@wacht/backend 1.0.0-beta.0

package/dist/api/api-keys.d.ts

@@ -0,0 +1,43 @@
+import { type WachtClient, type ListOptions } from "../client";
+import type { ApiAuthApp, CreateApiAuthAppRequest, UpdateApiAuthAppRequest, ApiKey, ApiKeyWithSecret, CreateApiKeyRequest, RevokeApiKeyRequest, RotateApiKeyRequest } from "../models";
+/**
+ * List API auth apps
+ */
+export declare function listApiAuthApps(options?: ListOptions & {
+    include_inactive?: boolean;
+}, client?: WachtClient): Promise<ApiAuthApp[]>;
+/**
+ * Get an API auth app by name
+ */
+export declare function getApiAuthApp(appName: string, client?: WachtClient): Promise<ApiAuthApp>;
+/**
+ * Create an API auth app
+ */
+export declare function createApiAuthApp(request: CreateApiAuthAppRequest, client?: WachtClient): Promise<ApiAuthApp>;
+/**
+ * Update an API auth app
+ */
+export declare function updateApiAuthApp(appName: string, request: UpdateApiAuthAppRequest, client?: WachtClient): Promise<ApiAuthApp>;
+/**
+ * Delete an API auth app
+ */
+export declare function deleteApiAuthApp(appName: string, client?: WachtClient): Promise<void>;
+/**
+ * List API keys for an app
+ */
+export declare function listApiKeys(appName: string, options?: ListOptions & {
+    include_inactive?: boolean;
+}, client?: WachtClient): Promise<ApiKey[]>;
+/**
+ * Create an API key
+ */
+export declare function createApiKey(appName: string, request: CreateApiKeyRequest, client?: WachtClient): Promise<ApiKeyWithSecret>;
+/**
+ * Revoke an API key
+ */
+export declare function revokeApiKey(request: RevokeApiKeyRequest, client?: WachtClient): Promise<void>;
+/**
+ * Rotate an API key
+ */
+export declare function rotateApiKey(request: RotateApiKeyRequest, client?: WachtClient): Promise<ApiKeyWithSecret>;
+//# sourceMappingURL=api-keys.d.ts.map

package/dist/api/api-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-keys.d.ts","sourceRoot":"","sources":["../../src/api/api-keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,WAAW,EAEhB,KAAK,WAAW,EACjB,MAAM,WAAW,CAAC;AACnB,OAAO,KAAK,EACV,UAAU,EACV,uBAAuB,EACvB,uBAAuB,EACvB,MAAM,EACN,gBAAgB,EAChB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACpB,MAAM,WAAW,CAAC;AAEnB;;GAEG;AACH,wBAAsB,eAAe,CACnC,OAAO,CAAC,EAAE,WAAW,GAAG;IAAE,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAAE,EACtD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,UAAU,EAAE,CAAC,CASvB;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,UAAU,CAAC,CAGrB;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,uBAAuB,EAChC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,UAAU,CAAC,CAGrB;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,uBAAuB,EAChC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,UAAU,CAAC,CAGrB;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED;;GAEG;AACH,wBAAsB,WAAW,CAC/B,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,WAAW,GAAG;IAAE,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAAE,EACtD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,MAAM,EAAE,CAAC,CASnB;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,mBAAmB,EAC5B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,gBAAgB,CAAC,CAM3B;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,mBAAmB,EAC5B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,mBAAmB,EAC5B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,gBAAgB,CAAC,CAG3B"}

package/dist/api/api-keys.js

@@ -0,0 +1,84 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.listApiAuthApps = listApiAuthApps;
+exports.getApiAuthApp = getApiAuthApp;
+exports.createApiAuthApp = createApiAuthApp;
+exports.updateApiAuthApp = updateApiAuthApp;
+exports.deleteApiAuthApp = deleteApiAuthApp;
+exports.listApiKeys = listApiKeys;
+exports.createApiKey = createApiKey;
+exports.revokeApiKey = revokeApiKey;
+exports.rotateApiKey = rotateApiKey;
+const client_1 = require("../client");
+/**
+ * List API auth apps
+ */
+async function listApiAuthApps(options, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    const params = new URLSearchParams();
+    if (options?.include_inactive !== undefined)
+        params.append("include_inactive", String(options.include_inactive));
+    const queryString = params.toString();
+    return sdkClient.get(`/api-auth/apps${queryString ? `?${queryString}` : ""}`);
+}
+/**
+ * Get an API auth app by name
+ */
+async function getApiAuthApp(appName, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.get(`/api-auth/apps/${appName}`);
+}
+/**
+ * Create an API auth app
+ */
+async function createApiAuthApp(request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post("/api-auth/apps", request);
+}
+/**
+ * Update an API auth app
+ */
+async function updateApiAuthApp(appName, request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.patch(`/api-auth/apps/${appName}`, request);
+}
+/**
+ * Delete an API auth app
+ */
+async function deleteApiAuthApp(appName, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.delete(`/api-auth/apps/${appName}`);
+}
+/**
+ * List API keys for an app
+ */
+async function listApiKeys(appName, options, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    const params = new URLSearchParams();
+    if (options?.include_inactive !== undefined)
+        params.append("include_inactive", String(options.include_inactive));
+    const queryString = params.toString();
+    return sdkClient.get(`/api-auth/apps/${appName}/keys${queryString ? `?${queryString}` : ""}`);
+}
+/**
+ * Create an API key
+ */
+async function createApiKey(appName, request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post(`/api-auth/apps/${appName}/keys`, request);
+}
+/**
+ * Revoke an API key
+ */
+async function revokeApiKey(request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post("/api-auth/keys/revoke", request);
+}
+/**
+ * Rotate an API key
+ */
+async function rotateApiKey(request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post("/api-auth/keys/rotate", request);
+}
+//# sourceMappingURL=api-keys.js.map

