npm - @tenxyte/core - Versions diffs - 0.1.5 → 0.9.0 - Mend

@tenxyte/core 0.1.5 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/README.md +184 -0
package/dist/index.cjs +951 -496
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +1709 -1265
package/dist/index.d.ts +1709 -1265
package/dist/index.js +919 -464
package/dist/index.js.map +1 -1
package/package.json +70 -66
package/src/client.ts +50 -21
package/src/http/client.ts +162 -162
package/src/http/index.ts +1 -1
package/src/http/interceptors.ts +117 -117
package/src/index.ts +7 -7
package/src/modules/ai.ts +178 -0
package/src/modules/auth.ts +116 -95
package/src/modules/b2b.ts +177 -0
package/src/modules/rbac.ts +207 -160
package/src/modules/security.ts +313 -122
package/src/modules/user.ts +95 -80
package/src/storage/cookie.ts +39 -39
package/src/storage/index.ts +29 -29
package/src/storage/localStorage.ts +75 -75
package/src/storage/memory.ts +30 -30
package/src/types/index.ts +152 -150
package/src/utils/base64url.ts +25 -0
package/src/utils/device_info.ts +94 -94
package/src/utils/events.ts +71 -71
package/src/utils/jwt.ts +51 -51
package/tests/http.test.ts +144 -144
package/tests/modules/auth.test.ts +93 -93
package/tests/modules/rbac.test.ts +95 -95
package/tests/modules/security.test.ts +85 -75
package/tests/modules/user.test.ts +76 -76
package/tests/storage.test.ts +96 -96
package/tests/utils.test.ts +71 -71
package/tsup.config.ts +10 -10
package/vitest.config.ts +7 -7

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/http/client.ts","../src/modules/auth.ts","../src/modules/security.ts","../src/utils/jwt.ts","../src/modules/rbac.ts","../src/modules/user.ts","../src/client.ts"],"sourcesContent":["import type { TenxyteError } from '../types';\r\n\r\nexport interface HttpClientOptions {\r\n baseUrl: string;\r\n timeoutMs?: number;\r\n headers?: Record<string, string>;\r\n}\r\n\r\nexport type RequestConfig = Omit<RequestInit, 'body' \| 'headers'> & {\r\n body?: unknown;\r\n headers?: Record<string, string>;\r\n params?: Record<string, string \| number \| boolean>;\r\n};\r\n\r\n/*\r\n Core HTTP Client underlying the SDK.\r\n * Handles JSON parsing, standard headers, simple request processing,\r\n * and normalizing errors into TenxyteError format.\r\n /\r\nexport class TenxyteHttpClient {\r\n private baseUrl: string;\r\n private defaultHeaders: Record<string, string>;\r\n\r\n // Interceptors\r\n private requestInterceptors: Array<(config: RequestConfig & { url: string }) => Promise<RequestConfig & { url: string }> \| (RequestConfig & { url: string })> = [];\r\n private responseInterceptors: Array<(response: Response, request: { url: string; config: RequestConfig }) => Promise<Response> \| Response> = [];\r\n\r\n constructor(options: HttpClientOptions) {\r\n this.baseUrl = options.baseUrl.replace(/\\/$/, ''); // Remove trailing slash\r\n this.defaultHeaders = {\r\n 'Content-Type': 'application/json',\r\n Accept: 'application/json',\r\n ...options.headers,\r\n };\r\n }\r\n\r\n // Interceptor Registration\r\n addRequestInterceptor(interceptor: typeof this.requestInterceptors[0]) {\r\n this.requestInterceptors.push(interceptor);\r\n }\r\n\r\n addResponseInterceptor(interceptor: typeof this.responseInterceptors[0]) {\r\n this.responseInterceptors.push(interceptor);\r\n }\r\n\r\n /\r\n Main request method wrapping fetch\r\n /\r\n async request<T>(endpoint: string, config: RequestConfig = {}): Promise<T> {\r\n const urlStr = endpoint.startsWith('http')\r\n ? endpoint\r\n : `${this.baseUrl}${endpoint.startsWith('/') ? '' : '/'}${endpoint}`;\r\n\r\n let urlObj = new URL(urlStr);\r\n\r\n if (config.params) {\r\n Object.entries(config.params).forEach(([key, value]) => {\r\n if (value !== undefined && value !== null) {\r\n urlObj.searchParams.append(key, String(value));\r\n }\r\n });\r\n }\r\n\r\n let requestContext: any = {\r\n url: urlObj.toString(),\r\n ...config,\r\n headers: { ...this.defaultHeaders, ...(config.headers \|\| {}) } as Record<string, string>,\r\n };\r\n\r\n // Handle FormData implicitly for multipart requests\r\n if (typeof FormData !== 'undefined' && requestContext.body instanceof FormData) {\r\n const headers = requestContext.headers as Record<string, string>;\r\n // Explicitly remove Content-Type so fetch can auto-assign the multipart boundary\r\n delete headers['Content-Type'];\r\n delete headers['content-type'];\r\n } else if (requestContext.body && typeof requestContext.body === 'object') {\r\n const contentType = (requestContext.headers as Record<string, string>)['Content-Type'] \|\| '';\r\n if (contentType.toLowerCase().includes('application/json')) {\r\n requestContext.body = JSON.stringify(requestContext.body);\r\n }\r\n }\r\n\r\n // Run Request Interceptors\r\n for (const interceptor of this.requestInterceptors) {\r\n requestContext = await interceptor(requestContext);\r\n }\r\n\r\n const { url, ...fetchConfig } = requestContext as any;\r\n\r\n try {\r\n let response = await fetch(url, fetchConfig as RequestInit);\r\n\r\n // Run Response Interceptors (e.g., token refresh logic)\r\n for (const interceptor of this.responseInterceptors) {\r\n response = await interceptor(response, { url, config: fetchConfig as RequestConfig });\r\n }\r\n\r\n if (!response.ok) {\r\n throw await this.normalizeError(response);\r\n }\r\n\r\n // Handle NoContent\r\n if (response.status === 204) {\r\n return {} as T;\r\n }\r\n\r\n const contentType = response.headers.get('content-type');\r\n if (contentType && contentType.includes('application/json')) {\r\n return (await response.json()) as T;\r\n }\r\n\r\n return (await response.text()) as unknown as T;\r\n } catch (error: any) {\r\n if (error && error.code) {\r\n throw error; // Already normalized\r\n }\r\n throw {\r\n error: error.message \|\| 'Network request failed',\r\n code: 'NETWORK_ERROR' as unknown as import('../types').TenxyteErrorCode,\r\n details: String(error)\r\n } as TenxyteError;\r\n }\r\n }\r\n\r\n private async normalizeError(response: Response): Promise<TenxyteError> {\r\n try {\r\n const body = await response.json();\r\n return {\r\n error: body.error \|\| body.detail \|\| 'API request failed',\r\n code: body.code \|\| `HTTP_${response.status}`,\r\n details: body.details \|\| body,\r\n retry_after: response.headers.has('Retry-After') ? parseInt(response.headers.get('Retry-After')!, 10) : undefined,\r\n } as TenxyteError;\r\n } catch (e) {\r\n return {\r\n error: `HTTP Error ${response.status}: ${response.statusText}`,\r\n code: `HTTP_${response.status}` as unknown as import('../types').TenxyteErrorCode,\r\n } as TenxyteError;\r\n }\r\n }\r\n\r\n // Convenience methods\r\n get<T>(endpoint: string, config?: Omit<RequestConfig, 'method' \| 'body'>) {\r\n return this.request<T>(endpoint, { ...config, method: 'GET' });\r\n }\r\n\r\n post<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' \| 'body'>) {\r\n return this.request<T>(endpoint, { ...config, method: 'POST', body: data });\r\n }\r\n\r\n put<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' \| 'body'>) {\r\n return this.request<T>(endpoint, { ...config, method: 'PUT', body: data });\r\n }\r\n\r\n patch<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' \| 'body'>) {\r\n return this.request<T>(endpoint, { ...config, method: 'PATCH', body: data });\r\n }\r\n\r\n delete<T>(endpoint: string, config?: Omit<RequestConfig, 'method' \| 'body'>) {\r\n return this.request<T>(endpoint, { ...config, method: 'DELETE' });\r\n }\r\n}\r\n","import { TenxyteHttpClient } from '../http/client';\r\nimport { TokenPair, GeneratedSchema } from '../types';\r\n\r\nexport interface LoginEmailOptions {\r\n totp_code?: string;\r\n}\r\n\r\nexport interface LoginPhoneOptions {\r\n totp_code?: string;\r\n}\r\n\r\nexport type RegisterRequest = any;\r\n\r\nexport interface MagicLinkRequest {\r\n email: string;\r\n}\r\n\r\nexport interface SocialLoginRequest {\r\n access_token?: string;\r\n authorization_code?: string;\r\n id_token?: string;\r\n}\r\n\r\nexport class AuthModule {\r\n constructor(private client: TenxyteHttpClient) { }\r\n\r\n /\r\n Authenticate user with email and password\r\n /\r\n async loginWithEmail(\r\n data: GeneratedSchema['LoginEmail'],\r\n ): Promise<TokenPair> {\r\n return this.client.post<TokenPair>('/api/v1/auth/login/email/', data);\r\n }\r\n\r\n /\r\n Authenticate user with international phone number and password\r\n /\r\n async loginWithPhone(\r\n data: GeneratedSchema['LoginPhone'],\r\n ): Promise<TokenPair> {\r\n return this.client.post<TokenPair>('/api/v1/auth/login/phone/', data);\r\n }\r\n\r\n /\r\n Register a new user\r\n /\r\n async register(data: RegisterRequest): Promise<any> {\r\n return this.client.post<any>('/api/v1/auth/register/', data);\r\n }\r\n\r\n /\r\n Logout from the current session\r\n /\r\n async logout(refreshToken: string): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/logout/', { refresh_token: refreshToken });\r\n }\r\n\r\n /\r\n Logout from all sessions (revokes all refresh tokens)\r\n /\r\n async logoutAll(): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/logout/all/');\r\n }\r\n\r\n /\r\n Request a magic link for sign-in\r\n /\r\n async requestMagicLink(data: MagicLinkRequest): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/magic-link/request/', data);\r\n }\r\n\r\n /\r\n Verify a magic link token\r\n /\r\n async verifyMagicLink(token: string): Promise<TokenPair> {\r\n return this.client.get<TokenPair>(`/api/v1/auth/magic-link/verify/`, { params: { token } });\r\n }\r\n\r\n /\r\n Perform OAuth2 Social Authentication (e.g. Google, GitHub)\r\n /\r\n async loginWithSocial(provider: 'google' \| 'github' \| 'microsoft' \| 'facebook', data: SocialLoginRequest): Promise<TokenPair> {\r\n return this.client.post<TokenPair>(`/api/v1/auth/social/${provider}/`, data);\r\n }\r\n\r\n /\r\n Handle Social Auth Callback (authorization code flow)\r\n /\r\n async handleSocialCallback(provider: 'google' \| 'github' \| 'microsoft' \| 'facebook', code: string, redirectUri: string): Promise<TokenPair> {\r\n return this.client.get<TokenPair>(`/api/v1/auth/social/${provider}/callback/`, {\r\n params: { code, redirect_uri: redirectUri },\r\n });\r\n }\r\n}\r\n","import { TenxyteHttpClient } from '../http/client';\r\nimport { TokenPair } from '../types';\r\n\r\nexport interface OtpRequestParams {\r\n email?: string;\r\n phone_country_code?: string;\r\n phone_number?: string;\r\n type: 'email_verification' \| 'phone_verification' \| 'password_reset';\r\n}\r\n\r\nexport interface VerifyOtpEmailParams {\r\n email: string;\r\n code: string;\r\n}\r\n\r\nexport interface VerifyOtpPhoneParams {\r\n phone_country_code: string;\r\n phone_number: string;\r\n code: string;\r\n}\r\n\r\nexport interface Setup2FAResponse {\r\n qr_code_url: string;\r\n secret: string;\r\n backup_codes: string[];\r\n}\r\n\r\nexport interface WebAuthnRegisterBeginResponse {\r\n publicKey: any; // CredentialCreationOptions\r\n}\r\n\r\nexport interface WebAuthnAuthenticateBeginResponse {\r\n publicKey: any; // CredentialRequestOptions\r\n}\r\n\r\nexport class SecurityModule {\r\n constructor(private client: TenxyteHttpClient) { }\r\n\r\n // --- OTP Verification --- //\r\n\r\n async requestOtp(data: OtpRequestParams): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/otp/request/', data);\r\n }\r\n\r\n async verifyOtpEmail(data: VerifyOtpEmailParams): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/otp/verify/email/', data);\r\n }\r\n\r\n async verifyOtpPhone(data: VerifyOtpPhoneParams): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/otp/verify/phone/', data);\r\n }\r\n\r\n // --- TOTP / 2FA --- //\r\n\r\n async get2FAStatus(): Promise<{ is_enabled: boolean; backup_codes_remaining: number }> {\r\n return this.client.get('/api/v1/auth/2fa/status/');\r\n }\r\n\r\n async setup2FA(): Promise<Setup2FAResponse> {\r\n return this.client.post<Setup2FAResponse>('/api/v1/auth/2fa/setup/');\r\n }\r\n\r\n async confirm2FA(totp_code: string): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/2fa/confirm/', { totp_code });\r\n }\r\n\r\n async disable2FA(totp_code: string, password?: string): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/2fa/disable/', { totp_code, password });\r\n }\r\n\r\n async regenerateBackupCodes(totp_code: string): Promise<{ backup_codes: string[] }> {\r\n return this.client.post('/api/v1/auth/2fa/backup-codes/', { totp_code });\r\n }\r\n\r\n // --- Password Management --- //\r\n\r\n async resetPasswordRequest(data: { email?: string; phone_country_code?: string; phone_number?: string }): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/password/reset/request/', data);\r\n }\r\n\r\n async resetPasswordConfirm(data: { otp_code: string; new_password: string; email?: string; phone_country_code?: string; phone_number?: string }): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/password/reset/confirm/', data);\r\n }\r\n\r\n async changePassword(data: { current_password: string; new_password: string }): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/password/change/', data);\r\n }\r\n\r\n async checkPasswordStrength(data: { password: string; email?: string }): Promise<{ score: number; feedback: string[] }> {\r\n return this.client.post('/api/v1/auth/password/strength/', data);\r\n }\r\n\r\n async getPasswordRequirements(): Promise<any> {\r\n return this.client.get('/api/v1/auth/password/requirements/');\r\n }\r\n\r\n // --- WebAuthn / Passkeys --- //\r\n\r\n async registerWebAuthnBegin(): Promise<WebAuthnRegisterBeginResponse> {\r\n return this.client.post<WebAuthnRegisterBeginResponse>('/api/v1/auth/webauthn/register/begin/');\r\n }\r\n\r\n async registerWebAuthnComplete(data: any): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/webauthn/register/complete/', data);\r\n }\r\n\r\n async authenticateWebAuthnBegin(data?: { email?: string }): Promise<WebAuthnAuthenticateBeginResponse> {\r\n return this.client.post<WebAuthnAuthenticateBeginResponse>('/api/v1/auth/webauthn/authenticate/begin/', data \|\| {});\r\n }\r\n\r\n async authenticateWebAuthnComplete(data: any): Promise<TokenPair> {\r\n return this.client.post<TokenPair>('/api/v1/auth/webauthn/authenticate/complete/', data);\r\n }\r\n\r\n async listWebAuthnCredentials(): Promise<any[]> {\r\n return this.client.get<any[]>('/api/v1/auth/webauthn/credentials/');\r\n }\r\n\r\n async deleteWebAuthnCredential(credentialId: string): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/webauthn/credentials/${credentialId}/`);\r\n }\r\n}\r\n","export interface DecodedTenxyteToken {\r\n exp?: number;\r\n iat?: number;\r\n sub?: string;\r\n roles?: string[];\r\n permissions?: string[];\r\n [key: string]: any;\r\n}\r\n\r\n/\r\n Decodes the payload of a JWT without verifying the signature.