@rool-dev/client 0.2.0 → 0.3.0-dev.2324cc8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +62 -33
- package/dist/auth-browser.d.ts +71 -0
- package/dist/auth-browser.d.ts.map +1 -0
- package/dist/auth-browser.js +328 -0
- package/dist/auth-browser.js.map +1 -0
- package/dist/auth-node.d.ts +33 -0
- package/dist/auth-node.d.ts.map +1 -0
- package/dist/auth-node.js +271 -0
- package/dist/auth-node.js.map +1 -0
- package/dist/auth.d.ts +7 -35
- package/dist/auth.d.ts.map +1 -1
- package/dist/auth.js +34 -326
- package/dist/auth.js.map +1 -1
- package/dist/client.d.ts +2 -2
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js +14 -14
- package/dist/client.js.map +1 -1
- package/dist/graph.d.ts +2 -2
- package/dist/graph.d.ts.map +1 -1
- package/dist/graph.js +27 -17
- package/dist/graph.js.map +1 -1
- package/dist/graphql.d.ts +1 -1
- package/dist/graphql.d.ts.map +1 -1
- package/dist/graphql.js +1 -1
- package/dist/graphql.js.map +1 -1
- package/dist/media.d.ts +1 -1
- package/dist/media.d.ts.map +1 -1
- package/dist/media.js +1 -1
- package/dist/media.js.map +1 -1
- package/dist/subscription.d.ts +1 -1
- package/dist/subscription.d.ts.map +1 -1
- package/dist/subscription.js +8 -6
- package/dist/subscription.js.map +1 -1
- package/dist/types.d.ts +30 -12
- package/dist/types.d.ts.map +1 -1
- package/package.json +9 -3
|
@@ -0,0 +1,271 @@
|
|
|
1
|
+
import * as http from 'node:http';
|
|
2
|
+
import * as fs from 'node:fs';
|
|
3
|
+
import * as path from 'node:path';
|
|
4
|
+
import * as os from 'node:os';
|
|
5
|
+
import open from 'open';
|
|
6
|
+
const GCIP_REFRESH_ENDPOINT = 'https://securetoken.googleapis.com/v1/token';
|
|
7
|
+
export class NodeAuthProvider {
|
|
8
|
+
config;
|
|
9
|
+
apiKey = null;
|
|
10
|
+
_authUrl = null;
|
|
11
|
+
constructor(config = {}) {
|
|
12
|
+
this.config = config;
|
|
13
|
+
}
|
|
14
|
+
/** Called by AuthManager to inject the auth URL */
|
|
15
|
+
setAuthUrl(url) {
|
|
16
|
+
this._authUrl = url;
|
|
17
|
+
}
|
|
18
|
+
get credentialsPath() {
|
|
19
|
+
if (this.config.credentialsPath) {
|
|
20
|
+
return this.config.credentialsPath;
|
|
21
|
+
}
|
|
22
|
+
const homeDir = os.homedir();
|
|
23
|
+
const configDir = path.join(homeDir, '.config', 'rool');
|
|
24
|
+
return path.join(configDir, 'credentials.json');
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Get the auth endpoint URL (without trailing slash).
