@superbuilders/primer-tives 2.0.0 → 2.2.1

package/dist/server/create-server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create-server.d.ts","sourceRoot":"","sources":["../../src/server/create-server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AACtE,OAAO,EACN,KAAK,YAAY,EACjB,KAAK,eAAe,EAGpB,MAAM,6CAA6C,CAAA;AAEpD,OAAO,EACN,KAAK,cAAc,EACnB,KAAK,oBAAoB,EAEzB,MAAM,0CAA0C,CAAA;AAGjD,UAAU,kBAAkB;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IACxC,QAAQ,CAAC,KAAK,CAAC,EAAE,eAAe,CAAA;IAChC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC7B;AAED,UAAU,YAAY;IACrB;;;;;;;;OAQG;IACH,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,CAAA;IAEhC;;;;;;OAMG;IACH,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAExF;;;;OAIG;IACH,6BAA6B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IAEvE;;;;OAIG;IACH,qCAAqC,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;CAClF;AAED,iBAAS,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,GAAG,YAAY,CAepE;AAED,YAAY,EAAE,YAAY,EAAE,kBAAkB,EAAE,CAAA;AAChD,OAAO,EAAE,kBAAkB,EAAE,CAAA"}
+{"version":3,"file":"create-server.d.ts","sourceRoot":"","sources":["../../src/server/create-server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AACtE,OAAO,EAAE,KAAK,aAAa,EAAY,MAAM,6CAA6C,CAAA;AAE1F,UAAU,kBAAkB;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,WAAW,CAAA;IAC9B,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IACxC,QAAQ,CAAC,KAAK,CAAC,EAAE,eAAe,CAAA;IAChC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC7B;AAED,UAAU,YAAY;IACrB,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;CAC/C;AAED,iBAAS,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,GAAG,YAAY,CAMpE;AAED,YAAY,EAAE,aAAa,EAAE,YAAY,EAAE,kBAAkB,EAAE,CAAA;AAC/D,OAAO,EAAE,kBAAkB,EAAE,CAAA"}

package/dist/server/exchange.d.ts

@@ -1,22 +1,16 @@
 import type { PrimerLogger } from "../logger";
-interface ExchangeConfig {
+interface TokenConfig {
     readonly origin: string;
     readonly secretKey: string;
+    readonly headers?: HeadersInit;
     readonly fetch?: typeof globalThis.fetch;
     readonly abort?: AbortController;
     readonly logger: PrimerLogger;
 }
-interface SessionToken {
-    readonly accessToken: string;
-    readonly expiresInSeconds: number;
-}
-interface TimebackSession {
-    readonly studentId: string;
-    readonly accessToken: string;
-    readonly expiresInSeconds: number;
-}
-declare function exchangeStudent(config: ExchangeConfig, studentId: string): Promise<SessionToken>;
-declare function exchangeTimebackStudent(config: ExchangeConfig, sourcedId: string): Promise<TimebackSession>;
-export type { ExchangeConfig, SessionToken, TimebackSession };
-export { exchangeStudent, exchangeTimebackStudent };
+type GetTokenInput = {
+    readonly verifiedEmail: string;
+};
+declare function getToken(config: TokenConfig, input: GetTokenInput): Promise<string>;
+export type { GetTokenInput, TokenConfig };
+export { getToken };
 //# sourceMappingURL=exchange.d.ts.map

package/dist/server/exchange.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"exchange.d.ts","sourceRoot":"","sources":["../../src/server/exchange.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AAKtE,UAAU,cAAc;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IACxC,QAAQ,CAAC,KAAK,CAAC,EAAE,eAAe,CAAA;IAChC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC7B;AAED,UAAU,YAAY;IACrB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAA;CACjC;AAED,UAAU,eAAe;IACxB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAC5B,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAA;CACjC;AA8OD,iBAAe,eAAe,CAAC,MAAM,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAmB/F;AAED,iBAAe,uBAAuB,CACrC,MAAM,EAAE,cAAc,EACtB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAmB1B;AAED,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,eAAe,EAAE,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,uBAAuB,EAAE,CAAA"}
