@sylphx/sdk 0.3.1 → 0.3.3

package/dist/server/index.js

@@ -36,8 +36,10 @@ __export(server_exports, {
   createServerClient: () => createServerClient,
   createStreams: () => createStreams,
   createWebhookHandler: () => createWebhookHandler,
+  decodeUserId: () => decodeUserId,
   detectEnvironment: () => detectEnvironment,
   detectKeyType: () => detectKeyType,
+  encodeUserId: () => encodeUserId,
   getAI: () => getAI,
   getAppConfig: () => getAppConfig,
   getAppMetadata: () => getAppMetadata,
@@ -71,7 +73,7 @@ __export(server_exports, {
 });
 module.exports = __toCommonJS(server_exports);
 
-// ../../node_modules/jose/dist/webapi/lib/buffer_utils.js
+// node_modules/jose/dist/webapi/lib/buffer_utils.js
 var encoder = new TextEncoder();
 var decoder = new TextDecoder();
 var MAX_INT32 = 2 ** 32;
@@ -97,7 +99,7 @@ function encode(string) {
   return bytes;
 }
 
-// ../../node_modules/jose/dist/webapi/lib/base64.js
+// node_modules/jose/dist/webapi/lib/base64.js
 function decodeBase64(encoded) {
   if (Uint8Array.fromBase64) {
     return Uint8Array.fromBase64(encoded);
@@ -110,7 +112,7 @@ function decodeBase64(encoded) {
   return bytes;
 }
 
-// ../../node_modules/jose/dist/webapi/util/base64url.js
+// node_modules/jose/dist/webapi/util/base64url.js
 function decode(input) {
   if (Uint8Array.fromBase64) {
     return Uint8Array.fromBase64(typeof input === "string" ? input : decoder.decode(input), {
@@ -129,7 +131,7 @@ function decode(input) {
   }
 }
 
-// ../../node_modules/jose/dist/webapi/util/errors.js
+// node_modules/jose/dist/webapi/util/errors.js
 var JOSEError = class extends Error {
   static code = "ERR_JOSE_GENERIC";
   code = "ERR_JOSE_GENERIC";
@@ -189,7 +191,7 @@ var JWSSignatureVerificationFailed = class extends JOSEError {
   }
 };
 
-// ../../node_modules/jose/dist/webapi/lib/crypto_key.js
+// node_modules/jose/dist/webapi/lib/crypto_key.js
 var unusable = (name, prop = "algorithm.name") => new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
 var isAlgorithm = (algorithm, name) => algorithm.name === name;
 function getHashLength(hash) {
@@ -277,7 +279,7 @@ function checkSigCryptoKey(key, alg, usage) {
   checkUsage(key, usage);
 }
 
-// ../../node_modules/jose/dist/webapi/lib/invalid_key_input.js
+// node_modules/jose/dist/webapi/lib/invalid_key_input.js
 function message(msg, actual, ...types) {
   types = types.filter(Boolean);
   if (types.length > 2) {
@@ -302,7 +304,7 @@ function message(msg, actual, ...types) {
 var invalidKeyInput = (actual, ...types) => message("Key must be ", actual, ...types);
 var withAlg = (alg, actual, ...types) => message(`Key for the ${alg} algorithm must be `, actual, ...types);
 
-// ../../node_modules/jose/dist/webapi/lib/is_key_like.js
+// node_modules/jose/dist/webapi/lib/is_key_like.js
 var isCryptoKey = (key) => {
   if (key?.[Symbol.toStringTag] === "CryptoKey")
     return true;
@@ -315,7 +317,7 @@ var isCryptoKey = (key) => {
 var isKeyObject = (key) => key?.[Symbol.toStringTag] === "KeyObject";
 var isKeyLike = (key) => isCryptoKey(key) || isKeyObject(key);
 
-// ../../node_modules/jose/dist/webapi/lib/is_disjoint.js
+// node_modules/jose/dist/webapi/lib/is_disjoint.js
 function isDisjoint(...headers) {
   const sources = headers.filter(Boolean);
   if (sources.length === 0 || sources.length === 1) {
@@ -338,7 +340,7 @@ function isDisjoint(...headers) {
   return true;
 }
 