package/dist/api/api-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../src/api/api-keys.ts"],"names":[],"mappings":";;AAoBA,0CAYC;AAKD,sCAMC;AAKD,4CAMC;AAKD,4CAOC;AAKD,4CAMC;AAKD,kCAaC;AAKD,oCAUC;AAKD,oCAMC;AAKD,oCAMC;AApID,sCAKmB;AAYnB;;GAEG;AACI,KAAK,UAAU,eAAe,CACnC,OAAsD,EACtD,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,IAAI,OAAO,EAAE,gBAAgB,KAAK,SAAS;QACzC,MAAM,CAAC,MAAM,CAAC,kBAAkB,EAAE,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACtE,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC,GAAG,CAClB,iBAAiB,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACxD,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,GAAG,CAAa,kBAAkB,OAAO,EAAE,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAgC,EAChC,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CAAa,gBAAgB,EAAE,OAAO,CAAC,CAAC;AAC/D,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAe,EACf,OAAgC,EAChC,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,KAAK,CAAa,kBAAkB,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAe,EACf,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,MAAM,CAAO,kBAAkB,OAAO,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,WAAW,CAC/B,OAAe,EACf,OAAsD,EACtD,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,IAAI,OAAO,EAAE,gBAAgB,KAAK,SAAS;QACzC,MAAM,CAAC,MAAM,CAAC,kBAAkB,EAAE,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACtE,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC,GAAG,CAClB,kBAAkB,OAAO,QAAQ,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACxE,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,YAAY,CAChC,OAAe,EACf,OAA4B,EAC5B,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CACnB,kBAAkB,OAAO,OAAO,EAChC,OAAO,CACR,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,YAAY,CAChC,OAA4B,EAC5B,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CAAO,uBAAuB,EAAE,OAAO,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,YAAY,CAChC,OAA4B,EAC5B,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CAAmB,uBAAuB,EAAE,OAAO,CAAC,CAAC;AAC5E,CAAC"}

package/dist/api/gateway.d.ts

@@ -0,0 +1,66 @@
+import type { WachtClient } from "../client";
+import type { AuthzMetadata, AuthzCheckRequest, AuthzCheckResponse, AuthzPrincipalType, ResolvedAuthzIdentity } from "../models/api-key";
+export interface GatewayCheckAuthzOptions {
+    gatewayUrl?: string;
+    timeout?: number;
+    fetch?: typeof fetch;
+}
+export interface GatewayPrincipalAuthzRequest {
+    principalType: AuthzPrincipalType;
+    principalValue: string;
+    resource: string;
+    method: string;
+    clientIp?: string;
+    userAgent?: string;
+    requiredPermissions?: string[];
+}
+export interface ResolvedGatewayPrincipalContext {
+    tokenType: "api_key" | "oauth_token";
+    identity: ResolvedAuthzIdentity;
+    metadata: AuthzMetadata | null;
+    ownerUserId: string | null;
+    organizationId: string | null;
+    workspaceId: string | null;
+    permissions: string[];
+}
+/**
+ * Check authz against the gateway with principal-based contract.
+ */
+export declare function checkAuthz(payload: AuthzCheckRequest, options?: GatewayCheckAuthzOptions, _client?: WachtClient): Promise<AuthzCheckResponse>;
+/**
+ * Check authz for a specific gateway principal type (API key or OAuth access token).
+ */
+export declare function checkPrincipalAuthz(payload: GatewayPrincipalAuthzRequest, options?: GatewayCheckAuthzOptions, client?: WachtClient): Promise<AuthzCheckResponse>;
+/**
+ * Convenience wrapper for API key gateway authz checks.
+ */
+export declare function verifyApiKeyRequest(apiKey: string, method: string, resource: string, options?: GatewayCheckAuthzOptions & {
+    clientIp?: string;
+    userAgent?: string;
+    requiredPermissions?: string[];
+}, client?: WachtClient): Promise<AuthzCheckResponse>;
+/**
+ * Convenience wrapper for OAuth access token gateway authz checks.
+ */
+export declare function verifyOauthAccessTokenRequest(accessToken: string, method: string, resource: string, options?: GatewayCheckAuthzOptions & {
+    clientIp?: string;
+    userAgent?: string;
+    requiredPermissions?: string[];
+}, client?: WachtClient): Promise<AuthzCheckResponse>;
+/**
+ * Backward-compatible alias for API key request verification.
+ */
+export declare function verifyRequest(apiKey: string, method: string, resource: string, options?: GatewayCheckAuthzOptions & {
+    clientIp?: string;
+    userAgent?: string;
+    requiredPermissions?: string[];
+}, client?: WachtClient): Promise<AuthzCheckResponse>;
+/**
+ * Resolve gateway identity into a discriminated principal identity shape.
+ */
+export declare function resolveAuthzIdentity(response: AuthzCheckResponse): ResolvedAuthzIdentity | undefined;
+/**
+ * Resolve gateway authz response into a normalized principal context used by framework adapters.
+ */
+export declare function resolveGatewayPrincipalContext(response: AuthzCheckResponse): ResolvedGatewayPrincipalContext | undefined;
+//# sourceMappingURL=gateway.d.ts.map

