npm - @pellux/goodvibes-sdk - Versions diffs - 0.19.6 → 0.19.8 - Mend

@pellux/goodvibes-sdk 0.19.6 → 0.19.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/dist/_internal/platform/auth/android-keystore-token-store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"android-keystore-token-store.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/android-keystore-token-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAGH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAM5D;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAC5B,cAAc,GACd,iCAAiC,GACjC,sBAAsB,GACtB,yCAAyC,GACzC,iBAAiB,GACjB,sBAAsB,CAAC;AAE3B;;GAEG;AACH,MAAM,MAAM,iBAAiB,GACzB,eAAe,GACf,oBAAoB,GACpB,QAAQ,GACR,oCAAoC,GACpC,gCAAgC,GAChC,qCAAqC,GACrC,yBAAyB,CAAC;AAM9B,MAAM,WAAW,gCAAgC;IAC/C;;;;OAIG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAE1B;;;;;;;;OAQG;IACH,QAAQ,CAAC,aAAa,CAAC,EAAE,oBAAoB,CAAC;IAE9C;;;;OAIG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,iBAAiB,CAAC;CACzC;AAkDD,MAAM,WAAW,yBAA0B,SAAQ,mBAAmB;IACpE;;;;OAIG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEvE;;;OAGG;IACH,aAAa,IAAI,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACxE;AAMD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAgB,+BAA+B,CAC7C,OAAO,GAAE,gCAAqC,EAC9C,YAAY,CAAC,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,GACpC,yBAAyB,CAuF3B"}

package/dist/_internal/platform/auth/android-keystore-token-store.js ADDED Viewed

@@ -0,0 +1,164 @@
+/**
+ * android-keystore-token-store.ts
+ *
+ * Token store backed by `react-native-keychain` for bare React Native on Android.
+ *
+ * On Android, `react-native-keychain` routes to EncryptedSharedPreferences
+ * backed by the Android Keystore system — hardware-backed AES-256-GCM
+ * encryption where available (API 23+). This is the **recommended**
+ * implementation for proper hardware-backed security.
+ *
+ * Alternative: `@react-native-async-storage/async-storage` can store the
+ * token but is NOT hardware-backed. If you cannot use `react-native-keychain`,
+ * wrap async-storage with an additional encryption layer (e.g.
+ * `react-native-encrypted-storage`). The `react-native-keychain` path is
+ * strongly preferred for production apps.
+ *
+ * `react-native-keychain` is an **optional peer dependency** — this module
+ * does NOT import it at the top level.
+ *
+ * ## Installation
+ *
+ * ```sh
+ * npm install react-native-keychain
+ * # Android: auto-linked via Gradle; no manual step required
+ * ```
+ *
+ * Wave 6 three-part error messages: [what happened] · [why] · [what to do]
+ */
+import { GoodVibesSdkError } from '../../errors/index.js';
+let _mod = null;
+async function loadKeychain() {
+    if (_mod !== null)
+        return _mod;
+    try {
+        _mod = await import('react-native-keychain');
+        return _mod;
+    }
+    catch {
+        throw new GoodVibesSdkError('react-native-keychain is not installed — the Android Keystore token store cannot be initialised. ' +
+            'This optional peer dependency is required to persist tokens in Android Keystore-backed storage. ' +
+            'Run `npm install react-native-keychain` and rebuild your app.', {
+            code: 'RN_KEYCHAIN_NOT_INSTALLED',
+            category: 'config',
+            source: 'config',
+            recoverable: false,
+        });
+    }
+}
+// ---------------------------------------------------------------------------
+// Fixed username slot
+// ---------------------------------------------------------------------------
+const USERNAME_SLOT = 'goodvibes-sdk';
+// ---------------------------------------------------------------------------
+// Factory
+// ---------------------------------------------------------------------------
+/**
+ * Create a `GoodVibesTokenStore` backed by the Android Keystore system via
+ * `react-native-keychain`.
+ *
+ * On Android, `react-native-keychain` uses `EncryptedSharedPreferences` backed
+ * by the Android Keystore — hardware-backed AES-256-GCM encryption where
+ * supported (API 23+). This is strongly preferred over plain AsyncStorage.
