corsair 0.1.69 → 0.1.70
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-AEZOR7GA.js → chunk-275AZA6T.js} +1 -1
- package/dist/chunk-7SONQAHW.js +26 -0
- package/dist/core.d.ts +3 -3
- package/dist/core.js +1 -1
- package/dist/{index-DANE8UMK.d.ts → index-Cl9PJjsS.d.ts} +2 -2
- package/dist/{index-D3gJMi1B.d.ts → index-DKq1RoJC.d.ts} +7 -2
- package/dist/index.d.ts +3 -3
- package/dist/index.js +2 -2
- package/dist/oauth.js +1 -1
- package/dist/setup.d.ts +1 -1
- package/dist/setup.js +1 -1
- package/package.json +1 -1
- package/dist/chunk-XYRVJ76B.js +0 -26
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{i as w,j as C,k as S,
|
|
1
|
+
import{i as w,j as C,k as S,v as A,w as T}from"./chunk-7SONQAHW.js";import{a as _}from"./chunk-UBM25HVI.js";import{Kysely as I}from"kysely";import{ZodBoolean as M,ZodDate as R,ZodEnum as j,ZodNullable as D,ZodNumber as F,ZodObject as O,ZodOptional as x,ZodRecord as E,ZodString as K,ZodType as B}from"zod";var h={slack:{channels:{list:{}},users:{list:{}}},linear:{projects:{list:{}},issues:{list:{}},users:{list:{}}},github:{issues:{list:{}},repositories:{list:{}}},discord:{guilds:{list:{}},channels:{list:{}}},hubspot:{contacts:{getMany:{}},companies:{getMany:{}},deals:{getMany:{}}},gmail:{messages:{list:{}},labels:{list:{}},drafts:{list:{}},threads:{list:{}}},googlecalendar:{events:{getMany:{}}},googledrive:{files:{list:{}},folders:{list:{}},sharedDrives:{list:{}}},notion:{databases:{getManyDatabases:{}},databasePages:{getManyDatabasePages:{}},users:{getManyUsers:{}}},airtable:{bases:{getMany:{}}},todoist:{projects:{getMany:{}},tasks:{getMany:{}}},cal:{bookings:{list:{}}}};async function ie(e,t){let a=[],i=s=>{a.push(s),console.log(s)},o=s=>{a.push(s),console.warn(s)},f=t?.caller??"script",d=t?.tenantId;if(!d){if(e?.withTenant)throw new Error("setupCorsair: tenantId must be a non-empty string");d="default"}let n=v(e);if(!n)throw new Error("setupCorsair: invalid corsair instance");if(!n.database)throw new Error("setupCorsair: a database must be configured on the corsair instance");let u={...n,database:n.database},c=u.database.db;await Y(c,o);let p=await H(c,u,d,i),y=await z(p,d,i,f);if(t?.backfill){i("[corsair:setup] Starting backfill...");let s=T({plugins:n.plugins,database:c,kek:n.kek,multiTenancy:!0}).withTenant(d);await Q(s,n.plugins,y,i,o),i("[corsair:setup] Backfill complete.")}return a.join(`
|
|
2
2
|
`)}function b(e){return typeof e=="object"&&e!==null}function Z(e){return!b(e)||!Array.isArray(e.plugins)||typeof e.kek!="string"||typeof e.multiTenancy!="boolean"?!1:e.database===void 0?!0:b(e.database)?e.database.db instanceof I:!1}function v(e){let t=Object.getOwnPropertyDescriptor(e,A);if(t)return Z(t.value)?t.value:void 0}function N(e){return e==="oauth_2"||e==="api_key"||e==="bot_token"}function L(e){let t=e.options?.authType;return N(t)?t:void 0}function m(e,t){if(!b(e))return;let a=e[t];return typeof a=="function"?(...i)=>Reflect.apply(a,e,i):void 0}function $(e,t){return b(e)?t===0?!0:Object.values(e).every(a=>$(a,t-1)):!1}function U(e){return $(e,4)}var W={..._};function k(e){if(e instanceof O){let t={};for(let[a,i]of Object.entries(e.shape))t[a]=i instanceof B?k(i):"unknown";return t}return e instanceof D?`${k(e.unwrap())} | null`:e instanceof x?`${k(e.unwrap())} | undefined`:e instanceof j?e.options.join(" | "):e instanceof K?"string":e instanceof F?"number":e instanceof M?"boolean":e instanceof R?"date":e instanceof E?"jsonb":"unknown"}async function Y(e,t){let a=await e.introspection.getTables(),i=new Set(a.map(o=>o.name));for(let[o,f]of Object.entries(W))i.has(o)||t(`[corsair:setup] Table "${o}" does not exist. Run your database migrations before calling setupCorsair.
|
|
3
3
|
Schema: ${JSON.stringify(k(f),null,2)}`)}async function H(e,t,a,i){let o=new Date,f=new Map;for(let d of t.plugins){let n=d.id,u=L(d),c=await e.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!c){let l=crypto.randomUUID();await e.insertInto("corsair_integrations").values({id:l,name:n,config:{},created_at:o,updated_at:o}).execute(),c=await e.selectFrom("corsair_integrations").selectAll().where("id","=",l).executeTakeFirst(),i(`[corsair:setup] Created integration: ${n}`)}let p=u?d.authConfig?.[u]?.integration??[]:[],y=u?d.authConfig?.[u]?.account??[]:[],s=u&&c?C({authType:u,integrationName:n,kek:t.kek,database:t.database,extraIntegrationFields:p}):void 0;if(c&&!c.dek&&s&&(await s.issue_new_dek(),i(`[corsair:setup] Issued integration DEK: ${n}`)),!c)continue;let r=await e.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",a).where("integration_id","=",c.id).executeTakeFirst();if(!r){let l=crypto.randomUUID();await e.insertInto("corsair_accounts").values({id:l,tenant_id:a,integration_id:c.id,config:{},created_at:o,updated_at:o}).execute(),r=await e.selectFrom("corsair_accounts").selectAll().where("id","=",l).executeTakeFirst(),i(`[corsair:setup] Created account: ${n}`)}let g=u&&r?S({authType:u,integrationName:n,tenantId:a,kek:t.kek,database:t.database,extraAccountFields:y}):void 0;r&&!r.dek&&g&&(await g.issue_new_dek(),i(`[corsair:setup] Issued account DEK: ${n}`)),u&&s&&g&&f.set(n,{pluginId:n,authType:u,integration:s,account:g,integrationFields:[...w[u].integration,...p],accountFields:[...w[u].account,...y]})}return f}var P=new Set(["webhook_signature","expires_at","scope","redirect_url"]);async function J(e,t,a,i,o,f,d,n,u){let c=[],p=[];for(let s of o){if(P.has(s))continue;let r=m(a,`get_${s}`);if(!r)continue;let g=null;try{let l=await r();g=typeof l=="string"?l:null}catch{}g||c.push(s)}for(let s of f){if(P.has(s))continue;let r=m(i,`get_${s}`);if(!r)continue;let g=null;try{let l=await r();g=typeof l=="string"?l:null}catch{}g||p.push(s)}let y=c.length===0&&p.length===0;if(y)n(`[corsair:setup] '${e}' (${t}) is configured \u2713`);else{let s=[...c,...p];if(u==="cli"){let r=s.map(g=>`${g}=VALUE`).join(" ");n(`[corsair:setup] '${e}' (${t}) needs credentials. Run:
|
|
4
4
|
corsair setup --${e} ${r}`)}else{let r=[`[corsair:setup] '${e}' (${t}) needs credentials. Call:`];for(let g of c)r.push(` await corsair.keys.${e}.set_${g}(value)`);for(let g of p){let l=d==="default"?`corsair.${e}`:`corsair.withTenant(${JSON.stringify(d)}).${e}`;r.push(` await ${l}.keys.set_${g}(value)`)}n(r.join(`
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import{a as Te,b as te}from"./chunk-OZHME3EO.js";import{a as we}from"./chunk-ZGVIF3UY.js";import{createCipheriv as Ce,createDecipheriv as Pe,randomBytes as G,scrypt as ze}from"crypto";import{promisify as Ge}from"util";var xe=Ge(ze),J="aes-256-gcm",Ae=12,V=16,Je=16,U=32;function K(){return G(U).toString("base64")}async function M(e,n){let t=G(Je),o=await xe(n,t,U),r=G(Ae),i=Ce(J,o,r,{authTagLength:V}),s=Buffer.concat([i.update(e,"utf8"),i.final()]),a=i.getAuthTag();return[t.toString("base64"),r.toString("base64"),a.toString("base64"),s.toString("base64")].join(":")}async function F(e,n){let[t,o,r,i]=e.split(":");if(!t||!o||!r||!i)throw new Error("Invalid encrypted DEK format");let s=Buffer.from(t,"base64"),a=Buffer.from(o,"base64"),d=Buffer.from(r,"base64"),c=Buffer.from(i,"base64"),l=await xe(n,s,U),p=Pe(J,l,a,{authTagLength:V});return p.setAuthTag(d),Buffer.concat([p.update(c),p.final()]).toString("utf8")}function oe(e,n){let t=Buffer.from(n,"base64"),o=G(Ae),r=Ce(J,t,o,{authTagLength:V}),i=Buffer.concat([r.update(e,"utf8"),r.final()]),s=r.getAuthTag();return[o.toString("base64"),s.toString("base64"),i.toString("base64")].join(":")}function re(e,n){let[t,o,r]=e.split(":");if(!t||!o||!r)throw new Error("Invalid encrypted data format");let i=Buffer.from(n,"base64"),s=Buffer.from(t,"base64"),a=Buffer.from(o,"base64"),d=Buffer.from(r,"base64"),c=Pe(J,i,s,{authTagLength:V});return c.setAuthTag(a),Buffer.concat([c.update(d),c.final()]).toString("utf8")}function j(e,n){let t={};for(let[o,r]of Object.entries(e))t[o]=oe(r,n);return t}function S(e,n){let t={};for(let[o,r]of Object.entries(e))t[o]=re(r,n);return t}function q(e,n,t){let o=S(e,n);return j(o,t)}function Y(e,n){let t=[];e||t.push("database"),n||t.push("kek");let o={};return new Proxy(o,{get(r,i){let s=t.length>1;throw new Error(`corsair.keys.${String(i)}: Cannot access keys because ${t.join(" and ")} ${s?"are":"is"} not configured. Provide both 'database' and 'kek' in createCorsair() to enable key management.
