@xpert-ai/plugin-sdk 3.11.2 → 3.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/index.cjs.js +80 -0
- package/index.esm.js +77 -2
- package/package.json +1 -1
- package/src/lib/core/index.d.ts +1 -0
- package/src/lib/core/permissions/general.d.ts +11 -0
- package/src/lib/core/permissions/index.d.ts +3 -1
- package/src/lib/core/permissions/speech-to-text.d.ts +41 -0
- package/src/lib/core/webhook.d.ts +41 -0
package/CHANGELOG.md
CHANGED
package/index.cjs.js
CHANGED
|
@@ -132,6 +132,11 @@ function __decorate(decorators, target, key, desc) {
|
|
|
132
132
|
else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
133
133
|
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
134
134
|
}
|
|
135
|
+
function __param(paramIndex, decorator) {
|
|
136
|
+
return function(target, key) {
|
|
137
|
+
decorator(target, key, paramIndex);
|
|
138
|
+
};
|
|
139
|
+
}
|
|
135
140
|
function __metadata(metadataKey, metadataValue) {
|
|
136
141
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue);
|
|
137
142
|
}
|
|
@@ -1123,6 +1128,13 @@ function getRequiredPermissionOperation(method, permissionType) {
|
|
|
1123
1128
|
* System token for resolving user permission service from plugin context.
|
|
1124
1129
|
*/ const USER_PERMISSION_SERVICE_TOKEN = 'XPERT_PLUGIN_USER_PERMISSION_SERVICE';
|
|
1125
1130
|
|
|
1131
|
+
/**
|
|
1132
|
+
* System token for resolving speech-to-text service from plugin context.
|
|
1133
|
+
*/ const SPEECH_TO_TEXT_PERMISSION_SERVICE_TOKEN = 'XPERT_PLUGIN_SPEECH_TO_TEXT_PERMISSION_SERVICE';
|
|
1134
|
+
/**
|
|
1135
|
+
* Internal system token used by core to expose the speech-to-text bridge.
|
|
1136
|
+
*/ const SPEECH_TO_TEXT_SERVICE_TOKEN = 'XPERT_SPEECH_TO_TEXT_SERVICE';
|
|
1137
|
+
|
|
1126
1138
|
async function createI18nInstance(pluginDir, language) {
|
|
1127
1139
|
const instance = i18next.createInstance();
|
|
1128
1140
|
const i18nDir = path.join(pluginDir, 'i18n');
|
|
@@ -1225,6 +1237,69 @@ class JsonSchemaValidator {
|
|
|
1225
1237
|
}
|
|
1226
1238
|
}
|
|
1227
1239
|
|
|
1240
|
+
const PLUGIN_WEBHOOK_AUTH_METADATA_KEY = 'xpert:plugin:webhook-auth';
|
|
1241
|
+
const PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN = 'XPERT_PLUGIN_WEBHOOK_AUTH_SERVICE';
|
|
1242
|
+
function PluginWebhookAuth(metadata = {}) {
|
|
1243
|
+
return common.SetMetadata(PLUGIN_WEBHOOK_AUTH_METADATA_KEY, _extends({
|
|
1244
|
+
integrationParam: 'id',
|
|
1245
|
+
secretQueryParam: 'secret'
|
|
1246
|
+
}, metadata));
|
|
1247
|
+
}
|
|
1248
|
+
exports.PluginWebhookAuthGuard = class PluginWebhookAuthGuard {
|
|
1249
|
+
async canActivate(context) {
|
|
1250
|
+
var _request_params, _request_query;
|
|
1251
|
+
const metadata = this.resolveMetadata(context);
|
|
1252
|
+
if (!metadata) {
|
|
1253
|
+
return true;
|
|
1254
|
+
}
|
|
1255
|
+
const request = context.switchToHttp().getRequest();
|
|
1256
|
+
const integrationParam = metadata.integrationParam || 'id';
|
|
1257
|
+
const secretQueryParam = metadata.secretQueryParam || 'secret';
|
|
1258
|
+
const integrationId = this.getString((_request_params = request.params) == null ? void 0 : _request_params[integrationParam]);
|
|
1259
|
+
const secret = this.getString((_request_query = request.query) == null ? void 0 : _request_query[secretQueryParam]);
|
|
1260
|
+
if (!integrationId || !secret) {
|
|
1261
|
+
throw new common.UnauthorizedException('Plugin webhook secret is required');
|
|
1262
|
+
}
|
|
1263
|
+
const authService = this.authService;
|
|
1264
|
+
if (!authService) {
|
|
1265
|
+
throw new common.UnauthorizedException('Plugin webhook auth service is not available');
|
|
1266
|
+
}
|
|
1267
|
+
const principalContext = await authService.validateWebhookSecret({
|
|
1268
|
+
integrationId,
|
|
1269
|
+
secret,
|
|
1270
|
+
