npm - @persql/sdk - Versions diffs - 1.3.0 → 1.4.1 - Mend

@persql/sdk 1.3.0 → 1.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/README.md +37 -0
package/dist/{chunk-SIJU2P7U.js → chunk-HTQP2S7I.js} +135 -1
package/dist/chunk-HTQP2S7I.js.map +1 -0
package/dist/cli.cjs +132 -0
package/dist/cli.cjs.map +1 -1
package/dist/cli.js +1 -1
package/dist/index.cjs +138 -2
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +83 -1
package/dist/index.d.ts +83 -1
package/dist/index.js +7 -3
package/package.json +1 -1
package/dist/chunk-SIJU2P7U.js.map +0 -1

package/dist/cli.js CHANGED Viewed

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   PerSQL
-} from "./chunk-SIJU2P7U.js";
+} from "./chunk-HTQP2S7I.js";
 // src/cli.ts
 import { writeFile } from "fs/promises";

package/dist/index.cjs CHANGED Viewed

@@ -30,7 +30,9 @@ __export(index_exports, {
   PerSQLError: () => PerSQLError,
   PerSQLProposals: () => PerSQLProposals,
   RateLimitError: () => RateLimitError,
-  SupportClient: () => SupportClient
+  SupportClient: () => SupportClient,
+  createAuthorizeUrl: () => createAuthorizeUrl,
+  exchangeAuthorizationCode: () => exchangeAuthorizationCode
 });
 module.exports = __toCommonJS(index_exports);
@@ -207,6 +209,96 @@ function runOne(db, sql, params) {
   };
 }
+// src/connect.ts
+async function createAuthorizeUrl(opts) {
+  const base = (opts.baseURL ?? "https://api.persql.com").replace(/\/$/, "");
+  const codeVerifier = opts.codeVerifier ?? randomUrlBytes(32);
+  const state = opts.state ?? randomUrlBytes(16);
+  const challenge = await sha256Base64Url(codeVerifier);
+  const params = new URLSearchParams({
+    response_type: "code",
+    client_id: opts.clientId,
+    redirect_uri: opts.redirectUri,
+    scope: opts.scope ?? "database",
+    code_challenge: challenge,
+    code_challenge_method: "S256",
+    state
+  });
+  return { url: `${base}/oauth/authorize?${params.toString()}`, codeVerifier, state };
+}
+async function exchangeAuthorizationCode(opts) {
+  const base = (opts.baseURL ?? "https://api.persql.com").replace(/\/$/, "");
+  const fetcher = opts.fetch ?? globalThis.fetch?.bind(globalThis);
+  if (!fetcher) throw new Error("PerSQL connect: no fetch available \u2014 pass { fetch }.");
+  const body = new URLSearchParams({
+    grant_type: "authorization_code",
+    code: opts.code,
+    client_id: opts.clientId,
+    redirect_uri: opts.redirectUri,
+    code_verifier: opts.codeVerifier
+  });
+  if (opts.clientSecret) body.set("client_secret", opts.clientSecret);
+  const res = await fetcher(`${base}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: body.toString()
+  });
+  const json = await res.json().catch(() => null);
+  if (!res.ok || !json?.access_token || !json.database) {
+    throw new Error(
+      json?.error_description ?? json?.error ?? `PerSQL connect: token exchange failed (${res.status})`
+    );
+  }
+  return {
+    accessToken: json.access_token,
+    database: json.database,
+    apiUrl: json.api_url ?? base,
+    scope: json.scope ?? "",
+    idToken: json.id_token,
+    userEmail: json.user_email
+  };
+}
+function getCrypto() {
+  const c = globalThis.crypto;
+  if (!c?.getRandomValues) {
+    throw new Error(
+      'PerSQL connect: Web Crypto is unavailable. In bare React Native, import "react-native-get-random-values" and a Web Crypto SHA-256 polyfill, or exchange the code on your server.'
+    );
+  }
+  return c;