|
|
2
|
+
|
|
3
|
+
To generate a KEK, run: openssl rand -base64 ${U}`)}})}var z={oauth_2:{integration:["client_id","client_secret","redirect_url"],account:["access_token","refresh_token","expires_at","scope","webhook_signature"]},api_key:{integration:[],account:["api_key","webhook_signature"]},bot_token:{integration:[],account:["bot_token","webhook_signature"]}};function Ee(e,n,t){let o={};for(let r of t)o[`get_${r}`]=async()=>(await e())[r]??null,o[`set_${r}`]=async i=>{let s=[null,void 0,""].includes(i)?null:i;await n({[r]:s})};return o}var ie=e=>{if(!e)return{};if(typeof e=="string")try{return JSON.parse(e)}catch{return{}}return e};function Q(e){let{authType:n,integrationName:t,kek:o,database:r,extraIntegrationFields:i=[]}=e,s=[...z[n].integration,...i],a=null,d={kek:o,integrationName:t,getIntegration:async()=>{if(a)return a;let u=await r.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!u)throw new Error(`Integration "${t}" not found. Make sure to create the integration first.`);return a={id:u.id,config:ie(u.config),dek:u.dek??null},a},updateIntegration:async u=>{let y=await d.getIntegration();await r.db.updateTable("corsair_integrations").set({...u.config!==void 0?{config:u.config}:{},...u.dek!==void 0?{dek:u.dek}:{},updated_at:new Date}).where("id","=",y.id).execute(),a=null}},c=null,l=async()=>{if(c)return c;let u=await d.getIntegration();if(!u.dek)throw new Error(`No DEK found for integration "${t}". Initialize the integration first.`);return c=await F(u.dek,o),c},p=async()=>{let u=await d.getIntegration(),y=await l(),m=u.config;return!m||Object.keys(m).length===0?{}:S(m,y)};return{get_dek:l,issue_new_dek:async()=>{let u=await d.getIntegration(),y=K(),m={};if(u.dek){let x=await F(u.dek,o),w=u.config;w&&Object.keys(w).length>0&&(m=q(w,x,y))}let k=await M(y,o);return await d.updateIntegration({config:m,dek:k}),c=y,y},...Ee(p,async u=>{let y=await l(),m;try{m=await p()}catch(w){console.error(`[corsair] Failed to decrypt config for integration "${t}", starting fresh:`,w),m={}}let k={...m};for(let[w,f]of Object.entries(u))f===null?delete k[w]:k[w]=f;let x=j(k,y);await d.updateIntegration({config:x})},s)}}function X(e){let{authType:n,integrationName:t,tenantId:o,kek:r,database:i,extraAccountFields:s=[]}=e,a=[...z[n].account,...s],d=null,c=null,l=async()=>{if(c)return c;let f=await i.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!f)throw new Error(`Integration "${t}" not found. Make sure to create the integration first.`);return c={id:f.id,config:ie(f.config),dek:f.dek??null},c},p={kek:r,integrationName:t,tenantId:o,getIntegration:l,getAccount:async()=>{if(d)return d;let f=await l(),b=await i.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",o).where("integration_id","=",f.id).executeTakeFirst();if(!b)throw new Error(`Account not found for tenant "${o}" and integration "${t}". Make sure to create the account first.`);return d={id:b.id,config:ie(b.config),dek:b.dek??null},d},updateAccount:async f=>{let b=await p.getAccount();await i.db.updateTable("corsair_accounts").set({...f.config!==void 0?{config:f.config}:{},...f.dek!==void 0?{dek:f.dek}:{},updated_at:new Date}).where("id","=",b.id).execute(),d=null}},h=null,g=null,u=async()=>{if(h)return h;let f=await p.getAccount();if(!f.dek)throw new Error(`No DEK found for account (tenant: "${o}", integration: "${t}"). Initialize the account first.`);return h=await F(f.dek,r),h},y=async()=>{if(g)return g;let f=await p.getIntegration();if(!f.dek)throw new Error(`No DEK found for integration "${t}". Initialize the integration first.`);return g=await F(f.dek,r),g},m=async()=>{let f=await p.getAccount(),b=await u(),T=f.config;return!T||Object.keys(T).length===0?{}:S(T,b)},k=async()=>{let f=await p.getIntegration(),b=await y(),T=f.config;return!T||Object.keys(T).length===0?{}:S(T,b)},w={get_dek:u,issue_new_dek:async()=>{let f=await p.getAccount(),b=K(),T={};if(f.dek){let C=await F(f.dek,r),A=f.config;A&&Object.keys(A).length>0&&(T=q(A,C,b))}let D=await M(b,r);return await p.updateAccount({config:T,dek:D}),h=b,b},...Ee(m,async f=>{let b=await u(),T;try{T=await m()}catch(A){console.error(`[corsair] Failed to decrypt config for account (tenant: "${o}", integration: "${t}"), starting fresh:`,A),T={}}let D={...T};for(let[A,E]of Object.entries(f))E===null?delete D[A]:D[A]=E;let C=j(D,b);await p.updateAccount({config:C})},a)};return n==="oauth_2"&&(w.get_integration_credentials=async()=>{let f=await k();return{client_id:f.client_id||null,client_secret:f.client_secret||null,redirect_url:f.redirect_url??null}}),w}async function Re(e,n,t){let o=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!o)throw new Error(`Integration "${n}" not found.`);let r=K(),i=await M(r,t);return await e.db.updateTable("corsair_integrations").set({dek:i,updated_at:new Date}).where("id","=",o.id).execute(),r}async function De(e,n,t,o){let r=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!r)throw new Error(`Integration "${n}" not found.`);let i=await e.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",t).where("integration_id","=",r.id).executeTakeFirst();if(!i)throw new Error(`Account not found for tenant "${t}" and integration "${n}".`);let s=K(),a=await M(s,o);return await e.db.updateTable("corsair_accounts").set({dek:a,updated_at:new Date}).where("id","=",i.id).execute(),s}var Ve=async(e,n)=>(console.error(`[corsair:${n.pluginId}:${n.operation}]`,{error:e.message,input:n.input}),{maxRetries:0});async function Ie(e,n,t,o,r){let i={pluginId:n,operation:t,input:o,originalError:e},s=Object.keys(r).find(c=>r[c]?.match(e,i));return await(r[s||"DEFAULT"]?.handler||Ve)(e,i)}import{randomBytes as Ye}from"crypto";import{v4 as Qe}from"uuid";var Xe={open:{read:"allow",write:"allow",destructive:"allow"},cautious:{read:"allow",write:"allow",destructive:"require_approval"},strict:{read:"allow",write:"require_approval",destructive:"deny"},readonly:{read:"allow",write:"deny",destructive:"deny"}};function en(e,n,t){return t!==void 0?t:Xe[n][e]}function ve(e){let n=/(\d+)(d|h|m|s)/g,t=0,o;for(;(o=n.exec(e))!==null;){let r=parseInt(o[1],10);switch(o[2]){case"d":t+=r*864e5;break;case"h":t+=r*36e5;break;case"m":t+=r*6e4;break;case"s":t+=r*1e3;break}}return t>0?t:600*1e3}function $e(e){return{async find_by_permission_id(n){if(e)return e.db.selectFrom("corsair_permissions").selectAll().where("id","=",n).executeTakeFirst()},async find_by_token(n){if(e)return e.db.selectFrom("corsair_permissions").selectAll().where("token","=",n).executeTakeFirst()},async set_executing(n){e&&await e.db.updateTable("corsair_permissions").set({status:"executing",updated_at:new Date}).where("id","=",n).execute()},async set_completed(n){e&&await e.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",n).execute()}}}async function _e(e,n,t){let o=Date.now()+t;for(;Date.now()<o;){let r=await e.db.selectFrom("corsair_permissions").select(["id","status"]).where("id","=",n).executeTakeFirst();if(!r)return{result:"blocked",reason:"pending"};if(r.status==="approved")return{result:"allow",onComplete:async()=>{await e.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",n).execute()}};if(r.status==="denied")return{result:"blocked",reason:"denied"};if(r.status==="expired"||r.status==="failed")return{result:"blocked",reason:"timeout"};await new Promise(i=>setTimeout(i,500))}return{result:"blocked",reason:"timeout"}}async function Fe(e){let n=en(e.riskLevel,e.mode,e.override);if(n==="allow")return{result:"allow"};let t=e.meta?.irreversible?" (irreversible)":"",o=e.meta?.description?`${e.meta.description}${t}`:`${e.pluginId}.${e.endpointPath}${t}`;if(n==="deny"||!e.db)return console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 denied by permission mode '${e.mode}'.`,`
|
|
4
|
+
Action: ${o}`,`
|
|
5
|
+
To allow this, update the permission mode or add an override in your corsair config.`),{result:"blocked",reason:"policy"};let r=JSON.stringify(e.args),i=new Date().toISOString(),s=e.tenantId??"default",a=await e.db.db.selectFrom("corsair_permissions").selectAll().where("plugin","=",e.pluginId).where("endpoint","=",e.endpointPath).where("args","=",r).where("tenant_id","=",s).where("expires_at",">",i).where("status","in",["pending","approved","executing"]).orderBy("created_at","desc").limit(1).executeTakeFirst();if(a){if(a.status==="approved"){let u=e.db,y=a.id;return{result:"allow",onComplete:async()=>{await u.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",y).execute()}}}return a.status==="executing"?{result:"allow"}:(console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 approval already pending.`,`
|
|
6
|
+
Action: ${o}`,`
|
|
7
|
+
Permission ID: ${a.id}`,`
|
|
8
|
+
Use the token to approve or deny this request.`),(typeof e.approvalMode=="function"?e.approvalMode():e.approvalMode)==="synchronous"?_e(e.db,a.id,e.timeoutMs??600*1e3):{result:"blocked",reason:"pending",id:a.id,token:a.token})}let d=Qe(),c=Ye(32).toString("hex"),l=e.timeoutMs??600*1e3,p=new Date(Date.now()+l).toISOString();return await e.db.db.insertInto("corsair_permissions").values({id:d,created_at:new Date,updated_at:new Date,token:c,plugin:e.pluginId,endpoint:e.endpointPath,args:r,tenant_id:s,status:"pending",expires_at:p}).execute(),console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 approval required.`,`
|
|
9
|
+
Action: ${o}`,`
|
|
10
|
+
Permission ID: ${d}`,`
|
|
11
|
+
Permission token: ${c}`,`
|
|
12
|
+
Expires at: ${p}`,`
|
|
13
|
+
Use the token to approve or deny this request.`),(typeof e.approvalMode=="function"?e.approvalMode():e.approvalMode)==="synchronous"?_e(e.db,d,l):{result:"blocked",reason:"pending",id:d,token:c}}function nn(e){return typeof e=="function"}function se({endpoints:e,hooks:n,ctx:t,tree:o,pluginId:r,errorHandlers:i,currentPath:s=[],keyBuilder:a,permissionsConfig:d,endpointMeta:c,database:l,approvalConfig:p,tenantId:h}){for(let[g,u]of Object.entries(e)){let y=n?.[g];if(nn(u)){let m=y,k=[...s,g].join("."),x=async(w={})=>{let f;if(d){let E=c?.[k],{result:B,reason:I,onComplete:H,token:_,id:O}=await Fe({pluginId:r,endpointPath:k,args:w,mode:d.mode,override:d.overrides?.[k],riskLevel:E?.riskLevel??"write",meta:E,db:l,timeoutMs:p?ve(p.timeout):void 0,tenantId:h,approvalMode:p?.mode});if(B==="blocked"){let P;throw I==="denied"?P=`Action '${k}' was denied by the user. Await further instructions before proceeding.`:I==="policy"?P=`Action '${k}' is blocked by the permission policy. Update the corsair config to allow it.`:I==="timeout"?P=`Action '${k}' timed out waiting for approval.`:p?.formatAsyncMessage&&_&&O?P=p.formatAsyncMessage({token:_,id:O,plugin:r,endpoint:k,args:w}):P=`Action '${k}' requires user approval before it can run.`,new Error(P)}f=H}let b=async(E,B,I)=>{try{return await u(B,I)}catch(H){if(H instanceof Error){let _=await Ie(H,r,k,typeof I=="object"&&I!==null?I:{args:I},i);if(E<(_.maxRetries||0)){let O=E+1;console.log(`Retrying (${O} / ${_.maxRetries})...`);let P;if(_.headersRetryAfterMs)P=_.headersRetryAfterMs;else switch(_.retryStrategy){case"exponential_backoff":P=Math.pow(2,O-1)*1e3;break;case"exponential_backoff_jitter":let ne=Math.pow(2,O-1)*1e3,qe=(Math.random()-.5)*1e3;P=Math.max(0,ne+qe);break;case"linear_1s":P=1e3;break;case"linear_2s":P=2e3;break;case"linear_3s":P=3e3;break;case"linear_4s":P=4e3;break;default:P=1e3;break}await new Promise(ne=>setTimeout(ne,P)),await b(O,B,I),console.log(`[corsair:${r}:${k}] Retry strategy:`,_)}}throw H}},T=a?await a(t,"endpoint"):void 0;if(!m?.before&&!m?.after){let E=await b(0,{...t,key:T},w);return await f?.(),E}let D={...t,key:T},C=m.before?await m.before(D,w):{ctx:D,args:w,continue:!0,passToAfter:void 0};if(C.continue===!1)return;let A=await b(0,C.ctx,C.args);return await m.after?.(C.ctx,A,C.passToAfter),await f?.(),A};o[g]=x}else if(u&&typeof u=="object"){let m={};se({endpoints:u,hooks:y,ctx:t,tree:m,pluginId:r,errorHandlers:i,currentPath:[...s,g],keyBuilder:a,permissionsConfig:d,endpointMeta:c,database:l,approvalConfig:p,tenantId:h}),o[g]=m}}}function tn(e){return e!==null&&typeof e=="object"&&"match"in e&&"handler"in e&&typeof e.match=="function"&&typeof e.handler=="function"}function ae({webhooks:e,hooks:n,ctx:t,webhooksTree:o,keyBuilder:r}){for(let[i,s]of Object.entries(e)){let a=n?.