@tailor-platform/sdk 0.10.2 → 0.10.4

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @tailor-platform/sdk
 
+## 0.10.4
+
+### Patch Changes
+
+- [#49](https://github.com/tailor-platform/sdk/pull/49) [`8fef369`](https://github.com/tailor-platform/sdk/commit/8fef369ab65ea34d85aef24a38ac3d0124626a41) Thanks [@remiposo](https://github.com/remiposo)! - Use Controlplane OAuth2 client for login/logout
+
+## 0.10.3
+
+### Patch Changes
+
+- [#40](https://github.com/tailor-platform/sdk/pull/40) [`314543f`](https://github.com/tailor-platform/sdk/commit/314543fc8edeefff944f024a52a89142646329b4) Thanks [@IzumiSy](https://github.com/IzumiSy)! - Export types that `db.type` function uses internally.
+
+  This enables users to bundle Tailor DB type definition as an independent package without using forced type assertion using `any`.
+
 ## 0.10.2
 
 ### Patch Changes

package/dist/cli/api.d.mts

@@ -1,6 +1,6 @@
 /// <reference path="./../plugin-generated.d.ts" />
 
-import { AppConfig, CodeGeneratorBase, Executor, Generator, Resolver, TailorDBTypeConfig } from "../types-Dyhfh5b6.mjs";
+import { AppConfig, CodeGeneratorBase, Executor, Generator, Resolver, TailorDBTypeConfig } from "../types-CCSNkBzX.mjs";
 import "citty";
 import "zod";
 import "@bufbuild/protobuf/wkt";

package/dist/cli/api.mjs

@@ -1,4 +1,4 @@
-import "../config-C5UYYrp1.mjs";
-import { apply, generate, generateUserTypes, loadConfig, machineUserList, machineUserToken, show, workspaceCreate, workspaceDelete, workspaceList } from "../token-B-1pOHj2.mjs";
+import { apply, generate, generateUserTypes, loadConfig, machineUserList, machineUserToken, show, workspaceCreate, workspaceDelete, workspaceList } from "../token-DIx5IQOi.mjs";
+import "../auth-Di3vQUrT.mjs";
 
 export { apply, generate, generateUserTypes, loadConfig, machineUserList, machineUserToken, show, workspaceCreate, workspaceDelete, workspaceList };

package/dist/cli/index.mjs

@@ -1,16 +1,16 @@
 #!/usr/bin/env node
-import "../config-C5UYYrp1.mjs";
-import { PATScope, applyCommand, commonArgs, createCommand, deleteCommand, fetchAll, fetchLatestToken, formatArgs, generateCommand, initOperatorClient, listCommand as listCommand$4, listCommand$1 as listCommand, loadAccessToken, loadConfig, loadConfigPath, loadWorkspaceId, parseFormat, printWithFormat, readPackageJson, readPlatformConfig, showCommand, tokenCommand, userAgent, withCommonArgs, writePlatformConfig } from "../token-B-1pOHj2.mjs";
+import { PATScope, applyCommand, commonArgs, createCommand, deleteCommand, fetchAll, fetchLatestToken, fetchUserInfo, formatArgs, generateCommand, initOAuth2Client, initOperatorClient, listCommand as listCommand$4, listCommand$1 as listCommand, loadAccessToken, loadConfig, loadConfigPath, loadWorkspaceId, parseFormat, printWithFormat, readPackageJson, readPlatformConfig, showCommand, tokenCommand, withCommonArgs, writePlatformConfig } from "../token-DIx5IQOi.mjs";
+import "../auth-Di3vQUrT.mjs";
 import { register } from "node:module";
 import { defineCommand, runCommand, runMain } from "citty";
 import { z } from "zod";
 import ml from "multiline-ts";
 import { consola } from "consola";
+import { generateCodeVerifier } from "@badgateway/oauth2-client";
 import chalk from "chalk";
 import { spawnSync } from "node:child_process";
 import * as crypto from "node:crypto";
 import * as http from "node:http";
-import isWsl from "is-wsl";
 import open from "open";
 