package/dist/api/gateway.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"gateway.d.ts","sourceRoot":"","sources":["../../src/api/gateway.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,KAAK,EAEV,aAAa,EACb,iBAAiB,EACjB,kBAAkB,EAElB,kBAAkB,EAClB,qBAAqB,EACtB,MAAM,mBAAmB,CAAC;AAG3B,MAAM,WAAW,wBAAwB;IACvC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;CACtB;AAED,MAAM,WAAW,4BAA4B;IAC3C,aAAa,EAAE,kBAAkB,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,+BAA+B;IAC9C,SAAS,EAAE,SAAS,GAAG,aAAa,CAAC;IACrC,QAAQ,EAAE,qBAAqB,CAAC;IAChC,QAAQ,EAAE,aAAa,GAAG,IAAI,CAAC;IAC/B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAID;;GAEG;AACH,wBAAsB,UAAU,CAC9B,OAAO,EAAE,iBAAiB,EAC1B,OAAO,CAAC,EAAE,wBAAwB,EAClC,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,kBAAkB,CAAC,CAsD7B;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,4BAA4B,EACrC,OAAO,CAAC,EAAE,wBAAwB,EAClC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAgB7B;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,wBAAwB,GAAG;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC,EACD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAc7B;AAED;;GAEG;AACH,wBAAsB,6BAA6B,CACjD,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,wBAAwB,GAAG;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC,EACD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAc7B;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,wBAAwB,GAAG;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC,EACD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,kBAAkB,CAAC,CAE7B;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,kBAAkB,GAC3B,qBAAqB,GAAG,SAAS,CAmBnC;AAED;;GAEG;AACH,wBAAgB,8BAA8B,CAC5C,QAAQ,EAAE,kBAAkB,GAC3B,+BAA+B,GAAG,SAAS,CA0C7C"}

