@simplr-ai/node 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/http.ts","../src/resources.ts","../src/webhooks.ts"],"sourcesContent":["import { apiRequest, type HttpConfig } from \"./http.js\";\nimport { EdgeResource, OrdersResource, PhoneResource } from \"./resources.js\";\nimport * as webhooks from \"./webhooks.js\";\nimport type { BulkResult, CheckInput, CheckResult, SimplrOptions } from \"./types.js\";\n\nexport { SimplrError, WebhookVerificationError } from \"./errors.js\";\nexport * from \"./types.js\";\nexport { verify as verifyWebhook, constructEvent as constructWebhookEvent } from \"./webhooks.js\";\n\nconst DEFAULT_BASE_URL = \"https://api.simplr.sh\";\n\n/**\n * Simplr server-side client.\n *\n * ```ts\n * import { Simplr } from \"@simplr-ai/node\";\n * const simplr = new Simplr({ apiKey: process.env.SIMPLR_API_KEY! });\n * const result = await simplr.check({ email: \"user@example.com\", event_type: \"signup\" });\n * ```\n */\nexport class Simplr {\n private readonly cfg: HttpConfig;\n\n readonly orders: OrdersResource;\n readonly phone: PhoneResource;\n readonly edge: EdgeResource;\n /** Webhook signature helpers (no network). */\n readonly webhooks = webhooks;\n\n constructor(options: SimplrOptions) {\n if (!options?.apiKey) throw new Error(\"Simplr: `apiKey` is required\");\n this.cfg = {\n apiKey: options.apiKey,\n baseUrl: (options.baseUrl || DEFAULT_BASE_URL).replace(/\\/+$/, \"\"),\n timeoutMs: options.timeoutMs ?? 15000,\n fetchImpl: options.fetch ?? globalThis.fetch,\n };\n if (typeof this.cfg.fetchImpl !== \"function\") {\n throw new Error(\"Simplr: no global fetch available — use Node 18+ or pass `fetch` in options\");\n }\n this.orders = new OrdersResource(this.cfg);\n this.phone = new PhoneResource(this.cfg);\n this.edge = new EdgeResource(this.cfg);\n }\n\n /** Run an identity/fraud check. Provide any of email, phone, device, behavior. */\n check(input: CheckInput): Promise<CheckResult> {\n return apiRequest(this.cfg, \"POST\", \"/v1/check\", input);\n }\n\n /** Run up to 100 checks at once. */\n checkBulk(items: CheckInput[]): Promise<BulkResult<CheckResult>> {\n return apiRequest(this.cfg, \"POST\", \"/v1/check/bulk\", { items });\n }\n}\n\nexport default Simplr;\n","/** Thrown when the Simplr API returns a non-2xx response. */\nexport class SimplrError extends Error {\n readonly status: number;\n readonly body: unknown;\n\n constructor(message: string, status: number, body: unknown) {\n super(message);\n this.name = \"SimplrError\";\n this.status = status;\n this.body = body;\n }\n}\n\n/** Thrown when a webhook signature fails verification. */\nexport class WebhookVerificationError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"WebhookVerificationError\";\n }\n}\n","import { SimplrError } from \"./errors.js\";\n\nexport interface HttpConfig {\n apiKey: string;\n baseUrl: string;\n timeoutMs: number;\n fetchImpl: typeof fetch;\n}\n\n/**\n * Internal request helper. Sends X-API-Key, applies a timeout, and unwraps the\n * API's `{ success, message, content }` envelope (returning `content`).\n */\nexport async function apiRequest<T>(\n cfg: HttpConfig,\n method: \"GET\" | \"POST\" | \"PATCH\" | \"DELETE\",\n path: string,\n body?: unknown,\n): Promise<T> {\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), cfg.timeoutMs);\n try {\n const res = await cfg.fetchImpl(`${cfg.baseUrl}${path}`, {\n method,\n headers: {\n \"Content-Type\": \"application/json\",\n \"X-API-Key\": cfg.apiKey,\n },\n body: body !== undefined ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n const text = await res.text();\n let parsed: any;\n try {\n parsed = text ? JSON.parse(text) : undefined;\n } catch {\n parsed = text;\n }\n\n if (!res.ok) {\n const message =\n (parsed && (parsed.message || parsed.error)) || `Simplr API error ${res.status}`;\n throw new SimplrError(message, res.status, parsed);\n }\n\n // Unwrap the standard envelope when present.\n return (parsed && typeof parsed === \"object\" && \"content\" in parsed\n ? parsed.content\n : parsed) as T;\n } catch (err) {\n if (err instanceof SimplrError) throw err;\n if (err instanceof Error && err.name === \"AbortError\") {\n throw new SimplrError(`Request to ${path} timed out after ${cfg.timeoutMs}ms`, 0, null);\n }\n throw new SimplrError(err instanceof Error ? err.message : \"Network error\", 0, null);\n } finally {\n clearTimeout(timer);\n }\n}\n","import { apiRequest, type HttpConfig } from \"./http.js\";\nimport type {\n BulkResult,\n EdgeLogEntry,\n OrderInput,\n OrderResult,\n PhoneReportInput,\n} from \"./types.js\";\n\n/** Order fraud scoring. */\nexport class OrdersResource {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Submit a single order for fraud scoring. */\n submit(order: OrderInput): Promise<OrderResult> {\n return apiRequest(this.cfg, \"POST\", \"/v1/orders\", order);\n }\n\n /** Submit up to 100 orders at once. */\n submitBulk(orders: OrderInput[]): Promise<BulkResult<OrderResult>> {\n return apiRequest(this.cfg, \"POST\", \"/v1/orders/bulk\", { orders });\n }\n}\n\n/** Phone intelligence + outcome reporting. */\nexport class PhoneResource {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Report the real-world outcome for a phone number to improve scoring. */\n report(input: PhoneReportInput): Promise<{ success: boolean }> {\n return apiRequest(this.cfg, \"POST\", \"/v1/check/phone/report\", input);\n }\n\n /** Fetch stored risk intelligence for a phone number. */\n intelligence(phone: string): Promise<Record<string, unknown>> {\n return apiRequest(this.cfg, \"GET\", `/v1/check/phone/intelligence/${encodeURIComponent(phone)}`);\n }\n}\n\n/** Edge device registration + log ingestion. */\nexport class EdgeResource {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Register an edge device. */\n registerDevice(input: { device_id: string; name?: string; firmware?: string; [k: string]: unknown }) {\n return apiRequest(this.cfg, \"POST\", \"/v1/edge/devices/register\", input);\n }\n\n /** Report a device heartbeat with health metrics. */\n heartbeat(deviceId: string, metrics: Record<string, unknown>) {\n return apiRequest(\n this.cfg,\n \"POST\",\n `/v1/edge/devices/${encodeURIComponent(deviceId)}/heartbeat`,\n metrics,\n );\n }\n\n /** Batch-ingest structured logs for a device. */\n ingestLogs(deviceId: string, logs: EdgeLogEntry[]) {\n return apiRequest(this.cfg, \"POST\", \"/v1/edge/logs\", { device_id: deviceId, logs });\n }\n}\n","import { createHmac, timingSafeEqual } from \"node:crypto\";\nimport { WebhookVerificationError } from \"./errors.js\";\n\nexport interface VerifyOptions {\n /** Reject signatures whose timestamp is older than this many seconds (default 300). 0 disables. */\n toleranceSec?: number;\n}\n\nfunction parseHeader(header: string): { t: string; v1: string } | null {\n // Format: \"t=<unix-seconds>,v1=<hex-hmac>\"\n const parts = header.split(\",\").map((p) => p.trim());\n let t = \"\";\n let v1 = \"\";\n for (const part of parts) {\n const [k, v] = part.split(\"=\");\n if (k === \"t\") t = v;\n if (k === \"v1\") v1 = v;\n }\n return t && v1 ? { t, v1 } : null;\n}\n\nfunction expectedSignature(timestamp: string, payload: string, secret: string): string {\n return createHmac(\"sha256\", secret).update(`${timestamp}.${payload}`).digest(\"hex\");\n}\n\nfunction safeEqualHex(a: string, b: string): boolean {\n if (a.length !== b.length) return false;\n try {\n return timingSafeEqual(Buffer.from(a, \"hex\"), Buffer.from(b, \"hex\"));\n } catch {\n return false;\n }\n}\n\n/**\n * Verify a Simplr webhook signature.\n *\n * @param payload The RAW request body string (do not re-serialize parsed JSON).\n * @param header The `X-Simplr-Signature` header value (`t=…,v1=…`).\n * @param secret The webhook's signing secret.\n * @returns true if the signature is valid and within the tolerance window.\n */\nexport function verify(\n payload: string | Buffer,\n header: string,\n secret: string,\n options: VerifyOptions = {},\n): boolean {\n const tolerance = options.toleranceSec ?? 300;\n const parsed = parseHeader(header || \"\");\n if (!parsed) return false;\n\n const body = typeof payload === \"string\" ? payload : payload.toString(\"utf8\");\n const expected = expectedSignature(parsed.t, body, secret);\n if (!safeEqualHex(parsed.v1, expected)) return false;\n\n if (tolerance > 0) {\n const ts = Number(parsed.t);\n if (!Number.isFinite(ts)) return false;\n const ageSec = Math.abs(Date.now() / 1000 - ts);\n if (ageSec > tolerance) return false;\n }\n return true;\n}\n\n/**\n * Verify the signature and return the parsed event object.\n * Throws {@link WebhookVerificationError} if verification fails.