@sentroy-co/client-sdk 2.13.6 → 2.13.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/dist/auth/admin/index.d.ts +52 -0
  2. package/dist/auth/admin/index.d.ts.map +1 -0
  3. package/dist/auth/admin/index.js +123 -0
  4. package/dist/auth/admin/index.js.map +1 -0
  5. package/dist/auth/client.d.ts +86 -0
  6. package/dist/auth/client.d.ts.map +1 -0
  7. package/dist/auth/client.js +265 -0
  8. package/dist/auth/client.js.map +1 -0
  9. package/dist/auth/http.d.ts +19 -0
  10. package/dist/auth/http.d.ts.map +1 -0
  11. package/dist/auth/http.js +74 -0
  12. package/dist/auth/http.js.map +1 -0
  13. package/dist/auth/index.d.ts +16 -0
  14. package/dist/auth/index.d.ts.map +1 -0
  15. package/dist/auth/index.js +20 -0
  16. package/dist/auth/index.js.map +1 -0
  17. package/dist/auth/react/index.d.ts +41 -0
  18. package/dist/auth/react/index.d.ts.map +1 -0
  19. package/dist/auth/react/index.js +52 -0
  20. package/dist/auth/react/index.js.map +1 -0
  21. package/dist/auth/types.d.ts +50 -0
  22. package/dist/auth/types.d.ts.map +1 -0
  23. package/dist/auth/types.js +21 -0
  24. package/dist/auth/types.js.map +1 -0
  25. package/dist/react/MediaManager.d.ts.map +1 -1
  26. package/dist/react/MediaManager.js +10 -2
  27. package/dist/react/MediaManager.js.map +1 -1
  28. package/dist/react/lib/Lightbox.d.ts +14 -5
  29. package/dist/react/lib/Lightbox.d.ts.map +1 -1
  30. package/dist/react/lib/Lightbox.js +203 -26
  31. package/dist/react/lib/Lightbox.js.map +1 -1
  32. package/package.json +16 -1
  33. package/src/auth/admin/index.ts +191 -0
  34. package/src/auth/client.ts +344 -0
  35. package/src/auth/http.ts +101 -0
  36. package/src/auth/index.ts +26 -0
  37. package/src/auth/react/index.tsx +100 -0
  38. package/src/auth/types.ts +60 -0
  39. package/src/react/MediaManager.tsx +36 -12
  40. package/src/react/lib/Lightbox.tsx +369 -78
package/dist/auth/admin/index.d.ts ADDED
@@ -0,0 +1,52 @@
1
+ import type { SentroyAuthUser } from "../types";
2
+ /**
3
+ * Server-side Sentroy Auth admin SDK. **Node only — apiKey browser'a
4
+ * koymayın**; bu sınıf Project'in master `aps_` token'ını taşır ve
5
+ * Sentroy üzerindeki user pool'a yetki vermez.
6
+ *
7
+ * Tipik kullanım: backend, kendi `/api/auth/...` proxy'sinde RP-spesifik
8
+ * authorization yapar, sonra `admin.users.get(...)` ile Sentroy'dan
9
+ * end-user'ı çeker. JWT verify de bu SDK üzerinden — tüm akış stateless.
10
+ */
11
+ export interface SentroyAuthAdminOptions {
12
+ authBaseUrl?: string;
13
+ projectSlug: string;
14
+ apiKey: string;
15
+ }
16
+ export declare class SentroyAuthAdmin {
17
+ private readonly http;
18
+ private cachedJwks;
19
+ constructor(opts: SentroyAuthAdminOptions);
20
+ users: {
21
+ list: (opts?: {
22
+ limit?: number;
23
+ skip?: number;
24
+ emailVerified?: boolean;
25
+ }) => Promise<{
26
+ items: SentroyAuthUser[];
27
+ pagination: {
28
+ total: number;
29
+ limit: number;
30
+ skip: number;
31
+ };
32
+ }>;
33
+ };
34
+ /**
35
+ * Local verify — JWKS cache'lenir (5dk TTL), JWT signature kontrolü
36
+ * RS256 ile RP backend'inde stateless yapılır. `iss`/`aud` claim
37
+ * eşleşmesi de kontrol edilir.
38
+ */
39
+ verifyIdToken(token: string): Promise<{
40
+ sub: string;
41
+ email?: string;
42
+ email_verified?: boolean;
43
+ name?: string;
44
+ picture?: string;
45
+ iss: string;
46
+ aud: string;
47
+ iat: number;
48
+ exp: number;
49
+ }>;
50
+ private fetchJwks;
51
+ }
52
+ //# sourceMappingURL=index.d.ts.map
package/dist/auth/admin/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/auth/admin/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAE/C;;;;;;;;GAQG;AAEH,MAAM,WAAW,uBAAuB;IACtC,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAU;IAC/B,OAAO,CAAC,UAAU,CAAmD;gBAEzD,IAAI,EAAE,uBAAuB;IAMzC,KAAK;sBACU;YACX,KAAK,CAAC,EAAE,MAAM,CAAA;YACd,IAAI,CAAC,EAAE,MAAM,CAAA;YACb,aAAa,CAAC,EAAE,OAAO,CAAA;SACxB,KAAQ,OAAO,CAAC;YACf,KAAK,EAAE,eAAe,EAAE,CAAA;YACxB,UAAU,EAAE;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAC;gBAAC,IAAI,EAAE,MAAM,CAAA;aAAE,CAAA;SAC3D,CAAC;MAQH;IAID;;;;OAIG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;QAC1C,GAAG,EAAE,MAAM,CAAA;QACX,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,OAAO,CAAC,EAAE,MAAM,CAAA;QAChB,GAAG,EAAE,MAAM,CAAA;QACX,GAAG,EAAE,MAAM,CAAA;QACX,GAAG,EAAE,MAAM,CAAA;QACX,GAAG,EAAE,MAAM,CAAA;KACZ,CAAC;YAiDY,SAAS;CAaxB"}
package/dist/auth/admin/index.js ADDED
@@ -0,0 +1,123 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.SentroyAuthAdmin = void 0;
4
+ const http_1 = require("../http");
5
+ class SentroyAuthAdmin {
6
+ http;
7
+ cachedJwks = null;
8
+ constructor(opts) {
9
+ this.http = new http_1.AuthHttp(opts);
10
+ }
11
+ // ─── User pool admin ──────────────────────────────────────────────────
12
+ users = {
13
+ list: (opts = {}) => {
14
+ throw new Error("admin.users.list requires session-authenticated admin API; use dashboard /api/companies/[slug]/auth-projects/[id]/users instead. (v2 admin SDK will proxy this with stk_ tokens.)");
15
+ // NOTE Phase 5+: SDK admin endpoint'leri public path'lere taşınmadı;
16
+ // şu an `/api/companies/...` cookie-auth ile. v2'de `/api/v1/admin/...`
17
+ // RP token'ı ile authenticate eden ayrı public admin layer eklenir.