 //#region src/cli/init.ts
@@ -20,9 +20,9 @@ const detectPackageManager = () => {
 		"yarn",
 		"pnpm"
 	];
-	const userAgent$1 = process.env.npm_config_user_agent;
-	if (!userAgent$1) return;
-	const [name] = userAgent$1.split("/");
+	const userAgent = process.env.npm_config_user_agent;
+	if (!userAgent) return;
+	const [name] = userAgent.split("/");
 	if (!availablePMs.includes(name)) return;
 	return name;
 };
@@ -67,84 +67,32 @@ const initCommand = defineCommand({
 
 //#endregion
 //#region src/cli/login.ts
-const CALLBACK_PORT = 8085;
-const CALLBACK_URL = isWsl ? `http://localhost:${CALLBACK_PORT}/callback` : `http://tailorctl.tailor.tech:${CALLBACK_PORT}/callback`;
-const PLATFORM_AUTH_URL = "https://api.tailor.tech/auth/platform";
-const LOGIN_URL = PLATFORM_AUTH_URL + "/login";
-const TOKEN_URL = PLATFORM_AUTH_URL + "/token";
-const USER_INFO_URL = PLATFORM_AUTH_URL + "/userinfo";
-const randomState = () => {
+const redirectPort = 8085;
+const redirectUri = `http://localhost:${redirectPort}/callback`;
+function randomState() {
 	return crypto.randomBytes(32).toString("base64url");
-};
-const exchangeCode = async (code) => {
-	const body = new URLSearchParams();
-	body.append("code", code);
-	body.append("redirect_uri", CALLBACK_URL);
-	const resp = await fetch(TOKEN_URL, {
-		method: "POST",
-		headers: {
-			"User-Agent": await userAgent(),
-			"Content-Type": "application/x-www-form-urlencoded"
-		},
-		body
-	});
-	if (!resp.ok) throw new Error(`Failed to exchange code: ${resp.statusText}`);
-	const rawData = await resp.json();
-	return z.object({
-		access_token: z.string(),
-		refresh_token: z.string(),
-		expires_in: z.number()
-	}).parse(rawData);
-};
-const fetchUserInfo = async (accessToken) => {
-	const resp = await fetch(USER_INFO_URL, { headers: {
-		Authorization: `Bearer ${accessToken}`,
-		"User-Agent": await userAgent()
-	} });
-	if (!resp.ok) throw new Error(`Failed to fetch user info: ${resp.statusText}`);
-	const rawData = await resp.json();
-	return z.object({ email: z.string() }).parse(rawData);
-};
+}
 const startAuthServer = async () => {
+	const client = initOAuth2Client();
+	const state = randomState();
+	const codeVerifier = await generateCodeVerifier();
 	return new Promise((resolve, reject) => {
-		const state = randomState();
 		const server = http.createServer(async (req, res) => {
 			try {
-				if (!req.url?.startsWith("/callback")) {
-					res.writeHead(404);
-					const msg = "Invalid callback URL";
-					res.end(msg);
-					reject(msg);
-					return;
-				}
-				const url = new URL(req.url, `http://${req.headers.host}`);
-				const receivedState = url.searchParams.get("state");
-				const code = url.searchParams.get("code");
-				if (receivedState !== state) {
-					res.writeHead(400);
-					const msg = "Invalid state parameter";
-					res.end(msg);
-					reject(msg);
-					return;
-				}
-				if (!code) {
-					res.writeHead(400);
-					const msg = "Missing authorization code";
-					res.end(msg);
-					reject(msg);
-					return;
-				}
-				const tokens = await exchangeCode(code);
-				const userInfo = await fetchUserInfo(tokens.access_token);
-				const expiresAt = /* @__PURE__ */ new Date();
-				expiresAt.setSeconds(expiresAt.getSeconds() + tokens.expires_in);
+				if (!req.url?.startsWith("/callback")) throw new Error("Invalid callback URL");
+				const tokens = await client.authorizationCode.getTokenFromCodeRedirect(`http://${req.headers.host}${req.url}`, {
+					redirectUri,
+					state,
+					codeVerifier
+				});
+				const userInfo = await fetchUserInfo(tokens.accessToken);
 				const pfConfig = readPlatformConfig();
 				pfConfig.users = {
 					...pfConfig.users,
 					[userInfo.email]: {
-						access_token: tokens.access_token,
-						refresh_token: tokens.refresh_token,
-						token_expires_at: expiresAt.toISOString()
+						access_token: tokens.accessToken,
+						refresh_token: tokens.refreshToken,
+						token_expires_at: new Date(tokens.expiresAt).toISOString()
 					}
 				};
 				pfConfig.current_user = userInfo.email;
@@ -156,8 +104,8 @@ const startAuthServer = async () => {
 				}));
 				resolve();
 			} catch (error) {
-				res.writeHead(500);
-				res.end("Internal server error");
+				res.writeHead(401);
+				res.end("Authentication failed");
 				reject(error);
 			} finally {
 				server.close();
@@ -173,13 +121,15 @@ const startAuthServer = async () => {
 		server.on("error", (error) => {
 			reject(error);
 		});
-		server.listen(CALLBACK_PORT, async () => {
-			const loginUrl = new URL(LOGIN_URL);
-			loginUrl.searchParams.set("redirect_uri", CALLBACK_URL);
-			loginUrl.searchParams.set("state", state);
-			consola.info(`Opening browser for login:\n\n${loginUrl.href}\n`);
+		server.listen(redirectPort, async () => {
+			const authorizeUri = await client.authorizationCode.getAuthorizeUri({
+				redirectUri,
+				state,
+				codeVerifier
+			});
+			consola.info(`Opening browser for login:\n\n${authorizeUri}\n`);
 			try {
-				await open(loginUrl.href);
+				await open(authorizeUri);
 			} catch {
 				consola.warn("Failed to open browser automatically. Please open the URL above manually.");
 			}
@@ -200,7 +150,6 @@ const loginCommand = defineCommand({
 
