t3code-cli 0.3.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/bin.js +414 -87
- package/dist/index.js +2 -2
- package/dist/{runtime-CMPZpQaG.js → runtime-15tR27tv.js} +4764 -2045
- package/dist/src/application/layer.d.ts +3 -3
- package/dist/src/application/models.d.ts +1 -1
- package/dist/src/application/projects.d.ts +1 -1
- package/dist/src/application/threads.d.ts +1 -1
- package/dist/src/auth/error.d.ts +20 -1
- package/dist/src/auth/layer.d.ts +11 -22
- package/dist/src/auth/local.d.ts +22 -14
- package/dist/src/auth/pairing.d.ts +20 -2
- package/dist/src/auth/schema.d.ts +25 -34
- package/dist/src/auth/service.d.ts +4 -3
- package/dist/src/auth/transport.d.ts +13 -20
- package/dist/src/auth/type.d.ts +6 -1
- package/dist/src/domain/model-config.d.ts +3 -3
- package/dist/src/index.d.ts +19 -1
- package/dist/src/orchestration/layer.d.ts +3 -3
- package/dist/src/rpc/layer.d.ts +8 -8
- package/dist/src/rpc/ws-group.d.ts +3 -3
- package/dist/src/runtime.d.ts +6 -2
- package/dist/src/sql/node-sqlite-client.d.ts +10 -0
- package/dist/src/sql/service.d.ts +17 -0
- package/dist/upstream-t3code/packages/contracts/src/auth.d.ts +14 -12
- package/dist/upstream-t3code/packages/contracts/src/environmentHttp.d.ts +167 -7
- package/dist/upstream-t3code/packages/contracts/src/index.d.ts +1 -0
- package/dist/upstream-t3code/packages/contracts/src/ipc.d.ts +24 -0
- package/dist/upstream-t3code/packages/contracts/src/providerRuntime.d.ts +90 -0
- package/dist/upstream-t3code/packages/contracts/src/relay.d.ts +1262 -0
- package/dist/upstream-t3code/packages/contracts/src/relayClient.d.ts +48 -0
- package/dist/upstream-t3code/packages/contracts/src/rpc.d.ts +78 -9
- package/dist/upstream-t3code/packages/contracts/src/server.d.ts +3 -3
- package/package.json +3 -3
- package/src/auth/error.ts +33 -1
- package/src/auth/layer.ts +23 -71
- package/src/auth/local.ts +321 -209
- package/src/auth/pairing.ts +33 -2
- package/src/auth/schema.ts +21 -28
- package/src/auth/service.ts +4 -3
- package/src/auth/transport.ts +59 -22
- package/src/auth/type.ts +7 -1
- package/src/cli/auth.ts +3 -3
- package/src/index.ts +50 -1
- package/src/rpc/layer.ts +2 -2
- package/src/runtime.ts +13 -2
- package/src/sql/node-sqlite-client.ts +141 -0
- package/src/sql/service.ts +21 -0
|
@@ -52,8 +52,10 @@ export type ServerAuthBootstrapMethod = typeof ServerAuthBootstrapMethod.Type;
|
|
|
52
52
|
* app after bootstrap/pairing
|
|
53
53
|
* - `bearer-access-token`: scoped token suitable for non-cookie or
|
|
54
54
|
* non-browser clients
|
|
55
|
+
* - `dpop-access-token`: scoped proof-of-possession token used by managed
|
|
56
|
+
* relay connections
|
|
55
57
|
*/
|
|
56
|
-
export declare const ServerAuthSessionMethod: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
58
|
+
export declare const ServerAuthSessionMethod: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
57
59
|
export type ServerAuthSessionMethod = typeof ServerAuthSessionMethod.Type;
|
|
58
60
|
export declare const AuthOrchestrationReadScope: "orchestration:read";
|
|
59
61
|
export declare const AuthOrchestrationOperateScope: "orchestration:operate";
|
|
@@ -95,7 +97,7 @@ export declare const AuthEnvironmentBootstrapTokenType: "urn:t3:params:oauth:tok
|
|
|
95
97
|
export declare const ServerAuthDescriptor: Schema.Struct<{
|
|
96
98
|
readonly policy: Schema.Literals<readonly ["desktop-managed-local", "loopback-browser", "remote-reachable", "unsafe-no-auth"]>;
|
|
97
99
|
readonly bootstrapMethods: Schema.$Array<Schema.Literals<readonly ["desktop-bootstrap", "one-time-token"]>>;
|
|
98
|
-
readonly sessionMethods: Schema.$Array<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>>;
|
|
100
|
+
readonly sessionMethods: Schema.$Array<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>>;
|
|
99
101
|
readonly sessionCookieName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
100
102
|
}>;
|
|
101
103
|
export type ServerAuthDescriptor = typeof ServerAuthDescriptor.Type;
|
|
@@ -106,7 +108,7 @@ export type AuthBrowserSessionRequest = typeof AuthBrowserSessionRequest.Type;
|
|
|
106
108
|
export declare const AuthBrowserSessionResult: Schema.Struct<{
|
|
107
109
|
readonly authenticated: Schema.Literal<true>;
|
|
108
110
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
109
|
-
readonly sessionMethod: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
111
|
+
readonly sessionMethod: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
110
112
|
readonly expiresAt: Schema.DateTimeUtc;
|
|
111
113
|
}>;
|
|
112
114
|
export type AuthBrowserSessionResult = typeof AuthBrowserSessionResult.Type;
|
|
@@ -132,7 +134,7 @@ export type AuthTokenExchangeRequest = typeof AuthTokenExchangeRequest.Type;
|
|
|
132
134
|
export declare const AuthAccessTokenResult: Schema.Struct<{
|
|
133
135
|
readonly access_token: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
134
136
|
readonly issued_token_type: Schema.Literal<"urn:ietf:params:oauth:token-type:access_token">;
|
|
135
|
-
readonly token_type: Schema.