+ *
+ * Pass `accessControl: 'BIOMETRY_ANY'` or `'DEVICE_PASSCODE'` to require
+ * interactive user authentication before reading the stored credential.
+ *
+ * `react-native-keychain` is an **optional peer dependency** — install it with:
+ *
+ * ```sh
+ * npm install react-native-keychain
+ * # No manual Gradle/CocoaPods step required for Android
+ * ```
+ *
+ * @example
+ * ```ts
+ * import { createAndroidKeystoreTokenStore, createReactNativeGoodVibesSdk } from '@pellux/goodvibes-sdk/react-native';
+ *
+ * const tokenStore = createAndroidKeystoreTokenStore({
+ *   service: 'com.myapp.gv',
+ *   accessControl: 'BIOMETRY_ANY',
+ * });
+ * const sdk = createReactNativeGoodVibesSdk({ baseUrl: 'https://daemon.example.com', tokenStore });
+ * ```
+ */
+export function createAndroidKeystoreTokenStore(options = {}, __loadModule) {
+    const service = options.service ?? 'com.pellux.goodvibes-sdk';
+    const accessible = options.accessible ?? 'WHEN_UNLOCKED_THIS_DEVICE_ONLY';
+    const accessControl = options.accessControl;
+    async function resolveModule() {
+        if (__loadModule !== undefined) {
+            return __loadModule();
+        }
+        return loadKeychain();
+    }
+    function buildOptions(mod) {
+        const opts = { service };
+        const accessibleValue = mod.ACCESSIBLE[accessible];
+        if (accessibleValue !== undefined) {
+            opts['accessible'] = accessibleValue;
+        }
+        else if (options.accessible !== undefined) {
+            console.warn(`[pellux/goodvibes-sdk] react-native-keychain does not expose ACCESSIBLE.${accessible}; falling back to default`);
+        }
+        if (accessControl !== undefined) {
+            const acValue = mod.ACCESS_CONTROL[accessControl];
+            if (acValue !== undefined) {
+                opts['accessControl'] = acValue;
+            }
+            else {
+                console.warn(`[pellux/goodvibes-sdk] react-native-keychain does not expose ACCESS_CONTROL.${accessControl}; falling back to default`);
+            }
+        }
+        return opts;
+    }
+    async function readPayload() {
+        const mod = await resolveModule();
+        const result = await mod.getGenericPassword(buildOptions(mod));
+        if (result === false)
+            return null;
+        try {
+            return JSON.parse(result.password);
+        }
+        catch {
+            return null;
+        }
+    }
+    async function writePayload(payload) {
+        const mod = await resolveModule();
+        if (payload === null) {
+            await mod.resetGenericPassword(buildOptions(mod));
+            return;
+        }
+        await mod.setGenericPassword(USERNAME_SLOT, JSON.stringify(payload), buildOptions(mod));
+    }
+    return {
+        async getToken() {
+            const payload = await readPayload();
+            return payload?.token ?? null;
+        },
+        async setToken(token) {
+            if (token === null) {
+                await writePayload(null);
+                return;
+            }
+            await writePayload({ token, expiresAt: null });
+        },
+        async clearToken() {
+            await writePayload(null);
+        },
+        async setTokenEntry(token, expiresAt) {
+            if (token === null) {
+                await writePayload(null);
+                return;
+            }
+            await writePayload({ token, expiresAt: expiresAt ?? null });
+        },
+        async getTokenEntry() {
+            const payload = await readPayload();
+            if (payload === null)
+                return { token: null };
+            return { token: payload.token, expiresAt: payload.expiresAt ?? undefined };
+        },
+    };
+}

package/dist/_internal/platform/auth/auto-refresh-middleware.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+/**
+ * Auto-refresh transport middleware.
+ *
+ * Integrates `AutoRefreshCoordinator` at the transport boundary so that ALL
+ * typed operator/peer SDK calls benefit from silent token refresh — not only
+ * `auth.current()`.
