@uipath/uipath-typescript 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -3883,6 +3883,7 @@ class ExecutionContext {
3883
3883
  * Checks if code is running in a browser environment
3884
3884
  */
3885
3885
  const isBrowser = typeof window !== 'undefined' && typeof window.document !== 'undefined';
3886
+ const isInActionCenter = isBrowser && window.self != window.top && window.location.href.includes('source=ActionCenter');
3886
3887
 
3887
3888
  /**
3888
3889
  * Session storage keys used by the auth module
@@ -4199,6 +4200,102 @@ function getErrorDetails(error) {
4199
4200
  };
4200
4201
  }
4201
4202
 
4203
+ var ActionCenterEventNames;
4204
+ (function (ActionCenterEventNames) {
4205
+ ActionCenterEventNames["TOKENREFRESHED"] = "AC.tokenRefreshed";
4206
+ ActionCenterEventNames["REFRESHTOKEN"] = "AC.refreshToken";
4207
+ })(ActionCenterEventNames || (ActionCenterEventNames = {}));
4208
+
4209
+ const AUTHENTICATION_TIMEOUT = 8000;
4210
+ class ActionCenterTokenManager {
4211
+ constructor(config, onTokenRefreshed) {
4212
+ this.config = config;
4213
+ this.onTokenRefreshed = onTokenRefreshed;
4214
+ this.parentOrigin = new URLSearchParams(window.location.search).get('basedomain');
4215
+ this.refreshPromise = null;
4216
+ }
4217
+ async refreshAccessToken(tokenInfo) {
4218
+ if (!this.isTokenExpired(tokenInfo)) {
4219
+ return tokenInfo.token;
4220
+ }
4221
+ if (this.refreshPromise) {
4222
+ return this.refreshPromise;
4223
+ }
4224
+ this.refreshPromise = new Promise((resolve, reject) => {
4225
+ const content = {
4226
+ clientId: this.config.clientId,
4227
+ scope: this.config.scope,
4228
+ };
4229
+ this.sendMessageToParent(ActionCenterEventNames.REFRESHTOKEN, content);
4230
+ const messageListener = (event) => {
4231
+ if (event.origin !== this.parentOrigin)
4232
+ return;
4233
+ if (event.data?.eventType !== ActionCenterEventNames.TOKENREFRESHED)
4234
+ return;
4235
+ clearTimeout(timer);
4236
+ if (event.data?.content?.token) {
4237
+ const { accessToken, expiresAt } = event.data.content.token;
4238
+ this.onTokenRefreshed({ token: accessToken, type: 'secret', expiresAt });
4239
+ resolve(accessToken);
4240
+ }
4241
+ else {
4242
+ reject(new AuthenticationError({
4243
+ message: 'Failed to fetch access token',
4244
+ statusCode: HttpStatus.UNAUTHORIZED,
4245
+ }));
4246
+ }
4247
+ this.refreshPromise = null;
4248
+ this.cleanup(messageListener);
4249
+ };
4250
+ const timer = setTimeout(() => {
4251
+ reject(new AuthenticationError({
4252
+ message: 'Failed to fetch access token',
4253
+ statusCode: HttpStatus.UNAUTHORIZED,
4254
+ }));
4255
+ this.refreshPromise = null;
4256
+ this.cleanup(messageListener);
4257
+ }, AUTHENTICATION_TIMEOUT);
4258
+ window.addEventListener('message', messageListener);
4259
+ });
4260
+ return this.refreshPromise;
4261
+ }
4262
+ isTokenExpired(tokenInfo) {
4263
+ if (!tokenInfo?.expiresAt) {
4264
+ return true;
4265
+ }
4266
+ return new Date() >= tokenInfo.expiresAt;
4267
+ }
4268
+ sendMessageToParent(eventType, content) {
4269
+ if (window.parent && this.isValidOrigin(this.parentOrigin)) {
4270
+ try {
4271
+ window.parent.postMessage({ eventType, content }, this.parentOrigin);
4272
+ }
4273
+ catch (error) {
4274
+ console.warn('Failed to send message to Action Center', JSON.stringify(error));
4275
+ }
4276
+ }
4277
+ }
4278
+ cleanup(messageListener) {
4279
+ window.removeEventListener('message', messageListener);
4280
+ }
4281
+ isValidOrigin(origin) {
4282
+ const ALLOWED_ORIGINS = ['https://alpha.uipath.com', 'https://staging.uipath.com', 'https://cloud.uipath.com'];
4283
+ if (!origin) {
4284
+ return false;
4285
+ }
4286
+ if (ALLOWED_ORIGINS.includes(origin)) {
4287
+ return true;
4288
+ }
4289
+ try {
4290
+ const url = new URL(origin);
4291
+ return url.hostname === 'localhost';
4292
+ }
4293
+ catch {
4294
+ return false;
4295
+ }
4296
+ }
4297
+ }
4298
+
4202
4299
  /**
4203
4300
  * TokenManager is responsible for managing authentication tokens.
