@sylphx/sdk 0.3.3 → 0.3.5

package/dist/index.mjs

@@ -330,6 +330,7 @@ function exponentialBackoff(attempt, baseDelay = BASE_RETRY_DELAY_MS, maxDelay =
 }
 
 // src/key-validation.ts
+var PUBLIC_KEY_PATTERN = /^pk_(dev|stg|prod)_[a-z0-9]{12}_[a-f0-9]{32}$/;
 var APP_ID_PATTERN = /^app_(dev|stg|prod)_[a-z0-9_-]+$/;
 var SECRET_KEY_PATTERN = /^sk_(dev|stg|prod)_[a-z0-9_-]+$/;
 var ENV_PREFIX_MAP = {
@@ -420,6 +421,9 @@ function validateKeyForType(key, keyType, pattern, envVarName) {
     issues: [...issues, "invalid-format"]
   };
 }
+function validatePublicKey(key) {
+  return validateKeyForType(key, "publicKey", PUBLIC_KEY_PATTERN, "NEXT_PUBLIC_SYLPHX_KEY");
+}
 function validateAppId(key) {
   return validateKeyForType(key, "appId", APP_ID_PATTERN, "NEXT_PUBLIC_SYLPHX_APP_ID");
 }
@@ -438,12 +442,16 @@ function validateAndSanitizeSecretKey(key) {
 }
 function detectKeyType(key) {
   const sanitized = key.trim().toLowerCase();
+  if (sanitized.startsWith("pk_")) return "publicKey";
   if (sanitized.startsWith("app_")) return "appId";
   if (sanitized.startsWith("sk_")) return "secret";
   return null;
 }
 function validateKey(key) {
   const keyType = key ? detectKeyType(key) : null;
+  if (keyType === "publicKey") {
+    return validatePublicKey(key);
+  }
   if (keyType === "appId") {
     return validateAppId(key);
   }
@@ -453,12 +461,63 @@ function validateKey(key) {
   return {
     valid: false,
     sanitizedKey: "",
-    error: key ? `Invalid key format. Keys must start with 'app_' (App ID) or 'sk_' (Secret Key), followed by environment (dev/stg/prod) and identifier. Got: ${key.slice(0, 20)}...` : "API key is required but was not provided.",
+    error: key ? `Invalid key format. Keys must start with 'pk_' (publishable), 'app_' (legacy), or 'sk_' (secret), followed by environment (dev/stg/prod). Got: ${key.slice(0, 20)}...` : "API key is required but was not provided.",
     issues: key ? ["invalid_format"] : ["missing"]
   };
 }
 
