npm - mindcache - Versions diffs - 3.4.4 → 3.5.0 - Mend

mindcache 3.4.4 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/{CloudAdapter-DOvDQswy.d.mts → CloudAdapter-CM7nyJaG.d.mts} +16 -2
package/dist/{CloudAdapter-DOvDQswy.d.ts → CloudAdapter-CM7nyJaG.d.ts} +16 -2
package/dist/cloud/index.d.mts +2 -2
package/dist/cloud/index.d.ts +2 -2
package/dist/cloud/index.js.map +1 -1
package/dist/cloud/index.mjs.map +1 -1
package/dist/index.d.mts +125 -3
package/dist/index.d.ts +125 -3
package/dist/index.js +321 -0
package/dist/index.js.map +1 -1
package/dist/index.mjs +320 -1
package/dist/index.mjs.map +1 -1
package/dist/server.d.mts +2 -2
package/dist/server.d.ts +2 -2
package/dist/server.js.map +1 -1
package/dist/server.mjs.map +1 -1
package/package.json +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -2617,6 +2617,325 @@ var MindCache = class {
 init_CloudAdapter();
 init_CloudAdapter();
+// src/cloud/OAuthClient.ts
+var DEFAULT_AUTH_URL = "https://api.mindcache.dev/oauth/authorize";
+var DEFAULT_TOKEN_URL = "https://api.mindcache.dev/oauth/token";
+var DEFAULT_USERINFO_URL = "https://api.mindcache.dev/oauth/userinfo";
+var TOKEN_REFRESH_BUFFER = 5 * 60 * 1e3;
+function generateRandomString(length2) {
+  const array = new Uint8Array(length2);
+  crypto.getRandomValues(array);
+  return Array.from(array).map((b) => b.toString(16).padStart(2, "0")).join("").slice(0, length2);
+}
+function base64UrlEncode(buffer) {
+  const bytes = new Uint8Array(buffer);
+  let binary = "";
+  for (let i = 0; i < bytes.length; i++) {
+    binary += String.fromCharCode(bytes[i]);
+  }
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+}
+function generateCodeVerifier() {
+  return generateRandomString(64);
+}
+async function generateCodeChallenge(verifier) {
+  const encoder = new TextEncoder();
+  const data = encoder.encode(verifier);
+  const hash = await crypto.subtle.digest("SHA-256", data);
+  return base64UrlEncode(hash);
+}
+var OAuthClient = class {
+  config;
+  tokens = null;
+  refreshPromise = null;
+  constructor(config) {
+    let redirectUri = config.redirectUri;
+    if (!redirectUri && typeof window !== "undefined") {
+      const url = new URL(window.location.href);
+      url.search = "";
+      url.hash = "";
+      redirectUri = url.toString();
+    }
+    this.config = {
+      clientId: config.clientId,
+      redirectUri: redirectUri || "",
+      scopes: config.scopes || ["read", "write"],
+      authUrl: config.authUrl || DEFAULT_AUTH_URL,
+      tokenUrl: config.tokenUrl || DEFAULT_TOKEN_URL,
+      usePKCE: config.usePKCE !== false,
+      // Default true
+      storagePrefix: config.storagePrefix || "mindcache_oauth"
+    };
+    this.loadTokens();
+  }
+  /**
+     * Check if user is authenticated
+     */
+  isAuthenticated() {
+    return this.tokens !== null && this.tokens.expiresAt > Date.now();
+  }
+  /**
+     * Get stored tokens (if any)
+     */
+  getTokens() {
+    return this.tokens;
+  }
+  /**
+     * Get instance ID for this user+app
+     */
+  getInstanceId() {
+    return this.tokens?.instanceId || null;
+  }
+  /**
+     * Start OAuth authorization flow
+     * Redirects to MindCache authorization page
+     */
+  async authorize(options) {
+    const state = options?.state || generateRandomString(32);
+    this.setStorage("state", state);
+    const url = new URL(this.config.authUrl);
+    url.searchParams.set("response_type", "code");
+    url.searchParams.set("client_id", this.config.clientId);
+    url.searchParams.set("redirect_uri", this.config.redirectUri);
+    url.searchParams.set("scope", this.config.scopes.join(" "));
+    url.searchParams.set("state", state);
+    if (this.config.usePKCE) {
+      const codeVerifier = generateCodeVerifier();
+      const codeChallenge = await generateCodeChallenge(codeVerifier);
+      this.setStorage("code_verifier", codeVerifier);
+      url.searchParams.set("code_challenge", codeChallenge);
+      url.searchParams.set("code_challenge_method", "S256");
+    }
+    if (options?.popup) {
+      const popup = window.open(url.toString(), "mindcache_oauth", "width=500,height=600");
+      if (!popup) {
+        throw new Error("Popup blocked. Please allow popups for this site.");
+      }
+    } else {
+      window.location.href = url.toString();
+    }
+  }
+  /**
+     * Handle OAuth callback
+     * Call this on your redirect URI page
+     *
+     * @returns Tokens if successful
+     */
+  async handleCallback() {
+    if (typeof window === "undefined") {
+      throw new Error("handleCallback must be called in browser");
+    }
+    const url = new URL(window.location.href);
+    const code = url.searchParams.get("code");
+    const state = url.searchParams.get("state");
+    const error = url.searchParams.get("error");
+    const errorDescription = url.searchParams.get("error_description");
+    if (error) {
+      this.clearStorage();
+      throw new Error(errorDescription || error);
+    }
+    const storedState = this.getStorage("state");
+    if (!state || state !== storedState) {
+      this.clearStorage();
+      throw new Error("Invalid state parameter");
+    }
+    if (!code) {
+      this.clearStorage();
+      throw new Error("No authorization code received");
+    }
+    const body = {
+      grant_type: "authorization_code",
+      code,
+      client_id: this.config.clientId,
+      redirect_uri: this.config.redirectUri
+    };
+    if (this.config.usePKCE) {