4204
4301
  * It provides token operations for a specific client ID.
@@ -4217,6 +4314,11 @@ class TokenManager {
4217
4314
  this.config = config;
4218
4315
  this.isOAuth = isOAuth;
4219
4316
  this.refreshPromise = null;
4317
+ this.actionCenterTokenManager = null;
4318
+ if (isInActionCenter) {
4319
+ this.actionCenterTokenManager = new ActionCenterTokenManager(config, (tokenInfo) => this.setToken(tokenInfo));
4320
+ this.isOAuth = false;
4321
+ }
4220
4322
  }
4221
4323
  /**
4222
4324
  * Checks if a token is expired
@@ -4244,6 +4346,9 @@ class TokenManager {
4244
4346
  message: 'No authentication token available. Make sure to initialize the SDK first.'
4245
4347
  });
4246
4348
  }
4349
+ if (this.actionCenterTokenManager) {
4350
+ return await this.actionCenterTokenManager.refreshAccessToken(tokenInfo);
4351
+ }
4247
4352
  // For secret-based tokens, they never expire
4248
4353
  if (tokenInfo.type === 'secret') {
4249
4354
  return tokenInfo.token;
@@ -4388,9 +4493,6 @@ class TokenManager {
4388
4493
  clearToken() {
4389
4494
  this.currentToken = undefined;
4390
4495
  this.executionContext.set('tokenInfo', undefined);
4391
- const headers = this.executionContext.getHeaders();
4392
- delete headers['Authorization'];
4393
- this.executionContext.setHeaders(headers);
4394
4496
  // Remove from session storage if this is an OAuth token
4395
4497
  if (isBrowser && this.isOAuth) {
4396
4498
  try {
@@ -4406,10 +4508,6 @@ class TokenManager {
4406
4508
  */
4407
4509
  _updateExecutionContext(tokenInfo) {
4408
4510
  this.executionContext.set('tokenInfo', tokenInfo);
4409
- // Update authorization header
4410
- this.executionContext.setHeaders({
4411
- 'Authorization': `Bearer ${tokenInfo.token}`
4412
- });
4413
4511
  }
4414
4512
  /**
4415
4513
  * Refreshes the access token using the stored refresh token.
@@ -4613,8 +4711,15 @@ const IDENTITY_ENDPOINTS = {
4613
4711
 
4614
4712
  class AuthService {
4615
4713
  constructor(config, executionContext) {
4616
- // Check if we should use stored OAuth context instead of provided config
4617
- const storedContext = AuthService.getStoredOAuthContext();
4714
+ // Only use stored OAuth context when completing an active callback (URL has ?code=).
4715
+ // If stored context exists but we're NOT in a callback, it's stale from a
4716
+ // failed/abandoned flow (e.g. scope mismatch, invalid redirect URI) and must
4717
+ // be cleared so the fresh config takes effect.
4718
+ const isCallback = AuthService.isInOAuthCallback();
4719
+ const storedContext = isCallback ? AuthService.getStoredOAuthContext() : null;
4720
+ if (!isCallback) {
4721
+ AuthService._clearStoredOAuthContext();
4722
+ }
4618
4723
  const effectiveConfig = storedContext ? AuthService._mergeConfigWithContext(config, storedContext) : config;
4619
4724
  this.config = effectiveConfig;
4620
4725
  const isOAuth = hasOAuthConfig(effectiveConfig);
@@ -4661,6 +4766,22 @@ class AuthService {
4661
4766
  return null;
4662
4767
  }
4663
4768
  }
4769
+ /**
4770
+ * Clear stale OAuth context from session storage.
4771
+ * Called when there is no active OAuth callback, meaning any stored context
4772
+ * is left over from a failed or abandoned flow.
