tetratto/crates/app/src/public/js/app_sdk.js

import {
    JSONParse as json_parse,
    JSONStringify as json_stringify,
} from "https://unpkg.com/json-with-bigint@3.4.4/json-with-bigint.js";

/// PKCE key generation.
export const PKCE = {
    /// Create a verifier for [`PKCE::challenge`].
    verifier: async (length) => {
        let text = "";
        const possible =
            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";

        for (let i = 0; i < length; i++) {
            text += possible.charAt(
                Math.floor(Math.random() * possible.length),
            );
        }

        return text;
    },
    /// Create the challenge needed to request a user token.
    challenge: async (verifier) => {
        const data = new TextEncoder().encode(verifier);
        const digest = await window.crypto.subtle.digest("SHA-256", data);
        return btoa(
            String.fromCharCode.apply(null, [...new Uint8Array(digest)]),
        )
            .replace(/\+/g, "-")
            .replace(/\//g, "_")
            .replace(/=+$/, "");
    },
};

export default function tetratto({
    host = "https://tetratto.com",
    api_key = null,
    app_id = 0n,
    user_token = null,
    user_verifier = null,
    user_id = 0n,
}) {
    const GRANT_URL = `${host}/auth/connections_link/app/${app_id}`;

    function api_promise(res) {
        return new Promise((resolve, reject) => {
            if (res.ok) {
                resolve(res.payload);
            } else {
                reject(res.message);
            }
        });
    }

    // app data
    async function app() {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data/app`, {
                        method: "GET",
                        headers: {
                            "Atto-Secret-Key": api_key,
                        },
                    })
                ).text(),
            ),
        );
    }

    async function check_ip(ip) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/bans/${ip}`, {
                        method: "GET",
                        headers: {
                            "Atto-Secret-Key": api_key,
                        },
                    })
                ).text(),
            ),
        );
    }

    async function query(body) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data/query`, {
                        method: "POST",
                        headers: {
                            "Content-Type": "application/json",
                            "Atto-Secret-Key": api_key,
                        },
                        body: json_stringify(body),
                    })
                ).text(),
            ),
        );
    }

    async function insert(key, value) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data`, {
                        method: "POST",
                        headers: {
                            "Content-Type": "application/json",
                            "Atto-Secret-Key": api_key,
                        },
                        body: json_stringify({
                            key,
                            value,
                        }),
                    })
                ).text(),
            ),
        );
    }

    async function update(id, value) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data/${id}/value`, {
                        method: "POST",
                        headers: {
                            "Content-Type": "application/json",
                            "Atto-Secret-Key": api_key,
                        },
                        body: json_stringify({
                            value,
                        }),
                    })
                ).text(),
            ),
        );
    }

    async function rename(id, key) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data/${id}/key`, {
                        method: "POST",
                        headers: {
                            "Content-Type": "application/json",
                            "Atto-Secret-Key": api_key,
                        },
                        body: json_stringify({
                            key,
                        }),
                    })
                ).text(),
            ),
        );
    }

    async function remove(id) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data/${id}`, {
                        method: "DELETE",
                        headers: {
                            "Atto-Secret-Key": api_key,
                        },
                    })
                ).text(),
            ),
        );
    }

    async function remove_query(body) {
        if (!api_key) {
            throw Error("No API key provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/app_data/query`, {
                        method: "DELETE",
                        headers: {
                            "Content-Type": "application/json",
                            "Atto-Secret-Key": api_key,
                        },
                        body: json_stringify(body),
                    })
                ).text(),
            ),
        );
    }

    // user connection
    /// Extract the verifier, token, and user ID from the URL.
    function extract_verifier_token_uid() {
        const search = new URLSearchParams(window.location.search);
        return [
            search.get("verifier"),
            search.get("token"),
            BigInt(search.get("uid")),
        ];
    }

    /// Accept a connection grant and store it in localStorage.
    function localstorage_accept_connection() {
        const [verifier, token, uid] = extract_verifier_token_uid();
        window.localStorage.setItem("atto:grant.verifier", verifier);
        window.localStorage.setItem("atto:grant.token", token);
        window.localStorage.setItem("atto:grant.user_id", uid);
    }

    async function refresh_token() {
        return api_promise(
            json_parse(
                await (
                    await fetch(
                        `${host}/api/v1/auth/user/${user_id}/grants/${app_id}/refresh`,
                        {
                            method,
                            headers: {
                                "Content-Type": "application/json",
                                "X-Cookie": `Atto-Grant=${user_token}`,
                            },
                            body: json_stringify({
                                verifier: user_verifier,
                            }),
                        },
                    )
                ).text(),
            ),
        );
    }

    async function request({
        route,
        method = "POST",
        content_type = "application/json",
        body = {},
    }) {
        if (!user_token) {
            throw Error("No user token provided.");
        }

        return api_promise(
            json_parse(
                await (
                    await fetch(`${host}/api/v1/${route}`, {
                        method,
                        headers: {
                            "Content-Type":
                                method === "GET" ? null : content_type,
                            "X-Cookie": `Atto-Grant=${user_token}`,
                        },
                        body:
                            method === "GET"
                                ? null
                                : content_type === "application/json"
                                  ? json_stringify(body)
                                  : body,
                    })
                ).text(),
            ),
        );
    }