+ *
+ * Responsibilities:
+ *   1. Pre-flight: call `coordinator.ensureFreshToken()` before dispatching the
+ *      request. Updates `ctx.headers.Authorization` with the fresh token so
+ *      consumer middleware (which runs after this one) sees the current token.
+ *   2. Reactive 401: if `next()` throws a 401-shaped error, trigger a refresh
+ *      via `coordinator.refreshAndRetryOnce()` and set `ctx.response` to the
+ *      retry result so the transport can return it to the caller.
+ *   3. Loop prevention: retry requests carry `__gv_ar_attempted: true` in their
+ *      options. The middleware recognises this flag and passes through without
+ *      additional refresh logic, preventing infinite recursion.
+ *   4. Error passthrough: terminal auth errors from the coordinator are placed
+ *      directly onto `ctx.error` rather than thrown, so the transport's
+ *      middleware-error-wrapping instrumentation does not re-wrap them as
+ *      `kind:'unknown'`.
+ */
+import type { TransportMiddleware } from '../../transport-core/index.js';
+import type { HttpJsonTransport } from '../../transport-http/http-core.js';
+import type { GoodVibesTokenStore } from '../../../auth.js';
+import type { AutoRefreshCoordinator } from './auto-refresh.js';
+/**
+ * Create a transport middleware that integrates the `AutoRefreshCoordinator`
+ * into every HTTP request.
+ *
+ * @param coordinator - The auto-refresh coordinator managing token lifecycle.
+ * @param transport   - The HTTP JSON transport used to re-issue the request on
+ *                      reactive 401 retry. Must be the same transport instance
+ *                      whose middleware chain contains this middleware, so that
+ *                      the retry benefits from other middleware (e.g. logging,
+ *                      tracing) except for another auto-refresh cycle.
+ * @param tokenStore  - The token store from which to read the fresh token after
+ *                      pre-flight refresh, so `ctx.headers.Authorization` can
+ *                      be updated before consumer middleware runs.
+ *
+ * @example
+ * const mw = createAutoRefreshMiddleware(coordinator, transport, tokenStore);
+ * transport.use(mw);
+ */
+export declare function createAutoRefreshMiddleware(coordinator: AutoRefreshCoordinator, transport: Pick<HttpJsonTransport, 'requestJson'>, tokenStore: GoodVibesTokenStore): TransportMiddleware;
+//# sourceMappingURL=auto-refresh-middleware.d.ts.map

package/dist/_internal/platform/auth/auto-refresh-middleware.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auto-refresh-middleware.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/auto-refresh-middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,KAAK,EAAoB,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAC3F,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAKhE;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,2BAA2B,CACzC,WAAW,EAAE,sBAAsB,EACnC,SAAS,EAAE,IAAI,CAAC,iBAAiB,EAAE,aAAa,CAAC,EACjD,UAAU,EAAE,mBAAmB,GAC9B,mBAAmB,CAyGrB"}

package/dist/_internal/platform/auth/auto-refresh-middleware.js ADDED Viewed

@@ -0,0 +1,155 @@
+/**
+ * Auto-refresh transport middleware.
+ *
+ * Integrates `AutoRefreshCoordinator` at the transport boundary so that ALL
+ * typed operator/peer SDK calls benefit from silent token refresh — not only
+ * `auth.current()`.
+ *
+ * Responsibilities:
+ *   1. Pre-flight: call `coordinator.ensureFreshToken()` before dispatching the
+ *      request. Updates `ctx.headers.Authorization` with the fresh token so
+ *      consumer middleware (which runs after this one) sees the current token.
+ *   2. Reactive 401: if `next()` throws a 401-shaped error, trigger a refresh
+ *      via `coordinator.refreshAndRetryOnce()` and set `ctx.response` to the
+ *      retry result so the transport can return it to the caller.
+ *   3. Loop prevention: retry requests carry `__gv_ar_attempted: true` in their
+ *      options. The middleware recognises this flag and passes through without
+ *      additional refresh logic, preventing infinite recursion.