\r\n * Suitable for client-side routing and UI state.\r\n /\r\nexport function decodeJwt(token: string): DecodedTenxyteToken \| null {\r\n try {\r\n const parts = token.split('.');\r\n if (parts.length !== 3) {\r\n return null;\r\n }\r\n\r\n let base64Url = parts[1];\r\n if (!base64Url) return null;\r\n\r\n let base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');\r\n\r\n // Pad with standard base64 padding\r\n while (base64.length % 4) {\r\n base64 += '=';\r\n }\r\n\r\n const isBrowser = typeof window !== 'undefined' && typeof window.atob === 'function';\r\n let jsonPayload: string;\r\n\r\n if (isBrowser) {\r\n // Browser decode\r\n jsonPayload = decodeURIComponent(\r\n window.atob(base64)\r\n .split('')\r\n .map((c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))\r\n .join('')\r\n );\r\n } else {\r\n // Node.js decode\r\n jsonPayload = Buffer.from(base64, 'base64').toString('utf8');\r\n }\r\n\r\n return JSON.parse(jsonPayload);\r\n } catch (e) {\r\n return null;\r\n }\r\n}\r\n","import { TenxyteHttpClient } from '../http/client';\r\nimport { decodeJwt, DecodedTenxyteToken } from '../utils/jwt';\r\n\r\nexport interface Role {\r\n id: string;\r\n name: string;\r\n description?: string;\r\n is_default?: boolean;\r\n permissions?: string[];\r\n}\r\n\r\nexport interface Permission {\r\n id: string;\r\n code: string;\r\n name: string;\r\n description?: string;\r\n}\r\n\r\nexport class RbacModule {\r\n private cachedToken: string \| null = null;\r\n\r\n constructor(private client: TenxyteHttpClient) { }\r\n\r\n /\r\n Cache a token to use for parameter-less synchronous checks.\r\n /\r\n setToken(token: string \| null) {\r\n this.cachedToken = token;\r\n }\r\n\r\n private getDecodedToken(token?: string): DecodedTenxyteToken \| null {\r\n const t = token \|\| this.cachedToken;\r\n if (!t) return null;\r\n return decodeJwt(t);\r\n }\r\n\r\n // --- Synchronous Checks --- //\r\n\r\n hasRole(role: string, token?: string): boolean {\r\n const decoded = this.getDecodedToken(token);\r\n if (!decoded?.roles) return false;\r\n return decoded.roles.includes(role);\r\n }\r\n\r\n hasAnyRole(roles: string[], token?: string): boolean {\r\n const decoded = this.getDecodedToken(token);\r\n if (!decoded?.roles) return false;\r\n return roles.some(r => decoded.roles!.includes(r));\r\n }\r\n\r\n hasAllRoles(roles: string[], token?: string): boolean {\r\n const decoded = this.getDecodedToken(token);\r\n if (!decoded?.roles) return false;\r\n return roles.every(r => decoded.roles!.includes(r));\r\n }\r\n\r\n hasPermission(permission: string, token?: string): boolean {\r\n const decoded = this.getDecodedToken(token);\r\n if (!decoded?.permissions) return false;\r\n // Check exact match or wildcard, assuming backend handles wildcard expansion in JWT\r\n return decoded.permissions.includes(permission);\r\n }\r\n\r\n hasAnyPermission(permissions: string[], token?: string): boolean {\r\n const decoded = this.getDecodedToken(token);\r\n if (!decoded?.permissions) return false;\r\n return permissions.some(p => decoded.permissions!.includes(p));\r\n }\r\n\r\n hasAllPermissions(permissions: string[], token?: string): boolean {\r\n const decoded = this.getDecodedToken(token);\r\n if (!decoded?.permissions) return false;\r\n return permissions.every(p => decoded.permissions!.includes(p));\r\n }\r\n\r\n // --- Roles CRUD --- //\r\n\r\n async listRoles(): Promise<Role[]> {\r\n return this.client.get<Role[]>('/api/v1/auth/roles/');\r\n }\r\n\r\n async createRole(data: { name: string; description?: string; permission_codes?: string[]; is_default?: boolean }): Promise<Role> {\r\n return this.client.post<Role>('/api/v1/auth/roles/', data);\r\n }\r\n\r\n async getRole(roleId: string): Promise<Role> {\r\n return this.client.get<Role>(`/api/v1/auth/roles/${roleId}/`);\r\n }\r\n\r\n async updateRole(roleId: string, data: { name?: string; description?: string; permission_codes?: string[]; is_default?: boolean }): Promise<Role> {\r\n return this.client.put<Role>(`/api/v1/auth/roles/${roleId}/`, data);\r\n }\r\n\r\n async deleteRole(roleId: string): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/roles/${roleId}/`);\r\n }\r\n\r\n // --- Role Permissions Management --- //\r\n\r\n async getRolePermissions(roleId: string): Promise<Permission[]> {\r\n return this.client.get<Permission[]>(`/api/v1/auth/roles/${roleId}/permissions/`);\r\n }\r\n\r\n async addPermissionsToRole(roleId: string, permission_codes: string[]): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/roles/${roleId}/permissions/`, { permission_codes });\r\n }\r\n\r\n async removePermissionsFromRole(roleId: string, permission_codes: string[]): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/roles/${roleId}/permissions/`, {\r\n // Note: DELETE request with body is supported via our fetch wrapper if enabled,\r\n // or we might need to rely on query strings. The schema specifies body or query.\r\n // Let's pass it in body via a custom config or URL params.\r\n body: { permission_codes }\r\n } as any);\r\n }\r\n\r\n // --- Permissions CRUD --- //\r\n\r\n async listPermissions(): Promise<Permission[]> {\r\n return this.client.get<Permission[]>('/api/v1/auth/permissions/');\r\n }\r\n\r\n async createPermission(data: { code: string; name: string; description?: string; parent_code?: string }): Promise<Permission> {\r\n return this.client.post<Permission>('/api/v1/auth/permissions/', data);\r\n }\r\n\r\n async getPermission(permissionId: string): Promise<Permission> {\r\n return this.client.get<Permission>(`/api/v1/auth/permissions/${permissionId}/`);\r\n }\r\n\r\n async updatePermission(permissionId: string, data: { name?: string; description?: string }): Promise<Permission> {\r\n return this.client.put<Permission>(`/api/v1/auth/permissions/${permissionId}/`, data);\r\n }\r\n\r\n async deletePermission(permissionId: string): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/permissions/${permissionId}/`);\r\n }\r\n\r\n // --- Direct Assignment (Users) --- //\r\n\r\n async assignRoleToUser(userId: string, roleCode: string): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/users/${userId}/roles/`, { role_code: roleCode });\r\n }\r\n\r\n async removeRoleFromUser(userId: string, roleCode: string): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/users/${userId}/roles/`, {\r\n params: { role_code: roleCode }\r\n });\r\n }\r\n\r\n async assignPermissionsToUser(userId: string, permissionCodes: string[]): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/users/${userId}/permissions/`, { permission_codes: permissionCodes });\r\n }\r\n\r\n async removePermissionsFromUser(userId: string, permissionCodes: string[]): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/users/${userId}/permissions/`, {\r\n body: { permission_codes: permissionCodes }\r\n } as any);\r\n }\r\n}\r\n","import { TenxyteHttpClient } from '../http/client';\r\n\r\nexport interface UpdateProfileParams {\r\n first_name?: string;\r\n last_name?: string;\r\n [key: string]: any; // Allow custom metadata updates\r\n}\r\n\r\nexport interface AdminUpdateUserParams {\r\n first_name?: string;\r\n last_name?: string;\r\n is_active?: boolean;\r\n is_locked?: boolean;\r\n max_sessions?: number;\r\n max_devices?: number;\r\n}\r\n\r\nexport class UserModule {\r\n constructor(private client: TenxyteHttpClient) { }\r\n\r\n // --- Standard Profile Actions --- //\r\n\r\n async getProfile(): Promise<any> {\r\n return this.client.get('/api/v1/auth/me/');\r\n }\r\n\r\n async updateProfile(data: UpdateProfileParams): Promise<any> {\r\n return this.client.patch('/api/v1/auth/me/', data);\r\n }\r\n\r\n /\r\n Upload an avatar using FormData.\r\n * Ensure the environment supports FormData (browser or Node.js v18+).\r\n * @param formData The FormData object containing the 'avatar' field.\r\n */\r\n async uploadAvatar(formData: FormData): Promise<any> {\r\n return this.client.patch('/api/v1/auth/me/', formData);\r\n }\r\n\r\n async deleteAccount(password: string, otpCode?: string): Promise<void> {\r\n return this.client.post<void>('/api/v1/auth/request-account-deletion/', {\r\n password,\r\n otp_code: otpCode\r\n });\r\n }\r\n\r\n // --- Admin Actions Mapping --- //\r\n\r\n async listUsers(params?: Record<string, any>): Promise<any[]> {\r\n return this.client.get<any[]>('/api/v1/auth/admin/users/', { params });\r\n }\r\n\r\n async getUser(userId: string): Promise<any> {\r\n return this.client.get(`/api/v1/auth/admin/users/${userId}/`);\r\n }\r\n\r\n async adminUpdateUser(userId: string, data: AdminUpdateUserParams): Promise<any> {\r\n return this.client.patch(`/api/v1/auth/admin/users/${userId}/`, data);\r\n }\r\n\r\n async adminDeleteUser(userId: string): Promise<void> {\r\n return this.client.delete<void>(`/api/v1/auth/admin/users/${userId}/`);\r\n }\r\n\r\n async banUser(userId: string, reason: string = ''): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/ban/`, { reason });\r\n }\r\n\r\n async unbanUser(userId: string): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/unban/`);\r\n }\r\n\r\n async lockUser(userId: string, durationMinutes: number = 30, reason: string = ''): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/lock/`, { duration_minutes: durationMinutes, reason });\r\n }\r\n\r\n async unlockUser(userId: string): Promise<void> {\r\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/unlock/`);\r\n }\r\n}\r\n","import { TenxyteHttpClient, HttpClientOptions } from './http/client';\r\nimport { AuthModule } from './modules/auth';\r\nimport { SecurityModule } from './modules/security';\r\nimport { RbacModule } from './modules/rbac';\r\nimport { UserModule } from './modules/user';\r\n\r\nexport class TenxyteClient {\r\n public http: TenxyteHttpClient;\r\n public auth: AuthModule;\r\n public security: SecurityModule;\r\n public rbac: RbacModule;\r\n public user: UserModule;\r\n\r\n constructor(options: HttpClientOptions) {\r\n this.http = new TenxyteHttpClient(options);\r\n this.auth = new AuthModule(this.http);\r\n this.security = new SecurityModule(this.http);\r\n this.rbac = new RbacModule(this.http);\r\n this.user = new UserModule(this.http);\r\n }\r\n}\r\n"],"mappings":";AAmBO,IAAM,oBAAN,MAAwB;AAAA,EACnB;AAAA,EACA;AAAA;AAAA,EAGA,sBAAwJ,CAAC;AAAA,EACzJ,uBAAqI,CAAC;AAAA,EAE9I,YAAY,SAA4B;AACpC,SAAK,UAAU,QAAQ,QAAQ,QAAQ,OAAO,EAAE;AAChD,SAAK,iBAAiB;AAAA,MAClB,gBAAgB;AAAA,MAChB,QAAQ;AAAA,MACR,GAAG,QAAQ;AAAA,IACf;AAAA,EACJ;AAAA;AAAA,EAGA,sBAAsB,aAAiD;AACnE,SAAK,oBAAoB,KAAK,WAAW;AAAA,EAC7C;AAAA,EAEA,uBAAuB,aAAkD;AACrE,SAAK,qBAAqB,KAAK,WAAW;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,QAAW,UAAkB,SAAwB,CAAC,GAAe;AACvE,UAAM,SAAS,SAAS,WAAW,MAAM,IACnC,WACA,GAAG,KAAK,OAAO,GAAG,SAAS,WAAW,GAAG,IAAI,KAAK,GAAG,GAAG,QAAQ;AAEtE,QAAI,SAAS,IAAI,IAAI,MAAM;AAE3B,QAAI,OAAO,QAAQ;AACf,aAAO,QAAQ,OAAO,MAAM,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACpD,YAAI,UAAU,UAAa,UAAU,MAAM;AACvC,iBAAO,aAAa,OAAO,KAAK,OAAO,KAAK,CAAC;AAAA,QACjD;AAAA,MACJ,CAAC;AAAA,IACL;AAEA,QAAI,iBAAsB;AAAA,MACtB,KAAK,OAAO,SAAS;AAAA,MACrB,GAAG;AAAA,MACH,SAAS,EAAE,GAAG,KAAK,gBAAgB,GAAI,OAAO,WAAW,CAAC,EAAG;AAAA,IACjE;AAGA,QAAI,OAAO,aAAa,eAAe,eAAe,gBAAgB,UAAU;AAC5E,YAAM,UAAU,eAAe;AAE/B,aAAO,QAAQ,cAAc;AAC7B,aAAO,QAAQ,cAAc;AAAA,IACjC,WAAW,eAAe,QAAQ,OAAO,eAAe,SAAS,UAAU;AACvE,YAAM,cAAe,eAAe,QAAmC,cAAc,KAAK;AAC1F,UAAI,YAAY,YAAY,EAAE,SAAS,kBAAkB,GAAG;AACxD,uBAAe,OAAO,KAAK,UAAU,eAAe,IAAI;AAAA,MAC5D;AAAA,IACJ;AAGA,eAAW,eAAe,KAAK,qBAAqB;AAChD,uBAAiB,MAAM,YAAY,cAAc;AAAA,IACrD;AAEA,UAAM,EAAE,KAAK,GAAG,YAAY,IAAI;AAEhC,QAAI;AACA,UAAI,WAAW,MAAM,MAAM,KAAK,WAA0B;AAG1D,iBAAW,eAAe,KAAK,sBAAsB;AACjD,mBAAW,MAAM,YAAY,UAAU,EAAE,KAAK,QAAQ,YAA6B,CAAC;AAAA,MACxF;AAEA,UAAI,CAAC,SAAS,IAAI;AACd,cAAM,MAAM,KAAK,eAAe,QAAQ;AAAA,MAC5C;AAGA,UAAI,SAAS,WAAW,KAAK;AACzB,eAAO,CAAC;AAAA,MACZ;AAEA,YAAM,cAAc,SAAS,QAAQ,IAAI,cAAc;AACvD,UAAI,eAAe,YAAY,SAAS,kBAAkB,GAAG;AACzD,eAAQ,MAAM,SAAS,KAAK;AAAA,MAChC;AAEA,aAAQ,MAAM,SAAS,KAAK;AAAA,IAChC,SAAS,OAAY;AACjB,UAAI,SAAS,MAAM,MAAM;AACrB,cAAM;AAAA,MACV;AACA,YAAM;AAAA,QACF,OAAO,MAAM,WAAW;AAAA,QACxB,MAAM;AAAA,QACN,SAAS,OAAO,KAAK;AAAA,MACzB;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,MAAc,eAAe,UAA2C;AACpE,QAAI;AACA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,QACH,OAAO,KAAK,SAAS,KAAK,UAAU;AAAA,QACpC,MAAM,KAAK,QAAQ,QAAQ,SAAS,MAAM;AAAA,QAC1C,SAAS,KAAK,WAAW;AAAA,QACzB,aAAa,SAAS,QAAQ,IAAI,aAAa,IAAI,SAAS,SAAS,QAAQ,IAAI,aAAa,GAAI,EAAE,IAAI;AAAA,MAC5G;AAAA,IACJ,SAAS,GAAG;AACR,aAAO;AAAA,QACH,OAAO,cAAc,SAAS,MAAM,KAAK,SAAS,UAAU;AAAA,QAC5D,MAAM,QAAQ,SAAS,MAAM;AAAA,MACjC;AAAA,IACJ;AAAA,EACJ;AAAA;AAAA,EAGA,IAAO,UAAkB,QAAiD;AACtE,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,MAAM,CAAC;AAAA,EACjE;AAAA,EAEA,KAAQ,UAAkB,MAAgB,QAAiD;AACvF,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,QAAQ,MAAM,KAAK,CAAC;AAAA,EAC9E;AAAA,EAEA,IAAO,UAAkB,MAAgB,QAAiD;AACtF,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,OAAO,MAAM,KAAK,CAAC;AAAA,EAC7E;AAAA,EAEA,MAAS,UAAkB,MAAgB,QAAiD;AACxF,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,SAAS,MAAM,KAAK,CAAC;AAAA,EAC/E;AAAA,EAEA,OAAU,UAAkB,QAAiD;AACzE,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,SAAS,CAAC;AAAA,EACpE;AACJ;;;AC1IO,IAAM,aAAN,MAAiB;AAAA,EACpB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA;AAAA;AAAA;AAAA,EAKjD,MAAM,eACF,MACkB;AAClB,WAAO,KAAK,OAAO,KAAgB,6BAA6B,IAAI;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eACF,MACkB;AAClB,WAAO,KAAK,OAAO,KAAgB,6BAA6B,IAAI;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,MAAqC;AAChD,WAAO,KAAK,OAAO,KAAU,0BAA0B,IAAI;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,cAAqC;AAC9C,WAAO,KAAK,OAAO,KAAW,wBAAwB,EAAE,eAAe,aAAa,CAAC;AAAA,EACzF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAA2B;AAC7B,WAAO,KAAK,OAAO,KAAW,0BAA0B;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,MAAuC;AAC1D,WAAO,KAAK,OAAO,KAAW,oCAAoC,IAAI;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,OAAmC;AACrD,WAAO,KAAK,OAAO,IAAe,mCAAmC,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AAAA,EAC9F;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,UAA0D,MAA8C;AAC1H,WAAO,KAAK,OAAO,KAAgB,uBAAuB,QAAQ,KAAK,IAAI;AAAA,EAC/E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,qBAAqB,UAA0D,MAAc,aAAyC;AACxI,WAAO,KAAK,OAAO,IAAe,uBAAuB,QAAQ,cAAc;AAAA,MAC3E,QAAQ,EAAE,MAAM,cAAc,YAAY;AAAA,IAC9C,CAAC;AAAA,EACL;AACJ;;;AC3DO,IAAM,iBAAN,MAAqB;AAAA,EACxB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA;AAAA,EAIjD,MAAM,WAAW,MAAuC;AACpD,WAAO,KAAK,OAAO,KAAW,6BAA6B,IAAI;AAAA,EACnE;AAAA,EAEA,MAAM,eAAe,MAA2C;AAC5D,WAAO,KAAK,OAAO,KAAW,kCAAkC,IAAI;AAAA,EACxE;AAAA,EAEA,MAAM,eAAe,MAA2C;AAC5D,WAAO,KAAK,OAAO,KAAW,kCAAkC,IAAI;AAAA,EACxE;AAAA;AAAA,EAIA,MAAM,eAAiF;AACnF,WAAO,KAAK,OAAO,IAAI,0BAA0B;AAAA,EACrD;AAAA,EAEA,MAAM,WAAsC;AACxC,WAAO,KAAK,OAAO,KAAuB,yBAAyB;AAAA,EACvE;AAAA,EAEA,MAAM,WAAW,WAAkC;AAC/C,WAAO,KAAK,OAAO,KAAW,6BAA6B,EAAE,UAAU,CAAC;AAAA,EAC5E;AAAA,EAEA,MAAM,WAAW,WAAmB,UAAkC;AAClE,WAAO,KAAK,OAAO,KAAW,6BAA6B,EAAE,WAAW,SAAS,CAAC;AAAA,EACtF;AAAA,EAEA,MAAM,sBAAsB,WAAwD;AAChF,WAAO,KAAK,OAAO,KAAK,kCAAkC,EAAE,UAAU,CAAC;AAAA,EAC3E;AAAA;AAAA,EAIA,MAAM,qBAAqB,MAA6F;AACpH,WAAO,KAAK,OAAO,KAAW,wCAAwC,IAAI;AAAA,EAC9E;AAAA,EAEA,MAAM,qBAAqB,MAAqI;AAC5J,WAAO,KAAK,OAAO,KAAW,wCAAwC,IAAI;AAAA,EAC9E;AAAA,EAEA,MAAM,eAAe,MAAyE;AAC1F,WAAO,KAAK,OAAO,KAAW,iCAAiC,IAAI;AAAA,EACvE;AAAA,EAEA,MAAM,sBAAsB,MAA4F;AACpH,WAAO,KAAK,OAAO,KAAK,mCAAmC,IAAI;AAAA,EACnE;AAAA,EAEA,MAAM,0BAAwC;AAC1C,WAAO,KAAK,OAAO,IAAI,qCAAqC;AAAA,EAChE;AAAA;AAAA,EAIA,MAAM,wBAAgE;AAClE,WAAO,KAAK,OAAO,KAAoC,uCAAuC;AAAA,EAClG;AAAA,EAEA,MAAM,yBAAyB,MAA0B;AACrD,WAAO,KAAK,OAAO,KAAW,4CAA4C,IAAI;AAAA,EAClF;AAAA,EAEA,MAAM,0BAA0B,MAAuE;AACnG,WAAO,KAAK,OAAO,KAAwC,6CAA6C,QAAQ,CAAC,CAAC;AAAA,EACtH;AAAA,EAEA,MAAM,6BAA6B,MAA+B;AAC9D,WAAO,KAAK,OAAO,KAAgB,gDAAgD,IAAI;AAAA,EAC3F;AAAA,EAEA,MAAM,0BAA0C;AAC5C,WAAO,KAAK,OAAO,IAAW,oCAAoC;AAAA,EACtE;AAAA,EAEA,MAAM,yBAAyB,cAAqC;AAChE,WAAO,KAAK,OAAO,OAAa,qCAAqC,YAAY,GAAG;AAAA,EACxF;AACJ;;;AC5GO,SAAS,UAAU,OAA2C;AACjE,MAAI;AACA,UAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,QAAI,MAAM,WAAW,GAAG;AACpB,aAAO;AAAA,IACX;AAEA,QAAI,YAAY,MAAM,CAAC;AACvB,QAAI,CAAC,UAAW,QAAO;AAEvB,QAAI,SAAS,UAAU,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAG3D,WAAO,OAAO,SAAS,GAAG;AACtB,gBAAU;AAAA,IACd;AAEA,UAAM,YAAY,OAAO,WAAW,eAAe,OAAO,OAAO,SAAS;AAC1E,QAAI;AAEJ,QAAI,WAAW;AAEX,oBAAc;AAAA,QACV,OAAO,KAAK,MAAM,EACb,MAAM,EAAE,EACR,IAAI,CAAC,MAAM,OAAO,OAAO,EAAE,WAAW,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,EAChE,KAAK,EAAE;AAAA,MAChB;AAAA,IACJ,OAAO;AAEH,oBAAc,OAAO,KAAK,QAAQ,QAAQ,EAAE,SAAS,MAAM;AAAA,IAC/D;AAEA,WAAO,KAAK,MAAM,WAAW;AAAA,EACjC,SAAS,GAAG;AACR,WAAO;AAAA,EACX;AACJ;;;AChCO,IAAM,aAAN,MAAiB;AAAA,EAGpB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA,EAFzC,cAA6B;AAAA;AAAA;AAAA;AAAA,EAOrC,SAAS,OAAsB;AAC3B,SAAK,cAAc;AAAA,EACvB;AAAA,EAEQ,gBAAgB,OAA4C;AAChE,UAAM,IAAI,SAAS,KAAK;AACxB,QAAI,CAAC,EAAG,QAAO;AACf,WAAO,UAAU,CAAC;AAAA,EACtB;AAAA;AAAA,EAIA,QAAQ,MAAc,OAAyB;AAC3C,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,WAAO,QAAQ,MAAM,SAAS,IAAI;AAAA,EACtC;AAAA,EAEA,WAAW,OAAiB,OAAyB;AACjD,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,WAAO,MAAM,KAAK,OAAK,QAAQ,MAAO,SAAS,CAAC,CAAC;AAAA,EACrD;AAAA,EAEA,YAAY,OAAiB,OAAyB;AAClD,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,WAAO,MAAM,MAAM,OAAK,QAAQ,MAAO,SAAS,CAAC,CAAC;AAAA,EACtD;AAAA,EAEA,cAAc,YAAoB,OAAyB;AACvD,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,YAAa,QAAO;AAElC,WAAO,QAAQ,YAAY,SAAS,UAAU;AAAA,EAClD;AAAA,EAEA,iBAAiB,aAAuB,OAAyB;AAC7D,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,YAAa,QAAO;AAClC,WAAO,YAAY,KAAK,OAAK,QAAQ,YAAa,SAAS,CAAC,CAAC;AAAA,EACjE;AAAA,EAEA,kBAAkB,aAAuB,OAAyB;AAC9D,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,YAAa,QAAO;AAClC,WAAO,YAAY,MAAM,OAAK,QAAQ,YAAa,SAAS,CAAC,CAAC;AAAA,EAClE;AAAA;AAAA,EAIA,MAAM,YAA6B;AAC/B,WAAO,KAAK,OAAO,IAAY,qBAAqB;AAAA,EACxD;AAAA,EAEA,MAAM,WAAW,MAAgH;AAC7H,WAAO,KAAK,OAAO,KAAW,uBAAuB,IAAI;AAAA,EAC7D;AAAA,EAEA,MAAM,QAAQ,QAA+B;AACzC,WAAO,KAAK,OAAO,IAAU,sBAAsB,MAAM,GAAG;AAAA,EAChE;AAAA,EAEA,MAAM,WAAW,QAAgB,MAAiH;AAC9I,WAAO,KAAK,OAAO,IAAU,sBAAsB,MAAM,KAAK,IAAI;AAAA,EACtE;AAAA,EAEA,MAAM,WAAW,QAA+B;AAC5C,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,GAAG;AAAA,EACnE;AAAA;AAAA,EAIA,MAAM,mBAAmB,QAAuC;AAC5D,WAAO,KAAK,OAAO,IAAkB,sBAAsB,MAAM,eAAe;AAAA,EACpF;AAAA,EAEA,MAAM,qBAAqB,QAAgB,kBAA2C;AAClF,WAAO,KAAK,OAAO,KAAW,sBAAsB,MAAM,iBAAiB,EAAE,iBAAiB,CAAC;AAAA,EACnG;AAAA,EAEA,MAAM,0BAA0B,QAAgB,kBAA2C;AACvF,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,iBAAiB;AAAA;AAAA;AAAA;AAAA,MAIzE,MAAM,EAAE,iBAAiB;AAAA,IAC7B,CAAQ;AAAA,EACZ;AAAA;AAAA,EAIA,MAAM,kBAAyC;AAC3C,WAAO,KAAK,OAAO,IAAkB,2BAA2B;AAAA,EACpE;AAAA,EAEA,MAAM,iBAAiB,MAAuG;AAC1H,WAAO,KAAK,OAAO,KAAiB,6BAA6B,IAAI;AAAA,EACzE;AAAA,EAEA,MAAM,cAAc,cAA2C;AAC3D,WAAO,KAAK,OAAO,IAAgB,4BAA4B,YAAY,GAAG;AAAA,EAClF;AAAA,EAEA,MAAM,iBAAiB,cAAsB,MAAoE;AAC7G,WAAO,KAAK,OAAO,IAAgB,4BAA4B,YAAY,KAAK,IAAI;AAAA,EACxF;AAAA,EAEA,MAAM,iBAAiB,cAAqC;AACxD,WAAO,KAAK,OAAO,OAAa,4BAA4B,YAAY,GAAG;AAAA,EAC/E;AAAA;AAAA,EAIA,MAAM,iBAAiB,QAAgB,UAAiC;AACpE,WAAO,KAAK,OAAO,KAAW,sBAAsB,MAAM,WAAW,EAAE,WAAW,SAAS,CAAC;AAAA,EAChG;AAAA,EAEA,MAAM,mBAAmB,QAAgB,UAAiC;AACtE,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,WAAW;AAAA,MACnE,QAAQ,EAAE,WAAW,SAAS;AAAA,IAClC,CAAC;AAAA,EACL;AAAA,EAEA,MAAM,wBAAwB,QAAgB,iBAA0C;AACpF,WAAO,KAAK,OAAO,KAAW,sBAAsB,MAAM,iBAAiB,EAAE,kBAAkB,gBAAgB,CAAC;AAAA,EACpH;AAAA,EAEA,MAAM,0BAA0B,QAAgB,iBAA0C;AACtF,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,iBAAiB;AAAA,MACzE,MAAM,EAAE,kBAAkB,gBAAgB;AAAA,IAC9C,CAAQ;AAAA,EACZ;AACJ;;;AC9IO,IAAM,aAAN,MAAiB;AAAA,EACpB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA;AAAA,EAIjD,MAAM,aAA2B;AAC7B,WAAO,KAAK,OAAO,IAAI,kBAAkB;AAAA,EAC7C;AAAA,EAEA,MAAM,cAAc,MAAyC;AACzD,WAAO,KAAK,OAAO,MAAM,oBAAoB,IAAI;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,UAAkC;AACjD,WAAO,KAAK,OAAO,MAAM,oBAAoB,QAAQ;AAAA,EACzD;AAAA,EAEA,MAAM,cAAc,UAAkB,SAAiC;AACnE,WAAO,KAAK,OAAO,KAAW,0CAA0C;AAAA,MACpE;AAAA,MACA,UAAU;AAAA,IACd,CAAC;AAAA,EACL;AAAA;AAAA,EAIA,MAAM,UAAU,QAA8C;AAC1D,WAAO,KAAK,OAAO,IAAW,6BAA6B,EAAE,OAAO,CAAC;AAAA,EACzE;AAAA,EAEA,MAAM,QAAQ,QAA8B;AACxC,WAAO,KAAK,OAAO,IAAI,4BAA4B,MAAM,GAAG;AAAA,EAChE;AAAA,EAEA,MAAM,gBAAgB,QAAgB,MAA2C;AAC7E,WAAO,KAAK,OAAO,MAAM,4BAA4B,MAAM,KAAK,IAAI;AAAA,EACxE;AAAA,EAEA,MAAM,gBAAgB,QAA+B;AACjD,WAAO,KAAK,OAAO,OAAa,4BAA4B,MAAM,GAAG;AAAA,EACzE;AAAA,EAEA,MAAM,QAAQ,QAAgB,SAAiB,IAAmB;AAC9D,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,SAAS,EAAE,OAAO,CAAC;AAAA,EACvF;AAAA,EAEA,MAAM,UAAU,QAA+B;AAC3C,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,SAAS;AAAA,EAC7E;AAAA,EAEA,MAAM,SAAS,QAAgB,kBAA0B,IAAI,SAAiB,IAAmB;AAC7F,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,UAAU,EAAE,kBAAkB,iBAAiB,OAAO,CAAC;AAAA,EAC3H;AAAA,EAEA,MAAM,WAAW,QAA+B;AAC5C,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,UAAU;AAAA,EAC9E;AACJ;;;ACzEO,IAAM,gBAAN,MAAoB;AAAA,EAChB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEP,YAAY,SAA4B;AACpC,SAAK,OAAO,IAAI,kBAAkB,OAAO;AACzC,SAAK,OAAO,IAAI,WAAW,KAAK,IAAI;AACpC,SAAK,WAAW,IAAI,eAAe,KAAK,IAAI;AAC5C,SAAK,OAAO,IAAI,WAAW,KAAK,IAAI;AACpC,SAAK,OAAO,IAAI,WAAW,KAAK,IAAI;AAAA,EACxC;AACJ;","names":[]}
1	+ {"version":3,"sources":["../src/http/client.ts","../src/modules/auth.ts","../src/utils/base64url.ts","../src/modules/security.ts","../src/utils/jwt.ts","../src/modules/rbac.ts","../src/modules/user.ts","../src/modules/b2b.ts","../src/modules/ai.ts","../src/client.ts"],"sourcesContent":["import type { TenxyteError } from '../types';\n\nexport interface HttpClientOptions {\n baseUrl: string;\n timeoutMs?: number;\n headers?: Record<string, string>;\n}\n\nexport type RequestConfig = Omit<RequestInit, 'body' \| 'headers'> & {\n body?: unknown;\n headers?: Record<string, string>;\n params?: Record<string, string \| number \| boolean>;\n};\n\n/*\n Core HTTP Client underlying the SDK.\n * Handles JSON parsing, standard headers, simple request processing,\n * and normalizing errors into TenxyteError format.\n /\nexport class TenxyteHttpClient {\n private baseUrl: string;\n private defaultHeaders: Record<string, string>;\n\n // Interceptors\n private requestInterceptors: Array<(config: RequestConfig & { url: string }) => Promise<RequestConfig & { url: string }> \| (RequestConfig & { url: string })> = [];\n private responseInterceptors: Array<(response: Response, request: { url: string; config: RequestConfig }) => Promise<Response> \| Response> = [];\n\n constructor(options: HttpClientOptions) {\n this.baseUrl = options.baseUrl.replace(/\\/$/, ''); // Remove trailing slash\n this.defaultHeaders = {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...options.headers,\n };\n }\n\n // Interceptor Registration\n addRequestInterceptor(interceptor: typeof this.requestInterceptors[0]) {\n this.requestInterceptors.push(interceptor);\n }\n\n addResponseInterceptor(interceptor: typeof this.responseInterceptors[0]) {\n this.responseInterceptors.push(interceptor);\n }\n\n /\n Main request method wrapping fetch\n /\n async request<T>(endpoint: string, config: RequestConfig = {}): Promise<T> {\n const urlStr = endpoint.startsWith('http')\n ? endpoint\n : `${this.baseUrl}${endpoint.startsWith('/') ? '' : '/'}${endpoint}`;\n\n let urlObj = new URL(urlStr);\n\n if (config.params) {\n Object.entries(config.params).forEach(([key, value]) => {\n if (value !== undefined && value !== null) {\n urlObj.searchParams.append(key, String(value));\n }\n });\n }\n\n let requestContext: any = {\n url: urlObj.toString(),\n ...config,\n headers: { ...this.defaultHeaders, ...(config.headers \|\| {}) } as Record<string, string>,\n };\n\n // Handle FormData implicitly for multipart requests\n if (typeof FormData !