@squadbase/vite-server 0.1.12-dev.93b8799 → 0.1.17-dev.24af54e

package/dist/connectors/grafana.js

@@ -1,48 +1,60 @@
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+
 // ../connectors/src/parameter-definition.ts
-var ParameterDefinition = class {
-  slug;
-  name;
-  description;
-  envVarBaseKey;
-  type;
-  secret;
-  required;
-  constructor(config) {
-    this.slug = config.slug;
-    this.name = config.name;
-    this.description = config.description;
-    this.envVarBaseKey = config.envVarBaseKey;
-    this.type = config.type;
-    this.secret = config.secret;
-    this.required = config.required;
-  }
-  /**
-   * Get the parameter value from a ConnectorConnectionObject.
-   */
-  getValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) {
-      throw new Error(
-        `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
-      );
-    }
-    return param.value;
-  }
-  /**
-   * Try to get the parameter value. Returns undefined if not found (for optional params).
-   */
-  tryGetValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) return void 0;
-    return param.value;
+var ParameterDefinition;
+var init_parameter_definition = __esm({
+  "../connectors/src/parameter-definition.ts"() {
+    "use strict";
+    ParameterDefinition = class {
+      slug;
+      name;
+      description;
+      envVarBaseKey;
+      type;
+      secret;
+      required;
+      constructor(config) {
+        this.slug = config.slug;
+        this.name = config.name;
+        this.description = config.description;
+        this.envVarBaseKey = config.envVarBaseKey;
+        this.type = config.type;
+        this.secret = config.secret;
+        this.required = config.required;
+      }
+      /**
+       * Get the parameter value from a ConnectorConnectionObject.
+       */
+      getValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) {
+          throw new Error(
+            `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
+          );
+        }
+        return param.value;
+      }
+      /**
+       * Try to get the parameter value. Returns undefined if not found (for optional params).
+       */
+      tryGetValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) return void 0;
+        return param.value;
+      }
+    };
   }
-};
+});
 
 // ../connectors/src/connectors/grafana/parameters.ts
+init_parameter_definition();
 var parameters = {
   url: new ParameterDefinition({
     slug: "url",
@@ -83,7 +95,7 @@ function createClient(params) {
     headers.set("Accept", "application/json");
     return fetch(url, { ...init, headers });
   }
-  async function listDatasources() {
+  async function listDatasources2() {
     const response = await request("/api/datasources");
     if (!response.ok) {
       const body = await response.text();
@@ -155,7 +167,7 @@ function createClient(params) {
   }
   return {
     request,
-    listDatasources,
+    listDatasources: listDatasources2,
     getDatasource,
     queryDatasource,
     searchDashboards,
@@ -230,6 +242,20 @@ var ConnectorPlugin = class _ConnectorPlugin {
    * `runSetupFlow` from `setup-flow.ts`.
    */
   setup;
+  /**
+   * Opt-out of the default "verify before save" behavior on connection
+   * creation. The backend invokes `checkConnection` synchronously while
+   * creating the connection and aborts (no row inserted) if it fails — this
+   * flag disables that for connectors where the check cannot succeed pre-save:
+   *
+   *   - `squadbase-db` populates `connection-url` only after Neon provisioning
+   *   - OAuth connectors require an OAuth-aware proxyFetch keyed by the
+   *     connectionId, which doesn't exist until the row is saved
+   *
+   * Exceptions are the explicit position; new credential-input connectors get
+   * the default verify-on-create behavior without opt-in.
+   */
+  skipConnectionCheckOnCreate;
   constructor(config) {
     this.slug = config.slug;
     this.authType = config.authType;
@@ -247,6 +273,7 @@ var ConnectorPlugin = class _ConnectorPlugin {
     this.query = config.query;
     this.checkConnection = config.checkConnection;
     this.setup = config.setup;
+    this.skipConnectionCheckOnCreate = config.skipConnectionCheckOnCreate;
   }
   get connectorKey() {
     return _ConnectorPlugin.deriveKey(this.slug, this.authType);
@@ -311,6 +338,51 @@ var ConnectorPlugin = class _ConnectorPlugin {
   }
 };
 
