run402-mcp 2.30.0 → 2.31.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/core/dist/operator-session.d.ts +80 -0
- package/core/dist/operator-session.d.ts.map +1 -0
- package/core/dist/operator-session.js +154 -0
- package/core/dist/operator-session.js.map +1 -0
- package/package.json +1 -1
- package/sdk/core-dist/operator-session.d.ts +80 -0
- package/sdk/core-dist/operator-session.js +154 -0
- package/sdk/dist/index.d.ts +7 -0
- package/sdk/dist/index.d.ts.map +1 -1
- package/sdk/dist/index.js +7 -0
- package/sdk/dist/index.js.map +1 -1
- package/sdk/dist/namespaces/operator.d.ts +112 -0
- package/sdk/dist/namespaces/operator.d.ts.map +1 -0
- package/sdk/dist/namespaces/operator.js +107 -0
- package/sdk/dist/namespaces/operator.js.map +1 -0
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* A cached operator session — the *human* (email) principal, distinct from the
|
|
3
|
+
* agent's per-wallet SIWX identity. Minted in the browser via the device-
|
|
4
|
+
* authorization flow (`run402 operator login`) and cached at the BASE config
|
|
5
|
+
* dir (not per-wallet) because it is email-scoped: one login spans every local
|
|
6
|
+
* named wallet that the email controls.
|
|
7
|
+
*
|
|
8
|
+
* Stored shape vs the gateway token payload: the gateway returns a relative
|
|
9
|
+
* `expires_in` (seconds); we persist the absolute `expires_at` (epoch ms,
|
|
10
|
+
* computed at write time) so a cached session can be checked for expiry without
|
|
11
|
+
* knowing when it was written. `absolute_expires_at` (the gateway's ~12h hard
|
|
12
|
+
* cap) is stored verbatim, for display and a defensive secondary expiry check.
|
|
13
|
+
*/
|
|
14
|
+
export interface OperatorSession {
|
|
15
|
+
operator_session_token: string;
|
|
16
|
+
token_type: string;
|
|
17
|
+
email: string;
|
|
18
|
+
wallets: string[];
|
|
19
|
+
/** Epoch ms when the access token expires (issued_at + expires_in). */
|
|
20
|
+
expires_at: number;
|
|
21
|
+
/** ISO 8601 absolute cap from the gateway; the session cannot outlive it. */
|
|
22
|
+
absolute_expires_at: string;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* The token payload returned by the device/token poll (and the underlying
|
|
26
|
+
* email/passkey mints). Relative `expires_in`; mapped to an absolute
|
|
27
|
+
* `expires_at` by {@link operatorSessionFromTokenResponse} before caching.
|
|
28
|
+
*/
|
|
29
|
+
export interface OperatorSessionTokenResponse {
|
|
30
|
+
operator_session_token: string;
|
|
31
|
+
token_type?: string;
|
|
32
|
+
expires_in?: number;
|
|
33
|
+
absolute_expires_at?: string;
|
|
34
|
+
email?: string;
|
|
35
|
+
wallets?: string[];
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Path to the cached operator session: `{base}/operator-session.json`, at the
|
|
39
|
+
* BASE config dir — NOT the per-profile dir, because the session is email-
|
|
40
|
+
* scoped and shared across all local named wallets. `RUN402_OPERATOR_SESSION_PATH`
|
|
41
|
+
* overrides for testing, mirroring `RUN402_ALLOWANCE_PATH`.
|
|
42
|
+
*/
|
|
43
|
+
export declare function getOperatorSessionPath(): string;
|
|
44
|
+
/**
|
|
45
|
+
* Load the cached operator session from disk.
|
|
46
|
+
*
|
|
47
|
+
* Returns `null` for the "no session cached" cases (file absent, unreadable, or
|
|
48
|
+
* unparseable JSON) — callers treat that as "not logged in" and point at
|
|
49
|
+
* `run402 operator login`. Throws a structured `Error` when the file parses as
|
|
50
|
+
* JSON but the shape is wrong, so a corrupted cache surfaces a clear fix-it
|
|
51
|
+
* instead of a downstream `TypeError`.
|
|
52
|
+
*/
|
|
53
|
+
export declare function readOperatorSession(path?: string): OperatorSession | null;
|
|
54
|
+
/** Persist an operator session atomically (temp-file + rename), mode 0600. */
|
|
55
|
+
export declare function saveOperatorSession(data: OperatorSession, path?: string): void;
|
|
56
|
+
/**
|
|
57
|
+
* Delete the cached operator session — the local half of `operator logout`.
|
|
58
|
+
* Best-effort and idempotent: a missing file is a no-op.
|
|
59
|
+
*/
|
|
60
|
+
export declare function clearOperatorSession(path?: string): void;
|
|
61
|
+
/**
|
|
62
|
+
* Whether a cached session is past its usable life. The access token
|
|
63
|
+
* (`expires_at`, ~30m) always expires before the absolute cap (~12h), so
|
|
64
|
+
* checking it is sufficient; the absolute cap is honored defensively. A small
|
|
65
|
+
* skew buffer treats a session expiring within `skewMs` as already expired, so
|
|
66
|
+
* we never send a token that dies mid-flight.
|
|
67
|
+
*/
|
|
68
|
+
export declare function isOperatorSessionExpired(session: OperatorSession, nowMs?: number, skewMs?: number): boolean;
|
|
69
|
+
/**
|
|
70
|
+
* Read the cached session and return it only if still usable; `null` if absent
|
|
71
|
+
* or expired. The bearer fetch path and `operator overview` use this so an
|
|
72
|
+
* expired cache surfaces as "not logged in" instead of a server 401.
|
|
73
|
+
*/
|
|
74
|
+
export declare function loadLiveOperatorSession(path?: string, nowMs?: number): OperatorSession | null;
|
|
75
|
+
/**
|
|
76
|
+
* Map a gateway token payload (relative `expires_in`) into the cached shape
|
|
77
|
+
* (absolute `expires_at`). `nowMs` is injectable for deterministic tests.
|
|
78
|
+
*/
|
|
79
|
+
export declare function operatorSessionFromTokenResponse(resp: OperatorSessionTokenResponse, nowMs?: number): OperatorSession;
|
|
80
|
+
//# sourceMappingURL=operator-session.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"operator-session.d.ts","sourceRoot":"","sources":["../src/operator-session.ts"],"names":[],"mappings":"AAKA;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,eAAe;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,uEAAuE;IACvE,UAAU,EAAE,MAAM,CAAC;IACnB,6EAA6E;IAC7E,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED;;;;GAIG;AACH,MAAM,WAAW,4BAA4B;IAC3C,sBAAsB,EAAE,MAAM,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAE/C;AAuBD;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI,CAsDzE;AAED,8EAA8E;AAC9E,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,eAAe,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAQ9E;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAOxD;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,eAAe,EACxB,KAAK,GAAE,MAAmB,EAC1B,MAAM,SAAS,GACd,OAAO,CAOT;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,GAAE,MAAmB,GAAG,eAAe,GAAG,IAAI,CAIzG;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAC9C,IAAI,EAAE,4BAA4B,EAClC,KAAK,GAAE,MAAmB,GACzB,eAAe,CASjB"}
|
|
@@ -0,0 +1,154 @@
|
|
|
1
|
+
import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, renameSync, statSync, rmSync } from "node:fs";
|
|
2
|
+
import { dirname, join } from "node:path";
|
|
3
|
+
import { randomBytes } from "node:crypto";
|
|
4
|
+
import { getConfigBaseDir } from "./config.js";
|
|
5
|
+
/**
|
|
6
|
+
* Path to the cached operator session: `{base}/operator-session.json`, at the
|
|
7
|
+
* BASE config dir — NOT the per-profile dir, because the session is email-
|
|
8
|
+
* scoped and shared across all local named wallets. `RUN402_OPERATOR_SESSION_PATH`
|
|
9
|
+
* overrides for testing, mirroring `RUN402_ALLOWANCE_PATH`.
