@squadbase/vite-server 0.1.12-dev.a9ac647 → 0.1.17-dev.3b633bb

package/dist/connectors/stripe-api-key.js

@@ -1,48 +1,60 @@
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+
 // ../connectors/src/parameter-definition.ts
-var ParameterDefinition = class {
-  slug;
-  name;
-  description;
-  envVarBaseKey;
-  type;
-  secret;
-  required;
-  constructor(config) {
-    this.slug = config.slug;
-    this.name = config.name;
-    this.description = config.description;
-    this.envVarBaseKey = config.envVarBaseKey;
-    this.type = config.type;
-    this.secret = config.secret;
-    this.required = config.required;
-  }
-  /**
-   * Get the parameter value from a ConnectorConnectionObject.
-   */
-  getValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) {
-      throw new Error(
-        `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
-      );
-    }
-    return param.value;
-  }
-  /**
-   * Try to get the parameter value. Returns undefined if not found (for optional params).
-   */
-  tryGetValue(connection2) {
-    const param = connection2.parameters.find(
-      (p) => p.parameterSlug === this.slug
-    );
-    if (!param || param.value == null) return void 0;
-    return param.value;
+var ParameterDefinition;
+var init_parameter_definition = __esm({
+  "../connectors/src/parameter-definition.ts"() {
+    "use strict";
+    ParameterDefinition = class {
+      slug;
+      name;
+      description;
+      envVarBaseKey;
+      type;
+      secret;
+      required;
+      constructor(config) {
+        this.slug = config.slug;
+        this.name = config.name;
+        this.description = config.description;
+        this.envVarBaseKey = config.envVarBaseKey;
+        this.type = config.type;
+        this.secret = config.secret;
+        this.required = config.required;
+      }
+      /**
+       * Get the parameter value from a ConnectorConnectionObject.
+       */
+      getValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) {
+          throw new Error(
+            `Parameter "${this.slug}" not found or has no value in connection "${connection2.id}"`
+          );
+        }
+        return param.value;
+      }
+      /**
+       * Try to get the parameter value. Returns undefined if not found (for optional params).
+       */
+      tryGetValue(connection2) {
+        const param = connection2.parameters.find(
+          (p) => p.parameterSlug === this.slug
+        );
+        if (!param || param.value == null) return void 0;
+        return param.value;
+      }
+    };
   }
-};
+});
 
 // ../connectors/src/connectors/stripe-api-key/parameters.ts
+init_parameter_definition();
 var parameters = {
   apiKey: new ParameterDefinition({
     slug: "api-key",
@@ -133,6 +145,28 @@ var ConnectorPlugin = class _ConnectorPlugin {
   tools;
   query;
   checkConnection;
+  /**
+   * SQPD-1212: Logic-based, rule-driven connection setup. Connectors that
+   * implement this expose a step-by-step exploration flow (database/schema/
+   * table/etc. discovery) that the dashboard backend drives via the
+   * `/connections/:connectionId/setup` endpoint. Implement by delegating to
+   * `runSetupFlow` from `setup-flow.ts`.
+   */
+  setup;
+  /**
+   * Opt-out of the default "verify before save" behavior on connection
+   * creation. The backend invokes `checkConnection` synchronously while
+   * creating the connection and aborts (no row inserted) if it fails — this
+   * flag disables that for connectors where the check cannot succeed pre-save:
+   *
+   *   - `squadbase-db` populates `connection-url` only after Neon provisioning
+   *   - OAuth connectors require an OAuth-aware proxyFetch keyed by the
+   *     connectionId, which doesn't exist until the row is saved
+   *
+   * Exceptions are the explicit position; new credential-input connectors get
+   * the default verify-on-create behavior without opt-in.