package/dist/api/gateway.js

@@ -0,0 +1,177 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkAuthz = checkAuthz;
+exports.checkPrincipalAuthz = checkPrincipalAuthz;
+exports.verifyApiKeyRequest = verifyApiKeyRequest;
+exports.verifyOauthAccessTokenRequest = verifyOauthAccessTokenRequest;
+exports.verifyRequest = verifyRequest;
+exports.resolveAuthzIdentity = resolveAuthzIdentity;
+exports.resolveGatewayPrincipalContext = resolveGatewayPrincipalContext;
+const error_1 = require("../error");
+const DEFAULT_GATEWAY_URL = "https://gateway.wacht.dev";
+/**
+ * Check authz against the gateway with principal-based contract.
+ */
+async function checkAuthz(payload, options, _client) {
+    const base = (options?.gatewayUrl || DEFAULT_GATEWAY_URL).replace(/\/+$/, "");
+    const url = `${base}/v1/authz/check`;
+    const fetchImpl = options?.fetch ?? globalThis.fetch;
+    if (typeof fetchImpl !== "function") {
+        throw new error_1.WachtError("No fetch implementation found. Provide one via options.fetch in this runtime.");
+    }
+    const timeout = options?.timeout || 30000;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    try {
+        const response = await fetchImpl(url, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify(payload),
+            signal: controller.signal,
+        });
+        if (!response.ok) {
+            let data = null;
+            try {
+                data = await response.json();
+            }
+            catch {
+                try {
+                    data = { message: await response.text() };
+                }
+                catch {
+                    data = null;
+                }
+            }
+            throw (0, error_1.parseApiError)(response.status, data);
+        }
+        return (await response.json());
+    }
+    catch (error) {
+        if (error instanceof error_1.WachtError) {
+            throw error;
+        }
+        if (error instanceof Error && error.name === "AbortError") {
+            throw new error_1.WachtError("Gateway request timed out");
+        }
+        if (error instanceof Error) {
+            throw new error_1.WachtError(error.message);
+        }
+        throw new error_1.WachtError("Unexpected gateway error");
+    }
+    finally {
+        clearTimeout(timeoutId);
+    }
+}
+/**
+ * Check authz for a specific gateway principal type (API key or OAuth access token).
+ */
+async function checkPrincipalAuthz(payload, options, client) {
+    return checkAuthz({
+        principal: {
+            type: payload.principalType,
+            value: payload.principalValue,
+        },
+        resource: payload.resource,
+        method: payload.method,
+        client_ip: payload.clientIp,
+        user_agent: payload.userAgent,
+        required_permissions: payload.requiredPermissions,
+    }, options, client);
+}
+/**
+ * Convenience wrapper for API key gateway authz checks.
+ */
+async function verifyApiKeyRequest(apiKey, method, resource, options, client) {
+    return checkPrincipalAuthz({
+        principalType: "api_key",
+        principalValue: apiKey,
+        method,
+        resource,
+        clientIp: options?.clientIp,
+        userAgent: options?.userAgent,
+        requiredPermissions: options?.requiredPermissions,
+    }, options, client);
+}
+/**
+ * Convenience wrapper for OAuth access token gateway authz checks.
+ */
+async function verifyOauthAccessTokenRequest(accessToken, method, resource, options, client) {
+    return checkPrincipalAuthz({
+        principalType: "oauth_access_token",
+        principalValue: accessToken,
+        method,
+        resource,
+        clientIp: options?.clientIp,
+        userAgent: options?.userAgent,
+        requiredPermissions: options?.requiredPermissions,
+    }, options, client);
+}
+/**
+ * Backward-compatible alias for API key request verification.
+ */
+async function verifyRequest(apiKey, method, resource, options, client) {
+    return verifyApiKeyRequest(apiKey, method, resource, options, client);
+}
+/**
+ * Resolve gateway identity into a discriminated principal identity shape.
+ */
+function resolveAuthzIdentity(response) {
+    if (!response.identity)
+        return undefined;
+    const principalType = response.metadata?.principal_type === "oauth_access_token"
+        ? "oauth_access_token"
+        : "api_key";
+    if (principalType === "oauth_access_token") {
+        return {
+            ...response.identity,
+            principal_type: "oauth_access_token",
+        };
+    }
+    return {
+        ...response.identity,
+        principal_type: "api_key",
+    };
+}
+/**
+ * Resolve gateway authz response into a normalized principal context used by framework adapters.
+ */
+function resolveGatewayPrincipalContext(response) {
+    const identity = resolveAuthzIdentity(response);
+    if (!identity)
+        return undefined;
+    const tokenType = identity.principal_type === "api_key" ? "api_key" : "oauth_token";
+    const permissions = response.permissions || [];
+    const organizationPermissions = identity.organization_id
+        ? permissions
+        : [];
+    const workspacePermissions = identity.workspace_id ? permissions : [];
+    const rawMetadata = response.metadata || {};
+    const scopes = Array.isArray(rawMetadata.scopes)
+        ? rawMetadata.scopes.filter((value) => typeof value === "string")
+        : [];
+    const resource = typeof rawMetadata.resource === "string" ? rawMetadata.resource : null;
+    const expiresAt = typeof rawMetadata.expires_at === "string"
+        ? rawMetadata.expires_at
+        : undefined;
+    return {
+        tokenType,
+        identity,
+        metadata: {
+            ...rawMetadata,
+            principal_type: tokenType,
+            permissions_checked: permissions,
+            organization_permissions: organizationPermissions,
+            workspace_permissions: workspacePermissions,
+            scopes,
+            resource,
+            expires_at: expiresAt,
+        },
+        ownerUserId: identity.owner_user_id || null,
+        organizationId: identity.organization_id || null,
+        workspaceId: identity.workspace_id || null,
+        permissions,
+    };
+}
+//# sourceMappingURL=gateway.js.map