 // src/config.ts
+function parseKey(key) {
+  const sanitized = key.trim().toLowerCase();
+  if (sanitized.startsWith("app_")) {
+    throw new SylphxError(
+      "[Sylphx] API key format has changed (ADR-021). Keys now embed the project ref.\n\nOld format: app_prod_xxx\nNew format: pk_prod_{ref}_xxx\n\nPlease regenerate your API keys from the Sylphx Console \u2192 Your App \u2192 Environments.\nOr contact support@sylphx.com for assistance.",
+      { code: "BAD_REQUEST" }
+    );
+  }
+  const prefix = sanitized.startsWith("pk_") ? "pk" : sanitized.startsWith("sk_") ? "sk" : null;
+  if (!prefix) {
+    throw new SylphxError(
+      `[Sylphx] Invalid key format. Keys must start with 'pk_' (publishable) or 'sk_' (secret). Got: "${sanitized.slice(0, 15)}..."`,
+      { code: "BAD_REQUEST" }
+    );
+  }
+  const parts = sanitized.split("_");
+  if (parts.length !== 4) {
+    throw new SylphxError(
+      `[Sylphx] Invalid key structure. Expected format: ${prefix}_{env}_{ref}_{token} (4 segments separated by '_'). Got ${parts.length} segment(s).`,
+      { code: "BAD_REQUEST" }
+    );
+  }
+  const [, env, ref, token] = parts;
+  if (env !== "prod" && env !== "dev" && env !== "stg") {
+    throw new SylphxError(
+      `[Sylphx] Invalid key environment "${env}". Must be 'prod', 'dev', or 'stg'.`,
+      { code: "BAD_REQUEST" }
+    );
+  }
+  if (!/^[a-z0-9]{12}$/.test(ref)) {
+    throw new SylphxError(
+      `[Sylphx] Invalid project ref in key: "${ref}". Must be a 12-character lowercase alphanumeric string.`,
+      { code: "BAD_REQUEST" }
+    );
+  }
+  const expectedTokenLen = prefix === "pk" ? 32 : 64;
+  if (token.length !== expectedTokenLen || !/^[a-f0-9]+$/.test(token)) {
+    throw new SylphxError(
+      `[Sylphx] Invalid key token. ${prefix === "pk" ? "Publishable" : "Secret"} keys must have a ${expectedTokenLen}-char hex token.`,
+      { code: "BAD_REQUEST" }
+    );
+  }
+  return {
+    type: prefix,
+    env,
+    ref,
+    token,
+    isPublic: prefix === "pk",
+    baseUrl: `https://${ref}.${DEFAULT_SDK_API_HOST}${SDK_API_PATH}`
+  };
+}
 function httpStatusToErrorCode(status) {
   switch (status) {
     case 400:
@@ -491,33 +550,60 @@ function httpStatusToErrorCode(status) {
       return status >= 500 ? "INTERNAL_SERVER_ERROR" : "BAD_REQUEST";
   }
 }
-var REF_PATTERN = /^[a-z0-9]{16}$/;
+var REF_PATTERN = /^[a-z0-9]{12}$/;
 function createConfig(input) {
+  const keyForParsing = input.secretKey || input.publicKey;
+  if (!keyForParsing) {
+    if (input.ref) {
+      const trimmedRef = input.ref.trim();
+      if (!REF_PATTERN.test(trimmedRef)) {
+        throw new SylphxError(
+          `[Sylphx] Invalid project ref format: "${input.ref}". Expected a 12-character lowercase alphanumeric string (e.g. "abc123def456"). Get your ref from Platform Console \u2192 Projects \u2192 Your Project \u2192 Overview.`,
+          { code: "BAD_REQUEST" }
+        );
+      }
+      const baseUrl2 = `https://${trimmedRef}.${DEFAULT_SDK_API_HOST}${SDK_API_PATH}`;
+      console.warn(
+        "[Sylphx] Providing only ref without a key is deprecated. Provide secretKey or publicKey \u2014 the ref is now embedded in keys (ADR-021)."
+      );
+      return Object.freeze({ ref: trimmedRef, baseUrl: baseUrl2, accessToken: input.accessToken });
+    }
+    throw new SylphxError(
+      "[Sylphx] Either publicKey or secretKey must be provided to createConfig().",
+      { code: "BAD_REQUEST" }
+    );
+  }
+  const parsed = parseKey(keyForParsing);
+  const ref = parsed.ref;
+  const baseUrl = parsed.baseUrl;
   let secretKey;
   if (input.secretKey) {
     const result = validateKey(input.secretKey);
     if (!result.valid) {
-      throw new SylphxError(result.error || "Invalid API key", {
+      throw new SylphxError(result.error || "Invalid secret key", {
         code: "BAD_REQUEST",
         data: { issues: result.issues }
       });
     }
-    if (result.warning) {
-      console.warn(`[Sylphx] ${result.warning}`);
-    }
+    if (result.warning) console.warn(`[Sylphx] ${result.warning}`);
     secretKey = result.sanitizedKey;
   }
-  const trimmedRef = input.ref.trim();
-  if (!REF_PATTERN.test(trimmedRef)) {
-    throw new SylphxError(
-      `[Sylphx] Invalid project ref format: "${input.ref}". Expected a 16-character lowercase alphanumeric string (e.g. "abc123def456ghij"). Get your ref from Platform Console \u2192 Projects \u2192 Your Project \u2192 Overview.`,
-      { code: "BAD_REQUEST" }
-    );
+  let publicKey;
+  if (input.publicKey) {
+    const result = validateKey(input.publicKey);
+    if (!result.valid) {
+      throw new SylphxError(result.error || "Invalid public key", {
+        code: "BAD_REQUEST",
+        data: { issues: result.issues }
+      });
+    }
+    if (result.warning) console.warn(`[Sylphx] ${result.warning}`);
+    publicKey = result.sanitizedKey;
   }
-  const baseUrl = `https://${trimmedRef}.${DEFAULT_SDK_API_HOST}${SDK_API_PATH}`;
   return Object.freeze({
     secretKey,
-    ref: trimmedRef,
+    publicKey,
+    ref,
     baseUrl,
     accessToken: input.accessToken
   });
@@ -535,6 +621,8 @@ function buildHeaders(config) {
   };
   if (config.secretKey) {
     headers["x-app-secret"] = config.secretKey;
+  } else if (config.publicKey) {
+    headers["x-app-secret"] = config.publicKey;
   }
   if (config.accessToken) {
     headers.Authorization = `Bearer ${config.accessToken}`;
@@ -3575,6 +3663,7 @@ export {
   listTasks,
   listUsers,
   page,
+  parseKey,
   pauseCron,
   realtimeEmit,
   recordStreakActivity,