[i];if(tn(s)){let d=a,c=async l=>{let p=(g,u)=>s.handler(g,u),h=r?await r(t,"webhook"):void 0;return!d?.before&&!d?.after?p({...t,key:h},l):(async()=>{let g={...t,key:h},u=d.before?await d.before(g,l):{ctx:g,args:l,continue:!0,passToAfter:void 0};if(u.continue===!1)return;let y=await p(u.ctx,u.args);return y?.success===!0&&await d.after?.(u.ctx,y,u.passToAfter),y})()};o[i]={match:s.match,handler:c}}else if(s&&typeof s=="object"){let d={};ae({webhooks:s,hooks:a,ctx:t,webhooksTree:d,keyBuilder:r}),o[i]=d}}}function on(e,n,t){let o=null;return async()=>{if(o)return o;if(!e)throw new Error("Database not configured");let r=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!r)throw new Error(`Integration "${n}" not found. Make sure to create the integration first.`);let i=await e.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",t).where("integration_id","=",r.id).executeTakeFirst();if(!i)throw new Error(`Account not found for tenant "${t}" and integration "${n}". Make sure to create the account first.`);return o=i.id,o}}function rn(e,n,t,o,r){return e?te(e.db,n,t,o,r):{findByEntityId:async()=>null,findById:async()=>null,findManyByEntityIds:async()=>[],list:async()=>[],search:async()=>[],upsertByEntityId:async()=>{throw new Error("Database not configured")},deleteById:async()=>!1,deleteByEntityId:async()=>!1,count:async()=>0}}function ce(e,n){let{database:t,tenantId:o,kek:r,rootErrorHandlers:i,approvalConfig:s}=n,a={},d={};for(let c of e)a[c.id]={},d[c.id]={};for(let c of e){let l=c.schema,p=o??"default",h=on(t,c.id,p);if(l?.entities){let C={};for(let[A,E]of Object.entries(l.entities)){let B=t?te(t.db,h,A,l.version,E):rn(void 0,h,A,l.version,E);C[A]=B}d[c.id].db=C,a[c.id].db=C}let g=c.options,u=c.authConfig,y;if(t&&r&&g?.authType){let C=u?.[g.authType]?.account??[];y=X({authType:g.authType,integrationName:c.id,tenantId:p,kek:r,database:t,extraAccountFields:C}),a[c.id].keys=y}let m={database:t,db:d[c.id]?.db??{},$getAccountId:h,...c.options?{options:c.options}:{},...y?{keys:y,authType:g?.authType}:{},...o?{tenantId:o}:{}},k=c.endpoints??{},x=c.hooks,w={...i,...c.errorHandlers},f={},b=c.options?.permissions;se({endpoints:k,hooks:x,ctx:m,tree:f,pluginId:c.id,errorHandlers:w,currentPath:[],keyBuilder:c.keyBuilder,permissionsConfig:b,endpointMeta:c.endpointMeta,database:t,approvalConfig:s,tenantId:o}),Object.keys(f).length>0&&(a[c.id].api=f),m.endpoints=f;let T=c.webhooks??{},D=c.webhookHooks;if(Object.keys(T).length>0){let C={};ae({webhooks:T,hooks:D,ctx:m,webhooksTree:C,keyBuilder:c.keyBuilder}),a[c.id].webhooks=C,c.pluginWebhookMatcher&&(a[c.id].pluginWebhookMatcher=c.pluginWebhookMatcher)}}return a}function Oe(e,n,t){let o={};for(let r of e){let i=r.options,s=r.authConfig;if(i?.authType){let a=s?.[i.authType]?.integration??[],d=Q({authType:i.authType,integrationName:r.id,kek:t,database:n,extraIntegrationFields:a});o[r.id]=d}}return o}async function Ke(e,n,t,o,r="pending"){if(!e)return null;try{let i=Te(),s=new Date;return await e.db.insertInto("corsair_events").values({id:i,created_at:s,updated_at:s,account_id:n,event_type:t,payload:o,status:r}).execute(),i}catch(i){return console.warn("Failed to log event:",i),null}}async function sn(e,n,t,o="pending"){try{let r=await e.$getAccountId();return Ke(e.database,r,n,t,o)}catch(r){return console.warn("Failed to log event:",r),null}}import*as Me from"https";import*as Se from"querystring";function Ze(e,n,t,o,r){let i=new URL(o.tokenUrl),s=o.tokenAuthMethod==="basic";return new Promise((a,d)=>{let c={code:e.trim(),redirect_uri:r,grant_type:"authorization_code"};s||(c.client_id=n,c.client_secret=t);let l=Se.stringify(c),p={"Content-Type":"application/x-www-form-urlencoded","Content-Length":Buffer.byteLength(l).toString()};s&&(p.Authorization=`Basic ${Buffer.from(`${n}:${t}`).toString("base64")}`);let h=Me.request({hostname:i.hostname,...i.port?{port:Number(i.port)}:{},path:i.pathname+i.search,method:"POST",headers:p},g=>{let u="";g.on("data",y=>{u+=y}),g.on("end",()=>{if(g.statusCode!==200){d(new Error(`Token exchange failed (${g.statusCode}): ${u}`));return}try{a(JSON.parse(u))}catch{d(new Error(`Token endpoint returned non-JSON response: ${u}`))}})});h.on("error",g=>d(new Error(`Request failed: ${g.message}`))),h.write(l),h.end()})}var Ne=["ably","airtable","amplitude","asana","bitwarden","box","cal","calendly","cloudflare","cursor","discord","dodopayments","dropbox","exa","figma","firecrawl","fireflies","github","gitlab","gmail","googlecalendar","googledrive","googlesheets","hackernews","hubspot","intercom","jira","linear","monday","notion","onedrive","openweathermap","oura","outlook","pagerduty","posthog","razorpay","reddit","resend","sentry","sharepoint","slack","spotify","strava","stripe","tally","tavily","teams","telegram","todoist","trello","twitter","twitterapiio","typeform","vapi","xquik","youtube","zoom"];var Be=" ";function v(e){let n=e;return n._def??n.def??{}}function $(e){let n=e.typeName;if(n)return n;let t=e.type;if(t)return`Zod${t.split("_").map(o=>o.charAt(0).toUpperCase()+o.slice(1)).join("")}`}function Z(e){return e.innerType??e.schema??e.out??e.in}function Le(e,n){switch(n){case"ZodPipe":return e.in??e.innerType;case"ZodEffects":return e.schema??e.innerType;case"ZodTransform":return e.schema??e.innerType??e.in;default:return Z(e)}}function an(e){let n=e.type;return e.element??(typeof n=="string"?void 0:n)}function fe(e,n){let t=n.shape??e.shape;return typeof t=="function"?t():t}function de(e){return Array.isArray(e.options)?e.options:Array.isArray(e.values)?e.values:e.entries!==null&&typeof e.entries=="object"&&!Array.isArray(e.entries)?Object.values(e.entries):[]}function cn(e,n){return e.description??n.description}function dn(e){let n=e;for(;n;){let t=v(n),o=cn(n,t);if(o)return o;let r=$(t);if(ye(r)||r==="ZodPipe"||r==="ZodEffects"||r==="ZodTransform"){n=Le(t,r);continue}break}}function ye(e){return e==="ZodOptional"||e==="ZodNullable"||e==="ZodDefault"||e==="ZodCatch"}function R(e){let n=v(e),t=$(n);switch(t){case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodDate":return"Date";case"ZodNull":return"null";case"ZodUnknown":case"ZodAny":return"any";case"ZodLiteral":return String(n.value??de(n)[0]??"unknown");case"ZodEnum":return de(n).map(o=>String(o)).join(" | ");case"ZodOptional":{let o=Z(n);return o?R(o):"unknown"}case"ZodNullable":{let o=Z(n);return`${o?R(o):"unknown"} | null`}case"ZodDefault":case"ZodCatch":{let o=Z(n);return o?R(o):"unknown"}case"ZodArray":{let o=an(n);if(!o)return"unknown[]";let r=v(o),i=$(r)==="ZodUnion",s=R(o);return`${i?`(${s})`:s}[]`}case"ZodRecord":return"{}";case"ZodObject":{let o=fe(e,n),r=Object.entries(o);return r.length===0?"{}":`{ ${r.map(([s,a])=>{let d=$(v(a));return`${d==="ZodOptional"||d==="ZodNullable"?s+"?":s}: ${R(a)}`}).join(", ")} }`}case"ZodUnion":return de(n).map(o=>R(o)).join(" | ");case"ZodIntersection":return`${R(n.left)} & ${R(n.right)}`;case"ZodPipe":case"ZodTransform":case"ZodEffects":{let o=Le(n,t);return o?R(o):"unknown"}default:return(t??"unknown").replace("Zod","").toLowerCase()}}var he=["equals","contains","startsWith","endsWith","in"],un=["equals","gt","gte","lt","lte","in"],ln=["equals"],pn=["equals","before","after","between"];function We(e){let n=v(e);switch($(n)){case"ZodOptional":case"ZodNullable":case"ZodDefault":case"ZodCatch":{let o=Z(n);return o?We(o):null}case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodDate":return"date";default:return null}}function me(e){let n=v(e),t=$(n);if(ye(t)){let i=Z(n);return i?me(i):{}}if(t!=="ZodObject")return{};let o=fe(e,n),r={};for(let[i,s]of Object.entries(o)){let a=We(s);a==="string"?r[i]={type:"string",operators:he}:a==="number"?r[i]={type:"number",operators:un}:a==="boolean"?r[i]={type:"boolean",operators:ln}:a==="date"&&(r[i]={type:"date",operators:pn})}return r}function He(e,n){for(let[t,o]of Object.entries(e))if(t.toLowerCase()===n)return[t,o]}function le(e,n,t){for(let[o,r]of Object.entries(e)){let i=[...n,o];typeof r=="function"?t.push(i.join(".")):r!==null&&typeof r=="object"&&le(r,i,t)}}function pe(e){return e!==null&&typeof e=="object"&&"match"in e&&"handler"in e&&typeof e.match=="function"&&typeof e.handler=="function"}function ge(e,n,t){for(let[o,r]of Object.entries(e)){let i=[...n,o];pe(r)?t.push(i.join(".")):r!==null&&typeof r=="object"&&ge(r,i,t)}}function ke(e,n){if(n.length===0)return null;let[t,...o]=n,r=Object.entries(e).find(([a])=>a.toLowerCase()===t);if(!r)return null;let[i,s]=r;if(o.length===0)return pe(s)?[i]:null;if(s!==null&&typeof s=="object"&&!pe(s)){let a=ke(s,o);if(a!==null)return[i,...a]}return null}function Ue(e,n){let t=[];t.push(`${e}({`),t.push(" webhookHooks: {");for(let i=0;i<n.length;i++){let s=" ".repeat(i+2);t.push(`${s}${n[i]}: {`)}let o=" ".repeat(n.length+2),r=o+" ";t.push(`${o}before(ctx, args) {`),t.push(`${r}return { ctx, args };`),t.push(`${o}},`),t.push(`${o}after(ctx, response) {`),t.push(`${o}},`);for(let i=n.length-1;i>=0;i--){let s=" ".repeat(i+2);t.push(`${s}},`)}return t.push(" },"),t.push("})"),t.join(`
|
|
14
|
+
`)}var gn=new Set(Ne);function N(e,n){let t=n?.type??"api",o=n?.plugin;if(o!==void 0){let i=e.find(a=>a.id===o);if(!i)return gn.has(o)?`This plugin (${o}) is not configured. Please add it to the Corsair instance to see its associated methods.`:N(e);if(t==="webhooks"){if(!i.webhooks)return[];let a=[];return ge(i.webhooks,[],a),a.map(d=>`${i.id}.webhooks.${d}`)}if(t==="db"){let a=i.schema?.entities;return a?Object.keys(a).map(d=>`${i.id}.db.${d}.search`):[]}if(!i.endpoints)return[];let s=[];return le(i.endpoints,[],s),s.map(a=>`${i.id}.api.${a}`)}let r={};if(t==="webhooks")for(let i of e){if(!i.webhooks)continue;let s=[];ge(i.webhooks,[],s),r[i.id]=s.map(a=>`${i.id}.webhooks.${a}`)}else if(t==="db")for(let i of e){let s=i.schema?.entities;s&&(r[i.id]=Object.keys(s).map(a=>`${i.id}.db.${a}.search`))}else for(let i of e){if(!i.endpoints)continue;let s=[];le(i.endpoints,[],s),r[i.id]=s.map(a=>`${i.id}.api.${a}`)}return r}function L(e,n){if(e){for(let[t,o]of Object.entries(e))if(t.toLowerCase()===n)return o}}function fn(e,n){let t=e.toLowerCase(),o=n.toLowerCase();if(!t.startsWith(`${o}.`)){let i=t.slice(n.length+1),s=i.startsWith(".")?i.slice(1):i;return s.startsWith("api.")&&(s=s.slice(4)),{shortPath:s,lookupKey:s}}let r=e.slice(n.length+1);return r.toLowerCase().startsWith("api.")&&(r=r.slice(4)),{shortPath:r,lookupKey:r.toLowerCase()}}function ue(e,n){return typeof e=="string"?e:Array.isArray(e)?`${n}:
|
|
15
|
+
${e.join(", ")}`:`${n}:
|
|
16
|
+
`+Object.entries(e).map(([t,o])=>` ${t}: ${o.join(", ")}`).join(`
|
|
17
|
+
`)}function Yn(e,n){let t=n.toLowerCase(),o=t.indexOf(".");if(o!==-1){let r=t.slice(0,o),i=t.slice(o+1),s=e.find(a=>a.id===r);if(s){if(i.startsWith("db.")){let l=i.slice(3),p=l.lastIndexOf(".");if(p!==-1){let h=l.slice(0,p),g=l.slice(p+1),u=s.schema?.entities;if(g==="search"&&u){let y=He(u,h);if(y){let[m,k]=y,x=me(k),w=[`Search ${r} ${m} stored in the local database.`,"Pass limit and offset as numbers for pagination.","","filters {",` entity_id: string [${he.join(", ")}]`];for(let[f,b]of Object.entries(x))w.push(` ${f}?: ${b.type} [${b.operators.join(", ")}]`);return w.push("}"),w.join(`
|
|
18
|
+
`)}}}return ue(N(e,{type:"db"}),"Path not found. Available db operations")}if(i.startsWith("webhooks.")){let l=i.slice(9);if(s.webhooks){let p=ke(s.webhooks,l.split("."));if(p!==null){let h=p.join("."),g=L(s.webhookSchemas,h.toLowerCase()),u=g?.response?R(g.response):null,y=[];return g?.description&&y.push(g.description),g?.payload&&y.push(`payload ${ee(W(g.payload))}`),u&&y.push(`response: ${u}`),y.push(`usage:
|
|
19
|
+
${Ue(r,p)}`),y.join(`
|
|
20
|
+
|
|
21
|
+
`)}}return ue(N(e,{type:"webhooks"}),"Path not found. Available webhooks")}let a=i;a.startsWith("api.")&&(a=a.slice(4));let d=L(s.endpointMeta,a),c=L(s.endpointSchemas,a);if(d||c){let l=[],p=[d?.riskLevel?`[${d.riskLevel}]`:"",d?.irreversible?"[irreversible]":""].filter(Boolean).join(" "),h=[d?.description,p].filter(Boolean).join(" ");return h&&l.push(h),c?.input&&l.push(`input ${ee(W(c.input))}`),c?.output&&l.push(`output ${ee(W(c.output))}`),l.join(`
|
|
22
|
+
|
|
23
|
+
`)}}}return ue(N(e),"Path not found. Available operations")}function je(e){let n=e;for(;;){let t=v(n),o=$(t);if(ye(o)){let r=Z(t);if(!r)return n;n=r;continue}return n}}function W(e){if(e===void 0)return{kind:"inline",type:"unknown"};let n=je(e),t=v(n);if($(t)==="ZodObject"){let r=fe(n,t),i=[];for(let[s,a]of Object.entries(r)){let d=v(a),c=$(d),l=c==="ZodOptional"||c==="ZodNullable",p=je(a),h=dn(a);i.push({key:s,optional:l,type:R(p),...h!==void 0?{description:h}:{}})}return{kind:"object",fields:i}}return{kind:"inline",type:R(n)}}function ee(e,n=0){if(e===void 0)return"{}";if(e.kind==="inline")return e.type;if(e.kind==="object"){if(e.fields.length===0)return"{}";let t=Be.repeat(n+1),o=Be.repeat(n);return`{