|
|
10
|
+
*/
|
|
11
|
+
export function getOperatorSessionPath() {
|
|
12
|
+
return process.env.RUN402_OPERATOR_SESSION_PATH || join(getConfigBaseDir(), "operator-session.json");
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* If the session file is readable by group or other (any low 0o077 bit set),
|
|
16
|
+
* tighten it to 0600 and warn once on stderr — the bearer token is as sensitive
|
|
17
|
+
* as the allowance private key. Best-effort: POSIX-only, silent elsewhere.
|
|
18
|
+
* Mirrors the self-heal in `allowance.ts`.
|
|
19
|
+
*/
|
|
20
|
+
function selfHealPermissions(p) {
|
|
21
|
+
if (process.platform === "win32")
|
|
22
|
+
return;
|
|
23
|
+
try {
|
|
24
|
+
const mode = statSync(p).mode & 0o777;
|
|
25
|
+
if ((mode & 0o077) !== 0) {
|
|
26
|
+
chmodSync(p, 0o600);
|
|
27
|
+
process.stderr.write(`warning: tightened permissions on ${p} from ${mode.toString(8)} to 600 (was readable by other users).\n`);
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
31
|
+
// Best-effort; never block a read on a chmod/stat failure.
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Load the cached operator session from disk.
|
|
36
|
+
*
|
|
37
|
+
* Returns `null` for the "no session cached" cases (file absent, unreadable, or
|
|
38
|
+
* unparseable JSON) — callers treat that as "not logged in" and point at
|
|
39
|
+
* `run402 operator login`. Throws a structured `Error` when the file parses as
|
|
40
|
+
* JSON but the shape is wrong, so a corrupted cache surfaces a clear fix-it
|
|
41
|
+
* instead of a downstream `TypeError`.
|
|
42
|
+
*/
|
|
43
|
+
export function readOperatorSession(path) {
|
|
44
|
+
const p = path ?? getOperatorSessionPath();
|
|
45
|
+
if (!existsSync(p))
|
|
46
|
+
return null;
|
|
47
|
+
selfHealPermissions(p);
|
|
48
|
+
let raw;
|
|
49
|
+
try {
|
|
50
|
+
raw = readFileSync(p, "utf-8");
|
|
51
|
+
}
|
|
52
|
+
catch {
|
|
53
|
+
return null;
|
|
54
|
+
}
|
|
55
|
+
let parsed;
|
|
56
|
+
try {
|
|
57
|
+
parsed = JSON.parse(raw);
|
|
58
|
+
}
|
|
59
|
+
catch {
|
|
60
|
+
// Unparseable input reads as "no session" rather than an error — consumers
|
|
61
|
+
// already handle null with a friendly "run 'run402 operator login'".
|
|
62
|
+
return null;
|
|
63
|
+
}
|
|
64
|
+
if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) {
|
|
65
|
+
throw new Error(`operator-session.json must contain a JSON object (got ${Array.isArray(parsed) ? "array" : parsed === null ? "null" : typeof parsed}). Delete the file and run 'run402 operator login' to recreate it.`);
|
|
66
|
+
}
|
|
67
|
+
const data = parsed;
|
|
68
|
+
if (typeof data.operator_session_token !== "string" || data.operator_session_token.length === 0) {
|
|
69
|
+
throw new Error("operator-session.json missing valid 'operator_session_token'. Run 'run402 operator login' to refresh it.");
|
|
70
|
+
}
|
|
71
|
+
if (typeof data.email !== "string" || data.email.length === 0) {
|
|
72
|
+
throw new Error("operator-session.json missing valid 'email'. Run 'run402 operator login' to refresh it.");
|
|
73
|
+
}
|
|
74
|
+
if (typeof data.expires_at !== "number" || !Number.isFinite(data.expires_at)) {
|
|
75
|
+
throw new Error("operator-session.json missing valid 'expires_at'. Run 'run402 operator login' to refresh it.");
|
|
76
|
+
}
|
|
77
|
+
if (!Array.isArray(data.wallets) || data.wallets.some((w) => typeof w !== "string")) {
|
|
78
|
+
throw new Error("operator-session.json has an invalid 'wallets' list. Run 'run402 operator login' to refresh it.");
|
|
79
|
+
}
|
|
80
|
+
return {
|
|
81
|
+
operator_session_token: data.operator_session_token,
|
|
82
|
+
token_type: typeof data.token_type === "string" ? data.token_type : "Bearer",
|
|
83
|
+
email: data.email,
|
|
84
|
+
wallets: data.wallets,
|
|
85
|
+
expires_at: data.expires_at,
|
|
86
|
+
absolute_expires_at: typeof data.absolute_expires_at === "string" ? data.absolute_expires_at : "",
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
/** Persist an operator session atomically (temp-file + rename), mode 0600. */
|
|
90
|
+
export function saveOperatorSession(data, path) {
|
|
91
|
+
const p = path ?? getOperatorSessionPath();
|
|
92
|
+
const dir = dirname(p);
|
|
93
|
+
mkdirSync(dir, { recursive: true });
|
|
94
|
+
const tmp = join(dir, `.operator-session.${randomBytes(4).toString("hex")}.tmp`);
|
|
95
|
+
writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 0o600 });
|
|
96
|
+
renameSync(tmp, p);
|
|
97
|
+
chmodSync(p, 0o600);
|
|
98
|
+
}
|
|
99
|
+
/**
|
|
100
|
+
* Delete the cached operator session — the local half of `operator logout`.
|
|
101
|
+
* Best-effort and idempotent: a missing file is a no-op.
|
|
102
|
+
*/
|
|
103
|
+
export function clearOperatorSession(path) {
|
|
104
|
+
const p = path ?? getOperatorSessionPath();
|
|
105
|
+
try {
|
|
106
|
+
rmSync(p, { force: true });
|
|
107
|
+
}
|
|
108
|
+
catch {
|
|
109
|
+
// Best-effort: a failed unlink should never crash logout.
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Whether a cached session is past its usable life. The access token
|
|
114
|
+
* (`expires_at`, ~30m) always expires before the absolute cap (~12h), so
|
|
115
|
+
* checking it is sufficient; the absolute cap is honored defensively. A small
|
|
116
|
+
* skew buffer treats a session expiring within `skewMs` as already expired, so
|
|
117
|
+
* we never send a token that dies mid-flight.
|
|
118
|
+
*/
|
|
119
|
+
export function isOperatorSessionExpired(session, nowMs = Date.now(), skewMs = 10_000) {
|
|
120
|
+
if (nowMs + skewMs >= session.expires_at)
|
|
121
|
+
return true;
|
|
122
|
+
if (session.absolute_expires_at) {
|
|
123
|
+
const cap = Date.parse(session.absolute_expires_at);
|
|
124
|
+
if (Number.isFinite(cap) && nowMs + skewMs >= cap)
|
|
125
|
+
return true;
|
|
126
|
+
}
|
|
127
|
+
return false;
|
|
128
|
+
}
|
|
129
|
+
/**
|
|
130
|
+
* Read the cached session and return it only if still usable; `null` if absent
|
|
131
|
+
* or expired. The bearer fetch path and `operator overview` use this so an
|
|
132
|
+
* expired cache surfaces as "not logged in" instead of a server 401.
|
|
133
|
+
*/
|
|
134
|
+
export function loadLiveOperatorSession(path, nowMs = Date.now()) {
|
|
135
|
+
const s = readOperatorSession(path);
|
|
136
|
+
if (!s)
|
|
137
|
+
return null;
|
|
138
|
+
return isOperatorSessionExpired(s, nowMs) ? null : s;
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Map a gateway token payload (relative `expires_in`) into the cached shape
|
|
142
|
+
* (absolute `expires_at`). `nowMs` is injectable for deterministic tests.