provider: metadata.provider
|
|
1271
|
+
});
|
|
1272
|
+
if (!(principalContext == null ? void 0 : principalContext.user) || !principalContext.headers) {
|
|
1273
|
+
throw new common.UnauthorizedException('Plugin webhook secret is invalid');
|
|
1274
|
+
}
|
|
1275
|
+
request.user = principalContext.user;
|
|
1276
|
+
var _request_headers;
|
|
1277
|
+
request.headers = _extends({}, (_request_headers = request.headers) != null ? _request_headers : {}, principalContext.headers);
|
|
1278
|
+
return true;
|
|
1279
|
+
}
|
|
1280
|
+
resolveMetadata(context) {
|
|
1281
|
+
var _Reflect_getMetadata, _ref;
|
|
1282
|
+
return (_ref = (_Reflect_getMetadata = Reflect.getMetadata(PLUGIN_WEBHOOK_AUTH_METADATA_KEY, context.getHandler())) != null ? _Reflect_getMetadata : Reflect.getMetadata(PLUGIN_WEBHOOK_AUTH_METADATA_KEY, context.getClass())) != null ? _ref : null;
|
|
1283
|
+
}
|
|
1284
|
+
getString(value) {
|
|
1285
|
+
if (typeof value !== 'string') {
|
|
1286
|
+
return '';
|
|
1287
|
+
}
|
|
1288
|
+
return value.trim();
|
|
1289
|
+
}
|
|
1290
|
+
constructor(authService){
|
|
1291
|
+
this.authService = authService;
|
|
1292
|
+
}
|
|
1293
|
+
};
|
|
1294
|
+
exports.PluginWebhookAuthGuard = __decorate([
|
|
1295
|
+
common.Injectable(),
|
|
1296
|
+
__param(0, common.Optional()),
|
|
1297
|
+
__param(0, common.Inject(PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN)),
|
|
1298
|
+
__metadata("design:paramtypes", [
|
|
1299
|
+
Object
|
|
1300
|
+
])
|
|
1301
|
+
], exports.PluginWebhookAuthGuard);
|
|
1302
|
+
|
|
1228
1303
|
const DATASOURCE_STRATEGY = 'DATASOURCE_STRATEGY';
|
|
1229
1304
|
const DataSourceStrategy = (provider)=>common.applyDecorators(common.SetMetadata(DATASOURCE_STRATEGY, provider), common.SetMetadata(STRATEGY_META_KEY, DATASOURCE_STRATEGY));
|
|
1230
1305
|
|
|
@@ -4516,12 +4591,15 @@ exports.PERMISSION_OPERATION_METADATA_KEY = PERMISSION_OPERATION_METADATA_KEY;
|
|
|
4516
4591
|
exports.PLUGIN_CONFIG_RESOLVER_TOKEN = PLUGIN_CONFIG_RESOLVER_TOKEN;
|
|
4517
4592
|
exports.PLUGIN_METADATA = PLUGIN_METADATA;
|
|
4518
4593
|
exports.PLUGIN_METADATA_KEY = PLUGIN_METADATA_KEY;
|
|
4594
|
+
exports.PLUGIN_WEBHOOK_AUTH_METADATA_KEY = PLUGIN_WEBHOOK_AUTH_METADATA_KEY;
|
|
4595
|
+
exports.PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN = PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN;
|
|
4519
4596
|
exports.PROVIDE_AI_MODEL_LLM = PROVIDE_AI_MODEL_LLM;
|
|
4520
4597
|
exports.PROVIDE_AI_MODEL_MODERATION = PROVIDE_AI_MODEL_MODERATION;
|
|
4521
4598
|
exports.PROVIDE_AI_MODEL_RERANK = PROVIDE_AI_MODEL_RERANK;
|
|
4522
4599
|
exports.PROVIDE_AI_MODEL_SPEECH2TEXT = PROVIDE_AI_MODEL_SPEECH2TEXT;
|
|
4523
4600
|
exports.PROVIDE_AI_MODEL_TEXT_EMBEDDING = PROVIDE_AI_MODEL_TEXT_EMBEDDING;
|
|
4524
4601
|
exports.PROVIDE_AI_MODEL_TTS = PROVIDE_AI_MODEL_TTS;
|
|
4602
|
+
exports.PluginWebhookAuth = PluginWebhookAuth;
|
|
4525
4603
|
exports.RETRIEVER_STRATEGY = RETRIEVER_STRATEGY;
|
|
4526
4604
|
exports.RequestContext = RequestContext;
|
|
4527
4605
|
exports.RequirePermissionOperation = RequirePermissionOperation;
|
|
@@ -4530,6 +4608,8 @@ exports.RetrieverStrategy = RetrieverStrategy;
|
|
|
4530
4608
|
exports.SANDBOX_PROVIDER = SANDBOX_PROVIDER;
|
|
4531
4609
|
exports.SANDBOX_SHELL_TIMEOUT_LIMITS_SEC = SANDBOX_SHELL_TIMEOUT_LIMITS_SEC;
|
|
4532
4610
|
exports.SKILL_SOURCE_PROVIDER = SKILL_SOURCE_PROVIDER;
|
|
4611
|
+
exports.SPEECH_TO_TEXT_PERMISSION_SERVICE_TOKEN = SPEECH_TO_TEXT_PERMISSION_SERVICE_TOKEN;
|
|
4612
|
+
exports.SPEECH_TO_TEXT_SERVICE_TOKEN = SPEECH_TO_TEXT_SERVICE_TOKEN;
|
|
4533
4613
|
exports.SSOProviderStrategyKey = SSOProviderStrategyKey;
|
|
4534
4614
|
exports.SSO_BINDING_PERMISSION_SERVICE_TOKEN = SSO_BINDING_PERMISSION_SERVICE_TOKEN;
|
|
4535
4615
|
