@uniformdev/mesh-sdk 20.50.1 → 20.50.2-alpha.109

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -32,10 +32,14 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
32
32
  var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
33
33
  var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
34
34
  var __privateAdd = (obj, member, value) => member.has(obj) ? __typeError("Cannot add the same private member more than once") : member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
35
+ var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
36
+ var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
35
37
 
36
38
  // src/index.ts
37
39
  var src_exports = {};
38
40
  __export(src_exports, {
41
+ DelegationTokenClient: () => DelegationTokenClient,
42
+ DelegationTokenError: () => DelegationTokenError,
39
43
  IntegrationDefinitionClient: () => IntegrationDefinitionClient,
40
44
  IntegrationInstallationClient: () => IntegrationInstallationClient,
41
45
  functionCallSystemParameters: () => functionCallSystemParameters,
@@ -46,9 +50,109 @@ __export(src_exports, {
46
50
  });
47
51
  module.exports = __toCommonJS(src_exports);
48
52
 
53
+ // src/clients/DelegationTokenClient.ts
54
+ var DelegationTokenError = class extends Error {
55
+ constructor(status, kind, publicMessage) {
56
+ super(publicMessage);
57
+ this.name = "DelegationTokenError";
58
+ this.status = status;
59
+ this.kind = kind;
60
+ }
61
+ };
62
+ var PUBLIC_MESSAGES = {
63
+ bad_request: "Token exchange request was rejected as invalid",
64
+ unauthenticated: "Token exchange authentication failed",
65
+ forbidden: "Token exchange forbidden by server",
66
+ not_found: "Token exchange target was not found",
67
+ rate_limited: "Token exchange rate limit exceeded",
68
+ server_error: "Token exchange server error",
69
+ unknown: "Token exchange failed"
70
+ };
71
+ function classifyDelegationTokenStatus(status) {
72
+ if (status === 400) {
73
+ return "bad_request";
74
+ }
75
+ if (status === 401) {
76
+ return "unauthenticated";
77
+ }
78
+ if (status === 403) {
79
+ return "forbidden";
80
+ }
81
+ if (status === 404) {
82
+ return "not_found";
83
+ }
84
+ if (status === 429) {
85
+ return "rate_limited";
86
+ }
87
+ if (status >= 500) {
88
+ return "server_error";
89
+ }
90
+ return "unknown";
91
+ }
92
+ function buildDelegationTokenError(status) {
93
+ const kind = classifyDelegationTokenStatus(status);
94
+ return new DelegationTokenError(status, kind, PUBLIC_MESSAGES[kind]);
95
+ }
96
+ var _options, _DelegationTokenClient_instances, post_fn;
97
+ var DelegationTokenClient = class {
98
+ constructor(options) {
99
+ __privateAdd(this, _DelegationTokenClient_instances);
100
+ __privateAdd(this, _options);
101
+ __privateSet(this, _options, options);
102
+ }
103
+ /**
104
+ * Exchanges a short-lived session token for a delegation token and refresh token.
105
+ * The session token is obtained by the integration's frontend via `sdk.getSessionToken()`.
106
+ *
107
+ * @deprecated This beta identity delegation API may change with breaking changes.
108
+ */
109
+ async exchangeSessionToken(sessionToken) {
110
+ return __privateMethod(this, _DelegationTokenClient_instances, post_fn).call(this, {
111
+ grant_type: "delegation_token",
112
+ sessionToken,
113
+ integrationId: __privateGet(this, _options).integrationId,
114
+ integrationSecret: __privateGet(this, _options).integrationSecret
115
+ });
116
+ }
117
+ /**
118
+ * Exchanges a refresh token for a new delegation token and a new refresh token.
119
+ *
120
+ * Replay posture: refresh tokens are bearer credentials that are valid until
121
+ * their server-side expiry. They are NOT single-use — a captured refresh token can be
122
+ * replayed by an attacker that also has the integration secret until it expires.
123
+ * Single-use enforcement (refresh-token storage, family/jti tracking, replay revocation)
124
+ * is tracked in `UNI-9279`.
125
+ *
126
+ * @deprecated This beta identity delegation API may change with breaking changes.