18
+ },
19
+ };
20
+ // ─── ID token verification ─────────────────────────────────────────────
21
+ /**
22
+ * Local verify — JWKS cache'lenir (5dk TTL), JWT signature kontrolü
23
+ * RS256 ile RP backend'inde stateless yapılır. `iss`/`aud` claim
24
+ * eşleşmesi de kontrol edilir.
25
+ */
26
+ async verifyIdToken(token) {
27
+ const parts = token.split(".");
28
+ if (parts.length !== 3) {
29
+ throw new Error("Malformed JWT — expected three segments.");
30
+ }
31
+ const [headerB64, payloadB64, sigB64] = parts;
32
+ const header = JSON.parse(decodeBase64Url(headerB64));
33
+ if (header.alg !== "RS256") {
34
+ throw new Error("Only RS256 supported.");
35
+ }
36
+ const claims = JSON.parse(decodeBase64Url(payloadB64));
37
+ if (typeof claims.exp !== "number" || claims.exp * 1000 < Date.now()) {
38
+ throw new Error("Token expired.");
39
+ }
40
+ // iss + aud check
41
+ const expectedIssSuffix = `/p/${this.http.projectSlug}`;
42
+ if (typeof claims.iss !== "string" || !claims.iss.endsWith(expectedIssSuffix)) {
43
+ throw new Error("Issuer mismatch.");
44
+ }
45
+ // aud == project apiKeyPrefix (12 chars). API key first 12 = aud check.
46
+ if (typeof claims.aud !== "string" ||
47
+ !this.http.apiKey?.startsWith(claims.aud)) {
48
+ throw new Error("Audience mismatch.");
49
+ }
50
+ const jwks = await this.fetchJwks();
51
+ const key = jwks.keys.find((k) => k.kid === header.kid) ?? jwks.keys[0];
52
+ if (!key)
53
+ throw new Error("No public key in JWKS.");
54
+ await verifyRsaSignature({
55
+ data: `${headerB64}.${payloadB64}`,
56
+ sigB64,
57
+ jwk: key,
58
+ });
59
+ return claims;
60
+ }
61
+ async fetchJwks() {
62
+ if (this.cachedJwks)
63
+ return this.cachedJwks;
64
+ const jwks = await this.http.request("/jwks.json", { method: "GET" });
65
+ this.cachedJwks = jwks;
66
+ // 5dk cache — basit setTimeout invalidation
67
+ setTimeout(() => {
68
+ this.cachedJwks = null;
69
+ }, 5 * 60 * 1000);
70
+ return jwks;
71
+ }
72
+ }
73
+ exports.SentroyAuthAdmin = SentroyAuthAdmin;
74
+ // ─── Helpers ─────────────────────────────────────────────────────────────
75
+ function decodeBase64Url(s) {
76
+ const padded = s.replace(/-/g, "+").replace(/_/g, "/");
77
+ const pad = padded.length % 4 === 0 ? "" : "=".repeat(4 - (padded.length % 4));
78
+ if (typeof atob === "function") {
79
+ const binary = atob(padded + pad);
80
+ const bytes = new Uint8Array(binary.length);
81
+ for (let i = 0; i < binary.length; i++)
82
+ bytes[i] = binary.charCodeAt(i);
83
+ return new TextDecoder().decode(bytes);
84
+ }
85
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
86
+ const B = globalThis.Buffer;
87
+ if (B)
88
+ return B.from(padded + pad, "base64").toString("utf8");
89
+ throw new Error("No base64 decoder available");
90
+ }
91
+ function base64UrlToBytes(s) {
92
+ const padded = s.replace(/-/g, "+").replace(/_/g, "/");
93
+ const pad = padded.length % 4 === 0 ? "" : "=".repeat(4 - (padded.length % 4));
94
+ if (typeof atob === "function") {
95
+ const binary = atob(padded + pad);
96
+ const bytes = new Uint8Array(binary.length);
97
+ for (let i = 0; i < binary.length; i++)
98
+ bytes[i] = binary.charCodeAt(i);
99
+ return bytes;
100
+ }
101
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
102
+ const B = globalThis.Buffer;
103
+ if (B)
104
+ return new Uint8Array(B.from(padded + pad, "base64"));
105
+ throw new Error("No base64 decoder available");
106
+ }
107
+ async function verifyRsaSignature(input) {
108
+ // Browser + modern Node (>=18) have crypto.subtle. Tek kod yolu.
109
+ const subtle = typeof crypto !== "undefined" && crypto.subtle ? crypto.subtle : null;
110
+ if (!subtle) {
111
+ throw new Error("Web Crypto unavailable — upgrade Node >= 18 or run in a browser.");
112
+ }
113
+ const key = await subtle.importKey("jwk", input.jwk, { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, false, ["verify"]);
114
+ // Web Crypto types want ArrayBuffer-backed BufferSource. TypeScript
115
+ // can't prove Uint8Array isn't SharedArrayBuffer-backed (DOM lib edge);
116
+ // bytes are created fresh from base64 decode so ArrayBuffer-safe — cast.