|
|
143
|
+
*/
|
|
144
|
+
export function operatorSessionFromTokenResponse(resp, nowMs = Date.now()) {
|
|
145
|
+
return {
|
|
146
|
+
operator_session_token: resp.operator_session_token,
|
|
147
|
+
token_type: resp.token_type ?? "Bearer",
|
|
148
|
+
email: resp.email ?? "",
|
|
149
|
+
wallets: Array.isArray(resp.wallets) ? resp.wallets.filter((w) => typeof w === "string") : [],
|
|
150
|
+
expires_at: nowMs + (typeof resp.expires_in === "number" ? resp.expires_in : 0) * 1000,
|
|
151
|
+
absolute_expires_at: resp.absolute_expires_at ?? "",
|
|
152
|
+
};
|
|
153
|
+
}
|
|
154
|
+
//# sourceMappingURL=operator-session.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"operator-session.js","sourceRoot":"","sources":["../src/operator-session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACtH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAwC/C;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB;IACpC,OAAO,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,IAAI,CAAC,gBAAgB,EAAE,EAAE,uBAAuB,CAAC,CAAC;AACvG,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,CAAS;IACpC,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO;IACzC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC;QACtC,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;YACpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qCAAqC,CAAC,SAAS,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,0CAA0C,CAC1G,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2DAA2D;IAC7D,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAa;IAC/C,MAAM,CAAC,GAAG,IAAI,IAAI,sBAAsB,EAAE,CAAC;IAC3C,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAChC,mBAAmB,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,2EAA2E;QAC3E,qEAAqE;QACrE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3E,MAAM,IAAI,KAAK,CACb,yDACE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,MACtE,oEAAoE,CACrE,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,MAAkC,CAAC;IAChD,IAAI,OAAO,IAAI,CAAC,sBAAsB,KAAK,QAAQ,IAAI,IAAI,CAAC,sBAAsB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChG,MAAM,IAAI,KAAK,CACb,0GAA0G,CAC3G,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QAC7E,MAAM,IAAI,KAAK,CACb,8FAA8F,CAC/F,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;QACpF,MAAM,IAAI,KAAK,CACb,iGAAiG,CAClG,CAAC;IACJ,CAAC;IACD,OAAO;QACL,sBAAsB,EAAE,IAAI,CAAC,sBAAsB;QACnD,UAAU,EAAE,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ;QAC5E,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,OAAO,EAAE,IAAI,CAAC,OAAmB;QACjC,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,mBAAmB,EAAE,OAAO,IAAI,CAAC,mBAAmB,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE;KAClG,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,mBAAmB,CAAC,IAAqB,EAAE,IAAa;IACtE,MAAM,CAAC,GAAG,IAAI,IAAI,sBAAsB,EAAE,CAAC;IAC3C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IACvB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,qBAAqB,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjF,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACnE,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IACnB,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAa;IAChD,MAAM,CAAC,GAAG,IAAI,IAAI,sBAAsB,EAAE,CAAC;IAC3C,IAAI,CAAC;QACH,MAAM,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,0DAA0D;IAC5D,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB,CACtC,OAAwB,EACxB,QAAgB,IAAI,CAAC,GAAG,EAAE,EAC1B,MAAM,GAAG,MAAM;IAEf,IAAI,KAAK,GAAG,MAAM,IAAI,OAAO,CAAC,UAAU;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACpD,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,GAAG,MAAM,IAAI,GAAG;YAAE,OAAO,IAAI,CAAC;IACjE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAa,EAAE,QAAgB,IAAI,CAAC,GAAG,EAAE;IAC/E,MAAM,CAAC,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACpC,IAAI,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACpB,OAAO,wBAAwB,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gCAAgC,CAC9C,IAAkC,EAClC,QAAgB,IAAI,CAAC,GAAG,EAAE;IAE1B,OAAO;QACL,sBAAsB,EAAE,IAAI,CAAC,sBAAsB;QACnD,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,QAAQ;QACvC,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;QACvB,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE;QAC1G,UAAU,EAAE,KAAK,GAAG,CAAC,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI;QACtF,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,IAAI,EAAE;KACpD,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "run402-mcp",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.31.0",
|
|
4
4
|
"description": "MCP server for Run402 — AI-native Postgres databases with REST API, auth, storage, and row-level security. Pay with x402 USDC micropayments.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* A cached operator session — the *human* (email) principal, distinct from the
|
|
3
|
+
* agent's per-wallet SIWX identity. Minted in the browser via the device-
|
|
4
|
+
* authorization flow (`run402 operator login`) and cached at the BASE config
|
|
5
|
+
* dir (not per-wallet) because it is email-scoped: one login spans every local
|
|
6
|
+
* named wallet that the email controls.
|
|
7
|
+
*
|
|
8
|
+
* Stored shape vs the gateway token payload: the gateway returns a relative
|
|
9
|
+
* `expires_in` (seconds); we persist the absolute `expires_at` (epoch ms,
|
|
10
|
+
* computed at write time) so a cached session can be checked for expiry without
|
|
11
|
+
* knowing when it was written. `absolute_expires_at` (the gateway's ~12h hard
|
|
12
|
+
* cap) is stored verbatim, for display and a defensive secondary expiry check.
|
|
13
|
+
*/
|
|
14
|
+
export interface OperatorSession {
|
|
15
|
+
operator_session_token: string;
|
|
16
|
+
token_type: string;
|
|
17
|
+
email: string;
|
|
18
|
+
wallets: string[];
|
|
19
|
+
/** Epoch ms when the access token expires (issued_at + expires_in). */
|
|
20
|
+
expires_at: number;
|
|
21
|
+
/** ISO 8601 absolute cap from the gateway; the session cannot outlive it. */
|
|
22
|
+
absolute_expires_at: string;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* The token payload returned by the device/token poll (and the underlying
|
|
26
|
+
* email/passkey mints). Relative `expires_in`; mapped to an absolute
|
|
27
|
+
* `expires_at` by {@link operatorSessionFromTokenResponse} before caching.
|
|
28
|
+
*/
|
|
29
|
+
export interface OperatorSessionTokenResponse {
|
|
30
|
+
operator_session_token: string;
|
|
31
|
+
token_type?: string;
|
|
32
|
+
expires_in?: number;
|
|
33
|
+
absolute_expires_at?: string;
|
|
34
|
+
email?: string;
|
|
35
|
+
wallets?: string[];
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Path to the cached operator session: `{base}/operator-session.json`, at the
|
|
39
|
+
* BASE config dir — NOT the per-profile dir, because the session is email-
|
|
40
|
+
* scoped and shared across all local named wallets. `RUN402_OPERATOR_SESSION_PATH`
|
|
41
|
+
* overrides for testing, mirroring `RUN402_ALLOWANCE_PATH`.
|
|
42
|
+
*/
|
|
43
|
+
export declare function getOperatorSessionPath(): string;
|
|
44
|
+
/**
|
|
45
|
+
* Load the cached operator session from disk.
|
|
46
|
+
*
|
|
47
|
+
* Returns `null` for the "no session cached" cases (file absent, unreadable, or
|
|
48
|
+
* unparseable JSON) — callers treat that as "not logged in" and point at
|
|
49
|
+
* `run402 operator login`. Throws a structured `Error` when the file parses as
|
|
50
|
+
* JSON but the shape is wrong, so a corrupted cache surfaces a clear fix-it
|
|
51
|
+
* instead of a downstream `TypeError`.
|
|
52
|
+
*/
|
|
53
|
+
export declare function readOperatorSession(path?: string): OperatorSession | null;
|
|
54
|
+
/** Persist an operator session atomically (temp-file + rename), mode 0600. */
|
|
55
|
+
export declare function saveOperatorSession(data: OperatorSession, path?: string): void;
|
|
56
|
+
/**
|
|
57
|
+
* Delete the cached operator session — the local half of `operator logout`.
|
|
58
|
+
* Best-effort and idempotent: a missing file is a no-op.