|
|
137
|
+
readonly token_type: Schema.Literals<readonly ["Bearer", "DPoP"]>;
|
|
136
138
|
readonly expires_in: Schema.Number;
|
|
137
139
|
readonly scope: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
138
140
|
}>;
|
|
@@ -172,7 +174,7 @@ export declare const AuthClientSession: Schema.Struct<{
|
|
|
172
174
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
173
175
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
174
176
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
175
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
177
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
176
178
|
readonly client: Schema.Struct<{
|
|
177
179
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
178
180
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -202,7 +204,7 @@ export declare const AuthAccessSnapshot: Schema.Struct<{
|
|
|
202
204
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
203
205
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
204
206
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
205
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
207
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
206
208
|
readonly client: Schema.Struct<{
|
|
207
209
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
208
210
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -237,7 +239,7 @@ export declare const AuthAccessStreamSnapshotEvent: Schema.Struct<{
|
|
|
237
239
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
238
240
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
239
241
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
240
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
242
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
241
243
|
readonly client: Schema.Struct<{
|
|
242
244
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
243
245
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -298,7 +300,7 @@ export declare const AuthAccessStreamClientUpsertedEvent: Schema.Struct<{
|
|
|
298
300
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
299
301
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
300
302
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
301
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
303
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
302
304
|
readonly client: Schema.Struct<{
|
|
303
305
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
304
306
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -342,7 +344,7 @@ export declare const AuthAccessStreamEvent: Schema.Union<readonly [Schema.Struct
|
|
|
342
344
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
343
345
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
344
346
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
345
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
347
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
346
348
|
readonly client: Schema.Struct<{
|
|
347
349
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
348
350
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -386,7 +388,7 @@ export declare const AuthAccessStreamEvent: Schema.Union<readonly [Schema.Struct
|
|
|
386
388
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
387
389
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
388
390
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
389
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
391
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
390
392
|
readonly client: Schema.Struct<{
|
|
391
393
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
392
394
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -428,11 +430,11 @@ export declare const AuthSessionState: Schema.Struct<{
|
|
|
428
430
|
readonly auth: Schema.Struct<{
|
|
429
431
|
readonly policy: Schema.Literals<readonly ["desktop-managed-local", "loopback-browser", "remote-reachable", "unsafe-no-auth"]>;
|
|
430
432
|
readonly bootstrapMethods: Schema.$Array<Schema.Literals<readonly ["desktop-bootstrap", "one-time-token"]>>;
|
|
431
|
-
readonly sessionMethods: Schema.$Array<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>>;
|
|
433
|
+
readonly sessionMethods: Schema.$Array<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>>;
|
|
432
434
|
readonly sessionCookieName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
433
435
|
}>;
|
|
434
436
|
readonly scopes: Schema.optionalKey<Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>>;
|
|
435
|
-
readonly sessionMethod: Schema.optionalKey<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>>;
|
|
437
|
+
readonly sessionMethod: Schema.optionalKey<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>>;
|
|
436
438
|
readonly expiresAt: Schema.optionalKey<Schema.DateTimeUtc>;
|
|
437
439
|
}>;
|
|
438
440
|
export type AuthSessionState = typeof AuthSessionState.Type;
|
|
@@ -59,11 +59,49 @@ export declare class EnvironmentInternalError extends EnvironmentInternalError_b
|
|
|
59
59
|
}
|
|
60
60
|
export declare const EnvironmentHttpCommonError: Schema.Union<readonly [typeof EnvironmentRequestInvalidError, typeof EnvironmentAuthInvalidError, typeof EnvironmentScopeRequiredError, typeof EnvironmentOperationForbiddenError, typeof EnvironmentInternalError]>;
|
|
61
61
|
export type EnvironmentHttpCommonError = typeof EnvironmentHttpCommonError.Type;
|
|
62
|
+
declare const EnvironmentHttpBadRequestError_base: Schema.Class<EnvironmentHttpBadRequestError, Schema.TaggedStruct<"EnvironmentHttpBadRequestError", {
|
|
63
|
+
readonly message: Schema.String;
|
|
64
|
+
}>, import("effect/Cause").YieldableError>;
|
|
65
|
+
export declare class EnvironmentHttpBadRequestError extends EnvironmentHttpBadRequestError_base {
|
|
66
|
+
[HttpServerRespondable.symbol](): import("effect/Effect").Effect<HttpServerResponse.HttpServerResponse, import("effect/unstable/http/HttpBody").HttpBodyError, never>;
|
|
67
|
+
}
|
|
68
|
+