117
+ const sigBytes = base64UrlToBytes(input.sigB64);
118
+ const dataBytes = new TextEncoder().encode(input.data);
119
+ const ok = await subtle.verify({ name: "RSASSA-PKCS1-v1_5" }, key, sigBytes, dataBytes);
120
+ if (!ok)
121
+ throw new Error("Signature mismatch.");
122
+ }
123
+ //# sourceMappingURL=index.js.map
package/dist/auth/admin/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/admin/index.ts"],"names":[],"mappings":";;;AAAA,kCAAkC;AAmBlC,MAAa,gBAAgB;IACV,IAAI,CAAU;IACvB,UAAU,GAA+C,IAAI,CAAA;IAErE,YAAY,IAA6B;QACvC,IAAI,CAAC,IAAI,GAAG,IAAI,eAAQ,CAAC,IAAI,CAAC,CAAA;IAChC,CAAC;IAED,yEAAyE;IAEzE,KAAK,GAAG;QACN,IAAI,EAAE,CAAC,OAIH,EAAE,EAGH,EAAE;YACH,MAAM,IAAI,KAAK,CACb,mLAAmL,CACpL,CAAA;YACD,qEAAqE;YACrE,wEAAwE;YACxE,oEAAoE;QACtE,CAAC;KACF,CAAA;IAED,0EAA0E;IAE1E;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa;QAW/B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAA;QAC7D,CAAC;QACD,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,GAAG,KAAK,CAAA;QAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,SAAS,CAAC,CAGnD,CAAA;QACD,IAAI,MAAM,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;QAC1C,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,UAAU,CAAC,CAIpD,CAAA;QACD,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACrE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAA;QACnC,CAAC;QACD,kBAAkB;QAClB,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAA;QACvD,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;YAC9E,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;QACrC,CAAC;QACD,wEAAwE;QACxE,IACE,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ;YAC9B,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,EACzC,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;QACvC,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAA;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CACxB,CAAC,CAAC,EAAE,EAAE,CAAE,CAAsB,CAAC,GAAG,KAAK,MAAM,CAAC,GAAG,CAClD,IAAI,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAA;QAEnD,MAAM,kBAAkB,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM;YACN,GAAG,EAAE,GAAiB;SACvB,CAAC,CAAA;QAEF,OAAO,MAAe,CAAA;IACxB,CAAC;IAEO,KAAK,CAAC,SAAS;QACrB,IAAI,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC,UAAU,CAAA;QAC3C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAClC,YAAY,EACZ,EAAE,MAAM,EAAE,KAAK,EAAE,CAClB,CAAA;QACD,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACtB,4CAA4C;QAC5C,UAAU,CAAC,GAAG,EAAE;YACd,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACxB,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QACjB,OAAO,IAAI,CAAA;IACb,CAAC;CACF;AA3GD,4CA2GC;AAED,4EAA4E;AAE5E,SAAS,eAAe,CAAC,CAAS;IAChC,MAAM,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAA;IAC9E,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,CAAA;QACjC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QACvE,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACxC,CAAC;IACD,8DAA8D;IAC9D,MAAM,CAAC,GAAI,UAAkB,CAAC,MAAM,CAAA;IACpC,IAAI,CAAC;QAAE,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;IAC7D,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;AAChD,CAAC;AAED,SAAS,gBAAgB,CAAC,CAAS;IACjC,MAAM,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAA;IAC9E,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,CAAA;QACjC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QACvE,OAAO,KAAK,CAAA;IACd,CAAC;IACD,8DAA8D;IAC9D,MAAM,CAAC,GAAI,UAAkB,CAAC,MAAM,CAAA;IACpC,IAAI,CAAC;QAAE,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC5D,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;AAChD,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,KAIjC;IACC,iEAAiE;IACjE,MAAM,MAAM,GACV,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAA;IACvE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAA;IACrF,CAAC;IACD,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,SAAS,CAChC,KAAK,EACL,KAAK,CAAC,GAAG,EACT,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,SAAS,EAAE,EAC9C,KAAK,EACL,CAAC,QAAQ,CAAC,CACX,CAAA;IACD,oEAAoE;IACpE,wEAAwE;IACxE,yEAAyE;IACzE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,KAAK,CAAC,MAAM,CAAe,CAAA;IAC7D,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAe,CAAA;IACpE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAC5B,EAAE,IAAI,EAAE,mBAAmB,EAAE,EAC7B,GAAG,EACH,QAAkC,EAClC,SAAmC,CACpC,CAAA;IACD,IAAI,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;AACjD,CAAC"}
package/dist/auth/client.d.ts ADDED
@@ -0,0 +1,86 @@
1
+ import { type SentroyAuthUser, type SignupResponse, type LoginResponse } from "./types";
2
+ import { type AuthHttpOptions } from "./http";
3
+ /**
4
+ * Browser-facing Sentroy Auth SDK — Firebase Auth tarzı session API.
5
+ *
6
+ * `apiKey` BROWSER'DA OLMAMALI; bu sınıf `apiKey`'i header'a koyacaktır.
7
+ * RP backend gerçek api-key tutar; browser'da end-user kendi access/refresh
8
+ * token'larıyla yaşar. Yine de DX için sınıf hem apiKey-less browser
9
+ * akışına (signup/login backend proxy üzerinden) hem apiKey'li server
10
+ * akışına (admin) tek tip API sunar — caller hangi mod'da olduğunu
11
+ * `SentroyAuthAdmin` (admin SDK, sunucu) vs `SentroyAuth` (browser SDK,
12
+ * apiKey-less) seçimiyle netleştirir.
13
+ *
14
+ * Storage: browser'da access + refresh `storage` adapter'a yazılır
15
+ * (default `localStorage`). Refresh expire'a 5dk kala arka planda
16
+ * yenilenir; fail olursa `onAuthStateChanged(null)` ve storage silinir.
17
+ *
18
+ * **Server-side rendering**: `typeof window === "undefined"` korumalı —
19
+ * Node ortamında `localStorage` yok, default `memory` storage'a düşer.
