ppussh 0.1.0

package/dist/http.js

@@ -0,0 +1,169 @@
+"use strict";
+// ppussh/src/http.ts
+/**
+ * Shared HTTP transport layer for the PPUSSH TypeScript SDK.
+ *
+ * Responsibilities:
+ * - Owns an Axios instance per base URL.
+ * - Implements the retry policy:
+ *     5xx errors  → up to MAX_RETRIES attempts, exponential back-off (500ms, 1s, 2s).
+ *     429         → respects Retry-After header; falls back to 1s default.
+ *     4xx (≠ 429) → never retried; raised immediately.
+ *     Network errors → treated like 5xx for retry purposes.
+ * - Raises typed PpusshError subclasses; callers never see raw Axios errors.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpTransport = void 0;
+const axios_1 = __importDefault(require("axios"));
+const errors_1 = require("./errors");
+// ── Retry constants ──────────────────────────────────────────────────────────
+const MAX_RETRIES = 3;
+const BACKOFF_SCHEDULE = [500, 1000, 2000]; // ms
+const RETRY_AFTER_DEFAULT = 1000; // ms fallback for missing Retry-After
+const MAX_RATE_LIMIT_RETRIES = 2;
+const SDK_USER_AGENT = "ppussh-ts/1.0.0";
+// ── Helpers ──────────────────────────────────────────────────────────────────
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function parseRetryAfter(headers) {
+    const raw = headers["retry-after"] ?? headers["Retry-After"];
+    if (raw !== undefined) {
+        const secs = parseFloat(raw);
+        if (!isNaN(secs))
+            return secs * 1000;
+    }
+    return RETRY_AFTER_DEFAULT;
+}
+function extractDetail(body) {
+    if (typeof body === "string")
+        return body;
+    if (body && typeof body === "object") {
+        const b = body;
+        return String(b["detail"] ?? b["error"] ?? b["message"] ?? "");
+    }
+    return "";
+}
+function raiseClientError(status, body, isPayments) {
+    // ── CONSENT_REQUIRED ───────────────────────────────────────────────────────
+    if (status === 403 &&
+        body &&
+        typeof body === "object" &&
+        body["status"] === "CONSENT_REQUIRED") {
+        const b = body;
+        throw new errors_1.PpusshConsentRequired(`User has not consented to product '${b["product_name"] ?? ""}'.`, {
+            clientId: String(b["client_id"] ?? ""),
+            productName: String(b["product_name"] ?? ""),
+            productDescription: String(b["product_description"] ?? ""),
+            statusCode: 403,
+            responseBody: body,
+        });
+    }
+    // ── 401 ───────────────────────────────────────────────────────────────────
+    if (status === 401) {
+        throw new errors_1.PpusshAuthError(extractDetail(body) || "Authentication failed (HTTP 401).", {
+            statusCode: 401,
+            responseBody: body,
+        });
+    }
+    // ── Payments errors ───────────────────────────────────────────────────────
+    if (isPayments) {
+        const b = body && typeof body === "object" ? body : {};
+        throw new errors_1.PpusshPaymentError(String(b["message"] ?? `Payments error (HTTP ${status}).`), {
+            code: b["code"] ? String(b["code"]) : null,
+            statusCode: status,
+            responseBody: body,
+        });
+    }
+    // ── Generic ───────────────────────────────────────────────────────────────
+    throw new errors_1.PpusshError(extractDetail(body) || `Request failed (HTTP ${status}).`, {
+        statusCode: status,
+        responseBody: body,
+    });
+}
+// ── HttpTransport ─────────────────────────────────────────────────────────────
+class HttpTransport {
+    constructor(baseUrl) {
