npm - @timbenniks/contentstack-platform-sdk - Versions diffs - 0.1.0 - Mend

@timbenniks/contentstack-platform-sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (244) hide show

package/dist/auth/index.cjs +607 -0
package/dist/auth/index.cjs.map +1 -0
package/dist/auth/index.d.cts +108 -0
package/dist/auth/index.d.ts +108 -0
package/dist/auth/index.mjs +25 -0
package/dist/auth/index.mjs.map +1 -0
package/dist/brandkit/index.cjs +525 -0
package/dist/brandkit/index.cjs.map +1 -0
package/dist/brandkit/index.d.cts +95 -0
package/dist/brandkit/index.d.ts +95 -0
package/dist/brandkit/index.mjs +11 -0
package/dist/brandkit/index.mjs.map +1 -0
package/dist/chunk-3C6J2BDB.mjs +84 -0
package/dist/chunk-3C6J2BDB.mjs.map +1 -0
package/dist/chunk-3KE63N3I.mjs +64 -0
package/dist/chunk-3KE63N3I.mjs.map +1 -0
package/dist/chunk-4CJ4IVPJ.mjs +212 -0
package/dist/chunk-4CJ4IVPJ.mjs.map +1 -0
package/dist/chunk-4JFUI7MJ.mjs +368 -0
package/dist/chunk-4JFUI7MJ.mjs.map +1 -0
package/dist/chunk-7VFGD32I.mjs +26 -0
package/dist/chunk-7VFGD32I.mjs.map +1 -0
package/dist/chunk-ARPJDW3A.mjs +44 -0
package/dist/chunk-ARPJDW3A.mjs.map +1 -0
package/dist/chunk-AVJHCFRK.mjs +52 -0
package/dist/chunk-AVJHCFRK.mjs.map +1 -0
package/dist/chunk-BK2IBTQS.mjs +131 -0
package/dist/chunk-BK2IBTQS.mjs.map +1 -0
package/dist/chunk-BUZ6CQHE.mjs +75 -0
package/dist/chunk-BUZ6CQHE.mjs.map +1 -0
package/dist/chunk-CKMAOWBQ.mjs +379 -0
package/dist/chunk-CKMAOWBQ.mjs.map +1 -0
package/dist/chunk-DJQLN4TR.mjs +1 -0
package/dist/chunk-DJQLN4TR.mjs.map +1 -0
package/dist/chunk-DMERADWM.mjs +67 -0
package/dist/chunk-DMERADWM.mjs.map +1 -0
package/dist/chunk-EREPKWTW.mjs +926 -0
package/dist/chunk-EREPKWTW.mjs.map +1 -0
package/dist/chunk-FQP4PB5X.mjs +88 -0
package/dist/chunk-FQP4PB5X.mjs.map +1 -0
package/dist/chunk-GNPQJBFX.mjs +144 -0
package/dist/chunk-GNPQJBFX.mjs.map +1 -0
package/dist/chunk-GOSB24M6.mjs +87 -0
package/dist/chunk-GOSB24M6.mjs.map +1 -0
package/dist/chunk-JL2E3EOT.mjs +255 -0
package/dist/chunk-JL2E3EOT.mjs.map +1 -0
package/dist/chunk-JYGZBKTH.mjs +222 -0
package/dist/chunk-JYGZBKTH.mjs.map +1 -0
package/dist/chunk-JZE2W7VW.mjs +52 -0
package/dist/chunk-JZE2W7VW.mjs.map +1 -0
package/dist/chunk-K76DKSHJ.mjs +18 -0
package/dist/chunk-K76DKSHJ.mjs.map +1 -0
package/dist/chunk-KLVIROVU.mjs +232 -0
package/dist/chunk-KLVIROVU.mjs.map +1 -0
package/dist/chunk-LPVVA5J3.mjs +18 -0
package/dist/chunk-LPVVA5J3.mjs.map +1 -0
package/dist/chunk-NKLOZ5VI.mjs +112 -0
package/dist/chunk-NKLOZ5VI.mjs.map +1 -0
package/dist/chunk-QGA4WBDC.mjs +7 -0
package/dist/chunk-QGA4WBDC.mjs.map +1 -0
package/dist/chunk-QW7TVYOA.mjs +56 -0
package/dist/chunk-QW7TVYOA.mjs.map +1 -0
package/dist/chunk-SU5QEKYW.mjs +83 -0
package/dist/chunk-SU5QEKYW.mjs.map +1 -0
package/dist/chunk-T5A2E2RI.mjs +654 -0
package/dist/chunk-T5A2E2RI.mjs.map +1 -0
package/dist/chunk-T5OIJQK7.mjs +116 -0
package/dist/chunk-T5OIJQK7.mjs.map +1 -0
package/dist/chunk-VW7DD6HV.mjs +253 -0
package/dist/chunk-VW7DD6HV.mjs.map +1 -0
package/dist/chunk-XH7NLHGW.mjs +133 -0
package/dist/chunk-XH7NLHGW.mjs.map +1 -0
package/dist/client-DJ5haQGd.d.cts +22 -0
package/dist/client-DwVGVSQz.d.ts +22 -0
package/dist/cma/index.cjs +1349 -0
package/dist/cma/index.cjs.map +1 -0
package/dist/cma/index.d.cts +22 -0
package/dist/cma/index.d.ts +22 -0
package/dist/cma/index.mjs +70 -0
package/dist/cma/index.mjs.map +1 -0
package/dist/errors-CAw-IRCP.d.cts +65 -0
package/dist/errors-CAw-IRCP.d.ts +65 -0
package/dist/generative-ai/index.cjs +401 -0
package/dist/generative-ai/index.cjs.map +1 -0
package/dist/generative-ai/index.d.cts +31 -0
package/dist/generative-ai/index.d.ts +31 -0
package/dist/generative-ai/index.mjs +10 -0
package/dist/generative-ai/index.mjs.map +1 -0
package/dist/images/index.cjs +185 -0
package/dist/images/index.cjs.map +1 -0
package/dist/images/index.d.cts +27 -0
package/dist/images/index.d.ts +27 -0
package/dist/images/index.mjs +8 -0
package/dist/images/index.mjs.map +1 -0
package/dist/index.cjs +2909 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +30 -0
package/dist/index.d.ts +30 -0
package/dist/index.mjs +153 -0
package/dist/index.mjs.map +1 -0
package/dist/knowledge-vault/index.cjs +413 -0
package/dist/knowledge-vault/index.cjs.map +1 -0
package/dist/knowledge-vault/index.d.cts +49 -0
package/dist/knowledge-vault/index.d.ts +49 -0
package/dist/knowledge-vault/index.mjs +10 -0
package/dist/knowledge-vault/index.mjs.map +1 -0
package/dist/launch/index.cjs +624 -0
package/dist/launch/index.cjs.map +1 -0
package/dist/launch/index.d.cts +169 -0
package/dist/launch/index.d.ts +169 -0
package/dist/launch/index.mjs +11 -0
package/dist/launch/index.mjs.map +1 -0
package/dist/react/auth/index.cjs +113 -0
package/dist/react/auth/index.cjs.map +1 -0
package/dist/react/auth/index.d.cts +33 -0
package/dist/react/auth/index.d.ts +33 -0
package/dist/react/auth/index.mjs +13 -0
package/dist/react/auth/index.mjs.map +1 -0
package/dist/react/content/index.cjs +113 -0
package/dist/react/content/index.cjs.map +1 -0
package/dist/react/content/index.d.cts +25 -0
package/dist/react/content/index.d.ts +25 -0
package/dist/react/content/index.mjs +7 -0
package/dist/react/content/index.mjs.map +1 -0
package/dist/react/hooks/index.cjs +2097 -0
package/dist/react/hooks/index.cjs.map +1 -0
package/dist/react/hooks/index.d.cts +77 -0
package/dist/react/hooks/index.d.ts +77 -0
package/dist/react/hooks/index.mjs +46 -0
package/dist/react/hooks/index.mjs.map +1 -0
package/dist/react/index.cjs +2307 -0
package/dist/react/index.cjs.map +1 -0
package/dist/react/index.d.cts +16 -0
package/dist/react/index.d.ts +16 -0
package/dist/react/index.mjs +67 -0
package/dist/react/index.mjs.map +1 -0
package/dist/react/provider/index.cjs +83 -0
package/dist/react/provider/index.cjs.map +1 -0
package/dist/react/provider/index.d.cts +30 -0
package/dist/react/provider/index.d.ts +30 -0
package/dist/react/provider/index.mjs +11 -0
package/dist/react/provider/index.mjs.map +1 -0
package/dist/regions/index.cjs +171 -0
package/dist/regions/index.cjs.map +1 -0
package/dist/regions/index.d.cts +55 -0
package/dist/regions/index.d.ts +55 -0
package/dist/regions/index.mjs +13 -0
package/dist/regions/index.mjs.map +1 -0
package/dist/request-builders-BxeolQIw.d.ts +735 -0
package/dist/request-builders-C2IG1LUo.d.cts +735 -0
package/dist/rte/index.cjs +683 -0
package/dist/rte/index.cjs.map +1 -0
package/dist/rte/index.d.cts +33 -0
package/dist/rte/index.d.ts +33 -0
package/dist/rte/index.mjs +17 -0
package/dist/rte/index.mjs.map +1 -0
package/dist/server/index.cjs +917 -0
package/dist/server/index.cjs.map +1 -0
package/dist/server/index.d.cts +6 -0
package/dist/server/index.d.ts +6 -0
package/dist/server/index.mjs +45 -0
package/dist/server/index.mjs.map +1 -0
package/dist/server/middleware/index.cjs +614 -0
package/dist/server/middleware/index.cjs.map +1 -0
package/dist/server/middleware/index.d.cts +77 -0
package/dist/server/middleware/index.d.ts +77 -0
package/dist/server/middleware/index.mjs +27 -0
package/dist/server/middleware/index.mjs.map +1 -0
package/dist/server/proxy/index.cjs +329 -0
package/dist/server/proxy/index.cjs.map +1 -0
package/dist/server/proxy/index.d.cts +143 -0
package/dist/server/proxy/index.d.ts +143 -0
package/dist/server/proxy/index.mjs +29 -0
package/dist/server/proxy/index.mjs.map +1 -0
package/dist/server/webhooks/index.cjs +131 -0
package/dist/server/webhooks/index.cjs.map +1 -0
package/dist/server/webhooks/index.d.cts +230 -0
package/dist/server/webhooks/index.d.ts +230 -0