+      const codeVerifier = this.getStorage("code_verifier");
+      if (!codeVerifier) {
+        throw new Error("Missing code verifier");
+      }
+      body.code_verifier = codeVerifier;
+    }
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+      const data2 = await response.json().catch(() => ({}));
+      throw new Error(data2.error_description || data2.error || "Token exchange failed");
+    }
+    const data = await response.json();
+    this.tokens = {
+      accessToken: data.access_token,
+      refreshToken: data.refresh_token,
+      expiresAt: Date.now() + data.expires_in * 1e3,
+      scopes: data.scope?.split(" ") || this.config.scopes,
+      instanceId: data.instance_id
+    };
+    this.saveTokens();
+    url.searchParams.delete("code");
+    url.searchParams.delete("state");
+    window.history.replaceState({}, "", url.toString());
+    this.removeStorage("state");
+    this.removeStorage("code_verifier");
+    return this.tokens;
+  }
+  /**
+     * Get a valid access token
+     * Automatically refreshes if needed
+     */
+  async getAccessToken() {
+    if (!this.tokens) {
+      throw new Error("Not authenticated. Call authorize() first.");
+    }
+    const needsRefresh = this.tokens.expiresAt - Date.now() < TOKEN_REFRESH_BUFFER;
+    if (needsRefresh && this.tokens.refreshToken) {
+      if (!this.refreshPromise) {
+        this.refreshPromise = this.refreshTokens();
+      }
+      return this.refreshPromise;
+    }
+    return this.tokens.accessToken;
+  }
+  /**
+     * Refresh access token
+     */
+  async refreshTokens() {
+    if (!this.tokens?.refreshToken) {
+      throw new Error("No refresh token available");
+    }
+    try {
+      const response = await fetch(this.config.tokenUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify({
+          grant_type: "refresh_token",
+          refresh_token: this.tokens.refreshToken,
+          client_id: this.config.clientId
+        })
+      });
+      if (!response.ok) {
+        this.clearAuth();
+        throw new Error("Session expired. Please sign in again.");
+      }
+      const data = await response.json();
+      this.tokens = {
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token || this.tokens.refreshToken,
+        expiresAt: Date.now() + data.expires_in * 1e3,
+        scopes: data.scope?.split(" ") || this.tokens.scopes,
+        instanceId: data.instance_id || this.tokens.instanceId
+      };
+      this.saveTokens();
+      return this.tokens.accessToken;
+    } finally {
+      this.refreshPromise = null;
+    }
+  }
+  /**
+     * Get user info from MindCache
+     */
+  async getUserInfo() {
+    const token = await this.getAccessToken();
+    const response = await fetch(DEFAULT_USERINFO_URL, {
+      headers: {
+        Authorization: `Bearer ${token}`
+      }
+    });
+    if (!response.ok) {
+      throw new Error("Failed to get user info");
+    }
+    const data = await response.json();
+    return {
+      id: data.sub,
+      email: data.email,
+      name: data.name,
+      instanceId: data.instance_id
+    };
+  }
+  /**
+     * Logout - revoke tokens and clear storage
+     */
+  async logout() {
+    if (this.tokens?.accessToken) {
+      try {
+        await fetch(this.config.tokenUrl.replace("/token", "/revoke"), {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json"
+          },
+          body: JSON.stringify({
+            token: this.tokens.accessToken
+          })
+        });
+      } catch {
+      }
+    }
+    this.clearAuth();
+  }
+  /**
+     * Clear authentication state
+     */
+  clearAuth() {
+    this.tokens = null;
+    this.removeStorage("tokens");
+  }
+  /**
+     * Token provider function for MindCache cloud config
+     * Use this with MindCacheCloudOptions.tokenProvider
+     */
+  tokenProvider = async () => {
+    return this.getAccessToken();
+  };
+  // Storage helpers
+  getStorage(key) {
+    if (typeof localStorage === "undefined") {
+      return null;
+    }
+    return localStorage.getItem(`${this.config.storagePrefix}_${key}`);
+  }
+  setStorage(key, value) {
+    if (typeof localStorage === "undefined") {
+      return;
+    }
+    localStorage.setItem(`${this.config.storagePrefix}_${key}`, value);
+  }
+  removeStorage(key) {
+    if (typeof localStorage === "undefined") {
+      return;
+    }
+    localStorage.removeItem(`${this.config.storagePrefix}_${key}`);
+  }
+  clearStorage() {
+    this.removeStorage("state");
+    this.removeStorage("code_verifier");
+    this.removeStorage("tokens");
+  }
+  loadTokens() {
+    const stored = this.getStorage("tokens");
+    if (stored) {
+      try {
+        this.tokens = JSON.parse(stored);
+      } catch {
+        this.tokens = null;
+      }
+    }
+  }
+  saveTokens() {
+    if (this.tokens) {
+      this.setStorage("tokens", JSON.stringify(this.tokens));
+    }
+  }
+};
+function createOAuthClient(config) {
+  return new OAuthClient(config);
+}
 // src/local/index.ts
 init_IndexedDBAdapter();
 function useMindCache(options) {
@@ -2657,6 +2976,6 @@ function useMindCache(options) {
 // src/index.ts
 var mindcache = new MindCache();
-export { CloudAdapter, DEFAULT_KEY_ATTRIBUTES, IndexedDBAdapter, MindCache, SystemTagHelpers, mindcache, useMindCache };
+export { CloudAdapter, DEFAULT_KEY_ATTRIBUTES, IndexedDBAdapter, MindCache, OAuthClient, SystemTagHelpers, createOAuthClient, mindcache, useMindCache };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map