@tenxyte/core 0.1.5 → 0.9.2

package/src/client.ts

@@ -1,21 +0,0 @@
-import { TenxyteHttpClient, HttpClientOptions } from './http/client';
-import { AuthModule } from './modules/auth';
-import { SecurityModule } from './modules/security';
-import { RbacModule } from './modules/rbac';
-import { UserModule } from './modules/user';
-
-export class TenxyteClient {
-    public http: TenxyteHttpClient;
-    public auth: AuthModule;
-    public security: SecurityModule;
-    public rbac: RbacModule;
-    public user: UserModule;
-
-    constructor(options: HttpClientOptions) {
-        this.http = new TenxyteHttpClient(options);
-        this.auth = new AuthModule(this.http);
-        this.security = new SecurityModule(this.http);
-        this.rbac = new RbacModule(this.http);
-        this.user = new UserModule(this.http);
-    }
-}

package/src/http/client.ts

@@ -1,162 +0,0 @@
-import type { TenxyteError } from '../types';
-
-export interface HttpClientOptions {
-    baseUrl: string;
-    timeoutMs?: number;
-    headers?: Record<string, string>;
-}
-
-export type RequestConfig = Omit<RequestInit, 'body' | 'headers'> & {
-    body?: unknown;
-    headers?: Record<string, string>;
-    params?: Record<string, string | number | boolean>;
-};
-
-/**
- * Core HTTP Client underlying the SDK.
- * Handles JSON parsing, standard headers, simple request processing,
- * and normalizing errors into TenxyteError format.
- */
-export class TenxyteHttpClient {
-    private baseUrl: string;
-    private defaultHeaders: Record<string, string>;
-
-    // Interceptors
-    private requestInterceptors: Array<(config: RequestConfig & { url: string }) => Promise<RequestConfig & { url: string }> | (RequestConfig & { url: string })> = [];
-    private responseInterceptors: Array<(response: Response, request: { url: string; config: RequestConfig }) => Promise<Response> | Response> = [];
-
-    constructor(options: HttpClientOptions) {
-        this.baseUrl = options.baseUrl.replace(/\/$/, ''); // Remove trailing slash
-        this.defaultHeaders = {
-            'Content-Type': 'application/json',
-            Accept: 'application/json',
-            ...options.headers,
-        };
-    }
-
-    // Interceptor Registration
-    addRequestInterceptor(interceptor: typeof this.requestInterceptors[0]) {
-        this.requestInterceptors.push(interceptor);
-    }
-
-    addResponseInterceptor(interceptor: typeof this.responseInterceptors[0]) {
-        this.responseInterceptors.push(interceptor);
-    }
-
-    /**
-     * Main request method wrapping fetch
-     */
-    async request<T>(endpoint: string, config: RequestConfig = {}): Promise<T> {
-        const urlStr = endpoint.startsWith('http')
-            ? endpoint
-            : `${this.baseUrl}${endpoint.startsWith('/') ? '' : '/'}${endpoint}`;
-
-        let urlObj = new URL(urlStr);
-
-        if (config.params) {
-            Object.entries(config.params).forEach(([key, value]) => {
-                if (value !== undefined && value !== null) {
-                    urlObj.searchParams.append(key, String(value));
-                }
-            });
-        }
-
-        let requestContext: any = {
-            url: urlObj.toString(),
-            ...config,
-            headers: { ...this.defaultHeaders, ...(config.headers || {}) } as Record<string, string>,
-        };
-
-        // Handle FormData implicitly for multipart requests
-        if (typeof FormData !== 'undefined' && requestContext.body instanceof FormData) {
-            const headers = requestContext.headers as Record<string, string>;
-            // Explicitly remove Content-Type so fetch can auto-assign the multipart boundary