20
+ */
21
+ export type AuthStateChangeListener = (user: SentroyAuthUser | null) => void;
22
+ export interface AuthStorageAdapter {
23
+ read(): {
24
+ accessToken: string;
25
+ refreshToken: string;
26
+ user: SentroyAuthUser;
27
+ } | null;
28
+ write(value: {
29
+ accessToken: string;
30
+ refreshToken: string;
31
+ user: SentroyAuthUser;
32
+ }): void;
33
+ clear(): void;
34
+ }
35
+ export interface SentroyAuthOptions extends AuthHttpOptions {
36
+ /** Token persistence stratejisi. Default `"localStorage"` browser'da,
37
+ * Node'da otomatik `"memory"`. Custom için adapter geçilebilir. */
38
+ storage?: "localStorage" | "memory" | AuthStorageAdapter;
39
+ /** Background refresh tetikleme süresi (saniye, expiresIn altında).
40
+ * Default 300 (5dk). */
41
+ refreshSkew?: number;
42
+ }
43
+ export declare class SentroyAuth {
44
+ private readonly http;
45
+ private readonly storage;
46
+ private readonly listeners;
47
+ private readonly refreshSkew;
48
+ private refreshTimer;
49
+ private currentUser;
50
+ constructor(opts: SentroyAuthOptions);
51
+ get user(): SentroyAuthUser | null;
52
+ get accessToken(): string | null;
53
+ signUp(input: {
54
+ email: string;
55
+ password: string;
56
+ displayName?: string;
57
+ metadata?: Record<string, unknown>;
58
+ }): Promise<SignupResponse>;
59
+ signIn(input: {
60
+ email: string;
61
+ password: string;
62
+ }): Promise<LoginResponse>;
63
+ signOut(): Promise<void>;
64
+ sendPasswordReset(email: string): Promise<void>;
65
+ verifyEmail(token: string): Promise<SentroyAuthUser>;
66
+ /**
67
+ * Subscription pattern — Firebase Auth uyumlu. Caller'ın hemen mevcut
68
+ * state'i alabilmesi için constructor'da restore edilen user
69
+ * subscribe sırasında bir kez dispatch edilir.
70
+ */
71
+ onAuthStateChanged(listener: AuthStateChangeListener): () => void;
72
+ private persist;
73
+ private clearSession;
74
+ private notify;
75
+ /**
76
+ * JWT'nin `exp` claim'inden expiry'i tahmin et. Parsing fail ise
77
+ * 1 saat varsay (default access TTL). Refresh window: exp - skew.
78
+ *
79
+ * **Browser-safe**: `Buffer` Node'a özel, tarayıcıda yok. `atob`
80
+ * + URL-safe charset normalization ile decode ediyoruz.
81
+ */
82
+ private estimateExpiry;
83
+ private scheduleRefresh;
84
+ private refresh;
85
+ }
86
+ //# sourceMappingURL=client.d.ts.map
package/dist/auth/client.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/auth/client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,aAAa,EAEnB,MAAM,SAAS,CAAA;AAChB,OAAO,EAAY,KAAK,eAAe,EAAE,MAAM,QAAQ,CAAA;AAEvD;;;;;;;;;;;;;;;;;GAiBG;AAEH,MAAM,MAAM,uBAAuB,GAAG,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI,KAAK,IAAI,CAAA;AAE5E,MAAM,WAAW,kBAAkB;IACjC,IAAI,IAAI;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,eAAe,CAAA;KAAE,GAAG,IAAI,CAAA;IACnF,KAAK,CAAC,KAAK,EAAE;QACX,WAAW,EAAE,MAAM,CAAA;QACnB,YAAY,EAAE,MAAM,CAAA;QACpB,IAAI,EAAE,eAAe,CAAA;KACtB,GAAG,IAAI,CAAA;IACR,KAAK,IAAI,IAAI,CAAA;CACd;AA+ED,MAAM,WAAW,kBAAmB,SAAQ,eAAe;IACzD;wEACoE;IACpE,OAAO,CAAC,EAAE,cAAc,GAAG,QAAQ,GAAG,kBAAkB,CAAA;IACxD;6BACyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAU;IAC/B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAoB;IAC5C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAqC;IAC/D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAQ;IACpC,OAAO,CAAC,YAAY,CAA6C;IACjE,OAAO,CAAC,WAAW,CAA+B;gBAEtC,IAAI,EAAE,kBAAkB;IA2BpC,IAAI,IAAI,IAAI,eAAe,GAAG,IAAI,CAEjC;IAED,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAEK,MAAM,CAAC,KAAK,EAAE;QAClB,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,WAAW,CAAC,EAAE,MAAM,CAAA;QACpB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KACnC,GAAG,OAAO,CAAC,cAAc,CAAC;IAerB,MAAM,CAAC,KAAK,EAAE;QAClB,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;KACjB,GAAG,OAAO,CAAC,aAAa,CAAC;IAapB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAexB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAO/C,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAiB1D;;;;OAIG;IACH,kBAAkB,CAAC,QAAQ,EAAE,uBAAuB,GAAG,MAAM,IAAI;IAYjE,OAAO,CAAC,OAAO;IAWf,OAAO,CAAC,YAAY;IAUpB,OAAO,CAAC,MAAM;IAUd;;;;;;OAMG;IACH,OAAO,CAAC,cAAc;IAetB,OAAO,CAAC,eAAe;YAaT,OAAO;CAiBtB"}
package/dist/auth/client.js ADDED
@@ -0,0 +1,265 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.SentroyAuth = void 0;
4
+ const http_1 = require("./http");
5
+ const STORAGE_KEY_PREFIX = "sentroy.auth";
6
+ /**
7
+ * Base64URL → UTF-8 decode. Browser'da `atob` + manuel UTF-8 reconstruction;
8
+ * Node'da `Buffer.from(..., "base64url")`. Tek kod yolu, runtime detect.
