npm - astro-tokenkit - Versions diffs - 1.0.2 → 1.0.6 - Mend

astro-tokenkit 1.0.2 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,6 +1,353 @@
-export { createClient, APIClient } from './client/client';
-export { tokenKit, defineMiddleware } from './integration';
-export { createMiddleware } from './middleware';
-export type { ClientConfig, AuthConfig, RefreshPolicy, CookieConfig, RetryConfig, RequestOptions, RequestConfig, APIResponse, Session, TokenBundle, FieldMapping, RequestInterceptor, ResponseInterceptor, ErrorInterceptor, TokenKitContext } from './types';
-export { APIError, AuthError, NetworkError, TimeoutError, } from './types';
-export { parseTime, formatTime } from './utils/time';
+import * as astro from 'astro';
+import { AstroCookies, AstroIntegration, MiddlewareHandler } from 'astro';
+import { AsyncLocalStorage } from 'node:async_hooks';
+/**
+ * Token bundle returned from auth endpoints
+ */
+interface TokenBundle {
+    accessToken: string;
+    refreshToken: string;
+    accessExpiresAt: number;
+    refreshExpiresAt?: number;
+    sessionPayload?: Record<string, any>;
+}
+/**
+ * Minimal context required by TokenKit
+ */
+interface TokenKitContext {
+    cookies: AstroCookies;
+    [key: string]: any;
+}
+/**
+ * Session information
+ */
+interface Session {
+    accessToken: string;
+    expiresAt: number;
+    payload?: Record<string, any>;
+}
+/**
+ * Request options
+ */
+interface RequestOptions {
+    /** Astro context (optional if middleware binds it) */
+    ctx?: TokenKitContext;
+    /** Additional headers */
+    headers?: Record<string, string>;
+    /** Request timeout in ms */
+    timeout?: number;
+    /** Query parameters */
+    params?: Record<string, any>;
+    /** Skip authentication for this request */
+    skipAuth?: boolean;
+    /** Custom signal for cancellation */
+    signal?: AbortSignal;
+}
+/**
+ * Request configuration
+ */
+interface RequestConfig extends RequestOptions {
+    method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    url: string;
+    data?: any;
+}
+/**
+ * HTTP response
+ */
+interface APIResponse<T = any> {
+    data: T;
+    status: number;
+    statusText: string;
+    headers: Headers;
+    url: string;
+}
+/**
+ * Field mapping for auto-detection
+ */
+interface FieldMapping {
+    accessToken?: string;
+    refreshToken?: string;
+    expiresAt?: string;
+    expiresIn?: string;
+    sessionPayload?: string;
+}
+/**
+ * Auth configuration
+ */
+interface AuthConfig {
+    /** Login endpoint (relative to baseURL) */
+    login: string;
+    /** Refresh endpoint (relative to baseURL) */
+    refresh: string;
+    /** Logout endpoint (optional, relative to baseURL) */
+    logout?: string;
+    /** Field mapping (auto-detected if not provided) */
+    fields?: FieldMapping;
+    /** Custom login response parser */
+    parseLogin?: (body: any) => TokenBundle;
+    /** Custom refresh response parser */
+    parseRefresh?: (body: any) => TokenBundle;
+    /** Callback after successful login */
+    onLogin?: (bundle: TokenBundle, body: any, ctx: TokenKitContext) => void | Promise<void>;
+    /** Custom token injection function (default: Bearer) */
+    injectToken?: (token: string) => string;
+    /** Refresh policy */
+    policy?: RefreshPolicy;
+    /** Cookie configuration */
+    cookies?: CookieConfig;
+}
+/**
+ * Refresh policy
+ */
+interface RefreshPolicy {
+    /** Refresh before expiry (e.g., '5m' or 300) */
+    refreshBefore?: string | number;
+    /** Clock skew tolerance (e.g., '1m' or 60) */
+    clockSkew?: string | number;
+    /** Minimum interval between refreshes (e.g., '30s' or 30) */
+    minInterval?: string | number;
+}
+/**
+ * Cookie configuration
+ */
+interface CookieConfig {
+    /** Secure flag (auto-detected from NODE_ENV if not set) */
+    secure?: boolean;
+    /** SameSite policy */
+    sameSite?: 'strict' | 'lax' | 'none';
+    /** Cookie domain */
+    domain?: string;
+    /** Cookie names prefix */
+    prefix?: string;
+}
+/**
+ * Retry configuration
+ */
+interface RetryConfig {
+    /** Number of retry attempts */
+    attempts?: number;
+    /** Status codes to retry */
+    statusCodes?: number[];
+    /** Backoff strategy */
+    backoff?: 'linear' | 'exponential';
+    /** Initial delay in ms */
+    delay?: number;
+}
+/**
+ * Request interceptor
+ */
+type RequestInterceptor = (config: RequestConfig, ctx?: TokenKitContext) => RequestConfig | Promise<RequestConfig>;
+/**
+ * Response interceptor
+ */
+type ResponseInterceptor = <T = any>(response: APIResponse<T>, ctx?: TokenKitContext) => APIResponse<T> | Promise<APIResponse<T>>;
+/**
+ * Error interceptor
+ */
+type ErrorInterceptor = (error: APIError, ctx?: TokenKitContext) => never | Promise<never>;