declare const EnvironmentHttpUnauthorizedError_base: Schema.Class<EnvironmentHttpUnauthorizedError, Schema.TaggedStruct<"EnvironmentHttpUnauthorizedError", {
|
|
69
|
+
readonly message: Schema.String;
|
|
70
|
+
}>, import("effect/Cause").YieldableError>;
|
|
71
|
+
export declare class EnvironmentHttpUnauthorizedError extends EnvironmentHttpUnauthorizedError_base {
|
|
72
|
+
[HttpServerRespondable.symbol](): import("effect/Effect").Effect<HttpServerResponse.HttpServerResponse, import("effect/unstable/http/HttpBody").HttpBodyError, never>;
|
|
73
|
+
}
|
|
74
|
+
declare const EnvironmentHttpForbiddenError_base: Schema.Class<EnvironmentHttpForbiddenError, Schema.TaggedStruct<"EnvironmentHttpForbiddenError", {
|
|
75
|
+
readonly message: Schema.String;
|
|
76
|
+
}>, import("effect/Cause").YieldableError>;
|
|
77
|
+
export declare class EnvironmentHttpForbiddenError extends EnvironmentHttpForbiddenError_base {
|
|
78
|
+
[HttpServerRespondable.symbol](): import("effect/Effect").Effect<HttpServerResponse.HttpServerResponse, import("effect/unstable/http/HttpBody").HttpBodyError, never>;
|
|
79
|
+
}
|
|
80
|
+
declare const EnvironmentHttpInternalServerError_base: Schema.Class<EnvironmentHttpInternalServerError, Schema.TaggedStruct<"EnvironmentHttpInternalServerError", {
|
|
81
|
+
readonly message: Schema.String;
|
|
82
|
+
}>, import("effect/Cause").YieldableError>;
|
|
83
|
+
export declare class EnvironmentHttpInternalServerError extends EnvironmentHttpInternalServerError_base {
|
|
84
|
+
[HttpServerRespondable.symbol](): import("effect/Effect").Effect<HttpServerResponse.HttpServerResponse, import("effect/unstable/http/HttpBody").HttpBodyError, never>;
|
|
85
|
+
}
|
|
86
|
+
declare const EnvironmentHttpConflictError_base: Schema.Class<EnvironmentHttpConflictError, Schema.TaggedStruct<"EnvironmentHttpConflictError", {
|
|
87
|
+
readonly message: Schema.String;
|
|
88
|
+
}>, import("effect/Cause").YieldableError>;
|
|
89
|
+
export declare class EnvironmentHttpConflictError extends EnvironmentHttpConflictError_base {
|
|
90
|
+
[HttpServerRespondable.symbol](): import("effect/Effect").Effect<HttpServerResponse.HttpServerResponse, import("effect/unstable/http/HttpBody").HttpBodyError, never>;
|
|
91
|
+
}
|
|
92
|
+
declare const EnvironmentCloudEndpointUnavailableError_base: Schema.Class<EnvironmentCloudEndpointUnavailableError, Schema.TaggedStruct<"EnvironmentCloudEndpointUnavailableError", {
|
|
93
|
+
readonly message: Schema.String;
|
|
94
|
+
readonly endpointRuntimeStatus: Schema.Unknown;
|
|
95
|
+
}>, import("effect/Cause").YieldableError>;
|
|
96
|
+
export declare class EnvironmentCloudEndpointUnavailableError extends EnvironmentCloudEndpointUnavailableError_base {
|
|
97
|
+
[HttpServerRespondable.symbol](): import("effect/Effect").Effect<HttpServerResponse.HttpServerResponse, import("effect/unstable/http/HttpBody").HttpBodyError, never>;
|
|
98
|
+
}
|
|
62
99
|
export interface EnvironmentSessionPrincipalShape {
|
|
63
100
|
readonly sessionId: AuthSessionId;
|
|
64
101
|
readonly subject: string;
|
|
65
102
|
readonly method: ServerAuthSessionMethod;
|
|
66
103
|
readonly scopes: ReadonlySet<AuthEnvironmentScope>;
|
|
104
|
+
readonly proofKeyThumbprint?: string;
|
|
67
105
|
readonly expiresAt?: DateTime.DateTime;
|
|
68
106
|
}
|
|
69
107
|
declare const EnvironmentAuthenticatedPrincipal_base: Context.ServiceClass<EnvironmentAuthenticatedPrincipal, "@t3tools/contracts/environmentHttp/EnvironmentAuthenticatedPrincipal", EnvironmentSessionPrincipalShape>;
|
|
@@ -79,6 +117,23 @@ declare const EnvironmentAuthenticatedAuth_base: HttpApiMiddleware.ServiceClass<
|
|
|
79
117
|
}, HttpApiMiddleware.HttpApiMiddleware<EnvironmentAuthenticatedPrincipal, readonly [typeof EnvironmentAuthInvalidError, typeof EnvironmentInternalError], never>>;
|
|
80
118
|
export declare class EnvironmentAuthenticatedAuth extends EnvironmentAuthenticatedAuth_base {
|
|
81
119
|
}
|
|
120
|
+
export declare const EnvironmentCloudRelayConfigResult: Schema.Struct<{
|
|
121
|
+
readonly ok: Schema.Boolean;
|
|
122
|
+
readonly endpointRuntimeStatus: Schema.Unknown;
|
|
123
|
+
}>;
|
|
124
|
+
export type EnvironmentCloudRelayConfigResult = typeof EnvironmentCloudRelayConfigResult.Type;
|
|
125
|
+
export declare const EnvironmentCloudLinkStateResult: Schema.Struct<{
|
|
126
|
+
readonly linked: Schema.Boolean;
|
|
127
|
+
readonly cloudUserId: Schema.NullOr<Schema.String>;
|
|
128
|
+
readonly relayUrl: Schema.NullOr<Schema.String>;
|
|
129
|
+
readonly relayIssuer: Schema.NullOr<Schema.String>;
|
|
130
|
+
readonly publishAgentActivity: Schema.Boolean;
|
|
131
|
+
}>;
|
|
132
|
+
export type EnvironmentCloudLinkStateResult = typeof EnvironmentCloudLinkStateResult.Type;
|
|
133
|
+
export declare const EnvironmentCloudPreferencesRequest: Schema.Struct<{
|
|
134
|
+
readonly publishAgentActivity: Schema.Boolean;
|
|
135
|
+
}>;
|
|
136
|
+
export type EnvironmentCloudPreferencesRequest = typeof EnvironmentCloudPreferencesRequest.Type;
|
|
82
137
|
export declare const AuthPairingLinkRevokeResult: Schema.Struct<{
|
|
83
138
|
readonly revoked: Schema.Boolean;
|
|
84
139
|
}>;
|
|
@@ -107,23 +162,24 @@ export declare class EnvironmentMetadataHttpApi extends EnvironmentMetadataHttpA
|
|
|
107
162
|
}
|
|
108
163
|
declare const EnvironmentAuthHttpApi_base: HttpApiGroup.HttpApiGroup<"auth", HttpApiEndpoint.HttpApiEndpoint<"session", "GET", "/api/auth/session", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
109
164
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
165
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
110
166
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
111
167
|
readonly authenticated: Schema.Boolean;
|
|
112
168
|
readonly auth: Schema.Struct<{
|
|
113
169
|
readonly policy: Schema.Literals<readonly ["desktop-managed-local", "loopback-browser", "remote-reachable", "unsafe-no-auth"]>;
|
|
114
170
|