+{"version":3,"file":"exchange.d.ts","sourceRoot":"","sources":["../../src/server/exchange.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAA;AAItE,UAAU,WAAW;IACpB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,WAAW,CAAA;IAC9B,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IACxC,QAAQ,CAAC,KAAK,CAAC,EAAE,eAAe,CAAA;IAChC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC7B;AAED,KAAK,aAAa,GAAG;IACpB,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAA;CAC9B,CAAA;AAsJD,iBAAe,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAuBlF;AAED,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,CAAA;AAC1C,OAAO,EAAE,QAAQ,EAAE,CAAA"}

package/dist/server/index.d.ts

@@ -1,5 +1,3 @@
 export { createPrimerServer } from "./create-server";
-export type { PrimerServer, PrimerServerConfig } from "./create-server";
-export type { SessionToken, TimebackSession } from "./exchange";
-export type { PlacementHints, PlacementHintsResult } from "./hints";
+export type { GetTokenInput, PrimerServer, PrimerServerConfig } from "./create-server";
 //# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,kDAAkD,CAAA;AACrF,YAAY,EACX,YAAY,EACZ,kBAAkB,EAClB,MAAM,kDAAkD,CAAA;AAEzD,YAAY,EACX,YAAY,EACZ,eAAe,EACf,MAAM,6CAA6C,CAAA;AAEpD,YAAY,EACX,cAAc,EACd,oBAAoB,EACpB,MAAM,0CAA0C,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,kDAAkD,CAAA;AACrF,YAAY,EACX,aAAa,EACb,YAAY,EACZ,kBAAkB,EAClB,MAAM,kDAAkD,CAAA"}

package/dist/server/index.js

@@ -3,6 +3,7 @@ import * as errors from "@superbuilders/errors";
 var ErrNetwork = errors.new("network");
 var ErrJsonParse = errors.new("json parse");
 var ErrUnsupportedPci = errors.new("unsupported pci");
+var ErrMissingRequiredPci = errors.new("missing required pci");
 var ErrInvalidAccessToken = errors.new("invalid access token");
 var ErrMalformedAccessToken = errors.new("malformed access token");
 var ErrTokenExpired = errors.new("access token expired");
@@ -12,124 +13,93 @@ var ErrTimeout = errors.new("timeout");
 var ErrForbidden = errors.new("forbidden");
 var ErrNotFound = errors.new("not found");
 var ErrConflict = errors.new("conflict");
-var ErrExternalAuthorityRequired = errors.new("external authority required");
 var ErrRateLimited = errors.new("rate limited");
 var ErrServiceUnavailable = errors.new("service unavailable");
 var ErrNotSerializable = errors.new("PrimerState is live in-memory state and must not be serialized or stored");
 var ErrInvalidSubmission = errors.new("invalid submission");
 var ErrInvalidSecretKey = errors.new("invalid secret key");
-var ErrStudentNotFound = errors.new("student not found");
-var ErrUnsupportedGrade = errors.new("unsupported grade");
-var ErrTimebackUnavailable = errors.new("timeback unavailable");
-var ErrNeedsHints = errors.new("student needs hints set before /advance");
 var ErrSdkUpgradeRequired = errors.new("sdk upgrade required");
-// src/grade-level.ts
-var GRADE_LEVELS = ["K", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12"];
 // src/server/exchange.ts
 import * as errors2 from "@superbuilders/errors";
-var STUDENT_EXCHANGE_PATH = "/api/v0/auth/exchange";
-var TIMEBACK_EXCHANGE_PATH = "/api/v0/auth/exchange/timeback";
+var TOKEN_PATH = "/api/v0/sessions";
+var MAX_LOGGED_BODY_CHARS = 2000;
 function isObjectRecord(value) {
   return typeof value === "object" && value !== null;
 }
-function isFiniteNumber(value) {