+ *   4. Error passthrough: terminal auth errors from the coordinator are placed
+ *      directly onto `ctx.error` rather than thrown, so the transport's
+ *      middleware-error-wrapping instrumentation does not re-wrap them as
+ *      `kind:'unknown'`.
+ */
+/** Internal flag key — never conflicts with public HttpJsonRequestOptions fields. */
+const ATTEMPTED_FLAG = '__gv_ar_attempted';
+/**
+ * Create a transport middleware that integrates the `AutoRefreshCoordinator`
+ * into every HTTP request.
+ *
+ * @param coordinator - The auto-refresh coordinator managing token lifecycle.
+ * @param transport   - The HTTP JSON transport used to re-issue the request on
+ *                      reactive 401 retry. Must be the same transport instance
+ *                      whose middleware chain contains this middleware, so that
+ *                      the retry benefits from other middleware (e.g. logging,
+ *                      tracing) except for another auto-refresh cycle.
+ * @param tokenStore  - The token store from which to read the fresh token after
+ *                      pre-flight refresh, so `ctx.headers.Authorization` can
+ *                      be updated before consumer middleware runs.
+ *
+ * @example
+ * const mw = createAutoRefreshMiddleware(coordinator, transport, tokenStore);
+ * transport.use(mw);
+ */
+export function createAutoRefreshMiddleware(coordinator, transport, tokenStore) {
+    return async function autoRefreshMiddleware(ctx, next) {
+        // ── Loop-prevention guard ────────────────────────────────────────────────
+        // Retry requests issued by this middleware carry the flag. When we see it,
+        // simply forward the request without any refresh logic.
+        // We catch and re-place errors onto ctx.error so they are NOT tagged as
+        // "middleware errors" by the transport's instrumented-chain wrapper — which
+        // would re-wrap them as GoodVibesSdkError{kind:'unknown'} and hide the
+        // original 401 status that refreshAndRetryOnce needs to detect.
+        if (ctx.options[ATTEMPTED_FLAG] === true) {
+            try {
+                await next();
+            }
+            catch (passthroughErr) {
+                ctx.error = passthroughErr;
+            }
+            return;
+        }
+        // ── Pre-flight refresh ───────────────────────────────────────────────────
+        // Silently refreshes the token when it is within the leeway window.
+        // After refresh, update ctx.headers.Authorization with the fresh token so
+        // consumer middleware (which runs after this one in the chain) sees the
+        // current Bearer token, not the stale one that was set when ctx was built.
+        await coordinator.ensureFreshToken();
+        const freshToken = await tokenStore.getToken();
+        if (freshToken) {
+            ctx.headers['Authorization'] = `Bearer ${freshToken}`;
+        }
+        // ── Dispatch request ─────────────────────────────────────────────────────
+        // We catch ALL errors from next() rather than re-throwing them directly.
+        // Re-throwing from within a middleware causes the transport's instrumented-
+        // chain wrapper to tag the error as "from this middleware" and re-wrap it
+        // as GoodVibesSdkError{kind:'unknown'}, even when the error originated
+        // from the real fetch (innerFetch). By placing non-401 errors onto
+        // ctx.error instead, they bypass the middleware-wrapping path and propagate
+        // with their original type and kind intact.
+        let caughtErr;
+        let nextSucceeded = false;
+        try {
+            await next();
+            nextSucceeded = true;
+        }
+        catch (err) {
+            caughtErr = err;
+        }
+        if (nextSucceeded) {
+            return; // success — nothing more to do
+        }
+        if (!is401Error(caughtErr)) {
+            // Non-401 error (e.g. 5xx, network) — place on ctx.error so it exits
+            // the middleware chain without triggering middleware-error wrapping.
+            ctx.error = caughtErr;
+            return;
+        }
+        // ── Reactive 401 retry ─────────────────────────────────────────────────
+        // Build retry options that preserve the original request attributes and
+        // carry the loop-prevention flag so the next pass through this middleware
+        // just calls next() without re-entering the refresh logic.