 //#endregion
 //#region src/cli/logout.ts
-const LOGOUT_URL = PLATFORM_AUTH_URL + "/logout";
 const logoutCommand = defineCommand({
 	meta: {
 		name: "logout",
@@ -209,20 +158,16 @@ const logoutCommand = defineCommand({
 	args: commonArgs,
 	run: withCommonArgs(async () => {
 		const pfConfig = readPlatformConfig();
-		if (!pfConfig.current_user) {
-			consola.warn("You are not logged in.");
-			return;
-		}
-		const token = pfConfig.users[pfConfig.current_user]?.access_token;
-		if (!token) {
+		const tokens = pfConfig.current_user ? pfConfig.users[pfConfig.current_user] : void 0;
+		if (!tokens) {
 			consola.warn("You are not logged in.");
 			return;
 		}
-		const resp = await fetch(LOGOUT_URL, { headers: {
-			Authorization: `Bearer ${token}`,
-			"User-Agent": await userAgent()
-		} });
-		if (!resp.ok) throw new Error(`Failed to logout: ${resp.statusText}`);
+		initOAuth2Client().revoke({
+			accessToken: tokens.access_token,
+			refreshToken: tokens.refresh_token,
+			expiresAt: Date.parse(tokens.token_expires_at)
+		}, "refresh_token");
 		delete pfConfig.users[pfConfig.current_user];
 		pfConfig.current_user = null;
 		writePlatformConfig(pfConfig);