|
|
28
|
+
*/
|
|
29
|
+
get authEndpoint() {
|
|
30
|
+
if (!this._authUrl) {
|
|
31
|
+
throw new Error('Auth URL not set. Ensure RoolClient is configured correctly.');
|
|
32
|
+
}
|
|
33
|
+
return this._authUrl.replace(/\/+$/, '');
|
|
34
|
+
}
|
|
35
|
+
initialize() {
|
|
36
|
+
return this.isAuthenticated();
|
|
37
|
+
}
|
|
38
|
+
async getToken() {
|
|
39
|
+
const creds = this.readCredentials();
|
|
40
|
+
if (!creds)
|
|
41
|
+
return undefined;
|
|
42
|
+
// Refresh if expiring in less than 5 minutes
|
|
43
|
+
if (Date.now() >= creds.expires_at - 5 * 60 * 1000) {
|
|
44
|
+
return this.refreshToken(creds);
|
|
45
|
+
}
|
|
46
|
+
return creds.access_token;
|
|
47
|
+
}
|
|
48
|
+
getUser() {
|
|
49
|
+
const creds = this.readCredentials();
|
|
50
|
+
if (!creds?.access_token)
|
|
51
|
+
return { email: null, name: null };
|
|
52
|
+
try {
|
|
53
|
+
const payload = JSON.parse(Buffer.from(creds.access_token.split('.')[1], 'base64').toString());
|
|
54
|
+
return {
|
|
55
|
+
email: payload.email || null,
|
|
56
|
+
name: payload.name || null,
|
|
57
|
+
};
|
|
58
|
+
}
|
|
59
|
+
catch {
|
|
60
|
+
return { email: null, name: null };
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
isAuthenticated() {
|
|
64
|
+
const creds = this.readCredentials();
|
|
65
|
+
if (!creds)
|
|
66
|
+
return false;
|
|
67
|
+
// We consider it authenticated if we have a refresh token,
|
|
68
|
+
// effectively "remember me" behavior for CLI
|
|
69
|
+
return !!creds.refresh_token || Date.now() < creds.expires_at;
|
|
70
|
+
}
|
|
71
|
+
async login() {
|
|
72
|
+
const { server, closeAll } = await this.startLoopbackServer();
|
|
73
|
+
const port = server.address().port;
|
|
74
|
+
const redirectUri = `http://localhost:${port}`;
|
|
75
|
+
// Generate code verifier/state if needed, currently just state
|
|
76
|
+
const state = Math.random().toString(36).substring(2);
|
|
77
|
+
// Auth endpoint is the root of the auth service
|
|
78
|
+
const loginUrl = new URL(`${this.authEndpoint}/`);
|
|
79
|
+
loginUrl.searchParams.set('redirect_uri', redirectUri);
|
|
80
|
+
loginUrl.searchParams.set('state', state);
|
|
81
|
+
console.log('Opening browser to login:', loginUrl.toString());
|
|
82
|
+
await open(loginUrl.toString());
|
|
83
|
+
const timeoutMs = this.config.loginTimeoutMs ?? 5 * 60 * 1000; // 5 minutes default
|
|
84
|
+
return new Promise((resolve, reject) => {
|
|
85
|
+
const timeout = setTimeout(() => {
|
|
86
|
+
closeAll();
|
|
87
|
+
reject(new Error('Login timed out. Please try again.'));
|
|
88
|
+
}, timeoutMs);
|
|
89
|
+
server.on('authenticated', (tokens) => {
|
|
90
|
+
clearTimeout(timeout);
|
|
91
|
+
const expiresAt = Date.now() + (tokens.expires_in * 1000);
|
|
92
|
+
this.writeCredentials({
|
|
93
|
+
access_token: tokens.id_token, // GCIP returns id_token
|
|
94
|
+
refresh_token: tokens.refresh_token,
|
|
95
|
+
expires_at: expiresAt
|
|
96
|
+
});
|
|
97
|
+
this.config.onAuthStateChanged?.(true);
|
|
98
|
+
closeAll();
|
|
99
|
+
resolve();
|
|
100
|
+
});
|
|
101
|
+
server.on('error', (err) => {
|
|
102
|
+
clearTimeout(timeout);
|
|
103
|
+
closeAll();
|
|
104
|
+
reject(err);
|
|
105
|
+
});
|
|
106
|
+
});
|
|
107
|
+
}
|
|
108
|
+
logout() {
|
|
109
|
+
const filePath = this.credentialsPath;
|
|
110
|
+
if (fs.existsSync(filePath)) {
|
|
111
|
+
fs.unlinkSync(filePath);
|
|
112
|
+
}
|
|
113
|
+
this.config.onAuthStateChanged?.(false);
|
|
114
|
+
}
|
|
115
|
+
// ===========================================================================
|
|
116
|
+
// Private Helpers
|
|
117
|
+
// ===========================================================================
|
|
118
|
+
readCredentials() {
|
|
119
|
+
try {
|
|
120
|
+
const filePath = this.credentialsPath;
|
|
121
|
+
if (!fs.existsSync(filePath))
|
|
122
|
+
return null;
|
|
123
|
+
const data = fs.readFileSync(filePath, 'utf-8');
|
|
124
|
+
return JSON.parse(data);
|
|
125
|
+
}
|
|
126
|
+
catch {
|
|
127
|
+
return null;
|
|
128
|
+
}
|
|
129
|
+
}
|
|
130
|
+
writeCredentials(creds) {
|
|
131
|
+
const filePath = this.credentialsPath;
|
|
132
|
+
const dir = path.dirname(filePath);
|
|
133
|
+
try {
|
|
134
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
135
|
+
fs.writeFileSync(filePath, JSON.stringify(creds, null, 2), { mode: 0o600 });
|
|
136
|
+
}
|
|
137
|
+
catch (error) {
|
|
138
|
+
console.error('[RoolClient] Failed to save credentials:', error);