package/dist/server/webhooks/index.mjs +23 -0
package/dist/server/webhooks/index.mjs.map +1 -0
package/dist/types-6D9VR7pT.d.cts +26 -0
package/dist/types-AelT0rFJ.d.cts +21 -0
package/dist/types-AelT0rFJ.d.ts +21 -0
package/dist/types-Bu5yCgmw.d.ts +26 -0
package/dist/types-DgixK-ll.d.cts +23 -0
package/dist/types-DgixK-ll.d.ts +23 -0
package/dist/types-DrMwdlH9.d.cts +245 -0
package/dist/types-DrMwdlH9.d.ts +245 -0
package/dist/ui/css/index.cjs +31 -0
package/dist/ui/css/index.cjs.map +1 -0
package/dist/ui/css/index.d.cts +15 -0
package/dist/ui/css/index.d.ts +15 -0
package/dist/ui/css/index.mjs +7 -0
package/dist/ui/css/index.mjs.map +1 -0
package/dist/ui/index.cjs +368 -0
package/dist/ui/index.cjs.map +1 -0
package/dist/ui/index.d.cts +4 -0
package/dist/ui/index.d.ts +4 -0
package/dist/ui/index.mjs +33 -0
package/dist/ui/index.mjs.map +1 -0
package/dist/ui/theme/index.cjs +105 -0
package/dist/ui/theme/index.cjs.map +1 -0
package/dist/ui/theme/index.d.cts +33 -0
package/dist/ui/theme/index.d.ts +33 -0
package/dist/ui/theme/index.mjs +15 -0
package/dist/ui/theme/index.mjs.map +1 -0
package/dist/ui/tokens/index.cjs +286 -0
package/dist/ui/tokens/index.cjs.map +1 -0
package/dist/ui/tokens/index.d.cts +54 -0
package/dist/ui/tokens/index.d.ts +54 -0
package/dist/ui/tokens/index.mjs +17 -0
package/dist/ui/tokens/index.mjs.map +1 -0
package/dist/ui/tokens.css +408 -0
package/dist/vue/auth/index.cjs +141 -0
package/dist/vue/auth/index.cjs.map +1 -0
package/dist/vue/auth/index.d.cts +78 -0
package/dist/vue/auth/index.d.ts +78 -0
package/dist/vue/auth/index.mjs +13 -0
package/dist/vue/auth/index.mjs.map +1 -0
package/dist/vue/composables/index.cjs +2108 -0
package/dist/vue/composables/index.cjs.map +1 -0
package/dist/vue/composables/index.d.cts +78 -0
package/dist/vue/composables/index.d.ts +78 -0
package/dist/vue/composables/index.mjs +46 -0
package/dist/vue/composables/index.mjs.map +1 -0
package/dist/vue/content/index.cjs +142 -0
package/dist/vue/content/index.cjs.map +1 -0
package/dist/vue/content/index.d.cts +47 -0
package/dist/vue/content/index.d.ts +47 -0
package/dist/vue/content/index.mjs +7 -0
package/dist/vue/content/index.mjs.map +1 -0
package/dist/vue/index.cjs +2389 -0
package/dist/vue/index.cjs.map +1 -0
package/dist/vue/index.d.cts +16 -0
package/dist/vue/index.d.ts +16 -0
package/dist/vue/index.mjs +69 -0
package/dist/vue/index.mjs.map +1 -0
package/dist/vue/provider/index.cjs +97 -0
package/dist/vue/provider/index.cjs.map +1 -0
package/dist/vue/provider/index.d.cts +90 -0
package/dist/vue/provider/index.d.ts +90 -0
package/dist/vue/provider/index.mjs +13 -0
package/dist/vue/provider/index.mjs.map +1 -0
package/package.json +195 -0

package/dist/server/proxy/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../src/server/proxy/index.ts","../../../src/regions/endpoints.ts","../../../src/regions/resolver.ts","../../../src/server/proxy/proxy-base.ts","../../../src/server/proxy/rate-limiter.ts","../../../src/server/proxy/scope-guard.ts","../../../src/server/proxy/cma-proxy.ts","../../../src/server/proxy/launch-proxy.ts","../../../src/server/proxy/brandkit-proxy.ts"],"sourcesContent":["export type { CMAProxyConfig, CMAScope } from \"./types.js\"\nexport { createCMAProxy } from \"./cma-proxy.js\"\nexport { resolveScope, checkScope } from \"./scope-guard.js\"\nexport type { LaunchProxyConfig } from \"./launch-proxy.js\"\nexport { createLaunchProxy } from \"./launch-proxy.js\"\nexport type { BrandKitProxyConfig } from \"./brandkit-proxy.js\"\nexport { createBrandKitProxy } from \"./brandkit-proxy.js\"\n","import {\n type ContentstackEndpoints as UpstreamEndpoints,\n getContentstackEndpoints,\n getRegionForString,\n} from \"@timbenniks/contentstack-endpoints\"\nimport type { ContentstackEndpoints, ContentstackRegion } from \"./resolver.js\"\n\n/** Brand Kit endpoints not available in upstream package — maintained locally */\nconst BRAND_KIT_URLS: Record<ContentstackRegion, { brandKit: string; brandKitAI: string }> = {\n us: {\n brandKit: \"https://brand-kits-api.contentstack.com\",\n brandKitAI: \"https://ai.contentstack.com/brand-kits\",\n },\n eu: {\n brandKit: \"https://eu-brand-kits-api.contentstack.com\",\n brandKitAI: \"https://eu-ai.contentstack.com/brand-kits\",\n },\n au: {\n brandKit: \"https://au-brand-kits-api.contentstack.com\",\n brandKitAI: \"https://au-ai.contentstack.com/brand-kits\",\n },\n \"azure-na\": {\n brandKit: \"https://azure-na-brand-kits-api.contentstack.com\",\n brandKitAI: \"https://azure-na-ai.contentstack.com/brand-kits\",\n },\n \"azure-eu\": {\n brandKit: \"https://azure-eu-brand-kits-api.contentstack.com\",\n brandKitAI: \"https://azure-eu-ai.contentstack.com/brand-kits\",\n },\n \"gcp-na\": {\n brandKit: \"https://gcp-na-brand-kits-api.contentstack.com\",\n brandKitAI: \"https://gcp-na-ai.contentstack.com/brand-kits\",\n },\n \"gcp-eu\": {\n brandKit: \"https://gcp-eu-brand-kits-api.contentstack.com\",\n brandKitAI: \"https://gcp-eu-ai.contentstack.com/brand-kits\",\n },\n}\n\nfunction mapEndpoints(\n upstream: UpstreamEndpoints,\n region: ContentstackRegion,\n hostsOnly: boolean,\n): ContentstackEndpoints {\n const bk = BRAND_KIT_URLS[region]\n const stripProtocol = (url: string) => url.replace(/^https?:\\/\\//, \"\")\n\n return Object.freeze({\n cma: upstream.contentManagement ?? \"\",\n cda: upstream.contentDelivery ?? \"\",\n graphql: upstream.graphqlDelivery ?? \"\",\n images: upstream.images ?? \"\",\n app: upstream.application ?? \"\",\n preview: upstream.preview ?? \"\",\n graphqlPreview: upstream.graphqlPreview ?? \"\",\n launch: upstream.launch ?? \"\",\n personalizeEdge: upstream.personalizeEdge ?? \"\",\n brandKit: hostsOnly ? stripProtocol(bk.brandKit) : bk.brandKit,\n brandKitAI: hostsOnly ? stripProtocol(bk.brandKitAI) : bk.brandKitAI,\n })\n}\n\nconst ALL_REGIONS: ContentstackRegion[] = [\n \"us\",\n \"eu\",\n \"au\",\n \"azure-na\",\n \"azure-eu\",\n \"gcp-na\",\n \"gcp-eu\",\n]\n\nfunction buildEndpointMap(): Record<ContentstackRegion, ContentstackEndpoints> {\n const map = {} as Record<ContentstackRegion, ContentstackEndpoints>\n for (const region of ALL_REGIONS) {\n map[region] = mapEndpoints(getContentstackEndpoints(region), region, false)\n }\n return Object.freeze(map)\n}\n\nfunction buildHostMap(): Record<ContentstackRegion, ContentstackEndpoints> {\n const map = {} as Record<ContentstackRegion, ContentstackEndpoints>\n for (const region of ALL_REGIONS) {\n map[region] = mapEndpoints(getContentstackEndpoints(region, true), region, true)\n }\n return Object.freeze(map)\n}\n\nexport const ENDPOINT_MAP = buildEndpointMap()\nexport const HOST_MAP = buildHostMap()\n\n/** Check if a string is a valid region via the upstream package */\nexport function isValidRegion(input: string): boolean {\n return getRegionForString(input) !== undefined\n}\n\n/** Map of extra aliases our SDK supports beyond what the upstream package handles */\nexport const EXTRA_ALIASES: Record<string, ContentstackRegion> = {\n \"north-america\": \"us\",\n europe: \"eu\",\n australia: \"au\",\n}\n","import { ContentstackConfigError } from \"../http/errors.js\"\nimport { ENDPOINT_MAP, EXTRA_ALIASES, HOST_MAP, isValidRegion } from \"./endpoints.js\"\n\n/** All 7 Contentstack regions */\nexport type ContentstackRegion = \"us\" | \"eu\" | \"au\" | \"azure-na\" | \"azure-eu\" | \"gcp-na\" | \"gcp-eu\"\n\n/** Resolved endpoint URLs for a region */\nexport interface ContentstackEndpoints {\n /** CMA base URL, e.g. \"https://api.contentstack.io\" */\n cma: string\n /** CDA REST base URL, e.g. \"https://cdn.contentstack.io\" */\n cda: string\n /** GraphQL CDA endpoint */\n graphql: string\n /** Asset/image delivery base URL */\n images: string\n /** Application URL (for OAuth), e.g. \"https://app.contentstack.com\" */\n app: string\n /** Preview API base URL */\n preview: string\n /** GraphQL preview endpoint */\n graphqlPreview: string\n /** Launch API base URL */\n launch: string\n /** Personalize edge endpoint */\n personalizeEdge: string\n /** Brand Kit Management API base URL */\n brandKit: string\n /** Brand Kit GenAI and Knowledge Vault base URL */\n brandKitAI: string\n}\n\nconst VALID_REGIONS = new Set<string>(Object.keys(ENDPOINT_MAP))\n\n/**\n * Resolve all API endpoints for a Contentstack region.