-  return typeof value === "number" && Number.isFinite(value);
-}
-function toExchangeErrorBody(data) {
+function toTokenErrorBody(data) {
   if (!isObjectRecord(data)) {
     return {};
   }
   return typeof data.error === "string" ? { error: data.error } : {};
 }
-function parseSessionTokenSuccessBody(data) {
-  if (!isObjectRecord(data)) {
-    return;
-  }
-  if (typeof data.access_token !== "string") {
-    return;
-  }
-  if (data.token_type !== "Bearer") {
-    return;
+function truncateBody(text) {
+  if (text.length <= MAX_LOGGED_BODY_CHARS) {
+    return text;
   }
-  if (!isFiniteNumber(data.expires_in)) {
+  return text.slice(0, MAX_LOGGED_BODY_CHARS);
+}
+function parseTokenSuccessBody(data) {
+  if (!isObjectRecord(data)) {
     return;
   }
-  if (typeof data.scope !== "string") {
+  if (typeof data.access_token !== "string" || data.token_type !== "Bearer") {
     return;
   }
   return {
     access_token: data.access_token,
-    token_type: data.token_type,
-    expires_in: data.expires_in,
-    scope: data.scope
-  };
-}
-function parseTimebackExchangeSuccessBody(data) {
-  const session = parseSessionTokenSuccessBody(data);
-  if (!session || !isObjectRecord(data) || typeof data.student_id !== "string") {
-    return;
-  }
-  return {
-    student_id: data.student_id,
-    access_token: session.access_token,
-    token_type: session.token_type,
-    expires_in: session.expires_in,
-    scope: session.scope
+    token_type: "Bearer"
   };
 }
 function isAbortError(err) {
   return err.name === "AbortError" || err.name === "TimeoutError";
 }
-function mapBadRequest(body) {
-  if (body.error === "unsupported_grade") {
-    return ErrUnsupportedGrade;
-  }
-  return ErrBadRequest;
-}
-function httpSentinel(status, body) {
+function httpSentinel(status) {
   if (status === 400) {
-    return mapBadRequest(body);
+    return ErrBadRequest;
   }
   if (status === 401) {
     return ErrInvalidSecretKey;
   }
-  if (status === 404) {
-    return ErrStudentNotFound;
-  }
-  if (status === 409) {
-    if (body.error === "external_authority_required") {
-      return ErrExternalAuthorityRequired;
-    }
-    return ErrConflict;
-  }
-  if (status === 502) {
-    return ErrTimebackUnavailable;
-  }
   return ErrServerError;
 }
 async function readErrorBody(res) {
-  const parsed = await res.json().then(function ok(data) {
-    return { ok: true, data };
-  }, function fail() {
-    return { ok: false };
+  const contentType = res.headers.get("content-type");
+  const textResult = await res.text().then(function ok(text) {
+    return { ok: true, text };
+  }, function fail(err) {
+    return { ok: false, error: err };
   });
-  if (!parsed.ok) {
-    return {};
+  if (!textResult.ok) {
+    return { contentType: contentType === null ? undefined : contentType };
+  }
+  const rawText = truncateBody(textResult.text);
+  const parsed = errors2.trySync(function parseJson() {
+    return JSON.parse(textResult.text);
+  });
+  if (parsed.error) {
+    return { rawText, contentType: contentType === null ? undefined : contentType };
   }
-  return toExchangeErrorBody(parsed.data);
+  const body = toTokenErrorBody(parsed.data);
+  return { ...body, rawText, contentType: contentType === null ? undefined : contentType };
 }
-async function sendExchangeRequest(config, path, body, logContext) {
+async function sendTokenRequest(config, input) {
   const logger = config.logger;
   const fetchFn = config.fetch ? config.fetch : globalThis.fetch;
   const signal = config.abort ? config.abort.signal : undefined;
-  const url = `${config.origin}${path}`;
+  const url = `${config.origin}${TOKEN_PATH}`;