\n */\nexport function constructEvent<T = { event: string; data: unknown }>(\n payload: string | Buffer,\n header: string,\n secret: string,\n options: VerifyOptions = {},\n): T {\n if (!verify(payload, header, secret, options)) {\n throw new WebhookVerificationError(\"Webhook signature verification failed\");\n }\n const body = typeof payload === \"string\" ? payload : payload.toString(\"utf8\");\n return JSON.parse(body) as T;\n}\n\nexport const webhooks = { verify, constructEvent };\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACCO,IAAM,cAAN,cAA0B,MAAM;AAAA,EAC5B;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,QAAgB,MAAe;AAC1D,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AAAA,EACd;AACF;AAGO,IAAM,2BAAN,cAAuC,MAAM;AAAA,EAClD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;;;ACNA,eAAsB,WACpB,KACA,QACA,MACA,MACY;AACZ,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,IAAI,SAAS;AAChE,MAAI;AACF,UAAM,MAAM,MAAM,IAAI,UAAU,GAAG,IAAI,OAAO,GAAG,IAAI,IAAI;AAAA,MACvD;AAAA,MACA,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,aAAa,IAAI;AAAA,MACnB;AAAA,MACA,MAAM,SAAS,SAAY,KAAK,UAAU,IAAI,IAAI;AAAA,MAClD,QAAQ,WAAW;AAAA,IACrB,CAAC;AAED,UAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAI;AACJ,QAAI;AACF,eAAS,OAAO,KAAK,MAAM,IAAI,IAAI;AAAA,IACrC,QAAQ;AACN,eAAS;AAAA,IACX;AAEA,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,UACH,WAAW,OAAO,WAAW,OAAO,UAAW,oBAAoB,IAAI,MAAM;AAChF,YAAM,IAAI,YAAY,SAAS,IAAI,QAAQ,MAAM;AAAA,IACnD;AAGA,WAAQ,UAAU,OAAO,WAAW,YAAY,aAAa,SACzD,OAAO,UACP;AAAA,EACN,SAAS,KAAK;AACZ,QAAI,eAAe,YAAa,OAAM;AACtC,QAAI,eAAe,SAAS,IAAI,SAAS,cAAc;AACrD,YAAM,IAAI,YAAY,cAAc,IAAI,oBAAoB,IAAI,SAAS,MAAM,GAAG,IAAI;AAAA,IACxF;AACA,UAAM,IAAI,YAAY,eAAe,QAAQ,IAAI,UAAU,iBAAiB,GAAG,IAAI;AAAA,EACrF,UAAE;AACA,iBAAa,KAAK;AAAA,EACpB;AACF;;;ACjDO,IAAM,iBAAN,MAAqB;AAAA,EAC1B,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,OAAO,OAAyC;AAC9C,WAAO,WAAW,KAAK,KAAK,QAAQ,cAAc,KAAK;AAAA,EACzD;AAAA;AAAA,EAGA,WAAW,QAAwD;AACjE,WAAO,WAAW,KAAK,KAAK,QAAQ,mBAAmB,EAAE,OAAO,CAAC;AAAA,EACnE;AACF;AAGO,IAAM,gBAAN,MAAoB;AAAA,EACzB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,OAAO,OAAwD;AAC7D,WAAO,WAAW,KAAK,KAAK,QAAQ,0BAA0B,KAAK;AAAA,EACrE;AAAA;AAAA,EAGA,aAAa,OAAiD;AAC5D,WAAO,WAAW,KAAK,KAAK,OAAO,gCAAgC,mBAAmB,KAAK,CAAC,EAAE;AAAA,EAChG;AACF;AAGO,IAAM,eAAN,MAAmB;AAAA,EACxB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,eAAe,OAAsF;AACnG,WAAO,WAAW,KAAK,KAAK,QAAQ,6BAA6B,KAAK;AAAA,EACxE;AAAA;AAAA,EAGA,UAAU,UAAkB,SAAkC;AAC5D,WAAO;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA,oBAAoB,mBAAmB,QAAQ,CAAC;AAAA,MAChD;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,WAAW,UAAkB,MAAsB;AACjD,WAAO,WAAW,KAAK,KAAK,QAAQ,iBAAiB,EAAE,WAAW,UAAU,KAAK,CAAC;AAAA,EACpF;AACF;;;AC9DA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,yBAA4C;AAQ5C,SAAS,YAAY,QAAkD;AAErE,QAAM,QAAQ,OAAO,MAAM,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC;AACnD,MAAI,IAAI;AACR,MAAI,KAAK;AACT,aAAW,QAAQ,OAAO;AACxB,UAAM,CAAC,GAAG,CAAC,IAAI,KAAK,MAAM,GAAG;AAC7B,QAAI,MAAM,IAAK,KAAI;AACnB,QAAI,MAAM,KAAM,MAAK;AAAA,EACvB;AACA,SAAO,KAAK,KAAK,EAAE,GAAG,GAAG,IAAI;AAC/B;AAEA,SAAS,kBAAkB,WAAmB,SAAiB,QAAwB;AACrF,aAAO,+BAAW,UAAU,MAAM,EAAE,OAAO,GAAG,SAAS,IAAI,OAAO,EAAE,EAAE,OAAO,KAAK;AACpF;AAEA,SAAS,aAAa,GAAW,GAAoB;AACnD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI;AACF,eAAO,oCAAgB,OAAO,KAAK,GAAG,KAAK,GAAG,OAAO,KAAK,GAAG,KAAK,CAAC;AAAA,EACrE,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAUO,SAAS,OACd,SACA,QACA,QACA,UAAyB,CAAC,GACjB;AACT,QAAM,YAAY,QAAQ,gBAAgB;AAC1C,QAAM,SAAS,YAAY,UAAU,EAAE;AACvC,MAAI,CAAC,OAAQ,QAAO;AAEpB,QAAM,OAAO,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,MAAM;AAC5E,QAAM,WAAW,kBAAkB,OAAO,GAAG,MAAM,MAAM;AACzD,MAAI,CAAC,aAAa,OAAO,IAAI,QAAQ,EAAG,QAAO;AAE/C,MAAI,YAAY,GAAG;AACjB,UAAM,KAAK,OAAO,OAAO,CAAC;AAC1B,QAAI,CAAC,OAAO,SAAS,EAAE,EAAG,QAAO;AACjC,UAAM,SAAS,KAAK,IAAI,KAAK,IAAI,IAAI,MAAO,EAAE;AAC9C,QAAI,SAAS,UAAW,QAAO;AAAA,EACjC;AACA,SAAO;AACT;AAMO,SAAS,eACd,SACA,QACA,QACA,UAAyB,CAAC,GACvB;AACH,MAAI,CAAC,OAAO,SAAS,QAAQ,QAAQ,OAAO,GAAG;AAC7C,UAAM,IAAI,yBAAyB,uCAAuC;AAAA,EAC5E;AACA,QAAM,OAAO,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,MAAM;AAC5E,SAAO,KAAK,MAAM,IAAI;AACxB;AAEO,IAAM,WAAW,EAAE,QAAQ,eAAe;;;AJzEjD,IAAM,mBAAmB;AAWlB,IAAM,SAAN,MAAa;AAAA,EACD;AAAA,EAER;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA,WAAW;AAAA,EAEpB,YAAY,SAAwB;AAClC,QAAI,CAAC,SAAS,OAAQ,OAAM,IAAI,MAAM,8BAA8B;AACpE,SAAK,MAAM;AAAA,MACT,QAAQ,QAAQ;AAAA,MAChB,UAAU,QAAQ,WAAW,kBAAkB,QAAQ,QAAQ,EAAE;AAAA,MACjE,WAAW,QAAQ,aAAa;AAAA,MAChC,WAAW,QAAQ,SAAS,WAAW;AAAA,IACzC;AACA,QAAI,OAAO,KAAK,IAAI,cAAc,YAAY;AAC5C,YAAM,IAAI,MAAM,kFAA6E;AAAA,IAC/F;AACA,SAAK,SAAS,IAAI,eAAe,KAAK,GAAG;AACzC,SAAK,QAAQ,IAAI,cAAc,KAAK,GAAG;AACvC,SAAK,OAAO,IAAI,aAAa,KAAK,GAAG;AAAA,EACvC;AAAA;AAAA,EAGA,MAAM,OAAyC;AAC7C,WAAO,WAAW,KAAK,KAAK,QAAQ,aAAa,KAAK;AAAA,EACxD;AAAA;AAAA,EAGA,UAAU,OAAuD;AAC/D,WAAO,WAAW,KAAK,KAAK,QAAQ,kBAAkB,EAAE,MAAM,CAAC;AAAA,EACjE;AACF;AAEA,IAAO,cAAQ;","names":[]}
1
+ {"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/http.ts","../src/resources.ts","../src/flags.ts","../src/profiles.ts","../src/rum.ts","../src/ai.ts","../src/webhooks.ts","../src/admin.ts"],"sourcesContent":["import { apiRequest, type HttpConfig } from \"./http.js\";\nimport { EdgeResource, OrdersResource, PhoneResource } from \"./resources.js\";\nimport { SimplrFlags } from \"./flags.js\";\nimport { SimplrProfiles } from \"./profiles.js\";\nimport { SimplrRUM } from \"./rum.js\";\nimport { SimplrAI } from \"./ai.js\";\nimport * as webhooks from \"./webhooks.js\";\nimport type { BulkResult, CheckInput, CheckResult, SimplrOptions } from \"./types.js\";\n\nexport { SimplrError, WebhookVerificationError } from \"./errors.js\";\nexport * from \"./types.js\";\nexport { verify as verifyWebhook, constructEvent as constructWebhookEvent } from \"./webhooks.js\";\nexport { SimplrFlags } from \"./flags.js\";\nexport type { FlagDefinition, FlagRule, FlagsOptions, EvalContext } from \"./flags.js\";\nexport { SimplrAdmin } from \"./admin.js\";\nexport type { SimplrAdminOptions } from \"./admin.js\";\nexport { SimplrProfiles } from \"./profiles.js\";\nexport { SimplrRUM } from \"./rum.js\";\nexport type { SimplrRUMConfig } from \"./rum.js\";\nexport { SimplrAI } from \"./ai.js\";\n\nconst DEFAULT_BASE_URL = \"https://api.simplr.sh\";\n\n/**\n * Simplr server-side client.\n *\n * ```ts\n * import { Simplr } from \"@simplr-ai/node\";\n * const simplr = new Simplr({ apiKey: process.env.SIMPLR_API_KEY! });\n * const result = await simplr.check({ email: \"user@example.com\", event_type: \"signup\" });\n * ```\n */\nexport class Simplr {\n private readonly cfg: HttpConfig;\n\n readonly orders: OrdersResource;\n readonly phone: PhoneResource;\n readonly edge: EdgeResource;\n /** Anonymous user profiles + order fraud monitoring. */\n readonly profiles: SimplrProfiles;\n /** Real User Monitoring — batched events to /v1/rum/events. */\n readonly rum: SimplrRUM;\n /** AI delegation — OAuth-like AI authentication. */\n readonly ai: SimplrAI;\n /** Webhook signature helpers (no network). */\n readonly webhooks = webhooks;\n\n private readonly _flags?: SimplrFlags;\n\n constructor(options: SimplrOptions) {\n if (!options?.apiKey) throw new Error(\"Simplr: `apiKey` is required\");\n this.cfg = {\n authHeaders: { \"X-API-Key\": options.apiKey },\n baseUrl: (options.baseUrl || DEFAULT_BASE_URL).replace(/\\/+$/, \"\"),\n timeoutMs: options.timeoutMs ?? 15000,\n fetchImpl: options.fetch ?? globalThis.fetch,\n };\n if (typeof this.cfg.fetchImpl !== \"function\") {\n throw new Error(\"Simplr: no global fetch available — use Node 18+ or pass `fetch` in options\");\n }\n this.orders = new OrdersResource(this.cfg);\n this.phone = new PhoneResource(this.cfg);\n this.edge = new EdgeResource(this.cfg);\n this.profiles = new SimplrProfiles(this.cfg);\n this.rum = new SimplrRUM(this.cfg);\n this.ai = new SimplrAI(this.cfg);\n if (options.publicKey) {\n this._flags = new SimplrFlags({\n publicKey: options.publicKey,\n environment: options.environment,\n baseUrl: this.cfg.baseUrl,\n timeoutMs: this.cfg.timeoutMs,\n fetch: this.cfg.fetchImpl,\n });\n }\n }\n\n /**\n * Server-side feature flags. Requires a `publicKey` in the constructor options\n * (flag config is read with the public key). Call `simplr.flags.initialize()` once.\n */\n get flags(): SimplrFlags {\n if (!this._flags) {\n throw new Error(\n \"Simplr.flags requires a `publicKey` — pass it to `new Simplr({ apiKey, publicKey })`.\",\n );\n }\n return this._flags;\n }\n\n /** Run an identity/fraud check. Provide any of email, phone, device, behavior. */\n check(input: CheckInput): Promise<CheckResult> {\n return apiRequest(this.cfg, \"POST\", \"/v1/check\", input);\n }\n\n /** Run up to 100 checks at once. */\n checkBulk(items: CheckInput[]): Promise<BulkResult<CheckResult>> {\n return apiRequest(this.cfg, \"POST\", \"/v1/check/bulk\", { items });\n }\n}\n\nexport default Simplr;\n","/** Thrown when the Simplr API returns a non-2xx response. */\nexport class SimplrError extends Error {\n readonly status: number;\n readonly body: unknown;\n\n constructor(message: string, status: number, body: unknown) {\n super(message);\n this.name = \"SimplrError\";\n this.status = status;\n this.body = body;\n }\n}\n\n/** Thrown when a webhook signature fails verification. */\nexport class WebhookVerificationError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"WebhookVerificationError\";\n }\n}\n","import { SimplrError } from \"./errors.js\";\n\nexport interface HttpConfig {\n /** Auth headers to send (e.g. { \"X-API-Key\": \"sk_…\" } or { Authorization: \"Bearer …\" }). */\n authHeaders: Record<string, string>;\n baseUrl: string;\n timeoutMs: number;\n fetchImpl: typeof fetch;\n}\n\n/**\n * Internal request helper. Sends X-API-Key, applies a timeout, and unwraps the\n * API's `{ success, message, content }` envelope (returning `content`).\n */\nexport async function apiRequest<T>(\n cfg: HttpConfig,\n method: \"GET\" | \"POST\" | \"PATCH\" | \"DELETE\",\n path: string,\n body?: unknown,\n): Promise<T> {\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), cfg.timeoutMs);\n try {\n const res = await cfg.fetchImpl(`${cfg.baseUrl}${path}`, {\n method,\n headers: {\n \"Content-Type\": \"application/json\",\n ...cfg.authHeaders,\n },\n body: body !