\n *\n * @example\n * ```ts\n * const endpoints = resolveEndpoints(\"eu\");\n * // endpoints.cma === \"https://eu-api.contentstack.com\"\n * // endpoints.app === \"https://eu-app.contentstack.com\"\n * ```\n */\nexport function resolveEndpoints(region: ContentstackRegion): ContentstackEndpoints {\n return ENDPOINT_MAP[region]\n}\n\n/**\n * Resolve endpoints with https:// stripped (for SDK host parameters).\n *\n * @example\n * ```ts\n * const hosts = resolveHosts(\"eu\");\n * // hosts.cda === \"eu-cdn.contentstack.com\"\n * ```\n */\nexport function resolveHosts(region: ContentstackRegion): ContentstackEndpoints {\n return HOST_MAP[region]\n}\n\n/**\n * Normalize region aliases: \"na\" → \"us\", \"NA\" → \"us\", etc.\n * Case-insensitive. Throws ContentstackConfigError for unknown regions.\n */\nexport function normalizeRegion(input: string): ContentstackRegion {\n const lower = input.toLowerCase().trim()\n\n if (VALID_REGIONS.has(lower)) {\n return lower as ContentstackRegion\n }\n\n // Check extra aliases our SDK supports (north-america, europe, australia)\n const extraAlias = EXTRA_ALIASES[lower]\n if (extraAlias) {\n return extraAlias\n }\n\n // Check aliases handled by the upstream package (na, us, aws-na, etc.)\n if (isValidRegion(lower)) {\n // The upstream package recognized it — map back to our canonical region\n // \"na\" and \"us\" both map to the NA region which we call \"us\"\n if (lower === \"na\" || lower === \"aws-na\" || lower === \"aws_na\") return \"us\"\n if (lower === \"aws-eu\" || lower === \"aws_eu\") return \"eu\"\n if (lower === \"aws-au\" || lower === \"aws_au\") return \"au\"\n if (lower === \"azure_na\") return \"azure-na\"\n if (lower === \"azure_eu\") return \"azure-eu\"\n if (lower === \"gcp_na\") return \"gcp-na\"\n if (lower === \"gcp_eu\") return \"gcp-eu\"\n }\n\n const validRegions = [...VALID_REGIONS].join(\", \")\n const validAliases = [...Object.keys(EXTRA_ALIASES), \"na\", \"aws-na\", \"aws-eu\", \"aws-au\"].join(\n \", \",\n )\n throw new ContentstackConfigError(\n `Unknown region \"${input}\". Valid regions: ${validRegions}. Aliases: ${validAliases}.`,\n )\n}\n\nexport { ContentstackConfigError }\n","/**\n * Shared proxy infrastructure for Contentstack API proxies.\n *\n * Both the CMA proxy and Launch proxy build on these helpers to avoid\n * duplicating auth checks, URL parsing, body extraction, and fetch logic.\n */\n\nexport interface BaseProxyConfig {\n getAccessToken: (request: Request) => Promise<string | null>\n basePath: string\n timeout: number\n}\n\nexport interface ProxyRequestContext {\n token: string\n apiPath: string\n search: string\n method: string\n body: ArrayBuffer | undefined\n request: Request\n}\n\n/** Return a JSON error response with the given message and HTTP status. */\nexport function jsonErrorResponse(error: string, status: number): Response {\n return new Response(JSON.stringify({ error }), {\n status,\n headers: { \"Content-Type\": \"application/json\" },\n })\n}\n\n/**\n * Create the shared proxy pipeline: auth check → URL parse → body extract.\n *\n * The `handleRequest` callback receives a validated context and is responsible\n * for building headers, constructing the target URL, and forwarding the request.\n */\nexport function createBaseProxy(\n config: BaseProxyConfig,\n handleRequest: (ctx: ProxyRequestContext) => Promise<Response>,\n): (request: Request) => Promise<Response> {\n return async (request: Request): Promise<Response> => {\n const token = await config.getAccessToken(request)\n if (!token) {\n return jsonErrorResponse(\"Unauthorized\", 401)\n }\n\n const url = new URL(request.url)\n const apiPath = url.pathname.replace(config.basePath, \"\")\n\n const body =\n [\"GET\", \"HEAD\"].includes(request.method) || request.body === null\n ? undefined\n : await request.arrayBuffer()\n\n return handleRequest({\n token,\n apiPath,\n search: url.search,\n method: request.method,\n body,\n request,\n })\n }\n}\n\n/**\n * Forward a request to an upstream API and stream the response back.\n *\n * Returns a 502 \"Bad Gateway\" response on any fetch failure (network error, timeout).\n */\nexport async function forwardRequest(\n url: string,\n method: string,\n headers: Record<string, string>,\n body: ArrayBuffer | undefined,\n timeout: number,\n): Promise<Response> {\n try {\n const upstream = await fetch(url, {\n method,\n headers,\n body,\n signal: AbortSignal.timeout(timeout),\n })\n\n return new Response(upstream.body, {\n status: upstream.status,\n headers: {\n \"content-type\": upstream.headers.get(\"content-type\") ?? \"application/json\",\n },\n })\n } catch {\n return jsonErrorResponse(\"Bad Gateway\", 502)\n }\n}\n","interface RateWindow {\n count: number\n windowStart: number\n}\n\n/**\n * Create a simple in-memory sliding window rate limiter.\n *\n * Each unique key (typically an access token) gets its own counter\n * that resets after the window expires.\n *\n * @param maxRequests - Maximum requests allowed per window\n * @param windowMs - Window duration in milliseconds (default: 60000)\n */\nexport function createRateLimiter(maxRequests: number, windowMs = 60_000) {\n const windows = new Map<string, RateWindow>()\n\n return {\n /**\n * Check if the request is within rate limits.\n * @returns `true` if the request is allowed, `false` if rate limited.\n */\n check(key: string): boolean {\n const now = Date.now()\n const window = windows.get(key)\n\n // Clean stale entries on each check\n for (const [k, w] of windows) {\n if (now - w.windowStart > windowMs) {\n windows.delete(k)\n }\n }\n\n if (!window || now - window.windowStart > windowMs) {\n windows.set(key, { count: 1, windowStart: now })\n return true\n }\n\n window.count++\n return window.count <= maxRequests\n },\n }\n}\n","import type { CMAScope } from \"./types.js\"\n\nconst READ_METHODS = new Set([\"GET\", \"HEAD\"])\n\n/**\n * Resolve the required CMA scope for a given HTTP method and path.\n *\n * Path matching checks for known segments. The order matters:\n * `/entries` is checked before `/content_types` because entry URLs\n * like `/content_types/blog/entries` contain both.\n *\n * @returns The required scope, or `null` if the path is unrecognized.\n */\nexport function resolveScope(method: string, path: string): CMAScope | null {\n const isRead = READ_METHODS.has(method.toUpperCase())\n const suffix = isRead ? \":read\" : \":write\"\n const segments = path.split(\"/\")\n\n if (segments.includes(\"entries\")) return `entries${suffix}` as CMAScope\n if (segments.includes(\"content_types\")) return `content-types${suffix}` as CMAScope\n if (segments.includes(\"assets\")) return `assets${suffix}` as CMAScope\n if (segments.includes(\"environments\")) return \"environments:read\"\n if (segments.includes(\"locales\")) return \"locales:read\"\n if (segments.includes(\"releases\")) return `releases${suffix}` as CMAScope\n if (segments.includes(\"taxonomies\")) return `taxonomies${suffix}` as CMAScope\n if (segments.includes(\"workflows\")) return `workflows${suffix}` as CMAScope\n if (segments.includes(\"webhooks\")) return `webhooks${suffix}` as CMAScope\n\n return null\n}\n\n/**\n * Check whether a required scope is present in the allowed scopes list.