@robosystems/client 0.1.21 → 0.1.23

package/extensions/CopyClient.d.ts

@@ -34,6 +34,7 @@ export declare class CopyClient {
         baseUrl: string;
         credentials?: 'include' | 'same-origin' | 'omit';
         headers?: Record<string, string>;
+        token?: string;
     });
     /**
      * Copy data from S3 to graph database

package/extensions/CopyClient.js

@@ -36,9 +36,12 @@ class CopyClient {
     async executeCopy(graphId, request, _sourceType, options = {}) {
         const startTime = Date.now();
         const data = {
-            url: '/v1/{graph_id}/copy',
+            url: '/v1/graphs/{graph_id}/copy',
             path: { graph_id: graphId },
             body: request,
+            query: {
+                token: this.config.token, // Pass JWT token for SSE authentication
+            },
         };
         try {
             // Execute the copy request

package/extensions/CopyClient.ts

@@ -53,12 +53,14 @@ export class CopyClient {
     baseUrl: string
     credentials?: 'include' | 'same-origin' | 'omit'
     headers?: Record<string, string>
+    token?: string // JWT token for authentication
   }
 
   constructor(config: {
     baseUrl: string
     credentials?: 'include' | 'same-origin' | 'omit'
     headers?: Record<string, string>
+    token?: string // JWT token for authentication
   }) {
     this.config = config
   }
@@ -108,9 +110,12 @@ export class CopyClient {
     const startTime = Date.now()
 
     const data: CopyDataToGraphData = {
-      url: '/v1/{graph_id}/copy' as const,
+      url: '/v1/graphs/{graph_id}/copy' as const,
       path: { graph_id: graphId },
       body: request,
+      query: {
+        token: this.config.token, // Pass JWT token for SSE authentication
+      },
     }
 
     try {

package/extensions/OperationClient.d.ts

@@ -24,6 +24,7 @@ export declare class OperationClient {
         baseUrl: string;
         credentials?: 'include' | 'same-origin' | 'omit';
         headers?: Record<string, string>;
+        token?: string;
         maxRetries?: number;
         retryDelay?: number;
     });

package/extensions/OperationClient.ts

@@ -34,6 +34,7 @@ export class OperationClient {
     baseUrl: string
     credentials?: 'include' | 'same-origin' | 'omit'
     headers?: Record<string, string>
+    token?: string // JWT token for authentication
     maxRetries?: number
     retryDelay?: number
   }
@@ -44,6 +45,7 @@ export class OperationClient {
     baseUrl: string
     credentials?: 'include' | 'same-origin' | 'omit'
     headers?: Record<string, string>
+    token?: string // JWT token for authentication
     maxRetries?: number
     retryDelay?: number
   }) {

package/extensions/QueryClient.d.ts

@@ -33,6 +33,7 @@ export declare class QueryClient {
         baseUrl: string;
         credentials?: 'include' | 'same-origin' | 'omit';
         headers?: Record<string, string>;
+        token?: string;
     });
     executeQuery(graphId: string, request: QueryRequest, options?: QueryOptions): Promise<QueryResult | AsyncIterableIterator<any>>;
     private streamQueryResults;

package/extensions/QueryClient.js

@@ -14,7 +14,7 @@ class QueryClient {
     }
     async executeQuery(graphId, request, options = {}) {
         const data = {
-            url: '/v1/{graph_id}/query',
+            url: '/v1/graphs/{graph_id}/query',
             path: { graph_id: graphId },
             body: {
                 query: request.query,
@@ -23,6 +23,7 @@ class QueryClient {
             query: {
                 mode: options.mode,
                 test_mode: options.testMode,
+                token: this.config.token, // Pass JWT token for SSE authentication
             },
         };
         // Execute the query

package/extensions/QueryClient.ts

@@ -47,12 +47,14 @@ export class QueryClient {
     baseUrl: string
     credentials?: 'include' | 'same-origin' | 'omit'
     headers?: Record<string, string>
+    token?: string // JWT token for authentication
   }
 