|
|
24
|
+
${e.fields.map(i=>{let s=i.optional?`${i.key}?`:i.key,a=i.description?` // ${i.description}`:"";return`${t}${s}: ${i.type}${a}`}).join(`
|
|
25
|
+
`)}
|
|
26
|
+
${o}}`}return"unknown"}function yn(e,n){let t=N(e,{plugin:n,type:"api"});if(typeof t=="string")return{ok:!1,error:t};if(!Array.isArray(t))return{ok:!1,error:"list_operations did not return a path array \u2014 pass a configured plugin id."};let o=e.find(l=>l.id===n);if(!o)return{ok:!1,error:`Plugin "${n}" is not configured on this instance.`};let r=[];for(let l of t){let{shortPath:p,lookupKey:h}=fn(l,n),g=L(o.endpointMeta,h),u=L(o.endpointSchemas,h);!g&&!u||r.push({path:l,shortPath:p,description:g?.description,riskLevel:g?.riskLevel,irreversible:g?.irreversible,input:W(u?.input),output:W(u?.output)})}r.sort((l,p)=>l.path.localeCompare(p.path));let i=[],s=N(e,{plugin:n,type:"webhooks"});if(Array.isArray(s)&&o.webhooks)for(let l of s){let h=l.toLowerCase().slice(n.length+1),g=h.startsWith(".")?h.slice(1):h;if(!g.startsWith("webhooks."))continue;let u=g.slice(9),y=ke(o.webhooks,u.split("."));if(y===null)continue;let m=y.join("."),k=L(o.webhookSchemas,m.toLowerCase()),x=k?.response?R(k.response):void 0;i.push({path:l,description:k?.description,payload:W(k?.payload),responseType:x,usageExample:Ue(n,y)})}i.sort((l,p)=>l.path.localeCompare(p.path));let a=[],d=N(e,{plugin:n,type:"db"}),c=o.schema?.entities;if(Array.isArray(d)&&c)for(let l of d){let h=l.toLowerCase().slice(n.length+1),g=h.startsWith(".")?h.slice(1):h;if(!g.startsWith("db."))continue;let u=g.slice(3),y=u.lastIndexOf(".");if(y===-1)continue;let m=u.slice(0,y);if(u.slice(y+1)!=="search")continue;let x=He(c,m);if(!x)continue;let[w,f]=x,b=me(f),T=Object.entries(b).map(([D,C])=>({field:D,type:C.type,operators:C.operators}));a.push({path:l,entityName:w,filters:[{field:"entity_id",type:"string",operators:he},...T]})}return a.sort((l,p)=>l.path.localeCompare(p.path)),{ok:!0,data:{pluginId:n,api:r,webhooks:i,db:a}}}var be=Symbol.for("corsair:internal");function ot(e){let n=e.database?we(e.database):void 0,t=n&&e.kek?Oe(e.plugins,n,e.kek):Y(!!n,!!e.kek),o={plugins:e.plugins,database:n,kek:e.kek,multiTenancy:!!e.multiTenancy,approval:e.approval},r=$e(n);if(e.multiTenancy)return Object.assign({withTenant:s=>{if(!s)throw new Error("corsair.withTenant(tenantId): tenantId must be a non-empty string");let a=ce(e.plugins,{database:n,tenantId:s,kek:e.kek,rootErrorHandlers:e.errorHandlers,approvalConfig:e.approval});return Object.assign(a,{[be]:o})},keys:t,permissions:r},{[be]:o});let i=ce(e.plugins,{database:n,tenantId:void 0,kek:e.kek,rootErrorHandlers:e.errorHandlers,approvalConfig:e.approval});return Object.assign({},i,{keys:t,permissions:r,[be]:o})}export{K as a,M as b,F as c,oe as d,re as e,j as f,S as g,q as h,z as i,Q as j,X as k,Re as l,De as m,Ke as n,sn as o,Ze as p,Ne as q,N as r,Yn as s,ee as t,yn as u,be as v,ot as w};
|
package/dist/core.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
export { C as CORSAIR_INTERNAL, a as CorsairInternalConfig, D as DocSchemaFieldRow, b as DocSchemaShape, d as DocsApiEndpoint, e as DocsDbEntity,
|
|
1
|
+
export { C as CORSAIR_INTERNAL, a as CorsairInternalConfig, D as DocSchemaFieldRow, b as DocSchemaShape, d as DocsApiEndpoint, e as DocsDbEntity, g as DocsDbFilterField, h as DocsWebhook, E as EndpointSchemaResult, I as IntrospectPluginForDocsResult, L as ListOperationsOptions, P as PluginDocsIntrospection, c as createCorsair, f as formatDocSchemaShape, i as introspectPluginForDocs } from './index-DKq1RoJC.js';
|
|
2
2
|
import { CorsairDatabase } from './db.js';
|
|
3
|
-
import { O as OAuthConfig, A as AuthTypes, g as AccountKeyManagerFor, I as IntegrationKeyManagerFor } from './index-
|
|
4
|
-
export { h as AccountFieldNames, n as AllProviders, m as BASE_AUTH_FIELDS, i as BaseAuthFieldConfig, j as BaseKeyManager, f as BaseProviders, K as BeforeHookResult, p as BindEndpoints, a3 as BindWebhooks, a1 as Bivariant, q as BoundEndpointFn, r as BoundEndpointTree, a4 as BoundWebhook, B as BoundWebhookTree, d as CorsairClient, s as CorsairContext, t as CorsairEndpoint, w as CorsairErrorHandler, a as CorsairIntegration, L as CorsairKeyBuilder, M as CorsairKeyBuilderBase, e as CorsairPermissionsNamespace, C as CorsairPlugin, N as CorsairPluginContext, c as CorsairSingleTenantClient, b as CorsairTenantWrapper, a5 as CorsairWebhook, a6 as CorsairWebhookHandler, a7 as CorsairWebhookMatcher, Q as EndpointHooks, S as EndpointMetaEntry, u as EndpointPathsOf, E as EndpointRiskLevel, v as EndpointTree, H as EnforcePermissionOptions, J as EnforcePermissionResult, x as ErrorContext, y as ErrorHandler, z as ErrorHandlerAndMatchFunction, D as ErrorMatcher, k as IntegrationFieldNames, T as KeyBuilderContext, l as OAuth2IntegrationCredentials, U as PermissionMode, V as PermissionPolicy, o as PickAuth, P as PluginAuthConfig, X as PluginEndpointMeta, Y as PluginPermissionsConfig, R as RawWebhookRequest, Z as RequiredPluginEndpointMeta, _ as RequiredPluginEndpointSchemas, $ as RequiredPluginWebhookSchemas, F as RetryStrategies, G as RetryStrategy, a2 as UnionToIntersection, a0 as WebhookHooks, a8 as WebhookPathsOf, a9 as WebhookRequest, W as WebhookResponse, aa as WebhookTree } from './index-
|
|
3
|
+
import { O as OAuthConfig, A as AuthTypes, g as AccountKeyManagerFor, I as IntegrationKeyManagerFor } from './index-Cl9PJjsS.js';
|
|
4
|
+
export { h as AccountFieldNames, n as AllProviders, m as BASE_AUTH_FIELDS, i as BaseAuthFieldConfig, j as BaseKeyManager, f as BaseProviders, K as BeforeHookResult, p as BindEndpoints, a3 as BindWebhooks, a1 as Bivariant, q as BoundEndpointFn, r as BoundEndpointTree, a4 as BoundWebhook, B as BoundWebhookTree, d as CorsairClient, s as CorsairContext, t as CorsairEndpoint, w as CorsairErrorHandler, a as CorsairIntegration, L as CorsairKeyBuilder, M as CorsairKeyBuilderBase, e as CorsairPermissionsNamespace, C as CorsairPlugin, N as CorsairPluginContext, c as CorsairSingleTenantClient, b as CorsairTenantWrapper, a5 as CorsairWebhook, a6 as CorsairWebhookHandler, a7 as CorsairWebhookMatcher, Q as EndpointHooks, S as EndpointMetaEntry, u as EndpointPathsOf, E as EndpointRiskLevel, v as EndpointTree, H as EnforcePermissionOptions, J as EnforcePermissionResult, x as ErrorContext, y as ErrorHandler, z as ErrorHandlerAndMatchFunction, D as ErrorMatcher, k as IntegrationFieldNames, T as KeyBuilderContext, l as OAuth2IntegrationCredentials, U as PermissionMode, V as PermissionPolicy, o as PickAuth, P as PluginAuthConfig, X as PluginEndpointMeta, Y as PluginPermissionsConfig, R as RawWebhookRequest, Z as RequiredPluginEndpointMeta, _ as RequiredPluginEndpointSchemas, $ as RequiredPluginWebhookSchemas, F as RetryStrategies, G as RetryStrategy, a2 as UnionToIntersection, a0 as WebhookHooks, a8 as WebhookPathsOf, a9 as WebhookRequest, W as WebhookResponse, aa as WebhookTree } from './index-Cl9PJjsS.js';
|
|
5
5
|
import 'kysely';
|
|
6
6
|
import 'zod';
|
|
7
7
|
import 'pg';
|
package/dist/core.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,t as q,u as r,v as s}from"./chunk-
|
|
1
|
+
import{a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,t as q,u as r,v as s,w as t}from"./chunk-7SONQAHW.js";import"./chunk-OZHME3EO.js";import"./chunk-ZGVIF3UY.js";import"./chunk-QAIKSQAD.js";export{i as BASE_AUTH_FIELDS,s as CORSAIR_INTERNAL,k as createAccountKeyManager,t as createCorsair,j as createIntegrationKeyManager,g as decryptConfig,c as decryptDEK,e as decryptWithDEK,f as encryptConfig,b as encryptDEK,d as encryptWithDEK,p as exchangeCodeForTokens,q as formatDocSchemaShape,a as generateDEK,m as initializeAccountDEK,l as initializeIntegrationDEK,r as introspectPluginForDocs,n as logEvent,o as logEventFromContext,h as reEncryptConfig};
|
|
@@ -3,8 +3,8 @@ import { CorsairPluginSchema, PluginEntityClients } from './orm.js';
|
|
|
3
3
|
import { CorsairDatabase, CorsairDatabaseInput, CorsairPermission } from './db.js';
|
|
4
4
|
|
|
5
5
|
type AllErrors = 'RATE_LIMIT_ERROR' | 'AUTH_ERROR' | 'PERMISSION_ERROR' | 'NETWORK_ERROR' | 'TIMEOUT_ERROR' | 'SERVER_ERROR' | 'VALIDATION_ERROR' | 'NOT_FOUND_ERROR' | 'BAD_REQUEST_ERROR' | 'PARSING_ERROR' | 'DEFAULT' | (string & {});
|
|
6
|
-
declare const BaseProviders: readonly ["ably", "airtable", "amplitude", "asana", "box", "cal", "calendly", "cloudflare", "cursor", "discord", "dodopayments", "dropbox", "exa", "figma", "firecrawl", "fireflies", "github", "gitlab", "gmail", "googlecalendar", "googledrive", "googlesheets", "hackernews", "hubspot", "intercom", "jira", "linear", "monday", "notion", "onedrive", "openweathermap", "oura", "outlook", "pagerduty", "posthog", "razorpay", "reddit", "resend", "sentry", "sharepoint", "slack", "spotify", "strava", "stripe", "tavily", "teams", "telegram", "todoist", "trello", "twitter", "twitterapiio", "typeform", "vapi", "youtube", "zoom"];
|
|
7
|
-
type AllProviders = 'ably' | 'airtable' | 'amplitude' | 'asana' | 'box' | 'cal' | 'calendly' | 'cloudflare' | 'cursor' | 'discord' | 'dodopayments' | 'dropbox' | 'exa' | 'figma' | 'firecrawl' | 'fireflies' | 'github' | 'gitlab' | 'gmail' | 'googlecalendar' | 'googledrive' | 'googlesheets' | 'hackernews' | 'hubspot' | 'intercom' | 'jira' | 'linear' | 'monday' | 'notion' | 'onedrive' | 'openweathermap' | 'oura' | 'outlook' | 'pagerduty' | 'posthog' | 'razorpay' | 'reddit' | 'resend' | 'sentry' | 'sharepoint' | 'slack' | 'spotify' | 'strava' | 'stripe' | 'tavily' | 'teams' | 'telegram' | 'todoist' | 'trello' | 'twitter' | 'twitterapiio' | 'typeform' | 'vapi' | 'youtube' | 'zoom' | (string & {});
|
|
6
|
+
declare const BaseProviders: readonly ["ably", "airtable", "amplitude", "asana", "bitwarden", "box", "cal", "calendly", "cloudflare", "cursor", "discord", "dodopayments", "dropbox", "exa", "figma", "firecrawl", "fireflies", "github", "gitlab", "gmail", "googlecalendar", "googledrive", "googlesheets", "hackernews", "hubspot", "intercom", "jira", "linear", "monday", "notion", "onedrive", "openweathermap", "oura", "outlook", "pagerduty", "posthog", "razorpay", "reddit", "resend", "sentry", "sharepoint", "slack", "spotify", "strava", "stripe", "tally", "tavily", "teams", "telegram", "todoist", "trello", "twitter", "twitterapiio", "typeform", "vapi", "xquik", "youtube", "zoom"];
|
|
7
|
+
type AllProviders = 'ably' | 'airtable' | 'amplitude' | 'asana' | 'bitwarden' | 'box' | 'cal' | 'calendly' | 'cloudflare' | 'cursor' | 'discord' | 'dodopayments' | 'dropbox' | 'exa' | 'figma' | 'firecrawl' | 'fireflies' | 'github' | 'gitlab' | 'gmail' | 'googlecalendar' | 'googledrive' | 'googlesheets' | 'hackernews' | 'hubspot' | 'intercom' | 'jira' | 'linear' | 'monday' | 'notion' | 'onedrive' | 'openweathermap' | 'oura' | 'outlook' | 'pagerduty' | 'posthog' | 'razorpay' | 'reddit' | 'resend' | 'sentry' | 'sharepoint' | 'slack' | 'spotify' | 'strava' | 'stripe' | 'tally' | 'tavily' | 'teams' | 'telegram' | 'todoist' | 'trello' | 'twitter' | 'twitterapiio' | 'typeform' | 'vapi' | 'xquik' | 'youtube' | 'zoom' | (string & {});
|
|
8
8
|
type AuthTypes = 'oauth_2' | 'api_key' | 'bot_token';
|
|
9
9
|
type PickAuth<T extends AuthTypes> = T;
|
|
10
10
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { E as EndpointRiskLevel, C as CorsairPlugin, a as CorsairIntegration, b as CorsairTenantWrapper, c as CorsairSingleTenantClient } from './index-
|
|
1
|
+
import { E as EndpointRiskLevel, C as CorsairPlugin, a as CorsairIntegration, b as CorsairTenantWrapper, c as CorsairSingleTenantClient } from './index-Cl9PJjsS.js';
|
|
2
2
|
import { CorsairDatabase } from './db.js';
|
|
3
3
|
|
|
4
4
|
/** @deprecated get_schema now returns a plain string. This type is kept for backwards compatibility. */
|
|
@@ -89,6 +89,11 @@ type IntrospectPluginForDocsResult = {
|
|
|
89
89
|
ok: false;
|
|
90
90
|
error: string;
|
|
91
91
|
};
|
|
92
|
+
/**
|
|
93
|
+
* Renders a {@link DocSchemaShape} as a TypeScript-like block with `// description`
|
|
94
|
+
* comments on each field row. Used by `getSchema`, catalog builders, and hosted MCP.