package/dist/api/gateway.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gateway.js","sourceRoot":"","sources":["../../src/api/gateway.ts"],"names":[],"mappings":";;AA2CA,gCA0DC;AAKD,kDAoBC;AAKD,kDAwBC;AAKD,sEAwBC;AAKD,sCAYC;AAKD,oDAqBC;AAKD,wEA4CC;AA1QD,oCAAqD;AA4BrD,MAAM,mBAAmB,GAAG,2BAA2B,CAAC;AAExD;;GAEG;AACI,KAAK,UAAU,UAAU,CAC9B,OAA0B,EAC1B,OAAkC,EAClC,OAAqB;IAErB,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,UAAU,IAAI,mBAAmB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC9E,MAAM,GAAG,GAAG,GAAG,IAAI,iBAAiB,CAAC;IACrC,MAAM,SAAS,GAAG,OAAO,EAAE,KAAK,IAAI,UAAU,CAAC,KAAK,CAAC;IAErD,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;QACpC,MAAM,IAAI,kBAAU,CAClB,+EAA+E,CAChF,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,IAAI,KAAK,CAAC;IAC1C,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,CAAC;IAEhE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE;YACpC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,IAAI,GAAY,IAAI,CAAC;YACzB,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACP,IAAI,CAAC;oBACH,IAAI,GAAG,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC;gBAC5C,CAAC;gBAAC,MAAM,CAAC;oBACP,IAAI,GAAG,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YACD,MAAM,IAAA,qBAAa,EAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAuB,CAAC;IACvD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,IAAI,KAAK,YAAY,kBAAU,EAAE,CAAC;YAChC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1D,MAAM,IAAI,kBAAU,CAAC,2BAA2B,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,MAAM,IAAI,kBAAU,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QACD,MAAM,IAAI,kBAAU,CAAC,0BAA0B,CAAC,CAAC;IACnD,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,SAAS,CAAC,CAAC;IAC1B,CAAC;AACH,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,OAAqC,EACrC,OAAkC,EAClC,MAAoB;IAEpB,OAAO,UAAU,CACf;QACE,SAAS,EAAE;YACT,IAAI,EAAE,OAAO,CAAC,aAAa;YAC3B,KAAK,EAAE,OAAO,CAAC,cAAc;SAC9B;QACD,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,SAAS,EAAE,OAAO,CAAC,QAAQ;QAC3B,UAAU,EAAE,OAAO,CAAC,SAAS;QAC7B,oBAAoB,EAAE,OAAO,CAAC,mBAAmB;KAClD,EACD,OAAO,EACP,MAAM,CACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,MAAc,EACd,MAAc,EACd,QAAgB,EAChB,OAIC,EACD,MAAoB;IAEpB,OAAO,mBAAmB,CACxB;QACE,aAAa,EAAE,SAAS;QACxB,cAAc,EAAE,MAAM;QACtB,MAAM;QACN,QAAQ;QACR,QAAQ,EAAE,OAAO,EAAE,QAAQ;QAC3B,SAAS,EAAE,OAAO,EAAE,SAAS;QAC7B,mBAAmB,EAAE,OAAO,EAAE,mBAAmB;KAClD,EACD,OAAO,EACP,MAAM,CACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,6BAA6B,CACjD,WAAmB,EACnB,MAAc,EACd,QAAgB,EAChB,OAIC,EACD,MAAoB;IAEpB,OAAO,mBAAmB,CACxB;QACE,aAAa,EAAE,oBAAoB;QACnC,cAAc,EAAE,WAAW;QAC3B,MAAM;QACN,QAAQ;QACR,QAAQ,EAAE,OAAO,EAAE,QAAQ;QAC3B,SAAS,EAAE,OAAO,EAAE,SAAS;QAC7B,mBAAmB,EAAE,OAAO,EAAE,mBAAmB;KAClD,EACD,OAAO,EACP,MAAM,CACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,aAAa,CACjC,MAAc,EACd,MAAc,EACd,QAAgB,EAChB,OAIC,EACD,MAAoB;IAEpB,OAAO,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AACxE,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAClC,QAA4B;IAE5B,IAAI,CAAC,QAAQ,CAAC,QAAQ;QAAE,OAAO,SAAS,CAAC;IAEzC,MAAM,aAAa,GACjB,QAAQ,CAAC,QAAQ,EAAE,cAAc,KAAK,oBAAoB;QACxD,CAAC,CAAC,oBAAoB;QACtB,CAAC,CAAC,SAAS,CAAC;IAEhB,IAAI,aAAa,KAAK,oBAAoB,EAAE,CAAC;QAC3C,OAAO;YACL,GAAG,QAAQ,CAAC,QAAQ;YACpB,cAAc,EAAE,oBAAoB;SACJ,CAAC;IACrC,CAAC;IAED,OAAO;QACL,GAAG,QAAQ,CAAC,QAAQ;QACpB,cAAc,EAAE,SAAS;KACH,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,SAAgB,8BAA8B,CAC5C,QAA4B;IAE5B,MAAM,QAAQ,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,CAAC,QAAQ;QAAE,OAAO,SAAS,CAAC;IAEhC,MAAM,SAAS,GACb,QAAQ,CAAC,cAAc,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC;IACpE,MAAM,WAAW,GAAG,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC;IAC/C,MAAM,uBAAuB,GAAG,QAAQ,CAAC,eAAe;QACtD,CAAC,CAAC,WAAW;QACb,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,oBAAoB,GAAG,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;IACtE,MAAM,WAAW,GAAI,QAAQ,CAAC,QAAsC,IAAI,EAAE,CAAC;IAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC;QAC9C,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CACvB,CAAC,KAAK,EAAmB,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,CACtD;QACH,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,QAAQ,GACZ,OAAO,WAAW,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IACzE,MAAM,SAAS,GACb,OAAO,WAAW,CAAC,UAAU,KAAK,QAAQ;QACxC,CAAC,CAAC,WAAW,CAAC,UAAU;QACxB,CAAC,CAAC,SAAS,CAAC;IAEhB,OAAO;QACL,SAAS;QACT,QAAQ;QACR,QAAQ,EAAE;YACR,GAAG,WAAW;YACd,cAAc,EAAE,SAAS;YACzB,mBAAmB,EAAE,WAAW;YAChC,wBAAwB,EAAE,uBAAuB;YACjD,qBAAqB,EAAE,oBAAoB;YAC3C,MAAM;YACN,QAAQ;YACR,UAAU,EAAE,SAAS;SACtB;QACD,WAAW,EAAE,QAAQ,CAAC,aAAa,IAAI,IAAI;QAC3C,cAAc,EAAE,QAAQ,CAAC,eAAe,IAAI,IAAI;QAChD,WAAW,EAAE,QAAQ,CAAC,YAAY,IAAI,IAAI;QAC1C,WAAW;KACZ,CAAC;AACJ,CAAC"}