+   */
+  skipConnectionCheckOnCreate;
   constructor(config) {
     this.slug = config.slug;
     this.authType = config.authType;
@@ -149,6 +183,8 @@ var ConnectorPlugin = class _ConnectorPlugin {
     this.tools = config.tools;
     this.query = config.query;
     this.checkConnection = config.checkConnection;
+    this.setup = config.setup;
+    this.skipConnectionCheckOnCreate = config.skipConnectionCheckOnCreate;
   }
   get connectorKey() {
     return _ConnectorPlugin.deriveKey(this.slug, this.authType);
@@ -213,6 +249,71 @@ var ConnectorPlugin = class _ConnectorPlugin {
   }
 };
 
+// ../connectors/src/setup-flow.ts
+async function runSetupFlow(flow, params, ctx, config) {
+  const runtime = {
+    params,
+    language: ctx.language,
+    config
+  };
+  let state = flow.initialState();
+  let answerIdx = 0;
+  const pendingParameterUpdates = [];
+  for (const step of flow.steps) {
+    const ans = ctx.answers[answerIdx];
+    if (ans && ans.questionSlug === step.slug) {
+      state = step.applyAnswer(state, ans.answer);
+      if (step.toParameterUpdates) {
+        pendingParameterUpdates.push(...step.toParameterUpdates(state));
+      }
+      answerIdx += 1;
+      continue;
+    }
+    const resolvedAllowFreeText = step.allowFreeText !== void 0 ? step.allowFreeText : true;
+    if (step.type === "text") {
+      if (step.fetchOptions) {
+        const options2 = await step.fetchOptions(state, runtime);
+        if (options2.length === 0) {
+          continue;
+        }
+      }
+      return {
+        type: "nextQuestion",
+        questionSlug: step.slug,
+        question: step.question[ctx.language],
+        questionType: "text",
+        allowFreeText: resolvedAllowFreeText,
+        ...pendingParameterUpdates.length > 0 && {
+          parameterUpdates: pendingParameterUpdates
+        }
+      };
+    }
+    const options = step.fetchOptions ? await step.fetchOptions(state, runtime) : [];
+    if (options.length === 0) {
+      continue;
+    }
+    return {
+      type: "nextQuestion",
+      questionSlug: step.slug,
+      question: step.question[ctx.language],
+      questionType: step.type,
+      options,
+      allowFreeText: resolvedAllowFreeText,
+      ...pendingParameterUpdates.length > 0 && {
+        parameterUpdates: pendingParameterUpdates
+      }
+    };
+  }
+  const dataInvestigationResult = await flow.finalize(state, runtime);
+  return {
+    type: "fulfilled",
+    dataInvestigationResult,
+    ...pendingParameterUpdates.length > 0 && {
+      parameterUpdates: pendingParameterUpdates
+    }
+  };
+}
+
 // ../connectors/src/auth-types.ts
 var AUTH_TYPES = {
   OAUTH: "oauth",
@@ -352,6 +453,107 @@ var stripeApiKeyOnboarding = new ConnectorOnboarding({
   }
 });
 
+// ../connectors/src/connectors/stripe-api-key/utils.ts
+var BASE_URL3 = "https://api.stripe.com";
+async function apiFetch(params, path2, init) {
+  const apiKey = params[parameters.apiKey.slug];
+  if (!apiKey) {
+    throw new Error("stripe-api-key: missing required parameter: api-key");
+  }
+  const url = `${BASE_URL3}${path2.startsWith("/") ? "" : "/"}${path2}`;
+  const headers = new Headers(init?.headers);
+  headers.set("Authorization", `Bearer ${apiKey}`);
+  return fetch(url, { ...init, headers });
+}
+
+// ../connectors/src/connectors/stripe-api-key/setup-flow.ts
+var STRIPE_SETUP_MAX_ENTITIES = 10;
+var ENTITY_LABELS = {
+  customers: { en: "Customers", ja: "Customers (\u9867\u5BA2)" },
+  charges: { en: "Charges", ja: "Charges (\u652F\u6255\u3044)" },
+  invoices: { en: "Invoices", ja: "Invoices (\u8ACB\u6C42\u66F8)" },
+  subscriptions: {
+    en: "Subscriptions",
+    ja: "Subscriptions (\u30B5\u30D6\u30B9\u30AF\u30EA\u30D7\u30B7\u30E7\u30F3)"
+  },
+  products: { en: "Products", ja: "Products (\u5546\u54C1)" },
+  prices: { en: "Prices", ja: "Prices (\u4FA1\u683C)" },
+  payouts: { en: "Payouts", ja: "Payouts (\u652F\u6255\u3044)" },
+  refunds: { en: "Refunds", ja: "Refunds (\u8FD4\u91D1)" },