exports.SSO_PROVIDER = SSO_PROVIDER;
|
package/index.esm.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { Module, Logger, applyDecorators, SetMetadata, HttpException, HttpStatus, BadRequestException, Injectable, Inject, NotFoundException, ForbiddenException } from '@nestjs/common';
|
|
1
|
+
import { Module, Logger, applyDecorators, SetMetadata, HttpException, HttpStatus, BadRequestException, Injectable, Inject, Optional, UnauthorizedException, NotFoundException, ForbiddenException } from '@nestjs/common';
|
|
2
2
|
import { MODULE_METADATA } from '@nestjs/common/constants';
|
|
3
3
|
import { pick } from 'lodash-es';
|
|
4
4
|
import { DiscoveryService, Reflector } from '@nestjs/core';
|
|
@@ -111,6 +111,11 @@ function __decorate(decorators, target, key, desc) {
|
|
|
111
111
|
else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
112
112
|
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
113
113
|
}
|
|
114
|
+
function __param(paramIndex, decorator) {
|
|
115
|
+
return function(target, key) {
|
|
116
|
+
decorator(target, key, paramIndex);
|
|
117
|
+
};
|
|
118
|
+
}
|
|
114
119
|
function __metadata(metadataKey, metadataValue) {
|
|
115
120
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue);
|
|
116
121
|
}
|
|
@@ -1102,6 +1107,13 @@ function getRequiredPermissionOperation(method, permissionType) {
|
|
|
1102
1107
|
* System token for resolving user permission service from plugin context.
|
|
1103
1108
|
*/ const USER_PERMISSION_SERVICE_TOKEN = 'XPERT_PLUGIN_USER_PERMISSION_SERVICE';
|
|
1104
1109
|
|
|
1110
|
+
/**
|
|
1111
|
+
* System token for resolving speech-to-text service from plugin context.
|
|
1112
|
+
*/ const SPEECH_TO_TEXT_PERMISSION_SERVICE_TOKEN = 'XPERT_PLUGIN_SPEECH_TO_TEXT_PERMISSION_SERVICE';
|
|
1113
|
+
/**
|
|
1114
|
+
* Internal system token used by core to expose the speech-to-text bridge.
|
|
1115
|
+
*/ const SPEECH_TO_TEXT_SERVICE_TOKEN = 'XPERT_SPEECH_TO_TEXT_SERVICE';
|
|
1116
|
+
|
|
1105
1117
|
async function createI18nInstance(pluginDir, language) {
|
|
1106
1118
|
const instance = createInstance();
|
|
1107
1119
|
const i18nDir = path__default.join(pluginDir, 'i18n');
|
|
@@ -1204,6 +1216,69 @@ class JsonSchemaValidator {
|
|
|
1204
1216
|
}
|
|
1205
1217
|
}
|
|
1206
1218
|
|
|
1219
|
+
const PLUGIN_WEBHOOK_AUTH_METADATA_KEY = 'xpert:plugin:webhook-auth';
|
|
1220
|
+
const PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN = 'XPERT_PLUGIN_WEBHOOK_AUTH_SERVICE';
|
|
1221
|
+
function PluginWebhookAuth(metadata = {}) {
|
|
1222
|
+
return SetMetadata(PLUGIN_WEBHOOK_AUTH_METADATA_KEY, _extends({
|
|
1223
|
+
integrationParam: 'id',
|
|
1224
|
+
secretQueryParam: 'secret'
|
|
1225
|
+
}, metadata));
|
|
1226
|
+
}
|
|
1227
|
+
let PluginWebhookAuthGuard = class PluginWebhookAuthGuard {
|
|
1228
|
+
async canActivate(context) {
|
|
1229
|
+
var _request_params, _request_query;
|
|
1230
|
+
const metadata = this.resolveMetadata(context);
|
|
1231
|
+
if (!metadata) {
|
|
1232
|
+
return true;
|
|
1233
|
+
}
|
|
1234
|
+
const request = context.switchToHttp().getRequest();
|
|
1235
|
+
const integrationParam = metadata.integrationParam || 'id';
|
|
1236
|
+
const secretQueryParam = metadata.secretQueryParam || 'secret';
|
|
1237
|
+
const integrationId = this.getString((_request_params = request.params) == null ? void 0 : _request_params[integrationParam]);
|
|
1238
|
+
const secret = this.getString((_request_query = request.query) == null ? void 0 : _request_query[secretQueryParam]);
|
|
1239
|
+
if (!integrationId || !secret) {
|
|
1240
|
+
throw new UnauthorizedException('Plugin webhook secret is required');
|
|
1241
|
+
}
|
|
1242
|
+
const authService = this.authService;
|
|
1243
|
+
if (!authService) {
|
|
1244
|
+