   constructor(config: {
     baseUrl: string
     credentials?: 'include' | 'same-origin' | 'omit'
     headers?: Record<string, string>
+    token?: string // JWT token for authentication
   }) {
     this.config = config
   }
@@ -63,7 +65,7 @@ export class QueryClient {
     options: QueryOptions = {}
   ): Promise<QueryResult | AsyncIterableIterator<any>> {
     const data: ExecuteCypherQueryData = {
-      url: '/v1/{graph_id}/query' as const,
+      url: '/v1/graphs/{graph_id}/query' as const,
       path: { graph_id: graphId },
       body: {
         query: request.query,
@@ -72,6 +74,7 @@ export class QueryClient {
       query: {
         mode: options.mode,
         test_mode: options.testMode,
+        token: this.config.token, // Pass JWT token for SSE authentication
       },
     }
 

package/extensions/SSEClient.d.ts

@@ -1,11 +1,25 @@
 /**
  * Core SSE (Server-Sent Events) client for RoboSystems API
  * Provides automatic reconnection, event replay, and type-safe event handling
+ *
+ * SECURITY NOTE: When using JWT authentication, tokens are passed as query parameters
+ * due to EventSource API limitations. This means tokens may appear in:
+ * - Server access logs
+ * - Proxy logs
+ * - Browser history
+ * - Referer headers
+ *
+ * For production environments with sensitive data, consider:
+ * - Using cookie-based authentication instead
+ * - Implementing a WebSocket-based alternative
+ * - Using short-lived tokens that expire quickly
+ * - Ensuring all connections use HTTPS
  */
 export interface SSEConfig {
     baseUrl: string;
     credentials?: 'include' | 'same-origin' | 'omit';
     headers?: Record<string, string>;
+    token?: string;
     maxRetries?: number;
     retryDelay?: number;
     heartbeatInterval?: number;

package/extensions/SSEClient.js

@@ -28,7 +28,13 @@ class SSEClient {
     }
     async connect(operationId, fromSequence = 0) {
         return new Promise((resolve, reject) => {
-            const url = `${this.config.baseUrl}/v1/operations/${operationId}/stream?from_sequence=${fromSequence}`;
+            let url = `${this.config.baseUrl}/v1/operations/${operationId}/stream?from_sequence=${fromSequence}`;
+            // Add JWT token as query parameter if provided
+            // WARNING: EventSource API doesn't support custom headers, so tokens are passed via query param
+            // This has security implications - see class documentation
+            if (this.config.token) {
+                url += `&token=${encodeURIComponent(this.config.token)}`;
+            }
             this.eventSource = new EventSource(url, {
                 withCredentials: this.config.credentials === 'include',
             });

package/extensions/SSEClient.ts

@@ -3,12 +3,26 @@
 /**
  * Core SSE (Server-Sent Events) client for RoboSystems API
  * Provides automatic reconnection, event replay, and type-safe event handling
+ *
+ * SECURITY NOTE: When using JWT authentication, tokens are passed as query parameters
+ * due to EventSource API limitations. This means tokens may appear in:
+ * - Server access logs
+ * - Proxy logs
+ * - Browser history
+ * - Referer headers
+ *
+ * For production environments with sensitive data, consider:
+ * - Using cookie-based authentication instead
+ * - Implementing a WebSocket-based alternative
+ * - Using short-lived tokens that expire quickly
+ * - Ensuring all connections use HTTPS
  */
 
 export interface SSEConfig {
   baseUrl: string
   credentials?: 'include' | 'same-origin' | 'omit'
   headers?: Record<string, string>
+  token?: string // JWT token for authentication
   maxRetries?: number
   retryDelay?: number
   heartbeatInterval?: number
@@ -53,7 +67,14 @@ export class SSEClient {
 