-            delete headers['Content-Type'];
-            delete headers['content-type'];
-        } else if (requestContext.body && typeof requestContext.body === 'object') {
-            const contentType = (requestContext.headers as Record<string, string>)['Content-Type'] || '';
-            if (contentType.toLowerCase().includes('application/json')) {
-                requestContext.body = JSON.stringify(requestContext.body);
-            }
-        }
-
-        // Run Request Interceptors
-        for (const interceptor of this.requestInterceptors) {
-            requestContext = await interceptor(requestContext);
-        }
-
-        const { url, ...fetchConfig } = requestContext as any;
-
-        try {
-            let response = await fetch(url, fetchConfig as RequestInit);
-
-            // Run Response Interceptors (e.g., token refresh logic)
-            for (const interceptor of this.responseInterceptors) {
-                response = await interceptor(response, { url, config: fetchConfig as RequestConfig });
-            }
-
-            if (!response.ok) {
-                throw await this.normalizeError(response);
-            }
-
-            // Handle NoContent
-            if (response.status === 204) {
-                return {} as T;
-            }
-
-            const contentType = response.headers.get('content-type');
-            if (contentType && contentType.includes('application/json')) {
-                return (await response.json()) as T;
-            }
-
-            return (await response.text()) as unknown as T;
-        } catch (error: any) {
-            if (error && error.code) {
-                throw error; // Already normalized
-            }
-            throw {
-                error: error.message || 'Network request failed',
-                code: 'NETWORK_ERROR' as unknown as import('../types').TenxyteErrorCode,
-                details: String(error)
-            } as TenxyteError;
-        }
-    }
-
-    private async normalizeError(response: Response): Promise<TenxyteError> {
-        try {
-            const body = await response.json();
-            return {
-                error: body.error || body.detail || 'API request failed',
-                code: body.code || `HTTP_${response.status}`,
-                details: body.details || body,
-                retry_after: response.headers.has('Retry-After') ? parseInt(response.headers.get('Retry-After')!, 10) : undefined,
-            } as TenxyteError;
-        } catch (e) {
-            return {
-                error: `HTTP Error ${response.status}: ${response.statusText}`,
-                code: `HTTP_${response.status}` as unknown as import('../types').TenxyteErrorCode,
-            } as TenxyteError;
-        }
-    }
-
-    // Convenience methods
-    get<T>(endpoint: string, config?: Omit<RequestConfig, 'method' | 'body'>) {
-        return this.request<T>(endpoint, { ...config, method: 'GET' });
-    }
-
-    post<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' | 'body'>) {
-        return this.request<T>(endpoint, { ...config, method: 'POST', body: data });
-    }
-
-    put<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' | 'body'>) {
-        return this.request<T>(endpoint, { ...config, method: 'PUT', body: data });
-    }
-
-    patch<T>(endpoint: string, data?: unknown, config?: Omit<RequestConfig, 'method' | 'body'>) {
-        return this.request<T>(endpoint, { ...config, method: 'PATCH', body: data });
-    }
-
-    delete<T>(endpoint: string, config?: Omit<RequestConfig, 'method' | 'body'>) {
-        return this.request<T>(endpoint, { ...config, method: 'DELETE' });
-    }
-}