9
+ */
10
+ function decodeBase64Url(s) {
11
+ // Pad + standard base64
12
+ const padded = s.replace(/-/g, "+").replace(/_/g, "/");
13
+ const pad = padded.length % 4 === 0 ? "" : "=".repeat(4 - (padded.length % 4));
14
+ if (typeof atob === "function") {
15
+ const binary = atob(padded + pad);
16
+ // UTF-8 reconstruction (JWT claims yabancı karakter içerebilir)
17
+ const bytes = new Uint8Array(binary.length);
18
+ for (let i = 0; i < binary.length; i++)
19
+ bytes[i] = binary.charCodeAt(i);
20
+ return new TextDecoder().decode(bytes);
21
+ }
22
+ // Node fallback
23
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
24
+ const B = globalThis.Buffer;
25
+ if (B)
26
+ return B.from(padded + pad, "base64").toString("utf8");
27
+ throw new Error("No base64 decoder available");
28
+ }
29
+ function localStorageAdapter(projectSlug) {
30
+ if (typeof window === "undefined" || !window.localStorage) {
31
+ return memoryStorageAdapter();
32
+ }
33
+ const key = `${STORAGE_KEY_PREFIX}.${projectSlug}`;
34
+ return {
35
+ read() {
36
+ try {
37
+ const raw = window.localStorage.getItem(key);
38
+ if (!raw)
39
+ return null;
40
+ return JSON.parse(raw);
41
+ }
42
+ catch {
43
+ return null;
44
+ }
45
+ },
46
+ write(value) {
47
+ try {
48
+ window.localStorage.setItem(key, JSON.stringify(value));
49
+ }
50
+ catch {
51
+ // QuotaExceeded, etc — degrade to memory silently.
52
+ }
53
+ },
54
+ clear() {
55
+ try {
56
+ window.localStorage.removeItem(key);
57
+ }
58
+ catch {
59
+ // ignore
60
+ }
61
+ },
62
+ };
63
+ }
64
+ function memoryStorageAdapter() {
65
+ let store = null;
66
+ return {
67
+ read: () => store,
68
+ write: (value) => {
69
+ store = value;
70
+ },
71
+ clear: () => {
72
+ store = null;
73
+ },
74
+ };
75
+ }
76
+ class SentroyAuth {
77
+ http;
78
+ storage;
79
+ listeners = new Set();
80
+ refreshSkew;
81
+ refreshTimer = null;
82
+ currentUser = null;
83
+ constructor(opts) {
84
+ this.http = new http_1.AuthHttp(opts);
85
+ this.refreshSkew = opts.refreshSkew ?? 300;
86
+ if (opts.storage === "memory") {
87
+ this.storage = memoryStorageAdapter();
88
+ }
89
+ else if (opts.storage &&
90
+ typeof opts.storage === "object" &&
91
+ "read" in opts.storage) {
92
+ this.storage = opts.storage;
93
+ }
94
+ else {
95
+ this.storage = localStorageAdapter(opts.projectSlug);
96
+ }
97
+ // Restore from storage on construct — `onAuthStateChanged` listener'ları
98
+ // henüz yok; ilk subscribe sırasında dispatch edilir.
99
+ const restored = this.storage.read();
100
+ if (restored) {
101
+ this.currentUser = restored.user;
102
+ this.scheduleRefresh(this.estimateExpiry(restored.accessToken));
103
+ }
104
+ }
105
+ // ─── Public API ──────────────────────────────────────────────────────────
106
+ get user() {
107
+ return this.currentUser;
108
+ }
109
+ get accessToken() {
110
+ return this.storage.read()?.accessToken ?? null;
111
+ }
112
+ async signUp(input) {
113
+ const res = await this.http.request("/signup", {
114
+ method: "POST",
115
+ json: input,
116
+ });
117
+ if (res.accessToken && res.refreshToken) {
118
+ this.persist({
119
+ accessToken: res.accessToken,
120
+ refreshToken: res.refreshToken,
121
+ user: res.user,
122
+ });
123
+ }
124
+ return res;
125
+ }
126
+ async signIn(input) {
127
+ const res = await this.http.request("/login", {
128
+ method: "POST",
129
+ json: input,
130
+ });
131
+ this.persist({
132
+ accessToken: res.accessToken,
133
+ refreshToken: res.refreshToken,
134
+ user: res.user,
135
+ });
136
+ return res;
137
+ }
138
+ async signOut() {
139
+ const restored = this.storage.read();
140
+ if (restored?.refreshToken) {
141
+ // Best-effort revoke — fail'ı sessizce yut (network problem
142
+ // sign-out'u bloklamasın).
143
+ await this.http
144
+ .request("/logout", {
145
+ method: "POST",
146
+ json: { refreshToken: restored.refreshToken },
147
+ })
148
+ .catch(() => { });
149
+ }
150
+ this.clearSession();
151
+ }
152
+ async sendPasswordReset(email) {
153
+ await this.http.request("/password-reset/request", {
154
+ method: "POST",
155
+ json: { email },
156
+ });
157
+ }
158
+ async verifyEmail(token) {
159
+ const res = await this.http.request("/verify-email", { method: "POST", json: { token } });
160
+ if (this.currentUser && this.currentUser.id === res.user.id) {
161
+ const restored = this.storage.read();
162
+ if (restored) {
163
+ this.persist({ ...restored, user: res.user });
164
+ }
165
+ else {
166
+ this.currentUser = res.user;
167
+ this.notify();
168
+ }
169
+ }
170
+ return res.user;
171
+ }
172
+ /**
173
+ * Subscription pattern — Firebase Auth uyumlu. Caller'ın hemen mevcut
174
+ * state'i alabilmesi için constructor'da restore edilen user
175
+ * subscribe sırasında bir kez dispatch edilir.
176
+ */
177
+ onAuthStateChanged(listener) {
178
+ this.listeners.add(listener);
179
+ // Microtask gibi async dispatch — caller's `useEffect` cleanup race
180
+ // problemlerini önler.