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
async getApiKey() {
|
|
142
|
+
if (this.apiKey)
|
|
143
|
+
return this.apiKey;
|
|
144
|
+
try {
|
|
145
|
+
const response = await fetch(`${this.authEndpoint}/config.json`);
|
|
146
|
+
if (!response.ok)
|
|
147
|
+
return null;
|
|
148
|
+
const data = await response.json();
|
|
149
|
+
this.apiKey = data.apiKey;
|
|
150
|
+
return this.apiKey;
|
|
151
|
+
}
|
|
152
|
+
catch {
|
|
153
|
+
return null;
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
async refreshToken(creds) {
|
|
157
|
+
if (!creds.refresh_token)
|
|
158
|
+
return undefined;
|
|
159
|
+
const apiKey = await this.getApiKey();
|
|
160
|
+
if (!apiKey) {
|
|
161
|
+
console.warn('[RoolClient] Cannot refresh: API key not found');
|
|
162
|
+
return undefined;
|
|
163
|
+
}
|
|
164
|
+
try {
|
|
165
|
+
// Derive referer from auth URL (required for API key restrictions)
|
|
166
|
+
const referer = new URL(this.authEndpoint).origin;
|
|
167
|
+
const response = await fetch(`${GCIP_REFRESH_ENDPOINT}?key=${apiKey}`, {
|
|
168
|
+
method: 'POST',
|
|
169
|
+
headers: {
|
|
170
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
171
|
+
'Referer': referer,
|
|
172
|
+
},
|
|
173
|
+
body: new URLSearchParams({
|
|
174
|
+
grant_type: 'refresh_token',
|
|
175
|
+
refresh_token: creds.refresh_token,
|
|
176
|
+
}),
|
|
177
|
+
});
|
|
178
|
+
if (!response.ok) {
|
|
179
|
+
// 400 typically means invalid/expired refresh token - clear credentials
|
|
180
|
+
if (response.status === 400) {
|
|
181
|
+
console.warn('[RoolClient] Refresh token expired or invalid. Please login again.');
|
|
182
|
+
this.logout();
|
|
183
|
+
}
|
|
184
|
+
else {
|
|
185
|
+
console.warn(`[RoolClient] Refresh failed: ${response.status}`);
|
|
186
|
+
}
|
|
187
|
+
return undefined;
|
|
188
|
+
}
|
|
189
|
+
const data = await response.json();
|
|
190
|
+
const newCreds = {
|
|
191
|
+
access_token: data.id_token || data.access_token,
|
|
192
|
+
refresh_token: data.refresh_token || creds.refresh_token,
|
|
193
|
+
expires_at: Date.now() + (Number(data.expires_in) * 1000),
|
|
194
|
+
};
|
|
195
|
+
this.writeCredentials(newCreds);
|
|
196
|
+
return newCreds.access_token;
|
|
197
|
+
}
|
|
198
|
+
catch (error) {
|
|
199
|
+
console.error('[RoolClient] Refresh failed:', error);
|
|
200
|
+
return undefined;
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
startLoopbackServer() {
|
|
204
|
+
return new Promise((resolve) => {
|
|
205
|
+
const server = http.createServer((req, res) => {
|
|
206
|
+
const url = new URL(req.url || '/', `http://localhost`);
|
|
207
|
+
// 1. Serve the capture page if we just have a root request
|
|
208
|
+
if (url.pathname === '/') {
|
|
209
|
+
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
210
|
+
res.end(`
|
|
211
|
+
<html>
|
|
212
|
+
<body>
|
|
213
|
+
<h1>Authenticating...</h1>
|
|
214
|
+
<script>
|
|
215
|
+
// Extract hash and post to /callback
|
|
216
|
+
if (window.location.hash) {
|
|
217
|
+
const hash = window.location.hash.substring(1);
|
|
218
|
+
fetch('/callback', {
|
|
219
|
+
method: 'POST',
|
|
220
|
+
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
|
|
221
|
+
body: hash
|
|
222
|
+
})
|
|
223
|
+
.then(() => document.body.innerHTML = '<h1>Login Successful. You can close this window.</h1>')
|
|
224
|
+
.catch(err => document.body.innerHTML = '<h1>Error: ' + err.message + '</h1>');
|
|
225
|
+
}
|
|
226
|
+
</script>
|
|
227
|
+
</body>
|
|
228
|
+
</html>
|
|
229
|
+
`);
|
|
230
|
+
return;
|
|
231
|
+
}
|
|
232
|
+
// 2. Handle the callback POST
|
|
233
|
+
if (url.pathname === '/callback' && req.method === 'POST') {
|
|
234
|
+
let body = '';
|
|
235
|
+
req.on('data', (chunk) => body += chunk.toString());
|
|
236
|
+
req.on('end', () => {
|
|
237
|
+
const params = new URLSearchParams(body);
|
|
238
|
+
const idToken = params.get('id_token');
|
|
239
|
+
const refreshToken = params.get('refresh_token');
|
|
240
|
+
const expiresIn = params.get('expires_in');
|
|
241
|
+
if (idToken && expiresIn) {
|
|
242
|
+
res.writeHead(200);
|
|
243
|
+
res.end('OK');
|
|
244
|
+
server.emit('authenticated', {
|
|
245
|
+
id_token: idToken,
|
|
246
|
+
refresh_token: refreshToken,
|
|
247
|
+
expires_in: Number(expiresIn)
|
|
248
|
+
});
|
|
249
|
+
}
|
|
250
|
+
else {
|
|
251
|
+
res.writeHead(400);
|
|
252
|
+
res.end('Invalid tokens');
|
|
253