|
|
95
|
+
*/
|
|
96
|
+
declare function formatDocSchemaShape(shape: DocSchemaShape | undefined, depth?: number): string;
|
|
92
97
|
/**
|
|
93
98
|
* Returns structured API, webhook, and DB operation metadata for a single plugin.
|
|
94
99
|
* Intended for **documentation generators** inside the Corsair repo (or tooling that depends
|
|
@@ -140,4 +145,4 @@ declare function createCorsair<const Plugins extends readonly CorsairPlugin[]>(c
|
|
|
140
145
|
multiTenancy?: false | undefined;
|
|
141
146
|
}): CorsairSingleTenantClient<Plugins>;
|
|
142
147
|
|
|
143
|
-
export { CORSAIR_INTERNAL as C, type DocSchemaFieldRow as D, type EndpointSchemaResult as E, type IntrospectPluginForDocsResult as I, type ListOperationsOptions as L, type PluginDocsIntrospection as P, type CorsairInternalConfig as a, type DocSchemaShape as b, createCorsair as c, type DocsApiEndpoint as d, type DocsDbEntity as e, type DocsDbFilterField as
|
|
148
|
+
export { CORSAIR_INTERNAL as C, type DocSchemaFieldRow as D, type EndpointSchemaResult as E, type IntrospectPluginForDocsResult as I, type ListOperationsOptions as L, type PluginDocsIntrospection as P, type CorsairInternalConfig as a, type DocSchemaShape as b, createCorsair as c, type DocsApiEndpoint as d, type DocsDbEntity as e, formatDocSchemaShape as f, type DocsDbFilterField as g, type DocsWebhook as h, introspectPluginForDocs as i };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { L as ListOperationsOptions } from './index-
|
|
2
|
-
export { c as createCorsair } from './index-
|
|
3
|
-
import { c as CorsairSingleTenantClient, C as CorsairPlugin, b as CorsairTenantWrapper, d as CorsairClient, e as CorsairPermissionsNamespace, B as BoundWebhookTree, R as RawWebhookRequest, f as BaseProviders, W as WebhookResponse } from './index-
|
|
1
|
+
import { L as ListOperationsOptions } from './index-DKq1RoJC.js';
|
|
2
|
+
export { c as createCorsair, f as formatDocSchemaShape } from './index-DKq1RoJC.js';
|
|
3
|
+
import { c as CorsairSingleTenantClient, C as CorsairPlugin, b as CorsairTenantWrapper, d as CorsairClient, e as CorsairPermissionsNamespace, B as BoundWebhookTree, R as RawWebhookRequest, f as BaseProviders, W as WebhookResponse } from './index-Cl9PJjsS.js';
|
|
4
4
|
export { SetupCorsairOptions, setupCorsair } from './setup.js';
|
|
5
5
|
import './db.js';
|
|
6
6
|
import 'kysely';
|
package/dist/index.js
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import{a as
|
|
1
|
+
import{a as S}from"./chunk-275AZA6T.js";import{q as m,r as k,s as b,t as y,v as w,w as I}from"./chunk-7SONQAHW.js";import"./chunk-UBM25HVI.js";import"./chunk-OZHME3EO.js";import"./chunk-3USHGH6P.js";import"./chunk-ZGVIF3UY.js";import"./chunk-QAIKSQAD.js";function x(n){let r=n[w];if(!r)throw new Error("listOperations / getSchema: invalid corsair instance. Pass the value returned by createCorsair() or corsair.withTenant().");return r.plugins}function O(n,r){let o=k(x(n),r);return typeof o=="string"?o:Array.isArray(o)?o.join(`
|
|
2
2
|
`):Object.values(o).flat().join(`
|
|
3
|
-
`)}function
|
|
3
|
+
`)}function T(n,r){return b(x(n),r)}var B=Symbol.for("corsair:internal");function A(n,r){let o=n;for(let e of r){if(!o||typeof o!="object")return null;o=o[e]}return typeof o=="function"?o:null}function C(n){return n[B]?.database}async function E(n,r){let o=new Date().toISOString(),e=await n.permissions.find_by_token(r);if(!e)return console.error("executePermission: no permission found for token."),{error:"executePermission: no permission found for token."};if(e.status!=="approved")return console.error(`executePermission: permission '${e.id}' is '${e.status}', expected 'approved'.`),{endpoint:e.endpoint,plugin:e.plugin,result:null,error:`executePermission: permission '${e.id}' is '${e.status}', expected 'approved'.`};if(e.expires_at<o){let i=C(n);return i&&await i.db.updateTable("corsair_permissions").set({status:"expired",updated_at:new Date}).where("id","=",e.id).execute(),console.error(`executePermission: permission '${e.id}' has expired.`),{error:`executePermission: permission '${e.id}' has expired.`,endpoint:e.endpoint,plugin:e.plugin,result:null}}let t=e.tenant_id??"default",g=(n.withTenant?n.withTenant(t):n)[e.plugin];if(!g?.api)return console.error(`executePermission: plugin '${e.plugin}' not found or has no API on this corsair instance.`),{error:`executePermission: plugin '${e.plugin}' not found or has no API on this corsair instance.`,plugin:e.plugin,endpoint:e.endpoint,result:null};let p=A(g.api,e.endpoint.split("."));if(!p)return console.error(`executePermission: endpoint '${e.endpoint}' not found in plugin '${e.plugin}'.`),{endpoint:e.endpoint,plugin:e.plugin,result:null,error:`executePermission: endpoint '${e.endpoint}' not found in plugin '${e.plugin}'.`};await n.permissions.set_executing(e.id);try{let i=typeof e.args=="string"?JSON.parse(e.args):e.args,u=await p(i);return await n.permissions.set_completed(e.id),{plugin:e.plugin,endpoint:e.endpoint,result:u}}catch(i){let u=i instanceof Error?i.message:String(i),d=C(n);return d&&await d.db.updateTable("corsair_permissions").set({status:"failed",error:u,updated_at:new Date}).where("id","=",e.id).execute(),{plugin:e.plugin,endpoint:e.endpoint,result:null,error:u}}}function $(n){return n!==null&&typeof n=="object"&&"match"in n&&"handler"in n&&typeof n.match=="function"&&typeof n.handler=="function"}function R(n,r,o=[]){for(let[e,t]of Object.entries(n))if($(t)){if(t.match(r))return{webhook:t,path:[...o,e]}}else if(t&&typeof t=="object"){let s=R(t,r,[...o,e]);if(s)return s}return null}function j(n){let r={};for(let[o,e]of Object.entries(n))r[o.toLowerCase()]=Array.isArray(e)?e[0]:e;return r}function _(n){let r=n["x-goog-resource-uri"],o=n["x-goog-channel-id"];if(!r||!o)return null;let e={resourceId:n["x-goog-resource-id"]||"",resourceState:n["x-goog-resource-state"]||"",resourceUri:r,channelId:o,channelExpiration:n["x-goog-channel-expiration"]||""};return r.includes("/drive/")&&(e.kind="drive#change"),{message:{data:Buffer.from(JSON.stringify(e)).toString("base64"),messageId:n["x-goog-message-number"]||""}}}async function N(n,r,o,e){let t=j(r),s=typeof o=="string"?JSON.parse(o):o;(!s||typeof s=="object"&&Object.keys(s).length===0)&&t["x-goog-resource-uri"]&&(s=_(t)||s);let p={headers:t,body:s},i=e?.tenantId||"default",u=n.withTenant?n.withTenant(i):n,d=m;for(let l of d){let c=u[l];if(!c||!c.webhooks||c.pluginWebhookMatcher&&!c.pluginWebhookMatcher(p))continue;let f=R(c.webhooks,p);if(!f)continue;let h=f.path.join("."),P={payload:s,headers:t,rawBody:typeof o=="string"?o:JSON.stringify(o)};try{let a=await f.webhook.handler(P),W=!!Object.keys(a.returnToSender||{})?.length;return{plugin:l,action:h,body:s,response:W?{...a?.returnToSender,success:!0}:{success:!0},...a.responseHeaders&&{responseHeaders:a.responseHeaders}}}catch(a){return console.error(`Error executing webhook handler for ${l}.${h}:`,a),{plugin:l,action:h,body:s,response:{success:!1,error:a instanceof Error?a.message:"Unknown error"}}}}return{plugin:null,action:null,body:null}}export{I as createCorsair,E as executePermission,y as formatDocSchemaShape,T as getSchema,O as listOperations,N as processWebhook,S as setupCorsair};
|
package/dist/oauth.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{a as m,b as w,j as h,k as A,p as C,
|
|
1
|
+
import{a as m,b as w,j as h,k as A,p as C,v as y}from"./chunk-7SONQAHW.js";import{b as _}from"./chunk-UBM25HVI.js";import"./chunk-OZHME3EO.js";import"./chunk-3USHGH6P.js";import"./chunk-ZGVIF3UY.js";import"./chunk-QAIKSQAD.js";import*as l from"crypto";import*as b from"querystring";function x(e,t){return Buffer.from(JSON.stringify({plugin:e,tenantId:t})).toString("base64url")}function S(e){try{let t=e.includes(".")?e.split(".")[0]:e,n=JSON.parse(Buffer.from(t,"base64url").toString("utf-8"));return n!==null&&typeof n=="object"&&"plugin"in n&&"tenantId"in n&&typeof n.plugin=="string"&&typeof n.tenantId=="string"?n:null}catch{return null}}function N(e,t){let n=l.createHmac("sha256",t).update(e).digest("base64url");return`${e}.${n}`}function U(e,t){let n=e.lastIndexOf(".");if(n===-1)return null;let a=e.slice(0,n),i=e.slice(n+1),r=l.createHmac("sha256",t).update(a).digest("base64url"),s=Buffer.from(i,"base64url"),o=Buffer.from(r,"base64url");return s.length!==o.length||!l.timingSafeEqual(s,o)?null:S(a)}function I(e){let t=e[y];if(!t)throw new Error("Invalid corsair instance");return t}function P(e,t){let n=e.plugins.find(a=>a.id===t);if(!n)throw new Error(`Plugin '${t}' not found`);return n}function E(e){let t=e.oauthConfig;if(!t)throw new Error(`Plugin '${e.id}' has no oauthConfig`);return t}async function R(e,t,n,a){let i=_(e),r=await i.integrations.findByName(t);if(!r)throw new Error(`Integration '${t}' not found. Run setupCorsair first.`);if(await i.accounts.findOne({tenant_id:n,integration_id:r.id}))return;let o=m(),c=await w(o,a);await i.accounts.create({tenant_id:n,integration_id:r.id,config:{},dek:c})}async function $(e,t,n){let{tenantId:a,redirectUri:i}=n,r=I(e);if(!r.database)throw new Error("No database configured on corsair instance");let s=P(r,t),o=E(s),f=await h({authType:"oauth_2",integrationName:t,kek:r.kek,database:r.database}).get_client_id();if(!f)throw new Error(`client_id not configured for '${t}'`);let g=N(x(t,a),r.kek),d={...o.authParams,client_id:f,redirect_uri:i,response_type:"code",scope:o.scopes.join(" "),state:g};return{url:`${o.authUrl}?${b.stringify(d)}`,state:g}}async function K(e,t){let{code:n,state:a,redirectUri:i}=t,r=I(e),s=U(a,r.kek);if(!s)throw new Error("Invalid or tampered state parameter");let{plugin:o,tenantId:c}=s;if(!r.database)throw new Error("No database configured on corsair instance");let f=P(r,o),g=E(f),d=h({authType:"oauth_2",integrationName:o,kek:r.kek,database:r.database}),k=await d.get_client_id(),O=await d.get_client_secret();if(!k||!O)throw new Error(`Credentials not configured for '${o}'`);await R(r.database,o,c,r.kek);let u=await C(n,k,O,g,i);if(!u.access_token)throw new Error(`No access_token returned from ${g.providerName}`);let p=A({authType:"oauth_2",integrationName:o,tenantId:c,kek:r.kek,database:r.database});return await p.set_access_token(u.access_token),u.refresh_token&&await p.set_refresh_token(u.refresh_token),u.expires_in&&await p.set_expires_at(String(Math.floor(Date.now()/1e3)+u.expires_in)),{plugin:o,tenantId:c}}export{S as decodeOAuthState,x as encodeOAuthState,$ as generateOAuthUrl,K as processOAuthCallback};