package/dist/api/health.d.ts

@@ -0,0 +1,8 @@
+import { type WachtClient } from "../client";
+/**
+ * Health check
+ */
+export declare function healthCheck(client?: WachtClient): Promise<{
+    status: string;
+}>;
+//# sourceMappingURL=health.d.ts.map

package/dist/api/health.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../src/api/health.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAExD;;GAEG;AACH,wBAAsB,WAAW,CAC/B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAG7B"}

package/dist/api/health.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.healthCheck = healthCheck;
+const client_1 = require("../client");
+/**
+ * Health check
+ */
+async function healthCheck(client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.get("/health");
+}
+//# sourceMappingURL=health.js.map

package/dist/api/health.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"health.js","sourceRoot":"","sources":["../../src/api/health.ts"],"names":[],"mappings":";;AAKA,kCAKC;AAVD,sCAAwD;AAExD;;GAEG;AACI,KAAK,UAAU,WAAW,CAC/B,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,GAAG,CAAqB,SAAS,CAAC,CAAC;AACtD,CAAC"}

package/dist/api/invitations.d.ts

@@ -0,0 +1,35 @@
+import { type WachtClient, type PaginatedResponse, type ListOptions } from "../client";
+import type { DeploymentInvitation, DeploymentWaitlistUser, InviteUserRequest, CreateSessionTicketRequest, SessionTicketResponse } from "../models/user";
+/**
+ * List invitations
+ */
+export declare function listInvitations(options?: ListOptions & {
+    sort_key?: string;
+    sort_order?: string;
+    search?: string;
+}, client?: WachtClient): Promise<PaginatedResponse<DeploymentInvitation>>;
+/**
+ * Invite user
+ */
+export declare function inviteUser(request: InviteUserRequest, client?: WachtClient): Promise<DeploymentInvitation>;
+/**
+ * Delete invitation
+ */
+export declare function deleteInvitation(invitationId: string, client?: WachtClient): Promise<void>;
+/**
+ * List waitlist users
+ */
+export declare function listWaitlist(options?: ListOptions & {
+    sort_key?: string;
+    sort_order?: string;
+    search?: string;
+}, client?: WachtClient): Promise<PaginatedResponse<DeploymentWaitlistUser>>;
+/**
+ * Approve waitlist user
+ */
+export declare function approveWaitlistUser(waitlistUserId: string, client?: WachtClient): Promise<DeploymentInvitation>;
+/**
+ * Create session ticket
+ */
+export declare function createSessionTicket(request: CreateSessionTicketRequest, client?: WachtClient): Promise<SessionTicketResponse>;
+//# sourceMappingURL=invitations.d.ts.map

package/dist/api/invitations.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"invitations.d.ts","sourceRoot":"","sources":["../../src/api/invitations.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,WAAW,EACjB,MAAM,WAAW,CAAC;AACnB,OAAO,KAAK,EACV,oBAAoB,EACpB,sBAAsB,EACtB,iBAAiB,EACjB,0BAA0B,EAC1B,qBAAqB,EACtB,MAAM,gBAAgB,CAAC;AAExB;;GAEG;AACH,wBAAsB,eAAe,CACnC,OAAO,CAAC,EAAE,WAAW,GAAG;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,EACD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,iBAAiB,CAAC,oBAAoB,CAAC,CAAC,CAalD;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC9B,OAAO,EAAE,iBAAiB,EAC1B,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,oBAAoB,CAAC,CAG/B;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,OAAO,CAAC,EAAE,WAAW,GAAG;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,EACD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,iBAAiB,CAAC,sBAAsB,CAAC,CAAC,CAapD;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,cAAc,EAAE,MAAM,EACtB,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,oBAAoB,CAAC,CAK/B;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,0BAA0B,EACnC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,qBAAqB,CAAC,CAGhC"}