== undefined ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n const text = await res.text();\n let parsed: any;\n try {\n parsed = text ? JSON.parse(text) : undefined;\n } catch {\n parsed = text;\n }\n\n if (!res.ok) {\n const message =\n (parsed && (parsed.message || parsed.error)) || `Simplr API error ${res.status}`;\n throw new SimplrError(message, res.status, parsed);\n }\n\n // Unwrap the standard envelope when present.\n return (parsed && typeof parsed === \"object\" && \"content\" in parsed\n ? parsed.content\n : parsed) as T;\n } catch (err) {\n if (err instanceof SimplrError) throw err;\n if (err instanceof Error && err.name === \"AbortError\") {\n throw new SimplrError(`Request to ${path} timed out after ${cfg.timeoutMs}ms`, 0, null);\n }\n throw new SimplrError(err instanceof Error ? err.message : \"Network error\", 0, null);\n } finally {\n clearTimeout(timer);\n }\n}\n","import { apiRequest, type HttpConfig } from \"./http.js\";\nimport type {\n BulkResult,\n EdgeLogEntry,\n OrderInput,\n OrderResult,\n PhoneReportInput,\n} from \"./types.js\";\n\n/** Order fraud scoring. */\nexport class OrdersResource {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Submit a single order for fraud scoring. */\n submit(order: OrderInput): Promise<OrderResult> {\n return apiRequest(this.cfg, \"POST\", \"/v1/orders\", order);\n }\n\n /** Submit up to 100 orders at once. */\n submitBulk(orders: OrderInput[]): Promise<BulkResult<OrderResult>> {\n return apiRequest(this.cfg, \"POST\", \"/v1/orders/bulk\", { orders });\n }\n}\n\n/** Phone intelligence + outcome reporting. */\nexport class PhoneResource {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Report the real-world outcome for a phone number to improve scoring. */\n report(input: PhoneReportInput): Promise<{ success: boolean }> {\n return apiRequest(this.cfg, \"POST\", \"/v1/check/phone/report\", input);\n }\n\n /** Fetch stored risk intelligence for a phone number. */\n intelligence(phone: string): Promise<Record<string, unknown>> {\n return apiRequest(this.cfg, \"GET\", `/v1/check/phone/intelligence/${encodeURIComponent(phone)}`);\n }\n}\n\n/** Edge device registration + log ingestion. */\nexport class EdgeResource {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Register an edge device. */\n registerDevice(input: { device_id: string; name?: string; firmware?: string; [k: string]: unknown }) {\n return apiRequest(this.cfg, \"POST\", \"/v1/edge/devices/register\", input);\n }\n\n /** Report a device heartbeat with health metrics. */\n heartbeat(deviceId: string, metrics: Record<string, unknown>) {\n return apiRequest(\n this.cfg,\n \"POST\",\n `/v1/edge/devices/${encodeURIComponent(deviceId)}/heartbeat`,\n metrics,\n );\n }\n\n /** Batch-ingest structured logs for a device. */\n ingestLogs(deviceId: string, logs: EdgeLogEntry[]) {\n return apiRequest(this.cfg, \"POST\", \"/v1/edge/logs\", { device_id: deviceId, logs });\n }\n}\n","import { apiRequest, type HttpConfig } from \"./http.js\";\n\n/**\n * MurmurHash3 (x86, 32-bit) — identical to the browser SDK so a given user\n * buckets the same way on the client and the server.\n */\nfunction murmurHash3(input: string, seed = 0): number {\n let h1 = seed;\n const c1 = 0xcc9e2d51;\n const c2 = 0x1b873593;\n for (let i = 0; i < input.length; i++) {\n let k1 = input.charCodeAt(i);\n k1 = Math.imul(k1, c1);\n k1 = (k1 << 15) | (k1 >>> 17);\n k1 = Math.imul(k1, c2);\n h1 ^= k1;\n h1 = (h1 << 13) | (h1 >>> 19);\n h1 = Math.imul(h1, 5) + 0xe6546b64;\n }\n h1 ^= input.length;\n h1 ^= h1 >>> 16;\n h1 = Math.imul(h1, 0x85ebca6b);\n h1 ^= h1 >>> 13;\n h1 = Math.imul(h1, 0xc2b2ae35);\n h1 ^= h1 >>> 16;\n return h1 >>> 0;\n}\n\nexport interface FlagRule {\n attribute: string;\n op: \"eq\" | \"neq\" | \"contains\";\n value: string;\n}\n\nexport interface FlagDefinition {\n key: string;\n enabled: boolean;\n rollout_percentage: number;\n target_user_ids: string[];\n rules: FlagRule[];\n}\n\nexport interface FlagsOptions {\n /** Public API key (pk_live_… / pk_test_…). Required — flags read uses the public key. */\n publicKey: string;\n /** API base URL. Defaults to https://api.simplr.sh. */\n baseUrl?: string;\n /**\n * Which environment's flags to load. Defaults to the key's own environment\n * (the API falls back to the key's live/test mode when unset). Accepts a\n * named environment slug (e.g. \"dev\", \"uat\", \"prod\") as well as the legacy\n * \"live\"/\"test\" key modes. Sent to the API as `?environment=<value>`.\n */\n environment?: string;\n /** Auto-refresh interval in ms (default 60000; 0 disables). */\n refreshIntervalMs?: number;\n timeoutMs?: number;\n fetch?: typeof fetch;\n}\n\nexport interface EvalContext {\n userId?: string;\n attributes?: Record<string, unknown>;\n}\n\nfunction matchRule(rule: FlagRule, attributes: Record<string, unknown>): boolean {\n const actual = attributes[rule.attribute];\n switch (rule.op) {\n case \"eq\":\n return String(actual) === rule.value;\n case \"neq\":\n return String(actual) !== rule.value;\n case \"contains\":\n return String(actual ?? \"\").includes(rule.value);\n default:\n return false;\n }\n}\n\n/**\n * Server-side feature flags with local, deterministic evaluation.\n *\n * ```ts\n * const flags = new SimplrFlags({ publicKey: process.env.SIMPLR_PUBLIC_KEY! });\n * await flags.initialize();\n * if (flags.isEnabled(\"new-checkout\", { userId: \"user_123\" })) { ... }\n * ```\n */\nexport class SimplrFlags {\n private readonly cfg: HttpConfig;\n private readonly environment?: string;\n private readonly refreshIntervalMs: number;\n private flags: Record<string, FlagDefinition> = {};\n private defaultUserId?: string;\n private timer: ReturnType<typeof setInterval> | null = null;\n private ready = false;\n\n constructor(options: FlagsOptions) {\n if (!options?.publicKey) throw new Error(\"SimplrFlags: `publicKey` is required\");\n this.cfg = {\n authHeaders: { \"X-API-Key\": options.publicKey },\n baseUrl: (options.baseUrl || \"https://api.simplr.sh\").replace(/\\/+$/, \"\"),\n timeoutMs: options.timeoutMs ?? 15000,\n fetchImpl: options.fetch ?? globalThis.fetch,\n };\n this.environment = options.environment;\n this.refreshIntervalMs = options.refreshIntervalMs ?? 60000;\n }\n\n /** Fetch the flag config once and start the background refresh. */\n async initialize(): Promise<void> {\n await this.refresh();\n this.ready = true;\n if (this.refreshIntervalMs > 0) {\n this.timer = setInterval(() => {\n void this.refresh();\n }, this.refreshIntervalMs);\n // Don't keep the process alive just for flag refreshes.\n (this.timer as any)?.unref?.();\n }\n }\n\n /** Set the default identifier used for bucketing when none is passed to isEnabled. */\n setUser(userId: string): void {\n this.defaultUserId = userId;\n }\n\n /** Re-fetch the flag config (counts as one billable request). */\n async refresh(): Promise<void> {\n const path = this.environment\n ? `/v1/flags?environment=${encodeURIComponent(this.environment)}`\n : \"/v1/flags\";\n try {\n const content = await apiRequest<{ flags: FlagDefinition[] }>(this.cfg, \"GET\", path);\n const list = content?.flags || [];\n const map: Record<string, FlagDefinition> = {};\n for (const f of list) map[f.key] = f;\n this.flags = map;\n } catch {\n // keep last-known flags on error\n }\n }\n\n /** Evaluate a flag locally. Deterministic per user; no network call. */\n isEnabled(key: string, ctx: EvalContext = {}): boolean {\n const f = this.flags[key];\n if (!f || !f.enabled) return false;\n\n const uid = ctx.userId || this.defaultUserId || \"anonymous\";\n if (f.target_user_ids?.includes(uid)) return true;\n if (ctx.attributes && f.rules?.length && f.rules.some((r) => matchRule(r, ctx.attributes!))) {\n return true;\n }\n if (f.rollout_percentage >= 100) return true;\n if (f.rollout_percentage <= 0) return false;\n return murmurHash3(`${key}:${uid}`) % 100 < f.rollout_percentage;\n }\n\n getAll(): Record<string, FlagDefinition> {\n return { ...this.flags };\n }\n\n isReady(): boolean {\n return this.ready;\n }\n\n /** Stop the background refresh timer. */\n dispose(): void {\n if (this.timer) clearInterval(this.timer);\n this.timer = null;\n }\n}\n","import { apiRequest, type HttpConfig } from \"./http.js\";\nimport type {\n IdentifyOptions,\n OrderInput,\n OrderResult,\n ProfileResult,\n ProfileRiskResult,\n} from \"./types.js\";\n\n/**\n * Anonymous user profile management and order fraud monitoring.\n *\n * Works with the configured key (secret for server-side use). Mirrors the\n * browser SimplrProfiles surface but reuses the Node http helper (which unwraps\n * the `{ success, message, content }` envelope).\n */\nexport class SimplrProfiles {\n constructor(private readonly cfg: HttpConfig) {}\n\n /**\n * Identify a user — creates or updates an anonymous profile and (optionally)\n * links a device fingerprint. POST /v1/profiles.