+  disputes: { en: "Disputes", ja: "Disputes (\u7570\u8B70)" },
+  paymentIntents: {
+    en: "Payment intents",
+    ja: "Payment intents (\u652F\u6255\u3044\u30A4\u30F3\u30C6\u30F3\u30C8)"
+  }
+};
+var ENTITY_PATHS = {
+  customers: "/v1/customers?limit=1",
+  charges: "/v1/charges?limit=1",
+  invoices: "/v1/invoices?limit=1",
+  subscriptions: "/v1/subscriptions?limit=1",
+  products: "/v1/products?limit=1",
+  prices: "/v1/prices?limit=1",
+  payouts: "/v1/payouts?limit=1",
+  refunds: "/v1/refunds?limit=1",
+  disputes: "/v1/disputes?limit=1",
+  paymentIntents: "/v1/payment_intents?limit=1"
+};
+var ENTITY_VALUES = Object.keys(ENTITY_PATHS);
+async function defaultFetchEntity(params, path2) {
+  return apiFetch(params, path2);
+}
+function createStripeSetupFlow(fetchEntity = defaultFetchEntity, labelPrefix = "Stripe") {
+  return {
+    initialState: () => ({}),
+    steps: [
+      {
+        slug: "entities",
+        type: "multiSelect",
+        question: {
+          ja: "\u5BFE\u8C61\u306E\u30A8\u30F3\u30C6\u30A3\u30C6\u30A3\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044\uFF08\u8907\u6570\u9078\u629E\u53EF\uFF09",
+          en: "Select target entities (multi-select allowed)"
+        },
+        async fetchOptions(_state, rt) {
+          return ENTITY_VALUES.map((value) => ({
+            value,
+            label: ENTITY_LABELS[value][rt.language]
+          }));
+        },
+        applyAnswer: (state, answer) => ({ ...state, entities: answer })
+      }
+    ],
+    async finalize(state, rt) {
+      if (!state.entities) {
+        throw new Error("Stripe setup: incomplete state on finalize");
+      }
+      const selected = state.entities.filter(
+        (e) => ENTITY_VALUES.includes(e)
+      ).slice(0, STRIPE_SETUP_MAX_ENTITIES);
+      const sections = [`## ${labelPrefix}`, ""];
+      for (const entity of selected) {
+        let count = "available";
+        const res = await fetchEntity(rt.params, ENTITY_PATHS[entity]);
+        if (res.ok) {
+          const data = await res.json();
+          if (Array.isArray(data.data) && data.data.length === 0) {
+            count = "0";
+          } else if (data.has_more === false) {
+            count = String(data.data?.length ?? 1);
+          } else if (Array.isArray(data.data)) {
+            count = "1+ (paginated)";
+          }
+        } else {
+          count = "unavailable";
+        }
+        sections.push(`### ${ENTITY_LABELS[entity].en}`, "");
+        sections.push(`Status: ${count}`, "");
+      }
+      return sections.join("\n");
+    }
+  };
+}
+var stripeApiKeySetupFlow = createStripeSetupFlow();
+
 // ../connectors/src/connectors/stripe-api-key/index.ts
 var tools = { request: requestTool };
 var stripeApiKeyConnector = new ConnectorPlugin({
@@ -469,6 +671,7 @@ const data = await res.json();
 \`\`\``
   },
   tools,
+  setup: (params, ctx, config) => runSetupFlow(stripeApiKeySetupFlow, params, ctx, config),
   async checkConnection(params) {
     try {
       const apiKey = params["api-key"];
@@ -525,6 +728,7 @@ function resolveEnvVarOptional(entry, key) {
 import { getContext } from "hono/context-storage";
 import { getCookie } from "hono/cookie";
 var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+var TABLEAU_SESSION_SENTINEL_URL = "squadbase://tableau-session/";
 function normalizeHeaders(input) {
   const out = {};
   if (!input) return out;
@@ -533,6 +737,11 @@ function normalizeHeaders(input) {
   });
   return out;
 }
+function extractInputUrl(input) {
+  if (typeof input === "string") return input;
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
 function createSandboxProxyFetch(connectionId) {
   return async (input, init) => {
     const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
@@ -542,10 +751,17 @@ function createSandboxProxyFetch(connectionId) {
         "Connection proxy is not configured. Please check your deployment settings."
