('hex');
             }
             catch {

package/dist/cjs/mixins/OxyServices.managedAccounts.js

@@ -0,0 +1,117 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OxyServicesManagedAccountsMixin = OxyServicesManagedAccountsMixin;
+function OxyServicesManagedAccountsMixin(Base) {
+    return class extends Base {
+        constructor(...args) {
+            super(...args);
+        }
+        /**
+         * Create a new managed account (sub-account).
+         *
+         * The server creates a User document with `isManagedAccount: true` and links
+         * it to the authenticated user as owner.
+         */
+        async createManagedAccount(data) {
+            try {
+                return await this.makeRequest('POST', '/managed-accounts', data, {
+                    cache: false,
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+        /**
+         * List all accounts the authenticated user manages.
+         */
+        async getManagedAccounts() {
+            try {
+                return await this.makeRequest('GET', '/managed-accounts', undefined, {
+                    cache: true,
+                    cacheTTL: 2 * 60 * 1000, // 2 minutes cache
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+        /**
+         * Get details for a specific managed account.
+         */
+        async getManagedAccountDetails(accountId) {
+            try {
+                return await this.makeRequest('GET', `/managed-accounts/${accountId}`, undefined, {
+                    cache: true,
+                    cacheTTL: 2 * 60 * 1000,
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+        /**
+         * Update a managed account's profile data.
+         * Requires owner or admin role.
+         */
+        async updateManagedAccount(accountId, data) {
+            try {
+                return await this.makeRequest('PUT', `/managed-accounts/${accountId}`, data, {
+                    cache: false,
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+        /**
+         * Delete a managed account permanently.
+         * Requires owner role.
+         */
+        async deleteManagedAccount(accountId) {
+            try {
+                await this.makeRequest('DELETE', `/managed-accounts/${accountId}`, undefined, {
+                    cache: false,
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+        /**
+         * Add a manager to a managed account.
+         * Requires owner or admin role on the account.
+         *
+         * @param accountId - The managed account to add the manager to
+         * @param userId - The user to grant management access
+         * @param role - The role to assign: 'admin' or 'editor'
+         */
+        async addManager(accountId, userId, role) {
+            try {
+                await this.makeRequest('POST', `/managed-accounts/${accountId}/managers`, { userId, role }, {
+                    cache: false,
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+        /**
+         * Remove a manager from a managed account.
+         * Requires owner role.
+         *
+         * @param accountId - The managed account
+         * @param userId - The manager to remove
+         */
+        async removeManager(accountId, userId) {
+            try {
+                await this.makeRequest('DELETE', `/managed-accounts/${accountId}/managers/${userId}`, undefined, {
+                    cache: false,
+                });
+            }
+            catch (error) {
+                throw this.handleError(error);
+            }
+        }
+    };
+}

package/dist/cjs/mixins/OxyServices.user.js

@@ -21,6 +21,17 @@ function OxyServicesUserMixin(Base) {
                 throw this.handleError(error);
             }
         }
+        /**
+         * Lightweight username lookup for login flows.
+         * Returns minimal public info: exists, color, avatar, displayName.
+         * Faster than getProfileByUsername — no stats, no formatting.
+         */
+        async lookupUsername(username) {
+            return await this.makeRequest('GET', `/auth/lookup/${encodeURIComponent(username)}`, undefined, {
+                cache: true,
+                cacheTTL: 60 * 1000, // 1 minute cache
+            });
+        }
         /**
          * Search user profiles
          */