+  const headers = new Headers(config.headers);
+  headers.set("Content-Type", "application/json");
+  headers.set("Authorization", `Bearer ${config.secretKey}`);
+  const hasProtectionBypass = headers.has("x-vercel-protection-bypass");
+  logger.debug("token request dispatch", {
+    url,
+    hasProtectionBypass,
+    hasAbortSignal: signal !== undefined
+  });
   const fetchResult = await fetchFn(url, {
     method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      Authorization: `Bearer ${config.secretKey}`
-    },
-    body: JSON.stringify(body),
+    headers,
+    body: JSON.stringify({ verified_email: input.verifiedEmail }),
     signal
   }).then(function ok(response) {
     return { ok: true, response };
@@ -138,15 +108,15 @@ async function sendExchangeRequest(config, path, body, logContext) {
   });
   if (!fetchResult.ok) {
     if (isAbortError(fetchResult.error)) {
-      logger.error("exchange timeout", { path, ...logContext });
+      logger.error("token request timeout");
       throw errors2.wrap(ErrTimeout, fetchResult.error.message);
     }
-    logger.error("exchange network error", { path, ...logContext, error: fetchResult.error });
+    logger.error("token request network error", { error: fetchResult.error });
     throw errors2.wrap(ErrNetwork, fetchResult.error.message);
   }
   return fetchResult.response;
 }
-async function parseSessionTokenSuccess(config, res, logContext) {
+async function parseToken(config, res) {
   const logger = config.logger;
   const jsonResult = await res.json().then(function ok(data) {
     return { ok: true, data };
@@ -154,360 +124,45 @@ async function parseSessionTokenSuccess(config, res, logContext) {
     return { ok: false, error: err };
   });
   if (!jsonResult.ok) {
-    logger.error("exchange json parse failed", { ...logContext, error: jsonResult.error });
+    logger.error("token response json parse failed", { error: jsonResult.error });
     throw errors2.wrap(ErrJsonParse, jsonResult.error.message);
   }
-  const body = parseSessionTokenSuccessBody(jsonResult.data);
-  if (!body) {
-    logger.error("exchange success body had invalid shape", {
-      ...logContext,
-      body: jsonResult.data
-    });
-    throw errors2.wrap(ErrJsonParse, "exchange success body had invalid shape");
+  const body = parseTokenSuccessBody(jsonResult.data);
+  if (body === undefined) {
+    logger.error("token response had invalid shape", { body: jsonResult.data });
+    throw errors2.wrap(ErrJsonParse, "token response had invalid shape");
   }
-  logger.debug("exchange success", {
-    ...logContext,
-    expiresIn: body.expires_in
-  });
-  return {
-    accessToken: body.access_token,
-    expiresInSeconds: body.expires_in
-  };
+  logger.debug("token request success");
+  return body.access_token;
 }
-async function parseTimebackSessionSuccess(config, res, sourcedId) {
+async function getToken(config, input) {
   const logger = config.logger;
-  const jsonResult = await res.json().then(function ok(data) {
-    return { ok: true, data };
-  }, function fail(err) {
-    return { ok: false, error: err };
+  logger.debug("token request", {
+    origin: config.origin,
+    verifiedEmail: input.verifiedEmail,
+    hasCustomHeaders: config.headers !== undefined
   });
-  if (!jsonResult.ok) {
-    logger.error("timeback exchange json parse failed", { sourcedId, error: jsonResult.error });
-    throw errors2.wrap(ErrJsonParse, jsonResult.error.message);
-  }
-  const body = parseTimebackExchangeSuccessBody(jsonResult.data);
-  if (!body) {
-    logger.error("timeback exchange success body had invalid shape", {