   async connect(operationId: string, fromSequence: number = 0): Promise<void> {
     return new Promise((resolve, reject) => {
-      const url = `${this.config.baseUrl}/v1/operations/${operationId}/stream?from_sequence=${fromSequence}`
+      let url = `${this.config.baseUrl}/v1/operations/${operationId}/stream?from_sequence=${fromSequence}`
+
+      // Add JWT token as query parameter if provided
+      // WARNING: EventSource API doesn't support custom headers, so tokens are passed via query param
+      // This has security implications - see class documentation
+      if (this.config.token) {
+        url += `&token=${encodeURIComponent(this.config.token)}`
+      }
 
       this.eventSource = new EventSource(url, {
         withCredentials: this.config.credentials === 'include',

package/extensions/config.d.ts

@@ -6,6 +6,7 @@ export interface SDKExtensionsConfig {
     baseUrl?: string;
     credentials?: 'include' | 'same-origin' | 'omit';
     headers?: Record<string, string>;
+    token?: string;
     timeout?: number;
     maxRetries?: number;
     retryDelay?: number;
@@ -24,6 +25,30 @@ export declare function getSDKExtensionsConfig(): SDKExtensionsConfig;
  * Reset configuration to defaults
  */
 export declare function resetSDKExtensionsConfig(): void;
+/**
+ * Extract JWT token from Authorization header
+ * @param authHeader Authorization header value
+ * @returns JWT token or undefined
+ */
+export declare function extractJWTFromHeader(authHeader?: string | string[]): string | undefined;
+/**
+ * Validate JWT token format (basic validation)
+ * @param token JWT token to validate
+ * @returns true if token appears valid
+ */
+export declare function isValidJWT(token: string | undefined): boolean;
+/**
+ * Extract JWT token from SDK client configuration
+ * Centralizes the logic for extracting tokens from the client
+ * @returns JWT token or undefined
+ */
+export declare function extractTokenFromSDKClient(): string | undefined;
+/**
+ * Configure SDK extensions for JWT authentication
+ * @param token JWT token
+ * @param config Additional configuration options
+ */
+export declare function configureWithJWT(token: string, config?: Partial<SDKExtensionsConfig>): void;
 /**
  * Get configuration for a specific environment
  * @param env Environment name (production, staging, development)

package/extensions/config.js

@@ -4,11 +4,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.setSDKExtensionsConfig = setSDKExtensionsConfig;
 exports.getSDKExtensionsConfig = getSDKExtensionsConfig;
 exports.resetSDKExtensionsConfig = resetSDKExtensionsConfig;
+exports.extractJWTFromHeader = extractJWTFromHeader;
+exports.isValidJWT = isValidJWT;
+exports.extractTokenFromSDKClient = extractTokenFromSDKClient;
+exports.configureWithJWT = configureWithJWT;
 exports.getEnvironmentConfig = getEnvironmentConfig;
 // Default configuration
 const defaultConfig = {
     baseUrl: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8000',
     credentials: 'include',
+    token: undefined, // Will be set from environment or programmatically
     timeout: 30000,
     maxRetries: 3,
     retryDelay: 1000,
@@ -38,6 +43,79 @@ function getSDKExtensionsConfig() {
 function resetSDKExtensionsConfig() {
     globalConfig = { ...defaultConfig };
 }
+/**
+ * Extract JWT token from Authorization header
+ * @param authHeader Authorization header value
+ * @returns JWT token or undefined
+ */
+function extractJWTFromHeader(authHeader) {
+    if (!authHeader)
+        return undefined;
+    const headerValue = Array.isArray(authHeader) ? authHeader[0] : authHeader;
+    if (typeof headerValue === 'string' && headerValue.startsWith('Bearer ')) {
+        return headerValue.substring(7);
+    }
+    return undefined;
+}
+/**
+ * Validate JWT token format (basic validation)
+ * @param token JWT token to validate
+ * @returns true if token appears valid
+ */
+function isValidJWT(token) {
+    if (!token || typeof token !== 'string')
+        return false;
+    try {
+        const parts = token.split('.');
+        // JWT should have exactly 3 parts: header.payload.signature
+        return parts.length === 3 && parts.every((part) => part.length > 0);
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Extract JWT token from SDK client configuration
+ * Centralizes the logic for extracting tokens from the client
+ * @returns JWT token or undefined
+ */
+function extractTokenFromSDKClient() {
+    // Import dynamically to avoid circular dependency
+    const { client } = require('../sdk/client.gen');
+    const sdkConfig = getSDKExtensionsConfig();
+    // Priority 1: Use explicitly configured token
+    if (sdkConfig.token) {
+        return sdkConfig.token;
+    }
+    // Priority 2: Extract from SDK client headers
+    const clientConfig = client.getConfig();
+    if (clientConfig.headers) {
+        if (typeof clientConfig.headers === 'object' && !Array.isArray(clientConfig.headers)) {
+            const headers = clientConfig.headers;
+            const token = extractJWTFromHeader(headers.Authorization);
+            if (isValidJWT(token)) {
+                return token;
+            }
+        }
+    }
+    return undefined;
+}
+/**
+ * Configure SDK extensions for JWT authentication
+ * @param token JWT token
+ * @param config Additional configuration options
+ */
+function configureWithJWT(token, config) {
+    if (!isValidJWT(token)) {
+        console.warn('Warning: Provided JWT token does not appear to be valid');
+    }
+    setSDKExtensionsConfig({
+        ...config,
+        token,
+        // When using JWT, typically don't need cookies
+        credentials: config?.credentials || 'omit',
+    });
+}
 /**
  * Get configuration for a specific environment
  * @param env Environment name (production, staging, development)