+        const retryOptions = {
+            method: ctx.method,
+            body: ctx.body,
+            signal: ctx.signal,
+            [ATTEMPTED_FLAG]: true,
+        };
+        // Delegate to coordinator.refreshAndRetryOnce — this refreshes the token
+        // exactly once and executes the retry fn once. If the retry also returns
+        // 401, it throws GoodVibesSdkError{kind:'auth'} (Wave 6 three-part message).
+        //
+        // IMPORTANT: we place terminal errors onto ctx.error instead of re-throwing
+        // them. This bypasses the transport's middleware-error-wrapping path
+        // (which would re-label them as kind:'unknown') and lets the transport's
+        // outer `if (ctx.error) throw ctx.error` propagate them cleanly.
+        let retryResult;
+        try {
+            retryResult = await coordinator.refreshAndRetryOnce(async () => {
+                // transport.requestJson goes through the full middleware chain; the
+                // ATTEMPTED_FLAG ensures this middleware is a passthrough on that call.
+                return transport.requestJson(ctx.url, retryOptions);
+            });
+        }
+        catch (retryErr) {
+            // Place onto ctx.error — transport's post-chain check will rethrow it
+            // without the middleware-wrapping treatment.
+            ctx.error = retryErr;
+            return;
+        }
+        // Put the retry result back onto ctx.response so the transport's outer
+        // requestJson can resolve it via `await ctx.response.json()`.
+        // Also clear ctx.error: the innerFetch path sets it when it throws (before
+        // re-throwing), so it reflects the original 401. Since we handled the 401
+        // successfully, we must clear it so the transport's `if (ctx.error) throw`
+        // guard does not re-raise the already-resolved error.
+        ctx.error = undefined;
+        ctx.response = new Response(JSON.stringify(retryResult), {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+        });
+    };
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+/** Detect a 401 response across the various error shapes the SDK produces. */
+function is401Error(error) {
+    if (typeof error !== 'object' || error === null)
+        return false;
+    const e = error;
+    const status = e.status ??
+        e.transport?.status ??
+        e.response?.status ??
+        e.cause?.response?.status;
+    return status === 401;
+}

package/dist/_internal/platform/auth/auto-refresh.d.ts ADDED Viewed

@@ -0,0 +1,123 @@
+/**
+ * AutoRefreshCoordinator — Silent token refresh with in-flight request queuing.
+ *
+ * Prevents user-visible 401s by:
+ *   1. Pre-flight leeway check: if the token expires within refreshLeewayMs,
+ *      trigger a silent refresh before the request is dispatched.
+ *   2. Reactive 401 retry: if a request returns 401 and the token wasn't
+ *      already known expired, trigger a refresh then retry the request once.
+ *   3. In-flight queuing: while a refresh is in progress, subsequent refresh
+ *      attempts queue on the same promise — one refresh call for all waiters.
+ *
+ * When no refresh endpoint is available (the coordinator has no `refresh`
+ * function), the pre-flight check is a graceful no-op and the reactive path
+ * triggers a token re-read (which may succeed if the store was updated externally).
+ *
+ * Wave 6 three-part error messages:
+ *   [what happened] · [why] · [what to do]
+ */
+import type { GoodVibesTokenStore } from '../../../auth.js';
+import type { SDKObserver } from '../../../observer/index.js';
+export interface AutoRefreshOptions {
+    /**
+     * Enable or disable silent token refresh. Default: `true`.
+     * When `false`, 401 responses propagate immediately without retry.
+     */
+    readonly autoRefresh?: boolean;
+    /**
+     * Milliseconds before token expiry to trigger a silent refresh.
+     * Default: 60_000 (1 minute).
+     */
+    readonly refreshLeewayMs?: number;
+    /**
+     * Consumer-provided callback invoked to obtain a new token when the current
+     * token is near expiry (pre-flight leeway check) or a 401 is received
+     * (reactive retry path).
+     *
+     * The callback must return the new token string and, optionally, its expiry
+     * timestamp in Unix milliseconds. When provided, the coordinator calls this
+     * to perform the actual token refresh and persists the result via
+     * `setTokenEntry` (or `setToken` on stores that don't implement
+     * `setTokenEntry`).
+     *
+     * When absent, the coordinator's pre-flight check is a graceful no-op and
+     * the reactive 401 path re-reads the token store without making a network
+     * call (useful when an external party updates the store).