readonly bootstrapMethods: Schema.$Array<Schema.Literals<readonly ["desktop-bootstrap", "one-time-token"]>>;
|
|
115
|
-
readonly sessionMethods: Schema.$Array<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>>;
|
|
171
|
+
readonly sessionMethods: Schema.$Array<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>>;
|
|
116
172
|
readonly sessionCookieName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
117
173
|
}>;
|
|
118
174
|
readonly scopes: Schema.optionalKey<Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>>;
|
|
119
|
-
readonly sessionMethod: Schema.optionalKey<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>>;
|
|
175
|
+
readonly sessionMethod: Schema.optionalKey<Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>>;
|
|
120
176
|
readonly expiresAt: Schema.optionalKey<Schema.DateTimeUtc>;
|
|
121
177
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentInternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"browserSession", "POST", "/api/auth/browser-session", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
122
178
|
readonly credential: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
123
179
|
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
124
180
|
readonly authenticated: Schema.Literal<true>;
|
|
125
181
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
126
|
-
readonly sessionMethod: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
182
|
+
readonly sessionMethod: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
127
183
|
readonly expiresAt: Schema.DateTimeUtc;
|
|
128
184
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentAuthInvalidError | typeof EnvironmentInternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"token", "POST", "/oauth/token", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
129
185
|
readonly grant_type: Schema.Literal<"urn:ietf:params:oauth:grant-type:token-exchange">;
|
|
@@ -134,14 +190,17 @@ declare const EnvironmentAuthHttpApi_base: HttpApiGroup.HttpApiGroup<"auth", Htt
|
|
|
134
190
|
readonly client_label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
135
191
|
readonly client_device_type: Schema.optionalKey<Schema.Literals<readonly ["desktop", "mobile", "tablet", "bot", "unknown"]>>;
|
|
136
192
|
readonly client_os: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
137
|
-
}>>, HttpApiEndpoint.StringTree<
|
|
193
|
+
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
194
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
195
|
+
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
138
196
|
readonly access_token: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
139
197
|
readonly issued_token_type: Schema.Literal<"urn:ietf:params:oauth:token-type:access_token">;
|
|
140
|
-
readonly token_type: Schema.
|
|
198
|
+
readonly token_type: Schema.Literals<readonly ["Bearer", "DPoP"]>;
|
|
141
199
|
readonly expires_in: Schema.Number;
|
|
142
200
|
readonly scope: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
143
201
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentRequestInvalidError | typeof EnvironmentAuthInvalidError | typeof EnvironmentInternalError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"webSocketTicket", "POST", "/api/auth/websocket-ticket", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
144
202
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
203
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
145
204
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
146
205
|
readonly ticket: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
147
206
|
readonly expiresAt: Schema.DateTimeUtc;
|
|
@@ -150,6 +209,7 @@ declare const EnvironmentAuthHttpApi_base: HttpApiGroup.HttpApiGroup<"auth", Htt
|
|
|
150
209
|
readonly scopes: Schema.optionalKey<Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>>;
|
|
151
210
|
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
152
211
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
212
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
153
213
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
154
214
|
readonly id: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
155
215
|
readonly credential: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
@@ -157,6 +217,7 @@ declare const EnvironmentAuthHttpApi_base: HttpApiGroup.HttpApiGroup<"auth", Htt
|
|
|
157
217
|
readonly expiresAt: Schema.DateTimeUtc;
|
|
158
218
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentRequestInvalidError | typeof EnvironmentScopeRequiredError | typeof EnvironmentInternalError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"pairingLinks", "GET", "/api/auth/pairing-links", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
159
219
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
220
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
160
221
|
}>>, HttpApiEndpoint.Json<Schema.$Array<Schema.Struct<{
|
|
161
222
|
readonly id: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
162
223
|
readonly credential: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
@@ -169,15 +230,17 @@ declare const EnvironmentAuthHttpApi_base: HttpApiGroup.HttpApiGroup<"auth", Htt
|
|
|
169
230
|
readonly id: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
170
231
|
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
171
232
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
233
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
172
234
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
173
235
|
readonly revoked: Schema.Boolean;
|
|
174
236
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentInternalError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"clients", "GET", "/api/auth/clients", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
175
237
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
238
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
176
239
|
