vite-plugin-openapi-codegen 2.0.0 → 3.0.0

package/dist/cli.mjs

@@ -52,6 +52,40 @@ function renderOperationTypeAliases(typeAliases) {
 	if (typeAliases.length === 0) return "";
 	return `${typeAliases.map((alias) => `export type ${alias.typeName} = ${alias.definitionExpr};`).join("\n")}\n`;
 }
+function renderAccessPoliciesSource(entries, generatedHeader) {
+	if (entries.length === 0) return "";
+	const lines = [
+		...generatedHeader,
+		"",
+		"export type AccessPolicyKind = \"authenticated\" | \"internal\" | \"public\" | \"role\";",
+		"",
+		"export interface AccessPolicy {",
+		"  kind: AccessPolicyKind;",
+		"  roles?: readonly string[];",
+		"}",
+		"",
+		"export interface OperationAccessPolicy extends AccessPolicy {",
+		"  apiPath: string;",
+		"  method: string;",
+		"  operationId: string;",
+		"  path: string;",
+		"}",
+		"",
+		"export const accessPolicies = {"
+	];
+	for (const entry of entries) {
+		lines.push(`  ${entry.funcName}: {`);
+		lines.push(`    apiPath: ${JSON.stringify(entry.apiPath)},`);
+		lines.push(`    kind: ${JSON.stringify(entry.kind)},`);
+		lines.push(`    method: ${JSON.stringify(entry.methodUpper)},`);
+		lines.push(`    operationId: ${JSON.stringify(entry.operationId)},`);
+		lines.push(`    path: ${JSON.stringify(entry.strippedPath)},`);
+		if (entry.roles.length > 0) lines.push(`    roles: [${entry.roles.map((role) => JSON.stringify(role)).join(", ")}],`);
+		lines.push("  },");
+	}
+	lines.push("} as const satisfies Record<string, OperationAccessPolicy>;", "", "export type AccessPolicyKey = keyof typeof accessPolicies;", "");
+	return `${lines.join("\n")}`;
+}
 function printGeneratedFile(statements, generatedHeader) {
 	const sourceFile = ts.factory.createSourceFile(statements, ts.factory.createToken(ts.SyntaxKind.EndOfFileToken), ts.NodeFlags.None);
 	const printed = AST_PRINTER.printFile(sourceFile).trim();
@@ -613,6 +647,48 @@ function createClientRenderModel(model, useTypeAliases) {
 		}))
 	};
 }
+const ACCESS_POLICY_KINDS = new Set([
+	"authenticated",
+	"internal",
+	"public",
+	"role"
+]);
+function createAccessPolicyEntries(operations) {
+	return operations.flatMap((entry) => {
+		const accessPolicy = readAccessPolicyExtension(entry);
+		if (!accessPolicy) return [];
+		return [{
+			apiPath: entry.apiPath,
+			funcName: entry.funcName,
+			kind: accessPolicy.kind,
+			methodUpper: entry.method.toUpperCase(),
+			operationId: entry.operationId,
+			roles: accessPolicy.roles ?? [],
+			strippedPath: entry.strippedPath
+		}];
+	});
+}
+function readAccessPolicyExtension(entry) {
+	const accessPolicy = entry.operation["x-access"];
+	if (accessPolicy == null) return null;
+	if (!isRecord(accessPolicy)) throw new Error(`Operation "${entry.operationId}" has invalid x-access extension`);
+	const kind = accessPolicy.kind;
+	if (typeof kind !== "string" || !ACCESS_POLICY_KINDS.has(kind)) throw new Error(`Operation "${entry.operationId}" has invalid x-access kind`);
+	const rolesValue = accessPolicy.roles;
+	if (rolesValue == null) {
+		if (kind === "role") throw new Error(`Operation "${entry.operationId}" role access requires x-access.roles`);
+		return { kind };
+	}
+	if (!Array.isArray(rolesValue) || rolesValue.some((role) => typeof role !== "string")) throw new Error(`Operation "${entry.operationId}" has invalid x-access.roles`);
+	if (kind !== "role") throw new Error(`Operation "${entry.operationId}" non-role access must not include roles`);
+	return {
+		kind,
+		roles: rolesValue
+	};
+}
+function isRecord(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
 function resolveChannel(channel, useTypeAliases) {
 	if (!channel.typeRef) return channel;
 	return {
@@ -628,14 +704,17 @@ function renderGeneratedArtifacts(spec, options, preCollectedOperations) {
 	const stripPrefix = options.stripPrefix ?? true;
 	const httpClient = resolveHttpClientConfig(options.httpClient);
 	const useTypeAliases = options.typeAliases ?? false;
-	const clientModel = buildClientRenderModelFromOperations(preCollectedOperations ?? collectOperations(spec, pathPrefix, stripPrefix), spec, {
+	const operations = preCollectedOperations ?? collectOperations(spec, pathPrefix, stripPrefix);
+	const clientModel = buildClientRenderModelFromOperations(operations, spec, {
 		json: httpClient.jsonFunction,
 		void: httpClient.voidFunction
 	});
 	if (clientModel.operations.length === 0) throw new Error(`No paths matching prefix "${pathPrefix}" found in openapi.json`);
+	const accessPolicies = renderAccessPoliciesSource(createAccessPolicyEntries(operations), GENERATED_HEADER);
 	return {
 		api: renderApiSource(createApiEntries(clientModel.operations, useTypeAliases), GENERATED_HEADER),
 		client: renderClientSource(createClientRenderModel(clientModel, useTypeAliases), GENERATED_HEADER, httpClient),
+		...accessPolicies ? { accessPolicies } : {},
 		...useTypeAliases && clientModel.typeAliases.length > 0 ? { apiTypes: renderOperationTypeAliases(clientModel.typeAliases) } : {}
 	};
 }
@@ -681,6 +760,7 @@ async function generateOpenAPIArtifacts(root, options) {
 	warnOnParameterLocationMismatch(operations);
 	await generateApiTypes(apiTypesSource, outputDir, options.typeAliases ?? false);
 	if (artifacts.apiTypes) writeFileSync(resolve(outputDir, "api-types.d.ts"), artifacts.apiTypes, { flag: "a" });
+	if (artifacts.accessPolicies) writeFileSync(resolve(outputDir, "access-policies.ts"), artifacts.accessPolicies);
 	writeFileSync(resolve(outputDir, "api.ts"), artifacts.api);
 	writeFileSync(resolve(outputDir, "client.ts"), artifacts.client);
 }