+        this._client = axios_1.default.create({
+            baseURL: baseUrl.replace(/\/$/, ""),
+            timeout: 30000,
+            headers: {
+                "User-Agent": SDK_USER_AGENT,
+                Accept: "application/json",
+            },
+            // Never throw on non-2xx — we handle status codes ourselves
+            validateStatus: () => true,
+        });
+    }
+    async request(method, path, options = {}) {
+        const { headers, json, form, params, isPayments = false } = options;
+        const config = {
+            method,
+            url: path,
+            params,
+            headers: { ...headers },
+        };
+        if (json !== undefined) {
+            config.data = json;
+            config.headers["Content-Type"] = "application/json";
+        }
+        else if (form !== undefined) {
+            config.data = new URLSearchParams(form).toString();
+            config.headers["Content-Type"] =
+                "application/x-www-form-urlencoded";
+        }
+        let attempt = 0;
+        let rateLimitAttempt = 0;
+        let lastError = null;
+        while (attempt < MAX_RETRIES) {
+            let response;
+            try {
+                response = await this._client.request(config);
+            }
+            catch (err) {
+                // Network / connection error
+                lastError = err;
+                attempt++;
+                if (attempt < MAX_RETRIES) {
+                    const delay = BACKOFF_SCHEDULE[Math.min(attempt - 1, BACKOFF_SCHEDULE.length - 1)] ?? 2000;
+                    await sleep(delay);
+                }
+                continue;
+            }
+            const status = response.status;
+            // ── 429 Rate limited ─────────────────────────────────────────────────
+            if (status === 429) {
+                if (rateLimitAttempt >= MAX_RATE_LIMIT_RETRIES) {
+                    throw new errors_1.PpusshNetworkError(`Rate limited on ${method} ${path} after ${rateLimitAttempt + 1} attempts.`, { statusCode: 429, responseBody: response.data });
+                }
+                const delay = parseRetryAfter(response.headers);
+                await sleep(delay);
+                rateLimitAttempt++;
+                continue; // does NOT consume from MAX_RETRIES
+            }
+            // ── 5xx Server error ─────────────────────────────────────────────────
+            if (status >= 500) {
+                attempt++;
+                if (attempt < MAX_RETRIES) {
+                    const delay = BACKOFF_SCHEDULE[Math.min(attempt - 1, BACKOFF_SCHEDULE.length - 1)] ?? 2000;
+                    await sleep(delay);
+                    continue;
+                }
+                throw new errors_1.PpusshNetworkError(`Server error ${status} on ${method} ${path} after ${MAX_RETRIES} attempts.`, { statusCode: status, responseBody: response.data });
+            }
+            // ── 4xx Client errors (not retried) ──────────────────────────────────
+            if (status >= 400) {
+                raiseClientError(status, response.data, isPayments);
+            }
+            // ── 2xx success ───────────────────────────────────────────────────────
+            return response;
+        }
+        // Fell through via network errors
+        throw new errors_1.PpusshNetworkError(`All ${MAX_RETRIES} attempts failed for ${method} ${path}.`, { cause: lastError });
+    }
+}
+exports.HttpTransport = HttpTransport;
+//# sourceMappingURL=http.js.map