}>>, HttpApiEndpoint.Json<Schema.$Array<Schema.Struct<{
|
|
177
240
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
178
241
|
readonly subject: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
179
242
|
readonly scopes: Schema.$Array<Schema.Literals<readonly ["orchestration:read", "orchestration:operate", "terminal:operate", "review:write", "access:read", "access:write", "relay:read", "relay:write"]>>;
|
|
180
|
-
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token"]>;
|
|
243
|
+
readonly method: Schema.Literals<readonly ["browser-session-cookie", "bearer-access-token", "dpop-access-token"]>;
|
|
181
244
|
readonly client: Schema.Struct<{
|
|
182
245
|
readonly label: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
183
246
|
readonly ipAddress: Schema.optionalKey<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
@@ -195,10 +258,12 @@ declare const EnvironmentAuthHttpApi_base: HttpApiGroup.HttpApiGroup<"auth", Htt
|
|
|
195
258
|
readonly sessionId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "AuthSessionId">;
|
|
196
259
|
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
197
260
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
261
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
198
262
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
199
263
|
readonly revoked: Schema.Boolean;
|
|
200
264
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentOperationForbiddenError | typeof EnvironmentInternalError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"revokeOtherClients", "POST", "/api/auth/clients/revoke-others", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
201
265
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
266
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
202
267
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
203
268
|
readonly revokedCount: Schema.Number;
|
|
204
269
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentInternalError>, EnvironmentAuthenticatedAuth, never>, false>;
|
|
@@ -206,6 +271,7 @@ export declare class EnvironmentAuthHttpApi extends EnvironmentAuthHttpApi_base
|
|
|
206
271
|
}
|
|
207
272
|
declare const EnvironmentOrchestrationHttpApi_base: HttpApiGroup.HttpApiGroup<"orchestration", HttpApiEndpoint.HttpApiEndpoint<"snapshot", "GET", "/api/orchestration/snapshot", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
208
273
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
274
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
209
275
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
210
276
|
readonly snapshotSequence: Schema.Int;
|
|
211
277
|
readonly projects: Schema.$Array<Schema.Struct<{
|
|
@@ -591,12 +657,106 @@ declare const EnvironmentOrchestrationHttpApi_base: HttpApiGroup.HttpApiGroup<"o
|
|
|
591
657
|
readonly createdAt: Schema.String;
|
|
592
658
|
}>]>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
593
659
|
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
660
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
594
661
|
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
595
662
|
readonly sequence: Schema.Int;
|
|
596
663
|
}>>, HttpApiEndpoint.Json<typeof EnvironmentRequestInvalidError | typeof EnvironmentScopeRequiredError | typeof EnvironmentInternalError>, EnvironmentAuthenticatedAuth, never>, false>;
|
|
597
664
|
export declare class EnvironmentOrchestrationHttpApi extends EnvironmentOrchestrationHttpApi_base {
|
|
598
665
|
}
|
|
599
|
-
declare const
|
|
666
|
+
declare const EnvironmentCloudHttpApi_base: HttpApiGroup.HttpApiGroup<"cloud", HttpApiEndpoint.HttpApiEndpoint<"linkProof", "POST", "/api/cloud/link-proof", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
667
|
+
readonly challenge: Schema.String;
|
|
668
|
+
readonly relayIssuer: Schema.String;
|
|
669
|
+
readonly endpoint: Schema.Struct<{
|
|
670
|
+
readonly httpBaseUrl: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
671
|
+
readonly wsBaseUrl: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
672
|
+
readonly providerKind: Schema.Literals<readonly ["manual", "cloudflare_tunnel", "t3_relay"]>;
|
|
673
|
+
}>;
|
|
674
|
+
readonly origin: Schema.Struct<{
|
|
675
|
+
readonly localHttpHost: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
676
|
+
readonly localHttpPort: Schema.Int;
|
|
677
|
+
}>;
|
|
678
|
+
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
679
|
+
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
680
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
681
|
+
}>>, HttpApiEndpoint.Json<Schema.decodeTo<Schema.String, Schema.String, never, never>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"relayConfig", "POST", "/api/cloud/relay-config", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
682
|
+
readonly relayUrl: Schema.String;
|
|
683
|
+
readonly relayIssuer: Schema.optional<Schema.String>;
|
|
684
|
+
readonly cloudUserId: Schema.String;
|
|
685
|
+
readonly environmentCredential: Schema.String;
|
|
686
|
+
readonly cloudMintPublicKey: Schema.String;
|
|
687
|
+
readonly endpointRuntime: Schema.NullOr<Schema.Struct<{
|
|
688
|
+
readonly providerKind: Schema.Literals<readonly ["manual", "cloudflare_tunnel", "t3_relay"]>;
|
|
689
|
+
readonly connectorToken: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
690
|
+
readonly tunnelId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
691
|
+
readonly tunnelName: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
692
|
+
}>>;
|
|
693
|
+
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
694
|
+
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
695
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
696
|
+
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
697
|
+
readonly ok: Schema.Boolean;
|
|
698
|
+
readonly endpointRuntimeStatus: Schema.Unknown;
|
|
699