181
+ Promise.resolve().then(() => listener(this.currentUser));
182
+ return () => {
183
+ this.listeners.delete(listener);
184
+ };
185
+ }
186
+ // ─── Internals ───────────────────────────────────────────────────────────
187
+ persist(value) {
188
+ this.storage.write(value);
189
+ this.currentUser = value.user;
190
+ this.notify();
191
+ this.scheduleRefresh(this.estimateExpiry(value.accessToken));
192
+ }
193
+ clearSession() {
194
+ this.storage.clear();
195
+ this.currentUser = null;
196
+ if (this.refreshTimer) {
197
+ clearTimeout(this.refreshTimer);
198
+ this.refreshTimer = null;
199
+ }
200
+ this.notify();
201
+ }
202
+ notify() {
203
+ for (const l of this.listeners) {
204
+ try {
205
+ l(this.currentUser);
206
+ }
207
+ catch {
208
+ // Listener hatası diğer subscriber'ları engellemesin.
209
+ }
210
+ }
211
+ }
212
+ /**
213
+ * JWT'nin `exp` claim'inden expiry'i tahmin et. Parsing fail ise
214
+ * 1 saat varsay (default access TTL). Refresh window: exp - skew.
215
+ *
216
+ * **Browser-safe**: `Buffer` Node'a özel, tarayıcıda yok. `atob`
217
+ * + URL-safe charset normalization ile decode ediyoruz.
218
+ */
219
+ estimateExpiry(accessToken) {
220
+ try {
221
+ const [, payloadB64] = accessToken.split(".");
222
+ const payload = JSON.parse(decodeBase64Url(payloadB64));
223
+ if (typeof payload.exp === "number") {
224
+ return payload.exp * 1000;
225
+ }
226
+ }
227
+ catch {
228
+ // ignore — fall through to default
229
+ }
230
+ return Date.now() + 60 * 60 * 1000;
231
+ }
232
+ scheduleRefresh(expiryMs) {
233
+ if (typeof window === "undefined")
234
+ return; // SSR'da auto-refresh yok
235
+ if (this.refreshTimer)
236
+ clearTimeout(this.refreshTimer);
237
+ const fireAt = expiryMs - this.refreshSkew * 1000;
238
+ const delay = Math.max(fireAt - Date.now(), 5_000);
239
+ this.refreshTimer = setTimeout(() => {
240
+ this.refresh().catch(() => {
241
+ // Refresh fail → session cleared, listener'lar null user görür
242
+ this.clearSession();
243
+ });
244
+ }, delay);
245
+ }
246
+ async refresh() {
247
+ const restored = this.storage.read();
248
+ if (!restored?.refreshToken) {
249
+ this.clearSession();
250
+ return;
251
+ }
252
+ const res = await this.http.request("/refresh", {
253
+ method: "POST",
254
+ json: { refreshToken: restored.refreshToken },
255
+ });
256
+ this.storage.write({
257
+ ...restored,
258
+ accessToken: res.accessToken,
259
+ refreshToken: res.refreshToken,
260
+ });
261
+ this.scheduleRefresh(this.estimateExpiry(res.accessToken));
262
+ }
263
+ }
264
+ exports.SentroyAuth = SentroyAuth;
265
+ //# sourceMappingURL=client.js.map
package/dist/auth/client.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/auth/client.ts"],"names":[],"mappings":";;;AAMA,iCAAuD;AAiCvD,MAAM,kBAAkB,GAAG,cAAc,CAAA;AAEzC;;;GAGG;AACH,SAAS,eAAe,CAAC,CAAS;IAChC,wBAAwB;IACxB,MAAM,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAA;IAC9E,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,CAAA;QACjC,gEAAgE;QAChE,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QACvE,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACxC,CAAC;IACD,gBAAgB;IAChB,8DAA8D;IAC9D,MAAM,CAAC,GAAI,UAAkB,CAAC,MAAM,CAAA;IACpC,IAAI,CAAC;QAAE,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;IAC7D,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;AAChD,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAmB;IAC9C,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QAC1D,OAAO,oBAAoB,EAAE,CAAA;IAC/B,CAAC;IACD,MAAM,GAAG,GAAG,GAAG,kBAAkB,IAAI,WAAW,EAAE,CAAA;IAClD,OAAO;QACL,IAAI;YACF,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAC5C,IAAI,CAAC,GAAG;oBAAE,OAAO,IAAI,CAAA;gBACrB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAIpB,CAAA;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;QACD,KAAK,CAAC,KAAK;YACT,IAAI,CAAC;gBACH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;YACzD,CAAC;YAAC,MAAM,CAAC;gBACP,mDAAmD;YACrD,CAAC;QACH,CAAC;QACD,KAAK;YACH,IAAI,CAAC;gBACH,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;YACrC,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;QACH,CAAC;KACF,CAAA;AACH,CAAC;AAED,SAAS,oBAAoB;IAC3B,IAAI,KAAK,GAIE,IAAI,CAAA;IACf,OAAO;QACL,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK;QACjB,KAAK,EAAE,CAAC,KAAK,EAAE,EAAE;YACf,KAAK,GAAG,KAAK,CAAA;QACf,CAAC;QACD,KAAK,EAAE,GAAG,EAAE;YACV,KAAK,GAAG,IAAI,CAAA;QACd,CAAC;KACF,CAAA;AACH,CAAC;AAWD,MAAa,WAAW;IACL,IAAI,CAAU;IACd,OAAO,CAAoB;IAC3B,SAAS,GAAG,IAAI,GAAG,EAA2B,CAAA;IAC9C,WAAW,CAAQ;IAC5B,YAAY,GAAyC,IAAI,CAAA;IACzD,WAAW,GAA2B,IAAI,CAAA;IAElD,YAAY,IAAwB;QAClC,IAAI,CAAC,IAAI,GAAG,IAAI,eAAQ,CAAC,IAAI,CAAC,CAAA;QAC9B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,GAAG,CAAA;QAE1C,IAAI,IAAI,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,GAAG,oBAAoB,EAAE,CAAA;QACvC,CAAC;aAAM,IACL,IAAI,CAAC,OAAO;YACZ,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ;YAChC,MAAM,IAAI,IAAI,CAAC,OAAO,EACtB,CAAC;YACD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC7B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,GAAG,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QACtD,CAAC;QAED,yEAAyE;QACzE,sDAAsD;QACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAA;QACpC,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAA;YAChC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAA;QACjE,CAAC;IACH,CAAC;IAED,4EAA4E;IAE5E,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,WAAW,IAAI,IAAI,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAKZ;QACC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAiB,SAAS,EAAE;YAC7D,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,KAAK;SACZ,CAAC,CAAA;QACF,IAAI,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACxC,IAAI,CAAC,OAAO,CAAC;gBACX,WAAW,EAAE,GAAG,CAAC,WAAW;gBAC5B,YAAY,EAAE,GAAG,CAAC,YAAY;gBAC9B,IAAI,EAAE,GAAG,CAAC,IAAI;aACf,CAAC,CAAA;QACJ,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAGZ;QACC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAgB,QAAQ,EAAE;YAC3D,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,KAAK;SACZ,CAAC,CAAA;QACF,IAAI,CAAC,OAAO,CAAC;YACX,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,YAAY,EAAE,GAAG,CAAC,YAAY;YAC9B,IAAI,EAAE,GAAG,CAAC,IAAI;SACf,CAAC,CAAA;QACF,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAA;QACpC,IAAI,QAAQ,EAAE,YAAY,EAAE,CAAC;YAC3B,4DAA4D;YAC5D,2BAA2B;YAC3B,MAAM,IAAI,CAAC,IAAI;iBACZ,OAAO,CAAC,SAAS,EAAE;gBAClB,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE;aAC9C,CAAC;iBACD,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;QACpB,CAAC;QACD,IAAI,CAAC,YAAY,EAAE,CAAA;IACrB,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAa;QACnC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,yBAAyB,EAAE;YACjD,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,EAAE,KAAK,EAAE;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CACjC,eAAe,EACf,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,CACpC,CAAA;QACD,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,CAAC,EAAE,KAAK,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAA;YACpC,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAA;YAC/C,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,IAAI,CAAA;gBAC3B,IAAI,CAAC,MAAM,EAAE,CAAA;YACf,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC,IAAI,CAAA;IACjB,CAAC;IAED;;;;OAIG;IACH,kBAAkB,CAAC,QAAiC;QAClD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QAC5B,oEAAoE;QACpE,uBAAuB;QACvB,OAAO,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAA;QACxD,OAAO,GAAG,EAAE;YACV,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;QACjC,CAAC,CAAA;IACH,CAAC;IAED,4EAA4E;IAEpE,OAAO,CAAC,KAIf;QACC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QACzB,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,IAAI,CAAA;QAC7B,IAAI,CAAC,MAAM,EAAE,CAAA;QACb,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;IAC9D,CAAC;IAEO,YAAY;QAClB,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAA;QACpB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAA;QACvB,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;YAC/B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;QAC1B,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAA;IACf,CAAC;IAEO,MAAM;QACZ,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;YACrB,CAAC;YAAC,MAAM,CAAC;gBACP,sDAAsD;YACxD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACK,cAAc,CAAC,WAAmB;QACxC,IAAI,CAAC;YACH,MAAM,CAAC,EAAE,UAAU,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,UAAU,CAAC,CAErD,CAAA;YACD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACpC,OAAO,OAAO,CAAC,GAAG,GAAG,IAAI,CAAA;YAC3B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;IACpC,CAAC;IAEO,eAAe,CAAC,QAAgB;QACtC,IAAI,OAAO,MAAM,KAAK,WAAW;YAAE,OAAM,CAAC,0BAA0B;QACpE,IAAI,IAAI,CAAC,YAAY;YAAE,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACtD,MAAM,MAAM,GAAG,QAAQ,GAAG,IAAI,CAAC,WAAW,GAAG,IAAI,CAAA;QACjD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;QAClD,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC,GAAG,EAAE;YAClC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE;gBACxB,+DAA+D;gBAC/D,IAAI,CAAC,YAAY,EAAE,CAAA;YACrB,CAAC,CAAC,CAAA;QACJ,CAAC,EAAE,KAAK,CAAC,CAAA;IACX,CAAC;IAEO,KAAK,CAAC,OAAO;QACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAA;QACpC,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,CAAC;YAC5B,IAAI,CAAC,YAAY,EAAE,CAAA;YACnB,OAAM;QACR,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAqB,UAAU,EAAE;YAClE,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE;SAC9C,CAAC,CAAA;QACF,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YACjB,GAAG,QAAQ;YACX,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,CAAC,CAAA;QACF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IAC5D,CAAC;CACF;AA1ND,kCA0NC"}
package/dist/auth/http.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ export interface AuthHttpOptions {
2
+ authBaseUrl?: string;
3
+ projectSlug: string;
4
+ apiKey?: string;
5
+ /** Hata-fırlatma yerine raw response döndür — caller fine-grained handling. */
6
+ rawErrors?: boolean;
7
+ }
8
+ export declare class AuthHttp {
9
+ readonly baseUrl: string;
10
+ readonly projectSlug: string;
11
+ readonly apiKey?: string;
12
+ constructor(opts: AuthHttpOptions);
13
+ url(path: string): string;
14
+ request<T>(path: string, init?: RequestInit & {
15
+ json?: unknown;
16
+ bearer?: string;
17
+ }): Promise<T>;
18
+ }
19
+ //# sourceMappingURL=http.d.ts.map
package/dist/auth/http.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../src/auth/http.ts"],"names":[],"mappings":"AAaA,MAAM,WAAW,eAAe;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,+EAA+E;IAC/E,SAAS,CAAC,EAAE,OAAO,CAAA;CACpB;AAED,qBAAa,QAAQ;IACnB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAA;IACxB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;gBAEZ,IAAI,EAAE,eAAe;IASjC,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAKnB,OAAO,CAAC,CAAC,EACb,IAAI,EAAE,MAAM,EACZ,IAAI,GAAE,WAAW,GAAG;QAClB,IAAI,CAAC,EAAE,OAAO,CAAA;QACd,MAAM,CAAC,EAAE,MAAM,CAAA;KACX,GACL,OAAO,CAAC,CAAC,CAAC;CAsDd"}
package/dist/auth/http.js ADDED
@@ -0,0 +1,74 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.AuthHttp = void 0;
4
+ const types_1 = require("./types");
5
+ /**
6
+ * Auth-as-a-Service shared HTTP layer. Project's signup/login/refresh
7
+ * endpoints'iyle aynı format (JSON request + JSON response, 401/403/4xx
8
+ * tek-tip `{error, error_description}` shape).