package/dist/http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../src/http.ts"],"names":[],"mappings":";AAAA,qBAAqB;AACrB;;;;;;;;;;;GAWG;;;;;;AAEH,kDAKe;AACf,qCAMkB;AAElB,gFAAgF;AAChF,MAAM,WAAW,GAAG,CAAC,CAAC;AACtB,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK;AACjD,MAAM,mBAAmB,GAAG,IAAI,CAAC,CAAC,sCAAsC;AACxE,MAAM,sBAAsB,GAAG,CAAC,CAAC;AAEjC,MAAM,cAAc,GAAG,iBAAiB,CAAC;AAEzC,gFAAgF;AAEhF,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,eAAe,CAAC,OAA2C;IAClE,MAAM,GAAG,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC;IAC7D,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,GAAG,IAAI,CAAC;IACvC,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED,SAAS,aAAa,CAAC,IAAa;IAClC,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAA+B,CAAC;QAC1C,OAAO,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,gBAAgB,CACvB,MAAc,EACd,IAAa,EACb,UAAmB;IAEnB,8EAA8E;IAC9E,IACE,MAAM,KAAK,GAAG;QACd,IAAI;QACJ,OAAO,IAAI,KAAK,QAAQ;QACvB,IAAgC,CAAC,QAAQ,CAAC,KAAK,kBAAkB,EAClE,CAAC;QACD,MAAM,CAAC,GAAG,IAA+B,CAAC;QAC1C,MAAM,IAAI,8BAAqB,CAC7B,sCAAsC,CAAC,CAAC,cAAc,CAAC,IAAI,EAAE,IAAI,EACjE;YACE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACtC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;YAC5C,kBAAkB,EAAE,MAAM,CAAC,CAAC,CAAC,qBAAqB,CAAC,IAAI,EAAE,CAAC;YAC1D,UAAU,EAAE,GAAG;YACf,YAAY,EAAE,IAAI;SACnB,CACF,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,MAAM,IAAI,wBAAe,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,mCAAmC,EAAE;YACpF,UAAU,EAAE,GAAG;YACf,YAAY,EAAE,IAAI;SACnB,CAAC,CAAC;IACL,CAAC;IAED,6EAA6E;IAC7E,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,CAAC,GAAG,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAE,IAAgC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpF,MAAM,IAAI,2BAAkB,CAC1B,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,wBAAwB,MAAM,IAAI,CAAC,EAC1D;YACE,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;YAC1C,UAAU,EAAE,MAAM;YAClB,YAAY,EAAE,IAAI;SACnB,CACF,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,MAAM,IAAI,oBAAW,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,wBAAwB,MAAM,IAAI,EAAE;QAC/E,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,IAAI;KACnB,CAAC,CAAC;AACL,CAAC;AAgBD,iFAAiF;AAEjF,MAAa,aAAa;IAGxB,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,eAAK,CAAC,MAAM,CAAC;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;YACnC,OAAO,EAAE,KAAM;YACf,OAAO,EAAE;gBACP,YAAY,EAAE,cAAc;gBAC5B,MAAM,EAAE,kBAAkB;aAC3B;YACD,4DAA4D;YAC5D,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI;SAC3B,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CACX,MAAc,EACd,IAAY,EACZ,UAA0B,EAAE;QAE5B,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;QAEpE,MAAM,MAAM,GAAuB;YACjC,MAAM;YACN,GAAG,EAAE,IAAI;YACT,MAAM;YACN,OAAO,EAAE,EAAE,GAAG,OAAO,EAAE;SACxB,CAAC;QAEF,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC;YAClB,MAAM,CAAC,OAAkC,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;QAClF,CAAC;aAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,CAAC,IAAI,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;YAClD,MAAM,CAAC,OAAkC,CAAC,cAAc,CAAC;gBACxD,mCAAmC,CAAC;QACxC,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,IAAI,gBAAgB,GAAG,CAAC,CAAC;QACzB,IAAI,SAAS,GAAY,IAAI,CAAC;QAE9B,OAAO,OAAO,GAAG,WAAW,EAAE,CAAC;YAC7B,IAAI,QAAuB,CAAC;YAE5B,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAChD,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,6BAA6B;gBAC7B,SAAS,GAAG,GAAG,CAAC;gBAChB,OAAO,EAAE,CAAC;gBACV,IAAI,OAAO,GAAG,WAAW,EAAE,CAAC;oBAC1B,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;oBAC3F,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;gBACrB,CAAC;gBACD,SAAS;YACX,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;YAE/B,wEAAwE;YACxE,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;gBACnB,IAAI,gBAAgB,IAAI,sBAAsB,EAAE,CAAC;oBAC/C,MAAM,IAAI,2BAAkB,CAC1B,mBAAmB,MAAM,IAAI,IAAI,UAAU,gBAAgB,GAAG,CAAC,YAAY,EAC3E,EAAE,UAAU,EAAE,GAAG,EAAE,YAAY,EAAE,QAAQ,CAAC,IAAI,EAAE,CACjD,CAAC;gBACJ,CAAC;gBACD,MAAM,KAAK,GAAG,eAAe,CAC3B,QAAQ,CAAC,OAA6C,CACvD,CAAC;gBACF,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;gBACnB,gBAAgB,EAAE,CAAC;gBACnB,SAAS,CAAC,oCAAoC;YAChD,CAAC;YAED,wEAAwE;YACxE,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;gBAClB,OAAO,EAAE,CAAC;gBACV,IAAI,OAAO,GAAG,WAAW,EAAE,CAAC;oBAC1B,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;oBAC3F,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;oBACnB,SAAS;gBACX,CAAC;gBACD,MAAM,IAAI,2BAAkB,CAC1B,gBAAgB,MAAM,OAAO,MAAM,IAAI,IAAI,UAAU,WAAW,YAAY,EAC5E,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,QAAQ,CAAC,IAAI,EAAE,CACpD,CAAC;YACJ,CAAC;YAED,wEAAwE;YACxE,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;gBAClB,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;YACtD,CAAC;YAED,yEAAyE;YACzE,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,kCAAkC;QAClC,MAAM,IAAI,2BAAkB,CAC1B,OAAO,WAAW,wBAAwB,MAAM,IAAI,IAAI,GAAG,EAC3D,EAAE,KAAK,EAAE,SAAS,EAAE,CACrB,CAAC;IACJ,CAAC;CACF;AA1GD,sCA0GC"}