package/src/http/index.ts

@@ -1 +0,0 @@
-export * from './client';

package/src/http/interceptors.ts

@@ -1,117 +0,0 @@
-import type { TenxyteStorage } from '../storage';
-import type { RequestConfig, TenxyteHttpClient } from './client';
-
-export interface TenxyteContext {
-    activeOrgSlug: string | null;
-    agentTraceId: string | null;
-}
-
-export function createAuthInterceptor(storage: TenxyteStorage, context: TenxyteContext) {
-    return async (request: RequestConfig & { url: string }) => {
-        // Inject Authorization if present
-        const token = await storage.getItem('tx_access');
-        const headers = { ...(request.headers as Record<string, string>) || {} };
-
-        if (token && !headers['Authorization']) {
-            headers['Authorization'] = `Bearer ${token}`;
-        }
-
-        // Inject Contextual Headers based on SDK state
-        if (context.activeOrgSlug && !headers['X-Org-Slug']) {
-            headers['X-Org-Slug'] = context.activeOrgSlug;
-        }
-
-        if (context.agentTraceId && !headers['X-Prompt-Trace-ID']) {
-            headers['X-Prompt-Trace-ID'] = context.agentTraceId;
-        }
-
-        return { ...request, headers };
-    };
-}
-
-export function createRefreshInterceptor(
-    client: TenxyteHttpClient,
-    storage: TenxyteStorage,
-    onSessionExpired: () => void
-) {
-    let isRefreshing = false;
-    let refreshQueue: Array<(token: string | null) => void> = [];
-
-    const processQueue = (error: Error | null, token: string | null = null) => {
-        refreshQueue.forEach(prom => prom(token));
-        refreshQueue = [];
-    };
-
-    return async (response: Response, request: { url: string; config: RequestConfig }): Promise<Response> => {
-        // Only intercept 401s when not attempting to login/refresh itself
-        if (response.status === 401 && !request.url.includes('/auth/refresh') && !request.url.includes('/auth/login')) {
-            const refreshToken = await storage.getItem('tx_refresh');
-
-            if (!refreshToken) {
-                onSessionExpired();
-                return response; // Pass through 401 if we cannot refresh
-            }
-
-            if (isRefreshing) {
-                // Wait in queue for the refresh to complete
-                return new Promise<Response>((resolve) => {
-                    refreshQueue.push((newToken: string | null) => {
-                        if (newToken) {
-                            const retryHeaders = { ...(request.config.headers as Record<string, string>), Authorization: `Bearer ${newToken}` };
-                            resolve(fetch(request.url, { ...request.config, headers: retryHeaders } as RequestInit));
-                        } else {
-                            resolve(response);
-                        }
-                    });
-                });
-            }
-
-            // We are the first one, initiate refresh
-            isRefreshing = true;
-
-            try {
-                const refreshResponse = await fetch(`${client['baseUrl']}/auth/refresh/`, {
-                    method: 'POST',
-                    headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify({ refresh_token: refreshToken })
-                });
-
-                if (!refreshResponse.ok) {
-                    throw new Error('Refresh failed');
-                }
-
-                const data = await refreshResponse.json();
-
-                await storage.setItem('tx_access', data.access);
-                if (data.refresh) {
-                    await storage.setItem('tx_refresh', data.refresh);
-                }
-
-                isRefreshing = false;
-                processQueue(null, data.access);
-
-                // Retry original request seamlessly for the caller that initiated this
-                const retryHeaders = { ...(request.config.headers as Record<string, string>), Authorization: `Bearer ${data.access}` };
-                // We use fetch directly to return a true Response object back to the chain,
-                // rather than using client.request which resolves the JSON.
-                // Wait, the interceptor must return a Promise<Response>!
-                const r = await fetch(request.url, { ...request.config, headers: retryHeaders } as RequestInit);
-                return r;
-
-            } catch (err) {
-                // Refresh failed (invalid token, expired, network error)
-                isRefreshing = false;
-                await storage.removeItem('tx_access');
-                await storage.removeItem('tx_refresh');
-
-                processQueue(err as Error, null);
-                onSessionExpired();
-
-                // Pass original 401 back
-                return response;
-            }
-        }
-
-        return response;
-    };
-}

package/src/index.ts

@@ -1,7 +0,0 @@
-export * from './client';
-export * from './http/client';
-export * from './modules/auth';
-export * from './modules/security';
-export * from './modules/rbac';
-export * from './modules/user';
-export * from './types';