4773
+ */
4774
+ static _clearStoredOAuthContext() {
4775
+ if (!isBrowser)
4776
+ return;
4777
+ try {
4778
+ sessionStorage.removeItem(AUTH_STORAGE_KEYS.OAUTH_CONTEXT);
4779
+ sessionStorage.removeItem(AUTH_STORAGE_KEYS.CODE_VERIFIER);
4780
+ }
4781
+ catch {
4782
+ // Ignore storage errors
4783
+ }
4784
+ }
4664
4785
  /**
4665
4786
  * Merges provided config with stored OAuth context, prioritizing stored values
4666
4787
  */
@@ -4969,13 +5090,41 @@ class AuthService {
4969
5090
  }
4970
5091
  }
4971
5092
 
5093
+ /**
5094
+ * Check if config has all required base fields
5095
+ */
5096
+ function hasRequiredBaseFields(config) {
5097
+ return Boolean(config.baseUrl && config.orgName && config.tenantName);
5098
+ }
5099
+ /**
5100
+ * Check if config has exactly one authentication method (secret XOR oauth)
5101
+ * Returns true if exactly one auth method is present, false otherwise
5102
+ */
5103
+ function hasValidAuthConfig(config) {
5104
+ const hasSecret = hasSecretConfig(config);
5105
+ const hasOAuth = hasOAuthConfig(config);
5106
+ // XOR: exactly one auth method, not both, not neither
5107
+ return hasSecret !== hasOAuth;
5108
+ }
4972
5109
  function validateConfig(config) {
4973
- if (!config.baseUrl || !config.orgName || !config.tenantName) {
5110
+ if (!hasRequiredBaseFields(config)) {
4974
5111
  throw new Error('Missing required configuration: baseUrl, orgName, and tenantName are required');
4975
5112
  }
4976
- if (!hasSecretConfig(config) && !hasOAuthConfig(config)) {
4977
- throw new Error('Invalid configuration: must provide either secret or (clientId, redirectUri, and scope)');
5113
+ const hasSecret = hasSecretConfig(config);
5114
+ const hasOAuth = hasOAuthConfig(config);
5115
+ if (hasSecret && hasOAuth) {
5116
+ throw new Error('Invalid configuration: cannot provide both secret and OAuth credentials. Choose one authentication method.');
4978
5117
  }
5118
+ if (!hasSecret && !hasOAuth) {
5119
+ throw new Error('Invalid configuration: must provide either secret or OAuth credentials (clientId, redirectUri, and scope)');
5120
+ }
5121
+ }
5122
+ /**
5123
+ * Check if partial config has all required fields for a complete SDK config
5124
+ * Requires base fields and exactly one authentication method (secret XOR oauth)
5125
+ */
5126
+ function isCompleteConfig(config) {
5127
+ return hasRequiredBaseFields(config) && hasValidAuthConfig(config);
4979
5128
  }
4980
5129
  function normalizeBaseUrl(url) {
4981
5130
  return url.endsWith('/') ? url.slice(0, -1) : url;
@@ -4987,7 +5136,7 @@ function normalizeBaseUrl(url) {
4987
5136
  // Connection string placeholder that will be replaced during build
4988
5137
  const CONNECTION_STRING = "InstrumentationKey=a6efa11d-1feb-4508-9738-e13e12dcae5e;IngestionEndpoint=https://westeurope-5.in.applicationinsights.azure.com/;LiveEndpoint=https://westeurope.livediagnostics.monitor.azure.com/;ApplicationId=7c58eb1c-9581-4ba6-839e-11725848a037";
4989
5138
  // SDK Version placeholder
4990
- const SDK_VERSION = "1.1.1";
5139
+ const SDK_VERSION = "1.1.2";
4991
5140
  const VERSION = "Version";
4992
5141
  const SERVICE = "Service";
4993
5142
  const CLOUD_ORGANIZATION_NAME = "CloudOrganizationName";
@@ -5316,19 +5465,71 @@ class SDKInternalsRegistry {
5316
5465
  }
5317
5466
  }
5318
5467
 
5319
- var _UiPath_config, _UiPath_authService, _UiPath_initialized;
5468
+ /**
5469
+ * UiPath meta tag names for runtime configuration.
5470
+ *
5471
+ * These meta tags are injected at deployment time by the Apps Service
5472
+ * to configure SDK authentication and asset resolution in production.
5473
+ */
5474
+ var UiPathMetaTags;
5475
+ (function (UiPathMetaTags) {
5476
+ // SDK/OAuth configuration
5477
+ UiPathMetaTags["CLIENT_ID"] = "uipath:client-id";
5478
+ UiPathMetaTags["SCOPE"] = "uipath:scope";
5479
+ UiPathMetaTags["ORG_NAME"] = "uipath:org-name";
5480
+ UiPathMetaTags["TENANT_NAME"] = "uipath:tenant-name";
5481
+ UiPathMetaTags["BASE_URL"] = "uipath:base-url";
5482
+ UiPathMetaTags["REDIRECT_URI"] = "uipath:redirect-uri";
5483
+ // Asset resolution and routing
5484
+ UiPathMetaTags["CDN_BASE"] = "uipath:cdn-base";
5485
+ UiPathMetaTags["APP_BASE"] = "uipath:app-base";
5486
+ })(UiPathMetaTags || (UiPathMetaTags = {}));
5487
+
5488
+ /**
5489
+ * Get the content of a meta tag by name.