    // ...
    return {
        user_id,
        user_token,
        user_verifier,
        app_id,
        api_key,
        // app data
        app,
        check_ip,
        query,
        insert,
        update,
        rename,
        remove,
        remove_query,
        // user connection
        GRANT_URL,
        extract_verifier_token_uid,
        refresh_token,
        localstorage_accept_connection,
        request,
    };
}

export function from_localstorage({
    host = "https://tetratto.com",
    app_id = 0n,
}) {
    const user_verifier = window.localStorage.getItem("atto:grant.verifier");
    const user_token = window.localStorage.getItem("atto:grant.token");
    const user_id = window.localStorage.getItem("atto:grant.user_id");

    return tetratto({
        host,
        app_id,
        user_verifier,
        user_id,
        user_token,
    });
}
add: apps js sdk 2025-07-18 13:22:25 -04:00			`import {`
			`JSONParse as json_parse,`
			`JSONStringify as json_stringify,`
			`} from "https://unpkg.com/json-with-bigint@3.4.4/json-with-bigint.js";`

add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`/// PKCE key generation.`
			`export const PKCE = {`
			/// Create a verifier for [`PKCE::challenge`].
			`verifier: async (length) => {`
			`let text = "";`
			`const possible =`
			`"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";`

			`for (let i = 0; i < length; i++) {`
			`text += possible.charAt(`
			`Math.floor(Math.random() * possible.length),`
			`);`
			`}`

			`return text;`
			`},`
			`/// Create the challenge needed to request a user token.`
			`challenge: async (verifier) => {`
			`const data = new TextEncoder().encode(verifier);`
			`const digest = await window.crypto.subtle.digest("SHA-256", data);`
			`return btoa(`
			`String.fromCharCode.apply(null, [...new Uint8Array(digest)]),`
			`)`
			`.replace(/\+/g, "-")`
			`.replace(/\//g, "_")`
			`.replace(/=+$/, "");`
			`},`
			`};`

			`export default function tetratto({`
			`host = "https://tetratto.com",`
			`api_key = null,`
			`app_id = 0n,`
			`user_token = null,`
			`user_verifier = null,`
			`user_id = 0n,`
			`}) {`
			const GRANT_URL = `${host}/auth/connections_link/app/${app_id}`;

add: apps js sdk 2025-07-18 13:22:25 -04:00			`function api_promise(res) {`
			`return new Promise((resolve, reject) => {`
			`if (res.ok) {`
			`resolve(res.payload);`
			`} else {`
			`reject(res.message);`
			`}`
			`});`
			`}`

add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`// app data`
add: apps js sdk 2025-07-18 13:22:25 -04:00			`async function app() {`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`return api_promise(`
			`json_parse(`
			`await (`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			await fetch(`${host}/api/v1/app_data/app`, {
add: apps js sdk 2025-07-18 13:22:25 -04:00			`method: "GET",`
			`headers: {`
			`"Atto-Secret-Key": api_key,`
			`},`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

add: check ip ban endpoint 2025-07-23 14:44:47 -04:00			`async function check_ip(ip) {`
			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

			`return api_promise(`
			`json_parse(`
			`await (`
			await fetch(`${host}/api/v1/bans/${ip}`, {
			`method: "GET",`
			`headers: {`
			`"Atto-Secret-Key": api_key,`
			`},`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`async function query(body) {`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`return api_promise(`
			`json_parse(`
			`await (`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			await fetch(`${host}/api/v1/app_data/query`, {
add: apps js sdk 2025-07-18 13:22:25 -04:00			`method: "POST",`
			`headers: {`
			`"Content-Type": "application/json",`
			`"Atto-Secret-Key": api_key,`
			`},`
			`body: json_stringify(body),`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

			`async function insert(key, value) {`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`return api_promise(`
			`json_parse(`
			`await (`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			await fetch(`${host}/api/v1/app_data`, {
add: apps js sdk 2025-07-18 13:22:25 -04:00			`method: "POST",`
			`headers: {`
			`"Content-Type": "application/json",`
			`"Atto-Secret-Key": api_key,`
			`},`
			`body: json_stringify({`
			`key,`
			`value,`
			`}),`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

add: apps rust sdk 2025-07-19 15:31:06 -04:00			`async function update(id, value) {`
			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

			`return api_promise(`
			`json_parse(`
			`await (`
			await fetch(`${host}/api/v1/app_data/${id}/value`, {
			`method: "POST",`
			`headers: {`
			`"Content-Type": "application/json",`
			`"Atto-Secret-Key": api_key,`
			`},`
			`body: json_stringify({`
			`value,`
			`}),`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

add: app data rename method 2025-07-19 23:21:01 -04:00			`async function rename(id, key) {`
			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