package/dist/index.d.ts

@@ -0,0 +1,47 @@
+/**
+ * PPUSSH TypeScript SDK — public API surface.
+ *
+ * Quick start:
+ *
+ *   import { PpusshClient } from "ppussh";
+ *
+ *   const client = new PpusshClient({
+ *     clientId: "your-client-id",
+ *     clientSecret: "your-client-secret",
+ *     paymentsAdminKey: "your-payments-admin-key", // optional
+ *   });
+ *
+ *   // Build the login redirect URL
+ *   const loginUrl = client.accounts.buildLoginUrl(redirectUri, state);
+ *
+ *   // OIDC callback
+ *   const token = await client.accounts.exchangeCode(code, redirectUri);
+ *
+ *   // Middleware token check
+ *   const result = await client.accounts.verifyToken(bearer);
+ *
+ *   // Billing
+ *   const customer = await client.payments.createCustomer(token.user.id);
+ *
+ * All errors are subclasses of PpusshError:
+ *
+ *   import { PpusshError, PpusshAuthError, PpusshConsentRequired } from "ppussh";
+ *
+ * Webhook signature verification:
+ *
+ *   import { verifyWebhook, WebhookEvent } from "ppussh";
+ *
+ *   if (!verifyWebhook(rawBody, signatureHeader, clientSecret)) {
+ *     return res.status(401).send("Invalid signature");
+ *   }
+ *   const event: WebhookEvent = JSON.parse(rawBody);
+ */
+export { PpusshClient } from "./client";
+export type { PpusshClientOptions } from "./client";
+export { PpusshAuthError, PpusshConsentRequired, PpusshError, PpusshNetworkError, PpusshPaymentError, } from "./errors";
+export type { EntitlementResponse, LogoutResult, SessionResponse, TokenResponse, UserInToken, UserProfile, VerifyTokenResult, } from "./accounts/types";
+export { effectiveAccessToken } from "./accounts/types";
+export type { CustomerCreateRequest, CustomerResponse, MRRByPlan, MRRByProduct, MRRResponse, PaymentProductResponse, PlanResponse, SubscriptionCancelRequest, SubscriptionCreateRequest, SubscriptionListResponse, SubscriptionResponse, SubscriptionStatus, } from "./payments/types";
+export { verifyWebhook } from "./webhooks";
+export type { WebhookEvent, WebhookEventType } from "./webhooks";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,YAAY,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAGpD,OAAO,EACL,eAAe,EACf,qBAAqB,EACrB,WAAW,EACX,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,UAAU,CAAC;AAGlB,YAAY,EACV,mBAAmB,EACnB,YAAY,EACZ,eAAe,EACf,aAAa,EACb,WAAW,EACX,WAAW,EACX,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAGxD,YAAY,EACV,qBAAqB,EACrB,gBAAgB,EAChB,SAAS,EACT,YAAY,EACZ,WAAW,EACX,sBAAsB,EACtB,YAAY,EACZ,yBAAyB,EACzB,yBAAyB,EACzB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,YAAY,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC"}

