@rool-dev/sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. package/README.md +1070 -0
  2. package/dist/apps.d.ts +29 -0
  3. package/dist/apps.d.ts.map +1 -0
  4. package/dist/apps.js +88 -0
  5. package/dist/apps.js.map +1 -0
  6. package/dist/auth-browser.d.ts +80 -0
  7. package/dist/auth-browser.d.ts.map +1 -0
  8. package/dist/auth-browser.js +370 -0
  9. package/dist/auth-browser.js.map +1 -0
  10. package/dist/auth-node.d.ts +46 -0
  11. package/dist/auth-node.d.ts.map +1 -0
  12. package/dist/auth-node.js +316 -0
  13. package/dist/auth-node.js.map +1 -0
  14. package/dist/auth.d.ts +56 -0
  15. package/dist/auth.d.ts.map +1 -0
  16. package/dist/auth.js +96 -0
  17. package/dist/auth.js.map +1 -0
  18. package/dist/client.d.ts +202 -0
  19. package/dist/client.d.ts.map +1 -0
  20. package/dist/client.js +472 -0
  21. package/dist/client.js.map +1 -0
  22. package/dist/event-emitter.d.ts +38 -0
  23. package/dist/event-emitter.d.ts.map +1 -0
  24. package/dist/event-emitter.js +80 -0
  25. package/dist/event-emitter.js.map +1 -0
  26. package/dist/graphql.d.ts +71 -0
  27. package/dist/graphql.d.ts.map +1 -0
  28. package/dist/graphql.js +487 -0
  29. package/dist/graphql.js.map +1 -0
  30. package/dist/index.d.ts +6 -0
  31. package/dist/index.d.ts.map +1 -0
  32. package/dist/index.js +11 -0
  33. package/dist/index.js.map +1 -0
  34. package/dist/jsonld.d.ts +47 -0
  35. package/dist/jsonld.d.ts.map +1 -0
  36. package/dist/jsonld.js +137 -0
  37. package/dist/jsonld.js.map +1 -0
  38. package/dist/media.d.ts +52 -0
  39. package/dist/media.d.ts.map +1 -0
  40. package/dist/media.js +173 -0
  41. package/dist/media.js.map +1 -0
  42. package/dist/space.d.ts +358 -0
  43. package/dist/space.d.ts.map +1 -0
  44. package/dist/space.js +1121 -0
  45. package/dist/space.js.map +1 -0
  46. package/dist/subscription.d.ts +57 -0
  47. package/dist/subscription.d.ts.map +1 -0
  48. package/dist/subscription.js +296 -0
  49. package/dist/subscription.js.map +1 -0
  50. package/dist/types.d.ts +409 -0
  51. package/dist/types.d.ts.map +1 -0
  52. package/dist/types.js +6 -0
  53. package/dist/types.js.map +1 -0
  54. package/package.json +65 -0
package/dist/auth-node.js ADDED
@@ -0,0 +1,316 @@
1
+ import * as http from 'node:http';
2
+ import * as fs from 'node:fs';
3
+ import * as path from 'node:path';
4
+ import * as os from 'node:os';
5
+ import * as crypto from 'node:crypto';
6
+ import open from 'open';
7
+ const GCIP_REFRESH_ENDPOINT = 'https://securetoken.googleapis.com/v1/token';
8
+ export class NodeAuthProvider {
9
+ config;
10
+ apiKey = null;
11
+ _authUrl = null;
12
+ constructor(config = {}) {
13
+ this.config = config;
14
+ }
15
+ /** Called by AuthManager to inject the auth URL */
16
+ setAuthUrl(url) {
17
+ this._authUrl = url;
18
+ }
19
+ /**
20
+ * Get a short hash of the auth URL for scoping credentials by endpoint.
21
+ */
22
+ get endpointHash() {
23
+ if (!this._authUrl) {
24
+ return 'default';
25
+ }
26
+ return crypto.createHash('sha256').update(this._authUrl).digest('hex').slice(0, 8);
27
+ }
28
+ get credentialsPath() {
29
+ if (this.config.credentialsPath) {
30
+ return this.config.credentialsPath;
31
+ }
32
+ const homeDir = os.homedir();
33
+ const configDir = path.join(homeDir, '.config', 'rool');
34
+ // Scope credentials by endpoint to avoid mixing tokens from different environments
35
+ return path.join(configDir, `credentials-${this.endpointHash}.json`);
36
+ }
37
+ /**
38
+ * Get the auth endpoint URL (without trailing slash).