5490
+ * Returns undefined if not in browser environment or meta tag is not found.
5491
+ */
5492
+ function getMetaTagContent(name) {
5493
+ if (!isBrowser)
5494
+ return undefined;
5495
+ return document.querySelector(`meta[name="${name}"]`)?.content;
5496
+ }
5497
+ /**
5498
+ * Load configuration from HTML meta tags injected at runtime.
5499
+ * These meta tags are injected by @uipath/coded-apps during build
5500
+ * or by the Apps service during deployment.
5501
+ *
5502
+ * Returns partial config with values found, or null if no meta tags present.
5503
+ */
5504
+ function loadFromMetaTags() {
5505
+ if (!isBrowser)
5506
+ return null;
5507
+ const config = {
5508
+ clientId: getMetaTagContent(UiPathMetaTags.CLIENT_ID),
5509
+ scope: getMetaTagContent(UiPathMetaTags.SCOPE),
5510
+ orgName: getMetaTagContent(UiPathMetaTags.ORG_NAME),
5511
+ tenantName: getMetaTagContent(UiPathMetaTags.TENANT_NAME),
5512
+ baseUrl: getMetaTagContent(UiPathMetaTags.BASE_URL),
5513
+ redirectUri: getMetaTagContent(UiPathMetaTags.REDIRECT_URI),
5514
+ };
5515
+ const hasAnyValue = Object.values(config).some(Boolean);
5516
+ return hasAnyValue ? config : null;
5517
+ }
5518
+
5519
+ var _UiPath_instances, _UiPath_config, _UiPath_authService, _UiPath_initialized, _UiPath_partialConfig, _UiPath_initializeWithConfig, _UiPath_loadConfig;
5320
5520
  /**
5321
5521
  * UiPath - Core SDK class for authentication and configuration management.
5322
5522
  *
5323
5523
  * Handles authentication, configuration, and provides access to SDK internals
5324
5524
  * for service instantiation in the modular pattern.
5325
5525
  *
5526
+ * Supports two usage patterns:
5527
+ * 1. Full config in constructor — for server-side or explicit configuration
5528
+ * 2. No config / partial config — loads from meta tags injected by @uipath/coded-apps plugin
5529
+ *
5326
5530
  * @example
5327
5531
  * ```typescript
5328
- * // Modular pattern
5329
- * import { UiPath } from '@uipath/uipath-typescript/core';
5330
- * import { Entities } from '@uipath/uipath-typescript/entities';
5331
- *
5532
+ * // Explicit config
5332
5533
  * const sdk = new UiPath({
5333
5534
  * baseUrl: 'https://cloud.uipath.com',
5334
5535
  * orgName: 'myorg',
@@ -5337,70 +5538,47 @@ var _UiPath_config, _UiPath_authService, _UiPath_initialized;
5337
5538
  * redirectUri: 'http://localhost:3000/callback',
5338
5539
  * scope: 'OR.Users OR.Robots'
5339
5540
  * });
5340
- *
5341
5541
  * await sdk.initialize();
5542
+ * ```
5342
5543
  *
5343
- * const entitiesService = new Entities(sdk);
5344
- * const allEntities = await entitiesService.getAll();
5544
+ * @example
5545
+ * ```typescript
5546
+ * // Auto-load from meta tags (coded apps)
5547
+ * const sdk = new UiPath();
5548
+ * await sdk.initialize();
5345
5549
  * ```
5346
5550
  */
5347
5551
  let UiPath$1 = class UiPath {
5348
5552
  constructor(config) {
5553
+ _UiPath_instances.add(this);
5349
5554
  // Private fields - true runtime privacy, not visible via Object.keys()
5350
5555
  _UiPath_config.set(this, void 0);
5351
5556
  _UiPath_authService.set(this, void 0);
5352
5557
  _UiPath_initialized.set(this, false);
5353
- // Validate and normalize the configuration
5354
- validateConfig(config);
5355
- const hasSecretAuth = hasSecretConfig(config);
5356
- const hasOAuthAuth = hasOAuthConfig(config);
5357
- // Initialize core components
5358
- const internalConfig = new UiPathConfig({
5359
- baseUrl: normalizeBaseUrl(config.baseUrl),
5360
- orgName: config.orgName,
5361
- tenantName: config.tenantName,
5362
- secret: hasSecretAuth ? config.secret : undefined,
5363
- clientId: hasOAuthAuth ? config.clientId : undefined,
5364
- redirectUri: hasOAuthAuth ? config.redirectUri : undefined,
5365
- scope: hasOAuthAuth ? config.scope : undefined
5366
- });
5367
- const executionContext = new ExecutionContext();
5368
- __classPrivateFieldSet(this, _UiPath_authService, new AuthService(internalConfig, executionContext), "f");
5369
- __classPrivateFieldSet(this, _UiPath_config, internalConfig, "f");
5370
- // Store internals in SDKInternalsRegistry (not visible on instance)
5371
- SDKInternalsRegistry.set(this, {