package/dist/index.js

@@ -0,0 +1,58 @@
+"use strict";
+// ppussh/src/index.ts
+/**
+ * PPUSSH TypeScript SDK — public API surface.
+ *
+ * Quick start:
+ *
+ *   import { PpusshClient } from "ppussh";
+ *
+ *   const client = new PpusshClient({
+ *     clientId: "your-client-id",
+ *     clientSecret: "your-client-secret",
+ *     paymentsAdminKey: "your-payments-admin-key", // optional
+ *   });
+ *
+ *   // Build the login redirect URL
+ *   const loginUrl = client.accounts.buildLoginUrl(redirectUri, state);
+ *
+ *   // OIDC callback
+ *   const token = await client.accounts.exchangeCode(code, redirectUri);
+ *
+ *   // Middleware token check
+ *   const result = await client.accounts.verifyToken(bearer);
+ *
+ *   // Billing
+ *   const customer = await client.payments.createCustomer(token.user.id);
+ *
+ * All errors are subclasses of PpusshError:
+ *
+ *   import { PpusshError, PpusshAuthError, PpusshConsentRequired } from "ppussh";
+ *
+ * Webhook signature verification:
+ *
+ *   import { verifyWebhook, WebhookEvent } from "ppussh";
+ *
+ *   if (!verifyWebhook(rawBody, signatureHeader, clientSecret)) {
+ *     return res.status(401).send("Invalid signature");
+ *   }
+ *   const event: WebhookEvent = JSON.parse(rawBody);
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyWebhook = exports.effectiveAccessToken = exports.PpusshPaymentError = exports.PpusshNetworkError = exports.PpusshError = exports.PpusshConsentRequired = exports.PpusshAuthError = exports.PpusshClient = void 0;
+// ── Client ───────────────────────────────────────────────────────────────────
+var client_1 = require("./client");
+Object.defineProperty(exports, "PpusshClient", { enumerable: true, get: function () { return client_1.PpusshClient; } });
+// ── Errors ───────────────────────────────────────────────────────────────────
+var errors_1 = require("./errors");
+Object.defineProperty(exports, "PpusshAuthError", { enumerable: true, get: function () { return errors_1.PpusshAuthError; } });
+Object.defineProperty(exports, "PpusshConsentRequired", { enumerable: true, get: function () { return errors_1.PpusshConsentRequired; } });
+Object.defineProperty(exports, "PpusshError", { enumerable: true, get: function () { return errors_1.PpusshError; } });
+Object.defineProperty(exports, "PpusshNetworkError", { enumerable: true, get: function () { return errors_1.PpusshNetworkError; } });
+Object.defineProperty(exports, "PpusshPaymentError", { enumerable: true, get: function () { return errors_1.PpusshPaymentError; } });
+var types_1 = require("./accounts/types");
+Object.defineProperty(exports, "effectiveAccessToken", { enumerable: true, get: function () { return types_1.effectiveAccessToken; } });
+// ── Webhooks ──────────────────────────────────────────────────────────────────
+var webhooks_1 = require("./webhooks");
+Object.defineProperty(exports, "verifyWebhook", { enumerable: true, get: function () { return webhooks_1.verifyWebhook; } });
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA,sBAAsB;AACtB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;;;AAEH,gFAAgF;AAChF,mCAAwC;AAA/B,sGAAA,YAAY,OAAA;AAGrB,gFAAgF;AAChF,mCAMkB;AALhB,yGAAA,eAAe,OAAA;AACf,+GAAA,qBAAqB,OAAA;AACrB,qGAAA,WAAW,OAAA;AACX,4GAAA,kBAAkB,OAAA;AAClB,4GAAA,kBAAkB,OAAA;AAapB,0CAAwD;AAA/C,6GAAA,oBAAoB,OAAA;AAkB7B,iFAAiF;AACjF,uCAA2C;AAAlC,yGAAA,aAAa,OAAA"}

package/dist/payments/index.d.ts

@@ -0,0 +1,3 @@
+export type { CustomerCreateRequest, CustomerResponse, MRRByPlan, MRRByProduct, MRRResponse, PaymentProductResponse, PlanResponse, SubscriptionCancelRequest, SubscriptionCreateRequest, SubscriptionListResponse, SubscriptionResponse, SubscriptionStatus, } from "./types";
+export { PaymentsNamespace } from "./namespace";
+//# sourceMappingURL=index.d.ts.map

package/dist/payments/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/payments/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,qBAAqB,EACrB,gBAAgB,EAChB,SAAS,EACT,YAAY,EACZ,WAAW,EACX,sBAAsB,EACtB,YAAY,EACZ,yBAAyB,EACzB,yBAAyB,EACzB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC"}

package/dist/payments/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PaymentsNamespace = void 0;
+var namespace_1 = require("./namespace");
+Object.defineProperty(exports, "PaymentsNamespace", { enumerable: true, get: function () { return namespace_1.PaymentsNamespace; } });
+//# sourceMappingURL=index.js.map

package/dist/payments/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/payments/index.ts"],"names":[],"mappings":";;;AAeA,yCAAgD;AAAvC,8GAAA,iBAAiB,OAAA"}