+// ../connectors/src/setup-flow.ts
+async function runSetupFlow(flow, params, ctx, config) {
+  const runtime = {
+    params,
+    language: ctx.language,
+    config
+  };
+  let state = flow.initialState();
+  let answerIdx = 0;
+  for (const step of flow.steps) {
+    const ans = ctx.answers[answerIdx];
+    if (ans && ans.questionSlug === step.slug) {
+      state = step.applyAnswer(state, ans.answer);
+      answerIdx += 1;
+      continue;
+    }
+    if (step.type === "text") {
+      return {
+        type: "nextQuestion",
+        questionSlug: step.slug,
+        question: step.question[ctx.language],
+        questionType: "text"
+      };
+    }
+    const options = step.fetchOptions ? await step.fetchOptions(state, runtime) : [];
+    if (options.length === 0) {
+      continue;
+    }
+    return {
+      type: "nextQuestion",
+      questionSlug: step.slug,
+      question: step.question[ctx.language],
+      questionType: step.type,
+      options
+    };
+  }
+  const dataInvestigationResult = await flow.finalize(state, runtime);
+  return { type: "fulfilled", dataInvestigationResult };
+}
+async function resolveSetupSelection(params) {
+  const { selected, allSentinel, fetchAll, limit } = params;
+  const resolved = selected.includes(allSentinel) ? await fetchAll() : selected.filter((v) => v !== allSentinel);
+  return resolved.slice(0, limit);
+}
+
 // ../connectors/src/auth-types.ts
 var AUTH_TYPES = {
   OAUTH: "oauth",
@@ -333,6 +405,129 @@ var grafanaOnboarding = new ConnectorOnboarding({
   }
 });
 