-// ../../node_modules/jose/dist/webapi/lib/is_object.js
+// node_modules/jose/dist/webapi/lib/is_object.js
 var isObjectLike = (value) => typeof value === "object" && value !== null;
 function isObject(input) {
   if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") {
@@ -354,7 +356,7 @@ function isObject(input) {
   return Object.getPrototypeOf(input) === proto;
 }
 
-// ../../node_modules/jose/dist/webapi/lib/check_key_length.js
+// node_modules/jose/dist/webapi/lib/check_key_length.js
 function checkKeyLength(alg, key) {
   if (alg.startsWith("RS") || alg.startsWith("PS")) {
     const { modulusLength } = key.algorithm;
@@ -364,7 +366,7 @@ function checkKeyLength(alg, key) {
   }
 }
 
-// ../../node_modules/jose/dist/webapi/lib/jwk_to_key.js
+// node_modules/jose/dist/webapi/lib/jwk_to_key.js
 function subtleMapping(jwk) {
   let algorithm;
   let keyUsages;
@@ -474,7 +476,7 @@ async function jwkToKey(jwk) {
   return crypto.subtle.importKey("jwk", keyData, algorithm, jwk.ext ?? (jwk.d || jwk.priv ? false : true), jwk.key_ops ?? keyUsages);
 }
 
-// ../../node_modules/jose/dist/webapi/key/import.js
+// node_modules/jose/dist/webapi/key/import.js
 async function importJWK(jwk, alg, options) {
   if (!isObject(jwk)) {
     throw new TypeError("JWK must be an object");
@@ -510,7 +512,7 @@ async function importJWK(jwk, alg, options) {
   }
 }
 
-// ../../node_modules/jose/dist/webapi/lib/validate_crit.js
+// node_modules/jose/dist/webapi/lib/validate_crit.js
 function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
   if (joseHeader.crit !== void 0 && protectedHeader?.crit === void 0) {
     throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected');
@@ -541,7 +543,7 @@ function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader,
   return new Set(protectedHeader.crit);
 }
 
-// ../../node_modules/jose/dist/webapi/lib/validate_algorithms.js
+// node_modules/jose/dist/webapi/lib/validate_algorithms.js
 function validateAlgorithms(option, algorithms) {
   if (algorithms !== void 0 && (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== "string"))) {
     throw new TypeError(`"${option}" option must be an array of strings`);
@@ -552,13 +554,13 @@ function validateAlgorithms(option, algorithms) {
   return new Set(algorithms);
 }
 
-// ../../node_modules/jose/dist/webapi/lib/is_jwk.js
+// node_modules/jose/dist/webapi/lib/is_jwk.js
 var isJWK = (key) => isObject(key) && typeof key.kty === "string";
 var isPrivateJWK = (key) => key.kty !== "oct" && (key.kty === "AKP" && typeof key.priv === "string" || typeof key.d === "string");
 var isPublicJWK = (key) => key.kty !== "oct" && key.d === void 0 && key.priv === void 0;
 var isSecretJWK = (key) => key.kty === "oct" && typeof key.k === "string";
 
-// ../../node_modules/jose/dist/webapi/lib/normalize_key.js
+// node_modules/jose/dist/webapi/lib/normalize_key.js
 var cache;
 var handleJWK = async (key, jwk, alg, freeze = false) => {
   cache ||= /* @__PURE__ */ new WeakMap();
@@ -729,7 +731,7 @@ async function normalizeKey(key, alg) {
   throw new Error("unreachable");
 }
 
-// ../../node_modules/jose/dist/webapi/lib/check_key_type.js
+// node_modules/jose/dist/webapi/lib/check_key_type.js
 var tag = (key) => key?.[Symbol.toStringTag];
 var jwkMatchesOp = (alg, key, usage) => {
   if (key.use !== void 0) {
@@ -849,7 +851,7 @@ function checkKeyType(alg, key, usage) {
   }
 }
 
-// ../../node_modules/jose/dist/webapi/lib/subtle_dsa.js
+// node_modules/jose/dist/webapi/lib/subtle_dsa.js
 function subtleAlgorithm(alg, algorithm) {
   const hash = `SHA-${alg.slice(-3)}`;
   switch (alg) {
@@ -881,7 +883,7 @@ function subtleAlgorithm(alg, algorithm) {
   }
 }
 