package/dist/index.d.mts

@@ -26,12 +26,18 @@ interface OpenAPIResponse {
   content?: Record<string, OpenAPIContent>;
   description?: string;
 }
+type OpenAPIAccessKind = "authenticated" | "internal" | "public" | "role";
+interface OpenAPIAccessExtension {
+  kind: OpenAPIAccessKind;
+  roles?: string[];
+}
 interface OpenAPIOperation {
   operationId?: string;
   parameters?: OpenAPIParameter[];
   requestBody?: OpenAPIRequestBody;
   responses?: Record<string, OpenAPIResponse>;
   tags?: string[];
+  "x-access"?: OpenAPIAccessExtension;
 }
 type OpenAPIPathItem = Partial<Record<HttpMethod, OpenAPIOperation>>;
 interface OpenAPISchema {
@@ -90,6 +96,7 @@ interface Options {
 interface GeneratedArtifacts {
   api: string;
   apiTypes?: string;
+  accessPolicies?: string;
   client: string;
 }
 declare function renderGeneratedArtifacts(spec: OpenAPISpec, options: Pick<Options, "httpClient" | "pathPrefix" | "stripPrefix" | "typeAliases">, preCollectedOperations?: OperationEntry[]): GeneratedArtifacts;

package/dist/index.mjs

@@ -50,6 +50,40 @@ function renderOperationTypeAliases(typeAliases) {
 	if (typeAliases.length === 0) return "";
 	return `${typeAliases.map((alias) => `export type ${alias.typeName} = ${alias.definitionExpr};`).join("\n")}\n`;
 }
+function renderAccessPoliciesSource(entries, generatedHeader) {
+	if (entries.length === 0) return "";
+	const lines = [
+		...generatedHeader,
+		"",
+		"export type AccessPolicyKind = \"authenticated\" | \"internal\" | \"public\" | \"role\";",
+		"",
+		"export interface AccessPolicy {",
+		"  kind: AccessPolicyKind;",
+		"  roles?: readonly string[];",
+		"}",
+		"",
+		"export interface OperationAccessPolicy extends AccessPolicy {",
+		"  apiPath: string;",
+		"  method: string;",
+		"  operationId: string;",
+		"  path: string;",
+		"}",
+		"",
+		"export const accessPolicies = {"
+	];
+	for (const entry of entries) {
+		lines.push(`  ${entry.funcName}: {`);
+		lines.push(`    apiPath: ${JSON.stringify(entry.apiPath)},`);
+		lines.push(`    kind: ${JSON.stringify(entry.kind)},`);
+		lines.push(`    method: ${JSON.stringify(entry.methodUpper)},`);
+		lines.push(`    operationId: ${JSON.stringify(entry.operationId)},`);
+		lines.push(`    path: ${JSON.stringify(entry.strippedPath)},`);
+		if (entry.roles.length > 0) lines.push(`    roles: [${entry.roles.map((role) => JSON.stringify(role)).join(", ")}],`);
+		lines.push("  },");
+	}
+	lines.push("} as const satisfies Record<string, OperationAccessPolicy>;", "", "export type AccessPolicyKey = keyof typeof accessPolicies;", "");
+	return `${lines.join("\n")}`;
+}
 function printGeneratedFile(statements, generatedHeader) {
 	const sourceFile = ts.factory.createSourceFile(statements, ts.factory.createToken(ts.SyntaxKind.EndOfFileToken), ts.NodeFlags.None);
 	const printed = AST_PRINTER.printFile(sourceFile).trim();
@@ -611,6 +645,48 @@ function createClientRenderModel(model, useTypeAliases) {
 		}))
 	};
 }
+const ACCESS_POLICY_KINDS = new Set([
+	"authenticated",
+	"internal",
+	"public",
+	"role"
+]);
+function createAccessPolicyEntries(operations) {
+	return operations.flatMap((entry) => {
+		const accessPolicy = readAccessPolicyExtension(entry);
+		if (!accessPolicy) return [];
+		return [{
+			apiPath: entry.apiPath,
+			funcName: entry.funcName,
+			kind: accessPolicy.kind,
+			methodUpper: entry.method.toUpperCase(),