-      sourcedId,
-      body: jsonResult.data
-    });
-    throw errors2.wrap(ErrJsonParse, "timeback exchange success body had invalid shape");
-  }
-  logger.debug("timeback exchange success", {
-    sourcedId,
-    studentId: body.student_id,
-    expiresIn: body.expires_in
-  });
-  return {
-    studentId: body.student_id,
-    accessToken: body.access_token,
-    expiresInSeconds: body.expires_in
-  };
-}
-async function exchangeStudent(config, studentId) {
-  const logger = config.logger;
-  logger.debug("exchange student request", { studentId });
-  const res = await sendExchangeRequest(config, STUDENT_EXCHANGE_PATH, { student_id: studentId }, { studentId, exchangeKind: "student_id" });
+  const res = await sendTokenRequest(config, input);
   if (!res.ok) {
     const body = await readErrorBody(res);
-    const sentinel = httpSentinel(res.status, body);
-    const detail = body.error ? `${res.status} ${body.error}` : `${res.status}`;
-    logger.error("exchange student http error", { status: res.status, body, studentId });
-    throw errors2.wrap(sentinel, detail);
-  }
-  return parseSessionTokenSuccess(config, res, { studentId, exchangeKind: "student_id" });
-}
-async function exchangeTimebackStudent(config, sourcedId) {
-  const logger = config.logger;
-  logger.debug("exchange timeback student request", { sourcedId });
-  const res = await sendExchangeRequest(config, TIMEBACK_EXCHANGE_PATH, { sourced_id: sourcedId }, { sourcedId, exchangeKind: "timeback" });
-  if (!res.ok) {
-    const body = await readErrorBody(res);
-    const sentinel = httpSentinel(res.status, body);
-    const detail = body.error ? `${res.status} ${body.error}` : `${res.status}`;
-    logger.error("exchange timeback student http error", { status: res.status, body, sourcedId });
-    throw errors2.wrap(sentinel, detail);
-  }
-  return parseTimebackSessionSuccess(config, res, sourcedId);
-}
-
-// src/server/hints.ts
-import * as errors3 from "@superbuilders/errors";
-var STUDENTS_PATH = "/api/v0/students";
-function isObjectRecord2(value) {
-  return typeof value === "object" && value !== null;
-}
-function toHintsErrorBody(data) {
-  if (!isObjectRecord2(data)) {
-    return {};
-  }
-  return typeof data.error === "string" ? { error: data.error } : {};
-}
-function parseHintsSuccess(data) {
-  if (!isObjectRecord2(data)) {
-    return;
-  }
-  if (typeof data.student_id !== "string") {
-    return;
-  }
-  if (data.grade_level !== null && typeof data.grade_level !== "string") {
-    return;
-  }
-  return {
-    student_id: data.student_id,
-    grade_level: data.grade_level
-  };
-}
-function isAbortError2(err) {
-  return err.name === "AbortError" || err.name === "TimeoutError";
-}
-function httpSentinel2(status) {
-  if (status === 400) {
-    return ErrBadRequest;
-  }
-  if (status === 401) {
-    return ErrInvalidSecretKey;
-  }
-  if (status === 404) {
-    return ErrStudentNotFound;
-  }
-  return ErrServerError;
-}
-async function readErrorBody2(res) {
-  const parsed = await res.json().then(function ok(data) {
-    return { ok: true, data };
-  }, function fail() {
-    return { ok: false };
-  });
-  if (!parsed.ok) {
-    return {};
-  }
-  return toHintsErrorBody(parsed.data);
-}
-function buildRequestBody(hints) {
-  const body = {};
-  if (hints.gradeLevel !== undefined) {
-    body.grade_level = hints.gradeLevel;
-  }
-  return JSON.stringify(body);
-}
-async function sendSetHintsRequest(config, studentId, hints) {
-  const logger = config.logger;
-  const fetchFn = config.fetch ? config.fetch : globalThis.fetch;
-  const signal = config.abort ? config.abort.signal : undefined;