127
+ */
128
+ async refreshDelegationToken(refreshToken) {
129
+ return __privateMethod(this, _DelegationTokenClient_instances, post_fn).call(this, {
130
+ grant_type: "refresh_token",
131
+ refreshToken,
132
+ integrationId: __privateGet(this, _options).integrationId,
133
+ integrationSecret: __privateGet(this, _options).integrationSecret
134
+ });
135
+ }
136
+ };
137
+ _options = new WeakMap();
138
+ _DelegationTokenClient_instances = new WeakSet();
139
+ post_fn = async function(body) {
140
+ const url = `${__privateGet(this, _options).apiHost}/api/v1/token`;
141
+ const response = await fetch(url, {
142
+ method: "POST",
143
+ headers: { "Content-Type": "application/json" },
144
+ body: JSON.stringify(body)
145
+ });
146
+ if (!response.ok) {
147
+ await response.text().catch(() => "");
148
+ throw buildDelegationTokenError(response.status);
149
+ }
150
+ return await response.json();
151
+ };
152
+
49
153
  // src/clients/IntegrationDefinitionClient.ts
50
154
  var import_api = require("@uniformdev/context/api");
51
- var _url;
155
+ var _url, _credentialsUrl;
52
156
  var _IntegrationDefinitionClient = class _IntegrationDefinitionClient extends import_api.ApiClient {
53
157
  constructor(options) {
54
158
  super(options);
@@ -59,7 +163,7 @@ var _IntegrationDefinitionClient = class _IntegrationDefinitionClient extends im
59
163
  const fetchUri = this.createUrl(__privateGet(_IntegrationDefinitionClient, _url), { ...options, teamId });
60
164
  return await this.apiClient(fetchUri);
61
165
  }
62
- /** Creates or updates a mesh app definition on a team */
166
+ /** Creates or updates a mesh app definition on a team. Identity-delegation credentials must be minted separately via {@link rotateCredential}. */
63
167
  async upsert(body) {
64
168
  const fetchUri = this.createUrl(__privateGet(_IntegrationDefinitionClient, _url));
65
169
  return await this.apiClient(fetchUri, {
@@ -76,9 +180,37 @@ var _IntegrationDefinitionClient = class _IntegrationDefinitionClient extends im
76
180
  expectNoContent: true
77
181
  });
78
182
  }
183
+ /**
184
+ * Mints or rotates an identity-delegation credential for an integration definition. The plaintext
185
+ * `appSecret` is returned exactly once and is not retrievable afterwards — Uniform stores only
186
+ * the hash. A successful response invalidates any previously-issued secret of the same kind.
187
+ * Caller must be a team admin.
188
+ */
189
+ async rotateCredential(body) {
190
+ const fetchUri = this.createUrl(__privateGet(_IntegrationDefinitionClient, _credentialsUrl));
191
+ return await this.apiClient(fetchUri, {
192
+ method: "POST",
193
+ body: JSON.stringify({ ...body, teamId: this.options.teamId })
194
+ });
195
+ }
196
+ /**
197
+ * Revokes an identity-delegation credential. Future delegation grants and refreshes will fail
198
+ * until a new credential is minted; in-flight delegation tokens remain valid until natural
199
+ * expiry (up to ~15 minutes). Caller must be a team admin.
200
+ */
201
+ async revokeCredential(body) {
202
+ const fetchUri = this.createUrl(__privateGet(_IntegrationDefinitionClient, _credentialsUrl));
203
+ await this.apiClient(fetchUri, {
204
+ method: "DELETE",
205
+ body: JSON.stringify({ ...body, teamId: this.options.teamId }),
206
+ expectNoContent: true
207
+ });
208
+ }
79
209
  };
80
210
  _url = new WeakMap();
211
+ _credentialsUrl = new WeakMap();
81
212
  __privateAdd(_IntegrationDefinitionClient, _url, "/api/v1/integration-definitions");
213
+ __privateAdd(_IntegrationDefinitionClient, _credentialsUrl, "/api/v1/integration-credentials");
82
214
  var IntegrationDefinitionClient = _IntegrationDefinitionClient;
83
215
 
84
216
  // src/clients/IntegrationInstallationClient.ts
@@ -172,7 +304,7 @@ var getLogger = (prefix, debug) => {
172
304
  };
173
305
 
174
306
  // src/temp/version.ts
175
- var UNIFORM_MESH_SDK_VERSION = "20.50.1";
307
+ var UNIFORM_MESH_SDK_VERSION = "20.66.5";
176
308
 
177
309
  // src/framepost/constants.ts
178
310
  var DEFAULT_REQUEST_TIMEOUT = 5e3;