== 'undefined' && requestContext.body instanceof FormData) {\n const headers = requestContext.headers as Record<string, string>;\n // Explicitly remove Content-Type so fetch can auto-assign the multipart boundary\n delete headers['Content-Type'];\n delete headers['content-type'];\n } else if (requestContext.body && typeof requestContext.body === 'object') {\n const contentType = (requestContext.headers as Record<string, string>)['Content-Type'] \|\| '';\n if (contentType.toLowerCase().includes('application/json')) {\n requestContext.body = JSON.stringify(requestContext.body);\n }\n }\n\n // Run Request Interceptors\n for (const interceptor of this.requestInterceptors) {\n requestContext = await interceptor(requestContext);\n }\n\n const { url, ...fetchConfig } = requestContext as any;\n\n try {\n let response = await fetch(url, fetchConfig as RequestInit);\n\n // Run Response Interceptors (e.g., token refresh logic)\n for (const interceptor of this.responseInterceptors) {\n response = await interceptor(response, { url, config: fetchConfig as RequestConfig });\n }\n\n if (!response.ok) {\n throw await this.normalizeError(response);\n }\n\n // Handle NoContent\n if (response.status === 204) {\n return {} as T;\n }\n\n const contentType = response.headers.get('content-type');\n if (contentType && contentType.includes('application/json')) {\n return (await response.json()) as T;\n }\n\n return (await response.text()) as unknown as T;\n } catch (error: any) {\n if (error && error.code) {\n throw error; // Already normalized\n }\n throw {\n error: error.message \|\| 'Network request failed',\n code: 'NETWORK_ERROR' as unknown as import('../types').TenxyteErrorCode,\n details: String(error)\n } as TenxyteError;\n }\n }\n\n private async normalizeError(response: Response): Promise<TenxyteError> {\n try {\n const body = await response.json();\n return {\n error: body.error \|\| body.detail \|\| 'API request failed',\n code: body.code \|\| `HTTP_${response.status}`,\n details: body.details \|\| body,\n retry_after: response.headers.has('Retry-After') ? parseInt(response.headers.get('Retry-After')!, 10) : undefined,\n } as TenxyteError;\n } catch (e) {\n return {\n error: `HTTP Error ${response.status}: ${response.statusText}`,\n code: `HTTP_${response.status}` as unknown as import('../types').TenxyteErrorCode,\n } as TenxyteError;\n }\n }\n\n // Convenience methods\n get<T>(endpoint: string, config?: Omit<RequestConfig, 'method' \| 'body'>) {\n return this.request<T>(endpoint, { ...config, method: 'GET' });\n }\n\n post<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' \| 'body'>) {\n return this.request<T>(endpoint, { ...config, method: 'POST', body: data });\n }\n\n put<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' \| 'body'>) {\n return this.request<T>(endpoint, { ...config, method: 'PUT', body: data });\n }\n\n patch<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' \| 'body'>) {\n return this.request<T>(endpoint, { ...config, method: 'PATCH', body: data });\n }\n\n delete<T>(endpoint: string, config?: Omit<RequestConfig, 'method' \| 'body'>) {\n return this.request<T>(endpoint, { ...config, method: 'DELETE' });\n }\n}\n","import { TenxyteHttpClient } from '../http/client';\nimport { TokenPair, GeneratedSchema } from '../types';\n\nexport interface LoginEmailOptions {\n totp_code?: string;\n}\n\nexport interface LoginPhoneOptions {\n totp_code?: string;\n}\n\nexport type RegisterRequest = any;\n\nexport interface MagicLinkRequest {\n email: string;\n}\n\nexport interface SocialLoginRequest {\n access_token?: string;\n authorization_code?: string;\n id_token?: string;\n}\n\nexport class AuthModule {\n constructor(private client: TenxyteHttpClient) { }\n\n /\n Authenticate a user with their email and password.\n * @param data - The login credentials and optional TOTP code if 2FA is required.\n * @returns A pair of Access and Refresh tokens upon successful authentication.\n * @throws {TenxyteError} If credentials are invalid, or if `2FA_REQUIRED` without a valid `totp_code`.\n /\n async loginWithEmail(\n data: GeneratedSchema['LoginEmail'],\n ): Promise<TokenPair> {\n return this.client.post<TokenPair>('/api/v1/auth/login/email/', data);\n }\n\n /\n Authenticate a user with an international phone number and password.\n * @param data - The login credentials and optional TOTP code if 2FA is required.\n * @returns A pair of Access and Refresh tokens.\n /\n async loginWithPhone(\n data: GeneratedSchema['LoginPhone'],\n ): Promise<TokenPair> {\n return this.client.post<TokenPair>('/api/v1/auth/login/phone/', data);\n }\n\n /\n Registers a new user account.\n * @param data - The registration details (email, password, etc.).\n * @returns The registered user data or a confirmation message.\n /\n async register(data: RegisterRequest): Promise<any> {\n return this.client.post<any>('/api/v1/auth/register/', data);\n }\n\n /\n Logout from the current session.\n * Informs the backend to immediately revoke the specified refresh token.\n * @param refreshToken - The refresh token to revoke.\n /\n async logout(refreshToken: string): Promise<void> {\n return this.client.post<void>('/api/v1/auth/logout/', { refresh_token: refreshToken });\n }\n\n /\n Logout from all sessions across all devices.\n * Revokes all refresh tokens currently assigned to the user.\n /\n async logoutAll(): Promise<void> {\n return this.client.post<void>('/api/v1/auth/logout/all/');\n }\n\n /\n Request a Magic Link for passwordless sign-in.\n * @param data - The email to send the logic link to.\n /\n async requestMagicLink(data: MagicLinkRequest): Promise<void> {\n return this.client.post<void>('/api/v1/auth/magic-link/request/', data);\n }\n\n /\n Verifies a magic link token extracted from the URL.\n * @param token - The cryptographic token received via email.\n * @returns A session token pair if the token is valid and unexpired.\n /\n async verifyMagicLink(token: string): Promise<TokenPair> {\n return this.client.get<TokenPair>(`/api/v1/auth/magic-link/verify/`, { params: { token } });\n }\n\n /\n Submits OAuth2 Social Authentication payloads to the backend.\n * Can be used with native mobile SDK tokens (like Apple Sign-In JWTs).\n * @param provider - The OAuth provider ('google', 'github', etc.)\n * @param data - The OAuth tokens (access_token, id_token, etc.)\n * @returns An active session token pair.\n /\n async loginWithSocial(provider: 'google' \| 'github' \| 'microsoft' \| 'facebook', data: SocialLoginRequest): Promise<TokenPair> {\n return this.client.post<TokenPair>(`/api/v1/auth/social/${provider}/`, data);\n }\n\n /\n Handle Social Auth Callbacks (Authorization Code flow).\n * @param provider - The OAuth provider ('google', 'github', etc.)\n * @param code - The authorization code retrieved from the query string parameters.\n * @param redirectUri - The original redirect URI that was requested.\n * @returns An active session token pair after successful code exchange.\n /\n async handleSocialCallback(provider: 'google' \| 'github' \| 'microsoft' \| 'facebook', code: string, redirectUri: string): Promise<TokenPair> {\n return this.client.get<TokenPair>(`/api/v1/auth/social/${provider}/callback/`, {\n params: { code, redirect_uri: redirectUri },\n });\n }\n}\n","export function bufferToBase64url(buffer: ArrayBuffer \| Uint8Array): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary)\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '');\n}\n\nexport function base64urlToBuffer(base64url: string): Uint8Array {\n const base64 = base64url\n .replace(/-/g, '+')\n .replace(/_/g, '/');\n const padLen = (4 - (base64.length % 4)) % 4;\n const padded = base64 + '='.repeat(padLen);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n","import { TenxyteHttpClient } from '../http/client';\nimport { TenxyteUser, TokenPair } from '../types';\nimport { base64urlToBuffer, bufferToBase64url } from '../utils/base64url';\n\nexport class SecurityModule {\n constructor(private client: TenxyteHttpClient) { }\n\n // ─── 2FA (TOTP) Management ───\n\n /\n Get the current 2FA status for the authenticated user.\n * @returns Information about whether 2FA is enabled and how many backup codes remain.\n /\n async get2FAStatus(): Promise<{ is_enabled: boolean; backup_codes_remaining: number }> {\n return this.client.get('/api/v1/auth/2fa/status/');\n }\n\n /\n Start the 2FA enrollment process.\n * @returns The secret key and QR code URL to be scanned by an Authenticator app.\n /\n async setup2FA(): Promise<{\n message: string;\n secret: string;\n manual_entry_key: string;\n qr_code: string;\n provisioning_uri: string;\n backup_codes: string[];\n warning: string;\n }> {\n return this.client.post('/api/v1/auth/2fa/setup/');\n }\n\n /\n Confirm the 2FA setup by providing the first TOTP code generated by the Authenticator app.\n * @param totpCode - The 6-digit code.\n /\n async confirm2FA(totpCode: string): Promise<{\n message: string;\n is_enabled: boolean;\n enabled_at: string;\n }> {\n return this.client.post('/api/v1/auth/2fa/confirm/', { totp_code: totpCode });\n }\n\n /\n Disable 2FA for the current user.\n * Usually requires re-authentication or providing the active password/totp code.\n * @param totpCode - The current 6-digit code to verify intent.\n * @param password - (Optional) The user's password if required by backend policy.\n /\n async disable2FA(totpCode: string, password?: string): Promise<{\n message: string;\n is_enabled: boolean;\n disabled_at: string;\n backup_codes_invalidated: boolean;\n }> {\n return this.client.post('/api/v1/auth/2fa/disable/', { totp_code: totpCode, password });\n }\n\n /\n Invalidate old backup codes and explicitly generate a new batch.\n * @param totpCode - An active TOTP code to verify intent.\n /\n async regenerateBackupCodes(totpCode: string): Promise<{\n message: string;\n backup_codes: string[];\n codes_count: number;\n generated_at?: string;\n warning: string;\n }> {\n return this.client.post('/api/v1/auth/2fa/backup-codes/', { totp_code: totpCode });\n }\n\n // ─── Verification OTP (Email / Phone) ───\n\n /\n Request an OTP code to be dispatched to the user's primary contact method.\n * @param type - The channel type ('email' or 'phone').\n /\n async requestOtp(type: 'email' \| 'phone'): Promise<{\n message: string;\n otp_id: number;\n expires_at: string;\n channel: 'email' \| 'phone';\n masked_recipient: string;\n }> {\n return this.client.post('/api/v1/auth/otp/request/', { type: type === 'email' ? 'email_verification' : 'phone_verification' });\n }\n\n /\n Verify an email confirmation OTP.\n * @param code - The numeric code received via email.\n /\n async verifyOtpEmail(code: string): Promise<{\n message: string;\n email_verified: boolean;\n verified_at: string;\n }> {\n return this.client.post('/api/v1/auth/otp/verify/email/', { code });\n }\n\n /\n Verify a phone confirmation OTP (SMS dispatch).\n * @param code - The numeric code received via SMS.\n /\n async verifyOtpPhone(code: string): Promise<{\n message: string;\n phone_verified: boolean;\n verified_at: string;\n phone_number: string;\n }> {\n return this.client.post('/api/v1/auth/otp/verify/phone/', { code });\n }\n\n // ─── Password Sub-module ───\n\n /\n Triggers a password reset flow, dispatching an OTP to the target.\n * @param target - Either an email address or a phone configuration payload.\n /\n async resetPasswordRequest(target: { email: string } \| { phone_country_code: string; phone_number: string }): Promise<{ message: string }> {\n return this.client.post('/api/v1/auth/password/reset/request/', target);\n }\n\n /\n Confirm a password reset using the OTP dispatched by `resetPasswordRequest`.\n * @param data - The OTP code and the new matching password fields.\n /\n async resetPasswordConfirm(data: {\n email?: string;\n phone_country_code?: string;\n phone_number?: string;\n otp_code: string;\n new_password: string;\n confirm_password: string;\n }): Promise<{ message: string }> {\n return this.client.post('/api/v1/auth/password/reset/confirm/', data);\n }\n\n /\n Change password for an already authenticated user.\n * @param currentPassword - The existing password to verify intent.\n * @param newPassword - The distinct new password.\n /\n async changePassword(currentPassword: string, newPassword: string): Promise<{ message: string }> {\n return this.client.post('/api/v1/auth/password/change/', {\n current_password: currentPassword,\n new_password: newPassword,\n });\n }\n\n /\n Evaluate the strength of a potential password against backend policies.\n * @param password - The password string to test.\n * @param email - (Optional) The user's email to ensure the password doesn't contain it.\n /\n async checkPasswordStrength(password: string, email?: string): Promise<{\n score: number;\n strength: string;\n is_valid: boolean;\n errors: string[];\n requirements: {\n min_length: number;\n require_lowercase: boolean;\n require_uppercase: boolean;\n require_numbers: boolean;\n require_special: boolean;\n };\n }> {\n return this.client.post('/api/v1/auth/password/strength/', { password, email });\n }\n\n /\n Fetch the password complexity requirements enforced by the Tenxyte backend.\n /\n async getPasswordRequirements(): Promise<{\n requirements: Record<string, boolean \| number>;\n min_length: number;\n max_length: number;\n }> {\n return this.client.get('/api/v1/auth/password/requirements/');\n }\n\n // ─── WebAuthn / Passkeys (FIDO2) ───\n\n /\n Register a new WebAuthn device (Passkey/Biometrics/Security Key) for the authenticated user.\n * Integrates transparently with the browser `navigator.credentials` API.\n * @param deviceName - Optional human-readable name for the device being registered.