package/src/modules/auth.ts

@@ -1,95 +0,0 @@
-import { TenxyteHttpClient } from '../http/client';
-import { TokenPair, GeneratedSchema } from '../types';
-
-export interface LoginEmailOptions {
-    totp_code?: string;
-}
-
-export interface LoginPhoneOptions {
-    totp_code?: string;
-}
-
-export type RegisterRequest = any;
-
-export interface MagicLinkRequest {
-    email: string;
-}
-
-export interface SocialLoginRequest {
-    access_token?: string;
-    authorization_code?: string;
-    id_token?: string;
-}
-
-export class AuthModule {
-    constructor(private client: TenxyteHttpClient) { }
-
-    /**
-     * Authenticate user with email and password
-     */
-    async loginWithEmail(
-        data: GeneratedSchema['LoginEmail'],
-    ): Promise<TokenPair> {
-        return this.client.post<TokenPair>('/api/v1/auth/login/email/', data);
-    }
-
-    /**
-     * Authenticate user with international phone number and password
-     */
-    async loginWithPhone(
-        data: GeneratedSchema['LoginPhone'],
-    ): Promise<TokenPair> {
-        return this.client.post<TokenPair>('/api/v1/auth/login/phone/', data);
-    }
-
-    /**
-     * Register a new user
-     */
-    async register(data: RegisterRequest): Promise<any> {
-        return this.client.post<any>('/api/v1/auth/register/', data);
-    }
-
-    /**
-     * Logout from the current session
-     */
-    async logout(refreshToken: string): Promise<void> {
-        return this.client.post<void>('/api/v1/auth/logout/', { refresh_token: refreshToken });
-    }
-
-    /**
-     * Logout from all sessions (revokes all refresh tokens)
-     */
-    async logoutAll(): Promise<void> {
-        return this.client.post<void>('/api/v1/auth/logout/all/');
-    }
-
-    /**
-     * Request a magic link for sign-in
-     */
-    async requestMagicLink(data: MagicLinkRequest): Promise<void> {
-        return this.client.post<void>('/api/v1/auth/magic-link/request/', data);
-    }
-
-    /**
-     * Verify a magic link token
-     */
-    async verifyMagicLink(token: string): Promise<TokenPair> {
-        return this.client.get<TokenPair>(`/api/v1/auth/magic-link/verify/`, { params: { token } });
-    }
-
-    /**
-     * Perform OAuth2 Social Authentication (e.g. Google, GitHub)
-     */
-    async loginWithSocial(provider: 'google' | 'github' | 'microsoft' | 'facebook', data: SocialLoginRequest): Promise<TokenPair> {
-        return this.client.post<TokenPair>(`/api/v1/auth/social/${provider}/`, data);
-    }
-
-    /**
-     * Handle Social Auth Callback (authorization code flow)
-     */
-    async handleSocialCallback(provider: 'google' | 'github' | 'microsoft' | 'facebook', code: string, redirectUri: string): Promise<TokenPair> {
-        return this.client.get<TokenPair>(`/api/v1/auth/social/${provider}/callback/`, {
-            params: { code, redirect_uri: redirectUri },
-        });
-    }
-}