throw new UnauthorizedException('Plugin webhook auth service is not available');
|
|
1245
|
+
}
|
|
1246
|
+
const principalContext = await authService.validateWebhookSecret({
|
|
1247
|
+
integrationId,
|
|
1248
|
+
secret,
|
|
1249
|
+
provider: metadata.provider
|
|
1250
|
+
});
|
|
1251
|
+
if (!(principalContext == null ? void 0 : principalContext.user) || !principalContext.headers) {
|
|
1252
|
+
throw new UnauthorizedException('Plugin webhook secret is invalid');
|
|
1253
|
+
}
|
|
1254
|
+
request.user = principalContext.user;
|
|
1255
|
+
var _request_headers;
|
|
1256
|
+
request.headers = _extends({}, (_request_headers = request.headers) != null ? _request_headers : {}, principalContext.headers);
|
|
1257
|
+
return true;
|
|
1258
|
+
}
|
|
1259
|
+
resolveMetadata(context) {
|
|
1260
|
+
var _Reflect_getMetadata, _ref;
|
|
1261
|
+
return (_ref = (_Reflect_getMetadata = Reflect.getMetadata(PLUGIN_WEBHOOK_AUTH_METADATA_KEY, context.getHandler())) != null ? _Reflect_getMetadata : Reflect.getMetadata(PLUGIN_WEBHOOK_AUTH_METADATA_KEY, context.getClass())) != null ? _ref : null;
|
|
1262
|
+
}
|
|
1263
|
+
getString(value) {
|
|
1264
|
+
if (typeof value !== 'string') {
|
|
1265
|
+
return '';
|
|
1266
|
+
}
|
|
1267
|
+
return value.trim();
|
|
1268
|
+
}
|
|
1269
|
+
constructor(authService){
|
|
1270
|
+
this.authService = authService;
|
|
1271
|
+
}
|
|
1272
|
+
};
|
|
1273
|
+
PluginWebhookAuthGuard = __decorate([
|
|
1274
|
+
Injectable(),
|
|
1275
|
+
__param(0, Optional()),
|
|
1276
|
+
__param(0, Inject(PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN)),
|
|
1277
|
+
__metadata("design:paramtypes", [
|
|
1278
|
+
Object
|
|
1279
|
+
])
|
|
1280
|
+
], PluginWebhookAuthGuard);
|
|
1281
|
+
|
|
1207
1282
|
const DATASOURCE_STRATEGY = 'DATASOURCE_STRATEGY';
|
|
1208
1283
|
const DataSourceStrategy = (provider)=>applyDecorators(SetMetadata(DATASOURCE_STRATEGY, provider), SetMetadata(STRATEGY_META_KEY, DATASOURCE_STRATEGY));
|
|
1209
1284
|
|
|
@@ -4420,4 +4495,4 @@ function escapeHtmlAttribute(value) {
|
|
|
4420
4495
|
|
|
4421
4496
|
const VIEW_EXTENSION_CACHE_SERVICE_TOKEN = 'XPERT_PLUGIN_VIEW_EXTENSION_CACHE_SERVICE';
|
|
4422
4497
|
|
|
4423
|
-
export { ACCOUNT_BINDING_PERMISSION_SERVICE_TOKEN, AGENT_CHAT_DISPATCH_MESSAGE_TYPE, AGENT_MIDDLEWARE_STRATEGY, AIModelProviderNotFoundException, AIModelProviderRegistry, AIModelProviderStrategy, AI_MODEL_PROVIDER, ANALYTICS_PERMISSION_SERVICE_TOKEN, AdapterDataSourceStrategy, AgentMiddlewareRegistry, AgentMiddlewareStrategy, AiModelNotFoundException, AssistantTaskRuntimeCapability, BOUND_IDENTITY_LOGIN_PERMISSION_SERVICE_TOKEN, BaseHTTPQueryRunner, BaseQueryRunner, BaseSQLQueryRunner, BaseSandbox, BaseStrategyRegistry, BaseTool, BaseToolset, BuiltinToolset, CHAT_CHANNEL, CHAT_CHANNEL_TEXT_LIMITS, CancelConversationCommand, ChatChannel, ChatChannelRegistry, ChatOAICompatReasoningModel, CommonParameterRules, CreateModelClientCommand, CredentialsValidateFailedError, DATASOURCE_STRATEGY, DBCreateTableMode, DBProtocolEnum, DBSyntaxEnum, DBTableAction, DBTableDataAction, DEFAULT_EXECUTION_CONFIG, DEFAULT_SANDBOX_EXECUTION_MAX_OUTPUT_BYTES, DEFAULT_SANDBOX_FILE_OPERATION_EXECUTION_OPTIONS, DEFAULT_SANDBOX_FILE_OPERATION_TIMEOUT_MS, DEFAULT_SANDBOX_FILE_OPERATION_TIMEOUT_SEC, DEFAULT_SANDBOX_FILE_SEARCH_EXECUTION_OPTIONS, DEFAULT_SANDBOX_FILE_SEARCH_TIMEOUT_MS, DEFAULT_SANDBOX_FILE_SEARCH_TIMEOUT_SEC, DEFAULT_SANDBOX_SHELL_EXECUTION_OPTIONS, DEFAULT_SANDBOX_SHELL_TIMEOUT_MS, DEFAULT_SANDBOX_SHELL_TIMEOUT_SEC, DOCUMENT_SOURCE_STRATEGY, DOCUMENT_TRANSFORMER_STRATEGY, DataSourceStrategy, DataSourceStrategyRegistry, DefaultAgentMiddlewareRuntimeCapabilityRegistry, DocumentSourceRegistry, DocumentSourceStrategy, DocumentTransformerRegistry, DocumentTransformerStrategy, FILE_STORAGE_PROVIDER, FILE_UPLOAD_TARGET_STRATEGY, FileRuntimeCapability, FileStorageProvider, FileStorageProviderRegistry, FileUploadTargetRegistry, FileUploadTargetStrategy, GLOBAL_ORGANIZATION_SCOPE, HANDOFF_PERMISSION_SERVICE_TOKEN, HANDOFF_PROCESSOR_STRATEGY, HANDOFF_QUEUE_SERVICE_TOKEN, HandoffProcessorRegistry, HandoffProcessorStrategy, IMAGE_UNDERSTANDING_STRATEGY, INTEGRATION_PERMISSION_SERVICE_TOKEN, INTEGRATION_STRATEGY, ImageUnderstandingRegistry, ImageUnderstandingStrategy, IntegrationStrategyKey, IntegrationStrategyRegistry, JUMP_TO_TARGETS, JsonSchemaValidator, KNOWLEDGE_STRATEGY, KnowledgeStrategyKey, KnowledgeStrategyRegistry, KnowledgebaseDocumentsRuntimeCapability, KnowledgebaseRuntimeCapability, LLMUsage, LargeLanguageModel, ModelProvider, ORGANIZATION_METADATA_KEY, OpenAICompatibleReranker, PERMISSION_OPERATION_METADATA_KEY, PLUGIN_CONFIG_RESOLVER_TOKEN, PLUGIN_METADATA, PLUGIN_METADATA_KEY, PROVIDE_AI_MODEL_LLM, PROVIDE_AI_MODEL_MODERATION, PROVIDE_AI_MODEL_RERANK, PROVIDE_AI_MODEL_SPEECH2TEXT, PROVIDE_AI_MODEL_TEXT_EMBEDDING, PROVIDE_AI_MODEL_TTS, RETRIEVER_STRATEGY, RequestContext, RequestContextMiddleware, RequirePermissionOperation, RerankModel, RetrieverRegistry, RetrieverStrategy, SANDBOX_PROVIDER, SANDBOX_SHELL_TIMEOUT_LIMITS_SEC, SKILL_SOURCE_PROVIDER, SSOProviderRegistry, SSOProviderStrategyKey, SSO_BINDING_PERMISSION_SERVICE_TOKEN, SSO_PROVIDER, STRATEGY_META_KEY, SandboxProviderRegistry, SandboxProviderStrategy, SkillSourceProviderRegistry, SkillSourceProviderStrategy, Speech2TextChatModel, SpeechToTextModel, StrategyBus, TEXT_SPLITTER_STRATEGY, TOOLSET_STRATEGY, TextEmbeddingModelManager, TextSplitterRegistry, TextSplitterStrategy, TextToSpeechModel, ToolsetRegistry, ToolsetStrategy, USER_PERMISSION_SERVICE_TOKEN, VECTOR_STORE_STRATEGY, VIEW_EXTENSION_CACHE_SERVICE_TOKEN, VIEW_EXTENSION_PROVIDER, VectorStoreRegistry, VectorStoreStrategy, ViewExtensionProvider, ViewExtensionProviderRegistry, WORKFLOW_NODE_STRATEGY, WORKFLOW_TRIGGER_STRATEGY, WorkflowNodeRegistry, WorkflowNodeStrategy, WorkflowTriggerRegistry, WorkflowTriggerStrategy, WrapWorkflowNodeExecutionCommand, XPERT_RUNTIME_CAPABILITIES_TOKEN, XpFileSystem, XpertServerPlugin, als, appendSandboxMessage, buildSandboxTimeoutMessage, calcTokenUsage, chunkText, countTokensSafe, createI18nInstance, createPluginLogger, createRuntimeCapability, defineAgentMessageType, defineChannelMessageType, downloadRemoteFile, formatSandboxTimeout, getErrorMessage, getModelContextSize, getPermissionOperationMetadata, getPositionList, getPositionMap, getRequestContext, getRequiredPermissionOperation, isRemoteFile, isSandboxBackend, isSandboxManagedServiceAdapter, isSandboxServiceProxyAdapter, isSandboxTerminalAdapter, isStructuredMessageType, loadYamlFile, mergeCredentials, mergeParentChildChunks, normalizeContextSize, renderRemoteReactIframeHtml, resolveSandboxBackend, resolveSandboxExecutionOptions, resolveSandboxManagedServiceAdapter, resolveSandboxServiceProxyAdapter, resolveSandboxTerminalAdapter, runWithRequestContext, secondsToMilliseconds, sumTokenUsage };
|
|
4498
|
+
export { ACCOUNT_BINDING_PERMISSION_SERVICE_TOKEN, AGENT_CHAT_DISPATCH_MESSAGE_TYPE, AGENT_MIDDLEWARE_STRATEGY, AIModelProviderNotFoundException, AIModelProviderRegistry, AIModelProviderStrategy, AI_MODEL_PROVIDER, ANALYTICS_PERMISSION_SERVICE_TOKEN, AdapterDataSourceStrategy, AgentMiddlewareRegistry, AgentMiddlewareStrategy, AiModelNotFoundException, AssistantTaskRuntimeCapability, BOUND_IDENTITY_LOGIN_PERMISSION_SERVICE_TOKEN, BaseHTTPQueryRunner, BaseQueryRunner, BaseSQLQueryRunner, BaseSandbox, BaseStrategyRegistry, BaseTool, BaseToolset, BuiltinToolset, CHAT_CHANNEL, CHAT_CHANNEL_TEXT_LIMITS, CancelConversationCommand, ChatChannel, ChatChannelRegistry, ChatOAICompatReasoningModel, CommonParameterRules, CreateModelClientCommand, CredentialsValidateFailedError, DATASOURCE_STRATEGY, DBCreateTableMode, DBProtocolEnum, DBSyntaxEnum, DBTableAction, DBTableDataAction, DEFAULT_EXECUTION_CONFIG, DEFAULT_SANDBOX_EXECUTION_MAX_OUTPUT_BYTES, DEFAULT_SANDBOX_FILE_OPERATION_EXECUTION_OPTIONS, DEFAULT_SANDBOX_FILE_OPERATION_TIMEOUT_MS, DEFAULT_SANDBOX_FILE_OPERATION_TIMEOUT_SEC, DEFAULT_SANDBOX_FILE_SEARCH_EXECUTION_OPTIONS, DEFAULT_SANDBOX_FILE_SEARCH_TIMEOUT_MS, DEFAULT_SANDBOX_FILE_SEARCH_TIMEOUT_SEC, DEFAULT_SANDBOX_SHELL_EXECUTION_OPTIONS, DEFAULT_SANDBOX_SHELL_TIMEOUT_MS, DEFAULT_SANDBOX_SHELL_TIMEOUT_SEC, DOCUMENT_SOURCE_STRATEGY, DOCUMENT_TRANSFORMER_STRATEGY, DataSourceStrategy, DataSourceStrategyRegistry, DefaultAgentMiddlewareRuntimeCapabilityRegistry, DocumentSourceRegistry, DocumentSourceStrategy, DocumentTransformerRegistry, DocumentTransformerStrategy, FILE_STORAGE_PROVIDER, FILE_UPLOAD_TARGET_STRATEGY, FileRuntimeCapability, FileStorageProvider, FileStorageProviderRegistry, FileUploadTargetRegistry, FileUploadTargetStrategy, GLOBAL_ORGANIZATION_SCOPE, HANDOFF_PERMISSION_SERVICE_TOKEN, HANDOFF_PROCESSOR_STRATEGY, HANDOFF_QUEUE_SERVICE_TOKEN, HandoffProcessorRegistry, HandoffProcessorStrategy, IMAGE_UNDERSTANDING_STRATEGY, INTEGRATION_PERMISSION_SERVICE_TOKEN, INTEGRATION_STRATEGY, ImageUnderstandingRegistry, ImageUnderstandingStrategy, IntegrationStrategyKey, IntegrationStrategyRegistry, JUMP_TO_TARGETS, JsonSchemaValidator, KNOWLEDGE_STRATEGY, KnowledgeStrategyKey, KnowledgeStrategyRegistry, KnowledgebaseDocumentsRuntimeCapability, KnowledgebaseRuntimeCapability, LLMUsage, LargeLanguageModel, ModelProvider, ORGANIZATION_METADATA_KEY, OpenAICompatibleReranker, PERMISSION_OPERATION_METADATA_KEY, PLUGIN_CONFIG_RESOLVER_TOKEN, PLUGIN_METADATA, PLUGIN_METADATA_KEY, PLUGIN_WEBHOOK_AUTH_METADATA_KEY, PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN, PROVIDE_AI_MODEL_LLM, PROVIDE_AI_MODEL_MODERATION, PROVIDE_AI_MODEL_RERANK, PROVIDE_AI_MODEL_SPEECH2TEXT, PROVIDE_AI_MODEL_TEXT_EMBEDDING, PROVIDE_AI_MODEL_TTS, PluginWebhookAuth, PluginWebhookAuthGuard, RETRIEVER_STRATEGY, RequestContext, RequestContextMiddleware, RequirePermissionOperation, RerankModel, RetrieverRegistry, RetrieverStrategy, SANDBOX_PROVIDER, SANDBOX_SHELL_TIMEOUT_LIMITS_SEC, SKILL_SOURCE_PROVIDER, SPEECH_TO_TEXT_PERMISSION_SERVICE_TOKEN, SPEECH_TO_TEXT_SERVICE_TOKEN, SSOProviderRegistry, SSOProviderStrategyKey, SSO_BINDING_PERMISSION_SERVICE_TOKEN, SSO_PROVIDER, STRATEGY_META_KEY, SandboxProviderRegistry, SandboxProviderStrategy, SkillSourceProviderRegistry, SkillSourceProviderStrategy, Speech2TextChatModel, SpeechToTextModel, StrategyBus, TEXT_SPLITTER_STRATEGY, TOOLSET_STRATEGY, TextEmbeddingModelManager, TextSplitterRegistry, TextSplitterStrategy, TextToSpeechModel, ToolsetRegistry, ToolsetStrategy, USER_PERMISSION_SERVICE_TOKEN, VECTOR_STORE_STRATEGY, VIEW_EXTENSION_CACHE_SERVICE_TOKEN, VIEW_EXTENSION_PROVIDER, VectorStoreRegistry, VectorStoreStrategy, ViewExtensionProvider, ViewExtensionProviderRegistry, WORKFLOW_NODE_STRATEGY, WORKFLOW_TRIGGER_STRATEGY, WorkflowNodeRegistry, WorkflowNodeStrategy, WorkflowTriggerRegistry, WorkflowTriggerStrategy, WrapWorkflowNodeExecutionCommand, XPERT_RUNTIME_CAPABILITIES_TOKEN, XpFileSystem, XpertServerPlugin, als, appendSandboxMessage, buildSandboxTimeoutMessage, calcTokenUsage, chunkText, countTokensSafe, createI18nInstance, createPluginLogger, createRuntimeCapability, defineAgentMessageType, defineChannelMessageType, downloadRemoteFile, formatSandboxTimeout, getErrorMessage, getModelContextSize, getPermissionOperationMetadata, getPositionList, getPositionMap, getRequestContext, getRequiredPermissionOperation, isRemoteFile, isSandboxBackend, isSandboxManagedServiceAdapter, isSandboxServiceProxyAdapter, isSandboxTerminalAdapter, isStructuredMessageType, loadYamlFile, mergeCredentials, mergeParentChildChunks, normalizeContextSize, renderRemoteReactIframeHtml, resolveSandboxBackend, resolveSandboxExecutionOptions, resolveSandboxManagedServiceAdapter, resolveSandboxServiceProxyAdapter, resolveSandboxTerminalAdapter, runWithRequestContext, secondsToMilliseconds, sumTokenUsage };