\n */\n identify(externalId: string, options?: IdentifyOptions): Promise<ProfileResult> {\n const { profileType, fingerprintHash, ...rest } = options ?? {};\n const body: Record<string, unknown> = {\n external_id: externalId,\n profile_type: profileType || \"customer\",\n ...rest,\n };\n if (fingerprintHash) body.fingerprint_hash = fingerprintHash;\n return apiRequest<ProfileResult>(this.cfg, \"POST\", \"/v1/profiles\", body);\n }\n\n /** Submit an order for real-time fraud scoring. POST /v1/orders. */\n submitOrder(order: OrderInput): Promise<OrderResult> {\n return apiRequest<OrderResult>(this.cfg, \"POST\", \"/v1/orders\", order);\n }\n\n /** Get the risk profile for a user. GET /v1/profiles/{externalId}. */\n getProfileRisk(externalId: string): Promise<ProfileRiskResult> {\n return apiRequest<ProfileRiskResult>(\n this.cfg,\n \"GET\",\n `/v1/profiles/${encodeURIComponent(externalId)}`,\n );\n }\n\n /** Report a profile as fraud or legitimate. POST /v1/profiles/{externalId}/outcome. */\n async reportOutcome(externalId: string, outcome: \"fraud\" | \"legitimate\"): Promise<void> {\n await apiRequest(\n this.cfg,\n \"POST\",\n `/v1/profiles/${encodeURIComponent(externalId)}/outcome`,\n { outcome },\n );\n }\n}\n","import { apiRequest, type HttpConfig } from \"./http.js\";\nimport type { RUMEvent, RUMEventType, RUMLogLevel } from \"./types.js\";\n\nexport interface SimplrRUMConfig {\n /** Application identifier (required). */\n applicationId: string;\n /** Optional version/environment tags applied to every event. */\n applicationVersion?: string;\n environment?: string;\n /** Flush when this many events are queued (default 30). */\n batchSize?: number;\n /** Background flush interval in ms (default 10000; 0 disables the timer). */\n flushInterval?: number;\n /** Override the events endpoint path (default /v1/rum/events). */\n endpoint?: string;\n}\n\nconst DEFAULT_BATCH_SIZE = 30;\nconst DEFAULT_FLUSH_INTERVAL = 10000;\nconst DEFAULT_ENDPOINT = \"/v1/rum/events\";\n\nfunction genId(): string {\n return (\n Date.now().toString(36) + Math.random().toString(36).slice(2, 10)\n );\n}\n\n/**\n * Server-side Real User Monitoring. Batches events and flushes them to\n * POST /v1/rum/events using the configured key. Unlike the browser SDK there is\n * no DOM auto-capture — views/actions/errors/logs are reported via the public\n * API. A timer-based flush is installed with `unref()` so it never keeps the\n * Node process alive.\n */\nexport class SimplrRUM {\n private config: SimplrRUMConfig | null = null;\n private initialized = false;\n private queue: RUMEvent[] = [];\n private timer: ReturnType<typeof setInterval> | null = null;\n private flushing = false;\n\n private sessionId: string | null = null;\n private currentViewId: string | null = null;\n private userId?: string;\n private userAttributes?: Record<string, unknown>;\n private globalAttributes: Record<string, unknown> = {};\n private batchSize = DEFAULT_BATCH_SIZE;\n private endpoint = DEFAULT_ENDPOINT;\n\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Initialize the SDK, start a session, and begin the flush timer. */\n initialize(config: SimplrRUMConfig): void {\n if (this.initialized) return;\n this.config = config;\n this.batchSize = config.batchSize ?? DEFAULT_BATCH_SIZE;\n this.endpoint = config.endpoint ?? DEFAULT_ENDPOINT;\n this.sessionId = genId();\n this.initialized = true;\n\n this.trackEvent(\"session_start\");\n\n const interval = config.flushInterval ?? DEFAULT_FLUSH_INTERVAL;\n if (interval > 0) {\n this.timer = setInterval(() => {\n void this.flush();\n }, interval);\n (this.timer as any)?.unref?.();\n }\n }\n\n isInitialized(): boolean {\n return this.initialized;\n }\n\n /** Associate subsequent events with a user. */\n setUser(userId: string, attributes?: Record<string, unknown>): void {\n this.userId = userId;\n this.userAttributes = attributes;\n }\n\n clearUser(): void {\n this.userId = undefined;\n this.userAttributes = undefined;\n }\n\n addAttribute(key: string, value: unknown): void {\n this.globalAttributes[key] = value;\n }\n\n removeAttribute(key: string): void {\n delete this.globalAttributes[key];\n }\n\n /** Track a screen/page view. */\n trackView(name: string, attributes?: Record<string, unknown>): void {\n if (!this.initialized) return;\n this.currentViewId = genId();\n this.trackEvent(\"view\", {\n view: { id: this.currentViewId, name },\n attributes,\n });\n }\n\n /** Track a user action. */\n trackAction(name: string, attributes?: Record<string, unknown>): void {\n if (!this.initialized) return;\n this.trackEvent(\"action\", { action: { name, type: \"custom\" }, attributes });\n }\n\n /** Track an error. */\n trackError(error: Error | { message: string; stack?: string; type?: string }, attributes?: Record<string, unknown>): void {\n if (!this.initialized) return;\n const data =\n error instanceof Error\n ? { message: error.message, stack: error.stack, type: error.constructor.name }\n : error;\n this.trackEvent(\"error\", { error: data, attributes });\n }\n\n /** Emit a log line. */\n log(level: RUMLogLevel, message: string, attributes?: Record<string, unknown>): void {\n if (!this.initialized) return;\n this.trackEvent(\"log\", { log: { level, message }, attributes });\n }\n\n private trackEvent(type: RUMEventType, data?: Partial<RUMEvent>): void {\n if (!this.initialized || !this.sessionId) return;\n const event: RUMEvent = {\n type,\n timestamp: Date.now(),\n sessionId: this.sessionId,\n viewId: this.currentViewId || undefined,\n userId: this.userId,\n applicationId: this.config!.applicationId,\n applicationVersion: this.config?.applicationVersion,\n environment: this.config?.environment,\n userAttributes: this.userAttributes,\n globalAttributes:\n Object.keys(this.globalAttributes).length > 0 ? this.globalAttributes : undefined,\n ...data,\n };\n this.queue.push(event);\n if (this.queue.length >= this.batchSize) void this.flush();\n }\n\n /** Flush queued events to POST /v1/rum/events. */\n async flush(): Promise<void> {\n if (this.flushing || this.queue.length === 0) return;\n this.flushing = true;\n const events = this.queue;\n this.queue = [];\n try {\n await apiRequest(this.cfg, \"POST\", this.endpoint, {\n events,\n sentAt: Date.now(),\n });\n } catch {\n // Re-queue on failure so events aren't lost.\n this.queue = [...events, ...this.queue];\n } finally {\n this.flushing = false;\n }\n }\n\n /** End the session, flush remaining events, and stop the timer. */\n async stopSession(): Promise<void> {\n if (!this.initialized) return;\n this.trackEvent(\"session_end\");\n await this.flush();\n if (this.timer) {\n clearInterval(this.timer);\n this.timer = null;\n }\n this.initialized = false;\n }\n\n getSessionId(): string | null {\n return this.sessionId;\n }\n\n getViewId(): string | null {\n return this.currentViewId;\n }\n}\n","import { apiRequest, type HttpConfig } from \"./http.js\";\nimport type {\n CreateDelegationOptions,\n DelegationInfo,\n DelegationResult,\n DelegationStats,\n ValidationResult,\n} from \"./types.js\";\n\nfunction mapDelegation(d: any): DelegationInfo {\n return {\n delegationId: d.delegation_id,\n endUserId: d.end_user_id,\n bindingMode: d.binding_mode,\n status: d.status,\n expiresAt: d.expires_at,\n useCount: d.use_count,\n lastUsedAt: d.last_used_at,\n createdAt: d.created_at,\n };\n}\n\n/**\n * AI delegation — OAuth-like AI authentication. Lets you mint, validate and\n * revoke delegation tokens that an end user shares with their AI agent.\n *\n * Reuses the Node http helper, which unwraps the `{ success, message, content }`\n * envelope — so `apiRequest` returns the inner `content` object directly.\n */\nexport class SimplrAI {\n constructor(private readonly cfg: HttpConfig) {}\n\n /** Create a new AI delegation token for a user. POST /v1/ai/delegations. */\n async createDelegation(options: CreateDelegationOptions): Promise<DelegationResult> {\n const content = await apiRequest<any>(this.cfg, \"POST\", \"/v1/ai/delegations\", {\n end_user_id: options.userId,\n end_user_email: options.email,\n binding: options.binding || \"any_location\",\n expires_in_days: options.expiresInDays || 7,\n session_id: options.sessionId,\n fingerprint_hash: options.fingerprintHash,\n });\n const d = content.delegation;\n return {\n token: d.token,\n delegationId: d.delegation_id,\n expiresAt: d.expires_at,\n bindingMode: d.binding_mode,\n };\n }\n\n /** Validate (introspect) an AI delegation token. POST /v1/ai/validate. */\n async validate(\n token: string,\n options?: { fingerprintHash?: string; aiProvider?: string; action?: string },\n ): Promise<ValidationResult> {\n try {\n const content = await apiRequest<any>(this.cfg, \"POST\", \"/v1/ai/validate\", {\n token,\n fingerprint_hash: options?.fingerprintHash,\n ai_provider: options?.aiProvider,\n action: options?.action,\n });\n return {\n valid: true,\n sessionType: content.session_type,\n endUserId: content.end_user_id,\n delegation: content.delegation\n ? {\n delegationId: content.delegation.delegation_id,\n bindingMode: content.delegation.binding_mode,\n expiresAt: content.delegation.expires_at,\n useCount: content.delegation.use_count,\n }\n : undefined,\n };\n } catch (err) {\n return { valid: false, error: err instanceof Error ? err.message : \"Validation failed\" };\n }\n }\n\n /** Revoke a delegation. POST /v1/ai/delegations/{id}/revoke. */\n async revoke(delegationId: string, reason?: string): Promise<void> {\n await apiRequest(\n this.cfg,\n \"POST\",\n `/v1/ai/delegations/${encodeURIComponent(delegationId)}/revoke`,\n { reason },\n );\n }\n\n /** List delegations, optionally filtered by user. GET /v1/ai/delegations. */\n async list(userId?: string): Promise<DelegationInfo[]> {\n const path = userId\n ? `/v1/ai/delegations?end_user_id=${encodeURIComponent(userId)}`\n : \"/v1/ai/delegations\";\n const content = await apiRequest<any>(this.cfg, \"GET\", path);\n return (content.delegations || []).map(mapDelegation);\n }\n\n /** Get a single delegation. GET /v1/ai/delegations/{id}. */\n async get(delegationId: string): Promise<DelegationInfo> {\n const content = await apiRequest<any>(\n this.cfg,\n \"GET\",\n `/v1/ai/delegations/${encodeURIComponent(delegationId)}`,\n );\n return mapDelegation(content.delegation);\n }\n\n /** Get delegation statistics. GET /v1/ai/stats. */\n async stats(): Promise<DelegationStats> {\n const content = await apiRequest<any>(this.cfg, \"GET\", \"/v1/ai/stats\");\n const s = content.stats;\n return {\n totalDelegations: s.total_delegations,\n activeDelegations: s.active_delegations,\n totalUses: s.total_uses,\n delegationsByBinding: {\n verifiedDevice: s.delegations_by_binding.verified_device,\n anyLocation: s.delegations_by_binding.any_location,\n },\n };\n }\n\n /** Revoke all delegations for a user (e.g. on logout). POST /v1/ai/revoke-all. */\n async revokeAllForUser(userId: string, reason?: string): Promise<number> {\n const content = await apiRequest<any>(this.cfg, \"POST\", \"/v1/ai/revoke-all\", {\n end_user_id: userId,\n reason,\n });\n return content.revoked_count;\n }\n}\n","import { createHmac, timingSafeEqual } from \"node:crypto\";\nimport { WebhookVerificationError } from \"./errors.js\";\n\nexport interface VerifyOptions {\n /** Reject signatures whose timestamp is older than this many seconds (default 300). 