9
+ *
10
+ * `apiKey` opsiyonel — browser SDK end-user akışında apiKey-less
11
+ * (server-only güvenlik), admin SDK her zaman set'li.
12
+ */
13
+ const DEFAULT_AUTH_BASE_URL = "https://auth.sentroy.com";
14
+ class AuthHttp {
15
+ baseUrl;
16
+ projectSlug;
17
+ apiKey;
18
+ constructor(opts) {
19
+ this.baseUrl = (opts.authBaseUrl || DEFAULT_AUTH_BASE_URL).replace(/\/+$/, "");
20
+ this.projectSlug = opts.projectSlug;
21
+ this.apiKey = opts.apiKey;
22
+ }
23
+ url(path) {
24
+ const p = path.startsWith("/") ? path : `/${path}`;
25
+ return `${this.baseUrl}/api/v1/auth/${this.projectSlug}${p}`;
26
+ }
27
+ async request(path, init = {}) {
28
+ const headers = new Headers(init.headers);
29
+ headers.set("Accept", "application/json");
30
+ if (init.json !== undefined) {
31
+ headers.set("Content-Type", "application/json");
32
+ }
33
+ // Auth precedence: explicit `bearer` (user access token) > project `apiKey`.
34
+ // Caller chooses the one that fits the endpoint.
35
+ if (init.bearer) {
36
+ headers.set("Authorization", `Bearer ${init.bearer}`);
37
+ }
38
+ else if (this.apiKey) {
39
+ headers.set("Authorization", `Bearer ${this.apiKey}`);
40
+ }
41
+ const res = await fetch(this.url(path), {
42
+ ...init,
43
+ headers,
44
+ body: init.json !== undefined ? JSON.stringify(init.json) : init.body,
45
+ });
46
+ let payload = null;
47
+ const ct = res.headers.get("content-type") ?? "";
48
+ if (ct.includes("application/json")) {
49
+ try {
50
+ payload = await res.json();
51
+ }
52
+ catch {
53
+ payload = null;
54
+ }
55
+ }
56
+ if (!res.ok) {
57
+ const err = payload && typeof payload === "object"
58
+ ? payload
59
+ : {};
60
+ throw new types_1.SentroyAuthError(err.error ?? "http_error", err.error_description ?? `HTTP ${res.status}`, res.status);
61
+ }
62
+ // Sentroy admin endpoints wrap in `{data}`; public endpoints sometimes
63
+ // too. SDK auto-unwraps when present so callers don't keep .data on
64
+ // every call.
65
+ if (payload &&
66
+ typeof payload === "object" &&
67
+ "data" in payload) {
68
+ return payload.data;
69
+ }
70
+ return payload;
71
+ }
72
+ }
73
+ exports.AuthHttp = AuthHttp;
74
+ //# sourceMappingURL=http.js.map
package/dist/auth/http.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/auth/http.ts"],"names":[],"mappings":";;;AAAA,mCAA0C;AAE1C;;;;;;;GAOG;AAEH,MAAM,qBAAqB,GAAG,0BAA0B,CAAA;AAUxD,MAAa,QAAQ;IACV,OAAO,CAAQ;IACf,WAAW,CAAQ;IACnB,MAAM,CAAS;IAExB,YAAY,IAAqB;QAC/B,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,WAAW,IAAI,qBAAqB,CAAC,CAAC,OAAO,CAChE,MAAM,EACN,EAAE,CACH,CAAA;QACD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;IAC3B,CAAC;IAED,GAAG,CAAC,IAAY;QACd,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAA;QAClD,OAAO,GAAG,IAAI,CAAC,OAAO,gBAAgB,IAAI,CAAC,WAAW,GAAG,CAAC,EAAE,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAAY,EACZ,OAGI,EAAE;QAEN,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACzC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAA;QACzC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAA;QACjD,CAAC;QACD,6EAA6E;QAC7E,iDAAiD;QACjD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;QACvD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;QACvD,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;YACtC,GAAG,IAAI;YACP,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI;SACtE,CAAC,CAAA;QAEF,IAAI,OAAO,GAAY,IAAI,CAAA;QAC3B,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAA;QAChD,IAAI,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACpC,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;YAC5B,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,GAAG,IAAI,CAAA;YAChB,CAAC;QACH,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,GAAG,GACP,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;gBACpC,CAAC,CAAE,OAA0D;gBAC7D,CAAC,CAAC,EAAE,CAAA;YACR,MAAM,IAAI,wBAAgB,CACxB,GAAG,CAAC,KAAK,IAAI,YAAY,EACzB,GAAG,CAAC,iBAAiB,IAAI,QAAQ,GAAG,CAAC,MAAM,EAAE,EAC7C,GAAG,CAAC,MAAM,CACX,CAAA;QACH,CAAC;QAED,uEAAuE;QACvE,oEAAoE;QACpE,cAAc;QACd,IACE,OAAO;YACP,OAAO,OAAO,KAAK,QAAQ;YAC3B,MAAM,IAAK,OAAmC,EAC9C,CAAC;YACD,OAAQ,OAAuB,CAAC,IAAI,CAAA;QACtC,CAAC;QACD,OAAO,OAAY,CAAA;IACrB,CAAC;CACF;AA/ED,4BA+EC"}