+     *
+     * @example
+     * const store = createMemoryTokenStore(initialToken);
+     * const sdk = createGoodVibesSdk({
+     *   baseUrl: 'https://daemon.example.com',
+     *   tokenStore: store,
+     *   autoRefresh: {
+     *     refresh: async () => {
+     *       const res = await fetch('/api/auth/refresh', { method: 'POST' });
+     *       const { token, expiresAt } = await res.json();
+     *       return { token, expiresAt };
+     *     },
+     *   },
+     * });
+     */
+    readonly refresh?: () => Promise<{
+        token: string;
+        expiresAt?: number;
+    }>;
+}
+export interface AutoRefreshCoordinatorOptions {
+    readonly tokenStore: GoodVibesTokenStore;
+    readonly autoRefresh: boolean;
+    readonly refreshLeewayMs: number;
+    /**
+     * Optional refresh function. Called to acquire a new token when the current
+     * one is near expiry or a 401 was received.
+     *
+     * If undefined, the coordinator performs a graceful no-op (does not
+     * error) — in-flight queuing and leeway checks are still respected, but
+     * no network call is made. Reactive 401 retry still re-reads the token
+     * store in case an external party updated it.
+     */
+    readonly refresh?: () => Promise<{
+        token: string;
+        expiresAt?: number;
+    }>;
+    readonly observer?: SDKObserver;
+}
+export declare class AutoRefreshCoordinator {
+    #private;
+    constructor(options: AutoRefreshCoordinatorOptions);
+    /**
+     * Call before dispatching a request. If the token is near expiry (within
+     * `refreshLeewayMs`), silently refreshes before the request goes out.
+     *
+     * If `autoRefresh` is disabled, this is a no-op.
+     */
+    ensureFreshToken(): Promise<void>;
+    /**
+     * Execute `fn` and retry once on 401 after triggering a refresh.
+     *
+     * If `autoRefresh` is false, the first 401 is rethrown immediately.
+     * If the retry also returns 401, throws `GoodVibesSdkError{kind:'auth'}`.
+     *
+     * @param fn - The request function to execute. Must be side-effect-safe to
+     *   call twice (called at most twice).
+     */
+    withRetryOn401<T>(fn: () => Promise<T>): Promise<T>;
+    /**
+     * Refresh the token immediately and execute `fn` exactly once as the retry.
+     *
+     * Unlike `withRetryOn401`, this method does NOT call `fn` before refreshing —
+     * it assumes the caller already received a 401 on the initial attempt. It
+     * refreshes the token (serialised via the shared promise, as with
+     * `withRetryOn401`) and then calls `fn` a single time.
+     *
+     * If `fn` throws a 401 on retry, a terminal `GoodVibesSdkError{kind:'auth'}`
+     * is thrown with the Wave 6 three-part message format.
+     *
+     * Used by `createAutoRefreshMiddleware` to avoid making an extra HTTP call
+     * when the middleware already observed the initial 401 from `next()`.
+     *
+     * @param fn - The retry request to execute after the refresh completes.
+     */
+    refreshAndRetryOnce<T>(fn: () => Promise<T>): Promise<T>;
+}
+//# sourceMappingURL=auto-refresh.d.ts.map

package/dist/_internal/platform/auth/auto-refresh.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auto-refresh.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/auto-refresh.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAGH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAO9D,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC;IAE/B;;;OAGG;IACH,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAElC;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACzE;AAED,MAAM,WAAW,6BAA6B;IAC5C,QAAQ,CAAC,UAAU,EAAE,mBAAmB,CAAC;IACzC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC;;;;;;;;OAQG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACxE,QAAQ,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC;CACjC;AAMD,qBAAa,sBAAsB;;gBAUrB,OAAO,EAAE,6BAA6B;IAsGlD;;;;;OAKG;IACG,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;IAYvC;;;;;;;;OAQG;IACG,cAAc,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IA0CzD;;;;;;;;;;;;;;;OAeG;IACG,mBAAmB,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CA2B/D"}