0 disables. */\n toleranceSec?: number;\n}\n\nfunction parseHeader(header: string): { t: string; v1: string } | null {\n // Format: \"t=<unix-seconds>,v1=<hex-hmac>\"\n const parts = header.split(\",\").map((p) => p.trim());\n let t = \"\";\n let v1 = \"\";\n for (const part of parts) {\n const [k, v] = part.split(\"=\");\n if (k === \"t\") t = v;\n if (k === \"v1\") v1 = v;\n }\n return t && v1 ? { t, v1 } : null;\n}\n\nfunction expectedSignature(timestamp: string, payload: string, secret: string): string {\n return createHmac(\"sha256\", secret).update(`${timestamp}.${payload}`).digest(\"hex\");\n}\n\nfunction safeEqualHex(a: string, b: string): boolean {\n if (a.length !== b.length) return false;\n try {\n return timingSafeEqual(Buffer.from(a, \"hex\"), Buffer.from(b, \"hex\"));\n } catch {\n return false;\n }\n}\n\n/**\n * Verify a Simplr webhook signature.\n *\n * @param payload The RAW request body string (do not re-serialize parsed JSON).\n * @param header The `X-Simplr-Signature` header value (`t=…,v1=…`).\n * @param secret The webhook's signing secret.\n * @returns true if the signature is valid and within the tolerance window.\n */\nexport function verify(\n payload: string | Buffer,\n header: string,\n secret: string,\n options: VerifyOptions = {},\n): boolean {\n const tolerance = options.toleranceSec ?? 300;\n const parsed = parseHeader(header || \"\");\n if (!parsed) return false;\n\n const body = typeof payload === \"string\" ? payload : payload.toString(\"utf8\");\n const expected = expectedSignature(parsed.t, body, secret);\n if (!safeEqualHex(parsed.v1, expected)) return false;\n\n if (tolerance > 0) {\n const ts = Number(parsed.t);\n if (!Number.isFinite(ts)) return false;\n const ageSec = Math.abs(Date.now() / 1000 - ts);\n if (ageSec > tolerance) return false;\n }\n return true;\n}\n\n/**\n * Verify the signature and return the parsed event object.\n * Throws {@link WebhookVerificationError} if verification fails.\n */\nexport function constructEvent<T = { event: string; data: unknown }>(\n payload: string | Buffer,\n header: string,\n secret: string,\n options: VerifyOptions = {},\n): T {\n if (!verify(payload, header, secret, options)) {\n throw new WebhookVerificationError(\"Webhook signature verification failed\");\n }\n const body = typeof payload === \"string\" ? payload : payload.toString(\"utf8\");\n return JSON.parse(body) as T;\n}\n\nexport const webhooks = { verify, constructEvent };\n","import { apiRequest, type HttpConfig } from \"./http.js\";\n\nexport interface SimplrAdminOptions {\n /** Portal token (JWT) for dashboard/admin operations. */\n token: string;\n /** API base URL. Defaults to https://api.simplr.sh. */\n baseUrl?: string;\n timeoutMs?: number;\n fetch?: typeof fetch;\n}\n\nfunction qs(params: Record<string, unknown>): string {\n const entries = Object.entries(params).filter(([, v]) => v !== undefined && v !== null);\n if (!entries.length) return \"\";\n return \"?\" + entries.map(([k, v]) => `${k}=${encodeURIComponent(String(v))}`).join(\"&\");\n}\n\n/** Usage / measurement reads. */\nclass UsageApi {\n constructor(private readonly cfg: HttpConfig) {}\n /** Aggregate usage stats for an org. */\n stats(orgId: string) {\n return apiRequest(this.cfg, \"GET\", `/v1/usage/stats${qs({ org_id: orgId })}`);\n }\n /** Raw usage logs for an org. */\n logs(orgId: string, params: { page?: number; limit?: number } = {}) {\n return apiRequest(this.cfg, \"GET\", `/v1/usage/logs${qs({ org_id: orgId, ...params })}`);\n }\n /** Billing usage breakdown (per-service totals + estimated cost). */\n billing(orgId: string) {\n return apiRequest(this.cfg, \"GET\", `/v1/billing/usage${qs({ org_id: orgId })}`);\n }\n}\n\n/** Feature-flag administration (create/update/delete/history). */\nclass FlagsAdminApi {\n constructor(private readonly cfg: HttpConfig) {}\n list(orgId: string, environment?: \"live\" | \"test\") {\n return apiRequest(this.cfg, \"GET\", `/v1/feature-flags${qs({ org_id: orgId, environment })}`);\n }\n get(orgId: string, id: string) {\n return apiRequest(this.cfg, \"GET\", `/v1/feature-flags/${id}${qs({ org_id: orgId })}`);\n }\n create(orgId: string, data: Record<string, unknown>) {\n return apiRequest(this.cfg, \"POST\", \"/v1/feature-flags\", { org_id: orgId, ...data });\n }\n update(orgId: string, id: string, data: Record<string, unknown>) {\n return apiRequest(this.cfg, \"PATCH\", `/v1/feature-flags/${id}`, { org_id: orgId, ...data });\n }\n remove(orgId: string, id: string) {\n return apiRequest(this.cfg, \"DELETE\", `/v1/feature-flags/${id}${qs({ org_id: orgId })}`);\n }\n history(orgId: string, id: string, params: { limit?: number; offset?: number } = {}) {\n return apiRequest(\n this.cfg,\n \"GET\",\n `/v1/feature-flags/${id}/history${qs({ org_id: orgId, ...params })}`,\n );\n }\n}\n\n/** RUM analytics reads. */\nclass RumApi {\n constructor(private readonly cfg: HttpConfig) {}\n overview(orgId: string, params: { application_id?: string; start_date?: string; end_date?: string } = {}) {\n return apiRequest(this.cfg, \"GET\", `/v1/rum/overview${qs({ org_id: orgId, ...params })}`);\n }\n sessions(orgId: string, params: { page?: number; limit?: number; user_id?: string } = {}) {\n return apiRequest(this.cfg, \"GET\", `/v1/rum/sessions${qs({ org_id: orgId, ...params })}`);\n }\n}\n\n/**\n * Management client for dashboard/admin operations that require a portal token\n * (usage/measurement, feature-flag CRUD, RUM analytics).\n *\n * ```ts\n * const admin = new SimplrAdmin({ token: process.env.SIMPLR_PORTAL_TOKEN! });\n * const usage = await admin.usage.billing(orgId);\n * await admin.flags.create(orgId, { key: \"new-checkout\", environment: \"test\", rollout_percentage: 10 });\n * ```\n */\nexport class SimplrAdmin {\n readonly usage: UsageApi;\n readonly flags: FlagsAdminApi;\n readonly rum: RumApi;\n\n constructor(options: SimplrAdminOptions) {\n if (!options?.token) throw new Error(\"SimplrAdmin: `token` is required\");\n const cfg: HttpConfig = {\n authHeaders: { Authorization: `Bearer ${options.token}` },\n baseUrl: (options.baseUrl || \"https://api.simplr.sh\").replace(/\\/+$/, \"\"),\n timeoutMs: options.timeoutMs ?? 15000,\n fetchImpl: options.fetch ?? globalThis.fetch,\n };\n if (typeof cfg.fetchImpl !== \"function\") {\n throw new Error(\"SimplrAdmin: no global fetch available — use Node 18+ or pass `fetch`\");\n }\n this.usage = new UsageApi(cfg);\n this.flags = new FlagsAdminApi(cfg);\n this.rum = new RumApi(cfg);\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACCO,IAAM,cAAN,cAA0B,MAAM;AAAA,EAC5B;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,QAAgB,MAAe;AAC1D,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AAAA,EACd;AACF;AAGO,IAAM,2BAAN,cAAuC,MAAM;AAAA,EAClD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;;;ACLA,eAAsB,WACpB,KACA,QACA,MACA,MACY;AACZ,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,IAAI,SAAS;AAChE,MAAI;AACF,UAAM,MAAM,MAAM,IAAI,UAAU,GAAG,IAAI,OAAO,GAAG,IAAI,IAAI;AAAA,MACvD;AAAA,MACA,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,GAAG,IAAI;AAAA,MACT;AAAA,MACA,MAAM,SAAS,SAAY,KAAK,UAAU,IAAI,IAAI;AAAA,MAClD,QAAQ,WAAW;AAAA,IACrB,CAAC;AAED,UAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAI;AACJ,QAAI;AACF,eAAS,OAAO,KAAK,MAAM,IAAI,IAAI;AAAA,IACrC,QAAQ;AACN,eAAS;AAAA,IACX;AAEA,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,UACH,WAAW,OAAO,WAAW,OAAO,UAAW,oBAAoB,IAAI,MAAM;AAChF,YAAM,IAAI,YAAY,SAAS,IAAI,QAAQ,MAAM;AAAA,IACnD;AAGA,WAAQ,UAAU,OAAO,WAAW,YAAY,aAAa,SACzD,OAAO,UACP;AAAA,EACN,SAAS,KAAK;AACZ,QAAI,eAAe,YAAa,OAAM;AACtC,QAAI,eAAe,SAAS,IAAI,SAAS,cAAc;AACrD,YAAM,IAAI,YAAY,cAAc,IAAI,oBAAoB,IAAI,SAAS,MAAM,GAAG,IAAI;AAAA,IACxF;AACA,UAAM,IAAI,YAAY,eAAe,QAAQ,IAAI,UAAU,iBAAiB,GAAG,IAAI;AAAA,EACrF,UAAE;AACA,iBAAa,KAAK;AAAA,EACpB;AACF;;;AClDO,IAAM,iBAAN,MAAqB;AAAA,EAC1B,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,OAAO,OAAyC;AAC9C,WAAO,WAAW,KAAK,KAAK,QAAQ,cAAc,KAAK;AAAA,EACzD;AAAA;AAAA,EAGA,WAAW,QAAwD;AACjE,WAAO,WAAW,KAAK,KAAK,QAAQ,mBAAmB,EAAE,OAAO,CAAC;AAAA,EACnE;AACF;AAGO,IAAM,gBAAN,MAAoB;AAAA,EACzB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,OAAO,OAAwD;AAC7D,WAAO,WAAW,KAAK,KAAK,QAAQ,0BAA0B,KAAK;AAAA,EACrE;AAAA;AAAA,EAGA,aAAa,OAAiD;AAC5D,WAAO,WAAW,KAAK,KAAK,OAAO,gCAAgC,mBAAmB,KAAK,CAAC,EAAE;AAAA,EAChG;AACF;AAGO,IAAM,eAAN,MAAmB;AAAA,EACxB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,eAAe,OAAsF;AACnG,WAAO,WAAW,KAAK,KAAK,QAAQ,6BAA6B,KAAK;AAAA,EACxE;AAAA;AAAA,EAGA,UAAU,UAAkB,SAAkC;AAC5D,WAAO;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA,oBAAoB