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError | typeof EnvironmentCloudEndpointUnavailableError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"linkState", "GET", "/api/cloud/link-state", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
700
|
+
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
701
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
702
|
+
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
703
|
+
readonly linked: Schema.Boolean;
|
|
704
|
+
readonly cloudUserId: Schema.NullOr<Schema.String>;
|
|
705
|
+
readonly relayUrl: Schema.NullOr<Schema.String>;
|
|
706
|
+
readonly relayIssuer: Schema.NullOr<Schema.String>;
|
|
707
|
+
readonly publishAgentActivity: Schema.Boolean;
|
|
708
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"unlink", "POST", "/api/cloud/unlink", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<never>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
709
|
+
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
710
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
711
|
+
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
712
|
+
readonly ok: Schema.Boolean;
|
|
713
|
+
readonly endpointRuntimeStatus: Schema.Unknown;
|
|
714
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"preferences", "POST", "/api/cloud/preferences", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
715
|
+
readonly publishAgentActivity: Schema.Boolean;
|
|
716
|
+
}>>, HttpApiEndpoint.StringTree<Schema.Struct<{
|
|
717
|
+
readonly authorization: Schema.optionalKey<Schema.String>;
|
|
718
|
+
readonly dpop: Schema.optionalKey<Schema.String>;
|
|
719
|
+
}>>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
720
|
+
readonly linked: Schema.Boolean;
|
|
721
|
+
readonly cloudUserId: Schema.NullOr<Schema.String>;
|
|
722
|
+
readonly relayUrl: Schema.NullOr<Schema.String>;
|
|
723
|
+
readonly relayIssuer: Schema.NullOr<Schema.String>;
|
|
724
|
+
readonly publishAgentActivity: Schema.Boolean;
|
|
725
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, EnvironmentAuthenticatedAuth, never> | HttpApiEndpoint.HttpApiEndpoint<"health", "POST", "/api/t3-cloud/health", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
726
|
+
readonly proof: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
727
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
728
|
+
readonly environmentId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "EnvironmentId">;
|
|
729
|
+
readonly status: Schema.Literal<"online">;
|
|
730
|
+
readonly descriptor: Schema.Struct<{
|
|
731
|
+
readonly environmentId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "EnvironmentId">;
|
|
732
|
+
readonly label: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
733
|
+
readonly platform: Schema.Struct<{
|
|
734
|
+
readonly os: Schema.Literals<readonly ["darwin", "linux", "windows", "unknown"]>;
|
|
735
|
+
readonly arch: Schema.Literals<readonly ["arm64", "x64", "other"]>;
|
|
736
|
+
}>;
|
|
737
|
+
readonly serverVersion: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
738
|
+
readonly capabilities: Schema.Struct<{
|
|
739
|
+
readonly repositoryIdentity: Schema.withDecodingDefault<Schema.Boolean, never>;
|
|
740
|
+
}>;
|
|
741
|
+
}>;
|
|
742
|
+
readonly checkedAt: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
743
|
+
readonly proof: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
744
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"mintCredential", "POST", "/api/cloud/mint-credential", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
745
|
+
readonly proof: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
746
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
747
|
+
readonly credential: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
748
|
+
readonly expiresAt: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
749
|
+
readonly proof: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
750
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, never, never> | HttpApiEndpoint.HttpApiEndpoint<"t3MintCredential", "POST", "/api/t3-cloud/mint-credential", HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
751
|
+
readonly proof: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
752
|
+
}>>, HttpApiEndpoint.StringTree<never>, HttpApiEndpoint.Json<Schema.Struct<{
|
|
753
|
+
readonly credential: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
754
|
+
readonly expiresAt: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
755
|
+
readonly proof: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
756
|
+
}>>, HttpApiEndpoint.Json<typeof EnvironmentScopeRequiredError | typeof EnvironmentHttpBadRequestError | typeof EnvironmentHttpUnauthorizedError | typeof EnvironmentHttpForbiddenError | typeof EnvironmentHttpInternalServerError | typeof EnvironmentHttpConflictError>, never, never>, false>;
|
|
757
|
+
export declare class EnvironmentCloudHttpApi extends EnvironmentCloudHttpApi_base {
|
|
758
|
+
}
|
|
759
|
+
declare const EnvironmentHttpApi_base: HttpApi.HttpApi<"environment", typeof EnvironmentMetadataHttpApi | typeof EnvironmentAuthHttpApi | typeof EnvironmentOrchestrationHttpApi | typeof EnvironmentCloudHttpApi>;
|
|
600
760
|
export declare class EnvironmentHttpApi extends EnvironmentHttpApi_base {
|
|
601
761
|
}
|
|
602
762
|
export {};
|
|
@@ -2,6 +2,7 @@ export * from "./baseSchemas.ts";
|
|
|
2
2
|
export * from "./auth.ts";
|
|
3
3
|
export * from "./environment.ts";
|
|
4
4
|
export * from "./environmentHttp.ts";
|
|
5
|
+
export * from "./relayClient.ts";
|
|
5
6
|
export * from "./desktopBootstrap.ts";
|
|
6
7
|
export * from "./remoteAccess.ts";
|
|
7
8
|
export * from "./ipc.ts";
|
|
@@ -269,6 +269,9 @@ export declare const PersistedSavedEnvironmentRecordSchema: Schema.Struct<{
|
|
|
269
269
|
readonly username: Schema.NullOr<Schema.String>;
|
|
270
270
|
readonly port: Schema.NullOr<Schema.Number>;
|
|
271
271
|
}>>;
|
|
272
|
+
readonly relayManaged: Schema.optionalKey<Schema.Struct<{