package/extensions/config.ts

@@ -9,6 +9,7 @@ export interface SDKExtensionsConfig {
   baseUrl?: string
   credentials?: 'include' | 'same-origin' | 'omit'
   headers?: Record<string, string>
+  token?: string // JWT token for authentication
   timeout?: number
   maxRetries?: number
   retryDelay?: number
@@ -18,6 +19,7 @@ export interface SDKExtensionsConfig {
 const defaultConfig: SDKExtensionsConfig = {
   baseUrl: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8000',
   credentials: 'include',
+  token: undefined, // Will be set from environment or programmatically
   timeout: 30000,
   maxRetries: 3,
   retryDelay: 1000,
@@ -52,6 +54,88 @@ export function resetSDKExtensionsConfig() {
   globalConfig = { ...defaultConfig }
 }
 
+/**
+ * Extract JWT token from Authorization header
+ * @param authHeader Authorization header value
+ * @returns JWT token or undefined
+ */
+export function extractJWTFromHeader(authHeader?: string | string[]): string | undefined {
+  if (!authHeader) return undefined
+
+  const headerValue = Array.isArray(authHeader) ? authHeader[0] : authHeader
+  if (typeof headerValue === 'string' && headerValue.startsWith('Bearer ')) {
+    return headerValue.substring(7)
+  }
+
+  return undefined
+}
+
+/**
+ * Validate JWT token format (basic validation)
+ * @param token JWT token to validate
+ * @returns true if token appears valid
+ */
+export function isValidJWT(token: string | undefined): boolean {
+  if (!token || typeof token !== 'string') return false
+
+  try {
+    const parts = token.split('.')
+    // JWT should have exactly 3 parts: header.payload.signature
+    return parts.length === 3 && parts.every((part) => part.length > 0)
+  } catch {
+    return false
+  }
+}
+
+/**
+ * Extract JWT token from SDK client configuration
+ * Centralizes the logic for extracting tokens from the client
+ * @returns JWT token or undefined
+ */
+export function extractTokenFromSDKClient(): string | undefined {
+  // Import dynamically to avoid circular dependency
+  const { client } = require('../sdk/client.gen')
+
+  const sdkConfig = getSDKExtensionsConfig()
+
+  // Priority 1: Use explicitly configured token
+  if (sdkConfig.token) {
+    return sdkConfig.token
+  }
+
+  // Priority 2: Extract from SDK client headers
+  const clientConfig = client.getConfig()
+  if (clientConfig.headers) {
+    if (typeof clientConfig.headers === 'object' && !Array.isArray(clientConfig.headers)) {
+      const headers = clientConfig.headers as Record<string, unknown>
+      const token = extractJWTFromHeader(headers.Authorization as string | undefined)
+      if (isValidJWT(token)) {
+        return token
+      }
+    }
+  }
+
+  return undefined
+}
+
+/**
+ * Configure SDK extensions for JWT authentication
+ * @param token JWT token
+ * @param config Additional configuration options
+ */
+export function configureWithJWT(token: string, config?: Partial<SDKExtensionsConfig>) {
+  if (!isValidJWT(token)) {
+    console.warn('Warning: Provided JWT token does not appear to be valid')
+  }
+
+  setSDKExtensionsConfig({
+    ...config,
+    token,
+    // When using JWT, typically don't need cookies
+    credentials: config?.credentials || 'omit',
+  })
+}
+
 /**
  * Get configuration for a specific environment
  * @param env Environment name (production, staging, development)

package/extensions/hooks.js

@@ -40,10 +40,13 @@ function useQuery(graphId) {
     (0, react_1.useEffect)(() => {
         const sdkConfig = (0, config_1.getSDKExtensionsConfig)();
         const clientConfig = client_gen_1.client.getConfig();
+        // Extract JWT token (uses centralized logic)
+        const token = (0, config_1.extractTokenFromSDKClient)();
         clientRef.current = new QueryClient_1.QueryClient({
             baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
             credentials: sdkConfig.credentials,
             headers: sdkConfig.headers,
+            token,
         });
         return () => {
             clientRef.current?.close();
@@ -120,6 +123,7 @@ function useStreamingQuery(graphId) {
             baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
             credentials: sdkConfig.credentials,
             headers: sdkConfig.headers,
+            token: sdkConfig.token,
         });
         return () => {
             clientRef.current?.close();
@@ -193,9 +197,12 @@ function useOperation(operationId) {
     (0, react_1.useEffect)(() => {
         const sdkConfig = (0, config_1.getSDKExtensionsConfig)();
         const clientConfig = client_gen_1.client.getConfig();
+        // Extract JWT token (uses centralized logic)
+        const token = (0, config_1.extractTokenFromSDKClient)();
         clientRef.current = new OperationClient_1.OperationClient({
             baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
             credentials: sdkConfig.credentials,
+            token,
             maxRetries: sdkConfig.maxRetries,
             retryDelay: sdkConfig.retryDelay,
         });
@@ -289,9 +296,12 @@ function useMultipleOperations() {
     (0, react_1.useEffect)(() => {
         const sdkConfig = (0, config_1.getSDKExtensionsConfig)();
         const clientConfig = client_gen_1.client.getConfig();
+        // Extract JWT token (uses centralized logic)
+        const token = (0, config_1.extractTokenFromSDKClient)();
         clientRef.current = new OperationClient_1.OperationClient({
             baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
             credentials: sdkConfig.credentials,
+            token,
             maxRetries: sdkConfig.maxRetries,
             retryDelay: sdkConfig.retryDelay,
         });
@@ -354,10 +364,13 @@ function useSDKClients() {
     (0, react_1.useEffect)(() => {
         const sdkConfig = (0, config_1.getSDKExtensionsConfig)();
         const clientConfig = client_gen_1.client.getConfig();
+        // Extract JWT token (uses centralized logic)
+        const token = (0, config_1.extractTokenFromSDKClient)();
         const baseConfig = {
             baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
             credentials: sdkConfig.credentials,
             headers: sdkConfig.headers,
+            token,
         };
         const copyClient = new CopyClient_1.CopyClient(baseConfig);
         const queryClient = new QueryClient_1.QueryClient(baseConfig);
@@ -404,10 +417,13 @@ function useCopy(graphId) {
     (0, react_1.useEffect)(() => {
         const sdkConfig = (0, config_1.getSDKExtensionsConfig)();
         const clientConfig = client_gen_1.client.getConfig();
+        // Extract JWT token (uses centralized logic)
+        const token = (0, config_1.extractTokenFromSDKClient)();
         clientRef.current = new CopyClient_1.CopyClient({
             baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
             credentials: sdkConfig.credentials,
             headers: sdkConfig.headers,
+            token,
         });
         return () => {
             clientRef.current?.close();