,mBAAmB,QAAQ,CAAC;AAAA,MAChD;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,WAAW,UAAkB,MAAsB;AACjD,WAAO,WAAW,KAAK,KAAK,QAAQ,iBAAiB,EAAE,WAAW,UAAU,KAAK,CAAC;AAAA,EACpF;AACF;;;ACxDA,SAAS,YAAY,OAAe,OAAO,GAAW;AACpD,MAAI,KAAK;AACT,QAAM,KAAK;AACX,QAAM,KAAK;AACX,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,QAAI,KAAK,MAAM,WAAW,CAAC;AAC3B,SAAK,KAAK,KAAK,IAAI,EAAE;AACrB,SAAM,MAAM,KAAO,OAAO;AAC1B,SAAK,KAAK,KAAK,IAAI,EAAE;AACrB,UAAM;AACN,SAAM,MAAM,KAAO,OAAO;AAC1B,SAAK,KAAK,KAAK,IAAI,CAAC,IAAI;AAAA,EAC1B;AACA,QAAM,MAAM;AACZ,QAAM,OAAO;AACb,OAAK,KAAK,KAAK,IAAI,UAAU;AAC7B,QAAM,OAAO;AACb,OAAK,KAAK,KAAK,IAAI,UAAU;AAC7B,QAAM,OAAO;AACb,SAAO,OAAO;AAChB;AAuCA,SAAS,UAAU,MAAgB,YAA8C;AAC/E,QAAM,SAAS,WAAW,KAAK,SAAS;AACxC,UAAQ,KAAK,IAAI;AAAA,IACf,KAAK;AACH,aAAO,OAAO,MAAM,MAAM,KAAK;AAAA,IACjC,KAAK;AACH,aAAO,OAAO,MAAM,MAAM,KAAK;AAAA,IACjC,KAAK;AACH,aAAO,OAAO,UAAU,EAAE,EAAE,SAAS,KAAK,KAAK;AAAA,IACjD;AACE,aAAO;AAAA,EACX;AACF;AAWO,IAAM,cAAN,MAAkB;AAAA,EACN;AAAA,EACA;AAAA,EACA;AAAA,EACT,QAAwC,CAAC;AAAA,EACzC;AAAA,EACA,QAA+C;AAAA,EAC/C,QAAQ;AAAA,EAEhB,YAAY,SAAuB;AACjC,QAAI,CAAC,SAAS,UAAW,OAAM,IAAI,MAAM,sCAAsC;AAC/E,SAAK,MAAM;AAAA,MACT,aAAa,EAAE,aAAa,QAAQ,UAAU;AAAA,MAC9C,UAAU,QAAQ,WAAW,yBAAyB,QAAQ,QAAQ,EAAE;AAAA,MACxE,WAAW,QAAQ,aAAa;AAAA,MAChC,WAAW,QAAQ,SAAS,WAAW;AAAA,IACzC;AACA,SAAK,cAAc,QAAQ;AAC3B,SAAK,oBAAoB,QAAQ,qBAAqB;AAAA,EACxD;AAAA;AAAA,EAGA,MAAM,aAA4B;AAChC,UAAM,KAAK,QAAQ;AACnB,SAAK,QAAQ;AACb,QAAI,KAAK,oBAAoB,GAAG;AAC9B,WAAK,QAAQ,YAAY,MAAM;AAC7B,aAAK,KAAK,QAAQ;AAAA,MACpB,GAAG,KAAK,iBAAiB;AAEzB,MAAC,KAAK,OAAe,QAAQ;AAAA,IAC/B;AAAA,EACF;AAAA;AAAA,EAGA,QAAQ,QAAsB;AAC5B,SAAK,gBAAgB;AAAA,EACvB;AAAA;AAAA,EAGA,MAAM,UAAyB;AAC7B,UAAM,OAAO,KAAK,cACd,yBAAyB,mBAAmB,KAAK,WAAW,CAAC,KAC7D;AACJ,QAAI;AACF,YAAM,UAAU,MAAM,WAAwC,KAAK,KAAK,OAAO,IAAI;AACnF,YAAM,OAAO,SAAS,SAAS,CAAC;AAChC,YAAM,MAAsC,CAAC;AAC7C,iBAAW,KAAK,KAAM,KAAI,EAAE,GAAG,IAAI;AACnC,WAAK,QAAQ;AAAA,IACf,QAAQ;AAAA,IAER;AAAA,EACF;AAAA;AAAA,EAGA,UAAU,KAAa,MAAmB,CAAC,GAAY;AACrD,UAAM,IAAI,KAAK,MAAM,GAAG;AACxB,QAAI,CAAC,KAAK,CAAC,EAAE,QAAS,QAAO;AAE7B,UAAM,MAAM,IAAI,UAAU,KAAK,iBAAiB;AAChD,QAAI,EAAE,iBAAiB,SAAS,GAAG,EAAG,QAAO;AAC7C,QAAI,IAAI,cAAc,EAAE,OAAO,UAAU,EAAE,MAAM,KAAK,CAAC,MAAM,UAAU,GAAG,IAAI,UAAW,CAAC,GAAG;AAC3F,aAAO;AAAA,IACT;AACA,QAAI,EAAE,sBAAsB,IAAK,QAAO;AACxC,QAAI,EAAE,sBAAsB,EAAG,QAAO;AACtC,WAAO,YAAY,GAAG,GAAG,IAAI,GAAG,EAAE,IAAI,MAAM,EAAE;AAAA,EAChD;AAAA,EAEA,SAAyC;AACvC,WAAO,EAAE,GAAG,KAAK,MAAM;AAAA,EACzB;AAAA,EAEA,UAAmB;AACjB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,UAAgB;AACd,QAAI,KAAK,MAAO,eAAc,KAAK,KAAK;AACxC,SAAK,QAAQ;AAAA,EACf;AACF;;;AC3JO,IAAM,iBAAN,MAAqB;AAAA,EAC1B,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA;AAAA;AAAA;AAAA,EAM7B,SAAS,YAAoB,SAAmD;AAC9E,UAAM,EAAE,aAAa,iBAAiB,GAAG,KAAK,IAAI,WAAW,CAAC;AAC9D,UAAM,OAAgC;AAAA,MACpC,aAAa;AAAA,MACb,cAAc,eAAe;AAAA,MAC7B,GAAG;AAAA,IACL;AACA,QAAI,gBAAiB,MAAK,mBAAmB;AAC7C,WAAO,WAA0B,KAAK,KAAK,QAAQ,gBAAgB,IAAI;AAAA,EACzE;AAAA;AAAA,EAGA,YAAY,OAAyC;AACnD,WAAO,WAAwB,KAAK,KAAK,QAAQ,cAAc,KAAK;AAAA,EACtE;AAAA;AAAA,EAGA,eAAe,YAAgD;AAC7D,WAAO;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA,gBAAgB,mBAAmB,UAAU,CAAC;AAAA,IAChD;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,cAAc,YAAoB,SAAgD;AACtF,UAAM;AAAA,MACJ,KAAK;AAAA,MACL;AAAA,MACA,gBAAgB,mBAAmB,UAAU,CAAC;AAAA,MAC9C,EAAE,QAAQ;AAAA,IACZ;AAAA,EACF;AACF;;;ACxCA,IAAM,qBAAqB;AAC3B,IAAM,yBAAyB;AAC/B,IAAM,mBAAmB;AAEzB,SAAS,QAAgB;AACvB,SACE,KAAK,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,MAAM,GAAG,EAAE;AAEpE;AASO,IAAM,YAAN,MAAgB;AAAA,EAerB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA,EAdrB,SAAiC;AAAA,EACjC,cAAc;AAAA,EACd,QAAoB,CAAC;AAAA,EACrB,QAA+C;AAAA,EAC/C,WAAW;AAAA,EAEX,YAA2B;AAAA,EAC3B,gBAA+B;AAAA,EAC/B;AAAA,EACA;AAAA,EACA,mBAA4C,CAAC;AAAA,EAC7C,YAAY;AAAA,EACZ,WAAW;AAAA;AAAA,EAKnB,WAAW,QAA+B;AACxC,QAAI,KAAK,YAAa;AACtB,SAAK,SAAS;AACd,SAAK,YAAY,OAAO,aAAa;AACrC,SAAK,WAAW,OAAO,YAAY;AACnC,SAAK,YAAY,MAAM;AACvB,SAAK,cAAc;AAEnB,SAAK,WAAW,eAAe;AAE/B,UAAM,WAAW,OAAO,iBAAiB;AACzC,QAAI,WAAW,GAAG;AAChB,WAAK,QAAQ,YAAY,MAAM;AAC7B,aAAK,KAAK,MAAM;AAAA,MAClB,GAAG,QAAQ;AACX,MAAC,KAAK,OAAe,QAAQ;AAAA,IAC/B;AAAA,EACF;AAAA,EAEA,gBAAyB;AACvB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,QAAQ,QAAgB,YAA4C;AAClE,SAAK,SAAS;AACd,SAAK,iBAAiB;AAAA,EACxB;AAAA,EAEA,YAAkB;AAChB,SAAK,SAAS;AACd,SAAK,iBAAiB;AAAA,EACxB;AAAA,EAEA,aAAa,KAAa,OAAsB;AAC9C,SAAK,iBAAiB,GAAG,IAAI;AAAA,EAC/B;AAAA,EAEA,gBAAgB,KAAmB;AACjC,WAAO,KAAK,iBAAiB,GAAG;AAAA,EAClC;AAAA;AAAA,EAGA,UAAU,MAAc,YAA4C;AAClE,QAAI,CAAC,KAAK,YAAa;AACvB,SAAK,gBAAgB,MAAM;AAC3B,SAAK,WAAW,QAAQ;AAAA,MACtB,MAAM,EAAE,IAAI,KAAK,eAAe,KAAK;AAAA,MACrC;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA,EAGA,YAAY,MAAc,YAA4C;AACpE,QAAI,CAAC,KAAK,YAAa;AACvB,SAAK,WAAW,UAAU,EAAE,QAAQ,EAAE,MAAM,MAAM,SAAS,GAAG,WAAW,CAAC;AAAA,EAC5E;AAAA;AAAA,EAGA,WAAW,OAAmE,YAA4C;AACxH,QAAI,CAAC,KAAK,YAAa;AACvB,UAAM,OACJ,iBAAiB,QACb,EAAE,SAAS,MAAM,SAAS,OAAO,MAAM,OAAO,MAAM,MAAM,YAAY,KAAK,IAC3E;AACN,SAAK,WAAW,SAAS,EAAE,OAAO,MAAM,WAAW,CAAC;AAAA,EACtD;AAAA;AAAA,EAGA,IAAI,OAAoB,SAAiB,YAA4C;AACnF,QAAI,CAAC,KAAK,YAAa;AACvB,SAAK,WAAW,OAAO,EAAE,KAAK,EAAE,OAAO,QAAQ,GAAG,WAAW,CAAC;AAAA,EAChE;AAAA,EAEQ,WAAW,MAAoB,MAAgC;AACrE,QAAI,CAAC,KAAK,eAAe,CAAC,KAAK,UAAW;AAC1C,UAAM,QAAkB;AAAA,MACtB;AAAA,MACA,WAAW,KAAK,IAAI;AAAA,MACpB,WAAW,KAAK;AAAA,MAChB,QAAQ,KAAK,iBAAiB;AAAA,MAC9B,QAAQ,KAAK;AAAA,MACb,eAAe,KAAK,OAAQ;AAAA,MAC5B,oBAAoB,KAAK,QAAQ;AAAA,MACjC,aAAa,KAAK,QAAQ;AAAA,MAC1B,gBAAgB,KAAK;AAAA,MACrB,kBACE,OAAO,KAAK,KAAK,gBAAgB,EAAE,SAAS,IAAI,KAAK,mBAAmB;AAAA,MAC1E,GAAG;AAAA,IACL;AACA,SAAK,MAAM,KAAK,KAAK;AACrB,QAAI,KAAK,MAAM,UAAU,KAAK,UAAW,MAAK,KAAK,MAAM;AAAA,EAC3D;AAAA;AAAA,EAGA,MAAM,QAAuB;AAC3B,QAAI,KAAK,YAAY,KAAK,MAAM,WAAW,EAAG;AAC9C,SAAK,WAAW;AAChB,UAAM,SAAS,KAAK;AACpB,SAAK,QAAQ,CAAC;AACd,QAAI;AACF,YAAM,WAAW,KAAK,KAAK,QAAQ,KAAK,UAAU;AAAA,QAChD;AAAA,QACA,QAAQ,KAAK,IAAI;AAAA,MACnB,CAAC;AAAA,IACH,QAAQ;AAEN,WAAK,QAAQ,CAAC,GAAG,QAAQ,GAAG,KAAK,KAAK;AAAA,IACxC,UAAE;AACA,WAAK,WAAW;AAAA,IAClB;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,cAA6B;AACjC,QAAI,CAAC,KAAK,YAAa;AACvB,SAAK,WAAW,aAAa;AAC7B,UAAM,KAAK,MAAM;AACjB,QAAI,KAAK,OAAO;AACd,oBAAc,KAAK,KAAK;AACxB,WAAK,QAAQ;AAAA,IACf;AACA,SAAK,cAAc;AAAA,EACrB;AAAA,EAEA,eAA8B;AAC5B,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,YAA2B;AACzB,WAAO,KAAK;AAAA,EACd;AACF;;;AC/KA,SAAS,cAAc,GAAwB;AAC7C,SAAO;AAAA,IACL,cAAc,EAAE;AAAA,IAChB,WAAW,EAAE;AAAA,IACb,aAAa,EAAE;AAAA,IACf,QAAQ,EAAE;AAAA,IACV,WAAW,EAAE;AAAA,IACb,UAAU,EAAE;AAAA,IACZ,YAAY,EAAE;AAAA,IACd,WAAW,EAAE;AAAA,EACf;AACF;AASO,IAAM,WAAN,MAAe;AAAA,EACpB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAG7B,MAAM,iBAAiB,SAA6D;AAClF,UAAM,UAAU,MAAM,WAAgB,KAAK,KAAK,QAAQ,sBAAsB;AAAA,MAC5E,aAAa,QAAQ;AAAA,MACrB,gBAAgB,QAAQ;AAAA,MACxB,SAAS,QAAQ,WAAW;AAAA,MAC5B,iBAAiB,QAAQ,iBAAiB;AAAA,MAC1C,YAAY,QAAQ;AAAA,MACpB,kBAAkB,QAAQ;AAAA,IAC5B,CAAC;AACD,UAAM,IAAI,QAAQ;AAClB,WAAO;AAAA,MACL,OAAO,EAAE;AAAA,MACT,cAAc,EAAE;AAAA,MAChB,WAAW,EAAE;AAAA,MACb,aAAa,EAAE;AAAA,IACjB;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,SACJ,OACA,SAC2B;AAC3B,QAAI;AACF,YAAM,UAAU,MAAM,WAAgB,KAAK,KAAK,QAAQ,mBAAmB;AAAA,QACzE;AAAA,QACA,kBAAkB,SAAS;AAAA,QAC3B,aAAa,SAAS;AAAA,QACtB,QAAQ,SAAS;AAAA,MACnB,CAAC;AACD,aAAO;AAAA,QACL,OAAO;AAAA,QACP,aAAa,QAAQ;AAAA,QACrB,WAAW,QAAQ;AAAA,QACnB,YAAY,QAAQ,aAChB;AAAA,UACE,cAAc,QAAQ,WAAW;AAAA,UACjC,aAAa,QAAQ,WAAW;AAAA,UAChC,WAAW,QAAQ,WAAW;AAAA,UAC9B,UAAU,QAAQ,WAAW;AAAA,QAC/B,IACA;AAAA,MACN;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,EAAE,OAAO,OAAO,OAAO,eAAe,QAAQ,IAAI,UAAU,oBAAoB;AAAA,IACzF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,OAAO,cAAsB,QAAgC;AACjE,UAAM;AAAA,MACJ,KAAK;AAAA,MACL;AAAA,MACA,sBAAsB,mBAAmB,YAAY,CAAC;AAAA,MACtD,EAAE,OAAO;AAAA,IACX;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,KAAK,QAA4C;AACrD,UAAM,OAAO,SACT,kCAAkC,mBAAmB,MAAM,CAAC,KAC5D;AACJ,UAAM,UAAU,MAAM,WAAgB,KAAK,KAAK,OAAO,IAAI;AAC3D,YAAQ,QAAQ,eAAe,CAAC,GAAG,IAAI,aAAa;AAAA,EACtD;AAAA;AAAA,EAGA,MAAM,IAAI,cAA+C;AACvD,UAAM,UAAU,MAAM;AAAA,MACpB,KAAK;AAAA,MACL;AAAA,MACA,sBAAsB,mBAAmB,YAAY,CAAC;AAAA,IACxD;AACA,WAAO,cAAc,QAAQ,UAAU;AAAA,EACzC;AAAA;AAAA,EAGA,MAAM,QAAkC;AACtC,UAAM,UAAU,MAAM,WAAgB,KAAK,KAAK,OAAO,cAAc;AACrE,UAAM,IAAI,QAAQ;AAClB,WAAO;AAAA,MACL,kBAAkB,EAAE;AAAA,MACpB,mBAAmB,EAAE;AAAA,MACrB,WAAW,EAAE;AAAA,MACb,sBAAsB;AAAA,QACpB,gBAAgB,EAAE,uBAAuB;AAAA,QACzC,aAAa,EAAE,uBAAuB;AAAA,MACxC;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAiB,QAAgB,QAAkC;AACvE,UAAM,UAAU,MAAM,WAAgB,KAAK,KAAK,QAAQ,qBAAqB;AAAA,MAC3E,aAAa;AAAA,MACb;AAAA,IACF,CAAC;AACD,WAAO,QAAQ;AAAA,EACjB;AACF;;;ACrIA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,yBAA4C;AAQ5C,SAAS,YAAY,QAAkD;AAErE,QAAM,QAAQ,OAAO,MAAM,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC;AACnD,MAAI,IAAI;AACR,MAAI,KAAK;AACT,aAAW,QAAQ,OAAO;AACxB,UAAM,CAAC,GAAG,CAAC,IAAI,KAAK,MAAM,GAAG;AAC7B,QAAI,MAAM,IAAK,KAAI;AACnB,QAAI,MAAM,KAAM,MAAK;AAAA,EACvB;AACA,SAAO,KAAK,KAAK,EAAE,GAAG,GAAG,IAAI;AAC/B;AAEA,SAAS,kBAAkB,WAAmB,SAAiB,QAAwB;AACrF,aAAO,+BAAW,UAAU,MAAM,EAAE,OAAO,GAAG,SAAS,IAAI,OAAO,EAAE,EAAE,OAAO,KAAK;AACpF;AAEA,SAAS,aAAa,GAAW,GAAoB;AACnD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI;AACF,eAAO,oCAAgB,OAAO,KAAK,GAAG,KAAK,GAAG,OAAO,KAAK,GAAG,KAAK,CAAC;AAAA,EACrE,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAUO,SAAS,OACd,SACA,QACA,QACA,UAAyB,CAAC,GACjB;AACT,QAAM,YAAY,QAAQ,gBAAgB;AAC1C,QAAM,SAAS,YAAY,UAAU,EAAE;AACvC,MAAI,CAAC,OAAQ,QAAO;AAEpB,QAAM,OAAO,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,MAAM;AAC5E,QAAM,WAAW,kBAAkB,OAAO,GAAG,MAAM,MAAM;AACzD,MAAI,CAAC,aAAa,OAAO,IAAI,QAAQ,EAAG,QAAO;AAE/C,MAAI,YAAY,GAAG;AACjB,UAAM,KAAK,OAAO,OAAO,CAAC;AAC1B,QAAI,CAAC,OAAO,SAAS,EAAE,EAAG,QAAO;AACjC,UAAM,SAAS,KAAK,IAAI,KAAK,IAAI,IAAI,MAAO,EAAE;AAC9C,QAAI,SAAS,UAAW,QAAO;AAAA,EACjC;AACA,SAAO;AACT;AAMO,SAAS,eACd,SACA,QACA,QACA,UAAyB,CAAC,GACvB;AACH,MAAI,CAAC,OAAO,SAAS,QAAQ,QAAQ,OAAO,GAAG;AAC7C,UAAM,IAAI,yBAAyB,uCAAuC;AAAA,EAC5E;AACA,QAAM,OAAO,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,MAAM;AAC5E,SAAO,KAAK,MAAM,IAAI;AACxB;AAEO,IAAM,WAAW,EAAE,QAAQ,eAAe;;;ACvEjD,SAAS,GAAG,QAAyC;AACnD,QAAM,UAAU,OAAO,QAAQ,MAAM,EAAE,OAAO,CAAC,CAAC,EAAE,CAAC,MAAM,MAAM,UAAa,MAAM,IAAI;AACtF,MAAI,CAAC,QAAQ,OAAQ,QAAO;AAC5B,SAAO,MAAM,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,mBAAmB,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,GAAG;AACxF;AAGA,IAAM,WAAN,MAAe;AAAA,EACb,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA;AAAA,EAE7B,MAAM,OAAe;AACnB,WAAO,WAAW,KAAK,KAAK,OAAO,kBAAkB,GAAG,EAAE,QAAQ,MAAM,CAAC,CAAC,EAAE;AAAA,EAC9E;AAAA;AAAA,EAEA,KAAK,OAAe,SAA4C,CAAC,GAAG;AAClE,WAAO,WAAW,KAAK,KAAK,OAAO,iBAAiB,GAAG,EAAE,QAAQ,OAAO,GAAG,OAAO,CAAC,CAAC,EAAE;AAAA,EACxF;AAAA;AAAA,EAEA,QAAQ,OAAe;AACrB,WAAO,WAAW,KAAK,KAAK,OAAO,oBAAoB,GAAG,EAAE,QAAQ,MAAM,CAAC,CAAC,EAAE;AAAA,EAChF;AACF;AAGA,IAAM,gBAAN,MAAoB;AAAA,EAClB,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA,EAC7B,KAAK,OAAe,aAA+B;AACjD,WAAO,WAAW,KAAK,KAAK,OAAO,oBAAoB,GAAG,EAAE,QAAQ,OAAO,YAAY,CAAC,CAAC,EAAE;AAAA,EAC7F;AAAA,EACA,IAAI,OAAe,IAAY;AAC7B,WAAO,WAAW,KAAK,KAAK,OAAO,qBAAqB,EAAE,GAAG,GAAG,EAAE,QAAQ,MAAM,CAAC,CAAC,EAAE;AAAA,EACtF;AAAA,EACA,OAAO,OAAe,MAA+B;AACnD,WAAO,WAAW,KAAK,KAAK,QAAQ,qBAAqB,EAAE,QAAQ,OAAO,GAAG,KAAK,CAAC;AAAA,EACrF;AAAA,EACA,OAAO,OAAe,IAAY,MAA+B;AAC/D,WAAO,WAAW,KAAK,KAAK,SAAS,qBAAqB,EAAE,IAAI,EAAE,QAAQ,OAAO,GAAG,KAAK,CAAC;AAAA,EAC5F;AAAA,EACA,OAAO,OAAe,IAAY;AAChC,WAAO,WAAW,KAAK,KAAK,UAAU,qBAAqB,EAAE,GAAG,GAAG,EAAE,QAAQ,MAAM,CAAC,CAAC,EAAE;AAAA,EACzF;AAAA,EACA,QAAQ,OAAe,IAAY,SAA8C,CAAC,GAAG;AACnF,WAAO;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA,qBAAqB,EAAE,WAAW,GAAG,EAAE,QAAQ,OAAO,GAAG,OAAO,CAAC,CAAC;AAAA,IACpE;AAAA,EACF;AACF;AAGA,IAAM,SAAN,MAAa;AAAA,EACX,YAA6B,KAAiB;AAAjB;AAAA,EAAkB;AAAA,EAAlB;AAAA,EAC7B,SAAS,OAAe,SAA8E,CAAC,GAAG;AACxG,WAAO,WAAW,KAAK,KAAK,OAAO,mBAAmB,GAAG,EAAE,QAAQ,OAAO,GAAG,OAAO,CAAC,CAAC,EAAE;AAAA,EAC1F;AAAA,EACA,SAAS,OAAe,SAA8D,CAAC,GAAG;AACxF,WAAO,WAAW,KAAK,KAAK,OAAO,mBAAmB,GAAG,EAAE,QAAQ,OAAO,GAAG,OAAO,CAAC,CAAC,EAAE;AAAA,EAC1F;AACF;AAYO,IAAM,cAAN,MAAkB;AAAA,EACd;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAA6B;AACvC,QAAI,CAAC,SAAS,MAAO,OAAM,IAAI,MAAM,kCAAkC;AACvE,UAAM,MAAkB;AAAA,MACtB,aAAa,EAAE,eAAe,UAAU,QAAQ,KAAK,GAAG;AAAA,MACxD,UAAU,QAAQ,WAAW,yBAAyB,QAAQ,QAAQ,EAAE;AAAA,MACxE,WAAW,QAAQ,aAAa;AAAA,MAChC,WAAW,QAAQ,SAAS,WAAW;AAAA,IACzC;AACA,QAAI,OAAO,IAAI,cAAc,YAAY;AACvC,YAAM,IAAI,MAAM,4EAAuE;AAAA,IACzF;AACA,SAAK,QAAQ,IAAI,SAAS,GAAG;AAC7B,SAAK,QAAQ,IAAI,cAAc,GAAG;AAClC,SAAK,MAAM,IAAI,OAAO,GAAG;AAAA,EAC3B;AACF;;;ATjFA,IAAM,mBAAmB;AAWlB,IAAM,SAAN,MAAa;AAAA,EACD;AAAA,EAER;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA,WAAW;AAAA,EAEH;AAAA,EAEjB,YAAY,SAAwB;AAClC,QAAI,CAAC,SAAS,OAAQ,OAAM,IAAI,MAAM,8BAA8B;AACpE,SAAK,MAAM;AAAA,MACT,aAAa,EAAE,aAAa,QAAQ,OAAO;AAAA,MAC3C,UAAU,QAAQ,WAAW,kBAAkB,QAAQ,QAAQ,EAAE;AAAA,MACjE,WAAW,QAAQ,aAAa;AAAA,MAChC,WAAW,QAAQ,SAAS,WAAW;AAAA,IACzC;AACA,QAAI,OAAO,KAAK,IAAI,cAAc,YAAY;AAC5C,YAAM,IAAI,MAAM,kFAA6E;AAAA,IAC/F;AACA,SAAK,SAAS,IAAI,eAAe,KAAK,GAAG;AACzC,SAAK,QAAQ,IAAI,cAAc,KAAK,GAAG;AACvC,SAAK,OAAO,IAAI,aAAa,KAAK,GAAG;AACrC,SAAK,WAAW,IAAI,eAAe,KAAK,GAAG;AAC3C,SAAK,MAAM,IAAI,UAAU,KAAK,GAAG;AACjC,SAAK,KAAK,IAAI,SAAS,KAAK,GAAG;AAC/B,QAAI,QAAQ,WAAW;AACrB,WAAK,SAAS,IAAI,YAAY;AAAA,QAC5B,WAAW,QAAQ;AAAA,QACnB,aAAa,QAAQ;AAAA,QACrB,SAAS,KAAK,IAAI;AAAA,QAClB,WAAW,KAAK,IAAI;AAAA,QACpB,OAAO,KAAK,IAAI;AAAA,MAClB,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,QAAqB;AACvB,QAAI,CAAC,KAAK,QAAQ;AAChB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,MAAM,OAAyC;AAC7C,WAAO,WAAW,KAAK,KAAK,QAAQ,aAAa,KAAK;AAAA,EACxD;AAAA;AAAA,EAGA,UAAU,OAAuD;AAC/D,WAAO,WAAW,KAAK,KAAK,QAAQ,kBAAkB,EAAE,MAAM,CAAC;AAAA,EACjE;AACF;AAEA,IAAO,cAAQ;","names":[]}
package/dist/index.d.cts CHANGED
@@ -1,5 +1,6 @@
1
1
  interface HttpConfig {
2
- apiKey: string;
2
+ /** Auth headers to send (e.g. { "X-API-Key": "sk_…" } or { Authorization: "Bearer …" }). */
3
+ authHeaders: Record<string, string>;
3
4
  baseUrl: string;
4
5
  timeoutMs: number;
5
6
  fetchImpl: typeof fetch;
@@ -9,6 +10,15 @@ type RiskLevel = "low" | "medium" | "high" | "critical";
9
10
  interface SimplrOptions {
10
11
  /** Secret API key (sk_live_… / sk_test_…). Keep this server-side only. */
11
12
  apiKey: string;
13
+ /** Public key (pk_…) — enables `simplr.flags` for server-side feature-flag evaluation. */
14
+ publicKey?: string;
15
+ /**
16
+ * Which environment's flags `simplr.flags` should load. Accepts a named
17
+ * environment slug (e.g. "dev", "uat", "prod") as well as the legacy
18
+ * "live"/"test" key modes. When unset, the API falls back to the public
19
+ * key's own live/test mode.
20
+ */
21
+ environment?: string;
12
22
  /** API base URL. Defaults to https://api.simplr.sh. */
13
23
  baseUrl?: string;
14
24
  /** Per-request timeout in ms (default 15000). */
@@ -71,6 +81,133 @@ interface EdgeLogEntry {
71
81
  message: string;
72
82
  [key: string]: unknown;
73
83
  }
84
+ interface IdentifyOptions {
85
+ /** Profile type. */
86
+ profileType?: "customer" | "cashier" | "employee";
87
+ /** Device fingerprint hash to link to this profile. */
88
+ fingerprintHash?: string;
89
+ /** Extra fields merged into the request body. */
90
+ [key: string]: unknown;
91
+ }
92
+ interface ProfileResult {
93
+ profile: {
94
+ id: string;
95
+ external_id: string;
96
+ profile_type: string;
97
+ status: string;
98
+ risk_score: number;
99
+ risk_level: string;
100
+ device_count: number;
101
+ total_orders: number;
102
+ first_seen_at: string;
103
+ last_seen_at: string;
104
+ };
105
+ is_new: boolean;
106
+ device_linked: boolean;
107
+ device_anomaly?: string;
108
+ [key: string]: unknown;
109
+ }
110
+ interface ProfileRiskResult {
111
+ profile: {
112
+ id: string;
113
+ external_id: string;
114
+ profile_type: string;
115
+ status: string;
116
+ risk_score: number;
117
+ risk_level: string;
118
+ signals: Record<string, number>;
119
+ device_count: number;
120
+ total_orders: number;
121
+ flagged_orders: number;
122
+ fraud_reports: number;
123
+ legitimate_reports: number;
124
+ first_seen_at: string;
125
+ last_seen_at: string;
126
+ };
127
+ [key: string]: unknown;
128
+ }
129
+ type RUMEventType = "session_start" | "session_end" | "view" | "action" | "error" | "log";
130
+ type RUMLogLevel = "debug" | "info" | "warn" | "error";
131
+ interface RUMEvent {
132
+ type: RUMEventType;
133
+ timestamp: number;
134
+ sessionId: string;
135
+ viewId?: string;
136
+ userId?: string;
137
+ applicationId: string;
138
+ applicationVersion?: string;
139
+ environment?: string;
140
+ view?: {
141
+ id: string;
142
+ name: string;
143
+ };
144
+ action?: {
145
+ name: string;
146
+ type: string;
147
+ };
148
+ error?: {
149
+ message: string;
150
+ stack?: string;
151
+ type?: string;
152
+ };
153
+ log?: {
154
+ level: RUMLogLevel;
155
+ message: string;
156
+ };
157
+ attributes?: Record<string, unknown>;
158
+ userAttributes?: Record<string, unknown>;
159
+ globalAttributes?: Record<string, unknown>;
160
+ }
161
+ interface RUMEventBatch {
162
+ events: RUMEvent[];
163
+ sentAt: number;
164
+ }
165
+ type BindingMode = "verified_device" | "any_location";
166
+ interface CreateDelegationOptions {
167
+ userId: string;
168
+ email?: string;
169
+ binding?: BindingMode;
170
+ expiresInDays?: number;
171
+ sessionId?: string;
172
+ fingerprintHash?: string;
173
+ }
174
+ interface DelegationResult {
175
+ token: string;
176
+ delegationId: string;
177
+ expiresAt: string;
178
+ bindingMode: BindingMode;
179
+ }
180
+ interface DelegationInfo {
181
+ delegationId: string;
182
+ endUserId: string;
183
+ bindingMode: BindingMode;
184
+ status: "active" | "revoked" | "expired";
185
+ expiresAt: string;
186
+ useCount: number;
187
+ lastUsedAt?: string;
188
+ createdAt: string;
189
+ }
190
+ interface ValidationResult {
191
+ valid: boolean;
192
+ sessionType?: "ai";
193
+ endUserId?: string;
194
+ delegation?: {
195
+ delegationId: string;
196
+ bindingMode: BindingMode;
197
+ expiresAt: string;
198
+ useCount: number;
199
+ };
200
+ error?: string;
201
+ }
202
+ interface DelegationStats {
203
+ totalDelegations: number;
204
+ activeDelegations: number;
205
+ totalUses: number;
206
+ delegationsByBinding: {
207
+ verifiedDevice: number;
208
+ anyLocation: number;
209
+ };
210
+ }
74
211
 
75
212
  /** Order fraud scoring. */
76
213
  declare class OrdersResource {
@@ -109,6 +246,188 @@ declare class EdgeResource {
109
246
  ingestLogs(deviceId: string, logs: EdgeLogEntry[]): Promise<unknown>;
110
247
  }
111
248
 
249
+ interface FlagRule {
250
+ attribute: string;
251
+ op: "eq" | "neq" | "contains";
252
+ value: string;
253
+ }
254
+ interface FlagDefinition {
255
+ key: string;
256
+ enabled: boolean;
257
+ rollout_percentage: number;
258
+ target_user_ids: string[];
259
+ rules: FlagRule[];
260
+ }
261
+ interface FlagsOptions {
262
+ /** Public API key (pk_live_… / pk_test_…). Required — flags read uses the public key. */
263
+ publicKey: string;
264
+ /** API base URL. Defaults to https://api.simplr.sh. */
265
+ baseUrl?: string;
266
+ /**
267
+ * Which environment's flags to load. Defaults to the key's own environment
268
+ * (the API falls back to the key's live/test mode when unset). Accepts a
269
+ * named environment slug (e.g. "dev", "uat", "prod") as well as the legacy
270
+ * "live"/"test" key modes. Sent to the API as `?environment=<value>`.
