@xemahq/biome-activity-sdk 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -0
- package/README.md +74 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +18 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/with-integration-token.d.ts +14 -0
- package/dist/lib/with-integration-token.d.ts.map +1 -0
- package/dist/lib/with-integration-token.js +45 -0
- package/dist/lib/with-integration-token.js.map +1 -0
- package/package.json +35 -0
package/LICENSE
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
Copyright (c) 2026 Xema. All rights reserved.
|
package/README.md
ADDED
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
<!-- Banner: inline SVG (from assets/banner-template.svg). Renders on GitHub; npm strips inline SVG. -->
|
|
2
|
+
<p align="center">
|
|
3
|
+
<svg width="680" height="120" viewBox="0 0 680 120" fill="none" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="@xemahq/biome-activity-sdk">
|
|
4
|
+
<rect width="680" height="120" rx="14" fill="#0B1020"/>
|
|
5
|
+
<g transform="translate(28,34)">
|
|
6
|
+
<path d="M26 0 L52 15 L52 45 L26 60 L0 45 L0 15 Z" fill="#8B5CF6" opacity="0.18"/>
|
|
7
|
+
<path d="M26 12 L41 21 L41 39 L26 48 L11 39 L11 21 Z" fill="#8B5CF6"/>
|
|
8
|
+
</g>
|
|
9
|
+
<text x="92" y="52" font-family="ui-monospace,SFMono-Regular,Menlo,monospace" font-size="22" fill="#F8FAFC" font-weight="700">@xemahq/biome-activity-sdk</text>
|
|
10
|
+
<text x="92" y="80" font-family="ui-sans-serif,system-ui,sans-serif" font-size="15" fill="#94A3B8">Helpers for outbound integration calls inside workflow activities.</text>
|
|
11
|
+
<text x="652" y="105" text-anchor="end" font-family="ui-sans-serif,system-ui,sans-serif" font-size="12" fill="#475569">xema.dev</text>
|
|
12
|
+
</svg>
|
|
13
|
+
</p>
|
|
14
|
+
|
|
15
|
+
<p align="center">
|
|
16
|
+
<a href="https://xema.dev">Website</a> ·
|
|
17
|
+
<a href="https://www.npmjs.com/package/@xemahq/biome-activity-sdk">npm</a>
|
|
18
|
+
</p>
|
|
19
|
+
|
|
20
|
+
<p align="center">
|
|
21
|
+
<img alt="npm" src="https://img.shields.io/npm/v/%40xemahq%2Fbiome-activity-sdk?color=2563eb&label=npm">
|
|
22
|
+
<img alt="license" src="https://img.shields.io/npm/l/%40xemahq%2Fbiome-activity-sdk?color=10b981">
|
|
23
|
+
<img alt="types" src="https://img.shields.io/npm/types/%40xemahq%2Fbiome-activity-sdk?color=3178c6">
|
|
24
|
+
</p>
|
|
25
|
+
|
|
26
|
+
# @xemahq/biome-activity-sdk
|
|
27
|
+
|
|
28
|
+
> Helpers for outbound integration calls inside workflow activities
|
|
29
|
+
|
|
30
|
+
## Overview
|
|
31
|
+
|
|
32
|
+
This package gives workflow activity authors a small set of helpers for talking
|
|
33
|
+
to external providers. Its central helper, `withIntegrationToken`, mints a
|
|
34
|
+
credential on behalf of a user, runs the caller's outbound request with that
|
|
35
|
+
token, and re-mints once on a single auth failure before giving up.
|
|
36
|
+
|
|
37
|
+
It is provider-neutral and credential-kind-neutral by construction: the helper
|
|
38
|
+
does not know which provider it is speaking to. The caller supplies the request
|
|
39
|
+
function and signals an auth failure by throwing `IntegrationAuthError`, which is
|
|
40
|
+
the only error the helper retries on — everything else propagates immediately.
|
|
41
|
+
|
|
42
|
+
## When to use it
|
|
43
|
+
|
|
44
|
+
- Use it from biome workflow activities that make authenticated outbound calls
|
|
45
|
+
to an external provider.
|
|
46
|
+
- Reach for `withIntegrationToken` when you want automatic re-mint-and-retry on
|
|
47
|
+
a single expired-token failure.