package/extensions/hooks.ts

@@ -8,7 +8,7 @@
 import { useCallback, useEffect, useRef, useState } from 'react'
 import { client } from '../client.gen'
 import type { S3CopyRequest } from '../types.gen'
-import { getSDKExtensionsConfig } from './config'
+import { extractTokenFromSDKClient, getSDKExtensionsConfig } from './config'
 import type { CopyOptions, CopyResult } from './CopyClient'
 import { CopyClient } from './CopyClient'
 import type { OperationProgress, OperationResult } from './OperationClient'
@@ -40,10 +40,15 @@ export function useQuery(graphId: string) {
   useEffect(() => {
     const sdkConfig = getSDKExtensionsConfig()
     const clientConfig = client.getConfig()
+
+    // Extract JWT token (uses centralized logic)
+    const token = extractTokenFromSDKClient()
+
     clientRef.current = new QueryClient({
       baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
       credentials: sdkConfig.credentials,
       headers: sdkConfig.headers,
+      token,
     })
 
     return () => {
@@ -140,6 +145,7 @@ export function useStreamingQuery(graphId: string) {
       baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
       credentials: sdkConfig.credentials,
       headers: sdkConfig.headers,
+      token: sdkConfig.token,
     })
 
     return () => {
@@ -229,9 +235,14 @@ export function useOperation<T = any>(operationId?: string) {
   useEffect(() => {
     const sdkConfig = getSDKExtensionsConfig()
     const clientConfig = client.getConfig()
+
+    // Extract JWT token (uses centralized logic)
+    const token = extractTokenFromSDKClient()
+
     clientRef.current = new OperationClient({
       baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
       credentials: sdkConfig.credentials,
+      token,
       maxRetries: sdkConfig.maxRetries,
       retryDelay: sdkConfig.retryDelay,
     })
@@ -337,9 +348,14 @@ export function useMultipleOperations<T = any>() {
   useEffect(() => {
     const sdkConfig = getSDKExtensionsConfig()
     const clientConfig = client.getConfig()
+
+    // Extract JWT token (uses centralized logic)
+    const token = extractTokenFromSDKClient()
+
     clientRef.current = new OperationClient({
       baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
       credentials: sdkConfig.credentials,
+      token,
       maxRetries: sdkConfig.maxRetries,
       retryDelay: sdkConfig.retryDelay,
     })
@@ -419,10 +435,15 @@ export function useSDKClients() {
   useEffect(() => {
     const sdkConfig = getSDKExtensionsConfig()
     const clientConfig = client.getConfig()
+
+    // Extract JWT token (uses centralized logic)
+    const token = extractTokenFromSDKClient()
+
     const baseConfig = {
       baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
       credentials: sdkConfig.credentials,
       headers: sdkConfig.headers,
+      token,
     }
 
     const copyClient = new CopyClient(baseConfig)
@@ -478,10 +499,15 @@ export function useCopy(graphId: string) {
   useEffect(() => {
     const sdkConfig = getSDKExtensionsConfig()
     const clientConfig = client.getConfig()
+
+    // Extract JWT token (uses centralized logic)
+    const token = extractTokenFromSDKClient()
+
     clientRef.current = new CopyClient({
       baseUrl: sdkConfig.baseUrl || clientConfig.baseUrl || 'http://localhost:8000',
       credentials: sdkConfig.credentials,
       headers: sdkConfig.headers,
+      token,
     })
 
     return () => {

package/extensions/index.d.ts

@@ -9,6 +9,8 @@ import { SSEClient } from './SSEClient';
 export interface RoboSystemsExtensionConfig {
     baseUrl?: string;
     credentials?: 'include' | 'same-origin' | 'omit';
+    token?: string;
+    headers?: Record<string, string>;
     maxRetries?: number;
     retryDelay?: number;
 }