package/dist/api/invitations.js

@@ -0,0 +1,76 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.listInvitations = listInvitations;
+exports.inviteUser = inviteUser;
+exports.deleteInvitation = deleteInvitation;
+exports.listWaitlist = listWaitlist;
+exports.approveWaitlistUser = approveWaitlistUser;
+exports.createSessionTicket = createSessionTicket;
+const client_1 = require("../client");
+/**
+ * List invitations
+ */
+async function listInvitations(options, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    const params = new URLSearchParams();
+    if (options?.limit)
+        params.append("limit", String(options.limit));
+    if (options?.offset !== undefined)
+        params.append("offset", String(options.offset));
+    if (options?.sort_key)
+        params.append("sort_key", options.sort_key);
+    if (options?.sort_order)
+        params.append("sort_order", options.sort_order);
+    if (options?.search)
+        params.append("search", options.search);
+    const queryString = params.toString();
+    return sdkClient.get(`/invitations${queryString ? `?${queryString}` : ""}`);
+}
+/**
+ * Invite user
+ */
+async function inviteUser(request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post("/invitations", request);
+}
+/**
+ * Delete invitation
+ */
+async function deleteInvitation(invitationId, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.delete(`/invitations/${invitationId}`);
+}
+/**
+ * List waitlist users
+ */
+async function listWaitlist(options, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    const params = new URLSearchParams();
+    if (options?.limit)
+        params.append("limit", String(options.limit));
+    if (options?.offset !== undefined)
+        params.append("offset", String(options.offset));
+    if (options?.sort_key)
+        params.append("sort_key", options.sort_key);
+    if (options?.sort_order)
+        params.append("sort_order", options.sort_order);
+    if (options?.search)
+        params.append("search", options.search);
+    const queryString = params.toString();
+    return sdkClient.get(`/waitlist${queryString ? `?${queryString}` : ""}`);
+}
+/**
+ * Approve waitlist user
+ */
+async function approveWaitlistUser(waitlistUserId, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post(`/waitlist/${waitlistUserId}/approve`);
+}
+/**
+ * Create session ticket
+ */
+async function createSessionTicket(request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post("/session/tickets", request);
+}
+//# sourceMappingURL=invitations.js.map

package/dist/api/invitations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invitations.js","sourceRoot":"","sources":["../../src/api/invitations.ts"],"names":[],"mappings":";;AAiBA,0CAoBC;AAKD,gCAMC;AAKD,4CAMC;AAKD,oCAoBC;AAKD,kDAQC;AAKD,kDAMC;AA5GD,sCAKmB;AASnB;;GAEG;AACI,KAAK,UAAU,eAAe,CACnC,OAIC,EACD,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,IAAI,OAAO,EAAE,KAAK;QAAE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IAClE,IAAI,OAAO,EAAE,MAAM,KAAK,SAAS;QAC/B,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;IAClD,IAAI,OAAO,EAAE,QAAQ;QAAE,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnE,IAAI,OAAO,EAAE,UAAU;QAAE,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IACzE,IAAI,OAAO,EAAE,MAAM;QAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7D,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC,GAAG,CAClB,eAAe,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACtD,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,UAAU,CAC9B,OAA0B,EAC1B,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CAAuB,cAAc,EAAE,OAAO,CAAC,CAAC;AACvE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,gBAAgB,CACpC,YAAoB,EACpB,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,MAAM,CAAO,gBAAgB,YAAY,EAAE,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,YAAY,CAChC,OAIC,EACD,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,IAAI,OAAO,EAAE,KAAK;QAAE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IAClE,IAAI,OAAO,EAAE,MAAM,KAAK,SAAS;QAC/B,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;IAClD,IAAI,OAAO,EAAE,QAAQ;QAAE,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnE,IAAI,OAAO,EAAE,UAAU;QAAE,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IACzE,IAAI,OAAO,EAAE,MAAM;QAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7D,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC,GAAG,CAClB,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACnD,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,cAAsB,EACtB,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CACnB,aAAa,cAAc,UAAU,CACtC,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,OAAmC,EACnC,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CAAwB,kBAAkB,EAAE,OAAO,CAAC,CAAC;AAC5E,CAAC"}