+// ../connectors/src/connectors/grafana/utils.ts
+async function apiFetch(params, path2, init) {
+  const apiKey = params[parameters.apiKey.slug];
+  const rawUrl = params[parameters.url.slug];
+  if (!apiKey || !rawUrl) {
+    throw new Error("grafana: missing required parameters: url and api-key");
+  }
+  const baseUrl = rawUrl.replace(/\/+$/, "");
+  const url = `${baseUrl}${path2.startsWith("/") ? path2 : `/${path2}`}`;
+  const headers = new Headers(init?.headers);
+  headers.set("Authorization", `Bearer ${apiKey}`);
+  if (!headers.has("Accept")) headers.set("Accept", "application/json");
+  return fetch(url, { ...init, headers });
+}
+
+// ../connectors/src/connectors/grafana/setup-flow.ts
+var ALL_DATASOURCES = "__ALL_DATASOURCES__";
+var GRAFANA_SETUP_MAX_DATASOURCES = 10;
+async function listOrgs(params) {
+  try {
+    const res = await apiFetch(params, "/api/orgs");
+    if (res.ok) {
+      const data = await res.json();
+      if (Array.isArray(data)) return data;
+    }
+  } catch {
+  }
+  try {
+    const res = await apiFetch(params, "/api/org");
+    if (!res.ok) return [];
+    const data = await res.json();
+    if (data && typeof data.id === "number" && typeof data.name === "string") {
+      return [data];
+    }
+  } catch {
+  }
+  return [];
+}
+async function listDatasources(params) {
+  const res = await apiFetch(params, "/api/datasources");
+  if (!res.ok) {
+    const body = await res.text().catch(() => res.statusText);
+    throw new Error(`grafana: listDatasources failed (${res.status}): ${body}`);
+  }
+  const data = await res.json();
+  return data ?? [];
+}
+var grafanaSetupFlow = {
+  initialState: () => ({}),
+  steps: [
+    {
+      slug: "organization",
+      type: "select",
+      question: {
+        ja: "\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u306B\u4F7F\u3046\u7D44\u7E54\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044",
+        en: "Select the organization to use for setup"
+      },
+      async fetchOptions(_state, rt) {
+        const orgs = await listOrgs(rt.params);
+        return orgs.map((o) => ({ value: String(o.id), label: o.name }));
+      },
+      applyAnswer: (state, answer) => ({ ...state, organization: answer[0] })
+    },
+    {
+      slug: "datasources",
+      type: "multiSelect",
+      question: {
+        ja: "\u5BFE\u8C61\u30C7\u30FC\u30BF\u30BD\u30FC\u30B9\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044\uFF08\u8907\u6570\u9078\u629E\u53EF\uFF09",
+        en: "Select target datasources (multi-select allowed)"
+      },
+      async fetchOptions(_state, rt) {
+        const datasources = await listDatasources(rt.params);
+        const opts = datasources.filter((d) => d.uid && d.name).map((d) => ({
+          value: d.uid,
+          label: `${d.name} (${d.type})`
+        }));
+        if (opts.length === 0) return [];
+        return [
+          {
+            value: ALL_DATASOURCES,
+            label: rt.language === "ja" ? "\u3059\u3079\u3066\u306E\u30C7\u30FC\u30BF\u30BD\u30FC\u30B9" : "All datasources"
+          },
+          ...opts
+        ];
+      },
+      applyAnswer: (state, answer) => ({ ...state, datasources: answer })
+    }
+  ],
+  async finalize(state, rt) {
+    if (!state.datasources) {
+      throw new Error("Grafana setup: incomplete state on finalize");
+    }
+    const datasources = await listDatasources(rt.params);
+    const byUid = new Map(datasources.map((d) => [d.uid, d]));
+    const targetUids = await resolveSetupSelection({
+      selected: state.datasources,
+      allSentinel: ALL_DATASOURCES,
+      fetchAll: async () => datasources.map((d) => d.uid).filter((u) => u),
+      limit: GRAFANA_SETUP_MAX_DATASOURCES
+    });
+    const sections = ["## Grafana", ""];
+    if (state.organization) {
+      sections.push(`### Organization: ${state.organization}`, "");
+    }
+    for (const uid of targetUids) {
+      const ds = byUid.get(uid);
+      if (!ds) {
+        sections.push(`#### Datasource: ${uid}`, "", "_Not found._", "");
+        continue;
+      }
+      sections.push(`#### Datasource: ${ds.name}`, "");
+      sections.push("| Field | Value |");
+      sections.push("|-------|-------|");
+      sections.push(`| UID | ${ds.uid} |`);
+      sections.push(`| Type | ${ds.type} |`);
+      sections.push(`| URL | ${ds.url ?? "-"} |`);
+      sections.push(`| Default | ${ds.isDefault ? "yes" : "no"} |`);
+      sections.push("");
+    }
+    return sections.join("\n");
+  }
+};
+
 // ../connectors/src/connectors/grafana/tools/request.ts
 import { z } from "zod";
 var REQUEST_TIMEOUT_MS = 6e4;
@@ -545,7 +740,41 @@ export default async function handler(c: Context) {
 - \`GET /api/org\` \u2014 \u73FE\u5728\u306E\u7D44\u7E54\u3092\u53D6\u5F97
 - \`GET /api/health\` \u2014 \u30D8\u30EB\u30B9\u30C1\u30A7\u30C3\u30AF`
   },
-  tools
+  tools,
+  setup: (params, ctx, config) => runSetupFlow(grafanaSetupFlow, params, ctx, config),
+  async checkConnection(params, _config) {
+    const apiKey = params[parameters.apiKey.slug];
+    const rawUrl = params[parameters.url.slug];
+    if (!apiKey || !rawUrl) {
+      return {
+        success: false,
+        error: "Missing required parameters: url and api-key"
+      };
+    }
+    const baseUrl = rawUrl.replace(/\/+$/, "");
+    try {
+      const res = await fetch(`${baseUrl}/api/org`, {
+        method: "GET",
+        headers: {
+          Authorization: `Bearer ${apiKey}`,
+          Accept: "application/json"
+        }
+      });
+      if (!res.ok) {
+        const errorText = await res.text().catch(() => res.statusText);
+        return {
+          success: false,
+          error: `Grafana API failed: HTTP ${res.status} ${errorText}`
+        };
+      }
+      return { success: true };
+    } catch (error) {
+      return {
+        success: false,
+        error: error instanceof Error ? error.message : String(error)
+      };
+    }
+  }
 });
 