|
|
59
|
+
*/
|
|
60
|
+
export declare function clearOperatorSession(path?: string): void;
|
|
61
|
+
/**
|
|
62
|
+
* Whether a cached session is past its usable life. The access token
|
|
63
|
+
* (`expires_at`, ~30m) always expires before the absolute cap (~12h), so
|
|
64
|
+
* checking it is sufficient; the absolute cap is honored defensively. A small
|
|
65
|
+
* skew buffer treats a session expiring within `skewMs` as already expired, so
|
|
66
|
+
* we never send a token that dies mid-flight.
|
|
67
|
+
*/
|
|
68
|
+
export declare function isOperatorSessionExpired(session: OperatorSession, nowMs?: number, skewMs?: number): boolean;
|
|
69
|
+
/**
|
|
70
|
+
* Read the cached session and return it only if still usable; `null` if absent
|
|
71
|
+
* or expired. The bearer fetch path and `operator overview` use this so an
|
|
72
|
+
* expired cache surfaces as "not logged in" instead of a server 401.
|
|
73
|
+
*/
|
|
74
|
+
export declare function loadLiveOperatorSession(path?: string, nowMs?: number): OperatorSession | null;
|
|
75
|
+
/**
|
|
76
|
+
* Map a gateway token payload (relative `expires_in`) into the cached shape
|
|
77
|
+
* (absolute `expires_at`). `nowMs` is injectable for deterministic tests.
|
|
78
|
+
*/
|
|
79
|
+
export declare function operatorSessionFromTokenResponse(resp: OperatorSessionTokenResponse, nowMs?: number): OperatorSession;
|
|
80
|
+
//# sourceMappingURL=operator-session.d.ts.map
|
|
@@ -0,0 +1,154 @@
|
|
|
1
|
+
import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, renameSync, statSync, rmSync } from "node:fs";
|
|
2
|
+
import { dirname, join } from "node:path";
|
|
3
|
+
import { randomBytes } from "node:crypto";
|
|
4
|
+
import { getConfigBaseDir } from "./config.js";
|
|
5
|
+
/**
|
|
6
|
+
* Path to the cached operator session: `{base}/operator-session.json`, at the
|
|
7
|
+
* BASE config dir — NOT the per-profile dir, because the session is email-
|
|
8
|
+
* scoped and shared across all local named wallets. `RUN402_OPERATOR_SESSION_PATH`
|
|
9
|
+
* overrides for testing, mirroring `RUN402_ALLOWANCE_PATH`.
|
|
10
|
+
*/
|
|
11
|
+
export function getOperatorSessionPath() {
|
|
12
|
+
return process.env.RUN402_OPERATOR_SESSION_PATH || join(getConfigBaseDir(), "operator-session.json");
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* If the session file is readable by group or other (any low 0o077 bit set),
|
|
16
|
+
* tighten it to 0600 and warn once on stderr — the bearer token is as sensitive
|
|
17
|
+
* as the allowance private key. Best-effort: POSIX-only, silent elsewhere.
|
|
18
|
+
* Mirrors the self-heal in `allowance.ts`.
|
|
19
|
+
*/
|
|
20
|
+
function selfHealPermissions(p) {
|
|
21
|
+
if (process.platform === "win32")
|
|
22
|
+
return;
|
|
23
|
+
try {
|
|
24
|
+
const mode = statSync(p).mode & 0o777;
|
|
25
|
+
if ((mode & 0o077) !== 0) {
|
|
26
|
+
chmodSync(p, 0o600);
|
|
27
|
+
process.stderr.write(`warning: tightened permissions on ${p} from ${mode.toString(8)} to 600 (was readable by other users).\n`);
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
31
|
+
// Best-effort; never block a read on a chmod/stat failure.
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Load the cached operator session from disk.
|
|
36
|
+
*
|
|
37
|
+
* Returns `null` for the "no session cached" cases (file absent, unreadable, or
|
|
38
|
+
* unparseable JSON) — callers treat that as "not logged in" and point at
|
|
39
|
+
* `run402 operator login`. Throws a structured `Error` when the file parses as
|
|
40
|
+
* JSON but the shape is wrong, so a corrupted cache surfaces a clear fix-it
|
|
41
|
+
* instead of a downstream `TypeError`.
|
|
42
|
+
*/
|
|
43
|
+
export function readOperatorSession(path) {
|
|
44
|
+
const p = path ?? getOperatorSessionPath();
|
|
45
|
+
if (!existsSync(p))
|
|
46
|
+
return null;
|
|
47
|
+
selfHealPermissions(p);
|
|
48
|
+
let raw;
|
|
49
|
+
try {
|
|
50
|
+
raw = readFileSync(p, "utf-8");
|
|
51
|
+
}
|
|
52
|
+
catch {
|
|
53
|
+
return null;
|
|
54
|
+
}
|
|
55
|
+
let parsed;
|
|
56
|
+
try {
|
|
57
|
+
parsed = JSON.parse(raw);
|
|
58
|
+
}
|
|
59
|
+
catch {
|
|
60
|
+
// Unparseable input reads as "no session" rather than an error — consumers
|
|
61
|
+
// already handle null with a friendly "run 'run402 operator login'".
|
|
62
|
+
return null;
|
|
63
|
+
}
|
|
64
|
+
if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) {
|
|
65
|
+
throw new Error(`operator-session.json must contain a JSON object (got ${Array.isArray(parsed) ? "array" : parsed === null ? "null" : typeof parsed}). Delete the file and run 'run402 operator login' to recreate it.`);
|
|
66
|
+
}
|
|
67
|
+
const data = parsed;
|
|
68
|
+
if (typeof data.operator_session_token !== "string" || data.operator_session_token.length === 0) {
|
|
69
|
+
throw new Error("operator-session.json missing valid 'operator_session_token'. Run 'run402 operator login' to refresh it.");
|
|
70
|
+
}
|
|
71
|
+
if (typeof data.email !== "string" || data.email.length === 0) {
|
|
72
|
+
throw new Error("operator-session.json missing valid 'email'. Run 'run402 operator login' to refresh it.");
|
|
73
|
+
}
|
|
74
|
+
if (typeof data.expires_at !== "number" || !Number.isFinite(data.expires_at)) {
|
|
75
|
+
throw new Error("operator-session.json missing valid 'expires_at'. Run 'run402 operator login' to refresh it.");
|
|
76
|
+
}
|
|
77
|
+
if (!Array.isArray(data.wallets) || data.wallets.some((w) => typeof w !== "string")) {
|
|
78
|
+
throw new Error("operator-session.json has an invalid 'wallets' list. Run 'run402 operator login' to refresh it.");
|
|
79
|
+
}
|
|
80
|
+
return {
|
|
81
|
+
operator_session_token: data.operator_session_token,
|
|
82
|
+
token_type: typeof data.token_type === "string" ? data.token_type : "Bearer",
|
|
83
|
+
email: data.email,
|
|
84
|
+
wallets: data.wallets,
|
|
85
|
+
expires_at: data.expires_at,
|
|
86
|
+
absolute_expires_at: typeof data.absolute_expires_at === "string" ? data.absolute_expires_at : "",
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
/** Persist an operator session atomically (temp-file + rename), mode 0600. */
|
|
90
|
+
export function saveOperatorSession(data, path) {
|
|
91
|
+
const p = path ?? getOperatorSessionPath();
|
|
92
|
+
const dir = dirname(p);
|
|
93
|
+
mkdirSync(dir, { recursive: true });
|
|
94
|
+
const tmp = join(dir, `.operator-session.${randomBytes(4).toString("hex")}.tmp`);
|
|
95
|
+
writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 0o600 });
|
|
96
|
+
renameSync(tmp, p);
|
|
97
|
+
chmodSync(p, 0o600);
|
|
98
|
+
}
|
|
99
|
+
/**
|
|
100
|
+
* Delete the cached operator session — the local half of `operator logout`.
|
|
101
|
+
* Best-effort and idempotent: a missing file is a no-op.
|
|
102
|
+
*/
|
|
103
|
+
export function clearOperatorSession(path) {
|
|
104
|
+
const p = path ?? getOperatorSessionPath();
|
|
105
|
+
try {
|
|
106
|
+
rmSync(p, { force: true });
|
|
107
|
+
}
|
|
108
|
+
catch {
|
|
109
|
+
// Best-effort: a failed unlink should never crash logout.