\n *\n * @returns An error message if the scope is not allowed, or `null` if permitted.\n */\nexport function checkScope(required: CMAScope, allowed: CMAScope[]): string | null {\n if (allowed.includes(required)) return null\n return `Scope \"${required}\" is not allowed. Allowed scopes: ${allowed.join(\", \")}`\n}\n","import { resolveEndpoints } from \"../../index.js\"\nimport { createBaseProxy, forwardRequest, jsonErrorResponse } from \"./proxy-base.js\"\nimport { createRateLimiter } from \"./rate-limiter.js\"\nimport { checkScope, resolveScope } from \"./scope-guard.js\"\nimport type { CMAProxyConfig } from \"./types.js\"\n\n/**\n * Create a CMA proxy handler that forwards requests to Contentstack.\n *\n * The returned function accepts a standard `Request` and returns a `Response`,\n * making it compatible with Next.js route handlers, Deno/Bun servers, and\n * any framework that uses the Web API Request/Response model.\n *\n * @example\n * ```ts\n * // app/api/cma/[...path]/route.ts\n * const proxy = createCMAProxy({\n * region: \"us\",\n * apiKey: \"your-api-key\",\n * getAccessToken: async (req) => {\n * const session = await auth()\n * return session?.accessToken ?? null\n * },\n * })\n *\n * export const GET = proxy\n * export const POST = proxy\n * export const PUT = proxy\n * export const DELETE = proxy\n * ```\n */\nexport function createCMAProxy(config: CMAProxyConfig): (request: Request) => Promise<Response> {\n const endpoints = resolveEndpoints(config.region)\n const cmaBase = `${endpoints.cma}/v3`\n const timeout = config.timeout ?? 30_000\n const rateLimiter = config.rateLimit ? createRateLimiter(config.rateLimit) : null\n\n return createBaseProxy(\n {\n getAccessToken: config.getAccessToken,\n basePath: config.basePath ?? \"/api/cma\",\n timeout,\n },\n async (ctx) => {\n if (rateLimiter && !rateLimiter.check(ctx.token)) {\n return jsonErrorResponse(\"Too Many Requests\", 429)\n }\n\n if (config.allowedScopes) {\n const scope = resolveScope(ctx.method, ctx.apiPath)\n if (!scope) {\n if ((config.unmappedScopeBehavior ?? \"deny\") === \"deny\") {\n return jsonErrorResponse(\n `No scope mapping found for \"${ctx.method} ${ctx.apiPath}\". Add a mapping or set unmappedScopeBehavior: \"allow\".`,\n 403,\n )\n }\n } else {\n const rejection = checkScope(scope, config.allowedScopes)\n if (rejection) {\n return jsonErrorResponse(rejection, 403)\n }\n }\n }\n\n const headers: Record<string, string> = {\n api_key: config.apiKey,\n authorization: `Bearer ${ctx.token}`,\n }\n const contentType = ctx.request.headers.get(\"content-type\")\n if (contentType) {\n headers[\"content-type\"] = contentType\n }\n\n return forwardRequest(\n cmaBase + ctx.apiPath + ctx.search,\n ctx.method,\n headers,\n ctx.body,\n timeout,\n )\n },\n )\n}\n","import { resolveEndpoints } from \"../../index.js\"\nimport type { ContentstackRegion } from \"../../index.js\"\nimport { createBaseProxy, forwardRequest } from \"./proxy-base.js\"\n\nexport interface LaunchProxyConfig {\n /** Contentstack region */\n region: ContentstackRegion\n /** Organization UID — required for all Launch API calls */\n organizationUid: string\n /** Callback to retrieve the user's access token from the request */\n getAccessToken: (request: Request) => Promise<string | null>\n /** URL prefix to strip when extracting the Launch API path (default: \"/api/launch\") */\n basePath?: string\n /** Request timeout in milliseconds (default: 30000) */\n timeout?: number\n}\n\n/**\n * Create a Launch API proxy handler that forwards requests to Contentstack Launch.\n *\n * The returned function accepts a standard `Request` and returns a `Response`,\n * making it compatible with Next.js route handlers, Deno/Bun servers, and\n * any framework that uses the Web API Request/Response model.\n *\n * @example\n * ```ts\n * // app/api/launch/[...path]/route.ts\n * const proxy = createLaunchProxy({\n * region: \"us\",\n * organizationUid: \"org-uid\",\n * getAccessToken: async () => {\n * const session = await auth()\n * return session?.accessToken ?? null\n * },\n * })\n *\n * export const GET = proxy\n * export const POST = proxy\n * export const PUT = proxy\n * export const DELETE = proxy\n * ```\n */\nexport function createLaunchProxy(\n config: LaunchProxyConfig,\n): (request: Request) => Promise<Response> {\n const endpoints = resolveEndpoints(config.region)\n const launchBase = endpoints.launch\n const timeout = config.timeout ?? 30_000\n\n return createBaseProxy(\n {\n getAccessToken: config.getAccessToken,\n basePath: config.basePath ?? \"/api/launch\",\n timeout,\n },\n async (ctx) => {\n const headers: Record<string, string> = {\n authorization: `Bearer ${ctx.token}`,\n organization_uid: config.organizationUid,\n \"content-type\": \"application/json\",\n }\n\n return forwardRequest(\n launchBase + ctx.apiPath + ctx.search,\n ctx.method,\n headers,\n ctx.body,\n timeout,\n )\n },\n )\n}\n","import { resolveEndpoints } from \"../../index.js\"\nimport type { ContentstackRegion } from \"../../index.js\"\nimport { createBaseProxy, forwardRequest, jsonErrorResponse } from \"./proxy-base.js\"\n\nexport interface BrandKitProxyConfig {\n /** Contentstack region */\n region: ContentstackRegion\n /** Organization UID — required for all Brand Kit API calls */\n organizationUid: string\n /** Brand Kit UID — required for all Brand Kit API calls */\n brandKitUid: string\n /** Callback to retrieve the user's access token from the request */\n getAccessToken: (request: Request) => Promise<string | null>\n /** URL prefix to strip when extracting the API path (default: \"/api/brandkit\") */\n basePath?: string\n /** Restrict operations: \"read\" allows GET only, \"manage\" allows all methods */\n allowedOperations?: (\"read\" | \"manage\")[]\n /** Request timeout in milliseconds (default: 30000) */\n timeout?: number\n}\n\n/**\n * Create a Brand Kit proxy handler that forwards requests to Contentstack\n * Brand Kit Management, Knowledge Vault, and Generative AI APIs.\n *\n * Routes are determined by path:\n * - Paths containing `/knowledge-vault` or `/generative-ai` → brandKitAI base URL\n * - All other paths (brand kits, voice profiles) → brandKit base URL\n *\n * @example\n * ```ts\n * // app/api/brandkit/[...path]/route.ts\n * const proxy = createBrandKitProxy({\n * region: \"us\",\n * organizationUid: \"org-uid\",\n * brandKitUid: \"bk-uid\",\n * getAccessToken: async () => {\n * const session = await auth()\n * return session?.accessToken ?? null\n * },\n * })\n *\n * export const GET = proxy\n * export const POST = proxy\n * export const PUT = proxy\n * export const DELETE = proxy\n * ```\n */\nexport function createBrandKitProxy(\n config: BrandKitProxyConfig,\n): (request: Request) => Promise<Response> {\n const endpoints = resolveEndpoints(config.region)\n const brandKitBase = endpoints.brandKit\n const brandKitAIBase = endpoints.brandKitAI\n const timeout = config.timeout ?? 