 // src/connectors/create-connector-sdk.ts
@@ -574,6 +803,7 @@ function resolveEnvVarOptional(entry, key) {
 import { getContext } from "hono/context-storage";
 import { getCookie } from "hono/cookie";
 var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+var TABLEAU_SESSION_SENTINEL_URL = "squadbase://tableau-session/";
 function normalizeHeaders(input) {
   const out = {};
   if (!input) return out;
@@ -582,6 +812,11 @@ function normalizeHeaders(input) {
   });
   return out;
 }
+function extractInputUrl(input) {
+  if (typeof input === "string") return input;
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
 function createSandboxProxyFetch(connectionId) {
   return async (input, init) => {
     const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
@@ -591,10 +826,17 @@ function createSandboxProxyFetch(connectionId) {
         "Connection proxy is not configured. Please check your deployment settings."
       );
     }
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalUrl = extractInputUrl(input);
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      const sessionUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` }
+      });
+    }
     const originalMethod = init?.method ?? "GET";
     const originalBody = init?.body ? JSON.parse(init.body) : void 0;
-    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
     const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
     return fetch(proxyUrl, {
       method: "POST",
@@ -620,10 +862,9 @@ function createDeployedAppProxyFetch(connectionId) {
   }
   const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
   const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  const sessionUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
   return async (input, init) => {
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-    const originalMethod = init?.method ?? "GET";
-    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const originalUrl = extractInputUrl(input);
     const c = getContext();
     const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
     if (!appSession) {
@@ -631,6 +872,14 @@ function createDeployedAppProxyFetch(connectionId) {
         "No authentication method available for connection proxy."
       );
     }
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${appSession}` }
+      });
+    }
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
     return fetch(proxyUrl, {
       method: "POST",
       headers: {

package/dist/connectors/hubspot-oauth.js

@@ -75,6 +75,20 @@ var ConnectorPlugin = class _ConnectorPlugin {
    * `runSetupFlow` from `setup-flow.ts`.
    */
   setup;
+  /**
+   * Opt-out of the default "verify before save" behavior on connection
+   * creation. The backend invokes `checkConnection` synchronously while
+   * creating the connection and aborts (no row inserted) if it fails — this
+   * flag disables that for connectors where the check cannot succeed pre-save:
+   *
+   *   - `squadbase-db` populates `connection-url` only after Neon provisioning
+   *   - OAuth connectors require an OAuth-aware proxyFetch keyed by the
+   *     connectionId, which doesn't exist until the row is saved
+   *
+   * Exceptions are the explicit position; new credential-input connectors get
+   * the default verify-on-create behavior without opt-in.
+   */
+  skipConnectionCheckOnCreate;
   constructor(config) {
     this.slug = config.slug;
     this.authType = config.authType;
@@ -92,6 +106,7 @@ var ConnectorPlugin = class _ConnectorPlugin {
     this.query = config.query;
     this.checkConnection = config.checkConnection;
     this.setup = config.setup;
+    this.skipConnectionCheckOnCreate = config.skipConnectionCheckOnCreate;
   }
   get connectorKey() {
     return _ConnectorPlugin.deriveKey(this.slug, this.authType);
@@ -156,6 +171,51 @@ var ConnectorPlugin = class _ConnectorPlugin {
   }
 };
 