|
package/package.json
CHANGED
package/src/lib/core/index.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { IIntegration, IPagination } from '@xpert-ai/contracts';
|
|
2
|
+
import type { PluginWebhookCredentialResult } from '../webhook';
|
|
2
3
|
/**
|
|
3
4
|
* Base Permission type
|
|
4
5
|
*/
|
|
@@ -69,4 +70,14 @@ export declare const INTEGRATION_PERMISSION_SERVICE_TOKEN = "XPERT_PLUGIN_INTEGR
|
|
|
69
70
|
export interface IntegrationPermissionService {
|
|
70
71
|
read<TIntegration = IIntegration>(id: string, options?: Record<string, any>): Promise<TIntegration | null>;
|
|
71
72
|
findAll<TIntegration = IIntegration>(options?: Record<string, any>): Promise<IPagination<TIntegration>>;
|
|
73
|
+
ensureWebhookCredential?(id: string, options?: {
|
|
74
|
+
provider?: string | null;
|
|
75
|
+
rotateIfRevoked?: boolean;
|
|
76
|
+
}): Promise<PluginWebhookCredentialResult | null>;
|
|
77
|
+
rotateWebhookCredential?(id: string, options?: {
|
|
78
|
+
provider?: string | null;
|
|
79
|
+
}): Promise<PluginWebhookCredentialResult | null>;
|
|
80
|
+
revokeWebhookCredential?(id: string, options?: {
|
|
81
|
+
provider?: string | null;
|
|
82
|
+
}): Promise<boolean>;
|
|
72
83
|
}
|
|
@@ -14,17 +14,19 @@ export * from './auth-login';
|
|
|
14
14
|
export * from './bound-identity-login';
|
|
15
15
|
export * from './sso-binding';
|
|
16
16
|
export * from './user';
|
|
17
|
+
export * from './speech-to-text';
|
|
17
18
|
import type { FileSystemPermission, IntegrationPermission, KnowledgePermission, LLMPermission, VectorStorePermission } from './general';
|
|
18
19
|
import type { AnalyticsPermission } from './analytics';
|
|
19
20
|
import type { AccountBindingPermission } from './account-binding';
|
|
20
21
|
import type { BoundIdentityLoginPermission } from './bound-identity-login';
|
|
21
22
|
import type { HandoffPermission } from './handoff';
|
|
23
|
+
import type { SpeechToTextPermission } from './speech-to-text';
|
|
22
24
|
import type { SsoBindingPermission } from './sso-binding';
|
|
23
25
|
import type { UserPermission } from './user';
|
|
24
26
|
/**
|
|
25
27
|
* Union type for all permissions
|
|
26
28
|
*/
|
|
27
|
-
export type Permission = LLMPermission | VectorStorePermission | KnowledgePermission | FileSystemPermission | IntegrationPermission | AnalyticsPermission | AccountBindingPermission | BoundIdentityLoginPermission | SsoBindingPermission | UserPermission | HandoffPermission;
|
|
29
|
+
export type Permission = LLMPermission | VectorStorePermission | KnowledgePermission | FileSystemPermission | IntegrationPermission | AnalyticsPermission | AccountBindingPermission | BoundIdentityLoginPermission | SsoBindingPermission | UserPermission | HandoffPermission | SpeechToTextPermission;
|
|
28
30
|
/**
|
|
29
31
|
* Permissions array type
|
|
30
32
|
*/
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
export type SpeechToTextPermissionOperation = 'transcribe';
|
|
2
|
+
/**
|
|
3
|
+
* Speech-to-text Permission
|
|
4
|
+
* Example: { type: 'speech_to_text', operations: ['transcribe'] }
|
|
5
|
+
*/
|
|
6
|
+
export interface SpeechToTextPermission {
|
|
7
|
+
type: 'speech_to_text';
|
|
8
|
+
operations?: SpeechToTextPermissionOperation[];
|
|
9
|
+
scope?: string[];
|
|
10
|
+
description?: string;
|
|
11
|
+
}
|
|
12
|
+
/**
|
|
13
|
+
* System token for resolving speech-to-text service from plugin context.