5372
- config: internalConfig,
5373
- context: executionContext,
5374
- tokenManager: __classPrivateFieldGet(this, _UiPath_authService, "f").getTokenManager()
5375
- });
5376
- // Expose read-only config for user convenience
5377
- this.config = {
5378
- baseUrl: internalConfig.baseUrl,
5379
- orgName: internalConfig.orgName,
5380
- tenantName: internalConfig.tenantName
5381
- };
5382
- // Initialize telemetry with SDK configuration
5383
- telemetryClient.initialize({
5384
- baseUrl: config.baseUrl,
5385
- orgName: config.orgName,
5386
- tenantName: config.tenantName,
5387
- clientId: hasOAuthAuth ? config.clientId : undefined,
5388
- redirectUri: hasOAuthAuth ? config.redirectUri : undefined
5389
- });
5390
- // Track SDK initialization
5391
- trackEvent('Sdk.Auth');
5392
- // Auto-initialize for secret-based auth
5393
- if (hasSecretAuth) {
5394
- __classPrivateFieldGet(this, _UiPath_authService, "f").authenticateWithSecret(config.secret);
5395
- __classPrivateFieldSet(this, _UiPath_initialized, true, "f");
5558
+ _UiPath_partialConfig.set(this, void 0);
5559
+ // Load configuration from meta tags
5560
+ const configFromMetaTags = loadFromMetaTags();
5561
+ // Merge configuration: constructor config overrides meta tags
5562
+ const mergedConfig = config ? { ...configFromMetaTags, ...config } : configFromMetaTags;
5563
+ if (mergedConfig && isCompleteConfig(mergedConfig)) {
5564
+ __classPrivateFieldGet(this, _UiPath_instances, "m", _UiPath_initializeWithConfig).call(this, mergedConfig);
5565
+ }
5566
+ else if (config) {
5567
+ __classPrivateFieldSet(this, _UiPath_partialConfig, config, "f");
5396
5568
  }
5397
5569
  }
5398
5570
  /**
5399
5571
  * Initialize the SDK based on the provided configuration.
5400
5572
  * This method handles both OAuth flow initiation and completion automatically.
5401
5573
  * For secret-based authentication, initialization is automatic and this returns immediately.
5574
+ * If no config was provided in constructor, loads from meta tags.
5402
5575
  */
5403
5576
  async initialize() {
5577
+ // Load config from meta tags if not provided in constructor
5578
+ if (!__classPrivateFieldGet(this, _UiPath_config, "f")) {
5579
+ const loadedConfig = __classPrivateFieldGet(this, _UiPath_instances, "m", _UiPath_loadConfig).call(this);
5580
+ __classPrivateFieldGet(this, _UiPath_instances, "m", _UiPath_initializeWithConfig).call(this, loadedConfig);
5581
+ }
5404
5582
  // For secret-based auth, it's already initialized in constructor
5405
5583
  if (hasSecretConfig(__classPrivateFieldGet(this, _UiPath_config, "f"))) {
5406
5584
  return;
@@ -5447,6 +5625,11 @@ let UiPath$1 = class UiPath {
5447
5625
  if (!AuthService.isInOAuthCallback()) {
5448
5626
  throw new Error('Not in OAuth callback state. Call initialize() first to start OAuth flow.');
5449
5627
  }
5628
+ // Load config if not yet initialized
5629
+ if (!__classPrivateFieldGet(this, _UiPath_config, "f")) {
5630
+ const loadedConfig = __classPrivateFieldGet(this, _UiPath_instances, "m", _UiPath_loadConfig).call(this);
5631
+ __classPrivateFieldGet(this, _UiPath_instances, "m", _UiPath_initializeWithConfig).call(this, loadedConfig);
5632
+ }
5450
5633
  try {
5451
5634
  const success = await __classPrivateFieldGet(this, _UiPath_authService, "f").authenticate(__classPrivateFieldGet(this, _UiPath_config, "f"));
5452
5635
  if (success && this.isAuthenticated()) {
@@ -5464,13 +5647,13 @@ let UiPath$1 = class UiPath {
5464
5647
  * Check if the user is authenticated (has valid token)
5465
5648
  */
5466
5649
  isAuthenticated() {
5467
- return __classPrivateFieldGet(this, _UiPath_authService, "f").hasValidToken();
5650
+ return __classPrivateFieldGet(this, _UiPath_authService, "f")?.hasValidToken() ?? false;
5468
5651
  }
5469
5652
  /**
5470
5653
  * Get the current authentication token
5471
5654
  */
5472
5655
  getToken() {
5473
- return __classPrivateFieldGet(this, _UiPath_authService, "f").getToken();
5656
+ return __classPrivateFieldGet(this, _UiPath_authService, "f")?.getToken();
5474
5657
  }
5475
5658
  /**
5476
5659
  * Logout from the SDK, clearing all authentication state.