-// ../../node_modules/jose/dist/webapi/lib/get_sign_verify_key.js
+// node_modules/jose/dist/webapi/lib/get_sign_verify_key.js
 async function getSigKey(alg, key, usage) {
   if (key instanceof Uint8Array) {
     if (!alg.startsWith("HS")) {
@@ -893,7 +895,7 @@ async function getSigKey(alg, key, usage) {
   return key;
 }
 
-// ../../node_modules/jose/dist/webapi/lib/verify.js
+// node_modules/jose/dist/webapi/lib/verify.js
 async function verify(alg, key, signature, data) {
   const cryptoKey = await getSigKey(alg, key, "verify");
   checkKeyLength(alg, cryptoKey);
@@ -905,7 +907,7 @@ async function verify(alg, key, signature, data) {
   }
 }
 
-// ../../node_modules/jose/dist/webapi/jws/flattened/verify.js
+// node_modules/jose/dist/webapi/jws/flattened/verify.js
 async function flattenedVerify(jws, key, options) {
   if (!isObject(jws)) {
     throw new JWSInvalid("Flattened JWS must be an object");
@@ -1007,7 +1009,7 @@ async function flattenedVerify(jws, key, options) {
   return result;
 }
 
-// ../../node_modules/jose/dist/webapi/jws/compact/verify.js
+// node_modules/jose/dist/webapi/jws/compact/verify.js
 async function compactVerify(jws, key, options) {
   if (jws instanceof Uint8Array) {
     jws = decoder.decode(jws);
@@ -1027,7 +1029,7 @@ async function compactVerify(jws, key, options) {
   return result;
 }
 
-// ../../node_modules/jose/dist/webapi/lib/jwt_claims_set.js
+// node_modules/jose/dist/webapi/lib/jwt_claims_set.js
 var epoch = (date) => Math.floor(date.getTime() / 1e3);
 var minute = 60;
 var hour = minute * 60;
@@ -1184,7 +1186,7 @@ function validateClaimsSet(protectedHeader, encodedPayload, options = {}) {
   return payload;
 }
 
-// ../../node_modules/jose/dist/webapi/jwt/verify.js
+// node_modules/jose/dist/webapi/jwt/verify.js
 async function jwtVerify(jwt, key, options) {
   const verified = await compactVerify(jwt, key, options);
   if (verified.protectedHeader.crit?.includes("b64") && verified.protectedHeader.b64 === false) {
@@ -1199,17 +1201,12 @@ async function jwtVerify(jwt, key, options) {
 }
 
 // src/constants.ts
-var DEFAULT_PLATFORM_URL = "https://sylphx.com";
-var ENV_PLATFORM_URL = "SYLPHX_PLATFORM_URL";
-var ENV_PLATFORM_URL_LEGACY = "SYLPHX_URL";
 var ENV_SECRET_KEY = "SYLPHX_SECRET_KEY";
-function resolvePlatformUrl(explicit) {
-  return (explicit || process.env[ENV_PLATFORM_URL] || process.env[ENV_PLATFORM_URL_LEGACY] || DEFAULT_PLATFORM_URL).trim();
-}
 function resolveSecretKey(explicit) {
   return explicit || process.env[ENV_SECRET_KEY];
 }
-var SDK_API_PATH = `/api/v1`;
+var SDK_API_PATH = `/v1`;
+var DEFAULT_SDK_API_HOST = "api.sylphx.com";
 var SDK_VERSION = "0.1.0";
 var SDK_PLATFORM = typeof window !== "undefined" ? "browser" : typeof process !== "undefined" && process.versions?.node ? "node" : "unknown";
 var DEFAULT_TIMEOUT_MS = 3e4;
@@ -1932,7 +1929,7 @@ function createRetryMiddleware(retryConfig) {
 function validateClientConfig(config) {
   return {
     secretKey: validateAndSanitizeSecretKey(config.secretKey),
-    baseUrl: (config.platformUrl || DEFAULT_PLATFORM_URL).trim()
+    baseUrl: (config.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim()
   };
 }
 function createRestClient(config) {
@@ -1983,9 +1980,44 @@ function createDynamicRestClient(config) {
   return client;
 }
 