package/src/modules/rbac.ts

@@ -1,160 +0,0 @@
-import { TenxyteHttpClient } from '../http/client';
-import { decodeJwt, DecodedTenxyteToken } from '../utils/jwt';
-
-export interface Role {
-    id: string;
-    name: string;
-    description?: string;
-    is_default?: boolean;
-    permissions?: string[];
-}
-
-export interface Permission {
-    id: string;
-    code: string;
-    name: string;
-    description?: string;
-}
-
-export class RbacModule {
-    private cachedToken: string | null = null;
-
-    constructor(private client: TenxyteHttpClient) { }
-
-    /**
-     * Cache a token to use for parameter-less synchronous checks.
-     */
-    setToken(token: string | null) {
-        this.cachedToken = token;
-    }
-
-    private getDecodedToken(token?: string): DecodedTenxyteToken | null {
-        const t = token || this.cachedToken;
-        if (!t) return null;
-        return decodeJwt(t);
-    }
-
-    // --- Synchronous Checks --- //
-
-    hasRole(role: string, token?: string): boolean {
-        const decoded = this.getDecodedToken(token);
-        if (!decoded?.roles) return false;
-        return decoded.roles.includes(role);
-    }
-
-    hasAnyRole(roles: string[], token?: string): boolean {
-        const decoded = this.getDecodedToken(token);
-        if (!decoded?.roles) return false;
-        return roles.some(r => decoded.roles!.includes(r));
-    }
-
-    hasAllRoles(roles: string[], token?: string): boolean {
-        const decoded = this.getDecodedToken(token);
-        if (!decoded?.roles) return false;
-        return roles.every(r => decoded.roles!.includes(r));
-    }
-
-    hasPermission(permission: string, token?: string): boolean {
-        const decoded = this.getDecodedToken(token);
-        if (!decoded?.permissions) return false;
-        // Check exact match or wildcard, assuming backend handles wildcard expansion in JWT
-        return decoded.permissions.includes(permission);
-    }
-
-    hasAnyPermission(permissions: string[], token?: string): boolean {
-        const decoded = this.getDecodedToken(token);
-        if (!decoded?.permissions) return false;
-        return permissions.some(p => decoded.permissions!.includes(p));
-    }
-
-    hasAllPermissions(permissions: string[], token?: string): boolean {
-        const decoded = this.getDecodedToken(token);
-        if (!decoded?.permissions) return false;
-        return permissions.every(p => decoded.permissions!.includes(p));
-    }
-
-    // --- Roles CRUD --- //
-
-    async listRoles(): Promise<Role[]> {
-        return this.client.get<Role[]>('/api/v1/auth/roles/');
-    }
-
-    async createRole(data: { name: string; description?: string; permission_codes?: string[]; is_default?: boolean }): Promise<Role> {
-        return this.client.post<Role>('/api/v1/auth/roles/', data);
-    }
-
-    async getRole(roleId: string): Promise<Role> {
-        return this.client.get<Role>(`/api/v1/auth/roles/${roleId}/`);
-    }
-
-    async updateRole(roleId: string, data: { name?: string; description?: string; permission_codes?: string[]; is_default?: boolean }): Promise<Role> {
-        return this.client.put<Role>(`/api/v1/auth/roles/${roleId}/`, data);
-    }
-
-    async deleteRole(roleId: string): Promise<void> {
-        return this.client.delete<void>(`/api/v1/auth/roles/${roleId}/`);
-    }
-
-    // --- Role Permissions Management --- //
-
-    async getRolePermissions(roleId: string): Promise<Permission[]> {
-        return this.client.get<Permission[]>(`/api/v1/auth/roles/${roleId}/permissions/`);
-    }
-
-    async addPermissionsToRole(roleId: string, permission_codes: string[]): Promise<void> {
-        return this.client.post<void>(`/api/v1/auth/roles/${roleId}/permissions/`, { permission_codes });
-    }
-
-    async removePermissionsFromRole(roleId: string, permission_codes: string[]): Promise<void> {
-        return this.client.delete<void>(`/api/v1/auth/roles/${roleId}/permissions/`, {
-            // Note: DELETE request with body is supported via our fetch wrapper if enabled,
-            // or we might need to rely on query strings. The schema specifies body or query.
-            // Let's pass it in body via a custom config or URL params.
-            body: { permission_codes }
-        } as any);
-    }
-
-    // --- Permissions CRUD --- //
-
-    async listPermissions(): Promise<Permission[]> {
-        return this.client.get<Permission[]>('/api/v1/auth/permissions/');
-    }
-
-    async createPermission(data: { code: string; name: string; description?: string; parent_code?: string }): Promise<Permission> {
-        return this.client.post<Permission>('/api/v1/auth/permissions/', data);
-    }
-
-    async getPermission(permissionId: string): Promise<Permission> {
-        return this.client.get<Permission>(`/api/v1/auth/permissions/${permissionId}/`);
-    }
-
-    async updatePermission(permissionId: string, data: { name?: string; description?: string }): Promise<Permission> {
-        return this.client.put<Permission>(`/api/v1/auth/permissions/${permissionId}/`, data);
-    }
-
-    async deletePermission(permissionId: string): Promise<void> {
-        return this.client.delete<void>(`/api/v1/auth/permissions/${permissionId}/`);
-    }
-
-    // --- Direct Assignment (Users) --- //
-
-    async assignRoleToUser(userId: string, roleCode: string): Promise<void> {
-        return this.client.post<void>(`/api/v1/auth/users/${userId}/roles/`, { role_code: roleCode });
-    }
-
-    async removeRoleFromUser(userId: string, roleCode: string): Promise<void> {
-        return this.client.delete<void>(`/api/v1/auth/users/${userId}/roles/`, {
-            params: { role_code: roleCode }
-        });
-    }
-
-    async assignPermissionsToUser(userId: string, permissionCodes: string[]): Promise<void> {
-        return this.client.post<void>(`/api/v1/auth/users/${userId}/permissions/`, { permission_codes: permissionCodes });
-    }
-
-    async removePermissionsFromUser(userId: string, permissionCodes: string[]): Promise<void> {
-        return this.client.delete<void>(`/api/v1/auth/users/${userId}/permissions/`, {
-            body: { permission_codes: permissionCodes }
-        } as any);
-    }
-}