@@ -5478,14 +5661,71 @@ let UiPath$1 = class UiPath {
5478
5661
  */
5479
5662
  logout() {
5480
5663
  // Secret-based auth has no session to end — skip silently
5481
- if (hasSecretConfig(__classPrivateFieldGet(this, _UiPath_config, "f"))) {
5664
+ if (__classPrivateFieldGet(this, _UiPath_config, "f") && hasSecretConfig(__classPrivateFieldGet(this, _UiPath_config, "f"))) {
5482
5665
  return;
5483
5666
  }
5484
- __classPrivateFieldGet(this, _UiPath_authService, "f").logout();
5667
+ __classPrivateFieldGet(this, _UiPath_authService, "f")?.logout();
5485
5668
  __classPrivateFieldSet(this, _UiPath_initialized, false, "f");
5486
5669
  }
5487
5670
  };
5488
- _UiPath_config = new WeakMap(), _UiPath_authService = new WeakMap(), _UiPath_initialized = new WeakMap();
5671
+ _UiPath_config = new WeakMap(), _UiPath_authService = new WeakMap(), _UiPath_initialized = new WeakMap(), _UiPath_partialConfig = new WeakMap(), _UiPath_instances = new WeakSet(), _UiPath_initializeWithConfig = function _UiPath_initializeWithConfig(config) {
5672
+ // Validate and normalize the configuration
5673
+ validateConfig(config);
5674
+ const hasSecretAuth = hasSecretConfig(config);
5675
+ const hasOAuthAuth = hasOAuthConfig(config);
5676
+ // Initialize core components
5677
+ const internalConfig = new UiPathConfig({
5678
+ baseUrl: normalizeBaseUrl(config.baseUrl),
5679
+ orgName: config.orgName,
5680
+ tenantName: config.tenantName,
5681
+ secret: hasSecretAuth ? config.secret : undefined,
5682
+ clientId: hasOAuthAuth ? config.clientId : undefined,
5683
+ redirectUri: hasOAuthAuth ? config.redirectUri : undefined,
5684
+ scope: hasOAuthAuth ? config.scope : undefined
5685
+ });
5686
+ const executionContext = new ExecutionContext();
5687
+ __classPrivateFieldSet(this, _UiPath_authService, new AuthService(internalConfig, executionContext), "f");
5688
+ __classPrivateFieldSet(this, _UiPath_config, internalConfig, "f");
5689
+ // Store internals in SDKInternalsRegistry (not visible on instance)
5690
+ SDKInternalsRegistry.set(this, {
5691
+ config: internalConfig,
5692
+ context: executionContext,
5693
+ tokenManager: __classPrivateFieldGet(this, _UiPath_authService, "f").getTokenManager()
5694
+ });
5695
+ // Expose read-only config for user convenience
5696
+ this.config = {
5697
+ baseUrl: internalConfig.baseUrl,
5698
+ orgName: internalConfig.orgName,
5699
+ tenantName: internalConfig.tenantName
5700
+ };
5701
+ // Initialize telemetry with SDK configuration
5702
+ telemetryClient.initialize({
5703
+ baseUrl: config.baseUrl,
5704
+ orgName: config.orgName,
5705
+ tenantName: config.tenantName,
5706
+ clientId: hasOAuthAuth ? config.clientId : undefined,
5707
+ redirectUri: hasOAuthAuth ? config.redirectUri : undefined
5708
+ });
5709
+ // Track SDK initialization
5710
+ trackEvent('Sdk.Auth');
5711
+ /** Auto-initialize for secret-based auth
5712
+ * When viewed in Action Center, initialize tokenInfo with empty token. When an sdk call is made Action Center passes the token to sdk.