package/dist/api/notifications.d.ts

@@ -0,0 +1,27 @@
+import { type WachtClient, type PaginatedResponse, type ListOptions } from "../client";
+import type { Notification, CreateNotificationRequest, NotificationStats } from "../models";
+/**
+ * List notifications
+ */
+export declare function listNotifications(options?: ListOptions & {
+    user_id?: string;
+    organization_id?: string;
+    workspace_id?: string;
+}, client?: WachtClient): Promise<PaginatedResponse<Notification>>;
+/**
+ * Get a notification by ID
+ */
+export declare function getNotification(notificationId: string, client?: WachtClient): Promise<Notification>;
+/**
+ * Create a notification
+ */
+export declare function createNotification(request: CreateNotificationRequest, client?: WachtClient): Promise<Notification>;
+/**
+ * Delete a notification
+ */
+export declare function deleteNotification(notificationId: string, client?: WachtClient): Promise<void>;
+/**
+ * Get notification stats
+ */
+export declare function getNotificationStats(client?: WachtClient): Promise<NotificationStats>;
+//# sourceMappingURL=notifications.d.ts.map

package/dist/api/notifications.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"notifications.d.ts","sourceRoot":"","sources":["../../src/api/notifications.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,WAAW,EACjB,MAAM,WAAW,CAAC;AACnB,OAAO,KAAK,EACV,YAAY,EACZ,yBAAyB,EACzB,iBAAiB,EAClB,MAAM,WAAW,CAAC;AAEnB;;GAEG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,CAAC,EAAE,WAAW,GAAG;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,EACD,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC,CAe1C;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,cAAc,EAAE,MAAM,EACtB,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,YAAY,CAAC,CAGvB;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,OAAO,EAAE,yBAAyB,EAClC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,YAAY,CAAC,CAGvB;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,cAAc,EAAE,MAAM,EACtB,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,iBAAiB,CAAC,CAG5B"}

package/dist/api/notifications.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.listNotifications = listNotifications;
+exports.getNotification = getNotification;
+exports.createNotification = createNotification;
+exports.deleteNotification = deleteNotification;
+exports.getNotificationStats = getNotificationStats;
+const client_1 = require("../client");
+/**
+ * List notifications
+ */
+async function listNotifications(options, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    const params = new URLSearchParams();
+    if (options?.limit)
+        params.append("limit", String(options.limit));
+    if (options?.offset !== undefined)
+        params.append("offset", String(options.offset));
+    if (options?.user_id)
+        params.append("user_id", options.user_id);
+    if (options?.organization_id)
+        params.append("organization_id", options.organization_id);
+    if (options?.workspace_id)
+        params.append("workspace_id", options.workspace_id);
+    const queryString = params.toString();
+    return sdkClient.get(`/notifications${queryString ? `?${queryString}` : ""}`);
+}
+/**
+ * Get a notification by ID
+ */
+async function getNotification(notificationId, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.get(`/notifications/${notificationId}`);
+}
+/**
+ * Create a notification
+ */
+async function createNotification(request, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.post("/notifications", request);
+}
+/**
+ * Delete a notification
+ */
+async function deleteNotification(notificationId, client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.delete(`/notifications/${notificationId}`);
+}
+/**
+ * Get notification stats
+ */
+async function getNotificationStats(client) {
+    const sdkClient = client ?? (0, client_1.getClient)();
+    return sdkClient.get("/notifications/stats");
+}
+//# sourceMappingURL=notifications.js.map

package/dist/api/notifications.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"notifications.js","sourceRoot":"","sources":["../../src/api/notifications.ts"],"names":[],"mappings":";;AAeA,8CAsBC;AAKD,0CAMC;AAKD,gDAMC;AAKD,gDAMC;AAKD,oDAKC;AAhFD,sCAKmB;AAOnB;;GAEG;AACI,KAAK,UAAU,iBAAiB,CACrC,OAIC,EACD,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACrC,IAAI,OAAO,EAAE,KAAK;QAAE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IAClE,IAAI,OAAO,EAAE,MAAM,KAAK,SAAS;QAC/B,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;IAClD,IAAI,OAAO,EAAE,OAAO;QAAE,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAChE,IAAI,OAAO,EAAE,eAAe;QAC1B,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAC5D,IAAI,OAAO,EAAE,YAAY;QACvB,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IACtD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC,GAAG,CAClB,iBAAiB,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACxD,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,eAAe,CACnC,cAAsB,EACtB,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,GAAG,CAAe,kBAAkB,cAAc,EAAE,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,kBAAkB,CACtC,OAAkC,EAClC,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,IAAI,CAAe,gBAAgB,EAAE,OAAO,CAAC,CAAC;AACjE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,kBAAkB,CACtC,cAAsB,EACtB,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,MAAM,CAAO,kBAAkB,cAAc,EAAE,CAAC,CAAC;AACpE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,oBAAoB,CACxC,MAAoB;IAEpB,MAAM,SAAS,GAAG,MAAM,IAAI,IAAA,kBAAS,GAAE,CAAC;IACxC,OAAO,SAAS,CAAC,GAAG,CAAoB,sBAAsB,CAAC,CAAC;AAClE,CAAC"}