+// ../connectors/src/setup-flow.ts
+async function runSetupFlow(flow, params, ctx, config) {
+  const runtime = {
+    params,
+    language: ctx.language,
+    config
+  };
+  let state = flow.initialState();
+  let answerIdx = 0;
+  for (const step of flow.steps) {
+    const ans = ctx.answers[answerIdx];
+    if (ans && ans.questionSlug === step.slug) {
+      state = step.applyAnswer(state, ans.answer);
+      answerIdx += 1;
+      continue;
+    }
+    if (step.type === "text") {
+      return {
+        type: "nextQuestion",
+        questionSlug: step.slug,
+        question: step.question[ctx.language],
+        questionType: "text"
+      };
+    }
+    const options = step.fetchOptions ? await step.fetchOptions(state, runtime) : [];
+    if (options.length === 0) {
+      continue;
+    }
+    return {
+      type: "nextQuestion",
+      questionSlug: step.slug,
+      question: step.question[ctx.language],
+      questionType: step.type,
+      options
+    };
+  }
+  const dataInvestigationResult = await flow.finalize(state, runtime);
+  return { type: "fulfilled", dataInvestigationResult };
+}
+async function resolveSetupSelection(params) {
+  const { selected, allSentinel, fetchAll, limit } = params;
+  const resolved = selected.includes(allSentinel) ? await fetchAll() : selected.filter((v) => v !== allSentinel);
+  return resolved.slice(0, limit);
+}
+
 // ../connectors/src/auth-types.ts
 var AUTH_TYPES = {
   OAUTH: "oauth",
@@ -316,6 +376,93 @@ var hubspotOnboarding = new ConnectorOnboarding({
   }
 });
 
+// ../connectors/src/connectors/hubspot-oauth/utils.ts
+var BASE_URL3 = "https://api.hubapi.com";
+function apiFetch(proxyFetch, path2, init) {
+  const url = `${BASE_URL3}${path2.startsWith("/") ? "" : "/"}${path2}`;
+  return proxyFetch(url, init);
+}
+
+// ../connectors/src/connectors/hubspot-oauth/setup-flow.ts
+var HUBSPOT_SETUP_MAX_OBJECT_TYPES = 10;
+var HUBSPOT_SETUP_MAX_PROPERTIES = 50;
+var HUBSPOT_OBJECT_TYPES = [
+  { value: "contacts", label: "Contacts" },
+  { value: "companies", label: "Companies" },
+  { value: "deals", label: "Deals" },
+  { value: "tickets", label: "Tickets" },
+  { value: "products", label: "Products" },
+  { value: "notes", label: "Notes" },
+  { value: "calls", label: "Calls" },
+  { value: "emails", label: "Emails" },
+  { value: "meetings", label: "Meetings" },
+  { value: "tasks", label: "Tasks" }
+];
+async function listProperties(proxyFetch, objectType) {
+  const res = await apiFetch(proxyFetch, `/crm/v3/properties/${objectType}`);
+  if (!res.ok) {
+    const body = await res.text().catch(() => res.statusText);
+    throw new Error(
+      `hubspot-oauth: listProperties(${objectType}) failed (${res.status}): ${body}`
+    );
+  }
+  const data = await res.json();
+  return data.results ?? [];
+}
+var hubspotOauthSetupFlow = {
+  initialState: () => ({}),
+  steps: [
+    {
+      slug: "objectTypes",
+      type: "multiSelect",
+      question: {
+        ja: "\u30BB\u30C3\u30C8\u30A2\u30C3\u30D7\u3067\u6982\u89B3\u3057\u305F\u3044CRM\u30AA\u30D6\u30B8\u30A7\u30AF\u30C8\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044\uFF08\u8907\u6570\u9078\u629E\u53EF\uFF09",
+        en: "Select the CRM object types to include in setup (multi-select allowed)"
+      },
+      async fetchOptions(_state, _rt) {
+        return HUBSPOT_OBJECT_TYPES.map((o) => ({
+          value: o.value,
+          label: o.label
+        }));
+      },
+      applyAnswer: (state, answer) => ({ ...state, objectTypes: answer })
+    }
+  ],
+  async finalize(state, rt) {
+    if (!state.objectTypes) {
+      throw new Error("HubSpot setup: incomplete state on finalize");
+    }
+    const targetObjectTypes = await resolveSetupSelection({
+      selected: state.objectTypes,
+      allSentinel: "__ALL__",
+      fetchAll: async () => HUBSPOT_OBJECT_TYPES.map((o) => o.value),
+      limit: HUBSPOT_SETUP_MAX_OBJECT_TYPES
+    });
+    const sections = ["## HubSpot", ""];
+    for (const objectType of targetObjectTypes) {
+      sections.push(`### Object: ${objectType}`, "");
+      const props = await listProperties(rt.config.proxyFetch, objectType);
+      const limited = props.slice(0, HUBSPOT_SETUP_MAX_PROPERTIES);
+      sections.push("| Property | Type | Label |");
+      sections.push("|----------|------|-------|");
+      for (const p of limited) {
+        const name = (p.name ?? "").replace(/\|/g, "\\|");
+        const type = (p.type ?? "").replace(/\|/g, "\\|");
+        const label = (p.label ?? "").replace(/\|/g, "\\|");
+        sections.push(`| ${name} | ${type} | ${label || "-"} |`);
+      }
+      if (props.length > HUBSPOT_SETUP_MAX_PROPERTIES) {
+        sections.push(
+          "",
+          `_Showing first ${HUBSPOT_SETUP_MAX_PROPERTIES} of ${props.length} properties._`
+        );
+      }
+      sections.push("");
+    }
+    return sections.join("\n");
+  }
+};
+
 // ../connectors/src/connectors/hubspot-oauth/parameters.ts
 var parameters = {};
 