package/dist/payments/namespace.d.ts

@@ -0,0 +1,146 @@
+/**
+ * PaymentsNamespace — customer, subscription, and plan operations.
+ *
+ * Auth model:
+ * - Customer + subscription endpoints (POST /customers, POST /subscriptions, etc.)
+ *   are unauthenticated at the HTTP level — the Payments service validates the
+ *   owner_user_id against Accounts internally.
+ * - Admin endpoints (listPlans, getMrr) require the payments ADMIN_API_KEY
+ *   sent as the `X-Admin-Key` header. Set once at PpusshClient construction
+ *   time via `paymentsAdminKey`.
+ *
+ * Idempotency:
+ * - createSubscription() requires a caller-supplied idempotencyKey.
+ *   Retry with the *same* key after a 502 — the server guarantees exactly-once creation.
+ * - createCustomer() is idempotent on (owner_user_id, workspace_id) — no key needed.
+ */
+import { HttpTransport } from "../http";
+import { CustomerResponse, MRRResponse, PaymentProductResponse, PlanResponse, SubscriptionListResponse, SubscriptionResponse } from "./types";
+export declare class PaymentsNamespace {
+    private readonly _http;
+    private readonly _adminKey;
+    constructor(transport: HttpTransport, options?: {
+        adminKey?: string | null;
+    });
+    /**
+     * Create (or retrieve) a Payments customer for a PPUSSH user.
+     *
+     * Idempotent on (owner_user_id, workspace_id) — if a customer already exists
+     * for that pair, the existing record is returned without creating a duplicate.
+     *
+     * @param ownerUserId   UUID string of the Accounts user (from TokenResponse.user.id).
+     * @param workspaceId   UUID string of the workspace, or null for a personal account.
+     * @param billingEmail  Optional billing email — falls back to the user's account email.
+     * @param metadata      Arbitrary key/value pairs stored alongside the customer record.
+     * @throws PpusshPaymentError  code="accounts_user_not_found" if ownerUserId doesn't exist.
+     */
+    createCustomer(ownerUserId: string, options?: {
+        workspaceId?: string | null;
+        billingEmail?: string | null;
+        metadata?: Record<string, unknown> | null;
+    }): Promise<CustomerResponse>;
+    /**
+     * Retrieve a Payments customer by their Payments UUID.
+     *
+     * @throws PpusshPaymentError  code="customer_not_found" on 404.
+     */
+    getCustomer(customerId: string): Promise<CustomerResponse>;
+    /**
+     * Create a subscription for a customer on a billing plan.
+     *
+     * The idempotencyKey guarantees exactly-once creation. On a provider error (502),
+     * retry with the **same key** — this is safe.
+     *
+     * @param customerId          UUID from createCustomer().
+     * @param paymentProductId    UUID of the PaymentProduct (from the admin console).
+     * @param planKey             Plan identifier, e.g. "pro" or "enterprise".
+     * @param idempotencyKey      Unique string per subscription attempt (use UUID v4).
+     * @param provider            "paddle" | "dodo" | null (uses plan default).
+     * @param metadata            Arbitrary key/value pairs.
+     * @throws PpusshPaymentError  Various codes; see error.code for specifics.
+     */
+    createSubscription(options: {
+        customerId: string;
+        paymentProductId: string;
+        planKey: string;
+        idempotencyKey: string;
+        provider?: string | null;
+        metadata?: Record<string, unknown> | null;
+    }): Promise<SubscriptionResponse>;
+    /**
+     * List subscriptions for a customer, with optional status filter.
+     *
+     * @param customerId  UUID string.
+     * @param status      Filter by status: "active", "cancelled", "trialing", etc.
+     * @param page        1-indexed page number (default 1).
+     * @param pageSize    Number of results per page, max 100 (default 20).
+     */
+    listSubscriptions(customerId: string, options?: {
+        status?: string;
+        page?: number;
+        pageSize?: number;
+    }): Promise<SubscriptionListResponse>;
+    /**
+     * Retrieve a single subscription by its Payments UUID.
+     *
+     * @throws PpusshPaymentError  code="subscription_not_found" on 404.
+     */
+    getSubscription(subscriptionId: string): Promise<SubscriptionResponse>;
+    /**
+     * Cancel a subscription.
+     *
+     * Idempotent — cancelling an already-cancelled subscription returns the
+     * existing record without error.
+     *
+     * @param subscriptionId      UUID string.
+     * @param cancelImmediately   If true, cancel at once.
+     *                            If false (default), cancel at end of current billing period.
+     */
+    cancelSubscription(subscriptionId: string, options?: {
+        cancelImmediately?: boolean;
+    }): Promise<SubscriptionResponse>;
+    /**
+     * List all billing plans for a Payments product.
+     *
+     * Requires the `paymentsAdminKey` set on PpusshClient construction.
+     * Plans with status "archived" are included — filter client-side if needed.
+     *
+     * @param paymentProductId  UUID string of the PaymentProduct.
+     * @throws PpusshPaymentError  code="product_not_found" on 404.
+     * @throws Error               If no paymentsAdminKey was provided at construction.
+     */
+    listPlans(paymentProductId: string): Promise<PlanResponse[]>;
+    /**
+     * Look up a Payments product by its Accounts product ID.
+     *
+     * Returns null if the product has not yet been registered in Payments
+     * (HTTP 404 is treated as a non-exceptional "not registered yet" state).
+     *
+     * @throws Error  If no paymentsAdminKey was provided at construction.
+     */
+    getProductByAccountsId(accountsProductId: string): Promise<PaymentProductResponse | null>;
+    /**
+     * Fetch Monthly Recurring Revenue breakdown.
+     *
+     * Requires `paymentsAdminKey`.
+     *
+     * @param productId   Filter to a specific product UUID (optional).
+     * @param startDate   ISO date string e.g. "2025-01-01" (optional).
+     * @param endDate     ISO date string e.g. "2025-12-31" (optional).
+     */
+    getMrr(options?: {
+        productId?: string;
+        startDate?: string;
+        endDate?: string;
+    }): Promise<MRRResponse>;
+    /**
+     * Generate a hosted billing portal URL for a customer.
+     *
+     * @throws Error  This feature is not yet implemented in the Payments backend.
+     */
+    getBillingPortal(_customerId: string, _options?: {
+        returnUrl?: string;
+    }): Promise<string>;
+    private _requireAdminKey;
+}
+//# sourceMappingURL=namespace.d.ts.map