|
|
48
|
+
|
|
49
|
+
## Installation
|
|
50
|
+
|
|
51
|
+
```bash
|
|
52
|
+
pnpm add @xemahq/biome-activity-sdk
|
|
53
|
+
```
|
|
54
|
+
|
|
55
|
+
## Usage
|
|
56
|
+
|
|
57
|
+
```ts
|
|
58
|
+
import { withIntegrationToken, IntegrationAuthError } from '@xemahq/biome-activity-sdk';
|
|
59
|
+
import { CredentialKind } from '@xemahq/connector-contracts';
|
|
60
|
+
|
|
61
|
+
const result = await withIntegrationToken(
|
|
62
|
+
{ adapterKind: 'scm', provider: 'GITHUB', credentialKind: CredentialKind.AppInstall, userId: ctx.actorId },
|
|
63
|
+
async (token) => {
|
|
64
|
+
const res = await fetch(url, { headers: { Authorization: `Bearer ${token.accessToken}` } });
|
|
65
|
+
if (res.status === 401) throw new IntegrationAuthError(401);
|
|
66
|
+
if (!res.ok) throw new Error(`HTTP ${res.status}`);
|
|
67
|
+
return res.json();
|
|
68
|
+
},
|
|
69
|
+
);
|
|
70
|
+
```
|
|
71
|
+
|
|
72
|
+
## License
|
|
73
|
+
|
|
74
|
+
Proprietary — © Xema. All rights reserved. — [xema.dev](https://xema.dev)
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,8BAA8B,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./lib/with-integration-token"), exports);
|
|
18
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+DAA6C"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import type { CredentialKind, MintedToken, ResourceRef } from '@xemahq/kernel-contracts/connector';
|
|
2
|
+
export interface WithIntegrationTokenInput {
|
|
3
|
+
readonly adapterKind: string;
|
|
4
|
+
readonly provider: string;
|
|
5
|
+
readonly credentialKind: CredentialKind;
|
|
6
|
+
readonly userId: string;
|
|
7
|
+
readonly resourceRef?: ResourceRef;
|
|
8
|
+
}
|
|
9
|
+
export declare class IntegrationAuthError extends Error {
|
|
10
|
+
readonly status: number;
|
|
11
|
+
constructor(status: number, message?: string);
|
|
12
|
+
}
|
|
13
|
+
export declare function withIntegrationToken<T>(input: WithIntegrationTokenInput, fn: (token: MintedToken) => Promise<T>): Promise<T>;
|
|
14
|
+
//# sourceMappingURL=with-integration-token.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"with-integration-token.d.ts","sourceRoot":"","sources":["../../src/lib/with-integration-token.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,cAAc,EACd,WAAW,EACX,WAAW,EACZ,MAAM,oCAAoC,CAAC;AAY5C,MAAM,WAAW,yBAAyB;IACxC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,WAAW,CAAC,EAAE,WAAW,CAAC;CACpC;AAcD,qBAAa,oBAAqB,SAAQ,KAAK;IAC7C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBACZ,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM;CAK7C;AAyBD,wBAAsB,oBAAoB,CAAC,CAAC,EAC1C,KAAK,EAAE,yBAAyB,EAChC,EAAE,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,GACrC,OAAO,CAAC,CAAC,CAAC,CAgBZ"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.IntegrationAuthError = void 0;
|
|
4
|
+
exports.withIntegrationToken = withIntegrationToken;
|
|
5
|
+
const connector_gateway_api_client_1 = require("@xemahq/connector-gateway-api-client");
|
|
6
|
+
class IntegrationAuthError extends Error {
|
|
7
|
+
status;
|
|
8
|
+
constructor(status, message) {
|
|
9
|
+
super(message ?? `Integration auth failed with status ${status}`);
|
|
10
|
+
this.name = 'IntegrationAuthError';
|
|
11
|
+
this.status = status;
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
exports.IntegrationAuthError = IntegrationAuthError;
|
|
15
|
+
async function withIntegrationToken(input, fn) {
|
|
16
|
+
const first = await mint(input);