|
package/dist/setup.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { C as CorsairPlugin, c as CorsairSingleTenantClient, b as CorsairTenantWrapper } from './index-
|
|
1
|
+
import { C as CorsairPlugin, c as CorsairSingleTenantClient, b as CorsairTenantWrapper } from './index-Cl9PJjsS.js';
|
|
2
2
|
import 'zod';
|
|
3
3
|
import './orm.js';
|
|
4
4
|
import './db.js';
|
package/dist/setup.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{a as o}from"./chunk-
|
|
1
|
+
import{a as o}from"./chunk-275AZA6T.js";import"./chunk-7SONQAHW.js";import"./chunk-UBM25HVI.js";import"./chunk-OZHME3EO.js";import"./chunk-3USHGH6P.js";import"./chunk-ZGVIF3UY.js";import"./chunk-QAIKSQAD.js";export{o as setupCorsair};
|
package/package.json
CHANGED
package/dist/chunk-XYRVJ76B.js
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
import{a as be,b as te}from"./chunk-OZHME3EO.js";import{a as ke}from"./chunk-ZGVIF3UY.js";import{createCipheriv as we,createDecipheriv as Te,randomBytes as G,scrypt as He}from"crypto";import{promisify as Ue}from"util";var Ce=Ue(He),J="aes-256-gcm",Pe=12,V=16,qe=16,H=32;function K(){return G(H).toString("base64")}async function M(e,t){let n=G(qe),r=await Ce(t,n,H),o=G(Pe),i=we(J,r,o,{authTagLength:V}),s=Buffer.concat([i.update(e,"utf8"),i.final()]),a=i.getAuthTag();return[n.toString("base64"),o.toString("base64"),a.toString("base64"),s.toString("base64")].join(":")}async function O(e,t){let[n,r,o,i]=e.split(":");if(!n||!r||!o||!i)throw new Error("Invalid encrypted DEK format");let s=Buffer.from(n,"base64"),a=Buffer.from(r,"base64"),d=Buffer.from(o,"base64"),c=Buffer.from(i,"base64"),l=await Ce(t,s,H),p=Te(J,l,a,{authTagLength:V});return p.setAuthTag(d),Buffer.concat([p.update(c),p.final()]).toString("utf8")}function oe(e,t){let n=Buffer.from(t,"base64"),r=G(Pe),o=we(J,n,r,{authTagLength:V}),i=Buffer.concat([o.update(e,"utf8"),o.final()]),s=o.getAuthTag();return[r.toString("base64"),s.toString("base64"),i.toString("base64")].join(":")}function re(e,t){let[n,r,o]=e.split(":");if(!n||!r||!o)throw new Error("Invalid encrypted data format");let i=Buffer.from(t,"base64"),s=Buffer.from(n,"base64"),a=Buffer.from(r,"base64"),d=Buffer.from(o,"base64"),c=Te(J,i,s,{authTagLength:V});return c.setAuthTag(a),Buffer.concat([c.update(d),c.final()]).toString("utf8")}function Z(e,t){let n={};for(let[r,o]of Object.entries(e))n[r]=oe(o,t);return n}function S(e,t){let n={};for(let[r,o]of Object.entries(e))n[r]=re(o,t);return n}function U(e,t,n){let r=S(e,t);return Z(r,n)}function Y(e,t){let n=[];e||n.push("database"),t||n.push("kek");let r={};return new Proxy(r,{get(o,i){let s=n.length>1;throw new Error(`corsair.keys.${String(i)}: Cannot access keys because ${n.join(" and ")} ${s?"are":"is"} not configured. Provide both 'database' and 'kek' in createCorsair() to enable key management.
|
|
2
|
-
|
|
3
|
-
To generate a KEK, run: openssl rand -base64 ${H}`)}})}var q={oauth_2:{integration:["client_id","client_secret","redirect_url"],account:["access_token","refresh_token","expires_at","scope","webhook_signature"]},api_key:{integration:[],account:["api_key","webhook_signature"]},bot_token:{integration:[],account:["bot_token","webhook_signature"]}};function xe(e,t,n){let r={};for(let o of n)r[`get_${o}`]=async()=>(await e())[o]??null,r[`set_${o}`]=async i=>{let s=[null,void 0,""].includes(i)?null:i;await t({[o]:s})};return r}var ie=e=>{if(!e)return{};if(typeof e=="string")try{return JSON.parse(e)}catch{return{}}return e};function Q(e){let{authType:t,integrationName:n,kek:r,database:o,extraIntegrationFields:i=[]}=e,s=[...q[t].integration,...i],a=null,d={kek:r,integrationName:n,getIntegration:async()=>{if(a)return a;let u=await o.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!u)throw new Error(`Integration "${n}" not found. Make sure to create the integration first.`);return a={id:u.id,config:ie(u.config),dek:u.dek??null},a},updateIntegration:async u=>{let f=await d.getIntegration();await o.db.updateTable("corsair_integrations").set({...u.config!==void 0?{config:u.config}:{},...u.dek!==void 0?{dek:u.dek}:{},updated_at:new Date}).where("id","=",f.id).execute(),a=null}},c=null,l=async()=>{if(c)return c;let u=await d.getIntegration();if(!u.dek)throw new Error(`No DEK found for integration "${n}". Initialize the integration first.`);return c=await O(u.dek,r),c},p=async()=>{let u=await d.getIntegration(),f=await l(),m=u.config;return!m||Object.keys(m).length===0?{}:S(m,f)};return{get_dek:l,issue_new_dek:async()=>{let u=await d.getIntegration(),f=K(),m={};if(u.dek){let P=await O(u.dek,r),b=u.config;b&&Object.keys(b).length>0&&(m=U(b,P,f))}let k=await M(f,r);return await d.updateIntegration({config:m,dek:k}),c=f,f},...xe(p,async u=>{let f=await l(),m;try{m=await p()}catch(b){console.error(`[corsair] Failed to decrypt config for integration "${n}", starting fresh:`,b),m={}}let k={...m};for(let[b,y]of Object.entries(u))y===null?delete k[b]:k[b]=y;let P=Z(k,f);await d.updateIntegration({config:P})},s)}}function X(e){let{authType:t,integrationName:n,tenantId:r,kek:o,database:i,extraAccountFields:s=[]}=e,a=[...q[t].account,...s],d=null,c=null,l=async()=>{if(c)return c;let y=await i.db.selectFrom("corsair_integrations").selectAll().where("name","=",n).executeTakeFirst();if(!y)throw new Error(`Integration "${n}" not found. Make sure to create the integration first.`);return c={id:y.id,config:ie(y.config),dek:y.dek??null},c},p={kek:o,integrationName:n,tenantId:r,getIntegration:l,getAccount:async()=>{if(d)return d;let y=await l(),w=await i.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",r).where("integration_id","=",y.id).executeTakeFirst();if(!w)throw new Error(`Account not found for tenant "${r}" and integration "${n}". Make sure to create the account first.`);return d={id:w.id,config:ie(w.config),dek:w.dek??null},d},updateAccount:async y=>{let w=await p.getAccount();await i.db.updateTable("corsair_accounts").set({...y.config!==void 0?{config:y.config}:{},...y.dek!==void 0?{dek:y.dek}:{},updated_at:new Date}).where("id","=",w.id).execute(),d=null}},h=null,g=null,u=async()=>{if(h)return h;let y=await p.getAccount();if(!y.dek)throw new Error(`No DEK found for account (tenant: "${r}", integration: "${n}"). Initialize the account first.`);return h=await O(y.dek,o),h},f=async()=>{if(g)return g;let y=await p.getIntegration();if(!y.dek)throw new Error(`No DEK found for integration "${n}". Initialize the integration first.`);return g=await O(y.dek,o),g},m=async()=>{let y=await p.getAccount(),w=await u(),T=y.config;return!T||Object.keys(T).length===0?{}:S(T,w)},k=async()=>{let y=await p.getIntegration(),w=await f(),T=y.config;return!T||Object.keys(T).length===0?{}:S(T,w)},b={get_dek:u,issue_new_dek:async()=>{let y=await p.getAccount(),w=K(),T={};if(y.dek){let C=await O(y.dek,o),A=y.config;A&&Object.keys(A).length>0&&(T=U(A,C,w))}let I=await M(w,o);return await p.updateAccount({config:T,dek:I}),h=w,w},...xe(m,async y=>{let w=await u(),T;try{T=await m()}catch(A){console.error(`[corsair] Failed to decrypt config for account (tenant: "${r}", integration: "${n}"), starting fresh:`,A),T={}}let I={...T};for(let[A,E]of Object.entries(y))E===null?delete I[A]:I[A]=E;let C=Z(I,w);await p.updateAccount({config:C})},a)};return t==="oauth_2"&&(b.get_integration_credentials=async()=>{let y=await k();return{client_id:y.client_id||null,client_secret:y.client_secret||null,redirect_url:y.redirect_url??null}}),b}async function Ae(e,t,n){let r=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!r)throw new Error(`Integration "${t}" not found.`);let o=K(),i=await M(o,n);return await e.db.updateTable("corsair_integrations").set({dek:i,updated_at:new Date}).where("id","=",r.id).execute(),o}async function Ee(e,t,n,r){let o=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!o)throw new Error(`Integration "${t}" not found.`);let i=await e.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",n).where("integration_id","=",o.id).executeTakeFirst();if(!i)throw new Error(`Account not found for tenant "${n}" and integration "${t}".`);let s=K(),a=await M(s,r);return await e.db.updateTable("corsair_accounts").set({dek:a,updated_at:new Date}).where("id","=",i.id).execute(),s}var ze=async(e,t)=>(console.error(`[corsair:${t.pluginId}:${t.operation}]`,{error:e.message,input:t.input}),{maxRetries:0});async function Re(e,t,n,r,o){let i={pluginId:t,operation:n,input:r,originalError:e},s=Object.keys(o).find(c=>o[c]?.match(e,i));return await(o[s||"DEFAULT"]?.handler||ze)(e,i)}import{randomBytes as Ge}from"crypto";import{v4 as Je}from"uuid";var Ve={open:{read:"allow",write:"allow",destructive:"allow"},cautious:{read:"allow",write:"allow",destructive:"require_approval"},strict:{read:"allow",write:"require_approval",destructive:"deny"},readonly:{read:"allow",write:"deny",destructive:"deny"}};function Ye(e,t,n){return n!==void 0?n:Ve[t][e]}function De(e){let t=/(\d+)(d|h|m|s)/g,n=0,r;for(;(r=t.exec(e))!==null;){let o=parseInt(r[1],10);switch(r[2]){case"d":n+=o*864e5;break;case"h":n+=o*36e5;break;case"m":n+=o*6e4;break;case"s":n+=o*1e3;break}}return n>0?n:600*1e3}function _e(e){return{async find_by_permission_id(t){if(e)return e.db.selectFrom("corsair_permissions").selectAll().where("id","=",t).executeTakeFirst()},async find_by_token(t){if(e)return e.db.selectFrom("corsair_permissions").selectAll().where("token","=",t).executeTakeFirst()},async set_executing(t){e&&await e.db.updateTable("corsair_permissions").set({status:"executing",updated_at:new Date}).where("id","=",t).execute()},async set_completed(t){e&&await e.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",t).execute()}}}async function Ie(e,t,n){let r=Date.now()+n;for(;Date.now()<r;){let o=await e.db.selectFrom("corsair_permissions").select(["id","status"]).where("id","=",t).executeTakeFirst();if(!o)return{result:"blocked",reason:"pending"};if(o.status==="approved")return{result:"allow",onComplete:async()=>{await e.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",t).execute()}};if(o.status==="denied")return{result:"blocked",reason:"denied"};if(o.status==="expired"||o.status==="failed")return{result:"blocked",reason:"timeout"};await new Promise(i=>setTimeout(i,500))}return{result:"blocked",reason:"timeout"}}async function ve(e){let t=Ye(e.riskLevel,e.mode,e.override);if(t==="allow")return{result:"allow"};let n=e.meta?.irreversible?" (irreversible)":"",r=e.meta?.description?`${e.meta.description}${n}`:`${e.pluginId}.${e.endpointPath}${n}`;if(t==="deny"||!e.db)return console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 denied by permission mode '${e.mode}'.`,`