30_000\n\n return createBaseProxy(\n {\n getAccessToken: config.getAccessToken,\n basePath: config.basePath ?? \"/api/brandkit\",\n timeout,\n },\n async (ctx) => {\n if (config.allowedOperations?.length) {\n const hasManage = config.allowedOperations.includes(\"manage\")\n if (!hasManage && ![\"GET\", \"HEAD\"].includes(ctx.method)) {\n return jsonErrorResponse(\"Forbidden: read-only mode\", 403)\n }\n }\n\n const headers: Record<string, string> = {\n authorization: `Bearer ${ctx.token}`,\n organization_uid: config.organizationUid,\n brand_kit_uid: config.brandKitUid,\n \"content-type\": \"application/json\",\n }\n\n const isAIPath =\n ctx.apiPath.includes(\"/knowledge-vault\") || ctx.apiPath.includes(\"/generative-ai\")\n const baseUrl = isAIPath ? brandKitAIBase : brandKitBase\n\n return forwardRequest(\n baseUrl + ctx.apiPath + ctx.search,\n ctx.method,\n headers,\n ctx.body,\n timeout,\n )\n },\n )\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oCAIO;AAIP,IAAM,iBAAuF;AAAA,EAC3F,IAAI;AAAA,IACF,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AAAA,EACA,IAAI;AAAA,IACF,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AAAA,EACA,IAAI;AAAA,IACF,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AAAA,EACA,YAAY;AAAA,IACV,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AAAA,EACA,YAAY;AAAA,IACV,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AAAA,EACA,UAAU;AAAA,IACR,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AAAA,EACA,UAAU;AAAA,IACR,UAAU;AAAA,IACV,YAAY;AAAA,EACd;AACF;AAEA,SAAS,aACP,UACA,QACA,WACuB;AACvB,QAAM,KAAK,eAAe,MAAM;AAChC,QAAM,gBAAgB,CAAC,QAAgB,IAAI,QAAQ,gBAAgB,EAAE;AAErE,SAAO,OAAO,OAAO;AAAA,IACnB,KAAK,SAAS,qBAAqB;AAAA,IACnC,KAAK,SAAS,mBAAmB;AAAA,IACjC,SAAS,SAAS,mBAAmB;AAAA,IACrC,QAAQ,SAAS,UAAU;AAAA,IAC3B,KAAK,SAAS,eAAe;AAAA,IAC7B,SAAS,SAAS,WAAW;AAAA,IAC7B,gBAAgB,SAAS,kBAAkB;AAAA,IAC3C,QAAQ,SAAS,UAAU;AAAA,IAC3B,iBAAiB,SAAS,mBAAmB;AAAA,IAC7C,UAAU,YAAY,cAAc,GAAG,QAAQ,IAAI,GAAG;AAAA,IACtD,YAAY,YAAY,cAAc,GAAG,UAAU,IAAI,GAAG;AAAA,EAC5D,CAAC;AACH;AAEA,IAAM,cAAoC;AAAA,EACxC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,SAAS,mBAAsE;AAC7E,QAAM,MAAM,CAAC;AACb,aAAW,UAAU,aAAa;AAChC,QAAI,MAAM,IAAI,iBAAa,wDAAyB,MAAM,GAAG,QAAQ,KAAK;AAAA,EAC5E;AACA,SAAO,OAAO,OAAO,GAAG;AAC1B;AAEA,SAAS,eAAkE;AACzE,QAAM,MAAM,CAAC;AACb,aAAW,UAAU,aAAa;AAChC,QAAI,MAAM,IAAI,iBAAa,wDAAyB,QAAQ,IAAI,GAAG,QAAQ,IAAI;AAAA,EACjF;AACA,SAAO,OAAO,OAAO,GAAG;AAC1B;AAEO,IAAM,eAAe,iBAAiB;AACtC,IAAM,WAAW,aAAa;;;ACzDrC,IAAM,gBAAgB,IAAI,IAAY,OAAO,KAAK,YAAY,CAAC;AAYxD,SAAS,iBAAiB,QAAmD;AAClF,SAAO,aAAa,MAAM;AAC5B;;;ACvBO,SAAS,kBAAkB,OAAe,QAA0B;AACzE,SAAO,IAAI,SAAS,KAAK,UAAU,EAAE,MAAM,CAAC,GAAG;AAAA,IAC7C;AAAA,IACA,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,EAChD,CAAC;AACH;AAQO,SAAS,gBACd,QACA,eACyC;AACzC,SAAO,OAAO,YAAwC;AACpD,UAAM,QAAQ,MAAM,OAAO,eAAe,OAAO;AACjD,QAAI,CAAC,OAAO;AACV,aAAO,kBAAkB,gBAAgB,GAAG;AAAA,IAC9C;AAEA,UAAM,MAAM,IAAI,IAAI,QAAQ,GAAG;AAC/B,UAAM,UAAU,IAAI,SAAS,QAAQ,OAAO,UAAU,EAAE;AAExD,UAAM,OACJ,CAAC,OAAO,MAAM,EAAE,SAAS,QAAQ,MAAM,KAAK,QAAQ,SAAS,OACzD,SACA,MAAM,QAAQ,YAAY;AAEhC,WAAO,cAAc;AAAA,MACnB;AAAA,MACA;AAAA,MACA,QAAQ,IAAI;AAAA,MACZ,QAAQ,QAAQ;AAAA,MAChB;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAOA,eAAsB,eACpB,KACA,QACA,SACA,MACA,SACmB;AACnB,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ,YAAY,QAAQ,OAAO;AAAA,IACrC,CAAC;AAED,WAAO,IAAI,SAAS,SAAS,MAAM;AAAA,MACjC,QAAQ,SAAS;AAAA,MACjB,SAAS;AAAA,QACP,gBAAgB,SAAS,QAAQ,IAAI,cAAc,KAAK;AAAA,MAC1D;AAAA,IACF,CAAC;AAAA,EACH,QAAQ;AACN,WAAO,kBAAkB,eAAe,GAAG;AAAA,EAC7C;AACF;;;AChFO,SAAS,kBAAkB,aAAqB,WAAW,KAAQ;AACxE,QAAM,UAAU,oBAAI,IAAwB;AAE5C,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA,IAKL,MAAM,KAAsB;AAC1B,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,SAAS,QAAQ,IAAI,GAAG;AAG9B,iBAAW,CAAC,GAAG,CAAC,KAAK,SAAS;AAC5B,YAAI,MAAM,EAAE,cAAc,UAAU;AAClC,kBAAQ,OAAO,CAAC;AAAA,QAClB;AAAA,MACF;AAEA,UAAI,CAAC,UAAU,MAAM,OAAO,cAAc,UAAU;AAClD,gBAAQ,IAAI,KAAK,EAAE,OAAO,GAAG,aAAa,IAAI,CAAC;AAC/C,eAAO;AAAA,MACT;AAEA,aAAO;AACP,aAAO,OAAO,SAAS;AAAA,IACzB;AAAA,EACF;AACF;;;ACxCA,IAAM,eAAe,oBAAI,IAAI,CAAC,OAAO,MAAM,CAAC;AAWrC,SAAS,aAAa,QAAgB,MAA+B;AAC1E,QAAM,SAAS,aAAa,IAAI,OAAO,YAAY,CAAC;AACpD,QAAM,SAAS,SAAS,UAAU;AAClC,QAAM,WAAW,KAAK,MAAM,GAAG;AAE/B,MAAI,SAAS,SAAS,SAAS,EAAG,QAAO,UAAU,MAAM;AACzD,MAAI,SAAS,SAAS,eAAe,EAAG,QAAO,gBAAgB,MAAM;AACrE,MAAI,SAAS,SAAS,QAAQ,EAAG,QAAO,SAAS,MAAM;AACvD,MAAI,SAAS,SAAS,cAAc,EAAG,QAAO;AAC9C,MAAI,SAAS,SAAS,SAAS,EAAG,QAAO;AACzC,MAAI,SAAS,SAAS,UAAU,EAAG,QAAO,WAAW,MAAM;AAC3D,MAAI,SAAS,SAAS,YAAY,EAAG,QAAO,aAAa,MAAM;AAC/D,MAAI,SAAS,SAAS,WAAW,EAAG,QAAO,YAAY,MAAM;AAC7D,MAAI,SAAS,SAAS,UAAU,EAAG,QAAO,WAAW,MAAM;AAE3D,SAAO;AACT;AAOO,SAAS,WAAW,UAAoB,SAAoC;AACjF,MAAI,QAAQ,SAAS,QAAQ,EAAG,QAAO;AACvC,SAAO,UAAU,QAAQ,qCAAqC,QAAQ,KAAK,IAAI,CAAC;AAClF;;;ACRO,SAAS,eAAe,QAAiE;AAC9F,QAAM,YAAY,iBAAiB,OAAO,MAAM;AAChD,QAAM,UAAU,GAAG,UAAU,GAAG;AAChC,QAAM,UAAU,OAAO,WAAW;AAClC,QAAM,cAAc,OAAO,YAAY,kBAAkB,OAAO,SAAS,IAAI;AAE7E,SAAO;AAAA,IACL;AAAA,MACE,gBAAgB,OAAO;AAAA,MACvB,UAAU,OAAO,YAAY;AAAA,MAC7B;AAAA,IACF;AAAA,IACA,OAAO,QAAQ;AACb,UAAI,eAAe,CAAC,YAAY,MAAM,IAAI,KAAK,GAAG;AAChD,eAAO,kBAAkB,qBAAqB,GAAG;AAAA,MACnD;AAEA,UAAI,OAAO,eAAe;AACxB,cAAM,QAAQ,aAAa,IAAI,QAAQ,IAAI,OAAO;AAClD,YAAI,CAAC,OAAO;AACV,eAAK,OAAO,yBAAyB,YAAY,QAAQ;AACvD,mBAAO;AAAA,cACL,+BAA+B,IAAI,MAAM,IAAI,IAAI,OAAO;AAAA,cACxD;AAAA,YACF;AAAA,UACF;AAAA,QACF,OAAO;AACL,gBAAM,YAAY,WAAW,OAAO,OAAO,aAAa;AACxD,cAAI,WAAW;AACb,mBAAO,kBAAkB,WAAW,GAAG;AAAA,UACzC;AAAA,QACF;AAAA,MACF;AAEA,YAAM,UAAkC;AAAA,QACtC,SAAS,OAAO;AAAA,QAChB,eAAe,UAAU,IAAI,KAAK;AAAA,MACpC;AACA,YAAM,cAAc,IAAI,QAAQ,QAAQ,IAAI,cAAc;AAC1D,UAAI,aAAa;AACf,gBAAQ,cAAc,IAAI;AAAA,MAC5B;AAEA,aAAO;AAAA,QACL,UAAU,IAAI,UAAU,IAAI;AAAA,QAC5B,IAAI;AAAA,QACJ;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;;;ACzCO,SAAS,kBACd,QACyC;AACzC,QAAM,YAAY,iBAAiB,OAAO,MAAM;AAChD,QAAM,aAAa,UAAU;AAC7B,QAAM,UAAU,OAAO,WAAW;AAElC,SAAO;AAAA,IACL;AAAA,MACE,gBAAgB,OAAO;AAAA,MACvB,UAAU,OAAO,YAAY;AAAA,MAC7B;AAAA,IACF;AAAA,IACA,OAAO,QAAQ;AACb,YAAM,UAAkC;AAAA,QACtC,eAAe,UAAU,IAAI,KAAK;AAAA,QAClC,kBAAkB,OAAO;AAAA,QACzB,gBAAgB;AAAA,MAClB;AAEA,aAAO;AAAA,QACL,aAAa,IAAI,UAAU,IAAI;AAAA,QAC/B,IAAI;AAAA,QACJ;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;;;ACvBO,SAAS,oBACd,QACyC;AACzC,QAAM,YAAY,iBAAiB,OAAO,MAAM;AAChD,QAAM,eAAe,UAAU;AAC/B,QAAM,iBAAiB,UAAU;AACjC,QAAM,UAAU,OAAO,WAAW;AAElC,SAAO;AAAA,IACL;AAAA,MACE,gBAAgB,OAAO;AAAA,MACvB,UAAU,OAAO,YAAY;AAAA,MAC7B;AAAA,IACF;AAAA,IACA,OAAO,QAAQ;AACb,UAAI,OAAO,mBAAmB,QAAQ;AACpC,cAAM,YAAY,OAAO,kBAAkB,SAAS,QAAQ;AAC5D,YAAI,CAAC,aAAa,CAAC,CAAC,OAAO,MAAM,EAAE,SAAS,IAAI,MAAM,GAAG;AACvD,iBAAO,kBAAkB,6BAA6B,GAAG;AAAA,QAC3D;AAAA,MACF;AAEA,YAAM,UAAkC;AAAA,QACtC,eAAe,UAAU,IAAI,KAAK;AAAA,QAClC,kBAAkB,OAAO;AAAA,QACzB,eAAe,OAAO;AAAA,QACtB,gBAAgB;AAAA,MAClB;AAEA,YAAM,WACJ,IAAI,QAAQ,SAAS,kBAAkB,KAAK,IAAI,QAAQ,SAAS,gBAAgB;AACnF,YAAM,UAAU,WAAW,iBAAiB;AAE5C,aAAO;AAAA,QACL,UAAU,IAAI,UAAU,IAAI;AAAA,QAC5B,IAAI;AAAA,QACJ;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;","names":[]}

package/dist/server/proxy/index.d.cts ADDED Viewed

@@ -0,0 +1,143 @@
+import { ContentstackRegion } from '../../regions/index.cjs';
+type CMAScope = "entries:read" | "entries:write" | "content-types:read" | "content-types:write" | "assets:read" | "assets:write" | "environments:read" | "locales:read" | "releases:read" | "releases:write" | "taxonomies:read" | "taxonomies:write" | "workflows:read" | "workflows:write" | "webhooks:read" | "webhooks:write";
+interface CMAProxyConfig {
+    region: ContentstackRegion;
+    apiKey: string;
+    getAccessToken: (request: Request) => Promise<string | null>;
+    basePath?: string;
+    allowedScopes?: CMAScope[];
+    unmappedScopeBehavior?: "allow" | "deny";
+    rateLimit?: number;
+    timeout?: number;
+}
+/**
+ * Create a CMA proxy handler that forwards requests to Contentstack.