|
+
}
|
|
254
|
+
});
|
|
255
|
+
return;
|
|
256
|
+
}
|
|
257
|
+
res.writeHead(404);
|
|
258
|
+
res.end();
|
|
259
|
+
});
|
|
260
|
+
// Listen on random port
|
|
261
|
+
server.listen(0, '127.0.0.1', () => resolve({
|
|
262
|
+
server,
|
|
263
|
+
closeAll: () => {
|
|
264
|
+
server.close();
|
|
265
|
+
server.closeAllConnections();
|
|
266
|
+
},
|
|
267
|
+
}));
|
|
268
|
+
});
|
|
269
|
+
}
|
|
270
|
+
}
|
|
271
|
+
//# sourceMappingURL=auth-node.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-node.js","sourceRoot":"","sources":["../src/auth-node.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,MAAM,qBAAqB,GAAG,6CAA6C,CAAC;AAgB5E,MAAM,OAAO,gBAAgB;IACjB,MAAM,CAAiB;IACvB,MAAM,GAAkB,IAAI,CAAC;IAC7B,QAAQ,GAAkB,IAAI,CAAC;IAEvC,YAAY,SAAyB,EAAE;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACzB,CAAC;IAED,mDAAmD;IACnD,UAAU,CAAC,GAAW;QAClB,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC;IACxB,CAAC;IAED,IAAY,eAAe;QACvB,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;QACvC,CAAC;QACD,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,IAAY,YAAY;QACpB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QACpF,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,UAAU;QACN,OAAO,IAAI,CAAC,eAAe,EAAE,CAAC;IAClC,CAAC;IAED,KAAK,CAAC,QAAQ;QACV,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK;YAAE,OAAO,SAAS,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC,UAAU,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QACpC,CAAC;QAED,OAAO,KAAK,CAAC,YAAY,CAAC;IAC9B,CAAC;IAED,OAAO;QACH,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK,EAAE,YAAY;YAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAE7D,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC/F,OAAO;gBACH,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,IAAI;gBAC5B,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,IAAI;aAC7B,CAAC;QACN,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACvC,CAAC;IACL,CAAC;IAED,eAAe;QACX,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QACzB,4DAA4D;QAC5D,6CAA6C;QAC7C,OAAO,CAAC,CAAC,KAAK,CAAC,aAAa,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,UAAU,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,KAAK;QACP,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAI,MAAM,CAAC,OAAO,EAAU,CAAC,IAAI,CAAC;QAC5C,MAAM,WAAW,GAAG,oBAAoB,IAAI,EAAE,CAAC;QAE/C,+DAA+D;QAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAEtD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC;QAClD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;QACvD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAE1C,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC9D,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEhC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,oBAAoB;QAEnF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACnC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAC;YAC5D,CAAC,EAAE,SAAS,CAAC,CAAC;YAEd,MAAM,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,MAAW,EAAE,EAAE;gBACvC,YAAY,CAAC,OAAO,CAAC,CAAC;gBACtB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;gBAC1D,IAAI,CAAC,gBAAgB,CAAC;oBAClB,YAAY,EAAE,MAAM,CAAC,QAAQ,EAAE,wBAAwB;oBACvD,aAAa,EAAE,MAAM,CAAC,aAAa;oBACnC,UAAU,EAAE,SAAS;iBACxB,CAAC,CAAC;gBACH,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC,IAAI,CAAC,CAAC;gBACvC,QAAQ,EAAE,CAAC;gBACX,OAAO,EAAE,CAAC;YACd,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAC9B,YAAY,CAAC,OAAO,CAAC,CAAC;gBACtB,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,GAAG,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACP,CAAC;IAED,MAAM;QACF,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QACtC,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC,KAAK,CAAC,CAAC;IAC5C,CAAC;IAED,8EAA8E;IAC9E,kBAAkB;IAClB,8EAA8E;IAEtE,eAAe;QACnB,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;YACtC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC1C,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAChD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,gBAAgB,CAAC,KAAwB;QAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAEnC,IAAI,CAAC;YACD,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACvC,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAChF,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAC;QACrE,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,SAAS;QACnB,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC;QAEpC,