+}
+function randomUrlBytes(n) {
+  const bytes = new Uint8Array(n);
+  getCrypto().getRandomValues(bytes);
+  return base64url(bytes);
+}
+async function sha256Base64Url(input) {
+  const c = getCrypto();
+  if (!c.subtle) {
+    throw new Error(
+      "PerSQL connect: crypto.subtle is unavailable (needed for PKCE S256). Polyfill Web Crypto, or exchange the code on your server."
+    );
+  }
+  const digest = await c.subtle.digest("SHA-256", new TextEncoder().encode(input));
+  return base64url(new Uint8Array(digest));
+}
+var B64URL = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+function base64url(bytes) {
+  let out = "";
+  for (let i = 0; i < bytes.length; i += 3) {
+    const b0 = bytes[i];
+    const b1 = bytes[i + 1];
+    const b2 = bytes[i + 2];
+    out += B64URL[b0 >> 2];
+    out += B64URL[(b0 & 3) << 4 | (b1 ?? 0) >> 4];
+    if (b1 === void 0) break;
+    out += B64URL[(b1 & 15) << 2 | (b2 ?? 0) >> 6];
+    if (b2 === void 0) break;
+    out += B64URL[b2 & 63];
+  }
+  return out;
+}
 // src/index.ts
 var PerSQLError = class extends Error {
   status;
@@ -316,6 +408,38 @@ var PerSQL = class _PerSQL {
     const client = new _PerSQL({ token: plaintext, baseURL, fetch: opts.fetch });
     return Object.assign(client, { handedOff });
   }
+  /**
+   * Step 1 of the `database`-scope sign-in (user-owned app databases):
+   * build the `/oauth/authorize` URL plus the PKCE verifier + state to
+   * keep. Open `url` in a browser / in-app browser / Expo AuthSession,
+   * then call {@link PerSQL.completeConnect} with the returned `code`.
+   *
+   *   const req = await PerSQL.beginConnect({
+   *     clientId, redirectUri, scope: "openid database",
+   *   });
+   *   // open req.url, capture { code, state }; verify state === req.state
+   */
+  static beginConnect(opts) {
+    return createAuthorizeUrl(opts);
+  }
+  /**
+   * Step 2: exchange the redirect's `code` for a scoped database token and
+   * get back a ready client. The granted database is on `.grant.database`.
+   *
+   *   const persql = await PerSQL.completeConnect({
+   *     clientId, redirectUri, code, codeVerifier: req.codeVerifier,
+   *   });
+   *   const db = persql.database(persql.grant.database);
+   */
+  static async completeConnect(opts) {
+    const grant = await exchangeAuthorizationCode(opts);
+    const client = new _PerSQL({
+      token: grant.accessToken,
+      baseURL: grant.apiUrl,
+      fetch: opts.fetch
+    });
+    return Object.assign(client, { grant });
+  }
   database(a, b) {
     if (b !== void 0) return new PerSQLDatabase(this, a, b);
     const [ns, slug] = a.split("/");
@@ -480,6 +604,16 @@ var PerSQLDatabases = class {
     }
     return { data: body.data ?? [], nextCursor: body.nextCursor ?? null };
   }
+  /** Delete a database by slug. Requires an admin-role unscoped token. */
+  async delete(slug) {
+    if (this.client.local) {
+      throw new Error("PerSQL: databases.delete() needs a server-mode token.");
+    }
+    return this.client.request(
+      "DELETE",
+      `/v1/databases/${encodeURIComponent(slug)}`
+    );
+  }
 };
 var PerSQLDatabase = class {
   constructor(client, namespace, slug) {
@@ -2085,6 +2219,8 @@ function rowsToObjects(columns, rows) {
   PerSQLError,
   PerSQLProposals,
   RateLimitError,
-  SupportClient
+  SupportClient,
+  createAuthorizeUrl,
+  exchangeAuthorizationCode
 });
 //# sourceMappingURL=index.cjs.map