+ *
+ * The returned function accepts a standard `Request` and returns a `Response`,
+ * making it compatible with Next.js route handlers, Deno/Bun servers, and
+ * any framework that uses the Web API Request/Response model.
+ *
+ * @example
+ * ```ts
+ * // app/api/cma/[...path]/route.ts
+ * const proxy = createCMAProxy({
+ *   region: "us",
+ *   apiKey: "your-api-key",
+ *   getAccessToken: async (req) => {
+ *     const session = await auth()
+ *     return session?.accessToken ?? null
+ *   },
+ * })
+ *
+ * export const GET = proxy
+ * export const POST = proxy
+ * export const PUT = proxy
+ * export const DELETE = proxy
+ * ```
+ */
+declare function createCMAProxy(config: CMAProxyConfig): (request: Request) => Promise<Response>;
+/**
+ * Resolve the required CMA scope for a given HTTP method and path.
+ *
+ * Path matching checks for known segments. The order matters:
+ * `/entries` is checked before `/content_types` because entry URLs
+ * like `/content_types/blog/entries` contain both.
+ *
+ * @returns The required scope, or `null` if the path is unrecognized.
+ */
+declare function resolveScope(method: string, path: string): CMAScope | null;
+/**
+ * Check whether a required scope is present in the allowed scopes list.
+ *
+ * @returns An error message if the scope is not allowed, or `null` if permitted.
+ */
+declare function checkScope(required: CMAScope, allowed: CMAScope[]): string | null;
+interface LaunchProxyConfig {
+    /** Contentstack region */
+    region: ContentstackRegion;
+    /** Organization UID — required for all Launch API calls */
+    organizationUid: string;
+    /** Callback to retrieve the user's access token from the request */
+    getAccessToken: (request: Request) => Promise<string | null>;
+    /** URL prefix to strip when extracting the Launch API path (default: "/api/launch") */
+    basePath?: string;
+    /** Request timeout in milliseconds (default: 30000) */
+    timeout?: number;
+}
+/**
+ * Create a Launch API proxy handler that forwards requests to Contentstack Launch.
+ *
+ * The returned function accepts a standard `Request` and returns a `Response`,
+ * making it compatible with Next.js route handlers, Deno/Bun servers, and
+ * any framework that uses the Web API Request/Response model.
+ *
+ * @example
+ * ```ts
+ * // app/api/launch/[...path]/route.ts
+ * const proxy = createLaunchProxy({
+ *   region: "us",
+ *   organizationUid: "org-uid",
+ *   getAccessToken: async () => {
+ *     const session = await auth()
+ *     return session?.accessToken ?? null
+ *   },
+ * })
+ *
+ * export const GET = proxy
+ * export const POST = proxy
+ * export const PUT = proxy
+ * export const DELETE = proxy
+ * ```
+ */
+declare function createLaunchProxy(config: LaunchProxyConfig): (request: Request) => Promise<Response>;
+interface BrandKitProxyConfig {
+    /** Contentstack region */
+    region: ContentstackRegion;
+    /** Organization UID — required for all Brand Kit API calls */
+    organizationUid: string;
+    /** Brand Kit UID — required for all Brand Kit API calls */
+    brandKitUid: string;
+    /** Callback to retrieve the user's access token from the request */
+    getAccessToken: (request: Request) => Promise<string | null>;
+    /** URL prefix to strip when extracting the API path (default: "/api/brandkit") */
+    basePath?: string;
+    /** Restrict operations: "read" allows GET only, "manage" allows all methods */
+    allowedOperations?: ("read" | "manage")[];
+    /** Request timeout in milliseconds (default: 30000) */
+    timeout?: number;
+}
+/**
+ * Create a Brand Kit proxy handler that forwards requests to Contentstack
+ * Brand Kit Management, Knowledge Vault, and Generative AI APIs.
+ *
+ * Routes are determined by path:
+ * - Paths containing `/knowledge-vault` or `/generative-ai` → brandKitAI base URL
+ * - All other paths (brand kits, voice profiles) → brandKit base URL
+ *
+ * @example
+ * ```ts
+ * // app/api/brandkit/[...path]/route.ts
+ * const proxy = createBrandKitProxy({
+ *   region: "us",
+ *   organizationUid: "org-uid",
+ *   brandKitUid: "bk-uid",
+ *   getAccessToken: async () => {
+ *     const session = await auth()
+ *     return session?.accessToken ?? null
+ *   },
+ * })
+ *
+ * export const GET = proxy
+ * export const POST = proxy
+ * export const PUT = proxy
+ * export const DELETE = proxy
+ * ```
+ */
+declare function createBrandKitProxy(config: BrandKitProxyConfig): (request: Request) => Promise<Response>;
+export { type BrandKitProxyConfig, type CMAProxyConfig, type CMAScope, type LaunchProxyConfig, checkScope, createBrandKitProxy, createCMAProxy, createLaunchProxy, resolveScope };

package/dist/server/proxy/index.d.ts ADDED Viewed

@@ -0,0 +1,143 @@
+import { ContentstackRegion } from '../../regions/index.js';
+type CMAScope = "entries:read" | "entries:write" | "content-types:read" | "content-types:write" | "assets:read" | "assets:write" | "environments:read" | "locales:read" | "releases:read" | "releases:write" | "taxonomies:read" | "taxonomies:write" | "workflows:read" | "workflows:write" | "webhooks:read" | "webhooks:write";
+interface CMAProxyConfig {
+    region: ContentstackRegion;
+    apiKey: string;
+    getAccessToken: (request: Request) => Promise<string | null>;
+    basePath?: string;
+    allowedScopes?: CMAScope[];
+    unmappedScopeBehavior?: "allow" | "deny";
+    rateLimit?: number;
+    timeout?: number;
+}
+/**
+ * Create a CMA proxy handler that forwards requests to Contentstack.
+ *
+ * The returned function accepts a standard `Request` and returns a `Response`,
+ * making it compatible with Next.js route handlers, Deno/Bun servers, and
+ * any framework that uses the Web API Request/Response model.
+ *
+ * @example
+ * ```ts
+ * // app/api/cma/[...path]/route.ts
+ * const proxy = createCMAProxy({
+ *   region: "us",
+ *   apiKey: "your-api-key",
+ *   getAccessToken: async (req) => {
+ *     const session = await auth()
+ *     return session?.accessToken ?? null
+ *   },
+ * })
+ *
+ * export const GET = proxy
+ * export const POST = proxy
+ * export const PUT = proxy
+ * export const DELETE = proxy
+ * ```
+ */
+declare function createCMAProxy(config: CMAProxyConfig): (request: Request) => Promise<Response>;
+/**
+ * Resolve the required CMA scope for a given HTTP method and path.
+ *
+ * Path matching checks for known segments. The order matters:
+ * `/entries` is checked before `/content_types` because entry URLs
+ * like `/content_types/blog/entries` contain both.
+ *
+ * @returns The required scope, or `null` if the path is unrecognized.
+ */
+declare function resolveScope(method: string, path: string): CMAScope | null;
+/**
+ * Check whether a required scope is present in the allowed scopes list.
+ *
+ * @returns An error message if the scope is not allowed, or `null` if permitted.