|
|
273
|
+
readonly relayUrl: Schema.String;
|
|
274
|
+
}>>;
|
|
272
275
|
}>;
|
|
273
276
|
export type PersistedSavedEnvironmentRecord = typeof PersistedSavedEnvironmentRecordSchema.Type;
|
|
274
277
|
export type DesktopServerExposureMode = "local-only" | "network-accessible";
|
|
@@ -293,6 +296,21 @@ export interface PickFolderOptions {
|
|
|
293
296
|
export declare const PickFolderOptionsSchema: Schema.Struct<{
|
|
294
297
|
readonly initialPath: Schema.optionalKey<Schema.NullOr<Schema.String>>;
|
|
295
298
|
}>;
|
|
299
|
+
export declare const DesktopCloudAuthFetchInputSchema: Schema.Struct<{
|
|
300
|
+
readonly url: Schema.String;
|
|
301
|
+
readonly method: Schema.optionalKey<Schema.String>;
|
|
302
|
+
readonly headers: Schema.$Record<Schema.String, Schema.String>;
|
|
303
|
+
readonly body: Schema.optionalKey<Schema.String>;
|
|
304
|
+
}>;
|
|
305
|
+
export type DesktopCloudAuthFetchInput = typeof DesktopCloudAuthFetchInputSchema.Type;
|
|
306
|
+
export declare const DesktopCloudAuthFetchResultSchema: Schema.Struct<{
|
|
307
|
+
readonly ok: Schema.Boolean;
|
|
308
|
+
readonly status: Schema.Number;
|
|
309
|
+
readonly statusText: Schema.String;
|
|
310
|
+
readonly headers: Schema.$Record<Schema.String, Schema.String>;
|
|
311
|
+
readonly body: Schema.String;
|
|
312
|
+
}>;
|
|
313
|
+
export type DesktopCloudAuthFetchResult = typeof DesktopCloudAuthFetchResultSchema.Type;
|
|
296
314
|
export interface DesktopBridge {
|
|
297
315
|
getAppBranding: () => DesktopAppBranding | null;
|
|
298
316
|
getLocalEnvironmentBootstrap: () => DesktopEnvironmentBootstrap | null;
|
|
@@ -329,6 +347,12 @@ export interface DesktopBridge {
|
|
|
329
347
|
y: number;
|
|
330
348
|
}) => Promise<T | null>;
|
|
331
349
|
openExternal: (url: string) => Promise<boolean>;
|
|
350
|
+
createCloudAuthRequest: () => Promise<string>;
|
|
351
|
+
getCloudAuthToken: () => Promise<string | null>;
|
|
352
|
+
setCloudAuthToken: (token: string) => Promise<boolean>;
|
|
353
|
+
clearCloudAuthToken: () => Promise<void>;
|
|
354
|
+
fetchCloudAuth: (input: DesktopCloudAuthFetchInput) => Promise<DesktopCloudAuthFetchResult>;
|
|
355
|
+
onCloudAuthCallback: (listener: (rawUrl: string) => void) => () => void;
|
|
332
356
|
onMenuAction: (listener: (action: string) => void) => () => void;
|
|
333
357
|
getUpdateState: () => Promise<DesktopUpdateState>;
|
|
334
358
|
setUpdateChannel: (channel: DesktopUpdateChannel) => Promise<DesktopUpdateState>;
|
|
@@ -368,6 +368,13 @@ declare const FilesPersistedPayload: Schema.Struct<{
|
|
|
368
368
|
}>>>;
|
|
369
369
|
}>;
|
|
370
370
|
export type FilesPersistedPayload = typeof FilesPersistedPayload.Type;
|
|
371
|
+
declare const ToolDeniedPayload: Schema.Struct<{
|
|
372
|
+
readonly toolName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
373
|
+
readonly toolUseId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
374
|
+
readonly reason: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
375
|
+
readonly agentId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
376
|
+
}>;
|
|
377
|
+
export type ToolDeniedPayload = typeof ToolDeniedPayload.Type;
|
|
371
378
|
declare const RuntimeWarningPayload: Schema.Struct<{
|
|
372
379
|
readonly message: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
373
380
|
readonly detail: Schema.optional<Schema.Unknown>;
|
|
@@ -1650,6 +1657,35 @@ declare const ProviderRuntimeFilesPersistedEvent: Schema.Struct<{
|
|
|
1650
1657
|
}>>;
|
|
1651
1658
|
}>;
|
|
1652
1659
|
export type ProviderRuntimeFilesPersistedEvent = typeof ProviderRuntimeFilesPersistedEvent.Type;
|
|
1660
|
+
declare const ProviderRuntimeToolDeniedEvent: Schema.Struct<{
|
|
1661
|
+
readonly type: Schema.Literal<"tool.denied">;
|
|
1662
|
+
readonly payload: Schema.Struct<{
|
|
1663
|
+
readonly toolName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
1664
|
+
readonly toolUseId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1665
|
+
readonly reason: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1666
|
+
readonly agentId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1667
|
+
}>;
|
|
1668
|
+
readonly eventId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "EventId">;
|
|
1669
|
+
readonly provider: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderDriverKind">;
|
|
1670
|
+
readonly providerInstanceId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderInstanceId">>;
|
|
1671
|
+
readonly threadId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ThreadId">;
|
|
1672
|
+
readonly createdAt: Schema.String;
|
|
1673
|
+
readonly turnId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "TurnId">>;
|
|
1674
|
+
readonly itemId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "RuntimeItemId">>;
|
|
1675
|
+
readonly requestId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "RuntimeRequestId">>;
|
|
1676
|
+
readonly providerRefs: Schema.optional<Schema.Struct<{
|
|
1677
|
+
readonly providerTurnId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1678
|
+
readonly providerItemId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderItemId">>;
|
|
1679
|
+
readonly providerRequestId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1680
|
+
}>>;
|
|
1681
|
+
readonly raw: Schema.optional<Schema.Struct<{
|
|
1682
|
+
readonly source: Schema.Union<readonly [Schema.Literal<"codex.app-server.notification">, Schema.Literal<"codex.app-server.request">, Schema.Literal<"codex.eventmsg">, Schema.Literal<"claude.sdk.message">, Schema.Literal<"claude.sdk.permission">, Schema.Literal<"codex.sdk.thread-event">, Schema.Literal<"opencode.sdk.event">, Schema.Literal<"acp.jsonrpc">, Schema.TemplateLiteral<readonly ["acp.", Schema.String, ".extension"]>]>;
|
|
1683
|
+
readonly method: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1684
|
+
readonly messageType: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
1685
|
+