5713
+ */
5714
+ if (hasSecretAuth || isInActionCenter) {
5715
+ __classPrivateFieldGet(this, _UiPath_authService, "f").authenticateWithSecret(config.secret ?? '');
5716
+ __classPrivateFieldSet(this, _UiPath_initialized, true, "f");
5717
+ }
5718
+ }, _UiPath_loadConfig = function _UiPath_loadConfig() {
5719
+ // Load from meta tags
5720
+ const metaConfig = loadFromMetaTags();
5721
+ // Merge with any partial config from constructor (constructor overrides meta tags)
5722
+ const merged = { ...metaConfig, ...__classPrivateFieldGet(this, _UiPath_partialConfig, "f") };
5723
+ if (!isCompleteConfig(merged)) {
5724
+ throw new Error('UiPath SDK configuration not found. ' +
5725
+ 'Ensure @uipath/coded-apps plugin is set up in your bundler to inject configuration during development and build.');
5726
+ }
5727
+ return merged;
5728
+ };
5489
5729
 
5490
5730
  /**
5491
5731
  * Type guards for error response types
@@ -5764,15 +6004,6 @@ class ApiClient {
5764
6004
  async getDefaultHeaders() {
5765
6005
  // Get headers from execution context first
5766
6006
  const contextHeaders = this.executionContext.getHeaders();
5767
- // If Authorization header is already set in context, use that
5768
- if (contextHeaders['Authorization']) {
5769
- return {
5770
- ...contextHeaders,
5771
- 'Content-Type': CONTENT_TYPES.JSON,
5772
- ...this.defaultHeaders,
5773
- ...this.clientConfig.headers
5774
- };
5775
- }
5776
6007
  const token = await this.getValidToken();
5777
6008
  return {
5778
6009
  ...contextHeaders,
@@ -11116,4 +11347,79 @@ const UserSettingsMap = {
11116
11347
  ...CommonFieldMap
11117
11348
  };
11118
11349
 
11119
- export { APP_NAME, AgentMap, AssetValueScope, AssetValueType, AuthenticationError, AuthorizationError, BucketOptions, CLOUD_CLIENT_ID, CLOUD_ORGANIZATION_NAME, CLOUD_REDIRECT_URI, CLOUD_ROLE_NAME, CLOUD_TENANT_NAME, CLOUD_URL, CONNECTION_STRING, CitationErrorType, ConversationMap, DEFAULT_ITEMS_FIELD, DEFAULT_PAGE_SIZE, DEFAULT_TOTAL_COUNT_FIELD, DataDirectionType, DebugMode, EntityFieldDataType, EntityType, ErrorType, EscalationActionType, EscalationRecipientScope, EscalationTriggerType, ExchangeMap, FeedbackRating, FieldDisplayType, HttpStatus, InputStreamSpeechSensitivity, InterruptType, JobPriority, JobState, JobType, JoinType, MAX_PAGE_SIZE, MessageMap, MessageRole, NetworkError, NotFoundError, PackageSourceType, PackageType, ProcessIncidentSeverity, ProcessIncidentStatus, ProcessIncidentType, RateLimitError, ReferenceType, RemoteControlAccess, RobotSize, SDK_LOGGER_NAME, SDK_RUN_EVENT, SDK_SERVICE_NAME, SDK_VERSION, SERVICE, SLADurationUnit, ServerError, SortOrder, StageTaskType, StartStrategy, StopStrategy, TargetFramework, TaskActivityType, TaskPriority, TaskSlaCriteria, TaskSlaStatus, TaskSourceName, TaskStatus, TaskType, UNKNOWN$1 as UNKNOWN, UiPath, UiPathError, UserSettingsMap, VERSION, ValidationError, createAgentWithMethods, createCaseInstanceWithMethods, createConversationWithMethods, createEntityWithMethods, createProcessInstanceWithMethods, createProcessWithMethods, createTaskWithMethods, getErrorDetails, getLimitedPageSize, isAuthenticationError, isAuthorizationError, isNetworkError, isNotFoundError, isRateLimitError, isServerError, isUiPathError, isValidationError, telemetryClient, track, trackEvent };
11350
+ /**
11351
+ * Asset resolution utilities for UiPath Coded Apps
11352
+ *
11353
+ * These helpers enable developers to write code that works identically
11354
+ * in local development and production environments.