+			operationId: entry.operationId,
+			roles: accessPolicy.roles ?? [],
+			strippedPath: entry.strippedPath
+		}];
+	});
+}
+function readAccessPolicyExtension(entry) {
+	const accessPolicy = entry.operation["x-access"];
+	if (accessPolicy == null) return null;
+	if (!isRecord(accessPolicy)) throw new Error(`Operation "${entry.operationId}" has invalid x-access extension`);
+	const kind = accessPolicy.kind;
+	if (typeof kind !== "string" || !ACCESS_POLICY_KINDS.has(kind)) throw new Error(`Operation "${entry.operationId}" has invalid x-access kind`);
+	const rolesValue = accessPolicy.roles;
+	if (rolesValue == null) {
+		if (kind === "role") throw new Error(`Operation "${entry.operationId}" role access requires x-access.roles`);
+		return { kind };
+	}
+	if (!Array.isArray(rolesValue) || rolesValue.some((role) => typeof role !== "string")) throw new Error(`Operation "${entry.operationId}" has invalid x-access.roles`);
+	if (kind !== "role") throw new Error(`Operation "${entry.operationId}" non-role access must not include roles`);
+	return {
+		kind,
+		roles: rolesValue
+	};
+}
+function isRecord(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
 function resolveChannel(channel, useTypeAliases) {
 	if (!channel.typeRef) return channel;
 	return {
@@ -626,14 +702,17 @@ function renderGeneratedArtifacts(spec, options, preCollectedOperations) {
 	const stripPrefix = options.stripPrefix ?? true;
 	const httpClient = resolveHttpClientConfig(options.httpClient);
 	const useTypeAliases = options.typeAliases ?? false;
-	const clientModel = buildClientRenderModelFromOperations(preCollectedOperations ?? collectOperations(spec, pathPrefix, stripPrefix), spec, {
+	const operations = preCollectedOperations ?? collectOperations(spec, pathPrefix, stripPrefix);
+	const clientModel = buildClientRenderModelFromOperations(operations, spec, {
 		json: httpClient.jsonFunction,
 		void: httpClient.voidFunction
 	});
 	if (clientModel.operations.length === 0) throw new Error(`No paths matching prefix "${pathPrefix}" found in openapi.json`);
+	const accessPolicies = renderAccessPoliciesSource(createAccessPolicyEntries(operations), GENERATED_HEADER);
 	return {
 		api: renderApiSource(createApiEntries(clientModel.operations, useTypeAliases), GENERATED_HEADER),
 		client: renderClientSource(createClientRenderModel(clientModel, useTypeAliases), GENERATED_HEADER, httpClient),
+		...accessPolicies ? { accessPolicies } : {},
 		...useTypeAliases && clientModel.typeAliases.length > 0 ? { apiTypes: renderOperationTypeAliases(clientModel.typeAliases) } : {}
 	};
 }
@@ -679,6 +758,7 @@ async function generateOpenAPIArtifacts(root, options) {
 	warnOnParameterLocationMismatch(operations);
 	await generateApiTypes(apiTypesSource, outputDir, options.typeAliases ?? false);
 	if (artifacts.apiTypes) writeFileSync(resolve(outputDir, "api-types.d.ts"), artifacts.apiTypes, { flag: "a" });
+	if (artifacts.accessPolicies) writeFileSync(resolve(outputDir, "access-policies.ts"), artifacts.accessPolicies);
 	writeFileSync(resolve(outputDir, "api.ts"), artifacts.api);
 	writeFileSync(resolve(outputDir, "client.ts"), artifacts.client);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vite-plugin-openapi-codegen",
-  "version": "2.0.0",
+  "version": "3.0.0",
   "description": "Vite plugin that generates typed API clients and route builders from OpenAPI specs",
   "keywords": [
     "api-client",