|
|
4
|
-
Action: ${r}`,`
|
|
5
|
-
To allow this, update the permission mode or add an override in your corsair config.`),{result:"blocked",reason:"policy"};let o=JSON.stringify(e.args),i=new Date().toISOString(),s=e.tenantId??"default",a=await e.db.db.selectFrom("corsair_permissions").selectAll().where("plugin","=",e.pluginId).where("endpoint","=",e.endpointPath).where("args","=",o).where("tenant_id","=",s).where("expires_at",">",i).where("status","in",["pending","approved","executing"]).orderBy("created_at","desc").limit(1).executeTakeFirst();if(a){if(a.status==="approved"){let u=e.db,f=a.id;return{result:"allow",onComplete:async()=>{await u.db.updateTable("corsair_permissions").set({status:"completed",updated_at:new Date}).where("id","=",f).execute()}}}return a.status==="executing"?{result:"allow"}:(console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 approval already pending.`,`
|
|
6
|
-
Action: ${r}`,`
|
|
7
|
-
Permission ID: ${a.id}`,`
|
|
8
|
-
Use the token to approve or deny this request.`),(typeof e.approvalMode=="function"?e.approvalMode():e.approvalMode)==="synchronous"?Ie(e.db,a.id,e.timeoutMs??600*1e3):{result:"blocked",reason:"pending",id:a.id,token:a.token})}let d=Je(),c=Ge(32).toString("hex"),l=e.timeoutMs??600*1e3,p=new Date(Date.now()+l).toISOString();return await e.db.db.insertInto("corsair_permissions").values({id:d,created_at:new Date,updated_at:new Date,token:c,plugin:e.pluginId,endpoint:e.endpointPath,args:o,tenant_id:s,status:"pending",expires_at:p}).execute(),console.log(`[corsair/${e.pluginId}] '${e.endpointPath}' blocked \u2014 approval required.`,`
|
|
9
|
-
Action: ${r}`,`
|
|
10
|
-
Permission ID: ${d}`,`
|
|
11
|
-
Permission token: ${c}`,`
|
|
12
|
-
Expires at: ${p}`,`
|
|
13
|
-
Use the token to approve or deny this request.`),(typeof e.approvalMode=="function"?e.approvalMode():e.approvalMode)==="synchronous"?Ie(e.db,d,l):{result:"blocked",reason:"pending",id:d,token:c}}function Qe(e){return typeof e=="function"}function se({endpoints:e,hooks:t,ctx:n,tree:r,pluginId:o,errorHandlers:i,currentPath:s=[],keyBuilder:a,permissionsConfig:d,endpointMeta:c,database:l,approvalConfig:p,tenantId:h}){for(let[g,u]of Object.entries(e)){let f=t?.[g];if(Qe(u)){let m=f,k=[...s,g].join("."),P=async(b={})=>{let y;if(d){let E=c?.[k],{result:B,reason:v,onComplete:W,token:F,id:$}=await ve({pluginId:o,endpointPath:k,args:b,mode:d.mode,override:d.overrides?.[k],riskLevel:E?.riskLevel??"write",meta:E,db:l,timeoutMs:p?De(p.timeout):void 0,tenantId:h,approvalMode:p?.mode});if(B==="blocked"){let x;throw v==="denied"?x=`Action '${k}' was denied by the user. Await further instructions before proceeding.`:v==="policy"?x=`Action '${k}' is blocked by the permission policy. Update the corsair config to allow it.`:v==="timeout"?x=`Action '${k}' timed out waiting for approval.`:p?.formatAsyncMessage&&F&&$?x=p.formatAsyncMessage({token:F,id:$,plugin:o,endpoint:k,args:b}):x=`Action '${k}' requires user approval before it can run.`,new Error(x)}y=W}let w=async(E,B,v)=>{try{return await u(B,v)}catch(W){if(W instanceof Error){let F=await Re(W,o,k,typeof v=="object"&&v!==null?v:{args:v},i);if(E<(F.maxRetries||0)){let $=E+1;console.log(`Retrying (${$} / ${F.maxRetries})...`);let x;if(F.headersRetryAfterMs)x=F.headersRetryAfterMs;else switch(F.retryStrategy){case"exponential_backoff":x=Math.pow(2,$-1)*1e3;break;case"exponential_backoff_jitter":let ne=Math.pow(2,$-1)*1e3,We=(Math.random()-.5)*1e3;x=Math.max(0,ne+We);break;case"linear_1s":x=1e3;break;case"linear_2s":x=2e3;break;case"linear_3s":x=3e3;break;case"linear_4s":x=4e3;break;default:x=1e3;break}await new Promise(ne=>setTimeout(ne,x)),await w($,B,v),console.log(`[corsair:${o}:${k}] Retry strategy:`,F)}}throw W}},T=a?await a(n,"endpoint"):void 0;if(!m?.before&&!m?.after){let E=await w(0,{...n,key:T},b);return await y?.(),E}let I={...n,key:T},C=m.before?await m.before(I,b):{ctx:I,args:b,continue:!0,passToAfter:void 0};if(C.continue===!1)return;let A=await w(0,C.ctx,C.args);return await m.after?.(C.ctx,A,C.passToAfter),await y?.(),A};r[g]=P}else if(u&&typeof u=="object"){let m={};se({endpoints:u,hooks:f,ctx:n,tree:m,pluginId:o,errorHandlers:i,currentPath:[...s,g],keyBuilder:a,permissionsConfig:d,endpointMeta:c,database:l,approvalConfig:p,tenantId:h}),r[g]=m}}}function Xe(e){return e!==null&&typeof e=="object"&&"match"in e&&"handler"in e&&typeof e.match=="function"&&typeof e.handler=="function"}function ae({webhooks:e,hooks:t,ctx:n,webhooksTree:r,keyBuilder:o}){for(let[i,s]of Object.entries(e)){let a=t?.[i];if(Xe(s)){let d=a,c=async l=>{let p=(g,u)=>s.handler(g,u),h=o?await o(n,"webhook"):void 0;return!d?.before&&!d?.after?p({...n,key:h},l):(async()=>{let g={...n,key:h},u=d.before?await d.before(g,l):{ctx:g,args:l,continue:!0,passToAfter:void 0};if(u.continue===!1)return;let f=await p(u.ctx,u.args);return f?.success===!0&&await d.after?.(u.ctx,f,u.passToAfter),f})()};r[i]={match:s.match,handler:c}}else if(s&&typeof s=="object"){let d={};ae({webhooks:s,hooks:a,ctx:n,webhooksTree:d,keyBuilder:o}),r[i]=d}}}function en(e,t,n){let r=null;return async()=>{if(r)return r;if(!e)throw new Error("Database not configured");let o=await e.db.selectFrom("corsair_integrations").selectAll().where("name","=",t).executeTakeFirst();if(!o)throw new Error(`Integration "${t}" not found. Make sure to create the integration first.`);let i=await e.db.selectFrom("corsair_accounts").selectAll().where("tenant_id","=",n).where("integration_id","=",o.id).executeTakeFirst();if(!i)throw new Error(`Account not found for tenant "${n}" and integration "${t}". Make sure to create the account first.`);return r=i.id,r}}function nn(e,t,n,r,o){return e?te(e.db,t,n,r,o):{findByEntityId:async()=>null,findById:async()=>null,findManyByEntityIds:async()=>[],list:async()=>[],search:async()=>[],upsertByEntityId:async()=>{throw new Error("Database not configured")},deleteById:async()=>!1,deleteByEntityId:async()=>!1,count:async()=>0}}function ce(e,t){let{database:n,tenantId:r,kek:o,rootErrorHandlers:i,approvalConfig:s}=t,a={},d={};for(let c of e)a[c.id]={},d[c.id]={};for(let c of e){let l=c.schema,p=r??"default",h=en(n,c.id,p);if(l?.entities){let C={};for(let[A,E]of Object.entries(l.entities)){let B=n?te(n.db,h,A,l.version,E):nn(void 0,h,A,l.version,E);C[A]=B}d[c.id].db=C,a[c.id].db=C}let g=c.options,u=c.authConfig,f;if(n&&o&&g?.authType){let C=u?.[g.authType]?.account??[];f=X({authType:g.authType,integrationName:c.id,tenantId:p,kek:o,database:n,extraAccountFields:C}),a[c.id].keys=f}let m={database:n,db:d[c.id]?.db??{},$getAccountId:h,...c.options?{options:c.options}:{},...f?{keys:f,authType:g?.authType}:{},...r?{tenantId:r}:{}},k=c.endpoints??{},P=c.hooks,b={...i,...c.errorHandlers},y={},w=c.options?.permissions;se({endpoints:k,hooks:P,ctx:m,tree:y,pluginId:c.id,errorHandlers:b,currentPath:[],keyBuilder:c.keyBuilder,permissionsConfig:w,endpointMeta:c.endpointMeta,database:n,approvalConfig:s,tenantId:r}),Object.keys(y).length>0&&(a[c.id].api=y),m.endpoints=y;let T=c.webhooks??{},I=c.webhookHooks;if(Object.keys(T).length>0){let C={};ae({webhooks:T,hooks:I,ctx:m,webhooksTree:C,keyBuilder:c.keyBuilder}),a[c.id].webhooks=C,c.pluginWebhookMatcher&&(a[c.id].pluginWebhookMatcher=c.pluginWebhookMatcher)}}return a}function Fe(e,t,n){let r={};for(let o of e){let i=o.options,s=o.authConfig;if(i?.authType){let a=s?.[i.authType]?.integration??[],d=Q({authType:i.authType,integrationName:o.id,kek:n,database:t,extraIntegrationFields:a});r[o.id]=d}}return r}async function Oe(e,t,n,r,o="pending"){if(!e)return null;try{let i=be(),s=new Date;return await e.db.insertInto("corsair_events").values({id:i,created_at:s,updated_at:s,account_id:t,event_type:n,payload:r,status:o}).execute(),i}catch(i){return console.warn("Failed to log event:",i),null}}async function tn(e,t,n,r="pending"){try{let o=await e.$getAccountId();return Oe(e.database,o,t,n,r)}catch(o){return console.warn("Failed to log event:",o),null}}import*as $e from"https";import*as Ke from"querystring";function Me(e,t,n,r,o){let i=new URL(r.tokenUrl),s=r.tokenAuthMethod==="basic";return new Promise((a,d)=>{let c={code:e.trim(),redirect_uri:o,grant_type:"authorization_code"};s||(c.client_id=t,c.client_secret=n);let l=Ke.stringify(c),p={"Content-Type":"application/x-www-form-urlencoded","Content-Length":Buffer.byteLength(l).toString()};s&&(p.Authorization=`Basic ${Buffer.from(`${t}:${n}`).toString("base64")}`);let h=$e.request({hostname:i.hostname,...i.port?{port:Number(i.port)}:{},path:i.pathname+i.search,method:"POST",headers:p},g=>{let u="";g.on("data",f=>{u+=f}),g.on("end",()=>{if(g.statusCode!