11355
+ *
11356
+ * Values are read from meta tags injected at deployment:
11357
+ * - <meta name="uipath:cdn-base" content="https://cdn.example.com/appId/folder">
11358
+ * - <meta name="uipath:app-base" content="/org/apps_/.../public">
11359
+ */
11360
+ /**
11361
+ * Resolves an asset path to the CDN URL (if available)
11362
+ *
11363
+ * In local development: returns path as-is (loads from local dev server)
11364
+ * In production: prepends CDN base URL from meta tag
11365
+ *
11366
+ * @param path - The asset path (e.g., './assets/logo.png' or '/assets/logo.png')
11367
+ * @returns The resolved asset URL
11368
+ *
11369
+ * @example
11370
+ * ```tsx
11371
+ * import { getAsset } from '@uipath/uipath-typescript';
11372
+ * import logoPath from './assets/logo.png';
11373
+ *
11374
+ * function MyComponent() {
11375
+ * return <img src={getAsset(logoPath)} alt="Logo" />;
11376
+ * }
11377
+ * ```
11378
+ */
11379
+ function getAsset(path) {
11380
+ // If path is already an absolute URL, return as-is
11381
+ if (path.startsWith('http://') || path.startsWith('https://')) {
11382
+ return path;
11383
+ }
11384
+ const cdnBase = getMetaTagContent(UiPathMetaTags.CDN_BASE);
11385
+ if (!cdnBase)
11386
+ return path;
11387
+ // Normalize CDN base URL to remove trailing slash
11388
+ const normalizedCdnBase = normalizeBaseUrl(cdnBase);
11389
+ // Normalize path to ensure it starts with /
11390
+ let normalizedPath = path;
11391
+ if (normalizedPath.startsWith('./')) {
11392
+ normalizedPath = normalizedPath.substring(1); // ./assets -> /assets
11393
+ }
11394
+ else if (!normalizedPath.startsWith('/')) {
11395
+ normalizedPath = '/' + normalizedPath; // assets -> /assets
11396
+ }
11397
+ return normalizedCdnBase + normalizedPath;
11398
+ }
11399
+ /**
11400
+ * Returns the app base path for router configuration
11401
+ *
11402
+ * In local development: returns '/'
11403
+ * In production: returns the deployed app path from meta tag
11404
+ *
11405
+ * @returns The app base path
11406
+ *
11407
+ * @example
11408
+ * ```tsx
11409
+ * import { getAppBase } from '@uipath/uipath-typescript';
11410
+ * import { BrowserRouter } from 'react-router-dom';
11411
+ *
11412
+ * function App() {
11413
+ * return (
11414
+ * <BrowserRouter basename={getAppBase()}>
11415
+ * {/* routes *\/}
11416
+ * </BrowserRouter>
11417
+ * );
11418
+ * }
11419
+ * ```
11420
+ */
11421
+ function getAppBase() {
11422
+ return getMetaTagContent(UiPathMetaTags.APP_BASE) || '/';
11423
+ }
11424
+
11425
+ export { APP_NAME, AgentMap, AssetValueScope, AssetValueType, AuthenticationError, AuthorizationError, BucketOptions, CLOUD_CLIENT_ID, CLOUD_ORGANIZATION_NAME, CLOUD_REDIRECT_URI, CLOUD_ROLE_NAME, CLOUD_TENANT_NAME, CLOUD_URL, CONNECTION_STRING, CitationErrorType, ConversationMap, DEFAULT_ITEMS_FIELD, DEFAULT_PAGE_SIZE, DEFAULT_TOTAL_COUNT_FIELD, DataDirectionType, DebugMode, EntityFieldDataType, EntityType, ErrorType, EscalationActionType, EscalationRecipientScope, EscalationTriggerType, ExchangeMap, FeedbackRating, FieldDisplayType, HttpStatus, InputStreamSpeechSensitivity, InterruptType, JobPriority, JobState, JobType, JoinType, MAX_PAGE_SIZE, MessageMap, MessageRole, NetworkError, NotFoundError, PackageSourceType, PackageType, ProcessIncidentSeverity, ProcessIncidentStatus, ProcessIncidentType, RateLimitError, ReferenceType, RemoteControlAccess, RobotSize, SDK_LOGGER_NAME, SDK_RUN_EVENT, SDK_SERVICE_NAME, SDK_VERSION, SERVICE, SLADurationUnit, ServerError, SortOrder, StageTaskType, StartStrategy, StopStrategy, TargetFramework, TaskActivityType, TaskPriority, TaskSlaCriteria, TaskSlaStatus, TaskSourceName, TaskStatus, TaskType, UNKNOWN$1 as UNKNOWN, UiPath, UiPathError, UiPathMetaTags, UserSettingsMap, VERSION, ValidationError, createAgentWithMethods, createCaseInstanceWithMethods, createConversationWithMethods, createEntityWithMethods, createProcessInstanceWithMethods, createProcessWithMethods, createTaskWithMethods, getAppBase, getAsset, getErrorDetails, getLimitedPageSize, isAuthenticationError, isAuthorizationError, isNetworkError, isNotFoundError, isRateLimitError, isServerError, isUiPathError, isValidationError, loadFromMetaTags, telemetryClient, track, trackEvent };