       );
     }
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalUrl = extractInputUrl(input);
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      const sessionUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` }
+      });
+    }
     const originalMethod = init?.method ?? "GET";
     const originalBody = init?.body ? JSON.parse(init.body) : void 0;
-    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
     const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
     return fetch(proxyUrl, {
       method: "POST",
@@ -571,10 +787,9 @@ function createDeployedAppProxyFetch(connectionId) {
   }
   const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
   const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  const sessionUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
   return async (input, init) => {
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-    const originalMethod = init?.method ?? "GET";
-    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const originalUrl = extractInputUrl(input);
     const c = getContext();
     const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
     if (!appSession) {
@@ -582,6 +797,14 @@ function createDeployedAppProxyFetch(connectionId) {
         "No authentication method available for connection proxy."
       );
     }
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${appSession}` }
+      });
+    }
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
     return fetch(proxyUrl, {
       method: "POST",
       headers: {

package/dist/connectors/stripe-oauth.js

@@ -67,6 +67,28 @@ var ConnectorPlugin = class _ConnectorPlugin {
   tools;
   query;
   checkConnection;
+  /**
+   * SQPD-1212: Logic-based, rule-driven connection setup. Connectors that
+   * implement this expose a step-by-step exploration flow (database/schema/
+   * table/etc. discovery) that the dashboard backend drives via the
+   * `/connections/:connectionId/setup` endpoint. Implement by delegating to
+   * `runSetupFlow` from `setup-flow.ts`.
+   */
+  setup;
+  /**
+   * Opt-out of the default "verify before save" behavior on connection
+   * creation. The backend invokes `checkConnection` synchronously while
+   * creating the connection and aborts (no row inserted) if it fails — this
+   * flag disables that for connectors where the check cannot succeed pre-save:
+   *
+   *   - `squadbase-db` populates `connection-url` only after Neon provisioning
+   *   - OAuth connectors require an OAuth-aware proxyFetch keyed by the
+   *     connectionId, which doesn't exist until the row is saved
+   *
+   * Exceptions are the explicit position; new credential-input connectors get
+   * the default verify-on-create behavior without opt-in.
+   */
+  skipConnectionCheckOnCreate;
   constructor(config) {
     this.slug = config.slug;
     this.authType = config.authType;
@@ -83,6 +105,8 @@ var ConnectorPlugin = class _ConnectorPlugin {
     this.tools = config.tools;
     this.query = config.query;
     this.checkConnection = config.checkConnection;
+    this.setup = config.setup;
+    this.skipConnectionCheckOnCreate = config.skipConnectionCheckOnCreate;
   }
   get connectorKey() {
     return _ConnectorPlugin.deriveKey(this.slug, this.authType);
@@ -147,6 +171,71 @@ var ConnectorPlugin = class _ConnectorPlugin {
   }
 };
 
+// ../connectors/src/setup-flow.ts
+async function runSetupFlow(flow, params, ctx, config) {
+  const runtime = {
+    params,
+    language: ctx.language,
+    config
+  };
+  let state = flow.initialState();
+  let answerIdx = 0;
+  const pendingParameterUpdates = [];
+  for (const step of flow.steps) {
+    const ans = ctx.answers[answerIdx];
+    if (ans && ans.questionSlug === step.slug) {
+      state = step.applyAnswer(state, ans.answer);
+      if (step.toParameterUpdates) {
+        pendingParameterUpdates.push(...step.toParameterUpdates(state));
+      }
+      answerIdx += 1;
+      continue;
+    }
+    const resolvedAllowFreeText = step.allowFreeText !== void 0 ? step.allowFreeText : true;
+    if (step.type === "text") {