+// src/lib/ids.ts
+var B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+var B58_MAP = Object.fromEntries([...B58].map((c, i) => [c, i]));
+function encodeUserId(uuid) {
+  const hex = uuid.replace(/-/g, "");
+  if (hex.length !== 32)
+    throw new Error("Invalid UUID: expected 32 hex chars after stripping dashes");
+  let n = BigInt("0x" + hex);
+  let r = "";
+  while (n > 0n) {
+    r = B58[Number(n % 58n)] + r;
+    n /= 58n;
+  }
+  return `user_${r}`;
+}
+function decodeUserId(prefixedId) {
+  if (!prefixedId.startsWith("user_")) return null;
+  const enc = prefixedId.slice(5);
+  if (!enc) return null;
+  let n = 0n;
+  for (const c of enc) {
+    const i = B58_MAP[c] ?? -1;
+    if (i === -1) return null;
+    n = n * 58n + BigInt(i);
+  }
+  const hex = n.toString(16).padStart(32, "0");
+  return [
+    hex.slice(0, 8),
+    hex.slice(8, 12),
+    hex.slice(12, 16),
+    hex.slice(16, 20),
+    hex.slice(20)
+  ].join("-");
+}
+
 // src/server/ai.ts
 function createAI(options = {}) {
-  const baseURL = (options.platformUrl || process.env.SYLPHX_PLATFORM_URL || DEFAULT_PLATFORM_URL).trim();
+  const baseURL = (options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim();
   const rawApiKey = options.secretKey || process.env.SYLPHX_SECRET_KEY;
   const apiKey = validateAndSanitizeSecretKey(rawApiKey);
   const headers = {
@@ -2078,7 +2110,7 @@ function getAI() {
 
 // src/server/kv.ts
 function createKv(options = {}) {
-  const platformUrl = resolvePlatformUrl(options.platformUrl);
+  const platformUrl = (options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim();
   const secretKey = validateAndSanitizeSecretKey(resolveSecretKey(options.secretKey));
   const headers = {
     "Content-Type": "application/json",
@@ -2267,7 +2299,7 @@ function getKv() {
 