readonly payload: Schema.Unknown;
|
|
1686
|
+
}>>;
|
|
1687
|
+
}>;
|
|
1688
|
+
export type ProviderRuntimeToolDeniedEvent = typeof ProviderRuntimeToolDeniedEvent.Type;
|
|
1653
1689
|
declare const ProviderRuntimeWarningEvent: Schema.Struct<{
|
|
1654
1690
|
readonly type: Schema.Literal<"runtime.warning">;
|
|
1655
1691
|
readonly payload: Schema.Struct<{
|
|
@@ -2886,6 +2922,33 @@ export declare const ProviderRuntimeEventV2: Schema.Union<readonly [Schema.Struc
|
|
|
2886
2922
|
readonly messageType: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2887
2923
|
readonly payload: Schema.Unknown;
|
|
2888
2924
|
}>>;
|
|
2925
|
+
}>, Schema.Struct<{
|
|
2926
|
+
readonly type: Schema.Literal<"tool.denied">;
|
|
2927
|
+
readonly payload: Schema.Struct<{
|
|
2928
|
+
readonly toolName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
2929
|
+
readonly toolUseId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2930
|
+
readonly reason: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2931
|
+
readonly agentId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2932
|
+
}>;
|
|
2933
|
+
readonly eventId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "EventId">;
|
|
2934
|
+
readonly provider: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderDriverKind">;
|
|
2935
|
+
readonly providerInstanceId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderInstanceId">>;
|
|
2936
|
+
readonly threadId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ThreadId">;
|
|
2937
|
+
readonly createdAt: Schema.String;
|
|
2938
|
+
readonly turnId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "TurnId">>;
|
|
2939
|
+
readonly itemId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "RuntimeItemId">>;
|
|
2940
|
+
readonly requestId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "RuntimeRequestId">>;
|
|
2941
|
+
readonly providerRefs: Schema.optional<Schema.Struct<{
|
|
2942
|
+
readonly providerTurnId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2943
|
+
readonly providerItemId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderItemId">>;
|
|
2944
|
+
readonly providerRequestId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2945
|
+
}>>;
|
|
2946
|
+
readonly raw: Schema.optional<Schema.Struct<{
|
|
2947
|
+
readonly source: Schema.Union<readonly [Schema.Literal<"codex.app-server.notification">, Schema.Literal<"codex.app-server.request">, Schema.Literal<"codex.eventmsg">, Schema.Literal<"claude.sdk.message">, Schema.Literal<"claude.sdk.permission">, Schema.Literal<"codex.sdk.thread-event">, Schema.Literal<"opencode.sdk.event">, Schema.Literal<"acp.jsonrpc">, Schema.TemplateLiteral<readonly ["acp.", Schema.String, ".extension"]>]>;
|
|
2948
|
+
readonly method: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2949
|
+
readonly messageType: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
2950
|
+
readonly payload: Schema.Unknown;
|
|
2951
|
+
}>>;
|
|
2889
2952
|
}>, Schema.Struct<{
|
|
2890
2953
|
readonly type: Schema.Literal<"runtime.warning">;
|
|
2891
2954
|
readonly payload: Schema.Struct<{
|
|
@@ -4120,6 +4183,33 @@ export declare const ProviderRuntimeEvent: Schema.Union<readonly [Schema.Struct<
|
|
|
4120
4183
|
readonly messageType: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4121
4184
|
readonly payload: Schema.Unknown;
|
|
4122
4185
|
}>>;
|
|
4186
|
+
}>, Schema.Struct<{
|
|
4187
|
+
readonly type: Schema.Literal<"tool.denied">;
|
|
4188
|
+
readonly payload: Schema.Struct<{
|
|
4189
|
+
readonly toolName: Schema.decodeTo<Schema.String, Schema.String, never, never>;
|
|
4190
|
+
readonly toolUseId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4191
|
+
readonly reason: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4192
|
+
readonly agentId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4193
|
+
}>;
|
|
4194
|
+
readonly eventId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "EventId">;
|
|
4195
|
+
readonly provider: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderDriverKind">;
|
|
4196
|
+
readonly providerInstanceId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderInstanceId">>;
|
|
4197
|
+
readonly threadId: Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ThreadId">;
|
|
4198
|
+
readonly createdAt: Schema.String;
|
|
4199
|
+
readonly turnId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "TurnId">>;
|
|
4200
|
+
readonly itemId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "RuntimeItemId">>;
|
|
4201
|
+
readonly requestId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "RuntimeRequestId">>;
|
|
4202
|
+
readonly providerRefs: Schema.optional<Schema.Struct<{
|
|
4203
|
+
readonly providerTurnId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4204
|
+
readonly providerItemId: Schema.optional<Schema.brand<Schema.decodeTo<Schema.String, Schema.String, never, never>, "ProviderItemId">>;
|
|
4205
|
+
readonly providerRequestId: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4206
|
+
}>>;
|
|
4207
|
+
readonly raw: Schema.optional<Schema.Struct<{
|
|
4208
|
+
readonly source: Schema.Union<readonly [Schema.Literal<"codex.app-server.notification">, Schema.Literal<"codex.app-server.request">, Schema.Literal<"codex.eventmsg">, Schema.Literal<"claude.sdk.message">, Schema.Literal<"claude.sdk.permission">, Schema.Literal<"codex.sdk.thread-event">, Schema.Literal<"opencode.sdk.event">, Schema.Literal<"acp.jsonrpc">, Schema.TemplateLiteral<readonly ["acp.", Schema.String, ".extension"]>]>;
|
|
4209
|
+
readonly method: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4210
|
+
readonly messageType: Schema.optional<Schema.decodeTo<Schema.String, Schema.String, never, never>>;
|
|
4211
|
+
readonly payload: Schema.Unknown;
|
|
4212
|
+
}>>;
|
|
4123
4213
|
}>, Schema.Struct<{
|
|
4124
4214
|
readonly type: Schema.Literal<"runtime.warning">;
|
|
4125
4215
|
readonly payload: Schema.Struct<{
|