+      if (step.fetchOptions) {
+        const options2 = await step.fetchOptions(state, runtime);
+        if (options2.length === 0) {
+          continue;
+        }
+      }
+      return {
+        type: "nextQuestion",
+        questionSlug: step.slug,
+        question: step.question[ctx.language],
+        questionType: "text",
+        allowFreeText: resolvedAllowFreeText,
+        ...pendingParameterUpdates.length > 0 && {
+          parameterUpdates: pendingParameterUpdates
+        }
+      };
+    }
+    const options = step.fetchOptions ? await step.fetchOptions(state, runtime) : [];
+    if (options.length === 0) {
+      continue;
+    }
+    return {
+      type: "nextQuestion",
+      questionSlug: step.slug,
+      question: step.question[ctx.language],
+      questionType: step.type,
+      options,
+      allowFreeText: resolvedAllowFreeText,
+      ...pendingParameterUpdates.length > 0 && {
+        parameterUpdates: pendingParameterUpdates
+      }
+    };
+  }
+  const dataInvestigationResult = await flow.finalize(state, runtime);
+  return {
+    type: "fulfilled",
+    dataInvestigationResult,
+    ...pendingParameterUpdates.length > 0 && {
+      parameterUpdates: pendingParameterUpdates
+    }
+  };
+}
+
 // ../connectors/src/auth-types.ts
 var AUTH_TYPES = {
   OAUTH: "oauth",
@@ -310,11 +399,98 @@ var stripeOnboarding = new ConnectorOnboarding({
 // ../connectors/src/connectors/stripe-oauth/parameters.ts
 var parameters = {};
 
+// ../connectors/src/connectors/stripe-oauth/setup-flow.ts
+var BASE_URL3 = "https://api.stripe.com";
+var STRIPE_OAUTH_SETUP_MAX_ENTITIES = 10;
+var ENTITY_LABELS = {
+  customers: { en: "Customers", ja: "Customers (\u9867\u5BA2)" },
+  charges: { en: "Charges", ja: "Charges (\u652F\u6255\u3044)" },
+  invoices: { en: "Invoices", ja: "Invoices (\u8ACB\u6C42\u66F8)" },
+  subscriptions: {
+    en: "Subscriptions",
+    ja: "Subscriptions (\u30B5\u30D6\u30B9\u30AF\u30EA\u30D7\u30B7\u30E7\u30F3)"
+  },
+  products: { en: "Products", ja: "Products (\u5546\u54C1)" },
+  prices: { en: "Prices", ja: "Prices (\u4FA1\u683C)" },
+  payouts: { en: "Payouts", ja: "Payouts (\u652F\u6255\u3044)" },
+  refunds: { en: "Refunds", ja: "Refunds (\u8FD4\u91D1)" },
+  disputes: { en: "Disputes", ja: "Disputes (\u7570\u8B70)" },
+  paymentIntents: {
+    en: "Payment intents",
+    ja: "Payment intents (\u652F\u6255\u3044\u30A4\u30F3\u30C6\u30F3\u30C8)"
+  }
+};
+var ENTITY_PATHS = {
+  customers: "/v1/customers?limit=1",
+  charges: "/v1/charges?limit=1",
+  invoices: "/v1/invoices?limit=1",
+  subscriptions: "/v1/subscriptions?limit=1",
+  products: "/v1/products?limit=1",
+  prices: "/v1/prices?limit=1",
+  payouts: "/v1/payouts?limit=1",
+  refunds: "/v1/refunds?limit=1",
+  disputes: "/v1/disputes?limit=1",
+  paymentIntents: "/v1/payment_intents?limit=1"
+};
+var ENTITY_VALUES = Object.keys(ENTITY_PATHS);
+var stripeOauthSetupFlow = {
+  initialState: () => ({}),
+  steps: [
+    {
+      slug: "entities",
+      type: "multiSelect",
+      question: {
+        ja: "\u5BFE\u8C61\u306E\u30A8\u30F3\u30C6\u30A3\u30C6\u30A3\u3092\u9078\u3093\u3067\u304F\u3060\u3055\u3044\uFF08\u8907\u6570\u9078\u629E\u53EF\uFF09",
+        en: "Select target entities (multi-select allowed)"
+      },
+      async fetchOptions(_state, rt) {
+        return ENTITY_VALUES.map((value) => ({
+          value,
+          label: ENTITY_LABELS[value][rt.language]
+        }));
+      },
+      applyAnswer: (state, answer) => ({ ...state, entities: answer })
+    }
+  ],
+  async finalize(state, rt) {
+    if (!state.entities) {
+      throw new Error("Stripe setup: incomplete state on finalize");
+    }
+    const selected = state.entities.filter(
+      (e) => ENTITY_VALUES.includes(e)
+    ).slice(0, STRIPE_OAUTH_SETUP_MAX_ENTITIES);
+    const sections = ["## Stripe", ""];
+    for (const entity of selected) {
+      let count = "available";
+      const res = await rt.config.proxyFetch(
+        `${BASE_URL3}${ENTITY_PATHS[entity]}`,
+        { method: "GET" }
+      );
+      if (res.ok) {