package/dist/configure/index.d.mts

@@ -1,5 +1,5 @@
 /// <reference path="./../plugin-generated.d.ts" />
 
-import { AuthConfig, AuthExternalConfig, AuthOwnConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, IDToken, IdPConfig, IdPExternalConfig, IdProviderConfig, OAuth2Client, OAuth2ClientGrantType, OIDC, PermissionCondition, QueryType, Resolver, ResolverExternalConfig, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, StaticWebsiteConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, unauthenticatedTailorUser } from "../types-Dyhfh5b6.mjs";
-import { FunctionOperation, GqlOperation, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, Operation, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, ResolverExecutedArgs, ResolverExecutedTrigger, ScheduleTrigger, Trigger, WebhookOperation, createExecutor, createResolver, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t } from "../index-DyBFt3bp.mjs";
-export { AuthConfig, AuthExternalConfig, AuthOwnConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, FunctionOperation, GqlOperation, IDToken, IdPConfig, IdPExternalConfig, IdProviderConfig, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, OAuth2Client, OAuth2ClientGrantType, OIDC, Operation, PermissionCondition, QueryType, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, Resolver, ResolverExecutedArgs, ResolverExecutedTrigger, ResolverExternalConfig, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, ScheduleTrigger, StaticWebsiteConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, Trigger, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, WebhookOperation, createExecutor, createResolver, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t, unauthenticatedTailorUser };
+import { AuthConfig, AuthExternalConfig, AuthOwnConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, IDToken, IdPConfig, IdPExternalConfig, IdProviderConfig, OAuth2Client, OAuth2ClientGrantType, OIDC, PermissionCondition, QueryType, Resolver, ResolverExternalConfig, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, StaticWebsiteConfig, TailorDBField, TailorDBInstance, TailorDBType, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, unauthenticatedTailorUser } from "../types-CCSNkBzX.mjs";
+import { FunctionOperation, GqlOperation, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, Operation, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, ResolverExecutedArgs, ResolverExecutedTrigger, ScheduleTrigger, Trigger, WebhookOperation, createExecutor, createResolver, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t } from "../index-DENkoB_m.mjs";
+export { AuthConfig, AuthExternalConfig, AuthOwnConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, FunctionOperation, GqlOperation, IDToken, IdPConfig, IdPExternalConfig, IdProviderConfig, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, OAuth2Client, OAuth2ClientGrantType, OIDC, Operation, PermissionCondition, QueryType, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, Resolver, ResolverExecutedArgs, ResolverExecutedTrigger, ResolverExternalConfig, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, ScheduleTrigger, StaticWebsiteConfig, TailorDBField, TailorDBInstance, TailorDBType, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, Trigger, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, WebhookOperation, createExecutor, createResolver, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t, unauthenticatedTailorUser };

package/dist/configure/index.mjs

@@ -1,4 +1,4 @@
-import { TailorField, db, defineAuth, defineConfig, defineGenerators, t as t$1, unauthenticatedTailorUser } from "../config-C5UYYrp1.mjs";
+import { TailorField, db, defineAuth, defineConfig, defineGenerators, t as t$1, unauthenticatedTailorUser } from "../auth-Di3vQUrT.mjs";
 
 //#region src/configure/services/resolver/resolver.ts
 function createResolver(config) {

package/dist/{index-DyBFt3bp.d.mts → index-DENkoB_m.d.mts}

@@ -1,6 +1,6 @@
 /// <reference path="./plugin-generated.d.ts" />
 
-import { AllowedValues, AllowedValuesOutput, ArrayFieldOutput, ExecutorInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, GqlOperation, IncomingWebhookTrigger as IncomingWebhookTrigger$1, InferFieldsOutput, RecordTrigger as RecordTrigger$1, ResolverExecutedTrigger as ResolverExecutedTrigger$1, ResolverInput, ScheduleTriggerInput, TailorDBType, TailorField, TailorUser, WebhookOperation, output as output$1 } from "./types-Dyhfh5b6.mjs";
+import { AllowedValues, AllowedValuesOutput, ArrayFieldOutput, ExecutorInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, GqlOperation, IncomingWebhookTrigger as IncomingWebhookTrigger$1, InferFieldsOutput, RecordTrigger as RecordTrigger$1, ResolverExecutedTrigger as ResolverExecutedTrigger$1, ResolverInput, ScheduleTriggerInput, TailorDBType, TailorField, TailorUser, WebhookOperation, output as output$1 } from "./types-CCSNkBzX.mjs";
 import { EmptyObject } from "type-fest";
 import { Client } from "@urql/core";
 import { StandardCRON } from "ts-cron-validator";