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,YAAY,cAAc,CAAC,CAAC;YACjE,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAC;YAC9B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAC1B,OAAO,IAAI,CAAC,MAAM,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,KAAwB;QAC/C,IAAI,CAAC,KAAK,CAAC,aAAa;YAAE,OAAO,SAAS,CAAC;QAE3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;YAC/D,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,IAAI,CAAC;YACD,mEAAmE;YACnE,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC;YAElD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,qBAAqB,QAAQ,MAAM,EAAE,EAAE;gBACnE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACL,cAAc,EAAE,mCAAmC;oBACnD,SAAS,EAAE,OAAO;iBACrB;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC;oBACtB,UAAU,EAAE,eAAe;oBAC3B,aAAa,EAAE,KAAK,CAAC,aAAa;iBACrC,CAAC;aACL,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACf,wEAAwE;gBACxE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC1B,OAAO,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;oBACnF,IAAI,CAAC,MAAM,EAAE,CAAC;gBAClB,CAAC;qBAAM,CAAC;oBACJ,OAAO,CAAC,IAAI,CAAC,gCAAgC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;gBACpE,CAAC;gBACD,OAAO,SAAS,CAAC;YACrB,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,MAAM,QAAQ,GAAsB;gBAChC,YAAY,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,YAAY;gBAChD,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa;gBACxD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;aAC5D,CAAC;YAEF,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YAChC,OAAO,QAAQ,CAAC,YAAY,CAAC;QACjC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACrD,OAAO,SAAS,CAAC;QACrB,CAAC;IACL,CAAC;IAEO,mBAAmB;QACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAyB,EAAE,GAAwB,EAAE,EAAE;gBACrF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;gBAExD,2DAA2D;gBAC3D,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;oBACvB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;WAmBjB,CAAC,CAAC;oBACO,OAAO;gBACX,CAAC;gBAED,8BAA8B;gBAC9B,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;oBACxD,IAAI,IAAI,GAAG,EAAE,CAAC;oBACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAC5D,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;wBACf,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC;wBACzC,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;wBACvC,MAAM,YAAY,GAAG,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;wBACjD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;wBAE3C,IAAI,OAAO,IAAI,SAAS,EAAE,CAAC;4BACvB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;4BACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;4BACd,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE;gCACzB,QAAQ,EAAE,OAAO;gCACjB,aAAa,EAAE,YAAY;gCAC3B,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC;6BAChC,CAAC,CAAC;wBACP,CAAC;6BAAM,CAAC;4BACJ,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;4BACnB,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;wBAC9B,CAAC;oBACL,CAAC,CAAC,CAAC;oBACH,OAAO;gBACX,CAAC;gBAED,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACd,CAAC,CAAC,CAAC;YAEH,wBAAwB;YACxB,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC;gBACxC,MAAM;gBACN,QAAQ,EAAE,GAAG,EAAE;oBACX,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,mBAAmB,EAAE,CAAC;gBACjC,CAAC;aACJ,CAAC,CAAC,CAAC;QACR,CAAC,CAAC,CAAC;IACP,CAAC;CACJ"}
|
package/dist/auth.d.ts
CHANGED
|
@@ -1,27 +1,15 @@
|
|
|
1
1
|
import type { UserInfo, AuthProvider } from './types.js';
|
|
2
2
|
export interface AuthManagerConfig {
|
|
3
|
-
|
|
4
|
-
storagePrefix: string;
|
|
3
|
+
authUrl: string;
|
|
5
4
|
onAuthStateChanged?: (authenticated: boolean) => void;
|
|
6
5
|
/** External auth provider - when set, delegates all auth to this provider */
|
|
7
6
|
authProvider?: AuthProvider;
|
|
8
7
|
}
|
|
9
8
|
export declare class AuthManager {
|
|
10
|
-
private
|
|
11
|
-
private apiKey;
|
|
12
|
-
private apiKeyFetchPromise;
|
|
13
|
-
private refreshPromise;
|
|
14
|
-
private refreshTimeoutId;
|
|
15
|
-
private get storageKeys();
|
|
16
|
-
/** Check if using external auth provider */
|
|
17
|
-
private get hasExternalProvider();
|
|
18
|
-
/** Get the auth base URL (origin only, no path like /rool-server) */
|
|
19
|
-
private get authBaseUrl();
|
|
9
|
+
private provider;
|
|
20
10
|
constructor(config: AuthManagerConfig);
|
|
21
11
|
/**
|
|
22
12
|
* Initialize auth manager - should be called on app startup.