@@ -529,54 +661,167 @@ async function connectToParent({
529
661
  });
530
662
  client.onRequest("metadata-value", onMetadataUpdated);
531
663
  client.onRequest("external-value-update", onValueExternallyUpdated);
664
+ const parent = {
665
+ resize: async ({ height }) => {
666
+ await client.request("resize", { height });
667
+ },
668
+ setValue: async (value) => {
669
+ await client.request("setValue", value);
670
+ },
671
+ openDialog: async (message) => {
672
+ const res = await client.request(
673
+ "openDialog",
674
+ message
675
+ );
676
+ const dialogId = res == null ? void 0 : res.dialogId;
677
+ if (!dialogId) {
678
+ return;
679
+ }
680
+ return new Promise((resolve, reject) => {
681
+ dialogResponseHandlers[dialogId] = { resolve, reject };
682
+ });
683
+ },
684
+ closeDialog: async (message) => {
685
+ await client.request("closeDialog", message);
686
+ },
687
+ getDataResource: async (message) => {
688
+ return await client.request("getDataResource", message, {
689
+ timeout: 3e4
690
+ });
691
+ },
692
+ navigate: async (message) => {
693
+ await client.request("navigate", message);
694
+ },
695
+ reloadLocation: async () => {
696
+ await client.request("reload");
697
+ },
698
+ editConnectedData: async (message) => {
699
+ return await client.request(
700
+ "editConnectedData",
701
+ message,
702
+ {
703
+ timeout: (
704
+ // 24 hours in ms
705
+ 864e5
706
+ )
707
+ }
708
+ );
709
+ },
710
+ getSessionToken: async () => {
711
+ return await client.request("getSessionToken", void 0, {
712
+ // Delegation may wait on consent UI + token API; default framepost timeout (5s) is too short.
713
+ timeout: 12e4
714
+ });
715
+ },
716
+ editorState: createEditorStateApi(client)
717
+ };
532
718
  return {
533
719
  initData,
534
- parent: {
535
- resize: async ({ height }) => {
536
- await client.request("resize", { height });
537
- },
538
- setValue: async (value) => {
539
- await client.request("setValue", value);
540
- },
541
- openDialog: async (message) => {
542
- const res = await client.request(
543
- "openDialog",
544
- message
545
- );
546
- const dialogId = res == null ? void 0 : res.dialogId;
547
- if (!dialogId) {
548
- return;
549
- }
550
- return new Promise((resolve, reject) => {
551
- dialogResponseHandlers[dialogId] = { resolve, reject };
552
- });
553
- },
554
- closeDialog: async (message) => {
555
- await client.request("closeDialog", message);
556
- },
557
- getDataResource: async (message) => {
558
- return await client.request("getDataResource", message, {
559
- timeout: 3e4
560
- });
561
- },
562
- navigate: async (message) => {
563
- await client.request("navigate", message);
564
- },
565
- reloadLocation: async () => {
566
- await client.request("reload");
567
- },
568
- editConnectedData: async (message) => {
569
- return await client.request(
570
- "editConnectedData",
571
- message,
572
- {
573
- timeout: (
574
- // 24 hours in ms
575
- 864e5
576
- )
577
- }
578
- );
720
+ parent
721
+ };
722
+ }
723
+ function createEditorStateApi(client) {
724
+ let cachedRootNodeId;
725
+ return {
726
+ async getRootNodeId() {
727
+ if (cachedRootNodeId) {
728
+ return cachedRootNodeId;
579
729
  }
730
+ const result = await client.request("editorState.getRootNodeId");
731
+ cachedRootNodeId = result;
732
+ return result;
733
+ },
734
+ // Read operations
735
+ async exportTree(params) {
736
+ const result = await client.request("editorState.exportTree", params);
737
+ cachedRootNodeId != null ? cachedRootNodeId : cachedRootNodeId = result == null ? void 0 : result._id;
738
+ return result;
739
+ },
740
+ async exportSubtree(params) {
741
+ return await client.request("editorState.exportSubtree", params);
742
+ },
743
+ async exportMetadata() {
744
+ return await client.request("editorState.exportMetadata");
745
+ },
746
+ async exportRootNodeMetadata() {
747
+ return await client.request("editorState.exportRootNodeMetadata");
748
+ },
749
+ async getNodeById(params) {
750
+ return await client.request("editorState.getNodeById", params);