package/dist/{token-B-1pOHj2.mjs → token-DIx5IQOi.mjs}

@@ -1,4 +1,4 @@
-import { getDistDir, tailorUserMap } from "./config-C5UYYrp1.mjs";
+import { getDistDir, tailorUserMap } from "./auth-Di3vQUrT.mjs";
 import { createRequire } from "node:module";
 import { defineCommand } from "citty";
 import * as path from "node:path";
@@ -13,6 +13,7 @@ import ml from "multiline-ts";
 import { loadEnvFile } from "node:process";
 import { consola } from "consola";
 import { table } from "table";
+import { OAuth2Client } from "@badgateway/oauth2-client";
 import { MethodOptions_IdempotencyLevel, ValueSchema, file_google_protobuf_descriptor, file_google_protobuf_duration, file_google_protobuf_field_mask, file_google_protobuf_struct, file_google_protobuf_timestamp, timestampDate } from "@bufbuild/protobuf/wkt";
 import { Code, ConnectError, createClient } from "@connectrpc/connect";
 import { createConnectTransport } from "@connectrpc/connect-node";
@@ -201,8 +202,8 @@ var ExecutorService = class {
 	}
 	async loadExecutorForFile(executorFile, timestamp) {
 		try {
-			const baseUrl$1 = pathToFileURL(executorFile).href;
-			const executorModule = await (timestamp === void 0 ? import(baseUrl$1) : import(`${baseUrl$1}?t=${timestamp.getTime()}`));
+			const baseUrl = pathToFileURL(executorFile).href;
+			const executorModule = await (timestamp === void 0 ? import(baseUrl) : import(`${baseUrl}?t=${timestamp.getTime()}`));
 			const result = ExecutorSchema.safeParse(executorModule.default);
 			if (result.success) {
 				const relativePath = path.relative(process.cwd(), executorFile);
@@ -286,8 +287,8 @@ var ResolverService = class {
 	}
 	async loadResolverForFile(resolverFile, timestamp) {
 		try {
-			const baseUrl$1 = pathToFileURL(resolverFile).href;
-			const resolverModule = await (timestamp === void 0 ? import(baseUrl$1) : import(`${baseUrl$1}?t=${timestamp.getTime()}`));
+			const baseUrl = pathToFileURL(resolverFile).href;
+			const resolverModule = await (timestamp === void 0 ? import(baseUrl) : import(`${baseUrl}?t=${timestamp.getTime()}`));
 			const result = ResolverSchema.safeParse(resolverModule.default);
 			if (result.success) {
 				const relativePath = path.relative(process.cwd(), resolverFile);
@@ -336,8 +337,8 @@ var TailorDBService = class {
 	async loadTypesForFile(typeFile, timestamp) {
 		this.rawTypes[typeFile] = {};
 		try {
-			const baseUrl$1 = pathToFileURL(typeFile).href;
-			const module = await (timestamp === void 0 ? import(baseUrl$1) : import(`${baseUrl$1}?t=${timestamp.getTime()}`));
+			const baseUrl = pathToFileURL(typeFile).href;
+			const module = await (timestamp === void 0 ? import(baseUrl) : import(`${baseUrl}?t=${timestamp.getTime()}`));
 			for (const exportName of Object.keys(module)) {
 				const exportedValue = module[exportName];
 				if (exportedValue && typeof exportedValue === "object" && exportedValue.constructor?.name === "TailorDBType" && typeof exportedValue.name === "string" && typeof exportedValue.fields === "object" && exportedValue.metadata && typeof exportedValue.metadata === "object") {
@@ -2290,11 +2291,20 @@ async function readPackageJson() {
 