39
+ */
40
+ get authEndpoint() {
41
+ if (!this._authUrl) {
42
+ throw new Error('Auth URL not set. Ensure RoolClient is configured correctly.');
43
+ }
44
+ return this._authUrl.replace(/\/+$/, '');
45
+ }
46
+ initialize() {
47
+ // For Node.js, initialize just checks if credentials file exists
48
+ // The actual validation happens in isAuthenticated()
49
+ return this.readCredentials() !== null;
50
+ }
51
+ async getToken() {
52
+ const creds = this.readCredentials();
53
+ if (!creds)
54
+ return undefined;
55
+ // Refresh if expiring in less than 5 minutes
56
+ if (Date.now() >= creds.expires_at - 5 * 60 * 1000) {
57
+ return this.refreshToken(creds);
58
+ }
59
+ return creds.access_token;
60
+ }
61
+ getAuthUser() {
62
+ const creds = this.readCredentials();
63
+ if (!creds?.access_token)
64
+ return { email: null, name: null };
65
+ try {
66
+ const payload = JSON.parse(Buffer.from(creds.access_token.split('.')[1], 'base64').toString());
67
+ return {
68
+ email: payload.email || null,
69
+ name: payload.name || null,
70
+ };
71
+ }
72
+ catch {
73
+ return { email: null, name: null };
74
+ }
75
+ }
76
+ async isAuthenticated() {
77
+ const token = await this.getToken();
78
+ return token !== undefined;
79
+ }
80
+ async login(appName) {
81
+ console.log("Auth url", this._authUrl);
82
+ const { server, closeAll } = await this.startLoopbackServer();
83
+ const port = server.address().port;
84
+ const redirectUri = `http://localhost:${port}`;
85
+ // Generate code verifier/state if needed, currently just state
86
+ const state = Math.random().toString(36).substring(2);
87
+ // Auth endpoint is the root of the auth service
88
+ const loginUrl = new URL(`${this.authEndpoint}/`);
89
+ loginUrl.searchParams.set('redirect_uri', redirectUri);
90
+ loginUrl.searchParams.set('app_name', appName);
91
+ loginUrl.searchParams.set('state', state);
92
+ console.log(`Opening browser to login to ${appName}:`, loginUrl.toString());
93
+ await open(loginUrl.toString());
94
+ const timeoutMs = this.config.loginTimeoutMs ?? 5 * 60 * 1000; // 5 minutes default
95
+ return new Promise((resolve, reject) => {
96
+ const timeout = setTimeout(() => {
97
+ closeAll();
98
+ reject(new Error('Login timed out. Please try again.'));
99
+ }, timeoutMs);
100
+ server.on('authenticated', (tokens) => {
101
+ clearTimeout(timeout);
102
+ const expiresAt = Date.now() + (tokens.expires_in * 1000);
103
+ this.writeCredentials({
104
+ access_token: tokens.id_token, // GCIP returns id_token
105
+ refresh_token: tokens.refresh_token,
106
+ expires_at: expiresAt
107
+ });
108
+ this.config.onAuthStateChanged?.(true);
109
+ closeAll();
110
+ resolve();
111
+ });
112
+ server.on('error', (err) => {
113
+ clearTimeout(timeout);
114
+ closeAll();
115
+ reject(err);
116
+ });
117
+ });
118
+ }
119
+ logout() {
120
+ const filePath = this.credentialsPath;
121
+ if (fs.existsSync(filePath)) {
122
+ fs.unlinkSync(filePath);
123
+ }
124
+ this.config.onAuthStateChanged?.(false);
125
+ }
126
+ get storagePath() {
127
+ const dir = path.dirname(this.credentialsPath);
128
+ // Scope storage by endpoint to match credentials scoping
129
+ return path.join(dir, `storage-${this.endpointHash}.json`);
130
+ }
131
+ /**
132
+ * Get cached storage data from filesystem.