\n /\n async registerWebAuthn(deviceName?: string): Promise<{\n message: string;\n credential: {\n id: number;\n device_name: string;\n created_at: string;\n };\n }> {\n // 1. Begin registration\n const optionsResponse = await this.client.post<any>('/api/v1/auth/webauthn/register/begin/');\n\n // 2. Map options for the browser\n const publicKeyOpts = optionsResponse.publicKey;\n publicKeyOpts.challenge = base64urlToBuffer(publicKeyOpts.challenge);\n publicKeyOpts.user.id = base64urlToBuffer(publicKeyOpts.user.id);\n if (publicKeyOpts.excludeCredentials) {\n publicKeyOpts.excludeCredentials.forEach((cred: any) => {\n cred.id = base64urlToBuffer(cred.id);\n });\n }\n\n // 3. Request credential creation from the Authenticator\n const cred = await navigator.credentials.create({ publicKey: publicKeyOpts }) as PublicKeyCredential;\n if (!cred) {\n throw new Error('WebAuthn registration was aborted or failed.');\n }\n\n const response = cred.response as AuthenticatorAttestationResponse;\n\n // 4. Complete registration on the backend\n const completionPayload = {\n device_name: deviceName,\n credential: {\n id: cred.id,\n type: cred.type,\n rawId: bufferToBase64url(cred.rawId),\n response: {\n attestationObject: bufferToBase64url(response.attestationObject),\n clientDataJSON: bufferToBase64url(response.clientDataJSON),\n },\n },\n };\n\n return this.client.post('/api/v1/auth/webauthn/register/complete/', completionPayload);\n }\n\n /\n Authenticate via WebAuthn (Passkey) without requiring a password.\n * Integrates transparently with the browser `navigator.credentials` API.\n * @param email - The email address identifying the user account (optional if discoverable credentials are used).\n * @returns A session token pair and the user context upon successful cryptographic challenge verification.\n /\n async authenticateWebAuthn(email?: string): Promise<{\n access: string;\n refresh: string;\n user: TenxyteUser;\n message: string;\n credential_used: string;\n }> {\n // 1. Begin authentication\n const optionsResponse = await this.client.post<any>('/api/v1/auth/webauthn/authenticate/begin/', email ? { email } : {});\n\n // 2. Map options for the browser\n const publicKeyOpts = optionsResponse.publicKey;\n publicKeyOpts.challenge = base64urlToBuffer(publicKeyOpts.challenge);\n if (publicKeyOpts.allowCredentials) {\n publicKeyOpts.allowCredentials.forEach((cred: any) => {\n cred.id = base64urlToBuffer(cred.id);\n });\n }\n\n // 3. Request assertion from the Authenticator\n const cred = await navigator.credentials.get({ publicKey: publicKeyOpts }) as PublicKeyCredential;\n if (!cred) {\n throw new Error('WebAuthn authentication was aborted or failed.');\n }\n\n const response = cred.response as AuthenticatorAssertionResponse;\n\n // 4. Complete authentication on the backend\n const completionPayload = {\n credential: {\n id: cred.id,\n type: cred.type,\n rawId: bufferToBase64url(cred.rawId),\n response: {\n authenticatorData: bufferToBase64url(response.authenticatorData),\n clientDataJSON: bufferToBase64url(response.clientDataJSON),\n signature: bufferToBase64url(response.signature),\n userHandle: response.userHandle ? bufferToBase64url(response.userHandle) : null,\n },\n },\n };\n\n return this.client.post('/api/v1/auth/webauthn/authenticate/complete/', completionPayload);\n }\n\n /\n List all registered WebAuthn credentials for the active user.\n /\n async listWebAuthnCredentials(): Promise<{\n credentials: Array<{\n id: number;\n device_name: string;\n created_at: string;\n last_used_at: string \| null;\n authenticator_type: string;\n is_resident_key: boolean;\n }>;\n count: number;\n }> {\n return this.client.get('/api/v1/auth/webauthn/credentials/');\n }\n\n /\n Delete a specific WebAuthn credential, removing its capability to sign in.\n * @param credentialId - The internal ID of the credential to delete.\n /\n async deleteWebAuthnCredential(credentialId: number): Promise<void> {\n return this.client.delete(`/api/v1/auth/webauthn/credentials/${credentialId}/`);\n }\n}\n","export interface DecodedTenxyteToken {\n exp?: number;\n iat?: number;\n sub?: string;\n roles?: string[];\n permissions?: string[];\n [key: string]: any;\n}\n\n/\n Decodes the payload of a JWT without verifying the signature.\n * Suitable for client-side routing and UI state.\n /\nexport function decodeJwt(token: string): DecodedTenxyteToken \| null {\n try {\n const parts = token.split('.');\n if (parts.length !== 3) {\n return null;\n }\n\n let base64Url = parts[1];\n if (!base64Url) return null;\n\n let base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');\n\n // Pad with standard base64 padding\n while (base64.length % 4) {\n base64 += '=';\n }\n\n const isBrowser = typeof window !== 'undefined' && typeof window.atob === 'function';\n let jsonPayload: string;\n\n if (isBrowser) {\n // Browser decode\n jsonPayload = decodeURIComponent(\n window.atob(base64)\n .split('')\n .map((c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))\n .join('')\n );\n } else {\n // Node.js decode\n jsonPayload = Buffer.from(base64, 'base64').toString('utf8');\n }\n\n return JSON.parse(jsonPayload);\n } catch (e) {\n return null;\n }\n}\n","import { TenxyteHttpClient } from '../http/client';\nimport { decodeJwt, DecodedTenxyteToken } from '../utils/jwt';\n\nexport interface Role {\n id: string;\n name: string;\n description?: string;\n is_default?: boolean;\n permissions?: string[];\n}\n\nexport interface Permission {\n id: string;\n code: string;\n name: string;\n description?: string;\n}\n\nexport class RbacModule {\n private cachedToken: string \| null = null;\n\n constructor(private client: TenxyteHttpClient) { }\n\n /\n Cache a decoded JWT payload locally to perform parameter-less synchronous permission checks.\n * Usually invoked automatically by the system upon login or token refresh.\n * @param token - The raw JWT access token encoded string.\n /\n setToken(token: string \| null) {\n this.cachedToken = token;\n }\n\n private getDecodedToken(token?: string): DecodedTenxyteToken \| null {\n const t = token \|\| this.cachedToken;\n if (!t) return null;\n return decodeJwt(t);\n }\n\n // --- Synchronous Checks --- //\n\n /\n Synchronously deeply inspects the cached (or provided) JWT to determine if the user has a specific Role.\n * @param role - The exact code name of the Role.\n * @param token - (Optional) Provide a specific token overriding the cached one.\n /\n hasRole(role: string, token?: string): boolean {\n const decoded = this.getDecodedToken(token);\n if (!decoded?.roles) return false;\n return decoded.roles.includes(role);\n }\n\n /\n Evaluates if the active session holds AT LEAST ONE of the listed Roles.\n * @param roles - An array of Role codes.\n /\n hasAnyRole(roles: string[], token?: string): boolean {\n const decoded = this.getDecodedToken(token);\n if (!decoded?.roles) return false;\n return roles.some(r => decoded.roles!.includes(r));\n }\n\n /\n Evaluates if the active session holds ALL of the listed Roles concurrently.\n * @param roles - An array of Role codes.\n /\n hasAllRoles(roles: string[], token?: string): boolean {\n const decoded = this.getDecodedToken(token);\n if (!decoded?.roles) return false;\n return roles.every(r => decoded.roles!.includes(r));\n }\n\n /\n Synchronously deeply inspects the cached (or provided) JWT to determine if the user has a specific granular Permission.\n * @param permission - The exact code name of the Permission (e.g., 'invoices.read').\n /\n hasPermission(permission: string, token?: string): boolean {\n const decoded = this.getDecodedToken(token);\n if (!decoded?.permissions) return false;\n return decoded.permissions.includes(permission);\n }\n\n /\n Evaluates if the active session holds AT LEAST ONE of the listed Permissions.\n /\n hasAnyPermission(permissions: string[], token?: string): boolean {\n const decoded = this.getDecodedToken(token);\n if (!decoded?.permissions) return false;\n return permissions.some(p => decoded.permissions!.includes(p));\n }\n\n /\n Evaluates if the active session holds ALL of the listed Permissions concurrently.\n /\n hasAllPermissions(permissions: string[], token?: string): boolean {\n const decoded = this.getDecodedToken(token);\n if (!decoded?.permissions) return false;\n return permissions.every(p => decoded.permissions!.includes(p));\n }\n\n // --- Roles CRUD --- //\n\n /* Fetch all application global Roles structure /\n async listRoles(): Promise<Role[]> {\n return this.client.get<Role[]>('/api/v1/auth/roles/');\n }\n\n /* Create a new architectural Role inside Tenxyte /\n async createRole(data: { name: string; description?: string; permission_codes?: string[]; is_default?: boolean }): Promise<Role> {\n return this.client.post<Role>('/api/v1/auth/roles/', data);\n }\n\n /* Get detailed metadata defining a single bounded Role /\n async getRole(roleId: string): Promise<Role> {\n return this.client.get<Role>(`/api/v1/auth/roles/${roleId}/`);\n }\n\n /* Modify properties bounding a Role /\n async updateRole(roleId: string, data: { name?: string; description?: string; permission_codes?: string[]; is_default?: boolean }): Promise<Role> {\n return this.client.put<Role>(`/api/v1/auth/roles/${roleId}/`, data);\n }\n\n /* Unbind and destruct a Role from the global Tenant. (Dangerous, implies cascading permission unbindings) /\n async deleteRole(roleId: string): Promise<void> {\n return this.client.delete<void>(`/api/v1/auth/roles/${roleId}/`);\n }\n\n // --- Role Permissions Management --- //\n\n async getRolePermissions(roleId: string): Promise<Permission[]> {\n return this.client.get<Permission[]>(`/api/v1/auth/roles/${roleId}/permissions/`);\n }\n\n async addPermissionsToRole(roleId: string, permission_codes: string[]): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/roles/${roleId}/permissions/`, { permission_codes });\n }\n\n async removePermissionsFromRole(roleId: string, permission_codes: string[]): Promise<void> {\n return this.client.delete<void>(`/api/v1/auth/roles/${roleId}/permissions/`, {\n // Note: DELETE request with body is supported via our fetch wrapper if enabled,\n // or we might need to rely on query strings. The schema specifies body or query.\n // Let's pass it in body via a custom config or URL params.\n body: { permission_codes }\n } as any);\n }\n\n // --- Permissions CRUD --- //\n\n /* Enumerates all available fine-grained Permissions inside this Tenant scope. /\n async listPermissions(): Promise<Permission[]> {\n return this.client.get<Permission[]>('/api/v1/auth/permissions/');\n }\n\n /* Bootstraps a new granular Permission flag (e.g. `billing.refund`). /\n async createPermission(data: { code: string; name: string; description?: string; parent_code?: string }): Promise<Permission> {\n return this.client.post<Permission>('/api/v1/auth/permissions/', data);\n }\n\n /* Retrieves an existing atomic Permission construct. /\n async getPermission(permissionId: string): Promise<Permission> {\n return this.client.get<Permission>(`/api/v1/auth/permissions/${permissionId}/`);\n }\n\n /* Edits the human readable description or structural dependencies of a Permission. /\n async updatePermission(permissionId: string, data: { name?: string; description?: string }): Promise<Permission> {\n return this.client.put<Permission>(`/api/v1/auth/permissions/${permissionId}/`, data);\n }\n\n /* Destroys an atomic Permission permanently. Any Roles referencing it will be stripped of this grant automatically. /\n async deletePermission(permissionId: string): Promise<void> {\n return this.client.delete<void>(`/api/v1/auth/permissions/${permissionId}/`);\n }\n\n // --- Direct Assignment (Users) --- //\n\n /\n Attach a given Role globally to a user entity.\n * Use sparingly if B2B multi-tenancy contexts are preferred.\n /\n async assignRoleToUser(userId: string, roleCode: string): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/users/${userId}/roles/`, { role_code: roleCode });\n }\n\n /\n Unbind a global Role from a user entity.\n /\n async removeRoleFromUser(userId: string, roleCode: string): Promise<void> {\n return this.client.delete<void>(`/api/v1/auth/users/${userId}/roles/`, {\n params: { role_code: roleCode }\n });\n }\n\n /\n Ad-Hoc directly attach specific granular Permissions to a single User, bypassing Role boundaries.\n /\n async assignPermissionsToUser(userId: string, permissionCodes: string[]): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/users/${userId}/permissions/`, { permission_codes: permissionCodes });\n }\n\n /\n Ad-Hoc strip direct granular Permissions bindings from a specific User.\n /\n async removePermissionsFromUser(userId: string, permissionCodes: string[]): Promise<void> {\n return this.client.delete<void>(`/api/v1/auth/users/${userId}/permissions/`, {\n body: { permission_codes: permissionCodes }\n } as any);\n }\n}\n","import { TenxyteHttpClient } from '../http/client';\n\nexport interface UpdateProfileParams {\n first_name?: string;\n last_name?: string;\n [key: string]: any; // Allow custom metadata updates\n}\n\nexport interface AdminUpdateUserParams {\n first_name?: string;\n last_name?: string;\n is_active?: boolean;\n is_locked?: boolean;\n max_sessions?: number;\n max_devices?: number;\n}\n\nexport class UserModule {\n constructor(private client: TenxyteHttpClient) { }\n\n // --- Standard Profile Actions --- //\n\n /* Retrieve your current comprehensive Profile metadata matching the active network bearer token. /\n async getProfile(): Promise<any> {\n return this.client.get('/api/v1/auth/me/');\n }\n\n /* Modify your active profile core details or injected application metadata. /\n async updateProfile(data: UpdateProfileParams): Promise<any> {\n return this.client.patch('/api/v1/auth/me/', data);\n }\n\n /\n Upload an avatar using FormData.