 // src/server/streams.ts
 function createStreams(options = {}) {
-  const baseURL = (options.platformUrl || process.env.SYLPHX_PLATFORM_URL || DEFAULT_PLATFORM_URL).trim();
+  const baseURL = (options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim();
   const rawApiKey = options.secretKey || process.env.SYLPHX_SECRET_KEY;
   const apiKey = validateAndSanitizeSecretKey(rawApiKey);
   const headers = {
@@ -2350,7 +2382,7 @@ var jwksCache = null;
 function resetJwksCache() {
   jwksCache = null;
 }
-async function getJwks(platformUrl = DEFAULT_PLATFORM_URL) {
+async function getJwks(platformUrl = `https://${DEFAULT_SDK_API_HOST}`) {
   const now = Date.now();
   if (jwksCache && jwksCache.expiresAt > now) {
     return jwksCache.keys;
@@ -2371,7 +2403,7 @@ async function getJwks(platformUrl = DEFAULT_PLATFORM_URL) {
   return data.keys;
 }
 async function verifyAccessToken(token, options) {
-  const platformUrl = options.platformUrl || DEFAULT_PLATFORM_URL;
+  const platformUrl = options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`;
   const keys = await getJwks(platformUrl);
   if (!keys.length) {
     throw new Error("No keys in JWKS");
@@ -2388,6 +2420,7 @@ async function verifyAccessToken(token, options) {
       }
       return {
         sub: payload.sub,
+        pid: payload.pid,
         email: payload.email,
         name: payload.name,
         picture: payload.picture,
@@ -2544,7 +2577,7 @@ function sanitizeOptions(options) {
   return {
     ...options,
     secretKey: validateAndSanitizeSecretKey(options.secretKey),
-    platformUrl: (options.platformUrl ?? DEFAULT_PLATFORM_URL).trim()
+    platformUrl: (options.platformUrl ?? `https://${DEFAULT_SDK_API_HOST}`).trim()
   };
 }
 function sdkHeaders(secretKey) {
@@ -2559,7 +2592,7 @@ async function getOAuthProvidersWithInfo(options) {
   return data.providers || [];
 }
 async function fetchOAuthProviders(options) {
-  const baseURL = (options.platformUrl ?? DEFAULT_PLATFORM_URL).trim();
+  const baseURL = (options.platformUrl ?? `https://${DEFAULT_SDK_API_HOST}`).trim();
   const appId = validateAndSanitizeAppId(options.appId);
   return cachedFetch({
     url: `${baseURL}/api/auth/providers`,
@@ -2569,7 +2602,7 @@ async function fetchOAuthProviders(options) {
   });
 }
 async function getPlans(options) {
-  const { secretKey, platformUrl = DEFAULT_PLATFORM_URL } = sanitizeOptions(options);
+  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
   return cachedFetch({
     url: `${platformUrl}${SDK_API_PATH}/billing/plans`,
     headers: sdkHeaders(secretKey),
@@ -2578,7 +2611,7 @@ async function getPlans(options) {
   });
 }
 async function getConsentTypes(options) {
-  const { secretKey, platformUrl = DEFAULT_PLATFORM_URL } = sanitizeOptions(options);
+  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
   return cachedFetch({
     url: `${platformUrl}${SDK_API_PATH}/consent/types`,
     headers: sdkHeaders(secretKey),
@@ -2587,7 +2620,7 @@ async function getConsentTypes(options) {
   });
 }
 async function getFeatureFlags(options) {
-  const { secretKey, platformUrl = DEFAULT_PLATFORM_URL } = sanitizeOptions(options);
+  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
   return cachedFetch({
     url: `${platformUrl}${SDK_API_PATH}/flags`,
     headers: sdkHeaders(secretKey),
@@ -2596,7 +2629,7 @@ async function getFeatureFlags(options) {
   });
 }
 async function getAppMetadata(options) {
-  const { secretKey, platformUrl = DEFAULT_PLATFORM_URL } = sanitizeOptions(options);
+  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
   return cachedFetch({
     url: `${platformUrl}${SDK_API_PATH}/app`,
     headers: sdkHeaders(secretKey),
@@ -2625,7 +2658,7 @@ async function getAppConfig(options) {
 async function getReferralLeaderboard(options) {
   const {
     secretKey,
-    platformUrl = DEFAULT_PLATFORM_URL,
+    platformUrl = `https://${DEFAULT_SDK_API_HOST}`,
     limit = 10,
     period = "all"
   } = sanitizeOptions(options);
@@ -2643,7 +2676,7 @@ async function getEngagementLeaderboard(options) {
   const {
     secretKey,
     leaderboardId,
-    platformUrl = DEFAULT_PLATFORM_URL,
+    platformUrl = `https://${DEFAULT_SDK_API_HOST}`,
     limit = 10
   } = sanitizeOptions(options);
   const url = new URL(
@@ -2664,7 +2697,7 @@ async function getEngagementLeaderboard(options) {
   });
 }
 async function getDatabaseConnection(options) {
-  const { secretKey, platformUrl = DEFAULT_PLATFORM_URL } = sanitizeOptions(options);
+  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
   try {
     const response = await fetch(`${platformUrl}${SDK_API_PATH}/database/connection-string`, {
       headers: sdkHeaders(secretKey),
@@ -2689,7 +2722,7 @@ async function getDatabaseConnection(options) {
   }
 }
 async function getDatabaseStatus(options) {
-  const { secretKey, platformUrl = DEFAULT_PLATFORM_URL } = sanitizeOptions(options);
+  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
   return cachedFetch({
     url: `${platformUrl}${SDK_API_PATH}/database/status`,
     headers: sdkHeaders(secretKey),
@@ -2710,8 +2743,10 @@ async function getDatabaseStatus(options) {
   createServerClient,
   createStreams,
   createWebhookHandler,
+  decodeUserId,
   detectEnvironment,
   detectKeyType,
+  encodeUserId,
   getAI,
   getAppConfig,
   getAppMetadata,