==200){d(new Error(`Token exchange failed (${g.statusCode}): ${u}`));return}try{a(JSON.parse(u))}catch{d(new Error(`Token endpoint returned non-JSON response: ${u}`))}})});h.on("error",g=>d(new Error(`Request failed: ${g.message}`))),h.write(l),h.end()})}var Se=["ably","airtable","amplitude","asana","box","cal","calendly","cloudflare","cursor","discord","dodopayments","dropbox","exa","figma","firecrawl","fireflies","github","gitlab","gmail","googlecalendar","googledrive","googlesheets","hackernews","hubspot","intercom","jira","linear","monday","notion","onedrive","openweathermap","oura","outlook","pagerduty","posthog","razorpay","reddit","resend","sentry","sharepoint","slack","spotify","strava","stripe","tavily","teams","telegram","todoist","trello","twitter","twitterapiio","typeform","vapi","youtube","zoom"];var Ne=" ";function D(e){return e._def}function _(e){let t=e.typeName;if(t)return t;let n=e.type;if(n)return`Zod${n.charAt(0).toUpperCase()}${n.slice(1)}`}function L(e){return e.innerType}function on(e){return e.element??e.type}function ee(e,t){let n=t.shape??e.shape;return typeof n=="function"?n():n}function R(e){let t=D(e),n=_(t);switch(n){case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodNull":return"null";case"ZodUnknown":case"ZodAny":return"any";case"ZodLiteral":return String(t.value);case"ZodEnum":return t.values.map(r=>String(r)).join(" | ");case"ZodOptional":return R(L(t));case"ZodNullable":return`${R(L(t))} | null`;case"ZodArray":{let r=on(t),o=D(r),i=_(o)==="ZodUnion",s=R(r);return`${i?`(${s})`:s}[]`}case"ZodRecord":return"{}";case"ZodObject":{let r=ee(e,t),o=Object.entries(r);return o.length===0?"{}":`{ ${o.map(([s,a])=>{let d=_(D(a));return`${d==="ZodOptional"||d==="ZodNullable"?s+"?":s}: ${R(a)}`}).join(", ")} }`}case"ZodUnion":return t.options.map(R).join(" | ");case"ZodIntersection":return`${R(t.left)} & ${R(t.right)}`;default:return(n??"unknown").replace("Zod","").toLowerCase()}}function z(e,t){let n=D(e),r=_(n);if(r==="ZodOptional")return z(L(n),t);if(r!=="ZodObject")return R(e);let o=ee(e,n),i=Object.entries(o);if(i.length===0)return"{}";let s=Ne.repeat(t+1),a=Ne.repeat(t),d=[];for(let[c,l]of i){let p=D(l),h=_(p),u=h==="ZodOptional"||h==="ZodNullable"?`${c}?`:c,f=h==="ZodOptional"||h==="ZodNullable"?p.innerType:l,m=D(f),k=_(m),P=m?.description,b=P?` // ${P}`:"";k==="ZodObject"?d.push(`${s}${u}: ${z(f,t+1)}${b}`):d.push(`${s}${u}: ${R(l)}${b}`)}return`{
|
|
14
|
-
${d.join(`
|
|
15
|
-
`)}
|
|
16
|
-
${a}}`}var fe=["equals","contains","startsWith","endsWith","in"],rn=["equals","gt","gte","lt","lte","in"],sn=["equals"],an=["equals","before","after","between"];function Ze(e){let t=D(e);switch(_(t)){case"ZodOptional":case"ZodNullable":case"ZodDefault":return Ze(L(t));case"ZodString":return"string";case"ZodNumber":return"number";case"ZodBoolean":return"boolean";case"ZodDate":return"date";default:return null}}function ye(e){let t=D(e),n=_(t);if(n==="ZodOptional"||n==="ZodNullable"||n==="ZodDefault")return ye(L(t));if(n!=="ZodObject")return{};let r=ee(e,t),o={};for(let[i,s]of Object.entries(r)){let a=Ze(s);a==="string"?o[i]={type:"string",operators:fe}:a==="number"?o[i]={type:"number",operators:rn}:a==="boolean"?o[i]={type:"boolean",operators:sn}:a==="date"&&(o[i]={type:"date",operators:an})}return o}function je(e,t){for(let[n,r]of Object.entries(e))if(n.toLowerCase()===t)return[n,r]}function le(e,t,n){for(let[r,o]of Object.entries(e)){let i=[...t,r];typeof o=="function"?n.push(i.join(".")):o!==null&&typeof o=="object"&&le(o,i,n)}}function pe(e){return e!==null&&typeof e=="object"&&"match"in e&&"handler"in e&&typeof e.match=="function"&&typeof e.handler=="function"}function ge(e,t,n){for(let[r,o]of Object.entries(e)){let i=[...t,r];pe(o)?n.push(i.join(".")):o!==null&&typeof o=="object"&&ge(o,i,n)}}function he(e,t){if(t.length===0)return null;let[n,...r]=t,o=Object.entries(e).find(([a])=>a.toLowerCase()===n);if(!o)return null;let[i,s]=o;if(r.length===0)return pe(s)?[i]:null;if(s!==null&&typeof s=="object"&&!pe(s)){let a=he(s,r);if(a!==null)return[i,...a]}return null}function Le(e,t){let n=[];n.push(`${e}({`),n.push(" webhookHooks: {");for(let i=0;i<t.length;i++){let s=" ".repeat(i+2);n.push(`${s}${t[i]}: {`)}let r=" ".repeat(t.length+2),o=r+" ";n.push(`${r}before(ctx, args) {`),n.push(`${o}return { ctx, args };`),n.push(`${r}},`),n.push(`${r}after(ctx, response) {`),n.push(`${r}},`);for(let i=t.length-1;i>=0;i--){let s=" ".repeat(i+2);n.push(`${s}},`)}return n.push(" },"),n.push("})"),n.join(`
|
|
17
|
-
`)}var cn=new Set(Se);function N(e,t){let n=t?.type??"api",r=t?.plugin;if(r!==void 0){let i=e.find(a=>a.id===r);if(!i)return cn.has(r)?`This plugin (${r}) is not configured. Please add it to the Corsair instance to see its associated methods.`:N(e);if(n==="webhooks"){if(!i.webhooks)return[];let a=[];return ge(i.webhooks,[],a),a.map(d=>`${i.id}.webhooks.${d}`)}if(n==="db"){let a=i.schema?.entities;return a?Object.keys(a).map(d=>`${i.id}.db.${d}.search`):[]}if(!i.endpoints)return[];let s=[];return le(i.endpoints,[],s),s.map(a=>`${i.id}.api.${a}`)}let o={};if(n==="webhooks")for(let i of e){if(!i.webhooks)continue;let s=[];ge(i.webhooks,[],s),o[i.id]=s.map(a=>`${i.id}.webhooks.${a}`)}else if(n==="db")for(let i of e){let s=i.schema?.entities;s&&(o[i.id]=Object.keys(s).map(a=>`${i.id}.db.${a}.search`))}else for(let i of e){if(!i.endpoints)continue;let s=[];le(i.endpoints,[],s),o[i.id]=s.map(a=>`${i.id}.api.${a}`)}return o}function j(e,t){if(e){for(let[n,r]of Object.entries(e))if(n.toLowerCase()===t)return r}}function dn(e,t){let n=e.toLowerCase(),r=t.toLowerCase();if(!n.startsWith(`${r}.`)){let i=n.slice(t.length+1),s=i.startsWith(".")?i.slice(1):i;return s.startsWith("api.")&&(s=s.slice(4)),{shortPath:s,lookupKey:s}}let o=e.slice(t.length+1);return o.toLowerCase().startsWith("api.")&&(o=o.slice(4)),{shortPath:o,lookupKey:o.toLowerCase()}}function de(e,t){return typeof e=="string"?e:Array.isArray(e)?`${t}:
|
|
18
|
-
${e.join(", ")}`:`${t}:
|
|
19
|
-
`+Object.entries(e).map(([n,r])=>` ${n}: ${r.join(", ")}`).join(`
|
|
20
|
-
`)}function qn(e,t){let n=t.toLowerCase(),r=n.indexOf(".");if(r!==-1){let o=n.slice(0,r),i=n.slice(r+1),s=e.find(a=>a.id===o);if(s){if(i.startsWith("db.")){let l=i.slice(3),p=l.lastIndexOf(".");if(p!==-1){let h=l.slice(0,p),g=l.slice(p+1),u=s.schema?.entities;if(g==="search"&&u){let f=je(u,h);if(f){let[m,k]=f,P=ye(k),b=[`Search ${o} ${m} stored in the local database.`,"Pass limit and offset as numbers for pagination.","","filters {",` entity_id: string [${fe.join(", ")}]`];for(let[y,w]of Object.entries(P))b.push(` ${y}?: ${w.type} [${w.operators.join(", ")}]`);return b.push("}"),b.join(`
|
|
21
|
-
`)}}}return de(N(e,{type:"db"}),"Path not found. Available db operations")}if(i.startsWith("webhooks.")){let l=i.slice(9);if(s.webhooks){let p=he(s.webhooks,l.split("."));if(p!==null){let h=p.join("."),g=j(s.webhookSchemas,h.toLowerCase()),u=g?.response?R(g.response):null,f=[];return g?.description&&f.push(g.description),g?.payload&&f.push(`payload ${z(g.payload,0)}`),u&&f.push(`response: ${u}`),f.push(`usage:
|
|
22
|
-
${Le(o,p)}`),f.join(`
|
|
23
|
-
|
|
24
|
-
`)}}return de(N(e,{type:"webhooks"}),"Path not found. Available webhooks")}let a=i;a.startsWith("api.")&&(a=a.slice(4));let d=j(s.endpointMeta,a),c=j(s.endpointSchemas,a);if(d||c){let l=[],p=[d?.riskLevel?`[${d.riskLevel}]`:"",d?.irreversible?"[irreversible]":""].filter(Boolean).join(" "),h=[d?.description,p].filter(Boolean).join(" ");return h&&l.push(h),c?.input&&l.push(`input ${z(c.input,0)}`),c?.output&&l.push(`output ${z(c.output,0)}`),l.join(`
|
|
25
|
-
|
|
26
|
-
`)}}}return de(N(e),"Path not found. Available operations")}function Be(e){let t=e;for(;;){let n=D(t),r=_(n);if(r==="ZodOptional"||r==="ZodNullable"||r==="ZodDefault"){t=L(n);continue}return t}}function ue(e){if(e===void 0)return{kind:"inline",type:"unknown"};let t=Be(e),n=D(t);if(_(n)==="ZodObject"){let o=ee(t,n),i=[];for(let[s,a]of Object.entries(o)){let d=D(a),c=_(d),l=c==="ZodOptional"||c==="ZodNullable",p=Be(a),g=D(p)?.description;i.push({key:s,optional:l,type:R(p),description:g})}return{kind:"object",fields:i}}return{kind:"inline",type:R(t)}}function un(e,t){let n=N(e,{plugin:t,type:"api"});if(typeof n=="string")return{ok:!1,error:n};if(!Array.isArray(n))return{ok:!1,error:"list_operations did not return a path array \u2014 pass a configured plugin id."};let r=e.find(l=>l.id===t);if(!r)return{ok:!1,error:`Plugin "${t}" is not configured on this instance.`};let o=[];for(let l of n){let{shortPath:p,lookupKey:h}=dn(l,t),g=j(r.endpointMeta,h),u=j(r.endpointSchemas,h);!g&&!u||o.push({path:l,shortPath:p,description:g?.description,riskLevel:g?.riskLevel,irreversible:g?.irreversible,input:ue(u?.input),output:ue(u?.output)})}o.sort((l,p)=>l.path.localeCompare(p.path));let i=[],s=N(e,{plugin:t,type:"webhooks"});if(Array.isArray(s)&&r.webhooks)for(let l of s){let h=l.toLowerCase().slice(t.length+1),g=h.startsWith(".")?h.slice(1):h;if(!g.startsWith("webhooks."))continue;let u=g.slice(9),f=he(r.webhooks,u.split("."));if(f===null)continue;let m=f.join("."),k=j(r.webhookSchemas,m.toLowerCase()),P=k?.response?R(k.response):void 0;i.push({path:l,description:k?.description,payload:ue(k?.payload),responseType:P,usageExample:Le(t,f)})}i.sort((l,p)=>l.path.localeCompare(p.path));let a=[],d=N(e,{plugin:t,type:"db"}),c=r.schema?.entities;if(Array.isArray(d)&&c)for(let l of d){let h=l.toLowerCase().slice(t.length+1),g=h.startsWith(".")?h.slice(1):h;if(!g.startsWith("db."))continue;let u=g.slice(3),f=u.lastIndexOf(".");if(f===-1)continue;let m=u.slice(0,f);if(u.slice(f+1)!=="search")continue;let P=je(c,m);if(!P)continue;let[b,y]=P,w=ye(y),T=Object.entries(w).map(([I,C])=>({field:I,type:C.type,operators:C.operators}));a.push({path:l,entityName:b,filters:[{field:"entity_id",type:"string",operators:fe},...T]})}return a.sort((l,p)=>l.path.localeCompare(p.path)),{ok:!0,data:{pluginId:t,api:o,webhooks:i,db:a}}}var me=Symbol.for("corsair:internal");function Qn(e){let t=e.database?ke(e.database):void 0,n=t&&e.kek?Fe(e.plugins,t,e.kek):Y(!!t,!!e.kek),r={plugins:e.plugins,database:t,kek:e.kek,multiTenancy:!!e.multiTenancy,approval:e.approval},o=_e(t);if(e.multiTenancy)return Object.assign({withTenant:s=>{if(!s)throw new Error("corsair.withTenant(tenantId): tenantId must be a non-empty string");let a=ce(e.plugins,{database:t,tenantId:s,kek:e.kek,rootErrorHandlers:e.errorHandlers,approvalConfig:e.approval});return Object.assign(a,{[me]:r})},keys:n,permissions:o},{[me]:r});let i=ce(e.plugins,{database:t,tenantId:void 0,kek:e.kek,rootErrorHandlers:e.errorHandlers,approvalConfig:e.approval});return Object.assign({},i,{keys:n,permissions:o,[me]:r})}export{K as a,M as b,O as c,oe as d,re as e,Z as f,S as g,U as h,q as i,Q as j,X as k,Ae as l,Ee as m,Oe as n,tn as o,Me as p,Se as q,N as r,qn as s,un as t,me as u,Qn as v};
|