+/**
+ * Interceptors configuration
+ */
+interface InterceptorsConfig {
+    request?: RequestInterceptor[];
+    response?: ResponseInterceptor[];
+    error?: ErrorInterceptor[];
+}
+/**
+ * Client configuration
+ */
+interface ClientConfig {
+    /** Base URL for all requests */
+    baseURL: string;
+    /** Auth configuration (optional for non-auth clients) */
+    auth?: AuthConfig;
+    /** Default headers for all requests */
+    headers?: Record<string, string>;
+    /** Default timeout in ms */
+    timeout?: number;
+    /** Retry configuration */
+    retry?: RetryConfig;
+    /** Interceptors */
+    interceptors?: InterceptorsConfig;
+    /** External AsyncLocalStorage instance (optional) */
+    context?: AsyncLocalStorage<any>;
+    /** Method to get the context store (optional) */
+    getContextStore?: () => TokenKitContext | undefined | null;
+}
+/**
+ * API Error
+ */
+declare class APIError extends Error {
+    status?: number | undefined;
+    response?: any | undefined;
+    request?: RequestConfig | undefined;
+    constructor(message: string, status?: number | undefined, response?: any | undefined, request?: RequestConfig | undefined);
+}
+/**
+ * Authentication Error
+ */
+declare class AuthError extends APIError {
+    constructor(message: string, status?: number, response?: any, request?: RequestConfig);
+}
+/**
+ * Network Error
+ */
+declare class NetworkError extends APIError {
+    constructor(message: string, request?: RequestConfig);
+}
+/**
+ * Timeout Error
+ */
+declare class TimeoutError extends APIError {
+    constructor(message: string, request?: RequestConfig);
+}
+/**
+ * Token Manager handles all token operations
+ */
+declare class TokenManager {
+    private config;
+    private singleFlight;
+    private baseURL;
+    constructor(config: AuthConfig, baseURL: string);
+    /**
+     * Perform login
+     */
+    login(ctx: TokenKitContext, credentials: any): Promise<TokenBundle>;
+    /**
+     * Perform token refresh
+     */
+    refresh(ctx: TokenKitContext, refreshToken: string): Promise<TokenBundle | null>;
+    /**
+     * Internal refresh implementation
+     */
+    private performRefresh;
+    /**
+     * Ensure valid tokens (with automatic refresh)
+     */
+    ensure(ctx: TokenKitContext): Promise<Session | null>;
+    /**
+     * Logout (clear tokens)
+     */
+    logout(ctx: TokenKitContext): Promise<void>;
+    /**
+     * Get current session (no refresh)
+     */
+    getSession(ctx: TokenKitContext): Session | null;
+    /**
+     * Check if authenticated
+     */
+    isAuthenticated(ctx: TokenKitContext): boolean;
+    /**
+     * Create flight key for single-flight deduplication
+     */
+    private createFlightKey;
+}
+/**
+ * Configuration for context handling
+ */
+interface ContextOptions {
+    context?: AsyncLocalStorage<any>;
+    getContextStore?: () => TokenKitContext | undefined | null;
+}
+/**
+ * API Client
+ */
+declare class APIClient {
+    tokenManager?: TokenManager;
+    private config;
+    contextOptions: ContextOptions;
+    constructor(config: ClientConfig);
+    /**
+     * GET request
+     */
+    get<T = any>(url: string, options?: RequestOptions): Promise<T>;
+    /**
+     * POST request
+     */
+    post<T = any>(url: string, data?: any, options?: RequestOptions): Promise<T>;
+    /**
+     * PUT request
+     */
+    put<T = any>(url: string, data?: any, options?: RequestOptions): Promise<T>;
+    /**
+     * PATCH request
+     */
+    patch<T = any>(url: string, data?: any, options?: RequestOptions): Promise<T>;
+    /**
+     * DELETE request
+     */
+    delete<T = any>(url: string, options?: RequestOptions): Promise<T>;
+    /**
+     * Generic request method
+     */
+    request<T = any>(config: RequestConfig): Promise<T>;
+    /**
+     * Execute single request
+     */
+    private executeRequest;
+    /**
+     * Parse response
+     */
+    private parseResponse;
+    /**
+     * Build full URL with query params
+     */
+    private buildURL;
+    /**
+     * Build request headers
+     */
+    private buildHeaders;
+    /**
+     * Login
+     */
+    login(credentials: any, ctx?: TokenKitContext): Promise<void>;
+    /**
+     * Logout
+     */
+    logout(ctx?: TokenKitContext): Promise<void>;
+    /**
+     * Check if authenticated
+     */
+    isAuthenticated(ctx?: TokenKitContext): boolean;
+    /**
+     * Get current session
+     */
+    getSession(ctx?: TokenKitContext): Session | null;
+}
+/**
+ * Create API client
+ */
+declare function createClient(config: ClientConfig): APIClient;
+/**
+ * Astro integration for TokenKit
+ *
+ * This integration facilitates the setup of TokenKit in an Astro project.