\n * Ensure the environment supports FormData (browser or Node.js v18+).\n * @param formData The FormData object containing the 'avatar' field.\n /\n async uploadAvatar(formData: FormData): Promise<any> {\n return this.client.patch('/api/v1/auth/me/', formData);\n }\n\n /\n Trigger self-deletion of an entire account data boundary.\n * @param password - Requires the active system password as destructive proof of intent.\n * @param otpCode - (Optional) If an OTP was queried prior to attempting account deletion.\n /\n async deleteAccount(password: string, otpCode?: string): Promise<void> {\n return this.client.post<void>('/api/v1/auth/request-account-deletion/', {\n password,\n otp_code: otpCode\n });\n }\n\n // --- Admin Actions Mapping --- //\n\n /* (Admin only) Lists users paginated matching criteria. /\n async listUsers(params?: Record<string, any>): Promise<any[]> {\n return this.client.get<any[]>('/api/v1/auth/admin/users/', { params });\n }\n\n /* (Admin only) Gets deterministic data related to a remote unassociated user. /\n async getUser(userId: string): Promise<any> {\n return this.client.get(`/api/v1/auth/admin/users/${userId}/`);\n }\n\n /* (Admin only) Modifies configuration/details or capacity bounds related to a remote unassociated user. /\n async adminUpdateUser(userId: string, data: AdminUpdateUserParams): Promise<any> {\n return this.client.patch(`/api/v1/auth/admin/users/${userId}/`, data);\n }\n\n /* (Admin only) Force obliterate a User boundary. Can affect relational database stability if not bound carefully. /\n async adminDeleteUser(userId: string): Promise<void> {\n return this.client.delete<void>(`/api/v1/auth/admin/users/${userId}/`);\n }\n\n /* (Admin only) Apply a permanent suspension / ban state globally on a user token footprint. /\n async banUser(userId: string, reason: string = ''): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/ban/`, { reason });\n }\n\n /* (Admin only) Recover a user footprint from a global ban state. /\n async unbanUser(userId: string): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/unban/`);\n }\n\n /* (Admin only) Apply a temporary lock bounding block on a user interaction footprint. /\n async lockUser(userId: string, durationMinutes: number = 30, reason: string = ''): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/lock/`, { duration_minutes: durationMinutes, reason });\n }\n\n /* (Admin only) Releases an arbitrary temporary system lock placed on a user bounds. /\n async unlockUser(userId: string): Promise<void> {\n return this.client.post<void>(`/api/v1/auth/admin/users/${userId}/unlock/`);\n }\n}\n","import { TenxyteHttpClient } from '../http/client';\nimport { Organization, PaginatedResponse } from '../types';\n\nexport interface OrgMembership {\n id: number;\n user_id: number;\n email: string;\n first_name: string;\n last_name: string;\n role: { code: string; name: string };\n joined_at: string;\n}\n\nexport interface OrgTreeNode {\n id: number;\n name: string;\n slug: string;\n children: OrgTreeNode[];\n}\n\nexport class B2bModule {\n private currentOrgSlug: string \| null = null;\n\n constructor(private client: TenxyteHttpClient) {\n // Register an interceptor to auto-inject the X-Org-Slug header\n this.client.addRequestInterceptor((config) => {\n if (this.currentOrgSlug) {\n config.headers = {\n ...config.headers,\n 'X-Org-Slug': this.currentOrgSlug,\n };\n }\n return config;\n });\n }\n\n // ─── Context Management ───\n\n /\n Set the active Organization context.\n * Subsequent API requests will automatically include the `X-Org-Slug` header.\n * @param slug - The unique string identifier of the organization.\n /\n switchOrganization(slug: string): void {\n this.currentOrgSlug = slug;\n }\n\n /\n Clear the active Organization context, dropping the `X-Org-Slug` header for standard User operations.\n /\n clearOrganization(): void {\n this.currentOrgSlug = null;\n }\n\n /* Get the currently active Organization slug context if set. /\n getCurrentOrganizationSlug(): string \| null {\n return this.currentOrgSlug;\n }\n\n // ─── Organizations CRUD ───\n\n /* Create a new top-level or child Organization in the backend. /\n async createOrganization(data: {\n name: string;\n slug?: string;\n description?: string;\n parent_id?: number;\n metadata?: Record<string, unknown>;\n max_members?: number;\n }): Promise<Organization> {\n return this.client.post('/api/v1/auth/organizations/', data);\n }\n\n /* List organizations the currently authenticated user belongs to. /\n async listMyOrganizations(params?: {\n search?: string;\n is_active?: boolean;\n parent?: string;\n ordering?: string;\n page?: number;\n page_size?: number;\n }): Promise<PaginatedResponse<Organization>> {\n return this.client.get('/api/v1/auth/organizations/', { params });\n }\n\n /* Retrieve details about a specific organization by slug. /\n async getOrganization(slug: string): Promise<Organization> {\n return this.client.get(`/api/v1/auth/organizations/${slug}/`);\n }\n\n /* Update configuration and metadata of an Organization. /\n async updateOrganization(slug: string, data: Partial<{\n name: string;\n slug: string;\n description: string;\n parent_id: number \| null;\n metadata: Record<string, unknown>;\n max_members: number;\n is_active: boolean;\n }>): Promise<Organization> {\n return this.client.patch(`/api/v1/auth/organizations/${slug}/`, data);\n }\n\n /* Permanently delete an Organization. /\n async deleteOrganization(slug: string): Promise<{ message: string }> {\n return this.client.delete(`/api/v1/auth/organizations/${slug}/`);\n }\n\n /* Retrieve the topology subtree extending downward from this point. /\n async getOrganizationTree(slug: string): Promise<OrgTreeNode> {\n return this.client.get(`/api/v1/auth/organizations/${slug}/tree/`);\n }\n\n // ─── Member Management ───\n\n /* List users bound to a specific Organization. /\n async listMembers(slug: string, params?: {\n search?: string;\n role?: 'owner' \| 'admin' \| 'member';\n status?: 'active' \| 'inactive' \| 'pending';\n ordering?: string;\n page?: number;\n page_size?: number;\n }): Promise<PaginatedResponse<OrgMembership>> {\n return this.client.get(`/api/v1/auth/organizations/${slug}/members/`, { params });\n }\n\n /* Add a user directly into an Organization with a designated role. /\n async addMember(slug: string, data: {\n user_id: number;\n role_code: string;\n }): Promise<OrgMembership> {\n return this.client.post(`/api/v1/auth/organizations/${slug}/members/`, data);\n }\n\n /* Evolve or demote an existing member's role within the Organization. /\n async updateMemberRole(slug: string, userId: number, roleCode: string): Promise<OrgMembership> {\n return this.client.patch(`/api/v1/auth/organizations/${slug}/members/${userId}/`, { role_code: roleCode });\n }\n\n /* Kick a user out of the Organization. /\n async removeMember(slug: string, userId: number): Promise<{ message: string }> {\n return this.client.delete(`/api/v1/auth/organizations/${slug}/members/${userId}/`);\n }\n\n // ─── Invitations ───\n\n /* Send an onboarding email invitation to join an Organization. /\n async inviteMember(slug: string, data: {\n email: string;\n role_code: string;\n expires_in_days?: number;\n }): Promise<{\n id: number;\n email: string;\n role: string;\n token: string;\n expires_at: string;\n invited_by: { id: number; email: string };\n organization: { id: number; name: string; slug: string };\n }> {\n return this.client.post(`/api/v1/auth/organizations/${slug}/invitations/`, data);\n }\n\n /* Fetch a definition matrix of what Organization-level roles can be assigned. /\n async listOrgRoles(): Promise<Array<{\n code: string;\n name: string;\n description: string;\n weight: number;\n permissions: Array<{ code: string; name: string; description: string }>;\n is_system_role: boolean;\n created_at: string;\n }>> {\n return this.client.get('/api/v1/auth/organizations/roles/');\n }\n}\n","import { TenxyteHttpClient } from '../http/client';\nimport { AgentTokenSummary, AgentPendingAction } from '../types';\n\nexport class AiModule {\n private agentToken: string \| null = null;\n private traceId: string \| null = null;\n\n constructor(private client: TenxyteHttpClient) {\n // Register an interceptor to auto-inject AgentBearer and Trace ID\n this.client.addRequestInterceptor((config) => {\n const headers: Record<string, string> = { ...config.headers };\n\n if (this.agentToken) {\n // Determine if we should replace the standard Authorization\n // By Tenxyte specification, AgentToken uses \"AgentBearer\"\n headers['Authorization'] = `AgentBearer ${this.agentToken}`;\n }\n\n if (this.traceId) {\n headers['X-Prompt-Trace-ID'] = this.traceId;\n }\n\n return { ...config, headers };\n });\n\n // Intercept 202 Accepted and specific 403 errors (Circuit Breaker)\n // Usually, these should be emitted via the main TenxyteClient EventEmitter.\n // For now, we add a response interceptor to handle the HTTP side.\n this.client.addResponseInterceptor(async (response, request) => {\n // Note: Since response streams can only be read once, full integration\n // with EventEmitter for deep inspection (like 202s body) requires cloning.\n if (response.status === 202) {\n // HTTP 202 Accepted indicates HITL awaiting confirmation\n const cloned = response.clone();\n try {\n const data = await cloned.json();\n // Assuming TenxyteClient will fire 'agent:awaiting_approval' based on this later\n console.debug('[Tenxyte AI] Received 202 Awaiting Approval:', data);\n } catch {\n // Ignore parsing errors\n }\n } else if (response.status === 403) {\n const cloned = response.clone();\n try {\n const data = await cloned.json();\n if (data.code === 'BUDGET_EXCEEDED') {\n console.warn('[Tenxyte AI] Network responded with Budget Exceeded for Agent.');\n } else if (data.status === 'suspended') {\n console.warn('[Tenxyte AI] Circuit breaker open for Agent.');\n }\n } catch {\n // Ignore parsing errors\n }\n }\n return response;\n });\n }\n\n // ─── AgentToken Lifecycle ───\n\n /\n Create an AgentToken granting specific deterministic limits to an AI Agent.\n /\n async createAgentToken(data: {\n agent_id: string;\n permissions?: string[];\n expires_in?: number;\n organization?: string;\n budget_limit_usd?: number;\n circuit_breaker?: {\n max_requests?: number;\n window_seconds?: number;\n };\n dead_mans_switch?: {\n heartbeat_required_every?: number;\n };\n }): Promise<{\n id: number;\n token: string;\n agent_id: string;\n status: string;\n expires_at: string;\n }> {\n return this.client.post('/api/v1/auth/ai/tokens/', data);\n }\n\n /\n Set the SDK to operate on behalf of an Agent using the generated Agent Token payload.\n * Overrides standard `Authorization` headers with `AgentBearer`.\n /\n setAgentToken(token: string): void {\n this.agentToken = token;\n }\n\n /* Disables the active Agent override and reverts to standard User session requests. /\n clearAgentToken(): void {\n this.agentToken = null;\n }\n\n /* Check if the SDK is currently mocking requests as an AI Agent. /\n isAgentMode(): boolean {\n return this.agentToken !== null;\n }\n\n /* List previously provisioned active Agent tokens. /\n async listAgentTokens(): Promise<AgentTokenSummary[]> {\n return this.client.get('/api/v1/auth/ai/tokens/');\n }\n\n /* Fetch the status and configuration of a specific AgentToken. /\n async getAgentToken(tokenId: number): Promise<AgentTokenSummary> {\n return this.client.get(`/api/v1/auth/ai/tokens/${tokenId}/`);\n }\n\n /* Irreversibly revoke a targeted AgentToken from acting upon the Tenant. /\n async revokeAgentToken(tokenId: number): Promise<{ status: 'revoked' }> {\n return this.client.post(`/api/v1/auth/ai/tokens/${tokenId}/revoke/`);\n }\n\n /* Temporarily freeze an AgentToken by forcibly closing its Circuit Breaker. /\n async suspendAgentToken(tokenId: number): Promise<{ status: 'suspended' }> {\n return this.client.post(`/api/v1/auth/ai/tokens/${tokenId}/suspend/`);\n }\n\n /* Emergency kill-switch to wipe all operational Agent Tokens. /\n async revokeAllAgentTokens(): Promise<{ status: 'revoked'; count: number }> {\n return this.client.post('/api/v1/auth/ai/tokens/revoke-all/');\n }\n\n // ─── Circuit Breaker ───\n\n /* Satisfy an Agent's Dead-Man's switch heartbeat requirement to prevent suspension. /\n async sendHeartbeat(tokenId: number): Promise<{ status: 'ok' }> {\n return this.client.post(`/api/v1/auth/ai/tokens/${tokenId}/heartbeat/`);\n }\n\n // ─── Human in the Loop (HITL) ───\n\n /* List intercepted HTTP 202 actions waiting for Human interaction / approval. /\n async listPendingActions(): Promise<AgentPendingAction[]> {\n return this.client.get('/api/v1/auth/ai/pending-actions/');\n }\n\n /* Complete a pending HITL authorization to finally flush the Agent action to backend systems. /\n async confirmPendingAction(confirmationToken: string): Promise<{ status: 'confirmed' }> {\n return this.client.post('/api/v1/auth/ai/pending-actions/confirm/', { token: confirmationToken });\n }\n\n /* Block an Agent action permanently. /\n async denyPendingAction(confirmationToken: string): Promise<{ status: 'denied' }> {\n return this.client.post('/api/v1/auth/ai/pending-actions/deny/', { token: confirmationToken });\n }\n\n // ─── Traceability and Budget ───\n\n /* Start piping the `X-Prompt-Trace-ID` custom header outwards for tracing logs against LLM inputs. /\n setTraceId(traceId: string): void {\n this.traceId = traceId;\n }\n\n /* Disable trace forwarding context. /\n clearTraceId(): void {\n this.traceId = null;\n }\n\n /* \n * Report consumption costs associated with a backend invocation back to Tenxyte for strict circuit budgeting.