 //#endregion
 //#region src/cli/client.ts
-const baseUrl = process.env.PLATFORM_URL ?? "https://api.tailor.tech";
+const platformBaseUrl = process.env.PLATFORM_URL ?? "https://api.tailor.tech";
+const oauth2ClientId = "cpoc_0Iudir72fqSpqC6GQ58ri1cLAqcq5vJl";
+const oauth2DiscoveryEndpoint = "/.well-known/oauth-authorization-server/oauth2/platform";
+function initOAuth2Client() {
+	return new OAuth2Client({
+		clientId: oauth2ClientId,
+		server: platformBaseUrl,
+		discoveryEndpoint: oauth2DiscoveryEndpoint
+	});
+}
 async function initOperatorClient(accessToken) {
 	const transport = createConnectTransport({
 		httpVersion: "2",
-		baseUrl,
+		baseUrl: platformBaseUrl,
 		interceptors: [
 			await userAgentInterceptor(),
 			await bearerTokenInterceptor(accessToken),
@@ -2321,26 +2331,6 @@ async function bearerTokenInterceptor(accessToken) {
 		return await next(req);
 	};
 }
-async function refreshToken(refreshToken$1) {
-	const refreshUrl = new URL("/auth/platform/token/refresh", baseUrl).href;
-	const formData = new URLSearchParams();
-	formData.append("refresh_token", refreshToken$1);
-	const resp = await fetch(refreshUrl, {
-		method: "POST",
-		headers: {
-			"User-Agent": await userAgent(),
-			"Content-Type": "application/x-www-form-urlencoded"
-		},
-		body: formData
-	});
-	if (!resp.ok) throw new Error("Failed to refresh token");
-	const rawJson = await resp.json();
-	return z.object({
-		access_token: z.string(),
-		refresh_token: z.string(),
-		expires_in: z.number()
-	}).parse(rawJson);
-}
 function retryInterceptor() {
 	return (next) => async (req) => {
 		if (req.stream) return await next(req);
@@ -2385,6 +2375,16 @@ async function fetchAll(fn) {
 	}
 	return items;
 }
+async function fetchUserInfo(accessToken) {
+	const userInfoUrl = new URL("/auth/platform/userinfo", platformBaseUrl).href;
+	const resp = await fetch(userInfoUrl, { headers: {
+		Authorization: `Bearer ${accessToken}`,
+		"User-Agent": await userAgent()
+	} });
+	if (!resp.ok) throw new Error(`Failed to fetch user info: ${resp.statusText}`);
+	const rawJson = await resp.json();
+	return z.object({ email: z.string() }).parse(rawJson);
+}
 async function resolveStaticWebsiteUrls(client, workspaceId, urls, context) {
 	if (!urls) return [];
 	return (await Promise.all(urls.map(async (url) => {
@@ -2557,16 +2557,18 @@ async function fetchLatestToken(config, user) {
       Please verify your user name and login using 'tailor-sdk login' command.
     `);
 	if (new Date(tokens.token_expires_at) > /* @__PURE__ */ new Date()) return tokens.access_token;
-	const resp = await refreshToken(tokens.refresh_token);
-	const newExpiresAt = /* @__PURE__ */ new Date();
-	newExpiresAt.setSeconds(newExpiresAt.getSeconds() + resp.expires_in);
+	const resp = await initOAuth2Client().refreshToken({
+		accessToken: tokens.access_token,
+		refreshToken: tokens.refresh_token,
+		expiresAt: Date.parse(tokens.token_expires_at)
+	});
 	config.users[user] = {
-		access_token: resp.access_token,
-		refresh_token: resp.refresh_token,
-		token_expires_at: newExpiresAt.toISOString()
+		access_token: resp.accessToken,
+		refresh_token: resp.refreshToken,
+		token_expires_at: new Date(resp.expiresAt).toISOString()
 	};
 	writePlatformConfig(config);
-	return resp.access_token;
+	return resp.accessToken;
 }
 function loadConfigPath(configPath) {
 	if (configPath) return configPath;
@@ -6316,4 +6318,4 @@ const tokenCommand = defineCommand({
 });
 