+ */
+declare function tokenKit(client?: APIClient): AstroIntegration;
+/**
+ * Helper to define middleware in a separate file if needed
+ */
+declare const defineMiddleware: (client: APIClient) => astro.MiddlewareHandler;
+/**
+ * Create middleware for context binding and automatic token rotation
+ */
+declare function createMiddleware(client: APIClient): MiddlewareHandler;
+/**
+ * Parse time string to seconds
+ * Supports: '5m', '30s', '1h', '2d'
+ */
+declare function parseTime(input: string | number): number;
+/**
+ * Format seconds to human-readable string
+ */
+declare function formatTime(seconds: number): string;
+export { APIClient, APIError, AuthError, NetworkError, TimeoutError, createClient, createMiddleware, defineMiddleware, formatTime, parseTime, tokenKit };
+export type { APIResponse, AuthConfig, ClientConfig, CookieConfig, ErrorInterceptor, FieldMapping, RefreshPolicy, RequestConfig, RequestInterceptor, RequestOptions, ResponseInterceptor, RetryConfig, Session, TokenBundle, TokenKitContext };

package/dist/index.js CHANGED Viewed

@@ -420,17 +420,29 @@ class TokenManager {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify(credentials),
+            }).catch(error => {
+                throw new AuthError(`Login request failed: ${error.message}`);
             });
             if (!response.ok) {
-                throw new Error(`Login failed: ${response.status} ${response.statusText}`);
+                throw new AuthError(`Login failed: ${response.status} ${response.statusText}`, response.status, response);
             }
-            const body = yield response.json();
+            const body = yield response.json().catch(() => ({}));
             // Parse response
-            const bundle = this.config.parseLogin
-                ? this.config.parseLogin(body)
-                : autoDetectFields(body, this.config.fields);
+            let bundle;
+            try {
+                bundle = this.config.parseLogin
+                    ? this.config.parseLogin(body)
+                    : autoDetectFields(body, this.config.fields);
+            }
+            catch (error) {
+                throw new AuthError(`Invalid login response: ${error.message}`, response.status, response);
+            }
             // Store in cookies
             storeTokens(ctx, bundle, this.config.cookies);
+            // Call onLogin callback if provided
+            if (this.config.onLogin) {
+                yield this.config.onLogin(bundle, body, ctx);
+            }
             return bundle;
         });
     }
@@ -439,38 +451,54 @@ class TokenManager {
      */
     refresh(ctx, refreshToken) {
         return __awaiter(this, void 0, void 0, function* () {
-            const url = this.baseURL + this.config.refresh;
             try {
-                const response = yield fetch(url, {
-                    method: 'POST',
-                    headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify({ refreshToken }),
-                });
-                if (!response.ok) {
-                    // 401/403 = invalid refresh token
-                    if (response.status === 401 || response.status === 403) {
-                        clearTokens(ctx, this.config.cookies);
-                        return null;
-                    }
-                    throw new Error(`Refresh failed: ${response.status} ${response.statusText}`);
+                return yield this.performRefresh(ctx, refreshToken);
+            }
+            catch (error) {
+                clearTokens(ctx, this.config.cookies);
+                throw error;
+            }
+        });
+    }
+    /**
+     * Internal refresh implementation
+     */
+    performRefresh(ctx, refreshToken) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const url = this.baseURL + this.config.refresh;
+            const response = yield fetch(url, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ refreshToken }),
+            }).catch(error => {
+                throw new AuthError(`Refresh request failed: ${error.message}`);
+            });
+            if (!response.ok) {
+                // 401/403 = invalid refresh token
+                if (response.status === 401 || response.status === 403) {
+                    clearTokens(ctx, this.config.cookies);
+                    return null;
                 }
-                const body = yield response.json();
-                // Parse response
-                const bundle = this.config.parseRefresh
+                throw new AuthError(`Refresh failed: ${response.status} ${response.statusText}`, response.status, response);
+            }
+            const body = yield response.json().catch(() => ({}));
+            // Parse response
+            let bundle;
+            try {
+                bundle = this.config.parseRefresh
                     ? this.config.parseRefresh(body)
                     : autoDetectFields(body, this.config.fields);
-                // Validate bundle
-                if (!bundle.accessToken || !bundle.refreshToken || !bundle.accessExpiresAt) {
-                    throw new Error('Invalid token bundle returned from refresh endpoint');
-                }
-                // Store new tokens
-                storeTokens(ctx, bundle, this.config.cookies);
-                return bundle;
             }
             catch (error) {
-                clearTokens(ctx, this.config.cookies);
-                throw error;
+                throw new AuthError(`Invalid refresh response: ${error.message}`, response.status, response);
+            }
+            // Validate bundle
+            if (!bundle.accessToken || !bundle.refreshToken || !bundle.accessExpiresAt) {
+                throw new AuthError('Invalid token bundle returned from refresh endpoint', response.status, response);
             }
+            // Store new tokens
+            storeTokens(ctx, bundle, this.config.cookies);
+            return bundle;
         });
     }
     /**