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Whether a cached session is past its usable life. The access token
|
|
114
|
+
* (`expires_at`, ~30m) always expires before the absolute cap (~12h), so
|
|
115
|
+
* checking it is sufficient; the absolute cap is honored defensively. A small
|
|
116
|
+
* skew buffer treats a session expiring within `skewMs` as already expired, so
|
|
117
|
+
* we never send a token that dies mid-flight.
|
|
118
|
+
*/
|
|
119
|
+
export function isOperatorSessionExpired(session, nowMs = Date.now(), skewMs = 10_000) {
|
|
120
|
+
if (nowMs + skewMs >= session.expires_at)
|
|
121
|
+
return true;
|
|
122
|
+
if (session.absolute_expires_at) {
|
|
123
|
+
const cap = Date.parse(session.absolute_expires_at);
|
|
124
|
+
if (Number.isFinite(cap) && nowMs + skewMs >= cap)
|
|
125
|
+
return true;
|
|
126
|
+
}
|
|
127
|
+
return false;
|
|
128
|
+
}
|
|
129
|
+
/**
|
|
130
|
+
* Read the cached session and return it only if still usable; `null` if absent
|
|
131
|
+
* or expired. The bearer fetch path and `operator overview` use this so an
|
|
132
|
+
* expired cache surfaces as "not logged in" instead of a server 401.
|
|
133
|
+
*/
|
|
134
|
+
export function loadLiveOperatorSession(path, nowMs = Date.now()) {
|
|
135
|
+
const s = readOperatorSession(path);
|
|
136
|
+
if (!s)
|
|
137
|
+
return null;
|
|
138
|
+
return isOperatorSessionExpired(s, nowMs) ? null : s;
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Map a gateway token payload (relative `expires_in`) into the cached shape
|
|
142
|
+
* (absolute `expires_at`). `nowMs` is injectable for deterministic tests.
|
|
143
|
+
*/
|
|
144
|
+
export function operatorSessionFromTokenResponse(resp, nowMs = Date.now()) {
|
|
145
|
+
return {
|
|
146
|
+
operator_session_token: resp.operator_session_token,
|
|
147
|
+
token_type: resp.token_type ?? "Bearer",
|
|
148
|
+
email: resp.email ?? "",
|
|
149
|
+
wallets: Array.isArray(resp.wallets) ? resp.wallets.filter((w) => typeof w === "string") : [],
|
|
150
|
+
expires_at: nowMs + (typeof resp.expires_in === "number" ? resp.expires_in : 0) * 1000,
|
|
151
|
+
absolute_expires_at: resp.absolute_expires_at ?? "",
|
|
152
|
+
};
|
|
153
|
+
}
|
|
154
|
+
//# sourceMappingURL=operator-session.js.map
|
package/sdk/dist/index.d.ts
CHANGED
|
@@ -29,6 +29,7 @@ import { Admin } from "./namespaces/admin.js";
|
|
|
29
29
|
import { Deploy } from "./namespaces/deploy.js";
|
|
30
30
|
import { Ci } from "./namespaces/ci.js";
|
|
31
31
|
import { Jobs } from "./namespaces/jobs.js";
|
|
32
|
+
import { Operator } from "./namespaces/operator.js";
|
|
32
33
|
import type { ContentSource, FileSet } from "./namespaces/deploy.types.js";
|
|
33
34
|
import { ScopedRun402 } from "./scoped.js";
|
|
34
35
|
export interface Run402Options {
|
|
@@ -76,6 +77,11 @@ export declare class Run402 {
|
|
|
76
77
|
readonly _applyEngine: Deploy;
|
|
77
78
|
readonly ci: Ci;
|
|
78
79
|
readonly jobs: Jobs;
|
|
80
|
+
/**
|
|
81
|
+
* The *human* (email) principal — browser-delegated operator session (RFC
|
|
82
|
+
* 8628 device flow), distinct from the agent's per-wallet SIWX identity.
|
|
83
|
+
*/
|
|
84
|
+
readonly operator: Operator;
|
|
79
85
|
constructor(opts: Run402Options);
|
|
80
86
|
/**
|
|
81
87
|
* Return a project-scoped sub-client where every project-id-bearing namespace
|
|
@@ -183,6 +189,7 @@ export type * from "./namespaces/domains.js";
|
|
|
183
189
|
export type * from "./namespaces/email.js";
|
|
184
190
|
export type * from "./namespaces/functions.types.js";
|
|
185
191
|
export type * from "./namespaces/jobs.js";
|
|
192
|
+
export type * from "./namespaces/operator.js";
|
|
186
193
|
export type * from "./namespaces/projects.types.js";
|
|
187
194
|
export type * from "./namespaces/secrets.js";
|
|
188
195
|
export type * from "./namespaces/sender-domain.js";
|
package/sdk/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,MAAM,WAAW,aAAa;IAC5B,mDAAmD;IACnD,OAAO,EAAE,MAAM,CAAC;IAChB,mFAAmF;IACnF,WAAW,EAAE,mBAAmB,CAAC;IACjC;;;;OAIG;IACH,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;CACjC;AAED,qBAAa,MAAM;;IACjB,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;IAChC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC;IAChB,QAAQ,CAAC,KAAK,EAAG,EAAE,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB;;;;;;OAMG;IACH,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC;IAChB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,MAAM,WAAW,aAAa;IAC5B,mDAAmD;IACnD,OAAO,EAAE,MAAM,CAAC;IAChB,mFAAmF;IACnF,WAAW,EAAE,mBAAmB,CAAC;IACjC;;;;OAIG;IACH,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;CACjC;AAED,qBAAa,MAAM;;IACjB,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;IAChC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC;IAChB,QAAQ,CAAC,KAAK,EAAG,EAAE,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB;;;;;;OAMG;IACH,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC;IAChB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB;;;OAGG;IACH,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;gBAIhB,IAAI,EAAE,aAAa;IAiE/B;;;;;;;;;;;;;;;;OAgBG;IACG,OAAO,CAAC,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAsBjD;;;;;;;;;;;OAWG;IACG,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAKnD;;;;;;;;;OASG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;CAiBhC;AAED,uCAAuC;AACvC,MAAM,WAAW,MAAM;IACrB,8EAA8E;IAC9E,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,+DAA+D;IAC/D,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,4EAA4E;IAC5E,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,wDAAwD;IACxD,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9B;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,KAAK,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,GAAG,OAAO,CAEpE;AAED;;;GAGG;AACH,wBAAgB,MAAM,CAAC,IAAI,EAAE,aAAa,GAAG,MAAM,CAElD;AAED,OAAO,EACL,WAAW,EACX,eAAe,EACf,eAAe,EACf,YAAY,EACZ,QAAQ,EACR,YAAY,EACZ,UAAU,EACV,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,cAAc,EACd,YAAY,EACZ,aAAa,EACb,qBAAqB,EACrB,sBAAsB,EACtB,aAAa,GACd,MAAM,aAAa,CAAC;AACrB,YAAY,EACV,qBAAqB,EACrB,oBAAoB,EACpB,eAAe,EACf,gBAAgB,GACjB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,mBAAmB,YAAY,CAAC;AAChC,mBAAmB,kBAAkB,CAAC;AACtC,mBAAmB,aAAa,CAAC;AACjC,OAAO,EACL,sBAAsB,EACtB,0BAA0B,EAC1B,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,qBAAqB,CAAC;AAC7B,mBAAmB,qBAAqB,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EACL,8BAA8B,EAC9B,kBAAkB,EAClB,yBAAyB,EACzB,uBAAuB,EACvB,wBAAwB,EACxB,6BAA6B,EAC7B,+BAA+B,EAC/B,qBAAqB,GACtB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,EAAE,EACF,WAAW,EACX,wBAAwB,EACxB,0BAA0B,EAC1B,8BAA8B,EAC9B,qBAAqB,EACrB,4BAA4B,EAC5B,sBAAsB,EACtB,4BAA4B,EAC5B,0BAA0B,EAC1B,sBAAsB,EACtB,2BAA2B,EAC3B,eAAe,EACf,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,2BAA2B,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,mBAAmB,oBAAoB,CAAC;AACxC,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,8BAA8B,CAAC;AAClD,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,8BAA8B,CAAC;AAClD,YAAY,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACzD,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,iCAAiC,CAAC;AACrD,mBAAmB,sBAAsB,CAAC;AAC1C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,gCAAgC,CAAC;AACpD,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,+BAA+B,CAAC;AACnD,mBAAmB,yBAAyB,CAAC;AAC7C,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,4BAA4B,CAAC;AAChD,mBAAmB,sBAAsB,CAAC"}
|
package/sdk/dist/index.js
CHANGED
|
@@ -29,6 +29,7 @@ import { Admin } from "./namespaces/admin.js";
|
|
|
29
29
|
import { Deploy } from "./namespaces/deploy.js";
|
|
30
30
|
import { Ci } from "./namespaces/ci.js";
|
|
31
31
|
import { Jobs } from "./namespaces/jobs.js";
|
|
32
|
+
import { Operator } from "./namespaces/operator.js";
|
|
32
33
|
import { ScopedRun402 } from "./scoped.js";
|
|
33
34
|
import { LocalError } from "./errors.js";
|
|
34
35
|
export class Run402 {
|
|
@@ -63,6 +64,11 @@ export class Run402 {
|
|
|
63
64
|
_applyEngine;
|
|
64
65
|
ci;
|
|
65
66
|
jobs;
|
|
67
|
+
/**
|
|
68
|
+
* The *human* (email) principal — browser-delegated operator session (RFC
|
|
69
|
+
* 8628 device flow), distinct from the agent's per-wallet SIWX identity.