 //#endregion
-export { PATScope, apply, applyCommand, commonArgs, createCommand, deleteCommand, fetchAll, fetchLatestToken, formatArgs, generate, generateCommand, generateUserTypes, initOperatorClient, listCommand, listCommand$1, loadAccessToken, loadConfig, loadConfigPath, loadWorkspaceId, machineUserList, machineUserToken, parseFormat, printWithFormat, readPackageJson, readPlatformConfig, show, showCommand, tokenCommand, userAgent, withCommonArgs, workspaceCreate, workspaceDelete, workspaceList, writePlatformConfig };
+export { PATScope, apply, applyCommand, commonArgs, createCommand, deleteCommand, fetchAll, fetchLatestToken, fetchUserInfo, formatArgs, generate, generateCommand, generateUserTypes, initOAuth2Client, initOperatorClient, listCommand, listCommand$1, loadAccessToken, loadConfig, loadConfigPath, loadWorkspaceId, machineUserList, machineUserToken, parseFormat, printWithFormat, readPackageJson, readPlatformConfig, show, showCommand, tokenCommand, withCommonArgs, workspaceCreate, workspaceDelete, workspaceList, writePlatformConfig };

package/dist/{types-Dyhfh5b6.d.mts → types-CCSNkBzX.d.mts}

@@ -1,11 +1,11 @@
 /// <reference path="./plugin-generated.d.ts" />
 
-import * as zod0 from "zod";
+import * as zod34 from "zod";
 import { z } from "zod";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 import * as type_fest0 from "type-fest";
 import { IsAny, NonEmptyObject } from "type-fest";
-import * as zod_v4_core0 from "zod/v4/core";
+import * as zod_v4_core50 from "zod/v4/core";
 
 //#region src/configure/types/helpers.d.ts
 type Prettify<T> = { [K in keyof T as string extends K ? never : K]: T[K] } & {};
@@ -1293,12 +1293,12 @@ declare function defineGenerators(...configs: GeneratorConfig[]): (["@tailor-pla
 }] | {
   id: string;
   description: string;
-  processType: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
-  processResolver: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
-  processExecutor: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
-  aggregate: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod0.ZodAny>;
-  processTailorDBNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
-  processResolverNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
+  processType: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
+  processResolver: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
+  processExecutor: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
+  aggregate: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod34.ZodAny>;
+  processTailorDBNamespace?: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut> | undefined;
+  processResolverNamespace?: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut> | undefined;
 })[];
 //#endregion
 //#region src/parser/service/executor/schema.d.ts
@@ -1418,4 +1418,4 @@ type WebhookOperation = z.infer<typeof WebhookOperationSchema>;
 type Executor = z.infer<typeof ExecutorSchema>;
 type ExecutorInput = z.input<typeof ExecutorSchema>;
 //#endregion
-export { AllowedValues, AllowedValuesOutput, AppConfig, ArrayFieldOutput, AuthConfig, AuthExternalConfig, AuthOwnConfig, type AuthServiceInput, type BuiltinIdP, CodeGeneratorBase, Executor, ExecutorInput, ExecutorServiceConfig, ExecutorServiceInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, Generator, GqlOperation, type IDToken, IdPConfig, IdPExternalConfig, type IdProviderConfig, IncomingWebhookTrigger, InferFieldsOutput, type OAuth2Client, type OAuth2ClientGrantType, type OIDC, PermissionCondition, QueryType, RecordTrigger, Resolver, ResolverExecutedTrigger, ResolverExternalConfig, ResolverInput, ResolverServiceConfig, ResolverServiceInput, type SAML, type SCIMAttribute, type SCIMAttributeMapping, type SCIMAttributeType, type SCIMAuthorization, type SCIMConfig, type SCIMResource, ScheduleTriggerInput, StaticWebsiteConfig, TailorDBType, TailorDBTypeConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, type TenantProviderConfig, type UserAttributeKey, type UserAttributeListKey, type UserAttributeMap, type UsernameFieldKey, type ValueOperand, WebhookOperation, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, output, unauthenticatedTailorUser };
+export { AllowedValues, AllowedValuesOutput, AppConfig, ArrayFieldOutput, AuthConfig, AuthExternalConfig, AuthOwnConfig, type AuthServiceInput, type BuiltinIdP, CodeGeneratorBase, Executor, ExecutorInput, ExecutorServiceConfig, ExecutorServiceInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, Generator, GqlOperation, type IDToken, IdPConfig, IdPExternalConfig, type IdProviderConfig, IncomingWebhookTrigger, InferFieldsOutput, type OAuth2Client, type OAuth2ClientGrantType, type OIDC, PermissionCondition, QueryType, RecordTrigger, Resolver, ResolverExecutedTrigger, ResolverExternalConfig, ResolverInput, ResolverServiceConfig, ResolverServiceInput, type SAML, type SCIMAttribute, type SCIMAttributeMapping, type SCIMAttributeType, type SCIMAuthorization, type SCIMConfig, type SCIMResource, ScheduleTriggerInput, StaticWebsiteConfig, TailorDBField, TailorDBInstance, TailorDBType, TailorDBTypeConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, type TenantProviderConfig, type UserAttributeKey, type UserAttributeListKey, type UserAttributeMap, type UsernameFieldKey, type ValueOperand, WebhookOperation, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, output, unauthenticatedTailorUser };