133
+ */
134
+ getStorage() {
135
+ try {
136
+ const filePath = this.storagePath;
137
+ if (!fs.existsSync(filePath))
138
+ return null;
139
+ const data = fs.readFileSync(filePath, 'utf-8');
140
+ return JSON.parse(data);
141
+ }
142
+ catch {
143
+ return null;
144
+ }
145
+ }
146
+ /**
147
+ * Set cached storage data to filesystem.
148
+ */
149
+ setStorage(data) {
150
+ try {
151
+ const filePath = this.storagePath;
152
+ const dir = path.dirname(filePath);
153
+ fs.mkdirSync(dir, { recursive: true });
154
+ fs.writeFileSync(filePath, JSON.stringify(data, null, 2), { mode: 0o600 });
155
+ }
156
+ catch (error) {
157
+ console.error('[RoolClient] Failed to save storage:', error);
158
+ }
159
+ }
160
+ // ===========================================================================
161
+ // Private Helpers
162
+ // ===========================================================================
163
+ readCredentials() {
164
+ try {
165
+ const filePath = this.credentialsPath;
166
+ if (!fs.existsSync(filePath))
167
+ return null;
168
+ const data = fs.readFileSync(filePath, 'utf-8');
169
+ return JSON.parse(data);
170
+ }
171
+ catch {
172
+ return null;
173
+ }
174
+ }
175
+ writeCredentials(creds) {
176
+ const filePath = this.credentialsPath;
177
+ const dir = path.dirname(filePath);
178
+ try {
179
+ fs.mkdirSync(dir, { recursive: true });
180
+ fs.writeFileSync(filePath, JSON.stringify(creds, null, 2), { mode: 0o600 });
181
+ }
182
+ catch (error) {
183
+ console.error('[RoolClient] Failed to save credentials:', error);
184
+ }
185
+ }
186
+ async getApiKey() {
187
+ if (this.apiKey)
188
+ return this.apiKey;
189
+ try {
190
+ const response = await fetch(`${this.authEndpoint}/config.json`);
191
+ if (!response.ok)
192
+ return null;
193
+ const data = await response.json();
194
+ this.apiKey = data.apiKey;
195
+ return this.apiKey;
196
+ }
197
+ catch {
198
+ return null;
199
+ }
200
+ }
201
+ async refreshToken(creds) {
202
+ if (!creds.refresh_token)
203
+ return undefined;
204
+ const apiKey = await this.getApiKey();
205
+ if (!apiKey) {
206
+ console.warn('[RoolClient] Cannot refresh: API key not found');
207
+ return undefined;
208
+ }
209
+ try {
210
+ // Derive referer from auth URL (required for API key restrictions)
211
+ const referer = new URL(this.authEndpoint).origin;
212
+ const response = await fetch(`${GCIP_REFRESH_ENDPOINT}?key=${apiKey}`, {
213
+ method: 'POST',
214
+ headers: {
215
+ 'Content-Type': 'application/x-www-form-urlencoded',
216
+ 'Referer': referer,
217
+ },
218
+ body: new URLSearchParams({
219
+ grant_type: 'refresh_token',
220
+ refresh_token: creds.refresh_token,
221
+ }),
222
+ });
223
+ if (!response.ok) {
224
+ // 400 typically means invalid/expired refresh token - clear credentials
225
+ if (response.status === 400) {
226
+ console.warn('[RoolClient] Refresh token expired or invalid. Please login again.');
227
+ this.logout();
228
+ }
229
+ else {
230
+ console.warn(`[RoolClient] Refresh failed: ${response.status}`);
231
+ }
232
+ return undefined;
233
+ }
234
+ const data = await response.json();
235
+ const newCreds = {
236
+ access_token: data.id_token || data.access_token,
237
+ refresh_token: data.refresh_token || creds.refresh_token,
238
+ expires_at: Date.now() + (Number(data.expires_in) * 1000),
239
+ };
240
+ this.writeCredentials(newCreds);
241
+ return newCreds.access_token;
242
+ }
243
+ catch (error) {
244
+ console.error('[RoolClient] Refresh failed:', error);
245
+ return undefined;
246
+ }
247
+ }
248
+ startLoopbackServer() {
249
+ return new Promise((resolve) => {
250
+ const server = http.createServer((req, res) => {
251
+ const url = new URL(req.url || '/', `http://localhost`);
252
+ // 1. Serve the capture page if we just have a root request
253
+ if (url.pathname === '/') {
254
+ res.writeHead(200, { 'Content-Type': 'text/html' });
255
+ res.end(`
256
+ <html>
257
+ <body>
258
+ <h1>Authenticating...</h1>
259
+ <script>
260
+ // Extract hash and post to /callback
261
+ if (window.location.hash) {
262
+ const hash = window.location.hash.substring(1);
263
+ fetch('/callback', {
264
+ method: 'POST',
265
+ headers: {'Content-Type': 'application/x-www-form-urlencoded'},
266
+ body: hash
267
+ })
268
+ .then(() => document.body.innerHTML = '<h1>Login Successful. You can close this window.</h1>')
269
+ .catch(err => document.body.innerHTML = '<h1>Error: ' + err.message + '</h1>');