|
|
70
|
+
*/
|
|
71
|
+
operator;
|
|
66
72
|
#client;
|
|
67
73
|
constructor(opts) {
|
|
68
74
|
if (!opts || typeof opts !== "object") {
|
|
@@ -112,6 +118,7 @@ export class Run402 {
|
|
|
112
118
|
this._applyEngine = new Deploy(client);
|
|
113
119
|
this.ci = new Ci(client);
|
|
114
120
|
this.jobs = new Jobs(client);
|
|
121
|
+
this.operator = new Operator(client);
|
|
115
122
|
}
|
|
116
123
|
/**
|
|
117
124
|
* Return a project-scoped sub-client where every project-id-bearing namespace
|
package/sdk/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,WAAW,EAAkC,MAAM,aAAa,CAAC;AAE1E,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,WAAW,EAAkC,MAAM,aAAa,CAAC;AAE1E,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AACtD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAEpD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAezC,MAAM,OAAO,MAAM;IACR,QAAQ,CAAW;IACnB,MAAM,CAAS;IACf,SAAS,CAAY;IACrB,OAAO,CAAU;IACjB,KAAK,CAAQ;IACb,UAAU,CAAa;IACvB,OAAO,CAAU;IACjB,KAAK,CAAQ;IACb,OAAO,CAAU;IACjB,IAAI,CAAO;IACX,SAAS,CAAY;IACrB,EAAE,CAAK;IACP,KAAK,CAAM;IACX,IAAI,CAAO;IACX,YAAY,CAAe;IAC3B,OAAO,CAAU;IACjB,OAAO,CAAU;IACjB,IAAI,CAAO;IACX,KAAK,CAAQ;IACb,SAAS,CAAY;IACrB,KAAK,CAAQ;IACtB;;;;;;OAMG;IACM,YAAY,CAAS;IACrB,EAAE,CAAK;IACP,IAAI,CAAO;IACpB;;;OAGG;IACM,QAAQ,CAAW;IAEnB,OAAO,CAAS;IAEzB,YAAY,IAAmB;QAC7B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,MAAM,IAAI,UAAU,CAClB,mCAAmC,EACnC,qBAAqB,CACtB,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YACtD,MAAM,IAAI,UAAU,CAClB,mDAAmD,EACnD,qBAAqB,CACtB,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,UAAU,CAClB,gKAAgK,EAChK,qBAAqB,CACtB,CAAC;QACJ,CAAC;QACD,IACE,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,KAAK,UAAU;YAC9C,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,KAAK,UAAU,EACjD,CAAC;YACD,MAAM,IAAI,UAAU,CAClB,+EAA+E,EAC/E,qBAAqB,CACtB,CAAC;QACJ,CAAC;QACD,MAAM,MAAM,GAAiB;YAC3B,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC;YACtD,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;QACF,MAAM,MAAM,GAAW,WAAW,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,IAAI,CAAC,UAAU,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,IAAI,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,EAAE,GAAG,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC;QACzB,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,OAAO,EAAE;YACnC,KAAK,EAAE,IAAI,CAAC,EAAE;YACd,UAAU,EAAE,KAAK;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,OAAO,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,IAAI,CAAC,YAAY,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,EAAE,GAAG,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;IACvC,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,OAAO,CAAC,EAAW;QACvB,IAAI,UAAU,GAAG,EAAE,CAAC;QACpB,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC;YACzD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,UAAU,CAClB,yIAAyI,EACzI,2BAA2B,CAC5B,CAAC;YACJ,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAC3D,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,UAAU,CAClB,yIAAyI,EACzI,2BAA2B,CAC5B,CAAC;YACJ,CAAC;YACD,UAAU,GAAG,MAAM,CAAC;QACtB,CAAC;QACD,OAAO,IAAI,YAAY,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,UAAU,CAAC,EAAU;QACzB,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5B,OAAO,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC;QACvC,MAAM,QAAQ,GAAG,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC5F,IAAI,OAAO,GAAG,QAAQ,EAAE,OAAO,IAAI,IAAI,CAAC;QACxC,IAAI,OAAO,IAAI,IAAI,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;YAC3C,OAAO,GAAG,CAAC,MAAM,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC;QACrE,CAAC;QACD,MAAM,aAAa,GAAG,KAAK,CAAC,gBAAgB;YAC1C,CAAC,CAAC,MAAM,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC;YAC1C,CAAC,CAAC,IAAI,CAAC;QACT,OAAO;YACL,IAAI,EAAE,QAAQ,EAAE,IAAI,IAAI,IAAI;YAC5B,OAAO;YACP,KAAK,EAAE,QAAQ,EAAE,KAAK,IAAI,IAAI;YAC9B,aAAa,EAAE,aAAa,IAAI,IAAI;SACrC,CAAC;IACJ,CAAC;CACF;AAcD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,KAAK,CAAC,MAAqC;IACzD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,IAAmB;IACxC,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,OAAO,EACL,WAAW,EACX,eAAe,EACf,eAAe,EACf,YAAY,EACZ,QAAQ,EACR,YAAY,EACZ,UAAU,EACV,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,cAAc,EACd,YAAY,EACZ,aAAa,EACb,qBAAqB,EACrB,sBAAsB,EACtB,aAAa,GACd,MAAM,aAAa,CAAC;AAOrB,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAIvC,OAAO,EACL,sBAAsB,EACtB,0BAA0B,EAC1B,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EACL,8BAA8B,EAC9B,kBAAkB,EAClB,yBAAyB,EACzB,uBAAuB,EACvB,wBAAwB,EACxB,6BAA6B,EAC7B,+BAA+B,EAC/B,qBAAqB,GACtB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,EAAE,EACF,WAAW,EACX,wBAAwB,EACxB,0BAA0B,EAC1B,8BAA8B,EAC9B,qBAAqB,EACrB,4BAA4B,EAC5B,sBAAsB,EACtB,4BAA4B,EAC5B,0BAA0B,EAC1B,sBAAsB,EACtB,2BAA2B,EAC3B,eAAe,EACf,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC"}
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `operator` namespace — the *human* (email) principal, distinct from the
|
|
3
|
+
* agent's per-wallet SIWX identity.