-  const url = `${config.origin}${STUDENTS_PATH}/${encodeURIComponent(studentId)}/hints`;
-  const fetchResult = await fetchFn(url, {
-    method: "PATCH",
-    headers: {
-      Authorization: `Bearer ${config.secretKey}`,
-      "Content-Type": "application/json"
-    },
-    body: buildRequestBody(hints),
-    signal
-  }).then(function ok(response) {
-    return { ok: true, response };
-  }, function fail(err) {
-    return { ok: false, error: err };
-  });
-  if (!fetchResult.ok) {
-    if (isAbortError2(fetchResult.error)) {
-      logger.error("set student hints timeout", { studentId });
-      throw errors3.wrap(ErrTimeout, fetchResult.error.message);
-    }
-    logger.error("set student hints network error", {
-      studentId,
-      error: fetchResult.error
-    });
-    throw errors3.wrap(ErrNetwork, fetchResult.error.message);
-  }
-  return fetchResult.response;
-}
-async function parseHintsSuccessResponse(config, res) {
-  const logger = config.logger;
-  const jsonResult = await res.json().then(function ok(data) {
-    return { ok: true, data };
-  }, function fail(err) {
-    return { ok: false, error: err };
-  });
-  if (!jsonResult.ok) {
-    logger.error("set hints response parse failed", { error: jsonResult.error });
-    throw errors3.wrap(ErrJsonParse, jsonResult.error.message);
-  }
-  const body = parseHintsSuccess(jsonResult.data);
-  if (!body) {
-    logger.error("set hints response had invalid shape", { body: jsonResult.data });
-    throw errors3.wrap(ErrJsonParse, "set hints success body had invalid shape");
-  }
-  logger.debug("set hints response success", {
-    studentId: body.student_id,
-    gradeLevel: body.grade_level
-  });
-  return {
-    studentId: body.student_id,
-    gradeLevel: coerceGradeLevel(body.grade_level)
-  };
-}
-function coerceGradeLevel(value) {
-  if (value === null) {
-    return null;
-  }
-  for (const g of GRADE_LEVELS) {
-    if (g === value) {
-      return g;
-    }
-  }
-  return null;
-}
-async function setStudentHints(config, studentId, hints) {
-  const logger = config.logger;
-  logger.debug("set student hints request", { studentId, hints });
-  const res = await sendSetHintsRequest(config, studentId, hints);
-  if (!res.ok) {
-    const body = await readErrorBody2(res);
-    const sentinel = httpSentinel2(res.status);
+    const sentinel = httpSentinel(res.status);
     const detail = body.error ? `${res.status} ${body.error}` : `${res.status}`;
-    logger.error("set student hints http error", {
-      studentId,
+    logger.error("token request http error", {
       status: res.status,
-      body
+      body,
+      origin: config.origin,
+      verifiedEmail: input.verifiedEmail
     });
-    throw errors3.wrap(sentinel, detail);
-  }
-  return parseHintsSuccessResponse(config, res);
-}
-
-// src/server/students.ts
-import * as errors4 from "@superbuilders/errors";
-var STUDENTS_PATH2 = "/api/v0/students";
-function isObjectRecord3(value) {
-  return typeof value === "object" && value !== null;
-}
-function toStudentsErrorBody(data) {
-  if (!isObjectRecord3(data)) {
-    return {};
-  }
-  return typeof data.error === "string" ? { error: data.error } : {};
-}
-function parseStudentIdSuccessBody(data) {
-  if (!isObjectRecord3(data)) {
-    return;
-  }
-  if (typeof data.student_id !== "string") {
-    return;
-  }
-  return { student_id: data.student_id };
-}
-function isAbortError3(err) {
-  return err.name === "AbortError" || err.name === "TimeoutError";
-}
-function httpSentinel3(status) {
-  if (status === 400) {
-    return ErrBadRequest;
-  }
-  if (status === 401) {
-    return ErrInvalidSecretKey;