270
+ }
271
+ </script>
272
+ </body>
273
+ </html>
274
+ `);
275
+ return;
276
+ }
277
+ // 2. Handle the callback POST
278
+ if (url.pathname === '/callback' && req.method === 'POST') {
279
+ let body = '';
280
+ req.on('data', (chunk) => body += chunk.toString());
281
+ req.on('end', () => {
282
+ const params = new URLSearchParams(body);
283
+ const idToken = params.get('id_token');
284
+ const refreshToken = params.get('refresh_token');
285
+ const expiresIn = params.get('expires_in');
286
+ if (idToken && expiresIn) {
287
+ res.writeHead(200);
288
+ res.end('OK');
289
+ server.emit('authenticated', {
290
+ id_token: idToken,
291
+ refresh_token: refreshToken,
292
+ expires_in: Number(expiresIn)
293
+ });
294
+ }
295
+ else {
296
+ res.writeHead(400);
297
+ res.end('Invalid tokens');
298
+ }
299
+ });
300
+ return;
301
+ }
302
+ res.writeHead(404);
303
+ res.end();
304
+ });
305
+ // Listen on random port
306
+ server.listen(0, '127.0.0.1', () => resolve({
307
+ server,
308
+ closeAll: () => {
309
+ server.close();
310
+ server.closeAllConnections();
311
+ },
312
+ }));
313
+ });
314
+ }
315
+ }
316
+ //# sourceMappingURL=auth-node.js.map
package/dist/auth-node.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth-node.js","sourceRoot":"","sources":["../src/auth-node.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,MAAM,qBAAqB,GAAG,6CAA6C,CAAC;AAgB5E,MAAM,OAAO,gBAAgB;IACjB,MAAM,CAAiB;IACvB,MAAM,GAAkB,IAAI,CAAC;IAC7B,QAAQ,GAAkB,IAAI,CAAC;IAEvC,YAAY,SAAyB,EAAE;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACzB,CAAC;IAED,mDAAmD;IACnD,UAAU,CAAC,GAAW;QAClB,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,IAAY,YAAY;QACpB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjB,OAAO,SAAS,CAAC;QACrB,CAAC;QACD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvF,CAAC;IAED,IAAY,eAAe;QACvB,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;QACvC,CAAC;QACD,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;QACxD,mFAAmF;QACnF,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,IAAI,CAAC,YAAY,OAAO,CAAC,CAAC;IACzE,CAAC;IAED;;OAEG;IACH,IAAY,YAAY;QACpB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QACpF,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,UAAU;QACN,iEAAiE;QACjE,qDAAqD;QACrD,OAAO,IAAI,CAAC,eAAe,EAAE,KAAK,IAAI,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,QAAQ;QACV,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK;YAAE,OAAO,SAAS,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC,UAAU,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QACpC,CAAC;QAED,OAAO,KAAK,CAAC,YAAY,CAAC;IAC9B,CAAC;IAED,WAAW;QACP,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK,EAAE,YAAY;YAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAE7D,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC/F,OAAO;gBACH,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,IAAI;gBAC5B,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,IAAI;aAC7B,CAAC;QACN,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACvC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe;QACjB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpC,OAAO,KAAK,KAAK,SAAS,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,OAAe;QACvB,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAI,MAAM,CAAC,OAAO,EAAU,CAAC,IAAI,CAAC;QAC5C,MAAM,WAAW,GAAG,oBAAoB,IAAI,EAAE,CAAC;QAE/C,+DAA+D;QAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAEtD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC;QAClD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;QACvD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAC/C,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAE1C,OAAO,CAAC,GAAG,CAAC,+BAA+B,OAAO,GAAG,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5E,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEhC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,oBAAoB;QAEnF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACnC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAC;YAC5D,CAAC,EAAE,SAAS,CAAC,CAAC;YAEd,MAAM,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,MAAW,EAAE,EAAE;gBACvC,YAAY,CAAC,OAAO,CAAC,CAAC;gBACtB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;gBAC1D,IAAI,CAAC,gBAAgB,CAAC;oBAClB,YAAY,EAAE,MAAM,CAAC,QAAQ,EAAE,wBAAwB;oBACvD,aAAa,EAAE,MAAM,CAAC,aAAa;oBACnC,UAAU,EAAE,SAAS;iBACxB,CAAC,CAAC;gBACH,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC,IAAI,CAAC,CAAC;gBACvC,QAAQ,EAAE,CAAC;gBACX,OAAO,EAAE,CAAC;YACd,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAC9B,YAAY,CAAC,OAAO,CAAC,CAAC;gBACtB,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,GAAG,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACP,CAAC;IAED,MAAM;QACF,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QACtC,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC,KAAK,CAAC,CAAC;IAC5C,CAAC;IAED,IAAY,WAAW;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC/C,yDAAyD;QACzD,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,IAAI,CAAC,YAAY,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACH,UAAU;QACN,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC;YAClC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC1C,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAChD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,IAA6B;QACpC,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC;YAClC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACnC,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACvC,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,kBAAkB;IAClB,8EAA8E;IAEtE,eAAe;QACnB,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;YACtC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC1C,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAChD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,gBAAgB,CAAC,KAAwB;QAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAEnC,IAAI,CAAC;YACD,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACvC,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAChF,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAC;QACrE,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,SAAS;QACnB,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC;QAEpC,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,YAAY,cAAc,CAAC,CAAC;YACjE,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAC;YAC9B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAC1B,OAAO,IAAI,CAAC,MAAM,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,KAAwB;QAC/C,IAAI,CAAC,KAAK,CAAC,aAAa;YAAE,OAAO,SAAS,CAAC;QAE3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;YAC/D,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,IAAI,CAAC;YACD,mEAAmE;YACnE,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC;YAElD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,qBAAqB,QAAQ,MAAM,EAAE,EAAE;gBACnE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACL,cAAc,EAAE,mCAAmC;oBACnD,SAAS,EAAE,OAAO;iBACrB;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC;oBACtB,UAAU,EAAE,eAAe;oBAC3B,aAAa,EAAE,KAAK,CAAC,aAAa;iBACrC,CAAC;aACL,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACf,wEAAwE;gBACxE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC1B,OAAO,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;oBACnF,IAAI,CAAC,MAAM,EAAE,CAAC;gBAClB,CAAC;qBAAM,CAAC;oBACJ,OAAO,CAAC,IAAI,CAAC,gCAAgC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;gBACpE,CAAC;gBACD,OAAO,SAAS,CAAC;YACrB,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,MAAM,QAAQ,GAAsB;gBAChC,YAAY,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,YAAY;gBAChD,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa;gBACxD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;aAC5D,CAAC;YAEF,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YAChC,OAAO,QAAQ,CAAC,YAAY,CAAC;QACjC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACrD,OAAO,SAAS,CAAC;QACrB,CAAC;IACL,CAAC;IAEO,mBAAmB;QACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAyB,EAAE,GAAwB,EAAE,EAAE;gBACrF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;gBAExD,2DAA2D;gBAC3D,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;oBACvB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;WAmBjB,CAAC,CAAC;oBACO,OAAO;gBACX,CAAC;gBAED,8BAA8B;gBAC9B,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;oBACxD,IAAI,IAAI,GAAG,EAAE,CAAC;oBACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAC5D,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;wBACf,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC;wBACzC,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;wBACvC,MAAM,YAAY,GAAG,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;wBACjD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;wBAE3C,IAAI,OAAO,IAAI,SAAS,EAAE,CAAC;4BACvB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;4BACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