+ */
+declare function checkScope(required: CMAScope, allowed: CMAScope[]): string | null;
+interface LaunchProxyConfig {
+    /** Contentstack region */
+    region: ContentstackRegion;
+    /** Organization UID — required for all Launch API calls */
+    organizationUid: string;
+    /** Callback to retrieve the user's access token from the request */
+    getAccessToken: (request: Request) => Promise<string | null>;
+    /** URL prefix to strip when extracting the Launch API path (default: "/api/launch") */
+    basePath?: string;
+    /** Request timeout in milliseconds (default: 30000) */
+    timeout?: number;
+}
+/**
+ * Create a Launch API proxy handler that forwards requests to Contentstack Launch.
+ *
+ * The returned function accepts a standard `Request` and returns a `Response`,
+ * making it compatible with Next.js route handlers, Deno/Bun servers, and
+ * any framework that uses the Web API Request/Response model.
+ *
+ * @example
+ * ```ts
+ * // app/api/launch/[...path]/route.ts
+ * const proxy = createLaunchProxy({
+ *   region: "us",
+ *   organizationUid: "org-uid",
+ *   getAccessToken: async () => {
+ *     const session = await auth()
+ *     return session?.accessToken ?? null
+ *   },
+ * })
+ *
+ * export const GET = proxy
+ * export const POST = proxy
+ * export const PUT = proxy
+ * export const DELETE = proxy
+ * ```
+ */
+declare function createLaunchProxy(config: LaunchProxyConfig): (request: Request) => Promise<Response>;
+interface BrandKitProxyConfig {
+    /** Contentstack region */
+    region: ContentstackRegion;
+    /** Organization UID — required for all Brand Kit API calls */
+    organizationUid: string;
+    /** Brand Kit UID — required for all Brand Kit API calls */
+    brandKitUid: string;
+    /** Callback to retrieve the user's access token from the request */
+    getAccessToken: (request: Request) => Promise<string | null>;
+    /** URL prefix to strip when extracting the API path (default: "/api/brandkit") */
+    basePath?: string;
+    /** Restrict operations: "read" allows GET only, "manage" allows all methods */
+    allowedOperations?: ("read" | "manage")[];
+    /** Request timeout in milliseconds (default: 30000) */
+    timeout?: number;
+}
+/**
+ * Create a Brand Kit proxy handler that forwards requests to Contentstack
+ * Brand Kit Management, Knowledge Vault, and Generative AI APIs.
+ *
+ * Routes are determined by path:
+ * - Paths containing `/knowledge-vault` or `/generative-ai` → brandKitAI base URL
+ * - All other paths (brand kits, voice profiles) → brandKit base URL
+ *
+ * @example
+ * ```ts
+ * // app/api/brandkit/[...path]/route.ts
+ * const proxy = createBrandKitProxy({
+ *   region: "us",
+ *   organizationUid: "org-uid",
+ *   brandKitUid: "bk-uid",
+ *   getAccessToken: async () => {
+ *     const session = await auth()
+ *     return session?.accessToken ?? null
+ *   },
+ * })
+ *
+ * export const GET = proxy
+ * export const POST = proxy
+ * export const PUT = proxy
+ * export const DELETE = proxy
+ * ```
+ */
+declare function createBrandKitProxy(config: BrandKitProxyConfig): (request: Request) => Promise<Response>;
+export { type BrandKitProxyConfig, type CMAProxyConfig, type CMAScope, type LaunchProxyConfig, checkScope, createBrandKitProxy, createCMAProxy, createLaunchProxy, resolveScope };

package/dist/server/proxy/index.mjs ADDED Viewed

@@ -0,0 +1,29 @@
+import {
+  checkScope,
+  createBrandKitProxy,
+  createCMAProxy,
+  createLaunchProxy,
+  resolveScope
+} from "../../chunk-JYGZBKTH.mjs";
+import "../../chunk-7VFGD32I.mjs";
+import "../../chunk-T5A2E2RI.mjs";
+import "../../chunk-VW7DD6HV.mjs";
+import "../../chunk-DJQLN4TR.mjs";
+import "../../chunk-XH7NLHGW.mjs";
+import "../../chunk-AVJHCFRK.mjs";
+import "../../chunk-EREPKWTW.mjs";
+import "../../chunk-GNPQJBFX.mjs";
+import "../../chunk-KLVIROVU.mjs";
+import "../../chunk-JZE2W7VW.mjs";
+import "../../chunk-3KE63N3I.mjs";
+import "../../chunk-4CJ4IVPJ.mjs";
+import "../../chunk-BK2IBTQS.mjs";
+import "../../chunk-DMERADWM.mjs";
+export {
+  checkScope,
+  createBrandKitProxy,
+  createCMAProxy,
+  createLaunchProxy,
+  resolveScope
+};
+//# sourceMappingURL=index.mjs.map

package/dist/server/proxy/index.mjs.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/server/webhooks/index.cjs ADDED Viewed

@@ -0,0 +1,131 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/server/webhooks/index.ts
+var webhooks_exports = {};
+__export(webhooks_exports, {
+  createWebhookHandler: () => createWebhookHandler,
+  verifyWebhookSignature: () => verifyWebhookSignature
+});
+module.exports = __toCommonJS(webhooks_exports);
+// src/server/webhooks/verify.ts
+function hexDecode(hex) {
+  const bytes = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < hex.length; i += 2) {
+    bytes[i / 2] = Number.parseInt(hex.substring(i, i + 2), 16);
+  }
+  return bytes;
+}
+function timingSafeEqual(a, b) {
+  if (a.length !== b.length) return false;
+  let result = 0;
+  for (let i = 0; i < a.length; i++) {
+    result |= (a[i] ?? 0) ^ (b[i] ?? 0);
+  }
+  return result === 0;
+}
+async function verifyWebhookSignature(body, signature, secret) {
+  const encoder = new TextEncoder();
+  const key = await globalThis.crypto.subtle.importKey(
+    "raw",
+    encoder.encode(secret),
+    { name: "HMAC", hash: "SHA-256" },
+    false,
+    ["sign"]
+  );
+  const expectedBuffer = await globalThis.crypto.subtle.sign("HMAC", key, encoder.encode(body));
+  const expectedBytes = new Uint8Array(expectedBuffer);
+  const signatureBytes = hexDecode(signature);
+  return timingSafeEqual(expectedBytes, signatureBytes);
+}
+// src/http/errors.ts
+var ContentstackError = class extends Error {
+  name = "ContentstackError";
+  status;
+  errorCode;
+  errors;
+  requestPath;
+  constructor(message, options) {
+    super(message, options?.cause ? { cause: options.cause } : void 0);
+    this.status = options?.status;
+    this.errorCode = options?.errorCode;
+    this.errors = options?.errors;
+    this.requestPath = options?.requestPath;
+  }
+};
+var ContentstackAuthError = class extends ContentstackError {
+  name = "ContentstackAuthError";
+  status = 401;
+};
+// src/server/webhooks/handler.ts
+var SIGNATURE_HEADER = "x-contentstack-request-signature";
+function parseWebhookBody(body) {
+  const raw = JSON.parse(body);
+  const module2 = raw.module;
+  const event = raw.event;
+  const type = `${module2}.${event}`;
+  return {
+    ...raw,
+    type,
+    module: module2,
+    event
+  };
+}
+function createWebhookHandler(config) {
+  return {
+    /**
+     * Read the request body, verify the signature, and return a typed event.
+     * Throws `ContentstackAuthError` if the signature is missing or invalid.
+     */
+    async verify(request) {
+      const body = await request.text();
+      const signature = request.headers.get(SIGNATURE_HEADER);
+      if (!signature) {
+        throw new ContentstackAuthError("Missing webhook signature header", {
+          status: 401,
+          requestPath: new URL(request.url).pathname
+        });
+      }
+      const valid = await verifyWebhookSignature(body, signature, config.secret);
+      if (!valid) {
+        throw new ContentstackAuthError("Invalid webhook signature", {
+          status: 401,
+          requestPath: new URL(request.url).pathname
+        });
+      }
+      return parseWebhookBody(body);
+    },
+    /**
+     * Read the request body and return a typed event without verifying the signature.