@@ -324,6 +471,7 @@ var tools = { request: requestTool };
 var hubspotOauthConnector = new ConnectorPlugin({
   slug: "hubspot",
   authType: AUTH_TYPES.OAUTH,
+  skipConnectionCheckOnCreate: true,
   name: "HubSpot",
   description: "Connect to HubSpot CRM for contacts, deals, companies, and marketing data using OAuth.",
   iconUrl: "https://images.ctfassets.net/9ncizv60xc5y/5UcSkKkzhUMA4RsM45ynuo/43b967e36915ca0fc5d277684b204320/hubspot.svg",
@@ -432,6 +580,7 @@ const data = await res.json();
 \`\`\``
   },
   tools,
+  setup: (params, ctx, config) => runSetupFlow(hubspotOauthSetupFlow, params, ctx, config),
   async checkConnection(_params, config) {
     const { proxyFetch } = config;
     try {
@@ -482,6 +631,7 @@ function resolveEnvVarOptional(entry, key) {
 import { getContext } from "hono/context-storage";
 import { getCookie } from "hono/cookie";
 var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+var TABLEAU_SESSION_SENTINEL_URL = "squadbase://tableau-session/";
 function normalizeHeaders(input) {
   const out = {};
   if (!input) return out;
@@ -490,6 +640,11 @@ function normalizeHeaders(input) {
   });
   return out;
 }
+function extractInputUrl(input) {
+  if (typeof input === "string") return input;
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
 function createSandboxProxyFetch(connectionId) {
   return async (input, init) => {
     const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
@@ -499,10 +654,17 @@ function createSandboxProxyFetch(connectionId) {
         "Connection proxy is not configured. Please check your deployment settings."
       );
     }
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalUrl = extractInputUrl(input);
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      const sessionUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` }
+      });
+    }
     const originalMethod = init?.method ?? "GET";
     const originalBody = init?.body ? JSON.parse(init.body) : void 0;
-    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
     const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
     return fetch(proxyUrl, {
       method: "POST",
@@ -528,10 +690,9 @@ function createDeployedAppProxyFetch(connectionId) {
   }
   const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
   const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  const sessionUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
   return async (input, init) => {
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-    const originalMethod = init?.method ?? "GET";
-    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const originalUrl = extractInputUrl(input);
     const c = getContext();
     const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
     if (!appSession) {
@@ -539,6 +700,14 @@ function createDeployedAppProxyFetch(connectionId) {
         "No authentication method available for connection proxy."
       );
     }
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${appSession}` }
+      });
+    }
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
     return fetch(proxyUrl, {
       method: "POST",
       headers: {