+        const data = await res.json();
+        if (Array.isArray(data.data) && data.data.length === 0) {
+          count = "0";
+        } else if (data.has_more === false) {
+          count = String(data.data?.length ?? 1);
+        } else if (Array.isArray(data.data)) {
+          count = "1+ (paginated)";
+        }
+      } else {
+        count = "unavailable";
+      }
+      sections.push(`### ${ENTITY_LABELS[entity].en}`, "");
+      sections.push(`Status: ${count}`, "");
+    }
+    return sections.join("\n");
+  }
+};
+
 // ../connectors/src/connectors/stripe-oauth/index.ts
 var tools = { request: requestTool };
 var stripeOauthConnector = new ConnectorPlugin({
   slug: "stripe",
   authType: AUTH_TYPES.OAUTH,
+  skipConnectionCheckOnCreate: true,
   name: "Stripe",
   description: "Connect to Stripe for payment, customer, and subscription data using OAuth.",
   iconUrl: "https://images.ctfassets.net/9ncizv60xc5y/2QNK0u2doqp41uL0POS4Ks/7a92367e2388ec77c7f4ada143606f9a/stripe.jpeg",
@@ -431,6 +607,7 @@ const data = await res.json();
 \`\`\``
   },
   tools,
+  setup: (params, ctx, config) => runSetupFlow(stripeOauthSetupFlow, params, ctx, config),
   async checkConnection(_params, config) {
     const { proxyFetch } = config;
     try {
@@ -480,6 +657,7 @@ function resolveEnvVarOptional(entry, key) {
 import { getContext } from "hono/context-storage";
 import { getCookie } from "hono/cookie";
 var APP_SESSION_COOKIE_NAME = "__Host-squadbase-session";
+var TABLEAU_SESSION_SENTINEL_URL = "squadbase://tableau-session/";
 function normalizeHeaders(input) {
   const out = {};
   if (!input) return out;
@@ -488,6 +666,11 @@ function normalizeHeaders(input) {
   });
   return out;
 }
+function extractInputUrl(input) {
+  if (typeof input === "string") return input;
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
 function createSandboxProxyFetch(connectionId) {
   return async (input, init) => {
     const token = process.env.INTERNAL_SQUADBASE_OAUTH_MACHINE_CREDENTIAL;
@@ -497,10 +680,17 @@ function createSandboxProxyFetch(connectionId) {
         "Connection proxy is not configured. Please check your deployment settings."
       );
     }
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+    const originalUrl = extractInputUrl(input);
+    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      const sessionUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` }
+      });
+    }
     const originalMethod = init?.method ?? "GET";
     const originalBody = init?.body ? JSON.parse(init.body) : void 0;
-    const baseDomain = process.env["SQUADBASE_PREVIEW_BASE_DOMAIN"] ?? "preview.app.squadbase.dev";
     const proxyUrl = `https://${sandboxId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
     return fetch(proxyUrl, {
       method: "POST",
@@ -526,10 +716,9 @@ function createDeployedAppProxyFetch(connectionId) {
   }
   const baseDomain = process.env["SQUADBASE_APP_BASE_DOMAIN"] ?? "squadbase.app";
   const proxyUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/request`;
+  const sessionUrl = `https://${projectId}.${baseDomain}/_sqcore/connections/${connectionId}/tableau-session`;
   return async (input, init) => {
-    const originalUrl = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
-    const originalMethod = init?.method ?? "GET";
-    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
+    const originalUrl = extractInputUrl(input);
     const c = getContext();
     const appSession = getCookie(c, APP_SESSION_COOKIE_NAME);
     if (!appSession) {
@@ -537,6 +726,14 @@ function createDeployedAppProxyFetch(connectionId) {
         "No authentication method available for connection proxy."
       );
     }
+    if (originalUrl === TABLEAU_SESSION_SENTINEL_URL) {
+      return fetch(sessionUrl, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${appSession}` }
+      });
+    }
+    const originalMethod = init?.method ?? "GET";
+    const originalBody = init?.body ? JSON.parse(init.body) : void 0;
     return fetch(proxyUrl, {
       method: "POST",
       headers: {