-  }
-  if (status === 409) {
-    return ErrConflict;
-  }
-  return ErrServerError;
-}
-async function readErrorBody3(res) {
-  const parsed = await res.json().then(function ok(data) {
-    return { ok: true, data };
-  }, function fail() {
-    return { ok: false };
-  });
-  if (!parsed.ok) {
-    return {};
-  }
-  return toStudentsErrorBody(parsed.data);
-}
-async function sendCreateStudentRequest(config) {
-  const logger = config.logger;
-  const fetchFn = config.fetch ? config.fetch : globalThis.fetch;
-  const signal = config.abort ? config.abort.signal : undefined;
-  const url = `${config.origin}${STUDENTS_PATH2}`;
-  const fetchResult = await fetchFn(url, {
-    method: "POST",
-    headers: {
-      Authorization: `Bearer ${config.secretKey}`
-    },
-    signal
-  }).then(function ok(response) {
-    return { ok: true, response };
-  }, function fail(err) {
-    return { ok: false, error: err };
-  });
-  if (!fetchResult.ok) {
-    if (isAbortError3(fetchResult.error)) {
-      logger.error("students timeout", { path: STUDENTS_PATH2 });
-      throw errors4.wrap(ErrTimeout, fetchResult.error.message);
-    }
-    logger.error("students network error", {
-      path: STUDENTS_PATH2,
-      error: fetchResult.error
-    });
-    throw errors4.wrap(ErrNetwork, fetchResult.error.message);
-  }
-  return fetchResult.response;
-}
-async function parseStudentIdSuccess(config, res) {
-  const logger = config.logger;
-  const jsonResult = await res.json().then(function ok(data) {
-    return { ok: true, data };
-  }, function fail(err) {
-    return { ok: false, error: err };
-  });
-  if (!jsonResult.ok) {
-    logger.error("student id response parse failed", {
-      operation: "create student",
-      error: jsonResult.error
-    });
-    throw errors4.wrap(ErrJsonParse, jsonResult.error.message);
-  }
-  const body = parseStudentIdSuccessBody(jsonResult.data);
-  if (!body) {
-    logger.error("student id response had invalid shape", {
-      operation: "create student",
-      body: jsonResult.data
-    });
-    throw errors4.wrap(ErrJsonParse, "create student success body had invalid shape");
-  }
-  logger.debug("student id response success", {
-    operation: "create student",
-    studentId: body.student_id
-  });
-  return body.student_id;
-}
-async function createStudent(config) {
-  const logger = config.logger;
-  logger.debug("create student request");
-  const res = await sendCreateStudentRequest(config);
-  if (!res.ok) {
-    const body = await readErrorBody3(res);
-    const sentinel = httpSentinel3(res.status);
-    const detail = body.error ? `${res.status} ${body.error}` : `${res.status}`;
-    logger.error("create student http error", { status: res.status, body });
-    throw errors4.wrap(sentinel, detail);
+    throw errors2.wrap(sentinel, detail);
   }
-  return parseStudentIdSuccess(config, res);
+  return parseToken(config, res);
 }
 
 // src/server/create-server.ts
 function createPrimerServer(config) {
   return {
-    createStudent() {
-      return createStudent(config);
-    },
-    setStudentHints(studentId, hints) {
-      return setStudentHints(config, studentId, hints);
-    },
-    exchangeStudentForAccessToken(studentId) {
-      return exchangeStudent(config, studentId);
-    },
-    exchangeTimebackStudentForAccessToken(sourcedId) {
-      return exchangeTimebackStudent(config, sourcedId);
+    getToken(input) {
+      return getToken(config, input);
     }
   };
 }
@@ -515,4 +170,4 @@ export {
   createPrimerServer
 };
 
-//# debugId=ED126AFAB7F1033A64756E2164756E21
+//# debugId=33FD60F3187C394264756E2164756E21