271
+ */
272
+ environment?: string;
273
+ /** Auto-refresh interval in ms (default 60000; 0 disables). */
274
+ refreshIntervalMs?: number;
275
+ timeoutMs?: number;
276
+ fetch?: typeof fetch;
277
+ }
278
+ interface EvalContext {
279
+ userId?: string;
280
+ attributes?: Record<string, unknown>;
281
+ }
282
+ /**
283
+ * Server-side feature flags with local, deterministic evaluation.
284
+ *
285
+ * ```ts
286
+ * const flags = new SimplrFlags({ publicKey: process.env.SIMPLR_PUBLIC_KEY! });
287
+ * await flags.initialize();
288
+ * if (flags.isEnabled("new-checkout", { userId: "user_123" })) { ... }
289
+ * ```
290
+ */
291
+ declare class SimplrFlags {
292
+ private readonly cfg;
293
+ private readonly environment?;
294
+ private readonly refreshIntervalMs;
295
+ private flags;
296
+ private defaultUserId?;
297
+ private timer;
298
+ private ready;
299
+ constructor(options: FlagsOptions);
300
+ /** Fetch the flag config once and start the background refresh. */
301
+ initialize(): Promise<void>;
302
+ /** Set the default identifier used for bucketing when none is passed to isEnabled. */
303
+ setUser(userId: string): void;
304
+ /** Re-fetch the flag config (counts as one billable request). */
305
+ refresh(): Promise<void>;
306
+ /** Evaluate a flag locally. Deterministic per user; no network call. */
307
+ isEnabled(key: string, ctx?: EvalContext): boolean;
308
+ getAll(): Record<string, FlagDefinition>;
309
+ isReady(): boolean;
310
+ /** Stop the background refresh timer. */
311
+ dispose(): void;
312
+ }
313
+
314
+ /**
315
+ * Anonymous user profile management and order fraud monitoring.
316
+ *
317
+ * Works with the configured key (secret for server-side use). Mirrors the
318
+ * browser SimplrProfiles surface but reuses the Node http helper (which unwraps
319
+ * the `{ success, message, content }` envelope).
320
+ */
321
+ declare class SimplrProfiles {
322
+ private readonly cfg;
323
+ constructor(cfg: HttpConfig);
324
+ /**
325
+ * Identify a user — creates or updates an anonymous profile and (optionally)
326
+ * links a device fingerprint. POST /v1/profiles.
327
+ */
328
+ identify(externalId: string, options?: IdentifyOptions): Promise<ProfileResult>;
329
+ /** Submit an order for real-time fraud scoring. POST /v1/orders. */
330
+ submitOrder(order: OrderInput): Promise<OrderResult>;
331
+ /** Get the risk profile for a user. GET /v1/profiles/{externalId}. */
332
+ getProfileRisk(externalId: string): Promise<ProfileRiskResult>;
333
+ /** Report a profile as fraud or legitimate. POST /v1/profiles/{externalId}/outcome. */
334
+ reportOutcome(externalId: string, outcome: "fraud" | "legitimate"): Promise<void>;
335
+ }
336
+
337
+ interface SimplrRUMConfig {
338
+ /** Application identifier (required). */
339
+ applicationId: string;
340
+ /** Optional version/environment tags applied to every event. */
341
+ applicationVersion?: string;
342
+ environment?: string;
343
+ /** Flush when this many events are queued (default 30). */
344
+ batchSize?: number;
345
+ /** Background flush interval in ms (default 10000; 0 disables the timer). */
346
+ flushInterval?: number;
347
+ /** Override the events endpoint path (default /v1/rum/events). */
348
+ endpoint?: string;
349
+ }
350
+ /**
351
+ * Server-side Real User Monitoring. Batches events and flushes them to
352
+ * POST /v1/rum/events using the configured key. Unlike the browser SDK there is
353
+ * no DOM auto-capture — views/actions/errors/logs are reported via the public
354
+ * API. A timer-based flush is installed with `unref()` so it never keeps the
355
+ * Node process alive.
356
+ */
357
+ declare class SimplrRUM {
358
+ private readonly cfg;
359
+ private config;
360
+ private initialized;
361
+ private queue;
362
+ private timer;
363
+ private flushing;
364
+ private sessionId;
365
+ private currentViewId;
366
+ private userId?;
367
+ private userAttributes?;
368
+ private globalAttributes;
369
+ private batchSize;
370
+ private endpoint;
371
+ constructor(cfg: HttpConfig);
372
+ /** Initialize the SDK, start a session, and begin the flush timer. */
373
+ initialize(config: SimplrRUMConfig): void;
374
+ isInitialized(): boolean;
375
+ /** Associate subsequent events with a user. */
376
+ setUser(userId: string, attributes?: Record<string, unknown>): void;
377
+ clearUser(): void;
378
+ addAttribute(key: string, value: unknown): void;
379
+ removeAttribute(key: string): void;
380
+ /** Track a screen/page view. */
381
+ trackView(name: string, attributes?: Record<string, unknown>): void;
382
+ /** Track a user action. */
383
+ trackAction(name: string, attributes?: Record<string, unknown>): void;
384
+ /** Track an error. */
385
+ trackError(error: Error | {
386
+ message: string;
387
+ stack?: string;
388
+ type?: string;
389
+ }, attributes?: Record<string, unknown>): void;
390
+ /** Emit a log line. */
391
+ log(level: RUMLogLevel, message: string, attributes?: Record<string, unknown>): void;
392
+ private trackEvent;
393
+ /** Flush queued events to POST /v1/rum/events. */
394
+ flush(): Promise<void>;
395
+ /** End the session, flush remaining events, and stop the timer. */
396
+ stopSession(): Promise<void>;
397
+ getSessionId(): string | null;
398
+ getViewId(): string | null;
399
+ }
400
+
401
+ /**
402
+ * AI delegation — OAuth-like AI authentication. Lets you mint, validate and
403
+ * revoke delegation tokens that an end user shares with their AI agent.
404
+ *
405
+ * Reuses the Node http helper, which unwraps the `{ success, message, content }`
406
+ * envelope — so `apiRequest` returns the inner `content` object directly.
407
+ */
408
+ declare class SimplrAI {
409
+ private readonly cfg;
410
+ constructor(cfg: HttpConfig);
411
+ /** Create a new AI delegation token for a user. POST /v1/ai/delegations. */
412
+ createDelegation(options: CreateDelegationOptions): Promise<DelegationResult>;
413
+ /** Validate (introspect) an AI delegation token. POST /v1/ai/validate. */
414
+ validate(token: string, options?: {
415
+ fingerprintHash?: string;
416
+ aiProvider?: string;
417
+ action?: string;
418
+ }): Promise<ValidationResult>;
419
+ /** Revoke a delegation. POST /v1/ai/delegations/{id}/revoke. */
420
+ revoke(delegationId: string, reason?: string): Promise<void>;
421
+ /** List delegations, optionally filtered by user. GET /v1/ai/delegations. */
422
+ list(userId?: string): Promise<DelegationInfo[]>;
423
+ /** Get a single delegation. GET /v1/ai/delegations/{id}. */
424
+ get(delegationId: string): Promise<DelegationInfo>;
425
+ /** Get delegation statistics. GET /v1/ai/stats. */
426
+ stats(): Promise<DelegationStats>;
427
+ /** Revoke all delegations for a user (e.g. on logout). POST /v1/ai/revoke-all. */
428
+ revokeAllForUser(userId: string, reason?: string): Promise<number>;
429
+ }
430
+
112
431
  interface VerifyOptions {
113
432
  /** Reject signatures whose timestamp is older than this many seconds (default 300). 0 disables. */
114
433
  toleranceSec?: number;
@@ -154,6 +473,74 @@ declare class WebhookVerificationError extends Error {
154
473
  constructor(message: string);
155
474
  }
156
475
 
476
+ interface SimplrAdminOptions {
477
+ /** Portal token (JWT) for dashboard/admin operations. */
478
+ token: string;
479
+ /** API base URL. Defaults to https://api.simplr.sh. */
480
+ baseUrl?: string;
481
+ timeoutMs?: number;
482
+ fetch?: typeof fetch;
483
+ }
484
+ /** Usage / measurement reads. */
485
+ declare class UsageApi {
486
+ private readonly cfg;
487
+ constructor(cfg: HttpConfig);
488
+ /** Aggregate usage stats for an org. */
489
+ stats(orgId: string): Promise<unknown>;
490
+ /** Raw usage logs for an org. */
491
+ logs(orgId: string, params?: {
492
+ page?: number;
493
+ limit?: number;
494
+ }): Promise<unknown>;
495
+ /** Billing usage breakdown (per-service totals + estimated cost). */
496
+ billing(orgId: string): Promise<unknown>;
497
+ }
498
+ /** Feature-flag administration (create/update/delete/history). */
499
+ declare class FlagsAdminApi {
500
+ private readonly cfg;
501
+ constructor(cfg: HttpConfig);
502
+ list(orgId: string, environment?: "live" | "test"): Promise<unknown>;
503
+ get(orgId: string, id: string): Promise<unknown>;
504
+ create(orgId: string, data: Record<string, unknown>): Promise<unknown>;
505
+ update(orgId: string, id: string, data: Record<string, unknown>): Promise<unknown>;
506
+ remove(orgId: string, id: string): Promise<unknown>;
507
+ history(orgId: string, id: string, params?: {
508
+ limit?: number;
509
+ offset?: number;
510
+ }): Promise<unknown>;
511
+ }
512
+ /** RUM analytics reads. */
513
+ declare class RumApi {
514
+ private readonly cfg;
515
+ constructor(cfg: HttpConfig);
516
+ overview(orgId: string, params?: {
517
+ application_id?: string;
518
+ start_date?: string;
519
+ end_date?: string;
520
+ }): Promise<unknown>;
521
+ sessions(orgId: string, params?: {
522
+ page?: number;
523
+ limit?: number;
524
+ user_id?: string;
525
+ }): Promise<unknown>;
526
+ }
527
+ /**
528
+ * Management client for dashboard/admin operations that require a portal token
529
+ * (usage/measurement, feature-flag CRUD, RUM analytics).
530
+ *
531
+ * ```ts
532
+ * const admin = new SimplrAdmin({ token: process.env.SIMPLR_PORTAL_TOKEN! });
533
+ * const usage = await admin.usage.billing(orgId);
534
+ * await admin.flags.create(orgId, { key: "new-checkout", environment: "test", rollout_percentage: 10 });
535
+ * ```
536
+ */
537
+ declare class SimplrAdmin {
538
+ readonly usage: UsageApi;
539
+ readonly flags: FlagsAdminApi;
540
+ readonly rum: RumApi;
541
+ constructor(options: SimplrAdminOptions);
542
+ }
543
+
157
544
  /**
158
545
  * Simplr server-side client.
159
546
  *
@@ -168,13 +555,25 @@ declare class Simplr {
168
555
  readonly orders: OrdersResource;
169
556
  readonly phone: PhoneResource;
170
557
  readonly edge: EdgeResource;
558
+ /** Anonymous user profiles + order fraud monitoring. */
559
+ readonly profiles: SimplrProfiles;
560
+ /** Real User Monitoring — batched events to /v1/rum/events. */
561
+ readonly rum: SimplrRUM;
562
+ /** AI delegation — OAuth-like AI authentication. */
563
+ readonly ai: SimplrAI;
171
564
  /** Webhook signature helpers (no network). */
172
565
  readonly webhooks: typeof webhooks$1;
566
+ private readonly _flags?;
173
567
  constructor(options: SimplrOptions);
568
+ /**
569
+ * Server-side feature flags. Requires a `publicKey` in the constructor options
570
+ * (flag config is read with the public key). Call `simplr.flags.initialize()` once.
571
+ */
572
+ get flags(): SimplrFlags;
174
573
  /** Run an identity/fraud check. Provide any of email, phone, device, behavior. */
175
574
  check(input: CheckInput): Promise<CheckResult>;
176
575
  /** Run up to 100 checks at once. */
177
576
  checkBulk(items: CheckInput[]): Promise<BulkResult<CheckResult>>;
178
577
  }
179
578
 
180
- export { type BulkResult, type CheckInput, type CheckResult, type EdgeLogEntry, type OrderInput, type OrderResult, type PhoneOutcome, type PhoneReportInput, type RiskLevel, Simplr, SimplrError, type SimplrOptions, WebhookVerificationError, constructEvent as constructWebhookEvent, Simplr as default, verify as verifyWebhook };
579
+ export { type BindingMode, type BulkResult, type CheckInput, type CheckResult, type CreateDelegationOptions, type DelegationInfo, type DelegationResult, type DelegationStats, type EdgeLogEntry, type EvalContext, type FlagDefinition, type FlagRule, type FlagsOptions, type IdentifyOptions, type OrderInput, type OrderResult, type PhoneOutcome, type PhoneReportInput, type ProfileResult, type ProfileRiskResult, type RUMEvent, type RUMEventBatch, type RUMEventType, type RUMLogLevel, type RiskLevel, Simplr, SimplrAI, SimplrAdmin, type SimplrAdminOptions, SimplrError, SimplrFlags, type SimplrOptions, SimplrProfiles, SimplrRUM, type SimplrRUMConfig, type ValidationResult, WebhookVerificationError, constructEvent as constructWebhookEvent, Simplr as default, verify as verifyWebhook };