			`return api_promise(`
			`json_parse(`
			`await (`
			await fetch(`${host}/api/v1/app_data/${id}/key`, {
			`method: "POST",`
			`headers: {`
			`"Content-Type": "application/json",`
			`"Atto-Secret-Key": api_key,`
			`},`
			`body: json_stringify({`
			`key,`
			`}),`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`async function remove(id) {`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`return api_promise(`
			`json_parse(`
			`await (`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			await fetch(`${host}/api/v1/app_data/${id}`, {
add: apps js sdk 2025-07-18 13:22:25 -04:00			`method: "DELETE",`
			`headers: {`
			`"Atto-Secret-Key": api_key,`
			`},`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

			`async function remove_query(body) {`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`if (!api_key) {`
			`throw Error("No API key provided.");`
			`}`

add: apps js sdk 2025-07-18 13:22:25 -04:00			`return api_promise(`
			`json_parse(`
			`await (`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			await fetch(`${host}/api/v1/app_data/query`, {
add: apps js sdk 2025-07-18 13:22:25 -04:00			`method: "DELETE",`
			`headers: {`
			`"Content-Type": "application/json",`
			`"Atto-Secret-Key": api_key,`
			`},`
			`body: json_stringify(body),`
			`})`
			`).text(),`
			`),`
			`);`
			`}`

add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`// user connection`
			`/// Extract the verifier, token, and user ID from the URL.`
			`function extract_verifier_token_uid() {`
			`const search = new URLSearchParams(window.location.search);`
			`return [`
			`search.get("verifier"),`
			`search.get("token"),`
			`BigInt(search.get("uid")),`
			`];`
			`}`

			`/// Accept a connection grant and store it in localStorage.`
			`function localstorage_accept_connection() {`
			`const [verifier, token, uid] = extract_verifier_token_uid();`
			`window.localStorage.setItem("atto:grant.verifier", verifier);`
			`window.localStorage.setItem("atto:grant.token", token);`
			`window.localStorage.setItem("atto:grant.user_id", uid);`
			`}`

add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`async function refresh_token() {`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`return api_promise(`
			`json_parse(`
			`await (`
			`await fetch(`
			`${host}/api/v1/auth/user/${user_id}/grants/${app_id}/refresh`,
			`{`
			`method,`
			`headers: {`
			`"Content-Type": "application/json",`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			"X-Cookie": `Atto-Grant=${user_token}`,
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`},`
			`body: json_stringify({`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`verifier: user_verifier,`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`}),`
			`},`
			`)`
			`).text(),`
			`),`
			`);`
			`}`

			`async function request({`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`route,`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`method = "POST",`
			`content_type = "application/json",`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`body = {},`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`}) {`
			`if (!user_token) {`
			`throw Error("No user token provided.");`
			`}`

			`return api_promise(`
			`json_parse(`
			`await (`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			await fetch(`${host}/api/v1/${route}`, {
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`method,`
			`headers: {`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`"Content-Type":`
			`method === "GET" ? null : content_type,`
			"X-Cookie": `Atto-Grant=${user_token}`,
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`},`
			`body:`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`method === "GET"`
			`? null`
			`: content_type === "application/json"`
			`? json_stringify(body)`
			`: body,`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`})`
			`).text(),`
			`),`
			`);`
			`}`

			`// ...`
add: apps js sdk 2025-07-18 13:22:25 -04:00			`return {`
add: app sdk client auth flow example 2025-07-19 02:00:04 -04:00			`user_id,`
			`user_token,`
			`user_verifier,`
			`app_id,`
			`api_key,`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`// app data`
add: apps js sdk 2025-07-18 13:22:25 -04:00			`app,`
add: check ip ban endpoint 2025-07-23 14:44:47 -04:00			`check_ip,`
add: apps js sdk 2025-07-18 13:22:25 -04:00			`query,`
			`insert,`
add: apps rust sdk 2025-07-19 15:31:06 -04:00			`update,`
add: app data rename method 2025-07-19 23:21:01 -04:00			`rename,`
add: apps js sdk 2025-07-18 13:22:25 -04:00			`remove,`
			`remove_query,`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`// user connection`
			`GRANT_URL,`
			`extract_verifier_token_uid,`
			`refresh_token,`
			`localstorage_accept_connection,`
			`request,`
add: apps js sdk 2025-07-18 13:22:25 -04:00			`};`
			`}`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00
			`export function from_localstorage({`
			`host = "https://tetratto.com",`
			`app_id = 0n,`
			`}) {`
			`const user_verifier = window.localStorage.getItem("atto:grant.verifier");`
			`const user_token = window.localStorage.getItem("atto:grant.token");`
			`const user_id = window.localStorage.getItem("atto:grant.user_id");`

			`return tetratto({`
			`host,`
			`app_id,`
			`user_verifier,`
			`user_id,`
			`user_token,`
			`});`
			`}`