package/dist/cjs/mixins/OxyServices.utility.js

@@ -46,6 +46,41 @@ function OxyServicesUtilityMixin(Base) {
     return class extends Base {
         constructor(...args) {
             super(...args);
+            /** @internal In-memory cache for acting-as verification results (TTL: 5 min) */
+            this._actingAsCache = new Map();
+        }
+        /**
+         * Verify that a user is authorized to act as a managed account.
+         * Results are cached in-memory for 5 minutes to avoid repeated API calls.
+         *
+         * @internal Used by the auth() middleware — not part of the public API
+         */
+        async verifyActingAs(userId, accountId) {
+            const cacheKey = `${userId}:${accountId}`;
+            const now = Date.now();
+            // Check cache
+            const cached = this._actingAsCache.get(cacheKey);
+            if (cached && cached.expiresAt > now) {
+                return cached.result;
+            }
+            // Query the API
+            try {
+                const result = await this.makeRequest('GET', '/managed-accounts/verify', { accountId, userId }, { cache: false, retry: false, timeout: 5000 });
+                // Cache successful result for 5 minutes
+                this._actingAsCache.set(cacheKey, {
+                    result: result && result.authorized ? result : null,
+                    expiresAt: now + 5 * 60 * 1000,
+                });
+                return result && result.authorized ? result : null;
+            }
+            catch {
+                // Cache negative result for 1 minute to avoid hammering on transient errors
+                this._actingAsCache.set(cacheKey, {
+                    result: null,
+                    expiresAt: now + 1 * 60 * 1000,
+                });
+                return null;
+            }
         }
         /**
          * Fetch link metadata
@@ -108,6 +143,45 @@ function OxyServicesUtilityMixin(Base) {
             const oxyInstance = this;
             // Return an async middleware function
             return async (req, res, next) => {
+                // Process X-Acting-As header for managed account identity delegation.
+                // Called after successful authentication, before next(). If the header
+                // is present, verifies authorization and swaps the request identity to
+                // the managed account, preserving the original user for audit trails.
+                const processActingAs = async () => {
+                    const actingAsUserId = req.headers['x-acting-as'];
+                    if (!actingAsUserId)
+                        return true; // No header, proceed normally
+                    const verification = await oxyInstance.verifyActingAs(req.userId, actingAsUserId);
+                    if (!verification) {
+                        const error = {
+                            error: 'ACTING_AS_UNAUTHORIZED',
+                            message: 'Not authorized to act as this account',
+                            code: 'ACTING_AS_UNAUTHORIZED',
+                            status: 403,
+                        };
+                        if (onError) {
+                            onError(error);
+                        }
+                        else {
+                            res.status(403).json(error);
+                        }
+                        return false;
+                    }
+                    // Preserve original user for audit trails
+                    req.originalUser = { id: req.userId, ...req.user };
+                    req.actingAs = { userId: actingAsUserId, role: verification.role };
+                    // Swap user identity to the managed account
+                    req.userId = actingAsUserId;
+                    req.user = { id: actingAsUserId };
+                    // Also set _id for routes that use Pattern B (req.user._id)
+                    if (req.user) {
+                        req.user._id = actingAsUserId;
+                    }
+                    if (debug) {
+                        console.log(`[oxy.auth] Acting as ${actingAsUserId} (role=${verification.role}) original=${req.originalUser.id}`);
+                    }
+                    return true;
+                };
                 try {
                     // Extract token from Authorization header or query params
                     const authHeader = req.headers['authorization'];
@@ -330,7 +404,10 @@ function OxyServicesUtilityMixin(Base) {
                             if (debug) {
                                 console.log(`[oxy.auth] OK user=${userId} session=${decoded.sessionId}`);
                             }
-                            return next();
+                            // Process X-Acting-As header before proceeding
+                            if (await processActingAs())
+                                return next();
+                            return;
                         }
                         catch (validationError) {
                             if (debug) {
@@ -381,7 +458,9 @@ function OxyServicesUtilityMixin(Base) {
                     if (debug) {
                         console.log(`[oxy.auth] OK user=${userId} (no session)`);
                     }
-                    next();
+                    // Process X-Acting-As header before proceeding
+                    if (await processActingAs())
+                        next();
                 }
                 catch (error) {
                     const apiError = oxyInstance.handleError(error);

package/dist/cjs/mixins/index.js

@@ -27,6 +27,7 @@ const OxyServices_security_1 = require("./OxyServices.security");
 const OxyServices_utility_1 = require("./OxyServices.utility");
 const OxyServices_features_1 = require("./OxyServices.features");
 const OxyServices_topics_1 = require("./OxyServices.topics");
+const OxyServices_managedAccounts_1 = require("./OxyServices.managedAccounts");
 /**
  * Mixin pipeline - applied in order from first to last.
  *
@@ -64,6 +65,7 @@ const MIXIN_PIPELINE = [
     OxyServices_security_1.OxyServicesSecurityMixin,
     OxyServices_features_1.OxyServicesFeaturesMixin,
     OxyServices_topics_1.OxyServicesTopicsMixin,
+    OxyServices_managedAccounts_1.OxyServicesManagedAccountsMixin,
     // Utility (last, can use all above)
     OxyServices_utility_1.OxyServicesUtilityMixin,
 ];

package/dist/cjs/utils/asyncUtils.js

@@ -44,18 +44,47 @@ async function parallelWithErrorHandling(operations, errorHandler) {
     const results = await Promise.allSettled(operations.map((op, index) => withErrorHandling(op, error => errorHandler?.(error, index))));
     return results.map(result => result.status === 'fulfilled' ? result.value : null);
 }
+/**
+ * Extract an HTTP status code from an error value, tolerating both the
+ * axios-style nested shape (`error.response.status`) and the flat shape
+ * produced by {@link handleHttpError} / fetch-based clients (`error.status`).
+ *
+ * Centralising this lookup prevents retry predicates from silently falling
+ * through when one of the two shapes is missing, which previously caused
+ * @oxyhq/core to retry 4xx responses and turn sub-10ms failures into
+ * multi-second stalls for every missing-resource lookup.
+ */
+function extractHttpStatus(error) {
+    if (!error || typeof error !== 'object')
+        return undefined;
+    const candidate = error;
+    const flat = candidate.status;
+    if (typeof flat === 'number' && Number.isFinite(flat))
+        return flat;
+    const nested = candidate.response?.status;
+    if (typeof nested === 'number' && Number.isFinite(nested))
+        return nested;
+    return undefined;
+}
 /**
  * Retry an async operation with exponential backoff
  *
- * By default, does not retry on 4xx errors (client errors).
- * Use shouldRetry callback to customize retry behavior.
+ * By default, does not retry on 4xx errors (client errors). The default
+ * predicate accepts both the axios-style `error.response.status` and the
+ * flat `error.status` shape produced by {@link handleHttpError}, so callers
+ * never accidentally retry a deterministic client failure.
+ *
+ * Use the `shouldRetry` callback to customize retry behavior.
  */
 async function retryAsync(operation, maxRetries = 3, baseDelay = 1000, shouldRetry) {
     let lastError;
-    // Default shouldRetry: don't retry on 4xx errors
+    // Default shouldRetry: don't retry on 4xx errors (client errors).
+    // Checks BOTH `error.status` (flat shape from handleHttpError / fetch
+    // clients) AND `error.response.status` (axios-style shape) so neither
+    // representation can leak a client error into the retry loop.
     const defaultShouldRetry = (error) => {
-        // Don't retry on 4xx errors (client errors)
-        if (error?.response?.status >= 400 && error?.response?.status < 500) {
+        const status = extractHttpStatus(error);
+        if (status !== undefined && status >= 400 && status < 500) {
             return false;
         }
         return true;