khotan-data 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +32 -20
- package/dist/cli.js +51 -0
- package/dist/factory.cjs +8 -1
- package/dist/factory.cjs.map +1 -1
- package/dist/factory.d.cts +9 -1
- package/dist/factory.d.ts +9 -1
- package/dist/factory.js +8 -1
- package/dist/factory.js.map +1 -1
- package/dist/templates/catch.example.ts +25 -17
- package/dist/templates/catch.ts +20 -15
- package/dist/templates/hub.tsx +96 -13
- package/dist/templates/inflow.example.ts +46 -38
- package/dist/templates/inflow.ts +37 -31
- package/dist/templates/khotan-config.ts +11 -0
- package/dist/templates/outflow.example.ts +39 -31
- package/dist/templates/outflow.ts +28 -23
- package/dist/templates/pass.example.ts +38 -30
- package/dist/templates/pass.ts +29 -24
- package/dist/templates/relay.example.ts +52 -44
- package/dist/templates/relay.ts +38 -33
- package/dist/templates/skill-dashboard.md +2 -1
- package/dist/templates/skill-setup.md +77 -1
- package/dist/templates/skill-webhook.md +45 -23
- package/package.json +1 -1
package/dist/factory.d.cts
CHANGED
|
@@ -572,7 +572,15 @@ interface KhotanAdapter {
|
|
|
572
572
|
* }
|
|
573
573
|
* ```
|
|
574
574
|
*
|
|
575
|
-
* Throwing is treated the same as returning `false`.
|
|
575
|
+
* Throwing is treated the same as returning `false`. A rejected request gets a
|
|
576
|
+
* `401` whose JSON body includes `code: "authorize_rejected"` and a `hint`
|
|
577
|
+
* describing the auth model (useful for programmatic callers).
|
|
578
|
+
*
|
|
579
|
+
* NOTE: `KHOTAN_SECRET` is an encryption key, NOT an HTTP credential. Sending it
|
|
580
|
+
* as a `Bearer` token does not authenticate a request — only `authorize` (and
|
|
581
|
+
* the dev-only `KhotanCLI` HMAC token used by the local CLI) can. To trigger a
|
|
582
|
+
* flow from outside the app, either call `khotanData.flow(name).start()` from
|
|
583
|
+
* server code, or send a credential your `authorize` hook accepts.
|
|
576
584
|
*
|
|
577
585
|
* The following routes are intentionally exempt and are NOT passed to
|
|
578
586
|
* `authorize` (they have their own protection):
|
package/dist/factory.d.ts
CHANGED
|
@@ -572,7 +572,15 @@ interface KhotanAdapter {
|
|
|
572
572
|
* }
|
|
573
573
|
* ```
|
|
574
574
|
*
|
|
575
|
-
* Throwing is treated the same as returning `false`.
|
|
575
|
+
* Throwing is treated the same as returning `false`. A rejected request gets a
|
|
576
|
+
* `401` whose JSON body includes `code: "authorize_rejected"` and a `hint`
|
|
577
|
+
* describing the auth model (useful for programmatic callers).
|
|
578
|
+
*
|
|
579
|
+
* NOTE: `KHOTAN_SECRET` is an encryption key, NOT an HTTP credential. Sending it
|
|
580
|
+
* as a `Bearer` token does not authenticate a request — only `authorize` (and
|
|
581
|
+
* the dev-only `KhotanCLI` HMAC token used by the local CLI) can. To trigger a
|
|
582
|
+
* flow from outside the app, either call `khotanData.flow(name).start()` from
|
|
583
|
+
* server code, or send a credential your `authorize` hook accepts.
|
|
576
584
|
*
|
|
577
585
|
* The following routes are intentionally exempt and are NOT passed to
|
|
578
586
|
* `authorize` (they have their own protection):
|
package/dist/factory.js
CHANGED
|
@@ -2299,7 +2299,14 @@ function khotan(config) {
|
|
|
2299
2299
|
}
|
|
2300
2300
|
}
|
|
2301
2301
|
if (!allowed) {
|
|
2302
|
-
return Response.json(
|
|
2302
|
+
return Response.json(
|
|
2303
|
+
{
|
|
2304
|
+
error: "Unauthorized",
|
|
2305
|
+
code: "authorize_rejected",
|
|
2306
|
+
hint: "Management routes (/api/khotan/*) require your `authorize` hook to pass. KHOTAN_SECRET is an encryption key, not an HTTP credential \u2014 sending it as a Bearer token will not authenticate the request. To trigger a flow: call khotanData.flow(name).start() from server code (no HTTP/auth needed), or send a credential your authorize hook accepts (e.g. a session cookie or your own token). The khotan CLI authenticates automatically via a dev-only token derived from KHOTAN_SECRET."
|
|
2307
|
+
},
|
|
2308
|
+
{ status: 401 }
|
|
2309
|
+
);
|
|
2303
2310
|
}
|
|
2304
2311
|
}
|
|
2305
2312
|
const limit = Math.min(
|