|
|
4
|
+
*
|
|
5
|
+
* The human authenticates in the browser via an OAuth 2.0 device-authorization
|
|
6
|
+
* grant (RFC 8628, the `aws sso login` model): `deviceStart` returns a
|
|
7
|
+
* user-facing code + URL, the human approves it via the existing magic-link or
|
|
8
|
+
* passkey web flow, and `devicePoll` brokers the resulting operator-session
|
|
9
|
+
* token. `overview` reads the email-union account view with that token, and
|
|
10
|
+
* `revoke` ends the session server-side.
|
|
11
|
+
*
|
|
12
|
+
* Bearer auth is passed explicitly (`opts.token`) rather than sourced from a
|
|
13
|
+
* credential provider, because the operator session is a Node-only on-disk
|
|
14
|
+
* cache (`core/operator-session.ts`) and this namespace stays isomorphic. The
|
|
15
|
+
* `device*` endpoints are unauthenticated (the `device_code` in the body is the
|
|
16
|
+
* credential), so they send no auth headers.
|
|
17
|
+
*
|
|
18
|
+
* Gateway contract: kychee-com/run402-private#443 (RFC 8628 device-auth bridge).
|
|
19
|
+
*/
|
|
20
|
+
import type { Client } from "../kernel.js";
|
|
21
|
+
/** RFC 8628 device-authorization start response. */
|
|
22
|
+
export interface DeviceAuthStart {
|
|
23
|
+
device_code: string;
|
|
24
|
+
user_code: string;
|
|
25
|
+
verification_uri: string;
|
|
26
|
+
/** Pre-fills the user_code so the human can click straight through. */
|
|
27
|
+
verification_uri_complete?: string;
|
|
28
|
+
expires_in: number;
|
|
29
|
+
/** Minimum seconds between `devicePoll` calls. */
|
|
30
|
+
interval: number;
|
|
31
|
+
}
|
|
32
|
+
/** The operator-session token payload (wire shape; relative `expires_in`). */
|
|
33
|
+
export interface OperatorSessionToken {
|
|
34
|
+
operator_session_token: string;
|
|
35
|
+
token_type: string;
|
|
36
|
+
expires_in: number;
|
|
37
|
+
absolute_expires_at: string;
|
|
38
|
+
email: string;
|
|
39
|
+
wallets: string[];
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Result of one `devicePoll`. The non-approved states are the RFC 8628 token
|
|
43
|
+
* error codes — they are expected polling states, NOT thrown errors, so callers
|
|
44
|
+
* can run the poll loop without try/catch.
|
|
45
|
+
*/
|
|
46
|
+
export type DevicePollResult = {
|
|
47
|
+
kind: "approved";
|
|
48
|
+
session: OperatorSessionToken;
|
|
49
|
+
} | {
|
|
50
|
+
kind: "authorization_pending";
|
|
51
|
+
} | {
|
|
52
|
+
kind: "slow_down";
|
|
53
|
+
} | {
|
|
54
|
+
kind: "access_denied";
|
|
55
|
+
} | {
|
|
56
|
+
kind: "expired_token";
|
|
57
|
+
};
|
|
58
|
+
/**
|
|
59
|
+
* Account overview. Forward-compatible: the gateway owns the exact shape and
|
|
60
|
+
* may add fields, so unknown keys are preserved via the index signature.
|
|
61
|
+
* `scope.kind` is `"email"` for the operator-session (email-union) and
|
|
62
|
+
* `"wallet"` for a SIWX slice.
|
|
63
|
+
*/
|
|
64
|
+
export interface OperatorOverview {
|
|
65
|
+
scope?: {
|
|
66
|
+
kind?: "email" | "wallet" | string;
|
|
67
|
+
principal?: string;
|
|
68
|
+
};
|
|
69
|
+
rollup?: Record<string, unknown>;
|
|
70
|
+
billing_accounts?: unknown[];
|
|
71
|
+
wallets?: unknown[];
|
|
72
|
+
advisories?: unknown[];
|
|
73
|
+
[key: string]: unknown;
|
|
74
|
+
}
|
|
75
|
+
export declare class Operator {
|
|
76
|
+
private readonly client;
|
|
77
|
+
constructor(client: Client);
|
|
78
|
+
/**
|
|
79
|
+
* Begin the device-authorization flow. Unauthenticated. Returns the codes the
|
|
80
|
+
* CLI prints (`user_code` + `verification_uri`) plus the poll `interval` and
|
|
81
|
+
* `expires_in`.
|
|
82
|
+
*/
|
|
83
|
+
deviceStart(opts?: {
|
|
84
|
+
clientName?: string;
|
|
85
|
+
}): Promise<DeviceAuthStart>;
|
|
86
|
+
/**
|
|
87
|
+
* Poll once for approval. Bypasses the kernel's error mapping on purpose: the
|
|
88
|
+
* RFC 8628 error codes (`authorization_pending`, `slow_down`, ...) are normal
|
|
89
|
+
* polling states returned as data, not exceptions. Only an unexpected
|
|
90
|
+
* response shape throws.
|
|
91
|
+
*/
|
|
92
|
+
devicePoll(deviceCode: string): Promise<DevicePollResult>;
|
|
93
|
+
/**
|
|
94
|
+
* Fetch the account overview. With `opts.token` the request carries the
|
|
95
|
+
* operator-session bearer and returns the email-union; without it the request
|
|
96
|
+
* falls back to the credential provider's default auth (SIWX) and returns
|
|
97
|
+
* that wallet's slice. The CLI always passes a token (human-only surface); the
|
|
98
|
+
* SDK supports both because the gateway endpoint accepts both principals.
|
|
99
|
+
*/
|
|
100
|
+
overview(opts?: {
|
|
101
|
+
token?: string;
|
|
102
|
+
}): Promise<OperatorOverview>;
|
|
103
|
+
/**
|
|
104
|
+
* Revoke the operator session server-side (the server half of
|
|
105
|
+
* `operator logout`). Idempotent on the gateway; returns 204. The local cache
|
|
106
|
+
* is cleared separately by the CLI.
|
|
107
|
+
*/
|
|
108
|
+
revoke(opts: {
|
|
109
|
+
token: string;
|
|
110
|
+
}): Promise<void>;
|
|
111
|
+
}
|
|
112
|
+
//# sourceMappingURL=operator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"operator.d.ts","sourceRoot":"","sources":["../../src/namespaces/operator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAG3C,oDAAoD;AACpD,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,uEAAuE;IACvE,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,kDAAkD;IAClD,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,8EAA8E;AAC9E,MAAM,WAAW,oBAAoB;IACnC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED;;;;GAIG;AACH,MAAM,MAAM,gBAAgB,GACxB;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,OAAO,EAAE,oBAAoB,CAAA;CAAE,GACnD;IAAE,IAAI,EAAE,uBAAuB,CAAA;CAAE,GACjC;IAAE,IAAI,EAAE,WAAW,CAAA;CAAE,GACrB;IAAE,IAAI,EAAE,eAAe,CAAA;CAAE,GACzB;IAAE,IAAI,EAAE,eAAe,CAAA;CAAE,CAAC;AAE9B;;;;;GAKG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACnE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,gBAAgB,CAAC,EAAE,OAAO,EAAE,CAAC;IAC7B,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC;IACpB,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC;IACvB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AASD,qBAAa,QAAQ;IACP,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,MAAM;IAE3C;;;;OAIG;IACG,WAAW,CAAC,IAAI,GAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,eAAe,CAAC;IAS/E;;;;;OAKG;IACG,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAgC/D;;;;;;OAMG;IACG,QAAQ,CAAC,IAAI,GAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAaxE;;;;OAIG;IACG,MAAM,CAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAQrD"}
|
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `operator` namespace — the *human* (email) principal, distinct from the
|
|
3
|
+
* agent's per-wallet SIWX identity.