\n * @param tokenId - AgentToken evaluating ID.\n * @param usage - Sunk token costs or explicit USD derivations.\n /\n async reportUsage(tokenId: number, usage: {\n cost_usd: number;\n prompt_tokens: number;\n completion_tokens: number;\n }): Promise<{ status: 'ok' } \| { error: 'Budget exceeded'; status: 'suspended' }> {\n return this.client.post(`/api/v1/auth/ai/tokens/${tokenId}/report-usage/`, usage);\n }\n}\n","import { TenxyteHttpClient, HttpClientOptions } from './http/client';\nimport { AuthModule } from './modules/auth';\nimport { SecurityModule } from './modules/security';\nimport { RbacModule } from './modules/rbac';\nimport { UserModule } from './modules/user';\nimport { B2bModule } from './modules/b2b';\nimport { AiModule } from './modules/ai';\n\n/\n The primary entry point for the Tenxyte SDK.\n * Groups together logic for authentication, security, organization switching, and AI control.\n /\nexport class TenxyteClient {\n /* The core HTTP wrapper handling network interception and parsing /\n public http: TenxyteHttpClient;\n /* Authentication module (Login, Signup, Magic link, session handling) /\n public auth: AuthModule;\n /* Security module (2FA, WebAuthn, Passwords, OTPs) /\n public security: SecurityModule;\n /* Role-Based Access Control and permission checking module /\n public rbac: RbacModule;\n /* Connected user's profile and management module /\n public user: UserModule;\n /* Business-to-Business organizations module (multi-tenant environments) /\n public b2b: B2bModule;\n /* AIRS - AI Responsibility & Security module (Agent tokens, Circuit breakers, HITL) /\n public ai: AiModule;\n\n /\n Initializes the SDK with connection details for your Tenxyte-powered API.\n * @param options Configuration options including `baseUrl` and custom headers like `X-Access-Key`\n * \n * @example\n * ```typescript\n * const tx = new TenxyteClient({ \n * baseUrl: 'https://api.my-service.com',\n * headers: { 'X-Access-Key': 'pkg_abc123' }\n * });\n * ```\n */\n constructor(options: HttpClientOptions) {\n this.http = new TenxyteHttpClient(options);\n this.auth = new AuthModule(this.http);\n this.security = new SecurityModule(this.http);\n this.rbac = new RbacModule(this.http);\n this.user = new UserModule(this.http);\n this.b2b = new B2bModule(this.http);\n this.ai = new AiModule(this.http);\n }\n}\n"],"mappings":";AAmBO,IAAM,oBAAN,MAAwB;AAAA,EACnB;AAAA,EACA;AAAA;AAAA,EAGA,sBAAwJ,CAAC;AAAA,EACzJ,uBAAqI,CAAC;AAAA,EAE9I,YAAY,SAA4B;AACpC,SAAK,UAAU,QAAQ,QAAQ,QAAQ,OAAO,EAAE;AAChD,SAAK,iBAAiB;AAAA,MAClB,gBAAgB;AAAA,MAChB,QAAQ;AAAA,MACR,GAAG,QAAQ;AAAA,IACf;AAAA,EACJ;AAAA;AAAA,EAGA,sBAAsB,aAAiD;AACnE,SAAK,oBAAoB,KAAK,WAAW;AAAA,EAC7C;AAAA,EAEA,uBAAuB,aAAkD;AACrE,SAAK,qBAAqB,KAAK,WAAW;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,QAAW,UAAkB,SAAwB,CAAC,GAAe;AACvE,UAAM,SAAS,SAAS,WAAW,MAAM,IACnC,WACA,GAAG,KAAK,OAAO,GAAG,SAAS,WAAW,GAAG,IAAI,KAAK,GAAG,GAAG,QAAQ;AAEtE,QAAI,SAAS,IAAI,IAAI,MAAM;AAE3B,QAAI,OAAO,QAAQ;AACf,aAAO,QAAQ,OAAO,MAAM,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACpD,YAAI,UAAU,UAAa,UAAU,MAAM;AACvC,iBAAO,aAAa,OAAO,KAAK,OAAO,KAAK,CAAC;AAAA,QACjD;AAAA,MACJ,CAAC;AAAA,IACL;AAEA,QAAI,iBAAsB;AAAA,MACtB,KAAK,OAAO,SAAS;AAAA,MACrB,GAAG;AAAA,MACH,SAAS,EAAE,GAAG,KAAK,gBAAgB,GAAI,OAAO,WAAW,CAAC,EAAG;AAAA,IACjE;AAGA,QAAI,OAAO,aAAa,eAAe,eAAe,gBAAgB,UAAU;AAC5E,YAAM,UAAU,eAAe;AAE/B,aAAO,QAAQ,cAAc;AAC7B,aAAO,QAAQ,cAAc;AAAA,IACjC,WAAW,eAAe,QAAQ,OAAO,eAAe,SAAS,UAAU;AACvE,YAAM,cAAe,eAAe,QAAmC,cAAc,KAAK;AAC1F,UAAI,YAAY,YAAY,EAAE,SAAS,kBAAkB,GAAG;AACxD,uBAAe,OAAO,KAAK,UAAU,eAAe,IAAI;AAAA,MAC5D;AAAA,IACJ;AAGA,eAAW,eAAe,KAAK,qBAAqB;AAChD,uBAAiB,MAAM,YAAY,cAAc;AAAA,IACrD;AAEA,UAAM,EAAE,KAAK,GAAG,YAAY,IAAI;AAEhC,QAAI;AACA,UAAI,WAAW,MAAM,MAAM,KAAK,WAA0B;AAG1D,iBAAW,eAAe,KAAK,sBAAsB;AACjD,mBAAW,MAAM,YAAY,UAAU,EAAE,KAAK,QAAQ,YAA6B,CAAC;AAAA,MACxF;AAEA,UAAI,CAAC,SAAS,IAAI;AACd,cAAM,MAAM,KAAK,eAAe,QAAQ;AAAA,MAC5C;AAGA,UAAI,SAAS,WAAW,KAAK;AACzB,eAAO,CAAC;AAAA,MACZ;AAEA,YAAM,cAAc,SAAS,QAAQ,IAAI,cAAc;AACvD,UAAI,eAAe,YAAY,SAAS,kBAAkB,GAAG;AACzD,eAAQ,MAAM,SAAS,KAAK;AAAA,MAChC;AAEA,aAAQ,MAAM,SAAS,KAAK;AAAA,IAChC,SAAS,OAAY;AACjB,UAAI,SAAS,MAAM,MAAM;AACrB,cAAM;AAAA,MACV;AACA,YAAM;AAAA,QACF,OAAO,MAAM,WAAW;AAAA,QACxB,MAAM;AAAA,QACN,SAAS,OAAO,KAAK;AAAA,MACzB;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,MAAc,eAAe,UAA2C;AACpE,QAAI;AACA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO;AAAA,QACH,OAAO,KAAK,SAAS,KAAK,UAAU;AAAA,QACpC,MAAM,KAAK,QAAQ,QAAQ,SAAS,MAAM;AAAA,QAC1C,SAAS,KAAK,WAAW;AAAA,QACzB,aAAa,SAAS,QAAQ,IAAI,aAAa,IAAI,SAAS,SAAS,QAAQ,IAAI,aAAa,GAAI,EAAE,IAAI;AAAA,MAC5G;AAAA,IACJ,SAAS,GAAG;AACR,aAAO;AAAA,QACH,OAAO,cAAc,SAAS,MAAM,KAAK,SAAS,UAAU;AAAA,QAC5D,MAAM,QAAQ,SAAS,MAAM;AAAA,MACjC;AAAA,IACJ;AAAA,EACJ;AAAA;AAAA,EAGA,IAAO,UAAkB,QAAiD;AACtE,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,MAAM,CAAC;AAAA,EACjE;AAAA,EAEA,KAAQ,UAAkB,MAAgB,QAAiD;AACvF,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,QAAQ,MAAM,KAAK,CAAC;AAAA,EAC9E;AAAA,EAEA,IAAO,UAAkB,MAAgB,QAAiD;AACtF,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,OAAO,MAAM,KAAK,CAAC;AAAA,EAC7E;AAAA,EAEA,MAAS,UAAkB,MAAgB,QAAiD;AACxF,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,SAAS,MAAM,KAAK,CAAC;AAAA,EAC/E;AAAA,EAEA,OAAU,UAAkB,QAAiD;AACzE,WAAO,KAAK,QAAW,UAAU,EAAE,GAAG,QAAQ,QAAQ,SAAS,CAAC;AAAA,EACpE;AACJ;;;AC1IO,IAAM,aAAN,MAAiB;AAAA,EACpB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjD,MAAM,eACF,MACkB;AAClB,WAAO,KAAK,OAAO,KAAgB,6BAA6B,IAAI;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,eACF,MACkB;AAClB,WAAO,KAAK,OAAO,KAAgB,6BAA6B,IAAI;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,SAAS,MAAqC;AAChD,WAAO,KAAK,OAAO,KAAU,0BAA0B,IAAI;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,OAAO,cAAqC;AAC9C,WAAO,KAAK,OAAO,KAAW,wBAAwB,EAAE,eAAe,aAAa,CAAC;AAAA,EACzF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,YAA2B;AAC7B,WAAO,KAAK,OAAO,KAAW,0BAA0B;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,iBAAiB,MAAuC;AAC1D,WAAO,KAAK,OAAO,KAAW,oCAAoC,IAAI;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,gBAAgB,OAAmC;AACrD,WAAO,KAAK,OAAO,IAAe,mCAAmC,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AAAA,EAC9F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,gBAAgB,UAA0D,MAA8C;AAC1H,WAAO,KAAK,OAAO,KAAgB,uBAAuB,QAAQ,KAAK,IAAI;AAAA,EAC/E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,qBAAqB,UAA0D,MAAc,aAAyC;AACxI,WAAO,KAAK,OAAO,IAAe,uBAAuB,QAAQ,cAAc;AAAA,MAC3E,QAAQ,EAAE,MAAM,cAAc,YAAY;AAAA,IAC9C,CAAC;AAAA,EACL;AACJ;;;ACnHO,SAAS,kBAAkB,QAA0C;AACxE,QAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,MAAI,SAAS;AACb,WAAS,IAAI,GAAG,IAAI,MAAM,YAAY,KAAK;AACvC,cAAU,OAAO,aAAa,MAAM,CAAC,CAAC;AAAA,EAC1C;AACA,SAAO,KAAK,MAAM,EACb,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AACzB;AAEO,SAAS,kBAAkB,WAA+B;AAC7D,QAAM,SAAS,UACV,QAAQ,MAAM,GAAG,EACjB,QAAQ,MAAM,GAAG;AACtB,QAAM,UAAU,IAAK,OAAO,SAAS,KAAM;AAC3C,QAAM,SAAS,SAAS,IAAI,OAAO,MAAM;AACzC,QAAM,SAAS,KAAK,MAAM;AAC1B,QAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,WAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACpC,UAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,EAClC;AACA,SAAO;AACX;;;ACpBO,IAAM,iBAAN,MAAqB;AAAA,EACxB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjD,MAAM,eAAiF;AACnF,WAAO,KAAK,OAAO,IAAI,0BAA0B;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAQH;AACC,WAAO,KAAK,OAAO,KAAK,yBAAyB;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAAW,UAId;AACC,WAAO,KAAK,OAAO,KAAK,6BAA6B,EAAE,WAAW,SAAS,CAAC;AAAA,EAChF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,WAAW,UAAkB,UAKhC;AACC,WAAO,KAAK,OAAO,KAAK,6BAA6B,EAAE,WAAW,UAAU,SAAS,CAAC;AAAA,EAC1F;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,sBAAsB,UAMzB;AACC,WAAO,KAAK,OAAO,KAAK,kCAAkC,EAAE,WAAW,SAAS,CAAC;AAAA,EACrF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,WAAW,MAMd;AACC,WAAO,KAAK,OAAO,KAAK,6BAA6B,EAAE,MAAM,SAAS,UAAU,uBAAuB,qBAAqB,CAAC;AAAA,EACjI;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,eAAe,MAIlB;AACC,WAAO,KAAK,OAAO,KAAK,kCAAkC,EAAE,KAAK,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,eAAe,MAKlB;AACC,WAAO,KAAK,OAAO,KAAK,kCAAkC,EAAE,KAAK,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,qBAAqB,QAAgH;AACvI,WAAO,KAAK,OAAO,KAAK,wCAAwC,MAAM;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,qBAAqB,MAOM;AAC7B,WAAO,KAAK,OAAO,KAAK,wCAAwC,IAAI;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,eAAe,iBAAyB,aAAmD;AAC7F,WAAO,KAAK,OAAO,KAAK,iCAAiC;AAAA,MACrD,kBAAkB;AAAA,MAClB,cAAc;AAAA,IAClB,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,sBAAsB,UAAkB,OAY3C;AACC,WAAO,KAAK,OAAO,KAAK,mCAAmC,EAAE,UAAU,MAAM,CAAC;AAAA,EAClF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,0BAIH;AACC,WAAO,KAAK,OAAO,IAAI,qCAAqC;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,iBAAiB,YAOpB;AAEC,UAAM,kBAAkB,MAAM,KAAK,OAAO,KAAU,uCAAuC;AAG3F,UAAM,gBAAgB,gBAAgB;AACtC,kBAAc,YAAY,kBAAkB,cAAc,SAAS;AACnE,kBAAc,KAAK,KAAK,kBAAkB,cAAc,KAAK,EAAE;AAC/D,QAAI,cAAc,oBAAoB;AAClC,oBAAc,mBAAmB,QAAQ,CAACA,UAAc;AACpD,QAAAA,MAAK,KAAK,kBAAkBA,MAAK,EAAE;AAAA,MACvC,CAAC;AAAA,IACL;AAGA,UAAM,OAAO,MAAM,UAAU,YAAY,OAAO,EAAE,WAAW,cAAc,CAAC;AAC5E,QAAI,CAAC,MAAM;AACP,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAClE;AAEA,UAAM,WAAW,KAAK;AAGtB,UAAM,oBAAoB;AAAA,MACtB,aAAa;AAAA,MACb,YAAY;AAAA,QACR,IAAI,KAAK;AAAA,QACT,MAAM,KAAK;AAAA,QACX,OAAO,kBAAkB,KAAK,KAAK;AAAA,QACnC,UAAU;AAAA,UACN,mBAAmB,kBAAkB,SAAS,iBAAiB;AAAA,UAC/D,gBAAgB,kBAAkB,SAAS,cAAc;AAAA,QAC7D;AAAA,MACJ;AAAA,IACJ;AAEA,WAAO,KAAK,OAAO,KAAK,4CAA4C,iBAAiB;AAAA,EACzF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,qBAAqB,OAMxB;AAEC,UAAM,kBAAkB,MAAM,KAAK,OAAO,KAAU,6CAA6C,QAAQ,EAAE,MAAM,IAAI,CAAC,CAAC;AAGvH,UAAM,gBAAgB,gBAAgB;AACtC,kBAAc,YAAY,kBAAkB,cAAc,SAAS;AACnE,QAAI,cAAc,kBAAkB;AAChC,oBAAc,iBAAiB,QAAQ,CAACA,UAAc;AAClD,QAAAA,MAAK,KAAK,kBAAkBA,MAAK,EAAE;AAAA,MACvC,CAAC;AAAA,IACL;AAGA,UAAM,OAAO,MAAM,UAAU,YAAY,IAAI,EAAE,WAAW,cAAc,CAAC;AACzE,QAAI,CAAC,MAAM;AACP,YAAM,IAAI,MAAM,gDAAgD;AAAA,IACpE;AAEA,UAAM,WAAW,KAAK;AAGtB,UAAM,oBAAoB;AAAA,MACtB,YAAY;AAAA,QACR,IAAI,KAAK;AAAA,QACT,MAAM,KAAK;AAAA,QACX,OAAO,kBAAkB,KAAK,KAAK;AAAA,QACnC,UAAU;AAAA,UACN,mBAAmB,kBAAkB,SAAS,iBAAiB;AAAA,UAC/D,gBAAgB,kBAAkB,SAAS,cAAc;AAAA,UACzD,WAAW,kBAAkB,SAAS,SAAS;AAAA,UAC/C,YAAY,SAAS,aAAa,kBAAkB,SAAS,UAAU,IAAI;AAAA,QAC/E;AAAA,MACJ;AAAA,IACJ;AAEA,WAAO,KAAK,OAAO,KAAK,gDAAgD,iBAAiB;AAAA,EAC7F;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,0BAUH;AACC,WAAO,KAAK,OAAO,IAAI,oCAAoC;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,yBAAyB,cAAqC;AAChE,WAAO,KAAK,OAAO,OAAO,qCAAqC,YAAY,GAAG;AAAA,EAClF;AACJ;;;AC3SO,SAAS,UAAU,OAA2C;AACjE,MAAI;AACA,UAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,QAAI,MAAM,WAAW,GAAG;AACpB,aAAO;AAAA,IACX;AAEA,QAAI,YAAY,MAAM,CAAC;AACvB,QAAI,CAAC,UAAW,QAAO;AAEvB,QAAI,SAAS,UAAU,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAG3D,WAAO,OAAO,SAAS,GAAG;AACtB,gBAAU;AAAA,IACd;AAEA,UAAM,YAAY,OAAO,WAAW,eAAe,OAAO,OAAO,SAAS;AAC1E,QAAI;AAEJ,QAAI,WAAW;AAEX,oBAAc;AAAA,QACV,OAAO,KAAK,MAAM,EACb,MAAM,EAAE,EACR,IAAI,CAAC,MAAM,OAAO,OAAO,EAAE,WAAW,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,EAChE,KAAK,EAAE;AAAA,MAChB;AAAA,IACJ,OAAO;AAEH,oBAAc,OAAO,KAAK,QAAQ,QAAQ,EAAE,SAAS,MAAM;AAAA,IAC/D;AAEA,WAAO,KAAK,MAAM,WAAW;AAAA,EACjC,SAAS,GAAG;AACR,WAAO;AAAA,EACX;AACJ;;;AChCO,IAAM,aAAN,MAAiB;AAAA,EAGpB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA,EAFzC,cAA6B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASrC,SAAS,OAAsB;AAC3B,SAAK,cAAc;AAAA,EACvB;AAAA,EAEQ,gBAAgB,OAA4C;AAChE,UAAM,IAAI,SAAS,KAAK;AACxB,QAAI,CAAC,EAAG,QAAO;AACf,WAAO,UAAU,CAAC;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,QAAQ,MAAc,OAAyB;AAC3C,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,WAAO,QAAQ,MAAM,SAAS,IAAI;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,WAAW,OAAiB,OAAyB;AACjD,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,WAAO,MAAM,KAAK,OAAK,QAAQ,MAAO,SAAS,CAAC,CAAC;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,YAAY,OAAiB,OAAyB;AAClD,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,MAAO,QAAO;AAC5B,WAAO,MAAM,MAAM,OAAK,QAAQ,MAAO,SAAS,CAAC,CAAC;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,cAAc,YAAoB,OAAyB;AACvD,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,YAAa,QAAO;AAClC,WAAO,QAAQ,YAAY,SAAS,UAAU;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,iBAAiB,aAAuB,OAAyB;AAC7D,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,YAAa,QAAO;AAClC,WAAO,YAAY,KAAK,OAAK,QAAQ,YAAa,SAAS,CAAC,CAAC;AAAA,EACjE;AAAA;AAAA;AAAA;AAAA,EAKA,kBAAkB,aAAuB,OAAyB;AAC9D,UAAM,UAAU,KAAK,gBAAgB,KAAK;AAC1C,QAAI,CAAC,SAAS,YAAa,QAAO;AAClC,WAAO,YAAY,MAAM,OAAK,QAAQ,YAAa,SAAS,CAAC,CAAC;AAAA,EAClE;AAAA;AAAA;AAAA,EAKA,MAAM,YAA6B;AAC/B,WAAO,KAAK,OAAO,IAAY,qBAAqB;AAAA,EACxD;AAAA;AAAA,EAGA,MAAM,WAAW,MAAgH;AAC7H,WAAO,KAAK,OAAO,KAAW,uBAAuB,IAAI;AAAA,EAC7D;AAAA;AAAA,EAGA,MAAM,QAAQ,QAA+B;AACzC,WAAO,KAAK,OAAO,IAAU,sBAAsB,MAAM,GAAG;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,WAAW,QAAgB,MAAiH;AAC9I,WAAO,KAAK,OAAO,IAAU,sBAAsB,MAAM,KAAK,IAAI;AAAA,EACtE;AAAA;AAAA,EAGA,MAAM,WAAW,QAA+B;AAC5C,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,GAAG;AAAA,EACnE;AAAA;AAAA,EAIA,MAAM,mBAAmB,QAAuC;AAC5D,WAAO,KAAK,OAAO,IAAkB,sBAAsB,MAAM,eAAe;AAAA,EACpF;AAAA,EAEA,MAAM,qBAAqB,QAAgB,kBAA2C;AAClF,WAAO,KAAK,OAAO,KAAW,sBAAsB,MAAM,iBAAiB,EAAE,iBAAiB,CAAC;AAAA,EACnG;AAAA,EAEA,MAAM,0BAA0B,QAAgB,kBAA2C;AACvF,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,iBAAiB;AAAA;AAAA;AAAA;AAAA,MAIzE,MAAM,EAAE,iBAAiB;AAAA,IAC7B,CAAQ;AAAA,EACZ;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAyC;AAC3C,WAAO,KAAK,OAAO,IAAkB,2BAA2B;AAAA,EACpE;AAAA;AAAA,EAGA,MAAM,iBAAiB,MAAuG;AAC1H,WAAO,KAAK,OAAO,KAAiB,6BAA6B,IAAI;AAAA,EACzE;AAAA;AAAA,EAGA,MAAM,cAAc,cAA2C;AAC3D,WAAO,KAAK,OAAO,IAAgB,4BAA4B,YAAY,GAAG;AAAA,EAClF;AAAA;AAAA,EAGA,MAAM,iBAAiB,cAAsB,MAAoE;AAC7G,WAAO,KAAK,OAAO,IAAgB,4BAA4B,YAAY,KAAK,IAAI;AAAA,EACxF;AAAA;AAAA,EAGA,MAAM,iBAAiB,cAAqC;AACxD,WAAO,KAAK,OAAO,OAAa,4BAA4B,YAAY,GAAG;AAAA,EAC/E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,iBAAiB,QAAgB,UAAiC;AACpE,WAAO,KAAK,OAAO,KAAW,sBAAsB,MAAM,WAAW,EAAE,WAAW,SAAS,CAAC;AAAA,EAChG;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAmB,QAAgB,UAAiC;AACtE,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,WAAW;AAAA,MACnE,QAAQ,EAAE,WAAW,SAAS;AAAA,IAClC,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,wBAAwB,QAAgB,iBAA0C;AACpF,WAAO,KAAK,OAAO,KAAW,sBAAsB,MAAM,iBAAiB,EAAE,kBAAkB,gBAAgB,CAAC;AAAA,EACpH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,0BAA0B,QAAgB,iBAA0C;AACtF,WAAO,KAAK,OAAO,OAAa,sBAAsB,MAAM,iBAAiB;AAAA,MACzE,MAAM,EAAE,kBAAkB,gBAAgB;AAAA,IAC9C,CAAQ;AAAA,EACZ;AACJ;;;AC7LO,IAAM,aAAN,MAAiB;AAAA,EACpB,YAAoB,QAA2B;AAA3B;AAAA,EAA6B;AAAA;AAAA;AAAA,EAKjD,MAAM,aAA2B;AAC7B,WAAO,KAAK,OAAO,IAAI,kBAAkB;AAAA,EAC7C;AAAA;AAAA,EAGA,MAAM,cAAc,MAAyC;AACzD,WAAO,KAAK,OAAO,MAAM,oBAAoB,IAAI;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,UAAkC;AACjD,WAAO,KAAK,OAAO,MAAM,oBAAoB,QAAQ;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAAc,UAAkB,SAAiC;AACnE,WAAO,KAAK,OAAO,KAAW,0CAA0C;AAAA,MACpE;AAAA,MACA,UAAU;AAAA,IACd,CAAC;AAAA,EACL;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA8C;AAC1D,WAAO,KAAK,OAAO,IAAW,6BAA6B,EAAE,OAAO,CAAC;AAAA,EACzE;AAAA;AAAA,EAGA,MAAM,QAAQ,QAA8B;AACxC,WAAO,KAAK,OAAO,IAAI,4BAA4B,MAAM,GAAG;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,gBAAgB,QAAgB,MAA2C;AAC7E,WAAO,KAAK,OAAO,MAAM,4BAA4B,MAAM,KAAK,IAAI;AAAA,EACxE;AAAA;AAAA,EAGA,MAAM,gBAAgB,QAA+B;AACjD,WAAO,KAAK,OAAO,OAAa,4BAA4B,MAAM,GAAG;AAAA,EACzE;AAAA;AAAA,EAGA,MAAM,QAAQ,QAAgB,SAAiB,IAAmB;AAC9D,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,SAAS,EAAE,OAAO,CAAC;AAAA,EACvF;AAAA;AAAA,EAGA,MAAM,UAAU,QAA+B;AAC3C,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,SAAS;AAAA,EAC7E;AAAA;AAAA,EAGA,MAAM,SAAS,QAAgB,kBAA0B,IAAI,SAAiB,IAAmB;AAC7F,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,UAAU,EAAE,kBAAkB,iBAAiB,OAAO,CAAC;AAAA,EAC3H;AAAA;AAAA,EAGA,MAAM,WAAW,QAA+B;AAC5C,WAAO,KAAK,OAAO,KAAW,4BAA4B,MAAM,UAAU;AAAA,EAC9E;AACJ;;;AC1EO,IAAM,YAAN,MAAgB;AAAA,EAGnB,YAAoB,QAA2B;AAA3B;AAEhB,SAAK,OAAO,sBAAsB,CAAC,WAAW;AAC1C,UAAI,KAAK,gBAAgB;AACrB,eAAO,UAAU;AAAA,UACb,GAAG,OAAO;AAAA,UACV,cAAc,KAAK;AAAA,QACvB;AAAA,MACJ;AACA,aAAO;AAAA,IACX,CAAC;AAAA,EACL;AAAA,EAbQ,iBAAgC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBxC,mBAAmB,MAAoB;AACnC,SAAK,iBAAiB;AAAA,EAC1B;AAAA;AAAA;AAAA;AAAA,EAKA,oBAA0B;AACtB,SAAK,iBAAiB;AAAA,EAC1B;AAAA;AAAA,EAGA,6BAA4C;AACxC,WAAO,KAAK;AAAA,EAChB;AAAA;AAAA;AAAA,EAKA,MAAM,mBAAmB,MAOC;AACtB,WAAO,KAAK,OAAO,KAAK,+BAA+B,IAAI;AAAA,EAC/D;AAAA;AAAA,EAGA,MAAM,oBAAoB,QAOmB;AACzC,WAAO,KAAK,OAAO,IAAI,+BAA+B,EAAE,OAAO,CAAC;AAAA,EACpE;AAAA;AAAA,EAGA,MAAM,gBAAgB,MAAqC;AACvD,WAAO,KAAK,OAAO,IAAI,8BAA8B,IAAI,GAAG;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,mBAAmB,MAAc,MAQZ;AACvB,WAAO,KAAK,OAAO,MAAM,8BAA8B,IAAI,KAAK,IAAI;AAAA,EACxE;AAAA;AAAA,EAGA,MAAM,mBAAmB,MAA4C;AACjE,WAAO,KAAK,OAAO,OAAO,8BAA8B,IAAI,GAAG;AAAA,EACnE;AAAA;AAAA,EAGA,MAAM,oBAAoB,MAAoC;AAC1D,WAAO,KAAK,OAAO,IAAI,8BAA8B,IAAI,QAAQ;AAAA,EACrE;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,QAOc;AAC1C,WAAO,KAAK,OAAO,IAAI,8BAA8B,IAAI,aAAa,EAAE,OAAO,CAAC;AAAA,EACpF;AAAA;AAAA,EAGA,MAAM,UAAU,MAAc,MAGH;AACvB,WAAO,KAAK,OAAO,KAAK,8BAA8B,IAAI,aAAa,IAAI;AAAA,EAC/E;AAAA;AAAA,EAGA,MAAM,iBAAiB,MAAc,QAAgB,UAA0C;AAC3F,WAAO,KAAK,OAAO,MAAM,8BAA8B,IAAI,YAAY,MAAM,KAAK,EAAE,WAAW,SAAS,CAAC;AAAA,EAC7G;AAAA;AAAA,EAGA,MAAM,aAAa,MAAc,QAA8C;AAC3E,WAAO,KAAK,OAAO,OAAO,8BAA8B,IAAI,YAAY,MAAM,GAAG;AAAA,EACrF;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,MAY9B;AACC,WAAO,KAAK,OAAO,KAAK,8BAA8B,IAAI,iBAAiB,IAAI;AAAA,EACnF;AAAA;AAAA,EAGA,MAAM,eAQF;AACA,WAAO,KAAK,OAAO,IAAI,mCAAmC;AAAA,EAC9D;AACJ;;;AC7KO,IAAM,WAAN,MAAe;AAAA,EAIlB,YAAoB,QAA2B;AAA3B;AAEhB,SAAK,OAAO,sBAAsB,CAAC,WAAW;AAC1C,YAAM,UAAkC,EAAE,GAAG,OAAO,QAAQ;AAE5D,UAAI,KAAK,YAAY;AAGjB,gBAAQ,eAAe,IAAI,eAAe,KAAK,UAAU;AAAA,MAC7D;AAEA,UAAI,KAAK,SAAS;AACd,gBAAQ,mBAAmB,IAAI,KAAK;AAAA,MACxC;AAEA,aAAO,EAAE,GAAG,QAAQ,QAAQ;AAAA,IAChC,CAAC;AAKD,SAAK,OAAO,uBAAuB,OAAO,UAAU,YAAY;AAG5D,UAAI,SAAS,WAAW,KAAK;AAEzB,cAAM,SAAS,SAAS,MAAM;AAC9B,YAAI;AACA,gBAAM,OAAO,MAAM,OAAO,KAAK;AAE/B,kBAAQ,MAAM,gDAAgD,IAAI;AAAA,QACtE,QAAQ;AAAA,QAER;AAAA,MACJ,WAAW,SAAS,WAAW,KAAK;AAChC,cAAM,SAAS,SAAS,MAAM;AAC9B,YAAI;AACA,gBAAM,OAAO,MAAM,OAAO,KAAK;AAC/B,cAAI,KAAK,SAAS,mBAAmB;AACjC,oBAAQ,KAAK,gEAAgE;AAAA,UACjF,WAAW,KAAK,WAAW,aAAa;AACpC,oBAAQ,KAAK,8CAA8C;AAAA,UAC/D;AAAA,QACJ,QAAQ;AAAA,QAER;AAAA,MACJ;AACA,aAAO;AAAA,IACX,CAAC;AAAA,EACL;AAAA,EApDQ,aAA4B;AAAA,EAC5B,UAAyB;AAAA;AAAA;AAAA;AAAA;AAAA,EA0DjC,MAAM,iBAAiB,MAmBpB;AACC,WAAO,KAAK,OAAO,KAAK,2BAA2B,IAAI;AAAA,EAC3D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,cAAc,OAAqB;AAC/B,SAAK,aAAa;AAAA,EACtB;AAAA;AAAA,EAGA,kBAAwB;AACpB,SAAK,aAAa;AAAA,EACtB;AAAA;AAAA,EAGA,cAAuB;AACnB,WAAO,KAAK,eAAe;AAAA,EAC/B;AAAA;AAAA,EAGA,MAAM,kBAAgD;AAClD,WAAO,KAAK,OAAO,IAAI,yBAAyB;AAAA,EACpD;AAAA;AAAA,EAGA,MAAM,cAAc,SAA6C;AAC7D,WAAO,KAAK,OAAO,IAAI,0BAA0B,OAAO,GAAG;AAAA,EAC/D;AAAA;AAAA,EAGA,MAAM,iBAAiB,SAAiD;AACpE,WAAO,KAAK,OAAO,KAAK,0BAA0B,OAAO,UAAU;AAAA,EACvE;AAAA;AAAA,EAGA,MAAM,kBAAkB,SAAmD;AACvE,WAAO,KAAK,OAAO,KAAK,0BAA0B,OAAO,WAAW;AAAA,EACxE;AAAA;AAAA,EAGA,MAAM,uBAAsE;AACxE,WAAO,KAAK,OAAO,KAAK,oCAAoC;AAAA,EAChE;AAAA;AAAA;AAAA,EAKA,MAAM,cAAc,SAA4C;AAC5D,WAAO,KAAK,OAAO,KAAK,0BAA0B,OAAO,aAAa;AAAA,EAC1E;AAAA;AAAA;AAAA,EAKA,MAAM,qBAAoD;AACtD,WAAO,KAAK,OAAO,IAAI,kCAAkC;AAAA,EAC7D;AAAA;AAAA,EAGA,MAAM,qBAAqB,mBAA6D;AACpF,WAAO,KAAK,OAAO,KAAK,4CAA4C,EAAE,OAAO,kBAAkB,CAAC;AAAA,EACpG;AAAA;AAAA,EAGA,MAAM,kBAAkB,mBAA0D;AAC9E,WAAO,KAAK,OAAO,KAAK,yCAAyC,EAAE,OAAO,kBAAkB,CAAC;AAAA,EACjG;AAAA;AAAA;AAAA,EAKA,WAAW,SAAuB;AAC9B,SAAK,UAAU;AAAA,EACnB;AAAA;AAAA,EAGA,eAAqB;AACjB,SAAK,UAAU;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAAY,SAAiB,OAI+C;AAC9E,WAAO,KAAK,OAAO,KAAK,0BAA0B,OAAO,kBAAkB,KAAK;AAAA,EACpF;AACJ;;;ACrKO,IAAM,gBAAN,MAAoB;AAAA;AAAA,EAEhB;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcP,YAAY,SAA4B;AACpC,SAAK,OAAO,IAAI,kBAAkB,OAAO;AACzC,SAAK,OAAO,IAAI,WAAW,KAAK,IAAI;AACpC,SAAK,WAAW,IAAI,eAAe,KAAK,IAAI;AAC5C,SAAK,OAAO,IAAI,WAAW,KAAK,IAAI;AACpC,SAAK,OAAO,IAAI,WAAW,KAAK,IAAI;AACpC,SAAK,MAAM,IAAI,UAAU,KAAK,IAAI;AAClC,SAAK,KAAK,IAAI,SAAS,KAAK,IAAI;AAAA,EACpC;AACJ;","names":["cred"]}

package/package.json CHANGED Viewed

@@ -1,67 +1,71 @@
-{
-  "name": "@tenxyte/core",
-  "version": "0.1.5",
-  "description": "Core JavaScript SDK for Tenxyte",
-  "main": "./dist/index.cjs",
-  "module": "./dist/index.js",
-  "types": "./dist/index.d.ts",
-  "exports": {
-    ".": {
-      "types": "./dist/index.d.ts",
-      "import": "./dist/index.js",
-      "require": "./dist/index.cjs"
-    }
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "scripts": {
-    "build": "tsup",
-    "dev": "tsup --watch",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "lint": "eslint src/",
-    "format": "prettier --write \"src/**/*.ts\"",
-    "generate:schema": "openapi-typescript http://localhost:8000/api/v1/docs/schema/ --output src/types/api-schema.d.ts"
-  },
-  "keywords": [
-    "tenxyte",
-    "sdk",
-    "javascript",
-    "typescript",
-    "authentication",
-    "jwt",
-    "2fa",
-    "totp",
-    "rbac",
-    "otp",
-    "google-authenticator",
-    "role-based-access-control",
-    "organizations",
-    "multi-tenant",
-    "b2b",
-    "device-fingerprinting",
-    "audit-log",
-    "gdpr",
-    "magic-link",
-    "passkeys",
-    "webauthn",
-    "fido2",
-    "social-login",
-    "oauth2",
-    "breach-check",
-    "haveibeenpwned"
-  ],
-  "author": "Tenxyte Team",
-  "license": "MIT",
-  "type": "module",
-  "devDependencies": {
-    "eslint": "^10.0.3",
-    "happy-dom": "^20.8.3",
-    "openapi-typescript": "^7.13.0",
-    "prettier": "^3.8.1",
-    "tsup": "^8.5.1",
-    "typescript": "^5.9.3",
-    "vitest": "^1.6.1"
-  }
+{
+  "name": "@tenxyte/core",
+  "version": "0.9.0",
+  "description": "Core JavaScript SDK for Tenxyte",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "repository": {
+    "url": "https://github.com/tenxyte/tenxyte-js"
+  },
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "publishConfig": {
+    "access": "public",
+    "provenance": true
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "eslint src/",
+    "format": "prettier --write \"src/**/*.ts\"",
+    "generate:schema": "openapi-typescript http://localhost:8000/api/v1/docs/schema/ --output src/types/api-schema.d.ts"
+  },
+  "keywords": [
+    "tenxyte",
+    "sdk",
+    "javascript",
+    "typescript",
+    "authentication",
+    "jwt",
+    "2fa",
+    "totp",
+    "rbac",
+    "otp",
+    "google-authenticator",
+    "role-based-access-control",
+    "organizations",
+    "multi-tenant",
+    "b2b",
+    "device-fingerprinting",
+    "audit-log",
+    "gdpr",
+    "magic-link",
+    "passkeys",
+    "webauthn",
+    "fido2",
+    "social-login",
+    "oauth2",
+    "breach-check",
+    "haveibeenpwned"
+  ],
+  "author": "Tenxyte Team",
+  "license": "MIT",
+  "type": "module",
+  "devDependencies": {
+    "eslint": "^10.0.3",
+    "happy-dom": "^20.8.3",
+    "openapi-typescript": "^7.13.0",
+    "prettier": "^3.8.1",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3",
+    "vitest": "^1.6.1"
+  }
 }

package/src/client.ts CHANGED Viewed

@@ -1,21 +1,50 @@
-import { TenxyteHttpClient, HttpClientOptions } from './http/client';
-import { AuthModule } from './modules/auth';
-import { SecurityModule } from './modules/security';
-import { RbacModule } from './modules/rbac';
-import { UserModule } from './modules/user';
-export class TenxyteClient {
-    public http: TenxyteHttpClient;
-    public auth: AuthModule;
-    public security: SecurityModule;
-    public rbac: RbacModule;
-    public user: UserModule;
-    constructor(options: HttpClientOptions) {
-        this.http = new TenxyteHttpClient(options);
-        this.auth = new AuthModule(this.http);
-        this.security = new SecurityModule(this.http);
-        this.rbac = new RbacModule(this.http);
-        this.user = new UserModule(this.http);
-    }
-}
+import { TenxyteHttpClient, HttpClientOptions } from './http/client';
+import { AuthModule } from './modules/auth';
+import { SecurityModule } from './modules/security';
+import { RbacModule } from './modules/rbac';
+import { UserModule } from './modules/user';
+import { B2bModule } from './modules/b2b';
+import { AiModule } from './modules/ai';
+/**
+ * The primary entry point for the Tenxyte SDK.
+ * Groups together logic for authentication, security, organization switching, and AI control.
+ */
+export class TenxyteClient {
+    /** The core HTTP wrapper handling network interception and parsing */
+    public http: TenxyteHttpClient;
+    /** Authentication module (Login, Signup, Magic link, session handling) */
+    public auth: AuthModule;
+    /** Security module (2FA, WebAuthn, Passwords, OTPs) */
+    public security: SecurityModule;
+    /** Role-Based Access Control and permission checking module */
+    public rbac: RbacModule;
+    /** Connected user's profile and management module */
+    public user: UserModule;
+    /** Business-to-Business organizations module (multi-tenant environments) */
+    public b2b: B2bModule;
+    /** AIRS - AI Responsibility & Security module (Agent tokens, Circuit breakers, HITL) */
+    public ai: AiModule;
+    /**
+     * Initializes the SDK with connection details for your Tenxyte-powered API.
+     * @param options Configuration options including `baseUrl` and custom headers like `X-Access-Key`
+     *
+     * @example
+     * ```typescript
+     * const tx = new TenxyteClient({
+     *     baseUrl: 'https://api.my-service.com',
+     *     headers: { 'X-Access-Key': 'pkg_abc123' }
+     * });
+     * ```
+     */
+    constructor(options: HttpClientOptions) {
+        this.http = new TenxyteHttpClient(options);
+        this.auth = new AuthModule(this.http);
+        this.security = new SecurityModule(this.http);
+        this.rbac = new RbacModule(this.http);
+        this.user = new UserModule(this.http);
+        this.b2b = new B2bModule(this.http);
+        this.ai = new AiModule(this.http);
+    }
+}