package/dist/utils/test/index.d.mts

@@ -1,7 +1,7 @@
 /// <reference path="./../../plugin-generated.d.ts" />
 
-import { TailorDBType, TailorField, TailorUser } from "../../types-Dyhfh5b6.mjs";
-import { output } from "../../index-DyBFt3bp.mjs";
+import { TailorDBType, TailorField, TailorUser } from "../../types-CCSNkBzX.mjs";
+import { output } from "../../index-DENkoB_m.mjs";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 
 //#region src/utils/test/index.d.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tailor-platform/sdk",
-  "version": "0.10.2",
+  "version": "0.10.4",
   "description": "Tailor Platform SDK - The SDK to work with Tailor Platform",
   "license": "MIT",
   "main": "./dist/configure/index.mjs",
@@ -39,6 +39,7 @@
   },
   "types": "./dist/configure/index.d.mts",
   "dependencies": {
+    "@badgateway/oauth2-client": "3.3.1",
     "@bufbuild/protobuf": "2.10.0",
     "@connectrpc/connect": "2.1.0",
     "@connectrpc/connect-node": "2.1.0",
@@ -51,7 +52,6 @@
     "consola": "3.4.2",
     "es-toolkit": "1.41.0",
     "inflection": "3.0.2",
-    "is-wsl": "3.1.0",
     "madge": "8.0.0",
     "multiline-ts": "4.0.1",
     "open": "10.2.0",
@@ -75,7 +75,7 @@
     "globals": "16.5.0",
     "tsdown": "0.15.6",
     "typescript": "5.9.3",
-    "typescript-eslint": "8.46.3",
+    "typescript-eslint": "8.47.0",
     "vitest": "4.0.8"
   },
   "scripts": {

package/dist/{config-C5UYYrp1.mjs → auth-Di3vQUrT.mjs}

@@ -708,21 +708,6 @@ const db = {
 	}) }
 };
 
-//#endregion
-//#region src/configure/services/auth/index.ts
-function defineAuth(name, config) {
-	return {
-		...config,
-		name,
-		invoker(machineUser) {
-			return {
-				authName: name,
-				machineUser
-			};
-		}
-	};
-}
-
 //#endregion
 //#region src/configure/config.ts
 let distPath = null;
@@ -739,5 +724,20 @@ function defineGenerators(...configs) {
 	return configs;
 }
 
+//#endregion
+//#region src/configure/services/auth/index.ts
+function defineAuth(name, config) {
+	return {
+		...config,
+		name,
+		invoker(machineUser) {
+			return {
+				authName: name,
+				machineUser
+			};
+		}
+	};
+}
+
 //#endregion
 export { TailorField, db, defineAuth, defineConfig, defineGenerators, getDistDir, t, tailorUserMap, unauthenticatedTailorUser };