;4BACd,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE;gCACzB,QAAQ,EAAE,OAAO;gCACjB,aAAa,EAAE,YAAY;gCAC3B,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC;6BAChC,CAAC,CAAC;wBACP,CAAC;6BAAM,CAAC;4BACJ,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;4BACnB,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;wBAC9B,CAAC;oBACL,CAAC,CAAC,CAAC;oBACH,OAAO;gBACX,CAAC;gBAED,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACd,CAAC,CAAC,CAAC;YAEH,wBAAwB;YACxB,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC;gBACxC,MAAM;gBACN,QAAQ,EAAE,GAAG,EAAE;oBACX,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,mBAAmB,EAAE,CAAC;gBACjC,CAAC;aACJ,CAAC,CAAC,CAAC;QACR,CAAC,CAAC,CAAC;IACP,CAAC;CACJ"}
package/dist/auth.d.ts ADDED
@@ -0,0 +1,56 @@
1
+ import type { AuthUser, AuthProvider } from './types.js';
2
+ export interface AuthManagerConfig {
3
+ authUrl: string;
4
+ onAuthStateChanged?: (authenticated: boolean) => void;
5
+ /** External auth provider - when set, delegates all auth to this provider */
6
+ authProvider?: AuthProvider;
7
+ }
8
+ export declare class AuthManager {
9
+ private provider;
10
+ constructor(config: AuthManagerConfig);
11
+ /**
12
+ * Initialize auth manager - should be called on app startup.
13
+ */
14
+ initialize(): boolean;
15
+ /**
16
+ * Check if user is currently authenticated (validates token is usable).
17
+ */
18
+ isAuthenticated(): Promise<boolean>;
19
+ /**
20
+ * Get current access token.
21
+ * Returns undefined if not authenticated.
22
+ */
23
+ getToken(): Promise<string | undefined>;
24
+ /**
25
+ * Get auth identity from current session (decoded from token).
26
+ */
27
+ getAuthUser(): AuthUser;
28
+ /**
29
+ * Initiate login.
30
+ * @param appName - The name of the application requesting login (displayed on auth page)
31
+ */
32
+ login(appName: string): Promise<void> | void;
33
+ /**
34
+ * Logout - clear all tokens and state.
35
+ */
36
+ logout(): void;
37
+ /**
38
+ * Process auth callback from URL fragment.
39
+ * Should be called on page load.
40
+ * @returns true if callback was processed
41
+ */
42
+ processCallback(): boolean;
43
+ /**
44
+ * Destroy auth manager - cleanup resources.
45
+ */
46
+ destroy(): void;
47
+ /**
48
+ * Get cached storage data.
49
+ */
50
+ getStorage(): Record<string, unknown> | null;
51
+ /**
52
+ * Set cached storage data.
53
+ */
54
+ setStorage(data: Record<string, unknown>): void;
55
+ }
56
+ //# sourceMappingURL=auth.d.ts.map
package/dist/auth.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAGzD,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,CAAC,EAAE,CAAC,aAAa,EAAE,OAAO,KAAK,IAAI,CAAC;IACtD,6EAA6E;IAC7E,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAe;gBAEnB,MAAM,EAAE,iBAAiB;IAmBrC;;OAEG;IACH,UAAU,IAAI,OAAO;IAIrB;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAIzC;;;OAGG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAI7C;;OAEG;IACH,WAAW,IAAI,QAAQ;IAIvB;;;OAGG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI;IAI5C;;OAEG;IACH,MAAM,IAAI,IAAI;IAId;;;;OAIG;IACH,eAAe,IAAI,OAAO;IAQ1B;;OAEG;IACH,OAAO,IAAI,IAAI;IAIf;;OAEG;IACH,UAAU,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAI5C;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;CAGhD"}
package/dist/auth.js ADDED
@@ -0,0 +1,96 @@
1
+ // =============================================================================
2
+ // Auth Manager
3
+ // Handles authentication via configurable AuthProvider
4
+ // =============================================================================
5
+ import { BrowserAuthProvider } from './auth-browser.js';
6
+ export class AuthManager {
7
+ provider;
8
+ constructor(config) {
9
+ if (config.authProvider) {
10
+ this.provider = config.authProvider;
11
+ // Inject auth URL if the provider supports it (e.g. NodeAuthProvider)
12
+ if ('setAuthUrl' in this.provider && typeof this.provider.setAuthUrl === 'function') {
13
+ this.provider.setAuthUrl(config.authUrl);
14
+ }
15
+ }
16
+ else {
17
+ // Default to BrowserAuthProvider if no external provider specified
18
+ // This preserves existing behavior for browser usage
19
+ this.provider = new BrowserAuthProvider({
20
+ authUrl: config.authUrl,
21
+ onAuthStateChanged: (authenticated) => {
22
+ config.onAuthStateChanged?.(authenticated);
23
+ },
24
+ });
25
+ }
26
+ }
27
+ /**
28
+ * Initialize auth manager - should be called on app startup.