|
|
23
|
-
* Processes any auth callback in the URL and sets up auto-refresh.
|
|
24
|
-
* No-op when using external auth provider.
|
|
25
13
|
*/
|
|
26
14
|
initialize(): boolean;
|
|
27
15
|
/**
|
|
@@ -29,18 +17,18 @@ export declare class AuthManager {
|
|
|
29
17
|
*/
|
|
30
18
|
isAuthenticated(): boolean;
|
|
31
19
|
/**
|
|
32
|
-
* Get current access token
|
|
20
|
+
* Get current access token.
|
|
33
21
|
* Returns undefined if not authenticated.
|
|
34
22
|
*/
|
|
35
23
|
getToken(): Promise<string | undefined>;
|
|
36
24
|
/**
|
|
37
|
-
* Get user info
|
|
25
|
+
* Get user info from current session.
|
|
38
26
|
*/
|
|
39
27
|
getUser(): UserInfo;
|
|
40
28
|
/**
|
|
41
|
-
* Initiate login
|
|
29
|
+
* Initiate login.
|
|
42
30
|
*/
|
|
43
|
-
login(): void;
|
|
31
|
+
login(): Promise<void> | void;
|
|
44
32
|
/**
|
|
45
33
|
* Logout - clear all tokens and state.
|
|
46
34
|
*/
|
|
@@ -52,24 +40,8 @@ export declare class AuthManager {
|
|
|
52
40
|
*/
|
|
53
41
|
processCallback(): boolean;
|
|
54
42
|
/**
|
|
55
|
-
* Destroy auth manager -
|
|
43
|
+
* Destroy auth manager - cleanup resources.
|
|
56
44
|
*/
|
|
57
45
|
destroy(): void;
|
|
58
|
-
/**
|
|
59
|
-
* Get the API key, fetching from server if not provided in config.
|
|
60
|
-
*/
|
|
61
|
-
private getApiKey;
|
|
62
|
-
private tryRefreshToken;
|
|
63
|
-
private scheduleTokenRefresh;
|
|
64
|
-
private cancelScheduledRefresh;
|
|
65
|
-
private readAccessToken;
|
|
66
|
-
private readExpiresAt;
|
|
67
|
-
private writeTokens;
|
|
68
|
-
private clearTokens;
|
|
69
|
-
private storeState;
|
|
70
|
-
private readState;
|
|
71
|
-
private clearState;
|
|
72
|
-
private generateState;
|
|
73
|
-
private decodeUserInfo;
|
|
74
46
|
}
|
|
75
47
|
//# sourceMappingURL=auth.d.ts.map
|
package/dist/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAGzD,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,CAAC,EAAE,CAAC,aAAa,EAAE,OAAO,KAAK,IAAI,CAAC;IACtD,6EAA6E;IAC7E,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAe;gBAEnB,MAAM,EAAE,iBAAiB;IAmBrC;;OAEG;IACH,UAAU,IAAI,OAAO;IAIrB;;OAEG;IACH,eAAe,IAAI,OAAO;IAI1B;;;OAGG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAI7C;;OAEG;IACH,OAAO,IAAI,QAAQ;IAInB;;OAEG;IACH,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI;IAI7B;;OAEG;IACH,MAAM,IAAI,IAAI;IAId;;;;OAIG;IACH,eAAe,IAAI,OAAO;IAQ1B;;OAEG;IACH,OAAO,IAAI,IAAI;CAGhB"}
|