751
+ },
752
+ async getNodeChildren(params) {
753
+ return await client.request("editorState.getNodeChildren", params);
754
+ },
755
+ async getNodeProperty(params) {
756
+ return await client.request("editorState.getNodeProperty", params);
757
+ },
758
+ async getNodeProperties(params) {
759
+ return await client.request("editorState.getNodeProperties", params);
760
+ },
761
+ async getParentInfo(params) {
762
+ return await client.request("editorState.getParentInfo", params);
763
+ },
764
+ // Selection
765
+ async getSelectedNodeId() {
766
+ return await client.request("editorState.getSelectedNodeId");
767
+ },
768
+ async setSelectedNodeId(params) {
769
+ await client.request("editorState.setSelectedNodeId", params);
770
+ },
771
+ async getSelectedParameterId() {
772
+ return await client.request("editorState.getSelectedParameterId");
773
+ },
774
+ async setSelectedParameterId(params) {
775
+ await client.request("editorState.setSelectedParameterId", params);
776
+ },
777
+ async getPristine() {
778
+ return await client.request("editorState.getPristine");
779
+ },
780
+ // Write operations
781
+ async insertNode(params) {
782
+ return await client.request("editorState.insertNode", params);
783
+ },
784
+ async deleteNode(params) {
785
+ await client.request("editorState.deleteNode", params);
786
+ },
787
+ async moveNode(params) {
788
+ await client.request("editorState.moveNode", params);
789
+ },
790
+ async updateNodeProperty(params) {
791
+ await client.request("editorState.updateNodeProperty", params);
792
+ },
793
+ async updateRootMetadata(params) {
794
+ await client.request("editorState.updateRootMetadata", params);
795
+ },
796
+ async updateRootNode(params) {
797
+ await client.request("editorState.updateRootNode", params);
798
+ },
799
+ // Pattern operations
800
+ async insertPattern(params) {
801
+ return await client.request("editorState.insertPattern", params);
802
+ },
803
+ async isPatternPropertyOverridden(params) {
804
+ return await client.request("editorState.isPatternPropertyOverridden", params);
805
+ },
806
+ async resetPatternPropertyOverride(params) {
807
+ await client.request("editorState.resetPatternPropertyOverride", params);
808
+ },
809
+ async setPropertyLocalizability(params) {
810
+ await client.request("editorState.setPropertyLocalizability", params);
811
+ },
812
+ // Locale operations
813
+ async enableLocale(params) {
814
+ await client.request("editorState.enableLocale", params);
815
+ },
816
+ async disableLocale(params) {
817
+ await client.request("editorState.disableLocale", params);
818
+ },
819
+ async setCurrentLocale(params) {
820
+ await client.request("editorState.setCurrentLocale", params);
821
+ },
822
+ // Dynamic input operations
823
+ async setDynamicInputPreviewValue(params) {
824
+ await client.request("editorState.setDynamicInputPreviewValue", params);
580
825
  }
581
826
  };
582
827
  }
@@ -774,7 +1019,8 @@ async function initializeUniformMeshSDK({
774
1019
  sdk.events.emit("onValueChanged", { newValue: value });
775
1020
  await parent.setValue({ uniformMeshLocationValue: value, closeDialog: true });
776
1021
  }
777
- } : void 0
1022
+ } : void 0,
1023
+ editorState: parent.editorState
778
1024
  };
779
1025
  return location;
780
1026
  },
@@ -857,7 +1103,8 @@ async function initializeUniformMeshSDK({
857
1103
  },
858
1104
  closeCurrentLocationDialog: async () => {
859
1105
  await parent.closeDialog({ dialogId: void 0, dialogType: "currentLocation" });
860
- }
1106
+ },
1107
+ getSessionToken: () => parent.getSessionToken()
861
1108
  };
862
1109
  window.UniformMeshSDK = sdk;
863
1110
  initializing = false;
@@ -880,6 +1127,8 @@ var hasRole = (role, user) => {
880
1127
  };
881
1128
  // Annotate the CommonJS export names for ESM import in node:
882
1129
  0 && (module.exports = {
1130
+ DelegationTokenClient,
1131
+ DelegationTokenError,
883
1132
  IntegrationDefinitionClient,
884
1133
  IntegrationInstallationClient,
885
1134
  functionCallSystemParameters,