|
|
4
|
+
*
|
|
5
|
+
* The human authenticates in the browser via an OAuth 2.0 device-authorization
|
|
6
|
+
* grant (RFC 8628, the `aws sso login` model): `deviceStart` returns a
|
|
7
|
+
* user-facing code + URL, the human approves it via the existing magic-link or
|
|
8
|
+
* passkey web flow, and `devicePoll` brokers the resulting operator-session
|
|
9
|
+
* token. `overview` reads the email-union account view with that token, and
|
|
10
|
+
* `revoke` ends the session server-side.
|
|
11
|
+
*
|
|
12
|
+
* Bearer auth is passed explicitly (`opts.token`) rather than sourced from a
|
|
13
|
+
* credential provider, because the operator session is a Node-only on-disk
|
|
14
|
+
* cache (`core/operator-session.ts`) and this namespace stays isomorphic. The
|
|
15
|
+
* `device*` endpoints are unauthenticated (the `device_code` in the body is the
|
|
16
|
+
* credential), so they send no auth headers.
|
|
17
|
+
*
|
|
18
|
+
* Gateway contract: kychee-com/run402-private#443 (RFC 8628 device-auth bridge).
|
|
19
|
+
*/
|
|
20
|
+
import { ApiError, NetworkError } from "../errors.js";
|
|
21
|
+
const POLL_ERROR_CODES = new Set([
|
|
22
|
+
"authorization_pending",
|
|
23
|
+
"slow_down",
|
|
24
|
+
"access_denied",
|
|
25
|
+
"expired_token",
|
|
26
|
+
]);
|
|
27
|
+
export class Operator {
|
|
28
|
+
client;
|
|
29
|
+
constructor(client) {
|
|
30
|
+
this.client = client;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Begin the device-authorization flow. Unauthenticated. Returns the codes the
|
|
34
|
+
* CLI prints (`user_code` + `verification_uri`) plus the poll `interval` and
|
|
35
|
+
* `expires_in`.
|
|
36
|
+
*/
|
|
37
|
+
async deviceStart(opts = {}) {
|
|
38
|
+
return this.client.request("/agent/v1/operator/session/device", {
|
|
39
|
+
method: "POST",
|
|
40
|
+
body: opts.clientName ? { client_name: opts.clientName } : {},
|
|
41
|
+
withAuth: false,
|
|
42
|
+
context: "starting operator device authorization",
|
|
43
|
+
});
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Poll once for approval. Bypasses the kernel's error mapping on purpose: the
|
|
47
|
+
* RFC 8628 error codes (`authorization_pending`, `slow_down`, ...) are normal
|
|
48
|
+
* polling states returned as data, not exceptions. Only an unexpected
|
|
49
|
+
* response shape throws.
|
|
50
|
+
*/
|
|
51
|
+
async devicePoll(deviceCode) {
|
|
52
|
+
const url = `${this.client.apiBase}/agent/v1/operator/session/device/token`;
|
|
53
|
+
let res;
|
|
54
|
+
try {
|
|
55
|
+
res = await this.client.fetch(url, {
|
|
56
|
+
method: "POST",
|
|
57
|
+
headers: { "Content-Type": "application/json" },
|
|
58
|
+
body: JSON.stringify({ device_code: deviceCode }),
|
|
59
|
+
});
|
|
60
|
+
}
|
|
61
|
+
catch (err) {
|
|
62
|
+
throw new NetworkError(`Network error while polling operator device token: ${err.message}`, err, "polling operator device token");
|
|
63
|
+
}
|
|
64
|
+
const body = (await res.json().catch(() => null));
|
|
65
|
+
if (res.ok && body && typeof body.operator_session_token === "string") {
|
|
66
|
+
return { kind: "approved", session: body };
|
|
67
|
+
}
|
|
68
|
+
const error = body && typeof body.error === "string" ? body.error : null;
|
|
69
|
+
if (error && POLL_ERROR_CODES.has(error)) {
|
|
70
|
+
return { kind: error };
|
|
71
|
+
}
|
|
72
|
+
throw new ApiError(`Unexpected operator device-token response (HTTP ${res.status})`, res.status, body, "polling operator device token");
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* Fetch the account overview. With `opts.token` the request carries the
|
|
76
|
+
* operator-session bearer and returns the email-union; without it the request
|
|
77
|
+
* falls back to the credential provider's default auth (SIWX) and returns
|
|
78
|
+
* that wallet's slice. The CLI always passes a token (human-only surface); the
|
|
79
|
+
* SDK supports both because the gateway endpoint accepts both principals.
|
|
80
|
+
*/
|
|
81
|
+
async overview(opts = {}) {
|
|
82
|
+
if (opts.token) {
|
|
83
|
+
return this.client.request("/agent/v1/operator/overview", {
|
|
84
|
+
headers: { Authorization: `Bearer ${opts.token}` },
|
|
85
|
+
withAuth: false,
|
|
86
|
+
context: "fetching operator overview",
|
|
87
|
+
});
|
|
88
|
+
}
|
|
89
|
+
return this.client.request("/agent/v1/operator/overview", {
|
|
90
|
+
context: "fetching operator overview",
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* Revoke the operator session server-side (the server half of
|
|
95
|
+
* `operator logout`). Idempotent on the gateway; returns 204. The local cache
|
|
96
|
+
* is cleared separately by the CLI.
|
|
97
|
+
*/
|
|
98
|
+
async revoke(opts) {
|
|
99
|
+
await this.client.request("/agent/v1/operator/session/revoke", {
|
|
100
|
+
method: "POST",
|
|
101
|
+
headers: { Authorization: `Bearer ${opts.token}` },
|
|
102
|
+
withAuth: false,
|
|
103
|
+
context: "revoking operator session",
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
//# sourceMappingURL=operator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"operator.js","sourceRoot":"","sources":["../../src/namespaces/operator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAmDtD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,uBAAuB;IACvB,WAAW;IACX,eAAe;IACf,eAAe;CAChB,CAAC,CAAC;AAEH,MAAM,OAAO,QAAQ;IACU;IAA7B,YAA6B,MAAc;QAAd,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAE/C;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,OAAgC,EAAE;QAClD,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAkB,mCAAmC,EAAE;YAC/E,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE;YAC7D,QAAQ,EAAE,KAAK;YACf,OAAO,EAAE,wCAAwC;SAClD,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,UAAkB;QACjC,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,yCAAyC,CAAC;QAC5E,IAAI,GAAa,CAAC;QAClB,IAAI,CAAC;YACH,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE;gBACjC,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;aAClD,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,YAAY,CACpB,sDAAuD,GAAa,CAAC,OAAO,EAAE,EAC9E,GAAG,EACH,+BAA+B,CAChC,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAmC,CAAC;QACpF,IAAI,GAAG,CAAC,EAAE,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;YACtE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,IAAuC,EAAE,CAAC;QAChF,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,IAAI,KAAK,IAAI,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,IAAI,EAAE,KAAsD,EAAE,CAAC;QAC1E,CAAC;QACD,MAAM,IAAI,QAAQ,CAChB,mDAAmD,GAAG,CAAC,MAAM,GAAG,EAChE,GAAG,CAAC,MAAM,EACV,IAAI,EACJ,+BAA+B,CAChC,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,QAAQ,CAAC,OAA2B,EAAE;QAC1C,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAmB,6BAA6B,EAAE;gBAC1E,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,KAAK,EAAE,EAAE;gBAClD,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,4BAA4B;aACtC,CAAC,CAAC;QACL,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAmB,6BAA6B,EAAE;YAC1E,OAAO,EAAE,4BAA4B;SACtC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM,CAAC,IAAuB;QAClC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAU,mCAAmC,EAAE;YACtE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,KAAK,EAAE,EAAE;YAClD,QAAQ,EAAE,KAAK;YACf,OAAO,EAAE,2BAA2B;SACrC,CAAC,CAAC;IACL,CAAC;CACF"}
|