|
|
17
|
+
try {
|
|
18
|
+
return await fn(first);
|
|
19
|
+
}
|
|
20
|
+
catch (cause) {
|
|
21
|
+
if (cause instanceof IntegrationAuthError) {
|
|
22
|
+
const second = await mint(input);
|
|
23
|
+
return fn(second);
|
|
24
|
+
}
|
|
25
|
+
throw cause;
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
async function mint(input) {
|
|
29
|
+
const envelope = await (0, connector_gateway_api_client_1.credentialsControllerResolve)({
|
|
30
|
+
adapterKind: input.adapterKind,
|
|
31
|
+
provider: input.provider,
|
|
32
|
+
credentialKind: input.credentialKind,
|
|
33
|
+
userId: input.userId,
|
|
34
|
+
...(input.resourceRef
|
|
35
|
+
? {
|
|
36
|
+
resourceRef: {
|
|
37
|
+
type: input.resourceRef.type,
|
|
38
|
+
id: input.resourceRef.id,
|
|
39
|
+
},
|
|
40
|
+
}
|
|
41
|
+
: {}),
|
|
42
|
+
});
|
|
43
|
+
return envelope.data;
|
|
44
|
+
}
|
|
45
|
+
//# sourceMappingURL=with-integration-token.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"with-integration-token.js","sourceRoot":"","sources":["../../src/lib/with-integration-token.ts"],"names":[],"mappings":";;;AAqEA,oDAmBC;AAxFD,uFAAoF;AAqCpF,MAAa,oBAAqB,SAAQ,KAAK;IACpC,MAAM,CAAS;IACxB,YAAY,MAAc,EAAE,OAAgB;QAC1C,KAAK,CAAC,OAAO,IAAI,uCAAuC,MAAM,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAPD,oDAOC;AAyBM,KAAK,UAAU,oBAAoB,CACxC,KAAgC,EAChC,EAAsC;IAEtC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,oBAAoB,EAAE,CAAC;YAM1C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC;YACjC,OAAO,EAAE,CAAC,MAAM,CAAC,CAAC;QACpB,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI,CAAC,KAAgC;IAClD,MAAM,QAAQ,GAAG,MAAM,IAAA,2DAA4B,EAAC;QAClD,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,cAAc,EAAE,KAAK,CAAC,cAAmC;QACzD,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,GAAG,CAAC,KAAK,CAAC,WAAW;YACnB,CAAC,CAAC;gBACE,WAAW,EAAE;oBACX,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;oBAC5B,EAAE,EAAE,KAAK,CAAC,WAAW,CAAC,EAAE;iBACzB;aACF;YACH,CAAC,CAAC,EAAE,CAAC;KAC8C,CAAC,CAAC;IAKzD,OAAO,QAAQ,CAAC,IAA8B,CAAC;AACjD,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@xemahq/biome-activity-sdk",
|
|
3
|
+
"version": "0.1.1",
|
|
4
|
+
"description": "Activity-side helpers plugins use from inside workflow activities. Today: `withIntegrationToken` — mints a credential via integration-adapters-api, runs the caller's outbound request, and re-mints on a single 401 before giving up. Provider-neutral and credential-kind-neutral by design.",
|
|
5
|
+
"publishConfig": {
|
|
6
|
+
"registry": "https://npm.pkg.github.com"
|
|
7
|
+
},
|
|
8
|
+
"main": "dist/index.js",
|
|
9
|
+
"types": "dist/index.d.ts",
|
|
10
|
+
"files": [
|
|
11
|
+
"dist"
|
|
12
|
+
],
|
|
13
|
+
"devDependencies": {
|
|
14
|
+
"@types/node": "25.2.3",
|
|
15
|
+
"prettier": "3.6.2",
|
|
16
|
+
"typescript": "5.9.3"
|
|
17
|
+
},
|
|
18
|
+
"dependencies": {
|
|
19
|
+
"@xemahq/kernel-contracts": "^0.2.0",
|
|
20
|
+
"@xemahq/connector-gateway-api-client": "0.1.2"
|
|
21
|
+
},
|
|
22
|
+
"exports": {
|
|
23
|
+
".": {
|
|
24
|
+
"types": "./dist/index.d.ts",
|
|
25
|
+
"xema-source": "./src/index.ts",
|
|
26
|
+
"default": "./dist/index.js"
|
|
27
|
+
}
|
|
28
|
+
},
|
|
29
|
+
"scripts": {
|
|
30
|
+
"clean": "rm -rf dist",
|
|
31
|
+
"build": "tsc -p tsconfig.json",
|
|
32
|
+
"format": "prettier --write \"src/**/*.ts\"",
|
|
33
|
+
"typecheck": "tsc -p tsconfig.json --noEmit"
|
|
34
|
+
}
|
|
35
|
+
}
|