+     */
+    async parse(request) {
+      const body = await request.text();
+      return parseWebhookBody(body);
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createWebhookHandler,
+  verifyWebhookSignature
+});
+//# sourceMappingURL=index.cjs.map

package/dist/server/webhooks/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../src/server/webhooks/index.ts","../../../src/server/webhooks/verify.ts","../../../src/http/errors.ts","../../../src/server/webhooks/handler.ts"],"sourcesContent":["export type {\n WebhookHandlerConfig,\n WebhookEvent,\n BaseWebhookEvent,\n EntryPublishEvent,\n EntryUnpublishEvent,\n EntryUpdateEvent,\n EntryCreateEvent,\n EntryDeleteEvent,\n AssetPublishEvent,\n AssetUnpublishEvent,\n AssetDeleteEvent,\n ContentTypeCreateEvent,\n ContentTypeUpdateEvent,\n ContentTypeDeleteEvent,\n} from \"./types.js\"\nexport { verifyWebhookSignature } from \"./verify.js\"\nexport { createWebhookHandler } from \"./handler.js\"\n","/**\n * Webhook signature verification using HMAC-SHA256.\n * Uses the Web Crypto API for cross-runtime compatibility (Node 18+, Deno, Bun, edge).\n */\n\nfunction hexEncode(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer)\n let hex = \"\"\n for (const byte of bytes) {\n hex += byte.toString(16).padStart(2, \"0\")\n }\n return hex\n}\n\nfunction hexDecode(hex: string): Uint8Array {\n const bytes = new Uint8Array(hex.length / 2)\n for (let i = 0; i < hex.length; i += 2) {\n bytes[i / 2] = Number.parseInt(hex.substring(i, i + 2), 16)\n }\n return bytes\n}\n\n/**\n * Constant-time comparison of two byte arrays.\n * Prevents timing attacks by always comparing all bytes regardless of mismatch.\n */\nfunction timingSafeEqual(a: Uint8Array, b: Uint8Array): boolean {\n if (a.length !== b.length) return false\n let result = 0\n for (let i = 0; i < a.length; i++) {\n result |= (a[i] ?? 0) ^ (b[i] ?? 0)\n }\n return result === 0\n}\n\n/**\n * Verify a Contentstack webhook signature using HMAC-SHA256.\n *\n * @param body - The raw request body string\n * @param signature - The hex-encoded signature from the `X-Contentstack-Request-Signature` header\n * @param secret - The webhook secret configured in Contentstack\n * @returns `true` if the signature is valid\n */\nexport async function verifyWebhookSignature(\n body: string,\n signature: string,\n secret: string,\n): Promise<boolean> {\n const encoder = new TextEncoder()\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n )\n\n const expectedBuffer = await globalThis.crypto.subtle.sign(\"HMAC\", key, encoder.encode(body))\n const expectedBytes = new Uint8Array(expectedBuffer)\n const signatureBytes = hexDecode(signature)\n\n return timingSafeEqual(expectedBytes, signatureBytes)\n}\n","/**\n * Base error class for all Contentstack SDK errors.\n * Every error includes an actionable message and relevant context.\n */\nexport class ContentstackError extends Error {\n override readonly name: string = \"ContentstackError\"\n readonly status?: number\n readonly errorCode?: number\n readonly errors?: Record<string, string[]>\n readonly requestPath?: string\n\n constructor(\n message: string,\n options?: {\n status?: number\n errorCode?: number\n errors?: Record<string, string[]>\n requestPath?: string\n cause?: Error\n },\n ) {\n super(message, options?.cause ? { cause: options.cause } : undefined)\n this.status = options?.status\n this.errorCode = options?.errorCode\n this.errors = options?.errors\n this.requestPath = options?.requestPath\n }\n}\n\nexport class ContentstackAuthError extends ContentstackError {\n override readonly name = \"ContentstackAuthError\"\n override readonly status = 401\n}\n\nexport class ContentstackForbiddenError extends ContentstackError {\n override readonly name = \"ContentstackForbiddenError\"\n override readonly status = 403\n}\n\nexport class ContentstackNotFoundError extends ContentstackError {\n override readonly name = \"ContentstackNotFoundError\"\n override readonly status = 404\n}\n\nexport class ContentstackValidationError extends ContentstackError {\n override readonly name = \"ContentstackValidationError\"\n override readonly status: number\n\n constructor(\n message: string,\n options?: {\n status?: number\n errorCode?: number\n errors?: Record<string, string[]>\n requestPath?: string\n cause?: Error\n },\n ) {\n super(message, options)\n this.status = options?.status ?? 400\n }\n}\n\nexport class ContentstackInvalidApiKeyError extends ContentstackError {\n override readonly name = \"ContentstackInvalidApiKeyError\"\n override readonly status = 412\n}\n\nexport class ContentstackRateLimitError extends ContentstackError {\n override readonly name = \"ContentstackRateLimitError\"\n override readonly status = 429\n readonly retryAfter?: number\n\n constructor(\n message: string,\n options?: {\n errorCode?: number\n errors?: Record<string, string[]>\n requestPath?: string\n cause?: Error\n retryAfter?: number\n },\n ) {\n super(message, { ...options, status: 429 })\n this.retryAfter = options?.retryAfter\n }\n}\n\nexport class ContentstackServerError extends ContentstackError {\n override readonly name = \"ContentstackServerError\"\n}\n\nexport class ContentstackConfigError extends ContentstackError {\n override readonly name = \"ContentstackConfigError\"\n}\n","import { ContentstackAuthError } from \"../../index.js\"\nimport type { WebhookEvent, WebhookHandlerConfig } from \"./types.js\"\nimport { verifyWebhookSignature } from \"./verify.js\"\n\nconst SIGNATURE_HEADER = \"x-contentstack-request-signature\"\n\nfunction parseWebhookBody(body: string): WebhookEvent {\n const raw = JSON.parse(body) as Record<string, unknown>\n const module = raw.module as string\n const event = raw.event as string\n const type = `${module}.${event}`\n\n return {\n ...raw,\n type,\n module,\n event,\n } as WebhookEvent\n}\n\n/**\n * Create a webhook handler with signature verification and typed event parsing.\n *\n * @example\n * ```ts\n * const handler = createWebhookHandler({ secret: process.env.WEBHOOK_SECRET })\n *\n * // In a route handler:\n * const event = await handler.verify(request)\n * if (event.type === \"entry.publish\") {\n * console.log(event.data.entry.uid)\n * }\n * ```\n */\nexport function createWebhookHandler(config: WebhookHandlerConfig) {\n return {\n /**\n * Read the request body, verify the signature, and return a typed event.\n * Throws `ContentstackAuthError` if the signature is missing or invalid.\n */\n async verify(request: Request): Promise<WebhookEvent> {\n const body = await request.text()\n const signature = request.headers.get(SIGNATURE_HEADER)\n\n if (!signature) {\n throw new ContentstackAuthError(\"Missing webhook signature header\", {\n status: 401,\n requestPath: new URL(request.url).pathname,\n })\n }\n\n const valid = await verifyWebhookSignature(body, signature, config.secret)\n if (!valid) {\n throw new ContentstackAuthError(\"Invalid webhook signature\", {\n status: 401,\n requestPath: new URL(request.url).pathname,\n })\n }\n\n return parseWebhookBody(body)\n },\n\n /**\n * Read the request body and return a typed event without verifying the signature.\n */\n async parse(request: Request): Promise<WebhookEvent> {\n const body = await request.text()\n return parseWebhookBody(body)\n },\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACcA,SAAS,UAAU,KAAyB;AAC1C,QAAM,QAAQ,IAAI,WAAW,IAAI,SAAS,CAAC;AAC3C,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK,GAAG;AACtC,UAAM,IAAI,CAAC,IAAI,OAAO,SAAS,IAAI,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE;AAAA,EAC5D;AACA,SAAO;AACT;AAMA,SAAS,gBAAgB,GAAe,GAAwB;AAC9D,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI,SAAS;AACb,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AACjC,eAAW,EAAE,CAAC,KAAK,MAAM,EAAE,CAAC,KAAK;AAAA,EACnC;AACA,SAAO,WAAW;AACpB;AAUA,eAAsB,uBACpB,MACA,WACA,QACkB;AAClB,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,IACzC;AAAA,IACA,QAAQ,OAAO,MAAM;AAAA,IACrB,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC;AAAA,IACA,CAAC,MAAM;AAAA,EACT;AAEA,QAAM,iBAAiB,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,QAAQ,OAAO,IAAI,CAAC;AAC5F,QAAM,gBAAgB,IAAI,WAAW,cAAc;AACnD,QAAM,iBAAiB,UAAU,SAAS;AAE1C,SAAO,gBAAgB,eAAe,cAAc;AACtD;;;AC1DO,IAAM,oBAAN,cAAgC,MAAM;AAAA,EACzB,OAAe;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAET,YACE,SACA,SAOA;AACA,UAAM,SAAS,SAAS,QAAQ,EAAE,OAAO,QAAQ,MAAM,IAAI,MAAS;AACpE,SAAK,SAAS,SAAS;AACvB,SAAK,YAAY,SAAS;AAC1B,SAAK,SAAS,SAAS;AACvB,SAAK,cAAc,SAAS;AAAA,EAC9B;AACF;AAEO,IAAM,wBAAN,cAAoC,kBAAkB;AAAA,EACzC,OAAO;AAAA,EACP,SAAS;AAC7B;;;AC5BA,IAAM,mBAAmB;AAEzB,SAAS,iBAAiB,MAA4B;AACpD,QAAM,MAAM,KAAK,MAAM,IAAI;AAC3B,QAAMA,UAAS,IAAI;AACnB,QAAM,QAAQ,IAAI;AAClB,QAAM,OAAO,GAAGA,OAAM,IAAI,KAAK;AAE/B,SAAO;AAAA,IACL,GAAG;AAAA,IACH;AAAA,IACA,QAAAA;AAAA,IACA;AAAA,EACF;AACF;AAgBO,SAAS,qBAAqB,QAA8B;AACjE,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA,IAKL,MAAM,OAAO,SAAyC;AACpD,YAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,YAAM,YAAY,QAAQ,QAAQ,IAAI,gBAAgB;AAEtD,UAAI,CAAC,WAAW;AACd,cAAM,IAAI,sBAAsB,oCAAoC;AAAA,UAClE,QAAQ;AAAA,UACR,aAAa,IAAI,IAAI,QAAQ,GAAG,EAAE;AAAA,QACpC,CAAC;AAAA,MACH;AAEA,YAAM,QAAQ,MAAM,uBAAuB,MAAM,WAAW,OAAO,MAAM;AACzE,UAAI,CAAC,OAAO;AACV,cAAM,IAAI,sBAAsB,6BAA6B;AAAA,UAC3D,QAAQ;AAAA,UACR,aAAa,IAAI,IAAI,QAAQ,GAAG,EAAE;AAAA,QACpC,CAAC;AAAA,MACH;AAEA,aAAO,iBAAiB,IAAI;AAAA,IAC9B;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,MAAM,SAAyC;AACnD,YAAM,OAAO,MAAM,QAAQ,KAAK;AAChC,aAAO,iBAAiB,IAAI;AAAA,IAC9B;AAAA,EACF;AACF;","names":["module"]}