package/dist/payments/namespace.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"namespace.d.ts","sourceRoot":"","sources":["../../src/payments/namespace.ts"],"names":[],"mappings":"AACA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAEL,gBAAgB,EAChB,WAAW,EACX,sBAAsB,EACtB,YAAY,EACZ,wBAAwB,EACxB,oBAAoB,EACrB,MAAM,SAAS,CAAC;AAEjB,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAgB;IACtC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgB;gBAE9B,SAAS,EAAE,aAAa,EAAE,OAAO,GAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KAAO;IAOhF;;;;;;;;;;;OAWG;IACG,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QACP,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC5B,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;KACtC,GACL,OAAO,CAAC,gBAAgB,CAAC;IAc5B;;;;OAIG;IACG,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAShE;;;;;;;;;;;;;OAaG;IACG,kBAAkB,CAAC,OAAO,EAAE;QAChC,UAAU,EAAE,MAAM,CAAC;QACnB,gBAAgB,EAAE,MAAM,CAAC;QACzB,OAAO,EAAE,MAAM,CAAC;QAChB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;KAC3C,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAejC;;;;;;;OAOG;IACG,iBAAiB,CACrB,UAAU,EAAE,MAAM,EAClB,OAAO,GAAE;QACP,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;KACd,GACL,OAAO,CAAC,wBAAwB,CAAC;IAepC;;;;OAIG;IACG,eAAe,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAS5E;;;;;;;;;OASG;IACG,kBAAkB,CACtB,cAAc,EAAE,MAAM,EACtB,OAAO,GAAE;QAAE,iBAAiB,CAAC,EAAE,OAAO,CAAA;KAAO,GAC5C,OAAO,CAAC,oBAAoB,CAAC;IAchC;;;;;;;;;OASG;IACG,SAAS,CAAC,gBAAgB,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAalE;;;;;;;OAOG;IACG,sBAAsB,CAC1B,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC;IAsBzC;;;;;;;;OAQG;IACG,MAAM,CAAC,OAAO,GAAE;QACpB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,OAAO,CAAC,EAAE,MAAM,CAAC;KACb,GAAG,OAAO,CAAC,WAAW,CAAC;IAiB7B;;;;OAIG;IACG,gBAAgB,CACpB,WAAW,EAAE,MAAM,EACnB,QAAQ,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACpC,OAAO,CAAC,MAAM,CAAC;IASlB,OAAO,CAAC,gBAAgB;CAQzB"}