29
+ */
30
+ initialize() {
31
+ return this.provider.initialize?.() ?? false;
32
+ }
33
+ /**
34
+ * Check if user is currently authenticated (validates token is usable).
35
+ */
36
+ async isAuthenticated() {
37
+ return this.provider.isAuthenticated();
38
+ }
39
+ /**
40
+ * Get current access token.
41
+ * Returns undefined if not authenticated.
42
+ */
43
+ async getToken() {
44
+ return this.provider.getToken();
45
+ }
46
+ /**
47
+ * Get auth identity from current session (decoded from token).
48
+ */
49
+ getAuthUser() {
50
+ return this.provider.getAuthUser();
51
+ }
52
+ /**
53
+ * Initiate login.
54
+ * @param appName - The name of the application requesting login (displayed on auth page)
55
+ */
56
+ login(appName) {
57
+ return this.provider.login(appName);
58
+ }
59
+ /**
60
+ * Logout - clear all tokens and state.
61
+ */
62
+ logout() {
63
+ this.provider.logout();
64
+ }
65
+ /**
66
+ * Process auth callback from URL fragment.
67
+ * Should be called on page load.
68
+ * @returns true if callback was processed
69
+ */
70
+ processCallback() {
71
+ // Only BrowserAuthProvider knows how to process URL callbacks
72
+ if (this.provider instanceof BrowserAuthProvider) {
73
+ return this.provider.processCallback();
74
+ }
75
+ return false;
76
+ }
77
+ /**
78
+ * Destroy auth manager - cleanup resources.
79
+ */
80
+ destroy() {
81
+ this.provider.destroy?.();
82
+ }
83
+ /**
84
+ * Get cached storage data.
85
+ */
86
+ getStorage() {
87
+ return this.provider.getStorage();
88
+ }
89
+ /**
90
+ * Set cached storage data.
91
+ */
92
+ setStorage(data) {
93
+ this.provider.setStorage(data);
94
+ }
95
+ }
96
+ //# sourceMappingURL=auth.js.map
package/dist/auth.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAChF,eAAe;AACf,uDAAuD;AACvD,gFAAgF;AAGhF,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AASxD,MAAM,OAAO,WAAW;IACd,QAAQ,CAAe;IAE/B,YAAY,MAAyB;QACnC,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,YAAY,CAAC;YACpC,sEAAsE;YACtE,IAAI,YAAY,IAAI,IAAI,CAAC,QAAQ,IAAI,OAAQ,IAAI,CAAC,QAAgB,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;gBAC5F,IAAI,CAAC,QAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,mEAAmE;YACnE,qDAAqD;YACrD,IAAI,CAAC,QAAQ,GAAG,IAAI,mBAAmB,CAAC;gBACtC,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,kBAAkB,EAAE,CAAC,aAAa,EAAE,EAAE;oBACpC,MAAM,CAAC,kBAAkB,EAAE,CAAC,aAAa,CAAC,CAAC;gBAC7C,CAAC;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,IAAI,KAAK,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,OAAO,IAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ;QACZ,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAe;QACnB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,MAAM;QACJ,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,eAAe;QACb,8DAA8D;QAC9D,IAAI,IAAI,CAAC,QAAQ,YAAY,mBAAmB,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC;QACzC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,IAA6B;QACtC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;CACF"}