|
|
14
|
+
*/
|
|
15
|
+
export declare const SPEECH_TO_TEXT_PERMISSION_SERVICE_TOKEN = "XPERT_PLUGIN_SPEECH_TO_TEXT_PERMISSION_SERVICE";
|
|
16
|
+
/**
|
|
17
|
+
* Internal system token used by core to expose the speech-to-text bridge.
|
|
18
|
+
*/
|
|
19
|
+
export declare const SPEECH_TO_TEXT_SERVICE_TOKEN = "XPERT_SPEECH_TO_TEXT_SERVICE";
|
|
20
|
+
export interface SpeechToTextTranscribeFileInput {
|
|
21
|
+
data: Uint8Array;
|
|
22
|
+
originalName: string;
|
|
23
|
+
mimeType?: string;
|
|
24
|
+
size?: number;
|
|
25
|
+
}
|
|
26
|
+
export interface SpeechToTextTranscribeInput {
|
|
27
|
+
xpertId: string;
|
|
28
|
+
isDraft?: boolean;
|
|
29
|
+
tenantId?: string | null;
|
|
30
|
+
organizationId?: string | null;
|
|
31
|
+
file: SpeechToTextTranscribeFileInput;
|
|
32
|
+
}
|
|
33
|
+
export interface SpeechToTextTranscribeResult {
|
|
34
|
+
text: string;
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Speech-to-text service exposed to plugins under permission control.
|
|
38
|
+
*/
|
|
39
|
+
export interface SpeechToTextPermissionService {
|
|
40
|
+
transcribe(input: SpeechToTextTranscribeInput): Promise<SpeechToTextTranscribeResult>;
|
|
41
|
+
}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
import type { IApiPrincipal } from '@xpert-ai/contracts';
|
|
2
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
3
|
+
export declare const PLUGIN_WEBHOOK_AUTH_METADATA_KEY = "xpert:plugin:webhook-auth";
|
|
4
|
+
export declare const PLUGIN_WEBHOOK_AUTH_SERVICE_TOKEN = "XPERT_PLUGIN_WEBHOOK_AUTH_SERVICE";
|
|
5
|
+
export type PluginWebhookAuthMetadata = {
|
|
6
|
+
provider?: string;
|
|
7
|
+
integrationParam?: string;
|
|
8
|
+
secretQueryParam?: string;
|
|
9
|
+
};
|
|
10
|
+
export type PluginWebhookCredentialRecord = {
|
|
11
|
+
id: string;
|
|
12
|
+
tokenHash: string;
|
|
13
|
+
tokenPrefix?: string;
|
|
14
|
+
createdAt: string;
|
|
15
|
+
rotatedAt?: string | null;
|
|
16
|
+
revokedAt?: string | null;
|
|
17
|
+
};
|
|
18
|
+
export type PluginWebhookCredentialResult = {
|
|
19
|
+
token: string;
|
|
20
|
+
credential: PluginWebhookCredentialRecord;
|
|
21
|
+
};
|
|
22
|
+
export type PluginWebhookAuthRequest = {
|
|
23
|
+
integrationId: string;
|
|
24
|
+
secret: string;
|
|
25
|
+
provider?: string | null;
|
|
26
|
+
};
|
|
27
|
+
export type PluginWebhookAuthResult = {
|
|
28
|
+
user: IApiPrincipal;
|
|
29
|
+
headers: Record<string, string>;
|
|
30
|
+
};
|
|
31
|
+
export interface PluginWebhookAuthService {
|
|
32
|
+
validateWebhookSecret(input: PluginWebhookAuthRequest): Promise<PluginWebhookAuthResult | null>;
|
|
33
|
+
}
|
|
34
|
+
export declare function PluginWebhookAuth(metadata?: PluginWebhookAuthMetadata): import("@nestjs/common").CustomDecorator<string>;
|
|
35
|
+
export declare class PluginWebhookAuthGuard implements CanActivate {
|
|
36
|
+
private readonly authService?;
|
|
37
|
+
constructor(authService?: PluginWebhookAuthService | null);
|
|
38
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
39
|
+
private resolveMetadata;
|
|
40
|
+
private getString;
|
|
41
|
+
}
|